last executing test programs:

3.243677442s ago: executing program 0 (id=1455):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x200000005c831, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x600, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x7)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r0, &(0x7f00000000c0), 0xfffffff4)

2.921060407s ago: executing program 0 (id=1456):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x80000, '\x00', 0x0, 0x0, 0x0, 0x0, 0x5}, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r2, &(0x7f0000000040)={0x0, 0x51, &(0x7f0000000100)=[{&(0x7f00000006c0)="5c00000013006bcd9e3fe3dc6e48aa310b6b8703360000001f03000000000000040014000d000a000d0000009ee517d34460bc24eab556a705251e6182949a3651f60a84c9f5d1938037e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f00000001c0)=[{0x200000000006, 0x0, 0x2, 0x7ffc0802}]})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x2, 0x4, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
arch_prctl$ARCH_GET_XCOMP_SUPP(0x1021, &(0x7f00000005c0))
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
brk(0x20ffc004)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
syncfs(r4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000340), &(0x7f0000000040)='./file1\x00', 0x280809a, &(0x7f0000000f40)=ANY=[], 0xd, 0x2b2, &(0x7f00000006c0)="$eJzs3U9rY1UUAPDz0jR9OosUcaMIPtCFqzJ166ZRRhC7UiKoCw3ODEgSBqYQmArGruYTuPR7+BHcuPEbDLgV3E0XlSfvX/7ga402VXR+v9Xh3nfuPXm3TbLJeZ+/Mh3ffZDE2dMnkaZJdI7iKM6T2I9ONL6JbgAA/x/neR6/5mWY5JUNM7udGy0MALgx1ef/X/rgBwD+4z78+JP3B8fHdz7IsjRe6j+eDZOImD6eDav5wf34MiZxL25HPy4i8oUqfve94zvRzQr78fp0PhsWmdPPfqzXH/wSUeYfRj/22/MPs8pK/nw23I3nI4vB/d2m1H682J7/Zkt+DHvxxmsr9R9EP376Ih7EJO5GkbvM//owy97Jv3361afFNkV+0onhXnldKfcFCQAAAAAAAAAAAAAAAAAAAACA7TrIsqRq31P27ymG6v47Oxfl/EHW2F/vz1PlJ81CVX+gvOmWM8/ju6a/zu0sy/L6wmV+N17uerAAAAAAAAAAAAAAAAAAAAAAFE4ePbk1mkzuPTx5dDq+dtB0A2h+1v931zlaGXk1TsejncsX3Nt8r9VuA0WtV14c3W5s6ba0B2eLkeeKera+xV4sRj6KKmgOZqt7vfB2tejpeJTVU81NHo+SP9srbQ7u+9WpXly3sLz8k7jI1880XZS6ntXb0t3o3Wqd+i3P883Weevn6ozqkaRssbHZ7rt10PoCiyAtziJd/OMXUz9cvuClbxk7137TAQAAAAAAAAAAAAAAAAAAWi1/9NsyeXZlaufGigIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf9jy+f9NkEbE+sgfgnmdfNU1ddCLhyf/8ksEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgGfB7AAAA//8rlFqg")
unlink(&(0x7f0000000080)='./file0\x00')
shmget$private(0x0, 0x400000, 0x20, &(0x7f000000e000/0x400000)=nil)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='kfree\x00'}, 0x10)
openat$selinux_validatetrans(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, r7, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x4000054)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wlan1\x00', <r8=>0x0})
sendmsg$NL80211_CMD_GET_MPATH(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000400)={&(0x7f0000000500)=ANY=[@ANYBLOB="9c0000002acd571deb485829c2c7161f2966080e5d940861893e8c00000000000000de651a5124c8b442e84ff3691abe0cd835b888140931829723f92ef006ca1b905bdcc6ac3338103e1c7fcee71425394f15ea35ad69745afcf27edc5076", @ANYRES16=r7, @ANYBLOB="01002cbd7000ffdbdf251500000008000300", @ANYRES32=r8, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x20000800)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r9 = fcntl$dupfd(r5, 0x0, r5)
setsockopt$IPT_SO_SET_REPLACE(r9, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0xc08, 0x3, 0x1e8, 0xc, 0x5002004a, 0xb, 0x310, 0xea02, 0x3d0, 0x3c8, 0x3c8, 0x3d0, 0x3c8, 0x3, 0x0, {[{{@ip={@rand_addr, @local, 0x0, 0x0, 'erspan0\x00', 'ip6tnl0\x00'}, 0x0, 0x70, 0xb8}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'pptp\x00'}}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@NFQUEUE2={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x248)

2.898105449s ago: executing program 1 (id=1458):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@bloom_filter={0x1e, 0x3ff, 0x80000000, 0x6, 0x1260, 0xffffffffffffffff, 0xe, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x5, 0x5, 0xf}, 0x48)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'vxcan1\x00', <r2=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@bloom_filter={0x1e, 0x0, 0x81, 0x401, 0xc0, r1, 0x14ce, '\x00', r2, 0xffffffffffffffff, 0x2, 0x2, 0x4, 0xe}, 0x48)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000000900010073797a300000000068000000090a010400000000000000000100000008000a4000000000200011800e000100636f6e6e6c696d69740000000c00028008000140000000000900010073797a30000000000900020073797a3200000000080005400000001f0c000980080001400037"], 0xb0}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='rcu_utilization\x00', r0}, 0x10)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc)=<r6=>0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x2, &(0x7f0000000200)=@raw=[@call={0x85, 0x0, 0x0, 0x8a}, @exit], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x13}, 0x90)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000940)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
r8 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet(r8, &(0x7f0000001400)=[{{&(0x7f0000000140)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000001c00)='{', 0x1}], 0x1}}], 0x1, 0x0)
sendmmsg$inet_sctp(r8, &(0x7f0000001a40)=[{&(0x7f0000000000)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000300)="8d", 0x1}], 0x1}], 0x1, 0x0)
r9 = socket$inet(0x2, 0x80001, 0x84)
ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(0xffffffffffffffff, 0x89a0, &(0x7f0000000000)={0x1, 'netdevsim0\x00'})
getsockopt$inet_sctp_SCTP_MAX_BURST(r9, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r10=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r8, 0x84, 0x19, &(0x7f00000003c0)={r10, 0x8}, 0x8)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r11=>0xffffffffffffffff})
splice(r7, 0x0, r11, 0x0, 0xf3a, 0x0)
r12 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x4}, 0x48)
r13 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r12, @ANYBLOB], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r13}, 0x2c)
write$binfmt_misc(r11, &(0x7f0000000240)=ANY=[], 0xfdef)
timer_settime(r6, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)

2.628902349s ago: executing program 0 (id=1461):
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0)
prctl$PR_SET_IO_FLUSHER(0x41, 0x3)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x3000006, 0x42031, 0xffffffffffffffff, 0x180000000)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="300000002000010000000000000000000200000009000000000000000500130001"], 0x30}}, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendto$inet6(r1, &(0x7f0000847fff)='X', 0x34c8, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback, 0x2000000}, 0x1c)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000080)={'batadv0\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000001c0)={'batadv_slave_0\x00', <r6=>0x0})
r7 = syz_open_dev$loop(&(0x7f00000001c0), 0x40000000001, 0x107382)
socket$l2tp(0x2, 0x2, 0x73)
bind$l2tp6(0xffffffffffffffff, &(0x7f0000000340)={0xa, 0x0, 0x54b, @remote, 0x7, 0x2}, 0x20)
r8 = syz_open_dev$loop(&(0x7f0000000040), 0x6f89, 0x100)
ioctl$LOOP_CONFIGURE(r7, 0x4c0a, &(0x7f0000000200)={r8, 0x3d, {0x0, 0x0, 0x0, 0x2, 0xfffffffffffffffc, 0x0, 0x0, 0x8, 0x1c, "a5bfcb2a66ef507540a2a54fcaf1860b5a61f8e207db0000009f1bb9930200000000000000cf61f3164a3790887d279d4afc7cfd1762729912aabe49225f8d79", "24aee1db06869da66fb3d998ba914272ca193f8d2389c3940662383343667e306c360ce82f41f7d0431065868f4a367fb9ec6ec8cbf579170300", "f7a78adde4baffaed544f59b58ae3151b9dd0fe9ca443e8ae600", [0xa, 0xffffffffffffffff]}})
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000240), r9)
r11 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_ADD_DEV(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r10, @ANYBLOB="4d7e00c30000000000002700000008000200", @ANYRES16=r11], 0x1c}, 0x4, 0x700000000000000}, 0x0)
r12 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
r13 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r12, @ANYBLOB="0000000000000000b7080000000000087b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000850000000f00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r13}, 0x10)
r14 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r14, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001680)={{0x14, 0x10, 0x1, 0xe00}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}]}, @NFT_MSG_NEWSETELEM={0x60, 0xc, 0xa, 0x801, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x34, 0x3, 0x0, 0x1, [{0x30, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_EXPRESSIONS={0x24, 0xb, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @connlimit={{0xe}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8}]}}}]}]}]}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0xe4}}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newlink={0x40, 0x10, 0x49920d862a92153b, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @hsr={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_HSR_SLAVE1={0x8, 0x1, r4}, @IFLA_HSR_SLAVE2={0x8, 0x2, r6}]}}}]}, 0x40}}, 0x0)

2.388222678s ago: executing program 0 (id=1468):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18010000000000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
readv(r1, &(0x7f0000000040)=[{&(0x7f00000003c0)=""/68, 0xfffffffffffffe78}], 0x1)
syz_emit_ethernet(0x3e, &(0x7f0000000540)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0xb, 0x1, 0x0, 0x0, 0x3, 0x0, {0x5, 0x4, 0x2, 0x9, 0x6, 0x65, 0x1, 0xc4, 0x33, 0x7, @loopback, @multicast1}}}}}}, 0x0)
r2 = socket(0x10, 0x3, 0x0)
socket$packet(0x11, 0x2, 0x300)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
recvmsg$unix(r5, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000006c0)=""/179, 0xb3}], 0x1}, 0x0)
sendmsg$inet(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x33fe0}], 0x1}, 0x0)
sendmsg$nl_route_sched(r2, 0x0, 0x0)
munmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000300)={[{@grpquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x84}}, {@resuid}, {@max_batch_time={'max_batch_time', 0x3d, 0x3}}, {@lazytime}, {@jqfmt_vfsold}, {@usrquota}, {@data_err_abort}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
creat(&(0x7f0000000240)='./bus\x00', 0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x0, 0x0)
r8 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000800)={'hsr0\x00', <r10=>0x0})
r11 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r11, &(0x7f0000000dc0)="d0b4163e96457321d877d01a892f", 0xe, 0x48001, &(0x7f00000001c0)={0x11, 0x9, r10, 0x1, 0x70, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x42}}, 0x14)
write(r8, &(0x7f0000004200)='t', 0x1)
sendfile(r8, r7, 0x0, 0x3ffff)
sendfile(r8, r7, 0x0, 0x7ffff000)

1.97158082s ago: executing program 1 (id=1475):
socket$inet(0x2, 0x3, 0x2)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r0}, 0x10)
socket(0x2, 0x80805, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000001c000000000010002300850000000700000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
socket$inet6(0xa, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0xd, 0x1}, 0x48)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r5, r2, 0x25, 0x2, @val=@tcx}, 0x40)
syz_emit_ethernet(0x36, &(0x7f0000000240)={@local, @remote, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5}}}}}}, 0x0)

1.937882812s ago: executing program 1 (id=1477):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$netlink_NETLINK_NO_ENOBUFS(0xffffffffffffffff, 0x10e, 0x5, &(0x7f00000001c0)=0xe, 0x4)
r1 = socket(0x10, 0x3, 0x0)
clock_adjtime(0x0, &(0x7f0000000000)={0x3ff, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x1000000, 0x0, 0x8001, 0x7, 0x8, 0x3, 0xffffffff})
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
setsockopt$inet6_int(r0, 0x29, 0xcf, &(0x7f00000006c0)=0x1, 0x4)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="4400000010000104001007fb5c360dff9fe30000", @ANYRES32=r2, @ANYBLOB="0100000000000000240012000c000100627269646765000e14000200080007004a9a0000080027"], 0x44}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000280)={0xfffffffd, 0x0, 0x9, 0x5}, 0x10)
sendmsg$nl_route(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB='@'], 0x85}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000640)='./file1\x00', 0x3014850, &(0x7f00000001c0)={[{@quota}, {@barrier_val={'barrier', 0x3d, 0x1000}}, {@grpjquota}, {@norecovery}, {@dioread_lock}]}, 0x3, 0x4c1, &(0x7f0000000b80)="$eJzs3d9rW9cdAPDvle3ESZzZ2faQBZaFLcMJWyQ7XhKzh8yDsT0FlmXvnmfLxli2jCUnsQnDYX9AofQX7VOf+lLocymU/AmlEGjfSyktoU3Shz60VZF81SSubMvEshLr84Hje8+9V/5+j4SOdO656AbQsU5FxFhEdEXE2YjoT7dn0hJr66V63IP7tyarJYlK5dqXSSTptvr/StLlkfRhvRHxr39E/Df5adzSyurcRKGQX0rrufL8Yq60snpudn5iJj+TXxgbGb44emn0wujQrrX18t8+e+WFt/5++f0/3vhk/Isz/6um1Zfue7wdzVhr8rj1pvfUnou67ohY2kmwZ1hX2p6edicCAEBTqt/xfx4Rv42Ih6+3OxsAAACgFSp/6Ytvk4gKAAAAsG9latfAJplsei1AX2Qy2ez6Nby/jMOZQrFU/sN0cXlhav1a2YHoyUzPFvJD6bXCA9GTVOvDtfVH9fMb6iMRcSwiXuo/VKtnJ4uFqXaf/AAAAIAOcWTD+P/r/vXxPwAAALDPDLQ7AQAAAKDljP8BAABg/9t0/J90720iAAAAQCv888qVaqnU7389dX1lea54/dxUvjSXnV+ezE4WlxazM8XiTO03++a3+3+FYnHxT7GwfDNXzpfKudLK6vh8cXmhPF67r/d43n2iAQAAYO8d+82dj5OIWPvzoVqpOpDua2KsPtba7IBWyuzs8KRVeQB7r6vdCQBt4wJf6Fzm44FtBvYvb6jv8LQBAADwLBj81VPN/5sPhOeYgTx0LvP/0LnM/0PnMv8PHe7g9of0brbjg13OBQAAaJm+Wkky2XQusC8ymWw24mjttgA9yfRsIT8UET+LiI/6ew5W68PtThoAAAAAAAAAAAAAAAAAAAAAAAAAnjOVShIVAAAAYF+LyHyepDfyH+w/3bfx/MCB5Jv+2jIibrxx7dWbE+Xy0nB1+1c/bi+/lm4/344zGAAAAMBG9XF6fRwPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALvpwf1bk/Wyl3Hv/TUiBhrF747e2rL33f6IOPwwie7HHpdERNcuxF+7HRHHG8VPqmnFQJrFxviZiDjU5vhHdiE+dLI71f5nrNH7LxOnasvG77/utDyte6c26/8y9f6v1s816v+ONhnjxN13cpvGvx1xortx/1OPnzxl//uff6+ubrav8mbEYMPPn+SJWLny/GKutLJ6bnZ+YiY/k18YGRm+OHpp9MLoUG56tpBP/zaM8eKv3/t+q/Yf3iT+wDbtP91k+7+7e/P+L7aIf+Z3jV//41vErz73v08/B6r7B+vra+vrjzv59ocnt2r/1Cbt3+71P9Nk+89e/f+nTR4KAOyB0srq3EShkF+yYsXK/lu5mr7Rd/zwNndMAADArnv0pb/dmQAAAAAAAAAAAAAAAAAAAEDnavmPkB188pcFetvXVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACALf0QAAD//9sy0wA=")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000340)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r6}, 0x10)
open_by_handle_at(r4, &(0x7f0000000040)=@reiserfs_2={0x8, 0x2, {0xb}}, 0x0)
r7 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'wpan1\x00', <r8=>0x0})
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000380)={'wpan4\x00', <r9=>0x0})
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wpan0\x00', <r10=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000700)={&(0x7f00000004c0)={0x1e0, r7, 0x400, 0x70bd25, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}, @NL802154_ATTR_SEC_DEVKEY={0x18, 0x2f, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x7}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0302}}]}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r9}, @NL802154_ATTR_SEC_DEVKEY={0x30, 0x2f, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0002}}, @NL802154_DEVKEY_ATTR_ID={0x18, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x4}, @NL802154_KEY_ID_ATTR_INDEX={0x5}]}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8}]}, @NL802154_ATTR_SEC_DEVKEY={0xa0, 0x2f, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x5}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0xa}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0202}}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x5}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x4}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0202}}, @NL802154_DEVKEY_ATTR_ID={0x4c, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x2}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x1}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x14, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x2}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x3}]}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x200}, @NL802154_KEY_ID_ATTR_INDEX={0x5}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x14, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_MODE={0x8}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x1}]}]}, @NL802154_DEVKEY_ATTR_ID={0xc, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x3}]}]}, @NL802154_ATTR_SEC_DEVKEY={0xb4, 0x2f, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x2}, @NL802154_DEVKEY_ATTR_ID={0x58, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x2}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x10000}, @NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x3}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x38, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_SHORT={0x6}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xffff}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x1}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0x300}}, @NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x3}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x3}]}]}, @NL802154_DEVKEY_ATTR_ID={0x34, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_INDEX={0x5}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x4}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x24, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x1}, @NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x1}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xaaa1}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xfffe}]}]}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x68}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x7}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0002}}]}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r10}]}, 0x1e0}, 0x1, 0x0, 0x0, 0x4040080}, 0x804)
close(r0)
r11 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r12 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
setsockopt$IPT_SO_SET_ADD_COUNTERS(r12, 0x0, 0x41, &(0x7f0000000140)=ANY=[@ANYBLOB="66696c7465720000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000047000000000000000000000000000000000000000000c0745a22180000"], 0x58)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
listen(r11, 0x0)
syz_emit_ethernet(0x92, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd60000000005c0600fe8000000000df0000000000000000bbfe8000000000000000000000000000aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="74c20000907800001e0401a10509955512a5b0cc93fe06e2d4c3d9051200000000000000000000000000000000fe0ef989ee00000000000000000013127224407c80fe8a3616b4bf3400006cc8000000"], 0x0)

1.83164972s ago: executing program 1 (id=1480):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
mlockall(0x1)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000780)='sched_switch\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r1, 0x29, 0xb, &(0x7f00000001c0)=0x1f, 0x4)
socket$packet(0x11, 0x3, 0x300)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, 0x0, 0x0)
bind$inet6(r1, &(0x7f0000000280)={0xa, 0x2, 0x1, @loopback, 0x9}, 0x1c)
socket$inet6_udp(0xa, 0x2, 0x0)
sendto$inet6(r1, &(0x7f00000000c0)="044aac2f202c5feda71e039a57a93088fdcce4afe28aac61837792741a190670ccbe1a2b00aa77a87d56a3f12c7920ad02928a5dac14e5b896f000fcf6521928480be9af82613a5c661f4110adba358afd8b5b4ef1702051e393ede2698112a1f1bdf1d0f568546ed322ab4c53545bd2cd6e48522f0c154cb3c6864dc30ae921db100f1ee97a234503338f8fdf356472da0c7ab62f274f34", 0xadf29f33fb903ae1, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = accept4$llc(0xffffffffffffffff, 0x0, 0x0, 0x1800)
bind$llc(r3, 0x0, 0x0)
recvmsg(r1, &(0x7f00000008c0)={0x0, 0x4, &(0x7f0000000840)=[{&(0x7f0000000040)=""/50, 0xfffffe72}, {&(0x7f0000000240)=""/52, 0x34}, {&(0x7f0000000780)=""/129, 0x80}, {&(0x7f0000000300)=""/68, 0x44}, {&(0x7f0000000380)=""/121, 0x79}, {&(0x7f0000000400)=""/183, 0xb7}], 0x6}, 0x40000110)
r4 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000400000000000000000001851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000000116608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a00000000000085000000060000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0xa, 0xff5c, &(0x7f0000000340)=""/222, 0x0, 0x8}, 0x78)
sendmsg$nl_route(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@newlink={0x40, 0x10, 0x49920d862a92153b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x80}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GENEVE_TTL={0x5, 0x3, 0x2}, @IFLA_GENEVE_COLLECT_METADATA={0x4}]}}}]}, 0x40}}, 0x0)

1.416417612s ago: executing program 0 (id=1484):
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x101c088, &(0x7f0000000c00)=ANY=[@ANYBLOB="757466383d302c696f636861727365743d69736f383835392d312c666d61736b3d30303030303030303030303030303030303030303036362c756e695f786c6174653d312c756e695f786c6174653d302c726f6469722c73686f72746e616d653d6c6f7765722c756e695f786c6174653d302c757466383d302c757466383d312c73686f72746e616d653d77696e39352c726f6469722c6e66733d6e6f7374616c655f726f2c726f6469722c757466383d312c73686f72746e616d653d77696e6e742c636865636b3d72656c617865642c00c63b831754d4eeec4cf38c28cf1e3409b9950bbab09abe8d407d1c7c935e034461a37ac3113829124efad15a202673b20ad011cb0f0cedb0cef9f6ec5e2634db26ef8581fd506844d0133ac021c0172b4b36a109949512e8dc6a8c7d603e3ef3cd57451eaee1b0e4804b9ea88fcad7afb59594dcfeaf8d34935fa0e54a36c57d964429e7ec869287810e5d97759017ace0c3f5"], 0x6, 0x2c3, &(0x7f0000000900)="$eJzs3T+LHGUcB/Df7M3OrlrsFlYiOKCFVciltdlDEhCvMmyhFnqYC8jtItzBgX9wTWVrY2HhKxAEX4iN70CwFeyMEHhkZmeyu5dlcxuyJyafT5MnzzzfeX7Ps8PdXHHPffzq9OROGXfvffV79PtZdEYxivtZDKMTrW9ixei7AAD+z+6nFH+luW1yWUT0d1cWALBDl/v+ny+av1xJWQDADt1+/4N3Dw4Pb75Xlv24Nf32fFz9ZF/9O79+cDc+jUkcx/UYxIOI+kWhG/XbQtW8lVKa5WVlGG9MZ+fjKjn96Nfm/gd/RtT5/RjEsO56+LZR5985vLlfzi3lZ1UdLzbzj6r8jRjEyw/DK/kba/IxLuLN15fqvxaD+O2T+CwmcacuYpH/er8s307f//3lh1V5VT6bnY979biFtHfFHw0AAAAAAAAAAAAAAAAAAAAAAM+wa83ZOb2oz++puprzd/YeVP/pRtkarp7PM89n7Y2WzwdKKc1S/Nier3O9LMvUDFzk83glXz5YEAAAAAAAAAAAAAAAAAAAAJ5fZ59/cXI0mRyfPpVGexpAHhH/3I540vuMlnpei82De82cR5NJp2mujsmXe2KvHZNFbCyjWsST7kYeW639hUdqbho//bzt7P3Hj+mun+tpNtqn6+QoW7+HvWh7+s1G/VBELMYUccm5ios9aTC/T9rqIyjWXhpsvfbipbox2zAmsk2FvfXHfOeanuziKop6V9fGu01jKX7h2bjU8xz9efzRrxWZ0zoAAAAAAAAAAAAAAAAAAGCnFr/9u+bivY3RTurtrCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuFKLv/+/RWPWhI9Pz/LHDC7i9Ow/XiIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADPgX8DAAD//x0KWZ8=")
r0 = semget$private(0x0, 0x6, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
semtimedop(0x0, &(0x7f0000000240)=[{0x3, 0xa6a1}], 0x1, 0x0)
semtimedop(r0, &(0x7f0000000040)=[{0x2}, {0x0, 0xfffc}], 0x2, 0x0)
semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000880)=[0xa5])
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
open_by_handle_at(r1, &(0x7f0000000080)=ANY=[@ANYBLOB='K\x00\x00\x00q'], 0x0)

1.239338925s ago: executing program 2 (id=1487):
socket$inet(0x2, 0x3, 0x2)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r0}, 0x10)
socket(0x2, 0x80805, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000001c000000000010002300850000000700000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
socket$inet6(0xa, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0xd, 0x1}, 0x48)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r5, r2, 0x25, 0x2, @val=@tcx}, 0x40)
syz_emit_ethernet(0x36, &(0x7f0000000240)={@local, @remote, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5}}}}}}, 0x0)

1.163049571s ago: executing program 3 (id=1489):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x200000005c831, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x600, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x7)
r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f00000000c0), 0xfffffff4)

1.160410211s ago: executing program 2 (id=1490):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000007c0)={0x2c, r1, 0x705, 0x70bd2d, 0x25dfdbfe, {}, [@ETHTOOL_A_STRSET_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}]}, 0x2c}}, 0x0)

1.139282863s ago: executing program 3 (id=1500):
socket$inet(0x2, 0x3, 0x2)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r0}, 0x10)
socket(0x2, 0x80805, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000001c000000000010002300850000000700000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
socket$inet6(0xa, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0xd, 0x1}, 0x48)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r4}, 0x0, &(0x7f00000003c0)=r6}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r5, r2, 0x25, 0x2, @val=@tcx}, 0x40)
syz_emit_ethernet(0x36, &(0x7f0000000240)={@local, @remote, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5}}}}}}, 0x0)

1.138819993s ago: executing program 2 (id=1491):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x9, 0xb7, 0x4, 0x37, 0x0, 0x8001, 0x2, 0x9, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x2000000, 0x5, @perf_config_ext={0x6, 0x2004}, 0x4000, 0x1000000000e1, 0x80000000, 0x7, 0x4, 0xb96, 0x10, 0x0, 0x1, 0x0, 0x80000000}, 0xffffffffffffffff, 0x5, r1, 0x1)
write$UHID_CREATE2(r1, &(0x7f0000000100)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r1, 0x0)
r2 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
ioctl$SG_NEXT_CMD_LEN(r2, 0x2284, &(0x7f0000000000)=0x2000000)

1.115234605s ago: executing program 2 (id=1492):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000080000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000040008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000a00), r2)
sendmsg$NFC_CMD_DEP_LINK_UP(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f00000008c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002dbd7000ffdbdf250400000005000a0001000000080001"], 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x810)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3804402, &(0x7f0000000600)={[{@user_xattr}, {@data_err_abort}, {@resuid}, {@errors_remount}, {@norecovery}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x7b1}}, {@stripe={'stripe', 0x3d, 0x5}}, {@noinit_itable}, {@nomblk_io_submit}, {@grpquota}, {@nogrpid}]}, 0x1, 0x54f, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbZdnamc8HbnvOvTc995t7v6fn5iQkgKE1kf0oRLwcEd8kEQfbto1GvnFibb/V+1dnsyWJRuPTv5JI8nWt/ZP89/688lJE/PZVxPHCxnZryysLpXI5Xczrk/XKpcna8sqJC5XSfDqfXpyemTn19sz0e+++M7BY3zj7z/ef3P7w1NdHV7/75e6hm0mcjgP5tvY4nsC19spETOTPyVicfmTHqQE0tpMk230A9GUkz/OxyPqAgzGSZz3w//dlRDSAIZXIfxhSrXFA695+QPfBz417H6zdAG2Mf3TttZHY07w32reaPHRnlN3vjg+g/ayNX/+8dTNbYnCvQwBs6dr1iDg5Orqx/0vy/q9/J3vY59E29H/w7NzOxj9vdhr/FNbHP9Fh/LO/Q+72Y+v8L9wdQDNdZeO/9zuOf9cnrcZH8toLzTHfWHL+QjnN+rYXI+JYjO3O6pvN55xavdPotq19/JctWfutsWB+HHdHdz/8mLlSvfQkMbe7dz3ilY7j32T9/Ccdzn/2fJztsY0j6a3Xum3bOv6nq/FTxOsdz/+DGa1k8/nJyeb1MNm6Kjb6+8aR37u1v93xZ+d/3+bxjyft87W1x2/jxz3/pt229Xv970o+a5Z35euulOr1xamIXcnHG9dPP3hsq97aP4v/2NHN+79O1//eiPi8x/hvHP751f7jf7qy+Oce6/w/fuHOR1/80K393s7/W83SsXxNL/1frwf4JM8dAAAAAAAA7DSFiDgQSaG4Xi4UisW193ccjn2FcrVWP36+unRxLpqflR2PsUJrpvtg2/shpvL3w7bq04/UZyLiUER8O7K3WS/OVstz2x08AAAAAAAAAAAAAAAAAAAA7BD7u3z+P/PHyHYfHfDU+cpvGF5b5v8gvukJ2JH8/4fhJf9heMl/GF7yH4aX/IfhJf9heMl/GF7yHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAbq7Jkz2dJYvX91NqvPXV5eWqhePjGX1haKlaXZ4mx18VJxvlqdL6fF2Wplq79XrlYvTU3H0pXJelqrT9aWV85VqksX6+cuVErz6bl07JlEBQAAAAAAAAAAAAAAAAAAAM+X2vLKQqlcThcVFPoqjO6Mw1AYcGG7eyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeOC/AAAA///ktDiZ")
r4 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r4, 0x80044940, &(0x7f00000030c0))
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_SEND(0xffffffffffffffff, 0xc0182101, 0x0)
mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuset.effective_mems\x00', 0x275a, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0x1000)=nil, 0x7ffffffff000, 0x0, 0x10, r6, 0x0)
perf_event_open(&(0x7f0000000600)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x2120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x8)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000a40)={[{@stripe={'stripe', 0x3d, 0x3}}, {@noauto_da_alloc}, {@jqfmt_vfsold}, {@data_err_ignore}, {@noauto_da_alloc}, {@delalloc}, {@resuid}, {@oldalloc}, {@jqfmt_vfsv1}]}, 0xfc, 0x550, &(0x7f0000000340)="$eJzs3d9rW1UcAPDvTdv91nUwhvoghT04mUvX1h8TfJiPosOBvs/Q3pXRZBlNOtY6cHtwL77IEEQciH+A7z4O/wH/ioEOhoyiD75EbnrTZWvSZm22Zubzgduec89Nzz0593t6bk5CAhhaE9mPQsSrEfFtEnG4rWw08sKJteNWH16fzbYkGo3P/koiyfe1jk/y3wfzzCsR8dvXEScLG+utLa8slMrldDHPT9YrVyZryyunLlVK8+l8enl6ZubMOzPT77/3bt/a+ub5f3749O5HZ745vvr9L/eP3E7ibBzKy9rbsQM32jMTMZE/J2Nx9okDp/pQ2SBJdvsE2JaRPM7HIhsDDsdIHvXA/99XEdEAhlQi/mFIteYBrXv7Pt0HvzAefLh2A7Sx/aNrr43Evua90YHV5LE7o+x+d7wP9Wd1/PrnndvZFv17HQJgSzduRsTp0dGN41+Sj3/bd7qHY56sw/gHz8/dbP7zVqf5T2F9/hMd5j8HO8Tudmwd/4X7faimq2z+90HH+e/6otX4SJ57qTnnG0suXiqn2dj2ckSciLG9WX6z9Zwzq/ca3cra53/ZltXfmgvm53F/dO/jj5kr1Us7aXO7BzcjXus4/03W+z/p0P/Z83G+xzqOpXde71a2dfufrcbPEW907P9HK1rJ5uuTk83rYbJ1VWz0961jv3erf7fbn/X/gc3bP560r9fWnr6On/b9m3Yr2+71vyf5vJnek++7VqrXF6ci9iSfbNw//eixrXzr+Kz9J45vPv51uv73R8QXPbb/1tFbXQ8dhP6fe6r+f/rEvY+//LFb/b31/9vN1Il8Ty/jX68nuJPnDgAAAAAAAAZNISIORVIorqcLhWJx7f0dR+NAoVyt1U9erC5dnovmZ2XHY6zQWuk+3PZ+iKn8/bCt/PQT+ZmIOBIR343sb+aLs9Xy3G43HgAAAAAAAAAAAAAAAAAAAAbEwYh9nT7/n/ljZLfPDnjmfOU3DK/u8Z+X9OObnoCB5P8/DC/xD8NL/MPwEv8wvMQ/DC/xD8NL/MPwEv8AAAAAAAAAAAAAAAAAAAAAAAAAAADQV+fPncu2xurD67NZfu7q8tJC9eqpubS2UKwszRZnq4tXivPV6nw5Lc5WK1v9vXK1emVqOpauTdbTWn2ytrxyoVJduly/cKlSmk8vpGPPpVUAAAAAAAAAAAAAAAAAAADwYqktryyUyuV0UUJiW4nRwTgNiT4ndntkAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBH/gsAAP//sQI4ww==")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x103042, 0x0)
write$binfmt_aout(r7, 0x0, 0xc1)
openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001980)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b79da42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5649209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9eb0641fd6d5e80979a3d985089e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6d"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000003c0)='kfree\x00', r8}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)

976.706226ms ago: executing program 3 (id=1493):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
fcntl$notify(r2, 0x402, 0x100000019)
fcntl$notify(r2, 0x402, 0x0)

827.114107ms ago: executing program 3 (id=1494):
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x8, &(0x7f00000001c0)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}}]}, &(0x7f0000000300)='GPL\x00', 0x9, 0x1, &(0x7f0000000340)=""/1}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000c00)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2100, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20f42, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000140)={'\x00', 0x6132})
write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[], 0xfe3a)
syz_open_dev$tty20(0xc, 0x4, 0x0)

790.76712ms ago: executing program 2 (id=1495):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = socket(0xa, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xa)
setresuid(0x0, r3, 0x0)
request_key(&(0x7f00000000c0)='logon\x00', &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0)

790.27362ms ago: executing program 2 (id=1496):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18010000000000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
readv(r1, &(0x7f0000000040)=[{&(0x7f00000003c0)=""/68, 0xfffffffffffffe78}], 0x1)
syz_emit_ethernet(0x3e, &(0x7f0000000540)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0xb, 0x1, 0x0, 0x0, 0x3, 0x0, {0x5, 0x4, 0x2, 0x9, 0x6, 0x65, 0x1, 0xc4, 0x33, 0x7, @loopback, @multicast1}}}}}}, 0x0)
r2 = socket(0x10, 0x3, 0x0)
socket$packet(0x11, 0x2, 0x300)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
recvmsg$unix(r5, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000006c0)=""/179, 0xb3}], 0x1}, 0x0)
sendmsg$inet(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x33fe0}], 0x1}, 0x0)
sendmsg$nl_route_sched(r2, 0x0, 0x0)
munmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000300)={[{@grpquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x84}}, {@resuid}, {@max_batch_time={'max_batch_time', 0x3d, 0x3}}, {@lazytime}, {@jqfmt_vfsold}, {@usrquota}, {@data_err_abort}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
creat(&(0x7f0000000240)='./bus\x00', 0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x0, 0x0)
r8 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000800)={'hsr0\x00', <r10=>0x0})
r11 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r11, &(0x7f0000000dc0)="d0b4163e96457321d877d01a892f", 0xe, 0x48001, &(0x7f00000001c0)={0x11, 0x9, r10, 0x1, 0x70, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x42}}, 0x14)
write(r8, &(0x7f0000004200)='t', 0x1)
sendfile(r8, r7, 0x0, 0x3ffff)
sendfile(r8, r7, 0x0, 0x7ffff000)

743.669933ms ago: executing program 1 (id=1497):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x20000000000000f4, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = socket$inet6(0xa, 0x80002, 0x0)
sendmmsg$inet(r1, &(0x7f0000000e00)=[{{&(0x7f0000000100)={0x2, 0x4e20, @dev}, 0x10, 0x0}}, {{&(0x7f0000000180)={0x2, 0x4e23}, 0x10, 0x0, 0x0, &(0x7f0000000b40)=[@ip_retopts={{0x10}}, @ip_retopts={{0x10, 0x11}}], 0x20}}], 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x90)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCSETS(r2, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"})
r3 = syz_open_pts(r2, 0x0)
r4 = dup(r3)
fsetxattr$security_selinux(r4, &(0x7f0000000000), &(0x7f0000000040)='system_u:object_r:mouse_device_t:s0\x00', 0x20, 0x0)

743.551273ms ago: executing program 3 (id=1498):
socket$inet6_udp(0xa, 0x2, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000007c0)={0x2c, r1, 0x705, 0x70bd2d, 0x25dfdbfe, {}, [@ETHTOOL_A_STRSET_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}]}, 0x2c}}, 0x0)

743.156403ms ago: executing program 1 (id=1499):
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0)
prctl$PR_SET_IO_FLUSHER(0x41, 0x3)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x3000006, 0x42031, 0xffffffffffffffff, 0x180000000)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="300000002000010000000000000000000200000009000000000000000500130001"], 0x30}}, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendto$inet6(r1, &(0x7f0000847fff)='X', 0x34c8, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback, 0x2000000}, 0x1c)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000080)={'batadv0\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000001c0)={'batadv_slave_0\x00', <r6=>0x0})
r7 = syz_open_dev$loop(&(0x7f00000001c0), 0x40000000001, 0x107382)
socket$l2tp(0x2, 0x2, 0x73)
bind$l2tp6(0xffffffffffffffff, &(0x7f0000000340)={0xa, 0x0, 0x54b, @remote, 0x7, 0x2}, 0x20)
r8 = syz_open_dev$loop(&(0x7f0000000040), 0x6f89, 0x100)
ioctl$LOOP_CONFIGURE(r7, 0x4c0a, &(0x7f0000000200)={r8, 0x3d, {0x0, 0x0, 0x0, 0x2, 0xfffffffffffffffc, 0x0, 0x0, 0x8, 0x1c, "a5bfcb2a66ef507540a2a54fcaf1860b5a61f8e207db0000009f1bb9930200000000000000cf61f3164a3790887d279d4afc7cfd1762729912aabe49225f8d79", "24aee1db06869da66fb3d998ba914272ca193f8d2389c3940662383343667e306c360ce82f41f7d0431065868f4a367fb9ec6ec8cbf579170300", "f7a78adde4baffaed544f59b58ae3151b9dd0fe9ca443e8ae600", [0xa, 0xffffffffffffffff]}})
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000240), r9)
r11 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_ADD_DEV(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r10, @ANYBLOB="4d7e00c30000000000002700000008000200", @ANYRES16=r11], 0x1c}, 0x4, 0x700000000000000}, 0x0)
r12 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
r13 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r12, @ANYBLOB="0000000000000000b7080000000000087b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000850000000f00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r13}, 0x10)
r14 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r14, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001680)={{0x14, 0x10, 0x1, 0xe00}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}]}, @NFT_MSG_NEWSETELEM={0x60, 0xc, 0xa, 0x801, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x34, 0x3, 0x0, 0x1, [{0x30, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_EXPRESSIONS={0x24, 0xb, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @connlimit={{0xe}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8}]}}}]}]}]}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0xe4}}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newlink={0x40, 0x10, 0x49920d862a92153b, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @hsr={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_HSR_SLAVE1={0x8, 0x1, r4}, @IFLA_HSR_SLAVE2={0x8, 0x2, r6}]}}}]}, 0x40}}, 0x0)

742.973353ms ago: executing program 3 (id=1501):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="010000000000000000000200000008000100", @ANYRES32=r1], 0x1c}}, 0x0)
write$nci(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="414601"], 0x4)

569.342666ms ago: executing program 0 (id=1502):
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x81, 0x0}}}, 0x1c)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="010000000000000000000200000008000100", @ANYRES32=r1], 0x1c}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
write$nci(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="414601"], 0x4)

292.649157ms ago: executing program 4 (id=1506):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$packet(0x11, 0x3, 0x300)
socket$nl_route(0x10, 0x3, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x9, 0xb7, 0x4, 0x37, 0x0, 0x8001, 0x2, 0x9, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x2000000, 0x5, @perf_config_ext={0x6, 0x2004}, 0x4000, 0x1000000000e1, 0x80000000, 0x7, 0x4, 0xb96, 0x10, 0x0, 0x1, 0x0, 0x80000000}, 0xffffffffffffffff, 0x5, r0, 0x1)
write$UHID_CREATE2(r0, &(0x7f0000000100)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0)
r1 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
ioctl$SG_NEXT_CMD_LEN(r1, 0x2284, &(0x7f0000000000)=0x2000000)

272.151329ms ago: executing program 4 (id=1507):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000080000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000040008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r2 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3804402, &(0x7f0000000600)={[{@user_xattr}, {@data_err_abort}, {@resuid}, {@errors_remount}, {@norecovery}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x7b1}}, {@stripe={'stripe', 0x3d, 0x5}}, {@noinit_itable}, {@nomblk_io_submit}, {@grpquota}, {@nogrpid}]}, 0x1, 0x54f, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbZdnamc8HbnvOvTc995t7v6fn5iQkgKE1kf0oRLwcEd8kEQfbto1GvnFibb/V+1dnsyWJRuPTv5JI8nWt/ZP89/688lJE/PZVxPHCxnZryysLpXI5Xczrk/XKpcna8sqJC5XSfDqfXpyemTn19sz0e+++M7BY3zj7z/ef3P7w1NdHV7/75e6hm0mcjgP5tvY4nsC19spETOTPyVicfmTHqQE0tpMk230A9GUkz/OxyPqAgzGSZz3w//dlRDSAIZXIfxhSrXFA695+QPfBz417H6zdAG2Mf3TttZHY07w32reaPHRnlN3vjg+g/ayNX/+8dTNbYnCvQwBs6dr1iDg5Orqx/0vy/q9/J3vY59E29H/w7NzOxj9vdhr/FNbHP9Fh/LO/Q+72Y+v8L9wdQDNdZeO/9zuOf9cnrcZH8toLzTHfWHL+QjnN+rYXI+JYjO3O6pvN55xavdPotq19/JctWfutsWB+HHdHdz/8mLlSvfQkMbe7dz3ilY7j32T9/Ccdzn/2fJztsY0j6a3Xum3bOv6nq/FTxOsdz/+DGa1k8/nJyeb1MNm6Kjb6+8aR37u1v93xZ+d/3+bxjyft87W1x2/jxz3/pt229Xv970o+a5Z35euulOr1xamIXcnHG9dPP3hsq97aP4v/2NHN+79O1//eiPi8x/hvHP751f7jf7qy+Oce6/w/fuHOR1/80K393s7/W83SsXxNL/1frwf4JM8dAAAAAAAA7DSFiDgQSaG4Xi4UisW193ccjn2FcrVWP36+unRxLpqflR2PsUJrpvtg2/shpvL3w7bq04/UZyLiUER8O7K3WS/OVstz2x08AAAAAAAAAAAAAAAAAAAA7BD7u3z+P/PHyHYfHfDU+cpvGF5b5v8gvukJ2JH8/4fhJf9heMl/GF7yH4aX/IfhJf9heMl/GF7yHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAbq7Jkz2dJYvX91NqvPXV5eWqhePjGX1haKlaXZ4mx18VJxvlqdL6fF2Wplq79XrlYvTU3H0pXJelqrT9aWV85VqksX6+cuVErz6bl07JlEBQAAAAAAAAAAAAAAAAAAAM+X2vLKQqlcThcVFPoqjO6Mw1AYcGG7eyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeOC/AAAA///ktDiZ")
r3 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r3, 0x80044940, &(0x7f00000030c0)={0x0, ""/256, <r4=>0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, <r5=>0x0, <r6=>0x0, <r7=>0x0})
syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a4203c, &(0x7f00000003c0)=ANY=[@ANYRES64=r4, @ANYRES8, @ANYRESHEX=r5, @ANYRESDEC, @ANYRES32=r2, @ANYRESDEC=r4, @ANYRESDEC=r7, @ANYRES8=0x0, @ANYRES8, @ANYRES64=r6], 0x0, 0x0, &(0x7f0000000000))

190.062336ms ago: executing program 4 (id=1508):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f00000001c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x14}}, 0x10)
connect$inet(r1, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10)
connect$pppl2tp(r0, 0x0, 0x0)
sendmmsg(r0, &(0x7f0000002b40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)

71.015205ms ago: executing program 4 (id=1509):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000400)='./file1\x00', 0x200010, &(0x7f0000000640)={[{@jqfmt_vfsv1}, {@auto_da_alloc_val}, {@grpid}, {@orlov}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nouid32}, {@sysvgroups}, {@nomblk_io_submit}, {@debug}]}, 0xdc, 0x564, &(0x7f0000001180)="$eJzs3V1rHFUYAOB3Nkm/tSmUol5IoRdWajdN4kcFwXopWizofV2SaSjZdEt2U5pYsL2wN95IEUQsiD/Aey+Lf8BfUdBCkRL0QoTIbGbTbbMfSbp1t93ngUnOmZnNmXdn3pNzdnbZAIbW0exHIeLliPgmiTjYtG008o1H1/dbfXBtJluSWFv79M8kknxdY/8k/70/r7wUEb9+FXGisLnd6vLKfKlcThfz+kRt4fJEdXnl5MWF0lw6l16amp4+/db01LvvvN2zWF8/9/f3n9z58PTXx1a/+/neoVtJnIkD+bbmOJ7A9ebK0dK/eWkszjy242QPGhskSb8PgB0ZyfN8LLI+4GCM5FkPPP++jIg1YEgl8h+GVGMc0Jjb92ge/My4/8H6BGhz/KPrr43EnvrcaN9q8sjMKJvvjveg/ayNX/64fStbovPrEHu71AG25fqNiDg1Orq5/0vy/m/nTtVfPO7s8TaG7f8P9NOdbPzzRqvxT2Fj/BMtxj/7W+TuTnTP/8K9HjTTVjb+e6/l+Hej6xofyWsv1Md8Y8mFi+X0VES8GBHHY2x3Vu90P+f06t21dtuax3/ZkrXfGAvmx3FvdPejj5kt1UpPEnOz+zciXmk5/k02zn/S4vxnz8e5LbZxJL39artt3eN/utZ+init5fl/eEcr6Xx/cqJ+PUw0rorN/rp55Ld27fc7/uz87+sc/3jSfL+2uv02ftzzT9pu206v/13JZ/Xyrnzd1VKttjgZsSv5ePP6qYePbdQb+2fxHz/Wuf9rdf1nk6/Ptxj/zcM32+46COd/dlvnf/uFux998UO79rd2/t+sl47na7bS/231AJ/kuQMAAAAAAIBBU4iIA5EUihvlQqFYXH9/x+HYVyhXqrUTFypLl2aj/lnZ8RgrNO50H2x6P8Rk/n7YRn3qsfp0RByKiG9H9tbrxZlKebbfwQMAAAAAAAAAAAAAAAAAAMCA2N/m8/+Z30f6fXTAU1f/YoPd/T4KoB+6fuV/L77pCRhIXfMfeG7Jfxhe8h+Gl/yH4SX/YXjJfxhe8h+Gl/wHAAAAAAAAAAAAAAAAAAAAAAAAAACAnjp39my2rK0+uDaT1WevLC/NV66cnE2r88WFpZniTGXxcnGuUpkrp8WZykK3v1euVC5PTsXS1YlaWq1NVJdXzi9Uli7Vzl9cKM2l59Ox/yUqAAAAAAAAAAAAAAAAAAAAeLZUl1fmS+VyuqjQtvB+DMRhPM0A1+3o4aODEoVCTwt97pgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoMl/AQAA//9k/TZJ")
chdir(&(0x7f0000000080)='./file0\x00')
lsetxattr$trusted_overlay_upper(&(0x7f0000000180)='./file1\x00', &(0x7f00000001c0), 0x0, 0xe01, 0x0)
rename(&(0x7f0000000300)='./file0\x00', &(0x7f00000000c0)='./file1\x00')

28.877498ms ago: executing program 4 (id=1510):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x20000000000000f4, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = socket$inet6(0xa, 0x80002, 0x0)
sendmmsg$inet(r1, &(0x7f0000000e00)=[{{&(0x7f0000000100)={0x2, 0x4e20, @dev}, 0x10, 0x0}}, {{&(0x7f0000000180)={0x2, 0x4e23}, 0x10, 0x0, 0x0, &(0x7f0000000b40)=[@ip_retopts={{0x10}}, @ip_retopts={{0x10, 0x11}}], 0x20}}], 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x90)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCSETS(r2, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"})
r3 = syz_open_pts(r2, 0x0)
r4 = dup(r3)
fsetxattr$security_selinux(r4, &(0x7f0000000000), &(0x7f0000000040)='system_u:object_r:mouse_device_t:s0\x00', 0x20, 0x0)

0s ago: executing program 4 (id=1511):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000054850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000340)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = getpid()
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff})
r4 = gettid()
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c)
listen(r5, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x1, 0x8, 0x8}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000080)={@local, @broadcast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @empty, @empty}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x10}}}}}}, 0x0)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$unix(r1, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000009c0)="ec663189d3348bf13f872a468352b72482b5b2b364a29c6f0f2c4e741bf6457d1418455e157253231681a3889f39b3da6b60dbe404cb9a145d0d49cfd1668a32b96ff302975748993a8a534144d211c681ff3d91ffa436d40b9afe648ec8bde2f7553fb5d3f3b8423873903abd024284bfd01511c149b6101851f7aae4675df76e7d32d7b91659e4adcc14ddfff8a2b49d1393de72b9d970ee7f45a755c1d9f7b4d43e37e17d6eaff5fe352d507eb0424ab937980ae8fae8a9062b651a53b6543733e259ee3083a308a78ac50f0972629b74e6aadefedf2352d024d8f27d4bc8703493b08bbe75e34ee5796d0d275cae3d3c0eba179e145feee0c8acc98af7888a374dbe705e058fc565e40677890a39e6999ae47202a9237803e9eee30f368725ca8571a8f6a8ba396905f4f023a60acb644bab6b0b8964aa514c37f23509c685648d6adb0e230aca690c91e664bc49fa30ae42a2c71abc7517181d4157ef996628b3624f367519970366acca85d399e2c7703930e2abd4bdbac076230ad16368ccb350357d57626ea47a15f0fa16bd5efa8233fa3ea1183da730204a455a673c783c10a26411c5de816699f7af3401b9f38592a4cd9f3f0b7de18cd69f831eee87a3d2edb64ecf517d201f32f86b80fcd3287330f286465260370527e6116df0651001405563622e14af715f6c3dd10e1986e3b95ebf618ff42bdd7a74f0d0cc2cc8dab1048eb5fdbfb72cb16f9e2a196b512720cbfbb4696f291200a153c383cc441091c62649a88ef173a42eced93a374e4f0a078244e56c14b3c4cc9625b3e9e1853839ecb00d6cfc2d2398634935aedd9a545e4b13895a3b8b05c8fca9af2bba82762db85a449f5d9c6ff87b724f19dc1805eca58445e67782a30f03e7b1272685ab8306c255604360b0d6e53cc443b0b81bcf92b470b8734b7b7b2ccf2d51fc1a8b43d8dba290e875f35b0bdb66790a3bb4d8391c5fdde5f461b5922c56f8a858865c0fd8b39cb79e8e182342ef0398641ca3c76620482705878ff0d9fe2eaae18a8ad73313663e36feca9bae81834482bb19c651e273bc04333963f2a64d516761280db45fc4217b5c2ab73a8a04c5d2c2aced37bb2825d17f68c4d65dfcc54057a46f045bf435391b7304ee376977220e71e97919cd67e3f0f0f63e0dcee8d90d80ead12a5eda22db217bd362c1a4f9244c99da91d618c6b71b21ed80826d4df95aee10786e61b3141002e342490f2d842051305d2e8d41aca580a13cd48a850eada7dfee4bda67a5491acf4cfdd3919135e7b113a1973595b99d6ba152ae8cc63fd95c1d7d4a59b038c426ffdb949fe1a6004df2bbae2acce3f5720419dc597229f2d120c689b07a344e75f4c631d83b3130cc927412daa9607c8c0fa254cde27306360a9a5d18ff9d4d4ed38162a5202ba214db4486887b5831d727bd93e6e7cddfa4d3480cb3b4683b1de52bdff534016719324051f81bdf49a5c12dd7b389107b3eb5dc4858caebe8c0a9866ff632deebc16492f95d202ce0f454476ab77871d3188ec83fc74f2ec1055893b2a138cce27ac5553c5496cbf147002a9c55fdb202969a4802ca3556453a58d2aa8e19f40e577fa280625468d385af8659a0f3ab69fabf4fa1326f7a7ebad98a23958c91f28c4b03ff9f343b6ecdb82e820bcb7de6f51d0fcfbbcef902d21a7eed03ea125363b758085022ade27451ba5e0acd9a0044ec50571d234855448be132e14517ae38b798482cc07e1c009c1a4cdd5c42f3862dd6d4c3b18f9c41d0bf5b709d742877ef7ee6d9932c6d7a9fd09bede9f80645a5c4b97ae48734985131f948bf20e93f82b93d6e69479491158d83655244d91bb5e9dfdf103e2238a95a92f35750769b87dce1d0e8bac4e6ee5467f9800a12fe27a2c8f727bbda617899ca26d13ec3b68b4acd7200b3206852aafb13c94681413ee7d0987f4d067b4bc5fc5e01ebe9bdbfc0198232f92da3371d12023388f86a4bb4db9bd559570aef27a96812dd2583c72732922266b98c89c264311577621ceb2625dac0af0fd08f5c27a658645777cb36d687d6f0e6835587cbe65ed922cbd1190b1d60259024be61e7e32b1ecb5e72799103c3a3ea91191667418fedf79d839200ee75da4d68fd6facdd1243f30727c40c6a7c4ffa3d937f4c21b076d146f439d8961258526d56336f7d94e945f90053ef865dd9f939b12d8b6b72b1f20a050b69b8a3b8bc88584766bf9783116c8fc8c4883f8dca31dbfd2775675d868136e5f5e16e3508986750fa8825231fed43ae2b444f5992011f0b80b1f3b0e397ff98fe81da3bd00593329f3014315fb4828fdfec77c8f3c8a92278866f7d299f9a0818e36d1bbad629a61345e01e495dfc4412fcc8b64eac5259de21dae5f5b34c06ee81c0e46b12203b639cfef7f12871287abca6b2f70ffa2cb225585bfbf2c0cd010bdd1b2b3f560016e4db6c30a26e517b608633aa40ab1802da8e94188bad14ab007e415ec41c3dabf4d2817a43a082313529e4a80596807b785af9391117f780db637f2214bb8082373303da889ffd89fa43f4cca427b43e3c17942d314a577112cfb31e841ae40fd18220e9aaa24e382936c0b859a3a425c2018b093e42648b7517dcce9af1366dc5ea8fd575001cbe880ddbb0a768033ee3802c68c4b2fc290fcb84f1e33318543fd2ddf065503c0767c86fcde6931797f275ee4c149d616ff02a9a019c223c16cfd6e618b07c7bd8009d3201a92b91a0944ff21d71ffc53c39b7a318c6451d80b05f9d9c81fd1a78ef35e14cbebc1b4e2de28039301042c0fa09ad2e43d5f78ab4104218bab2da5034050bbf625c6803496dd3d77b574aed51badd3e9967548014b8b318dfb2e0a6ce6637cee786806ec06b359d6569c65df2e538b43862be27d4ddb2710447ed7e56cb4a02779c8767e11056cfaca1ab1aea20d4198a050e98695ae3f2a0aadb5b34b6b945379b81259ebe7abe6d3ca23cae048429b6c850813706f59231034fce07c4111961193d581e3bbbd6c9afd8b3d1e0604807dbd880d2ccc5266818a18287e8c4bda311be83c6f1c5e7f571b9f5ab1f84f8252df9d62f75865adcdd61eaaf7df4cbdd994ab17d2d5d684f95715d4636a6cb69fa2619c6b76ee060202a0a8c934aa537d2c5cf736142349b19fb9b532b05e6dff05c4c635f4134bcc0ef2e38c3fd75d8664d7dfa3139e1b2c2cbbdbe4fc0e2e80870ade368b730d4c06946b608088991f346765afaad6765e5a16267b2d249ee22ea1c6cb85d5d0f8ee48204a5dc48ae6415e3802fd8a431d249f95c72f6895978b36c424e40f83dfe1d0ca01dca14c4a308e926fe726ea0b456dcd976147e61744675f81f38bd5ef06ed76692ac8ac03744c8dc313f06aa28832a3286e626d5e29c748c21164475c739d3f6c6ad046fbb1a149867faf770c089b3513a0649d787208f06e7db6f8a44a9e32c6bd8dd9cca53bcd8ba7ec49d4068d7018b4c8fbd13070f9b0d02d3686b54f96a21e74e346c380a99f21f33925d4a39d510842ed84f2605a15051a784d8216364c2f8ec79f7884ec151ac56d11e30e058d2c49998147c1d54e04aea5d2e9bcc5bf051690d7aa905fdd68528309afda3fd5920cecfae73f6d5f8962e647f5e909748ff9105097118feecf28d6d514ede8cb2d4201da6efc9f3c24893570b227dfe673158e6c17bfcd91625bc4f87eb6fc67e5b647b18231da1da165220815b24431144fc05e1e207e12dbd9e26254d61bc9f47e4ec7e5e19a58ea2444e97a6daf57c895ec35c497d84e2f0c2e520e123f3cadf380a7e54836f7b5a9ba24b1bbe690b7f3de459adbe4d80a648ac2d8158e8b0948ea6ec4b8ac3ce4dafc8ed0f709c13a5ada9fa6c254b57e3cc83411e26dacb6aee290ced0bd65f18884b33dfd1229acd273f97d3edf7673747193ececc83e9ba1e1a73ceb8c347ac88333308df5e4d9ea133e2c6fa4bb1489980cf8ce20201bbba6334936fbc6bb7e6495ba48a3648fe57a0957de758182d3248601ab2bc9d2edf826255d5774021ae4d5d7f87a18927ac866b24e9fa2ca4fb5623c9e0ccbe491a61566f5f649047f97db9cea177ce08ec58c28e7e174f427b38c2e3c2d7165b321eeffe4fc03e8acc2c0ba7520699e8f6480261de487e33d3169790024cec06e3d776c98ccbc5da2ec0032c8241bedea3db12687a82e1eafa4ff828f5347e8ae0b22bcfa5de853d05381a04e8eb953a54c5ebb528bc03d4f7d74b1741f7833a7b90456ff847619b5893bd1515ed87cfd9aa44208572d1578849d5e7310b29e4a5af6026d9d5d2d6c18cc222fa375bc756e86d30a673420c4ac99c0b0a6baadd5bb53bf161074e85b105d5c8f704ea4fef269b3e2d62dc9e494393957a9aba76d7a7c79a1f37a9c0b20a69c47f74b489a8d60bb017272497f2cc7e3dd85a6622c0c1038978ca44170229f1ef25d11d2757940a5b6d35eab977937a5cccfb979dd79accb86476ae7da6fa96527a0ad6a7613c9008fd3cb2cbf81d7be93304dab9059c38cb54a191118bdf39148f6a7e44eca45272a3a2f1812ab6ac72f3009c235abcfe300a5599340b7baa1d6b07797a8fc29533b1d39b24642a867cc188327927d224045bb65e47238f7e260dbe81e2fdd8dac3f3da3724817975e008e0ccbfd958fec78f01cd6cf9d46594513d8a67c9ff5d1f745a7b1b82ee0d1b0babcbea6d4334f8f474c0f1d438d80da71e1158865621613cb9eb1b08f224fca3c26ed879fb13a7148d7a65ea7d2364b71568e2b56e7ab492866ff1d9f0d83647682fd3a31ca4c3735ed4accb26d45e9b26f80856a287fdd42a12de98d1b5d4f2278dd78a8b287a18d8edd003d338049214faef3d6c17b3117da3e1c60715480e1739b52ac39265803d5d6019559d028bbc2c874071c021c581458c67aea919e14db399a54314b1d734eaeafee4844ee9c208887b1c4b7c475997146ccd5f6df48262ab997fc0e5f3ef5e68506fd1d9835b7028c22933024dd9ea325dbb1f8172f9c564b973a1668fb8b566e484a6f821c7bf709aecc0794a71ecc8bcf2fd5ac8d0c76b19f4ce02fefa9780549df3f606a0e520b059f95cb4f749b8c9204f1a052a588ce8ccc519a89e5444aec50739e92a914782bd1c991ae6e403aec0655570e1f90d921695548a645c317d9c13d36da32f86bb104d4b36b66b1e766731dfca460354bd9194e90523afc4e36d9aadd8dc777cfe26c955dcf57736139668b29f4c8ad197050737ebba3d55eb30cc94bdc3a1e28c3573a98ca4d5502d9893755cf2dfec4843fa39eb0a9948b6589eceebfe750b2db0", 0x8ec0}, {0x0, 0x803e}, {&(0x7f0000000140)="bd", 0x1}], 0x3, &(0x7f0000000780)=[@cred={{0x1c, 0x1, 0x2, {r2, 0x0, 0xee00}}}, @rights={{0x1c, 0x1, 0x1, [r1, r3, r1]}}, @cred={{0x1c, 0x1, 0x2, {r4, 0x0, 0xee01}}}], 0x60}, 0x0)
r8 = socket$inet_sctp(0x2, 0x0, 0x84)
getsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r8, 0x84, 0x8, &(0x7f0000000280), &(0x7f00000002c0)=0x4)

kernel console output (not intermixed with test programs):

gulatory.0: Direct firmware load for regulatory.db failed with error -2
[   92.866701][ T5897] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   92.877703][ T5906] loop3: detected capacity change from 0 to 512
[   92.882632][ T5897] vhci_hcd: invalid port number 23
[   92.889540][ T5906] EXT4-fs (loop3): external journal device major/minor numbers have changed
[   92.944003][ T5909] ebt_limit: overflow, try lower: 570423552/2483027968
[   92.946698][ T5906] EXT4-fs (loop3): failed to open journal device unknown-block(0,3) -6
[   92.990589][ T5906] ebt_limit: overflow, try lower: 570423552/2483027968
[   93.002385][ T5929] rdma_op ffff888101449d80 conn xmit_rdma 0000000000000000
[   93.035818][ T5933] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=37204 sclass=netlink_route_socket pid=5933 comm=syz.4.782
[   93.074826][ T5933] loop4: detected capacity change from 0 to 2048
[   93.165455][ T5946] netlink: 'syz.2.787': attribute type 10 has an invalid length.
[   93.178521][ T5946] loop2: detected capacity change from 0 to 256
[   93.188528][ T5946] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[   93.198695][ T5943] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   93.213350][ T5943] vhci_hcd: invalid port number 23
[   93.230553][ T5948] netlink: 'syz.2.788': attribute type 10 has an invalid length.
[   93.253025][ T5948] loop2: detected capacity change from 0 to 256
[   93.270835][ T5948] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[   93.336151][ T3269] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[   93.347175][ T3269] CPU: 1 UID: 0 PID: 3269 Comm: syz-executor Not tainted 6.11.0-rc6-syzkaller-00026-g88fac17500f4 #0
[   93.358023][ T3269] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[   93.368128][ T3269] Call Trace:
[   93.371398][ T3269]  <TASK>
[   93.374324][ T3269]  dump_stack_lvl+0xf2/0x150
[   93.378991][ T3269]  dump_stack+0x15/0x20
[   93.383134][ T3269]  dump_header+0x83/0x2d0
[   93.387456][ T3269]  oom_kill_process+0x341/0x4c0
[   93.392300][ T3269]  out_of_memory+0x9af/0xbe0
[   93.396937][ T3269]  ? __rcu_read_unlock+0x4e/0x70
[   93.401865][ T3269]  mem_cgroup_out_of_memory+0x13e/0x190
[   93.407476][ T3269]  try_charge_memcg+0x51b/0x810
[   93.412324][ T3269]  mem_cgroup_swapin_charge_folio+0x107/0x1a0
[   93.418453][ T3269]  __read_swap_cache_async+0x2b7/0x520
[   93.423971][ T3269]  swap_cluster_readahead+0x276/0x3f0
[   93.429370][ T3269]  swapin_readahead+0xe4/0x760
[   93.434143][ T3269]  ? __filemap_get_folio+0x420/0x5b0
[   93.439425][ T3269]  ? swap_cache_get_folio+0x77/0x210
[   93.444706][ T3269]  do_swap_page+0x3da/0x1ef0
[   93.449289][ T3269]  ? hrtimer_start_range_ns+0x53d/0x580
[   93.454831][ T3269]  ? hrtimer_try_to_cancel+0x106/0x1d0
[   93.460320][ T3269]  ? __rcu_read_lock+0x36/0x50
[   93.465081][ T3269]  ? pte_offset_map_nolock+0x124/0x1d0
[   93.470531][ T3269]  handle_mm_fault+0x8cb/0x2a30
[   93.475382][ T3269]  exc_page_fault+0x3b9/0x650
[   93.480133][ T3269]  asm_exc_page_fault+0x26/0x30
[   93.484978][ T3269] RIP: 0033:0x7f84e769efa5
[   93.489401][ T3269] Code: 00 00 00 00 00 83 ff 03 74 7b 83 ff 02 b8 fa ff ff ff 49 89 ca 0f 44 f8 80 3d 9e 15 15 00 00 74 14 b8 e6 00 00 00 0f 05 f7 d8 <c3> 66 2e 0f 1f 84 00 00 00 00 00 48 83 ec 28 48 89 54 24 10 89 74
[   93.509035][ T3269] RSP: 002b:00007ffd18b53bf8 EFLAGS: 00010246
[   93.515082][ T3269] RAX: 0000000000000000 RBX: 00000000000001b4 RCX: 00007f84e769efa3
[   93.523039][ T3269] RDX: 00007ffd18b53c10 RSI: 0000000000000000 RDI: 0000000000000000
[   93.531093][ T3269] RBP: 00007ffd18b53c6c R08: 0000000010356597 R09: 7fffffffffffffff
[   93.539049][ T3269] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000032
[   93.547058][ T3269] R13: 0000000000016b93 R14: 0000000000016b51 R15: 00007ffd18b53cc0
[   93.555022][ T3269]  </TASK>
[   93.558183][ T3269] memory: usage 307196kB, limit 307200kB, failcnt 11674
[   93.565384][ T3269] memory+swap: usage 307740kB, limit 9007199254740988kB, failcnt 0
[   93.573395][ T3269] kmem: usage 307156kB, limit 9007199254740988kB, failcnt 0
[   93.580758][ T3269] Memory cgroup stats for /syz1:
[   93.597540][ T3269] cache 12288
[   93.605834][ T3269] rss 8192
[   93.608848][ T3269] shmem 0
[   93.611790][ T3269] mapped_file 12288
[   93.615584][ T3269] dirty 12288
[   93.618881][ T3269] writeback 8192
[   93.622423][ T3269] workingset_refault_anon 102
[   93.627117][ T3269] workingset_refault_file 147
[   93.631779][ T3269] swap 557056
[   93.635046][ T3269] swapcached 28672
[   93.638767][ T3269] pgpgin 90474
[   93.642153][ T3269] pgpgout 90464
[   93.645677][ T3269] pgfault 56010
[   93.649143][ T3269] pgmajfault 54
[   93.652588][ T3269] inactive_anon 28672
[   93.656566][ T3269] active_anon 0
[   93.660015][ T3269] inactive_file 12288
[   93.663990][ T3269] active_file 0
[   93.667634][ T3269] unevictable 0
[   93.671167][ T3269] hierarchical_memory_limit 314572800
[   93.676620][ T3269] hierarchical_memsw_limit 9223372036854771712
[   93.682754][ T3269] total_cache 12288
[   93.686682][ T3269] total_rss 8192
[   93.690309][ T3269] total_shmem 0
[   93.693755][ T3269] total_mapped_file 12288
[   93.698142][ T3269] total_dirty 12288
[   93.701945][ T3269] total_writeback 8192
[   93.706011][ T3269] total_workingset_refault_anon 102
[   93.711195][ T3269] total_workingset_refault_file 147
[   93.716474][ T3269] total_swap 557056
[   93.718926][ T5966] rdma_op ffff888128b58980 conn xmit_rdma 0000000000000000
[   93.720258][ T3269] total_swapcached 28672
[   93.731725][ T3269] total_pgpgin 90474
[   93.735600][ T3269] total_pgpgout 90464
[   93.739582][ T3269] total_pgfault 56010
[   93.743547][ T3269] total_pgmajfault 54
[   93.747943][ T3269] total_inactive_anon 28672
[   93.752442][ T3269] total_active_anon 0
[   93.756886][ T3269] total_inactive_file 12288
[   93.761390][ T3269] total_active_file 0
[   93.765358][ T3269] total_unevictable 0
[   93.769356][ T3269] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.781,pid=5930,uid=0
[   93.784147][ T3269] Memory cgroup out of memory: Killed process 5930 (syz.1.781) total-vm:87068kB, anon-rss:568kB, file-rss:16168kB, shmem-rss:0kB, UID:0 pgtables:108kB oom_score_adj:1000
[   93.830244][ T5976] netlink: 'syz.2.798': attribute type 10 has an invalid length.
[   93.830804][ T5974] loop3: detected capacity change from 0 to 512
[   93.847921][ T5974] EXT4-fs: Ignoring removed i_version option
[   93.857699][ T5974] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   93.867463][ T5976] loop2: detected capacity change from 0 to 256
[   93.868332][ T5978] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[   93.884893][ T5974] EXT4-fs (loop3): 1 truncate cleaned up
[   93.891102][ T5980] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   93.894506][ T5974] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   93.898657][ T5980] vhci_hcd: invalid port number 23
[   93.918217][ T5976] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[   93.958112][ T4531] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   94.002032][ T6002] rdma_op ffff888115efbd80 conn xmit_rdma 0000000000000000
[   94.094329][ T6016] loop2: detected capacity change from 0 to 512
[   94.111763][ T6016] EXT4-fs (loop2): external journal device major/minor numbers have changed
[   94.159246][ T6016] EXT4-fs (loop2): failed to open journal device unknown-block(0,3) -6
[   94.168471][ T6022] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   94.181770][ T6022] vhci_hcd: invalid port number 23
[   94.196138][ T6026] loop3: detected capacity change from 0 to 256
[   94.217222][ T6016] ebt_limit: overflow, try lower: 570423552/2483027968
[   94.228978][ T6026] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[   94.241943][ T6031] loop1: detected capacity change from 0 to 512
[   94.252899][ T6031] EXT4-fs: Ignoring removed i_version option
[   94.281310][ T6031] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   94.293575][ T6031] EXT4-fs (loop1): 1 truncate cleaned up
[   94.300370][ T6031] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   94.323371][ T6037] loop3: detected capacity change from 0 to 256
[   94.333967][ T3269] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   94.346802][ T6037] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[   94.408885][ T6009] syz.0.810 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[   94.419850][ T6009] CPU: 1 UID: 0 PID: 6009 Comm: syz.0.810 Not tainted 6.11.0-rc6-syzkaller-00026-g88fac17500f4 #0
[   94.430562][ T6009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[   94.440604][ T6009] Call Trace:
[   94.443877][ T6009]  <TASK>
[   94.446812][ T6009]  dump_stack_lvl+0xf2/0x150
[   94.451403][ T6009]  dump_stack+0x15/0x20
[   94.455549][ T6009]  dump_header+0x83/0x2d0
[   94.459881][ T6009]  oom_kill_process+0x341/0x4c0
[   94.464780][ T6009]  out_of_memory+0x9af/0xbe0
[   94.469527][ T6009]  ? __rcu_read_unlock+0x4e/0x70
[   94.474482][ T6009]  mem_cgroup_out_of_memory+0x13e/0x190
[   94.480078][ T6009]  try_charge_memcg+0x51b/0x810
[   94.484938][ T6009]  mem_cgroup_swapin_charge_folio+0x107/0x1a0
[   94.491036][ T6009]  __read_swap_cache_async+0x2b7/0x520
[   94.496572][ T6009]  swap_cluster_readahead+0x276/0x3f0
[   94.502040][ T6009]  swapin_readahead+0xe4/0x760
[   94.506821][ T6009]  ? __filemap_get_folio+0x420/0x5b0
[   94.512106][ T6009]  ? swap_cache_get_folio+0x77/0x210
[   94.517442][ T6009]  do_swap_page+0x3da/0x1ef0
[   94.522027][ T6009]  ? cgroup_rstat_updated+0x99/0x550
[   94.527387][ T6009]  ? __rcu_read_lock+0x36/0x50
[   94.532162][ T6009]  ? pte_offset_map_nolock+0x124/0x1d0
[   94.537622][ T6009]  handle_mm_fault+0x8cb/0x2a30
[   94.542524][ T6009]  exc_page_fault+0x3b9/0x650
[   94.547263][ T6009]  asm_exc_page_fault+0x26/0x30
[   94.552110][ T6009] RIP: 0033:0x7f35fb5009b9
[   94.556582][ T6009] Code: f8 70 2e 00 00 0f 8e 99 fd ff ff e8 31 e5 fe ff 49 39 c4 72 64 0f 1f 40 00 69 3d e6 4c e1 00 e8 03 00 00 48 8d 1d c7 55 2e 00 <e8> 92 c4 12 00 eb 0c 48 81 c3 d8 00 00 00 48 39 dd 74 24 80 7b 20
[   94.576299][ T6009] RSP: 002b:00007ffd952a0120 EFLAGS: 00010206
[   94.582353][ T6009] RAX: 0000000000017084 RBX: 00007f35fb7e5f80 RCX: 0000000000016f30
[   94.590309][ T6009] RDX: 0000000000000154 RSI: 00007ffd952a0100 RDI: 00000000000003e8
[   94.598265][ T6009] RBP: 00007f35fb7e7a80 R08: 0000000014504f2f R09: 7fffffffffffffff
[   94.606221][ T6009] R10: 00007f35fc3260b8 R11: 00007f35fc326080 R12: 0000000000017289
[   94.614182][ T6009] R13: 00007ffd952a0220 R14: 0000000000000032 R15: ffffffffffffffff
[   94.622147][ T6009]  </TASK>
[   94.625264][ T6009] memory: usage 307200kB, limit 307200kB, failcnt 3806
[   94.632350][ T6009] memory+swap: usage 308080kB, limit 9007199254740988kB, failcnt 0
[   94.640344][ T6009] kmem: usage 307188kB, limit 9007199254740988kB, failcnt 0
[   94.648107][ T6009] Memory cgroup stats for /syz0:
[   94.650252][ T6009] cache 12288
[   94.658496][ T6009] rss 0
[   94.661297][ T6009] shmem 0
[   94.664214][ T6009] mapped_file 12288
[   94.668071][ T6009] dirty 12288
[   94.671363][ T6009] writeback 0
[   94.674638][ T6009] workingset_refault_anon 125
[   94.679421][ T6009] workingset_refault_file 192
[   94.684086][ T6009] swap 901120
[   94.687374][ T6009] swapcached 0
[   94.690738][ T6009] pgpgin 66986
[   94.694229][ T6009] pgpgout 66983
[   94.697795][ T6009] pgfault 55419
[   94.701251][ T6009] pgmajfault 56
[   94.704695][ T6009] inactive_anon 0
[   94.708502][ T6009] active_anon 0
[   94.712121][ T6009] inactive_file 12288
[   94.716144][ T6009] active_file 0
[   94.719062][ T6048] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=37204 sclass=netlink_route_socket pid=6048 comm=syz.3.824
[   94.719583][ T6009] unevictable 0
[   94.719592][ T6009] hierarchical_memory_limit 314572800
[   94.741218][ T6009] hierarchical_memsw_limit 9223372036854771712
[   94.746036][ T6048] loop3: detected capacity change from 0 to 2048
[   94.747435][ T6009] total_cache 12288
[   94.757606][ T6009] total_rss 0
[   94.760876][ T6009] total_shmem 0
[   94.764366][ T6009] total_mapped_file 12288
[   94.768768][ T6009] total_dirty 12288
[   94.772610][ T6009] total_writeback 0
[   94.776428][ T6009] total_workingset_refault_anon 125
[   94.781616][ T6009] total_workingset_refault_file 192
[   94.786826][ T6009] total_swap 901120
[   94.790619][ T6009] total_swapcached 0
[   94.794524][ T6009] total_pgpgin 66986
[   94.798419][ T6009] total_pgpgout 66983
[   94.802431][ T6009] total_pgfault 55419
[   94.806408][ T6009] total_pgmajfault 56
[   94.810375][ T6009] total_inactive_anon 0
[   94.814523][ T6009] total_active_anon 0
[   94.818574][ T6009] total_inactive_file 12288
[   94.823060][ T6009] total_active_file 0
[   94.827047][ T6009] total_unevictable 0
[   94.831026][ T6009] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.810,pid=6009,uid=0
[   94.845868][ T6009] Memory cgroup out of memory: Killed process 6009 (syz.0.810) total-vm:87068kB, anon-rss:568kB, file-rss:16168kB, shmem-rss:0kB, UID:0 pgtables:108kB oom_score_adj:1000
[   94.845953][   T29] kauditd_printk_skb: 1394 callbacks suppressed
[   94.845964][   T29] audit: type=1326 audit(1725465979.554:14926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6045 comm="syz.3.823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a046dcef9 code=0x7ffc0000
[   94.892603][   T29] audit: type=1326 audit(1725465979.554:14927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6045 comm="syz.3.823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7f3a046dcef9 code=0x7ffc0000
[   94.916130][   T29] audit: type=1326 audit(1725465979.554:14928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6045 comm="syz.3.823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a046dcef9 code=0x7ffc0000
[   94.939513][   T29] audit: type=1326 audit(1725465979.554:14929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6045 comm="syz.3.823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3a046dcef9 code=0x7ffc0000
[   94.962941][   T29] audit: type=1326 audit(1725465979.554:14930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6045 comm="syz.3.823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a046dcef9 code=0x7ffc0000
[   94.986441][   T29] audit: type=1326 audit(1725465979.554:14931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6045 comm="syz.3.823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a046dcef9 code=0x7ffc0000
[   95.009851][   T29] audit: type=1326 audit(1725465979.554:14932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6045 comm="syz.3.823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f3a046dcef9 code=0x7ffc0000
[   95.033235][   T29] audit: type=1326 audit(1725465979.554:14933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6045 comm="syz.3.823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a046dcef9 code=0x7ffc0000
[   95.056702][   T29] audit: type=1326 audit(1725465979.554:14934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6045 comm="syz.3.823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f3a046dcef9 code=0x7ffc0000
[   95.080095][   T29] audit: type=1326 audit(1725465979.554:14935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6045 comm="syz.3.823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a046dcef9 code=0x7ffc0000
[   95.232459][ T6064] loop3: detected capacity change from 0 to 512
[   95.239121][ T6064] EXT4-fs: Ignoring removed i_version option
[   95.245609][ T6064] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   95.310031][ T6065] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   95.323825][ T6068] loop1: detected capacity change from 0 to 8192
[   95.331634][ T6065] vhci_hcd: invalid port number 23
[   95.337349][ T6068] vfat: Unknown parameter 'ÿÿ'
[   95.413009][ T6068] loop1: detected capacity change from 0 to 512
[   95.426081][ T6064] EXT4-fs (loop3): 1 truncate cleaned up
[   95.432332][ T6064] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   95.459452][ T4531] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   95.477751][ T6068] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   95.492785][ T6068] ext4 filesystem being mounted at /167/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   95.516060][ T6078] __nla_validate_parse: 20 callbacks suppressed
[   95.516074][ T6078] netlink: 40 bytes leftover after parsing attributes in process `syz.3.832'.
[   95.761756][ T6078] loop3: detected capacity change from 0 to 256
[   95.855688][ T6078] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[   95.881244][ T3269] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   95.961705][ T6103] loop2: detected capacity change from 0 to 512
[   95.969778][ T6105] netlink: 132 bytes leftover after parsing attributes in process `syz.3.843'.
[   95.994506][ T6103] EXT4-fs (loop2): external journal device major/minor numbers have changed
[   96.104719][ T6110] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=37204 sclass=netlink_route_socket pid=6110 comm=syz.0.845
[   96.243733][ T6103] EXT4-fs (loop2): failed to open journal device unknown-block(0,3) -6
[   96.351839][ T6103] netlink: 4 bytes leftover after parsing attributes in process `syz.2.838'.
[   96.373220][ T3265] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[   96.384140][ T3265] CPU: 0 UID: 0 PID: 3265 Comm: syz-executor Not tainted 6.11.0-rc6-syzkaller-00026-g88fac17500f4 #0
[   96.394985][ T3265] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[   96.405102][ T3265] Call Trace:
[   96.408375][ T3265]  <TASK>
[   96.411293][ T3265]  dump_stack_lvl+0xf2/0x150
[   96.415972][ T3265]  dump_stack+0x15/0x20
[   96.420131][ T3265]  dump_header+0x83/0x2d0
[   96.424535][ T3265]  oom_kill_process+0x341/0x4c0
[   96.429426][ T3265]  out_of_memory+0x9af/0xbe0
[   96.434054][ T3265]  ? __rcu_read_unlock+0x4e/0x70
[   96.438315][ T6103] ebt_limit: overflow, try lower: 570423552/2483027968
[   96.439030][ T3265]  mem_cgroup_out_of_memory+0x13e/0x190
[   96.451408][ T3265]  try_charge_memcg+0x51b/0x810
[   96.456266][ T3265]  mem_cgroup_swapin_charge_folio+0x107/0x1a0
[   96.462398][ T3265]  __read_swap_cache_async+0x2b7/0x520
[   96.467858][ T3265]  swap_cluster_readahead+0x276/0x3f0
[   96.473291][ T3265]  swapin_readahead+0xe4/0x760
[   96.478053][ T3265]  ? __filemap_get_folio+0x420/0x5b0
[   96.483351][ T3265]  ? save_fpregs_to_fpstate+0x102/0x160
[   96.489033][ T3265]  ? swap_cache_get_folio+0x77/0x210
[   96.494311][ T3265]  do_swap_page+0x3da/0x1ef0
[   96.498897][ T3265]  ? hrtimer_start_range_ns+0x53d/0x580
[   96.504478][ T3265]  ? hrtimer_try_to_cancel+0x106/0x1d0
[   96.509940][ T3265]  ? __rcu_read_lock+0x36/0x50
[   96.514747][ T3265]  ? pte_offset_map_nolock+0x124/0x1d0
[   96.520249][ T3265]  handle_mm_fault+0x8cb/0x2a30
[   96.525103][ T3265]  exc_page_fault+0x3b9/0x650
[   96.529852][ T3265]  asm_exc_page_fault+0x26/0x30
[   96.534779][ T3265] RIP: 0033:0x7f203910efa5
[   96.539178][ T3265] Code: 00 00 00 00 00 83 ff 03 74 7b 83 ff 02 b8 fa ff ff ff 49 89 ca 0f 44 f8 80 3d 9e 15 15 00 00 74 14 b8 e6 00 00 00 0f 05 f7 d8 <c3> 66 2e 0f 1f 84 00 00 00 00 00 48 83 ec 28 48 89 54 24 10 89 74
[   96.558864][ T3265] RSP: 002b:00007ffea0dc2378 EFLAGS: 00010246
[   96.564916][ T3265] RAX: 0000000000000000 RBX: 00000000000001c2 RCX: 00007f203910efa3
[   96.572876][ T3265] RDX: 00007ffea0dc2390 RSI: 0000000000000000 RDI: 0000000000000000
[   96.580833][ T3265] RBP: 00007ffea0dc23ec R08: 000000000f9b42fd R09: 7fffffffffffffff
[   96.588822][ T3265] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000032
[   96.596790][ T3265] R13: 00000000000176ab R14: 000000000001766d R15: 00007ffea0dc2440
[   96.604763][ T3265]  </TASK>
[   96.607914][ T3265] memory: usage 307200kB, limit 307200kB, failcnt 3207
[   96.614834][ T3265] memory+swap: usage 292504kB, limit 9007199254740988kB, failcnt 0
[   96.622821][ T3265] kmem: usage 274792kB, limit 9007199254740988kB, failcnt 0
[   96.630130][ T3265] Memory cgroup stats for /syz4:
[   96.639089][ T3265] cache 24576
[   96.647337][ T3265] rss 0
[   96.650097][ T3265] shmem 0
[   96.653025][ T3265] mapped_file 24576
[   96.656882][ T3265] dirty 24576
[   96.660161][ T3265] writeback 0
[   96.663435][ T3265] workingset_refault_anon 38
[   96.668046][ T3265] workingset_refault_file 191
[   96.672759][ T3265] swap 925696
[   96.676146][ T3265] swapcached 4096
[   96.679767][ T3265] pgpgin 64039
[   96.683126][ T3265] pgpgout 64032
[   96.686592][ T3265] pgfault 51555
[   96.690035][ T3265] pgmajfault 20
[   96.693482][ T3265] inactive_anon 0
[   96.697152][ T3265] active_anon 4096
[   96.700856][ T3265] inactive_file 0
[   96.704467][ T3265] active_file 24576
[   96.708305][ T3265] unevictable 0
[   96.711787][ T3265] hierarchical_memory_limit 314572800
[   96.717196][ T3265] hierarchical_memsw_limit 9223372036854771712
[   96.723339][ T3265] total_cache 24576
[   96.727240][ T3265] total_rss 0
[   96.730554][ T3265] total_shmem 0
[   96.734001][ T3265] total_mapped_file 24576
[   96.738428][ T3265] total_dirty 24576
[   96.742219][ T3265] total_writeback 0
[   96.746067][ T3265] total_workingset_refault_anon 38
[   96.751183][ T3265] total_workingset_refault_file 191
[   96.756385][ T3265] total_swap 925696
[   96.760173][ T3265] total_swapcached 4096
[   96.764338][ T3265] total_pgpgin 64039
[   96.768331][ T3265] total_pgpgout 64032
[   96.772313][ T3265] total_pgfault 51555
[   96.776298][ T3265] total_pgmajfault 20
[   96.780349][ T3265] total_inactive_anon 0
[   96.784554][ T3265] total_active_anon 4096
[   96.788868][ T3265] total_inactive_file 0
[   96.793010][ T3265] total_active_file 24576
[   96.797402][ T3265] total_unevictable 0
[   96.801369][ T3265] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.836,pid=6088,uid=0
[   96.802436][ T6120] loop3: detected capacity change from 0 to 8192
[   96.816166][ T3265] Memory cgroup out of memory: Killed process 6088 (syz.4.836) total-vm:87068kB, anon-rss:568kB, file-rss:16168kB, shmem-rss:0kB, UID:0 pgtables:112kB oom_score_adj:1000
[   96.823927][ T6120] vfat: Unknown parameter 'ÿÿ'
[   96.963960][ T6120] loop3: detected capacity change from 0 to 512
[   97.030807][ T6120] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   97.089364][ T6120] ext4 filesystem being mounted at /90/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   97.314256][ T4531] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.328009][ T6141] loop4: detected capacity change from 0 to 512
[   97.334722][ T6141] EXT4-fs: Ignoring removed i_version option
[   97.342841][ T6144] netlink: 132 bytes leftover after parsing attributes in process `syz.0.854'.
[   97.353220][ T6141] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   97.373947][ T6141] EXT4-fs (loop4): 1 truncate cleaned up
[   97.380966][ T6141] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   97.411146][ T3265] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.594831][ T6163] loop4: detected capacity change from 0 to 512
[   97.611643][ T6163] EXT4-fs (loop4): external journal device major/minor numbers have changed
[   97.643826][ T6163] EXT4-fs (loop4): failed to open journal device unknown-block(0,3) -6
[   97.750272][ T6163] netlink: 4 bytes leftover after parsing attributes in process `syz.4.858'.
[   97.767171][ T6163] ebt_limit: overflow, try lower: 570423552/2483027968
[   97.779330][ T6149] syz.0.859 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[   97.790766][ T6149] CPU: 0 UID: 0 PID: 6149 Comm: syz.0.859 Not tainted 6.11.0-rc6-syzkaller-00026-g88fac17500f4 #0
[   97.801393][ T6149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[   97.811445][ T6149] Call Trace:
[   97.814709][ T6149]  <TASK>
[   97.817640][ T6149]  dump_stack_lvl+0xf2/0x150
[   97.822227][ T6149]  dump_stack+0x15/0x20
[   97.826414][ T6149]  dump_header+0x83/0x2d0
[   97.830736][ T6149]  oom_kill_process+0x341/0x4c0
[   97.835649][ T6149]  out_of_memory+0x9af/0xbe0
[   97.840307][ T6149]  ? __rcu_read_unlock+0x4e/0x70
[   97.845374][ T6149]  mem_cgroup_out_of_memory+0x13e/0x190
[   97.850972][ T6149]  try_charge_memcg+0x51b/0x810
[   97.855813][ T6149]  mem_cgroup_swapin_charge_folio+0x107/0x1a0
[   97.861977][ T6149]  __read_swap_cache_async+0x2b7/0x520
[   97.867438][ T6149]  swap_cluster_readahead+0x276/0x3f0
[   97.872810][ T6149]  swapin_readahead+0xe4/0x760
[   97.877591][ T6149]  ? __filemap_get_folio+0x420/0x5b0
[   97.882997][ T6149]  ? swap_cache_get_folio+0x77/0x210
[   97.888292][ T6149]  do_swap_page+0x3da/0x1ef0
[   97.892933][ T6149]  ? cgroup_rstat_updated+0x99/0x550
[   97.898251][ T6149]  ? __rcu_read_lock+0x36/0x50
[   97.903008][ T6149]  ? pte_offset_map_nolock+0x124/0x1d0
[   97.908456][ T6149]  handle_mm_fault+0x8cb/0x2a30
[   97.913475][ T6149]  exc_page_fault+0x3b9/0x650
[   97.918151][ T6149]  asm_exc_page_fault+0x26/0x30
[   97.923013][ T6149] RIP: 0033:0x7f35fb5009cc
[   97.927458][ T6149] Code: 72 64 0f 1f 40 00 69 3d e6 4c e1 00 e8 03 00 00 48 8d 1d c7 55 2e 00 e8 92 c4 12 00 eb 0c 48 81 c3 d8 00 00 00 48 39 dd 74 24 <80> 7b 20 00 74 ee 8b 43 0c 85 c0 74 e7 48 89 df 48 81 c3 d8 00 00
[   97.947139][ T6149] RSP: 002b:00007ffd952a0120 EFLAGS: 00010216
[   97.953241][ T6149] RAX: 0000000000000000 RBX: 00007f35fb7e6058 RCX: 0000000000000000
[   97.961198][ T6149] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000055556e03f808
[   97.969151][ T6149] RBP: 00007f35fb7e7a80 R08: 0000000000000000 R09: 7fffffffffffffff
[   97.977108][ T6149] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000017fcd
[   97.985112][ T6149] R13: 00007ffd952a0220 R14: 0000000000000032 R15: ffffffffffffffff
[   97.993121][ T6149]  </TASK>
[   97.996355][ T6149] memory: usage 307200kB, limit 307200kB, failcnt 4021
[   98.003235][ T6149] memory+swap: usage 297692kB, limit 9007199254740988kB, failcnt 0
[   98.011210][ T6149] kmem: usage 278984kB, limit 9007199254740988kB, failcnt 0
[   98.018576][ T6149] Memory cgroup stats for /syz0:
[   98.096109][ T6149] cache 24576
[   98.104387][ T6149] rss 4096
[   98.107411][ T6149] shmem 0
[   98.110331][ T6149] mapped_file 24576
[   98.114128][ T6149] dirty 24576
[   98.117429][ T6149] writeback 4096
[   98.120959][ T6149] workingset_refault_anon 160
[   98.125658][ T6149] workingset_refault_file 241
[   98.130333][ T6149] swap 917504
[   98.133601][ T6149] swapcached 8192
[   98.137293][ T6149] pgpgin 70508
[   98.140652][ T6149] pgpgout 70500
[   98.144131][ T6149] pgfault 59356
[   98.147661][ T6149] pgmajfault 68
[   98.151101][ T6149] inactive_anon 8192
[   98.154979][ T6149] active_anon 0
[   98.158437][ T6149] inactive_file 24576
[   98.162400][ T6149] active_file 0
[   98.165861][ T6149] unevictable 0
[   98.169302][ T6149] hierarchical_memory_limit 314572800
[   98.174721][ T6149] hierarchical_memsw_limit 9223372036854771712
[   98.180870][ T6149] total_cache 24576
[   98.184671][ T6149] total_rss 4096
[   98.188275][ T6149] total_shmem 0
[   98.191712][ T6149] total_mapped_file 24576
[   98.196034][ T6149] total_dirty 24576
[   98.199847][ T6149] total_writeback 4096
[   98.203890][ T6149] total_workingset_refault_anon 160
[   98.209103][ T6149] total_workingset_refault_file 241
[   98.214283][ T6149] total_swap 917504
[   98.218088][ T6149] total_swapcached 8192
[   98.222294][ T6149] total_pgpgin 70508
[   98.226343][ T6149] total_pgpgout 70500
[   98.230308][ T6149] total_pgfault 59356
[   98.234300][ T6149] total_pgmajfault 68
[   98.238394][ T6149] total_inactive_anon 8192
[   98.242789][ T6149] total_active_anon 0
[   98.246779][ T6149] total_inactive_file 24576
[   98.251263][ T6149] total_active_file 0
[   98.255220][ T6149] total_unevictable 0
[   98.259204][ T6149] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.859,pid=6149,uid=0
[   98.273951][ T6149] Memory cgroup out of memory: Killed process 6149 (syz.0.859) total-vm:87068kB, anon-rss:696kB, file-rss:16168kB, shmem-rss:0kB, UID:0 pgtables:108kB oom_score_adj:1000
[   98.296980][ T6179] @: renamed from bond0 (while UP)
[   98.370728][ T6183] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   98.382170][ T6183] vhci_hcd: invalid port number 23
[   98.423978][ T6188] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=37204 sclass=netlink_route_socket pid=6188 comm=syz.0.870
[   98.464010][ T6188] netlink: 8 bytes leftover after parsing attributes in process `syz.0.870'.
[   98.472915][ T6188] netlink: 12 bytes leftover after parsing attributes in process `syz.0.870'.
[   98.519108][ T6198] rdma_op ffff888103b85580 conn xmit_rdma 0000000000000000
[   98.565618][ T6203] validate_nla: 4 callbacks suppressed
[   98.565633][ T6203] netlink: 'syz.4.876': attribute type 10 has an invalid length.
[   98.579011][ T6203] netlink: 40 bytes leftover after parsing attributes in process `syz.4.876'.
[   98.595498][ T6203] loop4: detected capacity change from 0 to 256
[   98.655337][ T6203] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[   98.926708][ T6224] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   98.948044][ T6225] loop2: detected capacity change from 0 to 512
[   98.954379][ T6224] vhci_hcd: invalid port number 23
[   98.965490][ T6225] EXT4-fs (loop2): external journal device major/minor numbers have changed
[   99.003067][ T6225] EXT4-fs (loop2): failed to open journal device unknown-block(0,3) -6
[   99.014759][ T6232] netlink: 132 bytes leftover after parsing attributes in process `syz.4.885'.
[   99.068001][ T6239] loop1: detected capacity change from 0 to 512
[   99.077469][ T6239] EXT4-fs (loop1): external journal device major/minor numbers have changed
[   99.103875][ T6225] netlink: 4 bytes leftover after parsing attributes in process `syz.2.881'.
[   99.130768][ T6216] syz.0.880 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[   99.141845][ T6216] CPU: 0 UID: 0 PID: 6216 Comm: syz.0.880 Not tainted 6.11.0-rc6-syzkaller-00026-g88fac17500f4 #0
[   99.152631][ T6216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[   99.162683][ T6216] Call Trace:
[   99.165949][ T6216]  <TASK>
[   99.168874][ T6216]  dump_stack_lvl+0xf2/0x150
[   99.173584][ T6216]  dump_stack+0x15/0x20
[   99.177729][ T6216]  dump_header+0x83/0x2d0
[   99.182087][ T6216]  oom_kill_process+0x341/0x4c0
[   99.186942][ T6216]  out_of_memory+0x9af/0xbe0
[   99.191634][ T6216]  ? __rcu_read_unlock+0x4e/0x70
[   99.196574][ T6216]  mem_cgroup_out_of_memory+0x13e/0x190
[   99.200561][ T6239] EXT4-fs (loop1): failed to open journal device unknown-block(0,3) -6
[   99.202117][ T6216]  try_charge_memcg+0x51b/0x810
[   99.202144][ T6216]  mem_cgroup_swapin_charge_folio+0x107/0x1a0
[   99.221268][ T6216]  __read_swap_cache_async+0x2b7/0x520
[   99.226802][ T6216]  swap_cluster_readahead+0x276/0x3f0
[   99.232331][ T6216]  swapin_readahead+0xe4/0x760
[   99.237101][ T6216]  ? __filemap_get_folio+0x420/0x5b0
[   99.242393][ T6216]  ? __lruvec_stat_mod_folio+0xdb/0x120
[   99.248028][ T6216]  ? swap_cache_get_folio+0x77/0x210
[   99.253379][ T6216]  do_swap_page+0x3da/0x1ef0
[   99.257966][ T6216]  ? cgroup_rstat_updated+0x99/0x550
[   99.263242][ T6216]  ? __rcu_read_lock+0x36/0x50
[   99.268028][ T6216]  ? pte_offset_map_nolock+0x124/0x1d0
[   99.273476][ T6216]  handle_mm_fault+0x8cb/0x2a30
[   99.278382][ T6216]  exc_page_fault+0x3b9/0x650
[   99.283087][ T6216]  asm_exc_page_fault+0x26/0x30
[   99.287996][ T6216] RIP: 0033:0x7f35fb5009cc
[   99.292426][ T6216] Code: 72 64 0f 1f 40 00 69 3d e6 4c e1 00 e8 03 00 00 48 8d 1d c7 55 2e 00 e8 92 c4 12 00 eb 0c 48 81 c3 d8 00 00 00 48 39 dd 74 24 <80> 7b 20 00 74 ee 8b 43 0c 85 c0 74 e7 48 89 df 48 81 c3 d8 00 00
[   99.312020][ T6216] RSP: 002b:00007ffd952a0120 EFLAGS: 00010206
[   99.318088][ T6216] RAX: 0000000000000000 RBX: 00007f35fb7e5f80 RCX: 0000000000000000
[   99.326107][ T6216] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000055556e03f808
[   99.334063][ T6216] RBP: 00007f35fb7e7a80 R08: 0000000000000000 R09: 7fffffffffffffff
[   99.342053][ T6216] R10: 0000000000000000 R11: 0000000000000293 R12: 00000000000184b8
[   99.350008][ T6216] R13: 00007ffd952a0220 R14: 0000000000000032 R15: ffffffffffffffff
[   99.357969][ T6216]  </TASK>
[   99.361159][ T6216] memory: usage 307200kB, limit 307200kB, failcnt 4181
[   99.368015][ T6216] memory+swap: usage 308340kB, limit 9007199254740988kB, failcnt 0
[   99.375997][ T6216] kmem: usage 307024kB, limit 9007199254740988kB, failcnt 0
[   99.376517][ T6225] ebt_limit: overflow, try lower: 570423552/2483027968
[   99.383269][ T6216] Memory cgroup stats for /syz0:
[   99.392657][ T6216] cache 163840
[   99.401093][ T6216] rss 0
[   99.403851][ T6216] shmem 0
[   99.406795][ T6216] mapped_file 163840
[   99.410674][ T6216] dirty 163840
[   99.414098][ T6216] writeback 4096
[   99.417696][ T6216] workingset_refault_anon 179
[   99.422365][ T6216] workingset_refault_file 290
[   99.427208][ T6216] swap 1167360
[   99.430568][ T6216] swapcached 16384
[   99.434349][ T6216] pgpgin 71010
[   99.437796][ T6216] pgpgout 70966
[   99.441250][ T6216] pgfault 60081
[   99.444720][ T6216] pgmajfault 79
[   99.448244][ T6216] inactive_anon 16384
[   99.452362][ T6216] active_anon 0
[   99.455822][ T6216] inactive_file 163840
[   99.459875][ T6216] active_file 0
[   99.463344][ T6216] unevictable 0
[   99.466868][ T6216] hierarchical_memory_limit 314572800
[   99.472224][ T6216] hierarchical_memsw_limit 9223372036854771712
[   99.477924][ T6239] ebt_limit: overflow, try lower: 570423552/2483027968
[   99.479167][ T6216] total_cache 163840
[   99.479175][ T6216] total_rss 0
[   99.479180][ T6216] total_shmem 0
[   99.479185][ T6216] total_mapped_file 163840
[   99.479192][ T6216] total_dirty 163840
[   99.479198][ T6216] total_writeback 4096
[   99.509559][ T6216] total_workingset_refault_anon 179
[   99.514832][ T6216] total_workingset_refault_file 290
[   99.520239][ T6216] total_swap 1167360
[   99.524208][ T6216] total_swapcached 16384
[   99.528806][ T6216] total_pgpgin 71010
[   99.532687][ T6216] total_pgpgout 70966
[   99.536670][ T6216] total_pgfault 60081
[   99.540977][ T6216] total_pgmajfault 79
[   99.544947][ T6216] total_inactive_anon 16384
[   99.549481][ T6216] total_active_anon 0
[   99.553563][ T6216] total_inactive_file 163840
[   99.558155][ T6216] total_active_file 0
[   99.562198][ T6216] total_unevictable 0
[   99.566186][ T6216] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.880,pid=6216,uid=0
[   99.580951][ T6216] Memory cgroup out of memory: Killed process 6216 (syz.0.880) total-vm:87068kB, anon-rss:564kB, file-rss:16168kB, shmem-rss:0kB, UID:0 pgtables:108kB oom_score_adj:1000
[   99.595508][ T6249] loop3: detected capacity change from 0 to 512
[   99.604581][ T6249] EXT4-fs: Ignoring removed i_version option
[   99.612984][ T6249] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   99.624107][ T6249] EXT4-fs (loop3): 1 truncate cleaned up
[   99.630079][ T6249] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   99.653322][ T4531] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.666374][ T6260] netlink: 'syz.0.892': attribute type 10 has an invalid length.
[   99.684694][ T6260] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[   99.767860][ T6277] loop2: detected capacity change from 0 to 512
[   99.832136][ T6284] loop2: detected capacity change from 0 to 512
[   99.877256][ T6284] EXT4-fs: Ignoring removed i_version option
[   99.883625][ T6284] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   99.895187][   T29] kauditd_printk_skb: 471 callbacks suppressed
[   99.895197][   T29] audit: type=1326 audit(1725465984.744:15407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6286 comm="syz.1.902" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84e766cef9 code=0x7ffc0000
[  100.015726][ T6295] loop3: detected capacity change from 0 to 8192
[  100.023322][   T29] audit: type=1326 audit(1725465984.874:15408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6286 comm="syz.1.902" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f84e766cef9 code=0x7ffc0000
[  100.052103][   T29] audit: type=1326 audit(1725465984.904:15409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6286 comm="syz.1.902" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84e766cef9 code=0x7ffc0000
[  100.076567][   T29] audit: type=1326 audit(1725465984.904:15410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6286 comm="syz.1.902" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84e766cef9 code=0x7ffc0000
[  100.100030][   T29] audit: type=1326 audit(1725465984.904:15411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6299 comm="syz.1.902" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f84e769efe5 code=0x7ffc0000
[  100.159425][ T6301] netlink: 'syz.1.905': attribute type 10 has an invalid length.
[  100.167428][ T6295]  loop3: p2 p4
[  100.171090][ T6295] loop3: p2 size 8388608 extends beyond EOD, truncated
[  100.172587][   T29] audit: type=1326 audit(1725465985.024:15412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6300 comm="syz.1.905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84e766cef9 code=0x7ffc0000
[  100.178122][ T6284] EXT4-fs (loop2): 1 truncate cleaned up
[  100.201431][   T29] audit: type=1326 audit(1725465985.024:15413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6300 comm="syz.1.905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f84e766cef9 code=0x7ffc0000
[  100.213608][ T6295] loop3: p4 start 8388607 is beyond EOD, truncated
[  100.232420][   T29] audit: type=1326 audit(1725465985.064:15414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6299 comm="syz.1.902" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f84e766cef9 code=0x7ffc0000
[  100.260902][ T6284] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.275133][ T6301] loop1: detected capacity change from 0 to 256
[  100.289665][   T29] audit: type=1326 audit(1725465985.094:15415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6302 comm="syz.4.906" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f20390dcef9 code=0x0
[  100.292318][ T6305] loop4: detected capacity change from 0 to 512
[  100.312681][   T29] audit: type=1326 audit(1725465985.094:15416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6300 comm="syz.1.905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f84e766cef9 code=0x7ffc0000
[  100.326557][ T6301] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  100.344859][ T6305] EXT4-fs (loop4): external journal device major/minor numbers have changed
[  100.358613][   T35] hid-generic 0000:0000:0000.0002: unknown main item tag 0x7
[  100.367961][   T35] hid-generic 0000:0000:0000.0002: ignoring exceeding usage max
[  100.377333][ T6305] EXT4-fs (loop4): failed to open journal device unknown-block(0,3) -6
[  100.379151][   T35] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  100.394341][ T3268] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.403827][   T35] hid-generic 0000:0000:0000.0002: unknown main item tag 0x6
[  100.411259][   T35] hid-generic 0000:0000:0000.0002: unknown main item tag 0xd
[  100.446295][   T35] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  100.481374][ T6320] loop1: detected capacity change from 0 to 512
[  100.489018][ T6305] ebt_limit: overflow, try lower: 570423552/2483027968
[  100.536981][ T6332] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=37204 sclass=netlink_route_socket pid=6332 comm=syz.2.914
[  100.575803][ T6332] loop2: detected capacity change from 0 to 2048
[  100.579115][ T6337] loop1: detected capacity change from 0 to 512
[  100.589229][ T6337] EXT4-fs: Ignoring removed i_version option
[  100.595690][ T6337] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  100.606899][ T6337] EXT4-fs (loop1): 1 truncate cleaned up
[  100.612998][ T6337] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.636765][ T3269] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.660555][ T6344] __nla_validate_parse: 6 callbacks suppressed
[  100.660569][ T6344] netlink: 132 bytes leftover after parsing attributes in process `syz.1.919'.
[  100.740899][ T6346] loop2: detected capacity change from 0 to 8192
[  100.747621][ T6346] vfat: Unknown parameter 'ÿÿ'
[  100.838259][ T6346] loop2: detected capacity change from 0 to 512
[  100.872757][ T6346] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.873662][ T6360] loop1: detected capacity change from 0 to 2048
[  100.887342][ T6346] ext4 filesystem being mounted at /187/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  100.919378][ T6360] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  100.932691][ T6362] loop3: detected capacity change from 0 to 8192
[  100.939702][ T6362] vfat: Unknown parameter 'ÿÿ'
[  100.954635][ T3269] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.020630][ T6362] loop3: detected capacity change from 0 to 512
[  101.030222][ T6369] loop4: detected capacity change from 0 to 512
[  101.030461][ T6369] EXT4-fs: Ignoring removed i_version option
[  101.035739][ T6369] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  101.061351][ T6369] EXT4-fs (loop4): 1 truncate cleaned up
[  101.068075][ T6369] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.092701][ T3265] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.108462][ T3268] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.118756][ T6362] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.142947][ T6379] netlink: 132 bytes leftover after parsing attributes in process `syz.4.931'.
[  101.145743][ T6362] ext4 filesystem being mounted at /108/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  101.310722][ T6393] rdma_op ffff88811590d980 conn xmit_rdma 0000000000000000
[  101.515212][ T4531] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.534182][ T6403] loop2: detected capacity change from 0 to 512
[  101.558043][ T6403] EXT4-fs (loop2): external journal device major/minor numbers have changed
[  101.603093][ T6407] loop1: detected capacity change from 0 to 512
[  101.624623][ T6407] EXT4-fs: Ignoring removed i_version option
[  101.632405][ T6407] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  101.643268][ T6407] EXT4-fs (loop1): 1 truncate cleaned up
[  101.649064][ T6403] EXT4-fs (loop2): failed to open journal device unknown-block(0,3) -6
[  101.657726][ T6407] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.660254][ T6412] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=37204 sclass=netlink_route_socket pid=6412 comm=syz.3.940
[  101.684472][ T3269] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.698322][ T6412] loop3: detected capacity change from 0 to 2048
[  101.711713][ T6416] netlink: 'syz.1.942': attribute type 10 has an invalid length.
[  101.719522][ T6416] netlink: 40 bytes leftover after parsing attributes in process `syz.1.942'.
[  101.729400][ T6399] netlink: 4 bytes leftover after parsing attributes in process `syz.2.939'.
[  101.738437][ T6416] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  101.740416][ T6399] ebt_limit: overflow, try lower: 570423552/2483027968
[  101.757068][ T6412] netlink: 8 bytes leftover after parsing attributes in process `syz.3.940'.
[  101.766050][ T6412] netlink: 12 bytes leftover after parsing attributes in process `syz.3.940'.
[  101.839117][ T6431] rdma_op ffff888103b84180 conn xmit_rdma 0000000000000000
[  101.939838][ T6438] netlink: 'syz.1.951': attribute type 10 has an invalid length.
[  101.947668][ T6438] netlink: 40 bytes leftover after parsing attributes in process `syz.1.951'.
[  101.965722][ T6438] loop1: detected capacity change from 0 to 256
[  101.976838][ T6438] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  102.056481][ T6448] netlink: 'syz.4.954': attribute type 10 has an invalid length.
[  102.064362][ T6448] netlink: 40 bytes leftover after parsing attributes in process `syz.4.954'.
[  102.082835][ T6448] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  102.208306][ T6463] rdma_op ffff88810304b580 conn xmit_rdma 0000000000000000
[  102.718034][ T6472] loop4: detected capacity change from 0 to 1024
[  102.757153][ T6472] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.786753][ T6478] netlink: 'syz.0.963': attribute type 10 has an invalid length.
[  102.794508][ T6478] netlink: 40 bytes leftover after parsing attributes in process `syz.0.963'.
[  102.811657][ T6481] netlink: 'syz.3.964': attribute type 10 has an invalid length.
[  102.819479][ T6481] netlink: 40 bytes leftover after parsing attributes in process `syz.3.964'.
[  102.830991][ T6478] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  102.837394][ T6481] loop3: detected capacity change from 0 to 256
[  102.854809][ T6481] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  102.887124][ T3265] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.952781][ T6498] rdma_op ffff88811590c180 conn xmit_rdma 0000000000000000
[  102.976017][ T6499] loop1: detected capacity change from 0 to 512
[  102.996247][ T6499] EXT4-fs (loop1): external journal device major/minor numbers have changed
[  103.017473][ T6501] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  103.036681][ T6501] vhci_hcd: invalid port number 23
[  103.055847][ T6499] EXT4-fs (loop1): failed to open journal device unknown-block(0,3) -6
[  103.108726][ T6499] ebt_limit: overflow, try lower: 570423552/2483027968
[  103.533625][ T6522] netlink: 'syz.2.976': attribute type 10 has an invalid length.
[  103.546905][ T6522] loop2: detected capacity change from 0 to 256
[  103.572961][ T6522] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  103.618061][ T6525] loop2: detected capacity change from 0 to 1764
[  103.624734][ T6525] iso9660: Unknown parameter 'sessimn'
[  103.637347][ T6525] loop2: detected capacity change from 0 to 512
[  103.644010][ T6525] EXT4-fs: EXT4-fs: inode_readahead_blks must be 0 or a power of 2 smaller than 2^31
[  103.863001][ T6532] loop1: detected capacity change from 0 to 1024
[  103.906618][ T6532] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  103.940535][ T6532] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  103.955183][ T6532] EXT4-fs (loop1): orphan cleanup on readonly fs
[  103.962041][ T6532] EXT4-fs error (device loop1): ext4_free_blocks:6590: comm syz.1.979: Freeing blocks not in datazone - block = 0, count = 4096
[  103.993456][ T6540] rdma_op ffff888115ee9d80 conn xmit_rdma 0000000000000000
[  104.004838][ T6532] EXT4-fs (loop1): 1 orphan inode deleted
[  104.037894][ T6532] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  104.101489][ T6532] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 16: comm syz.1.979: path /200/file1: bad entry in directory: rec_len is smaller than minimal - offset=44, inode=40, rec_len=3, size=1024 fake=0
[  104.148297][ T6532] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 17: comm syz.1.979: path /200/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  104.157521][ T6550] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=37204 sclass=netlink_route_socket pid=6550 comm=syz.3.985
[  104.194451][ T6550] loop3: detected capacity change from 0 to 2048
[  104.198396][ T6532] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 18: comm syz.1.979: path /200/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  104.227046][ T6532] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 19: comm syz.1.979: path /200/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  104.249870][ T6555] netlink: 'syz.4.987': attribute type 10 has an invalid length.
[  104.263704][ T6555] loop4: detected capacity change from 0 to 256
[  104.271201][ T6532] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 20: comm syz.1.979: path /200/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  104.298548][ T6555] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  104.339975][ T6532] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 21: comm syz.1.979: path /200/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  104.361609][ T6532] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 22: comm syz.1.979: path /200/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  104.383531][ T6532] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 23: comm syz.1.979: path /200/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  104.388581][ T6564] loop3: detected capacity change from 0 to 512
[  104.411870][ T6564] EXT4-fs (loop3): external journal device major/minor numbers have changed
[  104.447449][ T6564] EXT4-fs (loop3): failed to open journal device unknown-block(0,3) -6
[  104.476091][ T3269] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.499057][ T6578] rdma_op ffff888103b85580 conn xmit_rdma 0000000000000000
[  104.507600][ T6564] ebt_limit: overflow, try lower: 570423552/2483027968
[  104.507761][ T6575] netlink: 'syz.4.995': attribute type 10 has an invalid length.
[  104.529819][ T6575] FAULT_INJECTION: forcing a failure.
[  104.529819][ T6575] name failslab, interval 1, probability 0, space 0, times 0
[  104.542502][ T6575] CPU: 0 UID: 0 PID: 6575 Comm: syz.4.995 Not tainted 6.11.0-rc6-syzkaller-00026-g88fac17500f4 #0
[  104.553181][ T6575] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  104.563305][ T6575] Call Trace:
[  104.566562][ T6575]  <TASK>
[  104.569473][ T6575]  dump_stack_lvl+0xf2/0x150
[  104.574051][ T6575]  dump_stack+0x15/0x20
[  104.578189][ T6575]  should_fail_ex+0x229/0x230
[  104.582861][ T6575]  ? netdevice_event+0x2b6/0x610
[  104.587803][ T6575]  should_failslab+0x8f/0xb0
[  104.592382][ T6575]  __kmalloc_cache_noprof+0x4b/0x2a0
[  104.597787][ T6575]  netdevice_event+0x2b6/0x610
[  104.602634][ T6575]  ? _raw_spin_unlock_irqrestore+0x2b/0x60
[  104.608447][ T6575]  ? __pfx_add_netdev_ips+0x10/0x10
[  104.613697][ T6575]  ? __pfx_is_eth_port_of_netdev_filter+0x10/0x10
[  104.620106][ T6575]  ? __pfx_add_default_gids+0x10/0x10
[  104.625524][ T6575]  ? __pfx_is_ndev_for_default_gid_filter+0x10/0x10
[  104.632227][ T6575]  ? __pfx_del_netdev_default_ips_join+0x10/0x10
[  104.638558][ T6575]  ? __pfx_is_eth_port_inactive_slave_filter+0x10/0x10
[  104.645421][ T6575]  ? __pfx_netdevice_event+0x10/0x10
[  104.650798][ T6575]  raw_notifier_call_chain+0x6f/0x1d0
[  104.656209][ T6575]  call_netdevice_notifiers_info+0xae/0x100
[  104.662168][ T6575]  __dev_notify_flags+0xff/0x1a0
[  104.667103][ T6575]  dev_change_flags+0xab/0xd0
[  104.671783][ T6575]  do_setlink+0x844/0x2490
[  104.676262][ T6575]  ? ___ratelimit+0x259/0x2b0
[  104.681023][ T6575]  ? do_trace_netlink_extack+0x17/0xf0
[  104.686482][ T6575]  ? __nla_validate_parse+0x1838/0x1e30
[  104.692059][ T6575]  ? __nla_parse+0x40/0x60
[  104.696551][ T6575]  ? validate_linkmsg+0x526/0x5a0
[  104.701579][ T6575]  rtnl_setlink+0x255/0x300
[  104.706144][ T6575]  ? security_capable+0x64/0x80
[  104.711054][ T6575]  ? ns_capable+0x7d/0xb0
[  104.715376][ T6575]  ? __pfx_rtnl_setlink+0x10/0x10
[  104.720443][ T6575]  rtnetlink_rcv_msg+0x6aa/0x710
[  104.725374][ T6575]  ? ref_tracker_free+0x3a5/0x410
[  104.730395][ T6575]  ? __dev_queue_xmit+0x161/0x1fe0
[  104.735569][ T6575]  netlink_rcv_skb+0x12c/0x230
[  104.740329][ T6575]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  104.745819][ T6575]  rtnetlink_rcv+0x1c/0x30
[  104.750284][ T6575]  netlink_unicast+0x599/0x670
[  104.755085][ T6575]  netlink_sendmsg+0x5cc/0x6e0
[  104.759844][ T6575]  ? __pfx_netlink_sendmsg+0x10/0x10
[  104.765117][ T6575]  __sock_sendmsg+0x140/0x180
[  104.769837][ T6575]  ____sys_sendmsg+0x312/0x410
[  104.774640][ T6575]  __sys_sendmsg+0x1e9/0x280
[  104.779313][ T6575]  __x64_sys_sendmsg+0x46/0x50
[  104.784155][ T6575]  x64_sys_call+0x2689/0x2d60
[  104.788823][ T6575]  do_syscall_64+0xc9/0x1c0
[  104.793410][ T6575]  ? clear_bhb_loop+0x55/0xb0
[  104.798099][ T6575]  ? clear_bhb_loop+0x55/0xb0
[  104.802763][ T6575]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.808654][ T6575] RIP: 0033:0x7f20390dcef9
[  104.813059][ T6575] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  104.832667][ T6575] RSP: 002b:00007f2037d57038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  104.841074][ T6575] RAX: ffffffffffffffda RBX: 00007f2039295f80 RCX: 00007f20390dcef9
[  104.849119][ T6575] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000007
[  104.857163][ T6575] RBP: 00007f2037d57090 R08: 0000000000000000 R09: 0000000000000000
[  104.865157][ T6575] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  104.873200][ T6575] R13: 0000000000000000 R14: 00007f2039295f80 R15: 00007ffea0dc2028
[  104.881210][ T6575]  </TASK>
[  104.896134][ T6575] bridge0: port 4(ipvlan0) entered blocking state
[  104.902609][ T6575] bridge0: port 4(ipvlan0) entered disabled state
[  104.909439][ T6575] ipvlan0: entered allmulticast mode
[  104.915080][ T6575] ipvlan0: left allmulticast mode
[  104.927718][ T6575] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check.
[  104.996492][ T6582] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  105.003879][ T6582] vhci_hcd: invalid port number 23
[  105.009601][ T6588] netlink: 'syz.4.1000': attribute type 10 has an invalid length.
[  105.034977][   T29] kauditd_printk_skb: 1296 callbacks suppressed
[  105.034992][   T29] audit: type=1326 audit(1725465989.884:16713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6587 comm="syz.4.1000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20390dcef9 code=0x7ffc0000
[  105.066900][ T6588] loop4: detected capacity change from 0 to 256
[  105.073076][   T29] audit: type=1326 audit(1725465989.904:16714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6587 comm="syz.4.1000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f20390dcef9 code=0x7ffc0000
[  105.097030][   T29] audit: type=1326 audit(1725465989.904:16715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6587 comm="syz.4.1000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20390dcef9 code=0x7ffc0000
[  105.103453][ T6588] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  105.120765][   T29] audit: type=1326 audit(1725465989.904:16716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6587 comm="syz.4.1000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f20390dcef9 code=0x7ffc0000
[  105.153549][   T29] audit: type=1326 audit(1725465989.904:16717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6587 comm="syz.4.1000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20390dcef9 code=0x7ffc0000
[  105.177156][   T29] audit: type=1326 audit(1725465989.904:16718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6587 comm="syz.4.1000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=158 compat=0 ip=0x7f20390dcef9 code=0x7ffc0000
[  105.200772][   T29] audit: type=1326 audit(1725465989.914:16719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6587 comm="syz.4.1000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20390dcef9 code=0x7ffc0000
[  105.201059][ T6595] SELinux: failed to load policy
[  105.224212][   T29] audit: type=1326 audit(1725465989.914:16720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6587 comm="syz.4.1000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f20390dcef9 code=0x7ffc0000
[  105.224242][   T29] audit: type=1326 audit(1725465989.914:16721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6587 comm="syz.4.1000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20390dcef9 code=0x7ffc0000
[  105.276129][   T29] audit: type=1326 audit(1725465989.914:16722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6587 comm="syz.4.1000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=12 compat=0 ip=0x7f20390dcef9 code=0x7ffc0000
[  105.357527][ T6610] FAULT_INJECTION: forcing a failure.
[  105.357527][ T6610] name failslab, interval 1, probability 0, space 0, times 0
[  105.370193][ T6610] CPU: 1 UID: 0 PID: 6610 Comm: syz.4.1008 Not tainted 6.11.0-rc6-syzkaller-00026-g88fac17500f4 #0
[  105.380904][ T6610] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  105.383227][ T6613] loop1: detected capacity change from 0 to 512
[  105.390949][ T6610] Call Trace:
[  105.390960][ T6610]  <TASK>
[  105.390967][ T6610]  dump_stack_lvl+0xf2/0x150
[  105.390994][ T6610]  dump_stack+0x15/0x20
[  105.399965][ T6613] EXT4-fs: Ignoring removed orlov option
[  105.400535][ T6610]  should_fail_ex+0x229/0x230
[  105.422656][ T6610]  ? skb_clone+0x154/0x1f0
[  105.427066][ T6610]  should_failslab+0x8f/0xb0
[  105.431679][ T6610]  kmem_cache_alloc_noprof+0x4c/0x290
[  105.437093][ T6610]  skb_clone+0x154/0x1f0
[  105.441373][ T6610]  __netlink_deliver_tap+0x2bd/0x4c0
[  105.446700][ T6610]  netlink_unicast+0x64a/0x670
[  105.451480][ T6610]  netlink_sendmsg+0x5cc/0x6e0
[  105.456332][ T6610]  ? __pfx_netlink_sendmsg+0x10/0x10
[  105.461617][ T6610]  __sock_sendmsg+0x140/0x180
[  105.466385][ T6610]  ____sys_sendmsg+0x312/0x410
[  105.471154][ T6610]  __sys_sendmsg+0x1e9/0x280
[  105.475806][ T6610]  __x64_sys_sendmsg+0x46/0x50
[  105.480646][ T6610]  x64_sys_call+0x2689/0x2d60
[  105.485325][ T6610]  do_syscall_64+0xc9/0x1c0
[  105.489820][ T6610]  ? clear_bhb_loop+0x55/0xb0
[  105.494491][ T6610]  ? clear_bhb_loop+0x55/0xb0
[  105.499155][ T6610]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.505134][ T6610] RIP: 0033:0x7f20390dcef9
[  105.509533][ T6610] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  105.529132][ T6610] RSP: 002b:00007f2037d57038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  105.537531][ T6610] RAX: ffffffffffffffda RBX: 00007f2039295f80 RCX: 00007f20390dcef9
[  105.545516][ T6610] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[  105.553536][ T6610] RBP: 00007f2037d57090 R08: 0000000000000000 R09: 0000000000000000
[  105.561496][ T6610] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  105.569477][ T6610] R13: 0000000000000000 R14: 00007f2039295f80 R15: 00007ffea0dc2028
[  105.577451][ T6610]  </TASK>
[  105.612026][ T6613] EXT4-fs (loop1): 1 truncate cleaned up
[  105.622056][ T6613] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  105.666307][ T6625] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  105.705917][ T6625] vhci_hcd: invalid port number 23
[  106.120869][ T6640] loop2: detected capacity change from 0 to 512
[  106.179008][ T6640] EXT4-fs (loop2): external journal device major/minor numbers have changed
[  106.191877][ T6644] __nla_validate_parse: 9 callbacks suppressed
[  106.191892][ T6644] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1019'.
[  106.315627][ T3269] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.325999][ T6640] EXT4-fs (loop2): failed to open journal device unknown-block(0,3) -6
[  106.367064][ T6649] loop4: detected capacity change from 0 to 1024
[  106.393102][ T6649] EXT4-fs: Ignoring removed oldalloc option
[  106.403439][ T6640] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1017'.
[  106.415902][ T6640] ebt_limit: overflow, try lower: 570423552/2483027968
[  106.425433][ T6649] EXT4-fs: Ignoring removed nomblk_io_submit option
[  106.426522][ T6655] netlink: 'syz.0.1024': attribute type 10 has an invalid length.
[  106.432057][ T6649] ext3: Unknown parameter 'fowner>00000000000000000000'
[  106.439840][ T6655] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1024'.
[  106.450472][ T6655] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  106.501625][ T6661] rdma_op ffff888114482180 conn xmit_rdma 0000000000000000
[  106.567219][ T6664] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  106.575039][ T6664] vhci_hcd: invalid port number 23
[  106.647772][ T6671] loop1: detected capacity change from 0 to 8192
[  106.654408][ T6671] vfat: Unknown parameter 'ÿÿ'
[  106.722224][ T6690] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1036'.
[  106.764982][ T6696] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=37204 sclass=netlink_route_socket pid=6696 comm=syz.2.1039
[  106.797845][ T6671] loop1: detected capacity change from 0 to 512
[  106.807955][ T6700] netlink: 'syz.4.1041': attribute type 10 has an invalid length.
[  106.815865][ T6700] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1041'.
[  106.821994][ T6696] loop2: detected capacity change from 0 to 2048
[  106.837617][ T6700] loop4: detected capacity change from 0 to 256
[  106.852271][ T6700] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  106.894874][ T6696] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1039'.
[  106.903177][ T6671] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  106.903775][ T6696] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1039'.
[  106.998008][ T6671] ext4 filesystem being mounted at /211/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  107.029488][ T6708] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  107.209357][ T6708] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  107.320980][ T6708] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  107.422560][ T6717] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1044'.
[  107.460741][ T6708] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  107.489920][ T6713] ebt_limit: overflow, try lower: 570423552/2483027968
[  107.528827][ T3269] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.566271][ T6708] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  107.578303][ T6708] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  107.590585][ T6708] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  107.602865][ T6708] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  107.689565][ T6746] netlink: 'syz.1.1057': attribute type 10 has an invalid length.
[  107.697479][ T6746] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1057'.
[  107.714812][ T6746] loop1: detected capacity change from 0 to 256
[  107.726951][ T6746] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  107.763066][ T6751] SELinux:  Context ì is not valid (left unmapped).
[  107.806325][ T6752] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  107.813881][ T6752] vhci_hcd: invalid port number 23
[  107.826883][ T6755] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=37204 sclass=netlink_route_socket pid=6755 comm=syz.2.1059
[  107.852478][ T6755] loop2: detected capacity change from 0 to 2048
[  107.900247][ T6755] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1059'.
[  107.963627][ T6773] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  107.968489][ T6771] loop2: detected capacity change from 0 to 8192
[  107.984632][ T6771] vfat: Unknown parameter 'ÿÿ'
[  108.021872][ T6771] loop2: detected capacity change from 0 to 512
[  108.037136][ T6773] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  108.061051][ T6771] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  108.074644][ T6771] ext4 filesystem being mounted at /210/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  108.099389][ T6773] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  108.127732][ T6779] netlink: 'syz.0.1067': attribute type 10 has an invalid length.
[  108.161854][ T6773] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  108.182708][ T6779] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  108.306891][ T6787] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  108.314585][ T6787] vhci_hcd: invalid port number 23
[  108.325024][ T6773] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  108.336176][ T3268] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.338434][ T6773] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  108.365584][ T6773] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  108.385381][ T6773] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  108.418327][ T6799] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=37204 sclass=netlink_route_socket pid=6799 comm=syz.2.1075
[  108.447258][ T6799] loop2: detected capacity change from 0 to 2048
[  108.502274][ T6809] bridge0: port 2(bridge_slave_1) entered disabled state
[  108.539001][ T6813] loop1: detected capacity change from 0 to 512
[  108.556923][ T6816] rdma_op ffff88810953fd80 conn xmit_rdma 0000000000000000
[  108.567595][ T6819] loop3: detected capacity change from 0 to 256
[  108.569266][ T6813] EXT4-fs (loop1): external journal device major/minor numbers have changed
[  108.588757][ T6819] sg_write: data in/out 45479/14 bytes for SCSI command 0x0-- guessing data in;
[  108.588757][ T6819]    program syz.3.1083 not setting count and/or reply_len properly
[  108.605652][ T6813] EXT4-fs (loop1): failed to open journal device unknown-block(0,3) -6
[  108.644808][ T6813] ebt_limit: overflow, try lower: 570423552/2483027968
[  108.670026][ T6833] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  108.704717][ T6840] FAULT_INJECTION: forcing a failure.
[  108.704717][ T6840] name failslab, interval 1, probability 0, space 0, times 0
[  108.717424][ T6840] CPU: 1 UID: 0 PID: 6840 Comm: syz.2.1089 Not tainted 6.11.0-rc6-syzkaller-00026-g88fac17500f4 #0
[  108.728124][ T6840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  108.738159][ T6840] Call Trace:
[  108.741415][ T6840]  <TASK>
[  108.744343][ T6840]  dump_stack_lvl+0xf2/0x150
[  108.748916][ T6840]  dump_stack+0x15/0x20
[  108.753092][ T6840]  should_fail_ex+0x229/0x230
[  108.757754][ T6840]  ? audit_log_d_path+0x96/0x250
[  108.762744][ T6840]  should_failslab+0x8f/0xb0
[  108.767355][ T6840]  __kmalloc_cache_noprof+0x4b/0x2a0
[  108.772713][ T6840]  audit_log_d_path+0x96/0x250
[  108.777594][ T6840]  ? get_file_rcu+0xf4/0x110
[  108.782220][ T6840]  ? __rcu_read_unlock+0x4e/0x70
[  108.787261][ T6840]  audit_log_d_path_exe+0x45/0x80
[  108.792315][ T6840]  audit_log_task+0x155/0x180
[  108.796980][ T6840]  audit_seccomp+0x68/0x130
[  108.801479][ T6840]  __seccomp_filter+0x6fa/0x1180
[  108.806404][ T6840]  ? should_fail_ex+0xd7/0x230
[  108.811149][ T6840]  ? set_task_ioprio+0x16a/0x260
[  108.816108][ T6840]  ? should_failslab+0x8f/0xb0
[  108.820940][ T6840]  ? kmem_cache_alloc_node_noprof+0x129/0x2b0
[  108.827079][ T6840]  __secure_computing+0x9f/0x1c0
[  108.832116][ T6840]  syscall_trace_enter+0xd1/0x1f0
[  108.837133][ T6840]  ? fpregs_assert_state_consistent+0x83/0xa0
[  108.843297][ T6840]  do_syscall_64+0xaa/0x1c0
[  108.847778][ T6840]  ? clear_bhb_loop+0x55/0xb0
[  108.852482][ T6840]  ? clear_bhb_loop+0x55/0xb0
[  108.857154][ T6840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.863085][ T6840] RIP: 0033:0x7fd5391eb93c
[  108.867480][ T6840] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  108.887094][ T6840] RSP: 002b:00007fd537e67030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  108.895507][ T6840] RAX: ffffffffffffffda RBX: 00007fd5393a5f80 RCX: 00007fd5391eb93c
[  108.903492][ T6840] RDX: 000000000000000f RSI: 00007fd537e670a0 RDI: 0000000000000003
[  108.911513][ T6840] RBP: 00007fd537e67090 R08: 0000000000000000 R09: 0000000000000000
[  108.919471][ T6840] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  108.927422][ T6840] R13: 0000000000000000 R14: 00007fd5393a5f80 R15: 00007ffe91beaf48
[  108.935390][ T6840]  </TASK>
[  108.953992][ T6833] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  109.015181][ T6833] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  109.077154][ T6833] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  109.141504][ T6833] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  109.152120][ T6833] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  109.162559][ T6833] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  109.173202][ T6833] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  109.319352][ T6852] rdma_op ffff88810953fd80 conn xmit_rdma 0000000000000000
[  109.338813][ T6854] netlink: 'syz.1.1095': attribute type 10 has an invalid length.
[  109.352528][ T6854] loop1: detected capacity change from 0 to 256
[  109.369805][ T6854] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  109.394553][ T6856] capability: warning: `syz.0.1093' uses deprecated v2 capabilities in a way that may be insecure
[  109.520898][ T6878] loop1: detected capacity change from 0 to 1764
[  109.546437][ T6877] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  109.554648][ T6877] vhci_hcd: invalid port number 23
[  109.657913][ T6884] loop3: detected capacity change from 0 to 512
[  109.675973][ T6884] EXT4-fs (loop3): external journal device major/minor numbers have changed
[  109.714090][ T6884] EXT4-fs (loop3): failed to open journal device unknown-block(0,3) -6
[  109.757400][ T6884] ebt_limit: overflow, try lower: 570423552/2483027968
[  109.814036][ T6890] netlink: 'syz.2.1106': attribute type 10 has an invalid length.
[  109.828403][ T6890] loop2: detected capacity change from 0 to 256
[  109.839866][ T6890] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  109.874788][ T6893] netlink: 'syz.2.1107': attribute type 10 has an invalid length.
[  109.889606][ T6893] loop2: detected capacity change from 0 to 256
[  109.901801][ T6893] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  110.002155][ T6899] netlink: 'syz.2.1109': attribute type 10 has an invalid length.
[  110.014969][ T6899] loop2: detected capacity change from 0 to 256
[  110.026041][ T6899] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  110.036074][   T29] kauditd_printk_skb: 980 callbacks suppressed
[  110.036087][   T29] audit: type=1326 audit(1725465994.894:17703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6898 comm="syz.2.1109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd5391ecef9 code=0x7ffc0000
[  110.066488][   T29] audit: type=1326 audit(1725465994.894:17704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6898 comm="syz.2.1109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5391ecef9 code=0x7ffc0000
[  110.090125][   T29] audit: type=1326 audit(1725465994.894:17705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6898 comm="syz.2.1109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5391ecef9 code=0x7ffc0000
[  110.113667][   T29] audit: type=1326 audit(1725465994.924:17706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6898 comm="syz.2.1109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fd5391ecef9 code=0x7ffc0000
[  110.137169][   T29] audit: type=1326 audit(1725465994.924:17707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6898 comm="syz.2.1109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5391ecef9 code=0x7ffc0000
[  110.160823][   T29] audit: type=1326 audit(1725465994.924:17708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6898 comm="syz.2.1109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5391ecef9 code=0x7ffc0000
[  110.184631][   T29] audit: type=1326 audit(1725465994.934:17709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6898 comm="syz.2.1109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7fd5391ecef9 code=0x7ffc0000
[  110.208197][   T29] audit: type=1326 audit(1725465994.934:17710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6898 comm="syz.2.1109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5391ecef9 code=0x7ffc0000
[  110.232044][   T29] audit: type=1326 audit(1725465994.934:17711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6898 comm="syz.2.1109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5391ecef9 code=0x7ffc0000
[  110.255506][   T29] audit: type=1326 audit(1725465994.934:17712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6898 comm="syz.2.1109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7fd5391ecef9 code=0x7ffc0000
[  110.373339][ T6927] Cannot find del_set index 4 as target
[  110.402406][ T6932] loop1: detected capacity change from 0 to 256
[  110.410305][ T6932] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  110.423350][ T6932] FAULT_INJECTION: forcing a failure.
[  110.423350][ T6932] name failslab, interval 1, probability 0, space 0, times 0
[  110.435986][ T6932] CPU: 0 UID: 0 PID: 6932 Comm: syz.1.1121 Not tainted 6.11.0-rc6-syzkaller-00026-g88fac17500f4 #0
[  110.446728][ T6932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  110.456824][ T6932] Call Trace:
[  110.460085][ T6932]  <TASK>
[  110.462997][ T6932]  dump_stack_lvl+0xf2/0x150
[  110.467584][ T6932]  dump_stack+0x15/0x20
[  110.471760][ T6932]  should_fail_ex+0x229/0x230
[  110.476421][ T6932]  ? __d_alloc+0x8f/0x340
[  110.480727][ T6932]  should_failslab+0x8f/0xb0
[  110.485302][ T6932]  __kmalloc_noprof+0xa5/0x370
[  110.490123][ T6932]  __d_alloc+0x8f/0x340
[  110.494325][ T6932]  d_alloc+0x2e/0x100
[  110.498338][ T6932]  lookup_one_qstr_excl+0x97/0x1a0
[  110.503442][ T6932]  do_renameat2+0x513/0xa60
[  110.507936][ T6932]  __x64_sys_rename+0x58/0x70
[  110.512636][ T6932]  x64_sys_call+0x1a84/0x2d60
[  110.517303][ T6932]  do_syscall_64+0xc9/0x1c0
[  110.521795][ T6932]  ? clear_bhb_loop+0x55/0xb0
[  110.526461][ T6932]  ? clear_bhb_loop+0x55/0xb0
[  110.531115][ T6932]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.536996][ T6932] RIP: 0033:0x7f84e766cef9
[  110.541392][ T6932] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  110.561078][ T6932] RSP: 002b:00007f84e62e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000052
[  110.569790][ T6932] RAX: ffffffffffffffda RBX: 00007f84e7825f80 RCX: 00007f84e766cef9
[  110.577744][ T6932] RDX: 0000000000000000 RSI: 0000000020000c80 RDI: 0000000020000400
[  110.585735][ T6932] RBP: 00007f84e62e7090 R08: 0000000000000000 R09: 0000000000000000
[  110.593696][ T6932] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  110.601662][ T6932] R13: 0000000000000000 R14: 00007f84e7825f80 R15: 00007ffd18b538a8
[  110.609717][ T6932]  </TASK>
[  110.691750][ T6943] FAULT_INJECTION: forcing a failure.
[  110.691750][ T6943] name failslab, interval 1, probability 0, space 0, times 0
[  110.704481][ T6943] CPU: 0 UID: 0 PID: 6943 Comm: syz.4.1125 Not tainted 6.11.0-rc6-syzkaller-00026-g88fac17500f4 #0
[  110.715234][ T6943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  110.725287][ T6943] Call Trace:
[  110.728554][ T6943]  <TASK>
[  110.731605][ T6943]  dump_stack_lvl+0xf2/0x150
[  110.736181][ T6943]  dump_stack+0x15/0x20
[  110.740320][ T6943]  should_fail_ex+0x229/0x230
[  110.744982][ T6943]  ? sctp_datamsg_from_user+0x57/0x930
[  110.750427][ T6943]  should_failslab+0x8f/0xb0
[  110.755032][ T6943]  __kmalloc_cache_noprof+0x4b/0x2a0
[  110.760384][ T6943]  sctp_datamsg_from_user+0x57/0x930
[  110.765740][ T6943]  ? __sk_mem_schedule+0x7f/0xc0
[  110.770668][ T6943]  sctp_sendmsg_to_asoc+0x959/0xbe0
[  110.775849][ T6943]  ? mntput+0x49/0x70
[  110.779810][ T6943]  ? terminate_walk+0x260/0x280
[  110.784691][ T6943]  ? lock_sock_nested+0x10f/0x140
[  110.789721][ T6943]  ? sctp_sendmsg_check_sflags+0x14d/0x1d0
[  110.795556][ T6943]  sctp_sendmsg+0x136f/0x1920
[  110.800299][ T6943]  ? __pfx_sctp_sendmsg+0x10/0x10
[  110.805332][ T6943]  inet_sendmsg+0xc5/0xd0
[  110.809686][ T6943]  __sock_sendmsg+0x102/0x180
[  110.814462][ T6943]  __sys_sendto+0x1e5/0x260
[  110.818986][ T6943]  __x64_sys_sendto+0x78/0x90
[  110.823645][ T6943]  x64_sys_call+0x2959/0x2d60
[  110.828371][ T6943]  do_syscall_64+0xc9/0x1c0
[  110.832947][ T6943]  ? clear_bhb_loop+0x55/0xb0
[  110.837663][ T6943]  ? clear_bhb_loop+0x55/0xb0
[  110.842339][ T6943]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.848265][ T6943] RIP: 0033:0x7f20390dcef9
[  110.852716][ T6943] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  110.872454][ T6943] RSP: 002b:00007f2037d57038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  110.880853][ T6943] RAX: ffffffffffffffda RBX: 00007f2039295f80 RCX: 00007f20390dcef9
[  110.888844][ T6943] RDX: 0000000000010044 RSI: 0000000020000040 RDI: 0000000000000004
[  110.896799][ T6943] RBP: 00007f2037d57090 R08: 0000000000000000 R09: 0000000000000044
[  110.904770][ T6943] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  110.912811][ T6943] R13: 0000000000000000 R14: 00007f2039295f80 R15: 00007ffea0dc2028
[  110.920768][ T6943]  </TASK>
[  111.303686][ T6976] loop2: detected capacity change from 0 to 512
[  111.323757][ T6976] EXT4-fs (loop2): external journal device major/minor numbers have changed
[  111.369519][ T6984] FAULT_INJECTION: forcing a failure.
[  111.369519][ T6984] name failslab, interval 1, probability 0, space 0, times 0
[  111.375818][ T6976] EXT4-fs (loop2): failed to open journal device unknown-block(0,3) -6
[  111.382152][ T6984] CPU: 1 UID: 0 PID: 6984 Comm: syz.1.1137 Not tainted 6.11.0-rc6-syzkaller-00026-g88fac17500f4 #0
[  111.401029][ T6984] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  111.411078][ T6984] Call Trace:
[  111.414345][ T6984]  <TASK>
[  111.417339][ T6984]  dump_stack_lvl+0xf2/0x150
[  111.421985][ T6984]  dump_stack+0x15/0x20
[  111.426238][ T6984]  should_fail_ex+0x229/0x230
[  111.430981][ T6984]  ? vm_area_alloc+0xac/0x130
[  111.435695][ T6984]  should_failslab+0x8f/0xb0
[  111.440358][ T6984]  kmem_cache_alloc_noprof+0x4c/0x290
[  111.445760][ T6984]  vm_area_alloc+0xac/0x130
[  111.450255][ T6984]  mmap_region+0x88b/0x1620
[  111.454839][ T6984]  ? security_mmap_addr+0x4c/0x70
[  111.459868][ T6984]  ? __get_unmapped_area+0x2d1/0x300
[  111.465174][ T6984]  do_mmap+0x72a/0xb70
[  111.469276][ T6984]  ? security_mmap_file+0x128/0x150
[  111.474468][ T6984]  vm_mmap_pgoff+0x133/0x290
[  111.479132][ T6984]  ksys_mmap_pgoff+0xd0/0x340
[  111.483861][ T6984]  ? syscall_trace_enter+0x104/0x1f0
[  111.489168][ T6984]  ? fpregs_assert_state_consistent+0x83/0xa0
[  111.495242][ T6984]  x64_sys_call+0x1884/0x2d60
[  111.499920][ T6984]  do_syscall_64+0xc9/0x1c0
[  111.504526][ T6984]  ? clear_bhb_loop+0x55/0xb0
[  111.509229][ T6984]  ? clear_bhb_loop+0x55/0xb0
[  111.513891][ T6984]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.519841][ T6984] RIP: 0033:0x7f84e766cf33
[  111.524269][ T6984] Code: f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 41 89 ca 41 f7 c1 ff 0f 00 00 75 14 b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 25 c3 0f 1f 40 00 48 c7 c0 a8 ff ff ff 64 c7
[  111.543929][ T6984] RSP: 002b:00007f84e62e6e18 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  111.552331][ T6984] RAX: ffffffffffffffda RBX: 0000000000000504 RCX: 00007f84e766cf33
[  111.560290][ T6984] RDX: 0000000000000003 RSI: 0000000008400000 RDI: 0000000000000000
[  111.568246][ T6984] RBP: 00000000200034c2 R08: 00000000ffffffff R09: 0000000000000000
[  111.576203][ T6984] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000000004
[  111.584234][ T6984] R13: 00007f84e62e6ef0 R14: 00007f84e62e6eb0 R15: 00000000200020c0
[  111.592206][ T6984]  </TASK>
[  111.638374][ T6976] __nla_validate_parse: 12 callbacks suppressed
[  111.638403][ T6976] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1133'.
[  111.654794][ T6976] ebt_limit: overflow, try lower: 570423552/2483027968
[  111.749836][ T7003] netlink: 'syz.3.1143': attribute type 10 has an invalid length.
[  111.757713][ T7003] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1143'.
[  111.773087][ T7003] loop3: detected capacity change from 0 to 256
[  111.786151][ T7003] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  111.828194][ T7007] loop3: detected capacity change from 0 to 2048
[  111.838963][ T6993] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1139'.
[  111.848086][ T6993] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1139'.
[  111.878365][ T7007] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1144'.
[  111.887328][ T7007] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1144'.
[  111.901565][ T7011] netlink: 'syz.4.1146': attribute type 10 has an invalid length.
[  111.909437][ T7011] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1146'.
[  111.939330][ T7011] loop4: detected capacity change from 0 to 256
[  111.946849][ T7017] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1148'.
[  111.967887][ T7019] netlink: 'syz.0.1149': attribute type 3 has an invalid length.
[  111.975633][ T7019] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1149'.
[  111.991246][ T7011] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  112.060301][ T7027] loop3: detected capacity change from 0 to 512
[  112.068403][ T7027] EXT4-fs (loop3): unsupported inode size: 264
[  112.074576][ T7027] EXT4-fs (loop3): blocksize: 1024
[  112.481211][ T7046] loop3: detected capacity change from 0 to 2048
[  112.558049][ T7046] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1158'.
[  112.570221][ T7049] loop1: detected capacity change from 0 to 512
[  112.577447][ T7049] EXT4-fs (loop1): external journal device major/minor numbers have changed
[  112.603107][ T7049] EXT4-fs (loop1): failed to open journal device unknown-block(0,3) -6
[  112.630996][ T7049] ebt_limit: overflow, try lower: 570423552/2483027968
[  112.669984][ T7058] loop3: detected capacity change from 0 to 512
[  112.676923][ T7058] EXT4-fs (loop3): external journal device major/minor numbers have changed
[  112.699090][ T7058] EXT4-fs (loop3): failed to open journal device unknown-block(0,3) -6
[  112.727025][ T7058] ebt_limit: overflow, try lower: 570423552/2483027968
[  112.909471][ T7064] netlink: 'syz.0.1162': attribute type 10 has an invalid length.
[  112.925346][ T7064] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  113.038479][ T7079] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=37204 sclass=netlink_route_socket pid=7079 comm=syz.2.1167
[  113.060054][ T7079] loop2: detected capacity change from 0 to 2048
[  113.161186][ T7084] netlink: 'syz.2.1168': attribute type 10 has an invalid length.
[  113.176664][ T7084] loop2: detected capacity change from 0 to 256
[  113.248253][ T7094] netlink: 'syz.2.1172': attribute type 3 has an invalid length.
[  113.315718][ T7105] loop2: detected capacity change from 0 to 512
[  113.322613][ T7105] EXT4-fs: Ignoring removed i_version option
[  113.329684][ T7105] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  113.340587][ T7105] EXT4-fs (loop2): 1 truncate cleaned up
[  113.346816][ T7105] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  113.374081][ T3268] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.463313][ T7124] syz.3.1187[7124] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  113.463470][ T7124] syz.3.1187[7124] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  113.539157][ T7139] SELinux:  Context system_u:object_r:init_var_run_t:s0 is not valid (left unmapped).
[  113.613717][ T7145] loop1: detected capacity change from 0 to 2048
[  113.627073][ T7145] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  113.668863][ T7148] loop2: detected capacity change from 0 to 512
[  113.676983][ T7148] EXT4-fs (loop2): external journal device major/minor numbers have changed
[  113.693164][ T7151] EXT4-fs error (device loop1): ext4_search_dir:1505: inode #2: block 16: comm syz.1.1195: bad entry in directory: inode out of bounds - offset=44, inode=185, rec_len=16, size=2048 fake=0
[  113.712842][ T7151] EXT4-fs error (device loop1): ext4_find_dest_de:2067: inode #2: block 16: comm syz.1.1195: bad entry in directory: inode out of bounds - offset=44, inode=185, rec_len=16, size=2048 fake=0
[  113.833370][ T7148] EXT4-fs (loop2): failed to open journal device unknown-block(0,3) -6
[  113.930789][ T7148] ebt_limit: overflow, try lower: 570423552/2483027968
[  113.948245][ T3269] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.054376][ T7170] sd 0:0:1:0: device reset
[  114.184801][ T7193] loop1: detected capacity change from 0 to 128
[  114.196880][ T7194] sctp: [Deprecated]: syz.4.1204 (pid 7194) Use of int in max_burst socket option deprecated.
[  114.196880][ T7194] Use struct sctp_assoc_value instead
[  114.208041][ T7193] bio_check_eod: 7 callbacks suppressed
[  114.208054][ T7193] syz.1.1210: attempt to access beyond end of device
[  114.208054][ T7193] loop1: rw=2049, sector=145, nr_sectors = 896 limit=128
[  114.303076][ T7199] loop1: detected capacity change from 0 to 512
[  114.310193][ T7199] EXT4-fs (loop1): external journal device major/minor numbers have changed
[  114.333813][ T7199] EXT4-fs (loop1): failed to open journal device unknown-block(0,3) -6
[  114.366333][ T7199] ebt_limit: overflow, try lower: 570423552/2483027968
[  114.382908][ T7208] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=37204 sclass=netlink_route_socket pid=7208 comm=syz.2.1212
[  114.406091][ T7208] loop2: detected capacity change from 0 to 2048
[  114.557607][ T7216] syzkaller0: entered promiscuous mode
[  114.563255][ T7216] syzkaller0: entered allmulticast mode
[  115.074502][ T7236] ebt_limit: overflow, try lower: 570423552/2483027968
[  115.419616][   T29] kauditd_printk_skb: 1112 callbacks suppressed
[  115.419630][   T29] audit: type=1326 audit(1725466000.274:18825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7243 comm="syz.2.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5391ecef9 code=0x7ffc0000
[  115.421980][ T7244] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=37204 sclass=netlink_route_socket pid=7244 comm=syz.2.1225
[  115.426008][   T29] audit: type=1326 audit(1725466000.274:18826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7243 comm="syz.2.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5391ecef9 code=0x7ffc0000
[  115.463969][ T7244] loop2: detected capacity change from 0 to 2048
[  115.485635][   T29] audit: type=1326 audit(1725466000.274:18827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7243 comm="syz.2.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd5391ecef9 code=0x7ffc0000
[  115.485665][   T29] audit: type=1326 audit(1725466000.274:18828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7243 comm="syz.2.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5391ecef9 code=0x7ffc0000
[  115.538996][   T29] audit: type=1326 audit(1725466000.274:18829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7243 comm="syz.2.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd5391ecef9 code=0x7ffc0000
[  115.562464][   T29] audit: type=1326 audit(1725466000.274:18830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7243 comm="syz.2.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5391ecef9 code=0x7ffc0000
[  115.585972][   T29] audit: type=1326 audit(1725466000.274:18831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7243 comm="syz.2.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5391ecef9 code=0x7ffc0000
[  115.609446][   T29] audit: type=1326 audit(1725466000.274:18832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7243 comm="syz.2.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd5391ecef9 code=0x7ffc0000
[  115.632884][   T29] audit: type=1326 audit(1725466000.274:18833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7243 comm="syz.2.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5391ecef9 code=0x7ffc0000
[  115.656403][   T29] audit: type=1326 audit(1725466000.274:18834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7243 comm="syz.2.1225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=114 compat=0 ip=0x7fd5391ecef9 code=0x7ffc0000
[  115.747843][ T7254] rdma_op ffff88810953cd80 conn xmit_rdma 0000000000000000
[  116.525970][ T7280] netlink: 'syz.3.1237': attribute type 10 has an invalid length.
[  116.537125][ T7280] loop3: detected capacity change from 0 to 256
[  116.557794][ T7280] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  116.588531][ T7285] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=37204 sclass=netlink_route_socket pid=7285 comm=syz.4.1239
[  116.614795][ T7285] loop4: detected capacity change from 0 to 2048
[  116.650383][ T7293] loop3: detected capacity change from 0 to 2048
[  116.659700][ T7285] __nla_validate_parse: 22 callbacks suppressed
[  116.659713][ T7285] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1239'.
[  116.667655][ T7293] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  116.674861][ T7285] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1239'.
[  116.709311][ T7293] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  116.737389][ T7293] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 31 with max blocks 33 with error 28
[  116.749886][ T7293] EXT4-fs (loop3): This should not happen!! Data will be lost
[  116.749886][ T7293] 
[  116.759514][ T7293] EXT4-fs (loop3): Total free blocks count 0
[  116.765484][ T7293] EXT4-fs (loop3): Free/Dirty block details
[  116.771409][ T7293] EXT4-fs (loop3): free_blocks=2415919104
[  116.777122][ T7293] EXT4-fs (loop3): dirty_blocks=64
[  116.782209][ T7293] EXT4-fs (loop3): Block reservation details
[  116.788289][ T7293] EXT4-fs (loop3): i_reserved_data_blocks=4
[  116.798041][ T7302] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 31 with max blocks 1 with error 28
[  116.814291][ T7305] syz.0.1246[7305] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  116.814482][ T7305] syz.0.1246[7305] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  116.844011][ T7308] loop2: detected capacity change from 0 to 512
[  116.863279][ T7308] EXT4-fs (loop2): external journal device major/minor numbers have changed
[  116.877817][ T7312] netlink: 'syz.0.1248': attribute type 10 has an invalid length.
[  116.885651][ T7312] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1248'.
[  116.889383][ T7309] loop3: detected capacity change from 0 to 1024
[  116.901805][ T7309] EXT4-fs: Ignoring removed orlov option
[  116.903134][ T7315] netlink: 'syz.4.1250': attribute type 10 has an invalid length.
[  116.915369][ T7315] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1250'.
[  116.916201][ T7309] EXT4-fs: Ignoring removed nomblk_io_submit option
[  116.924388][ T7308] EXT4-fs (loop2): failed to open journal device unknown-block(0,3) -6
[  116.945553][ T7312] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  116.956739][ T7315] loop4: detected capacity change from 0 to 256
[  116.963831][ T7309] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a843e018, mo2=0002]
[  116.972577][ T7309] System zones: 0-1, 3-12
[  116.977851][ T7309] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  116.988798][ T7315] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  116.999658][ T7323] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1243'.
[  117.016625][ T7308] ebt_limit: overflow, try lower: 570423552/2483027968
[  117.024879][ T7309] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2862: Unable to expand inode 12. Delete some EAs or run e2fsck.
[  117.040031][ T7309] EXT4-fs error (device loop3): ext4_expand_extra_isize_ea:2792: inode #14: comm syz.3.1247: corrupted in-inode xattr: bad magic number in in-inode xattr
[  117.076109][ T7309] EXT4-fs error (device loop3): ext4_clear_blocks:883: inode #14: comm syz.3.1247: attempt to clear invalid blocks 1886221359 len 1
[  117.141523][ T4531] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.594346][ T7347] rdma_op ffff888117f60980 conn xmit_rdma 0000000000000000
[  117.674560][ T7349] loop2: detected capacity change from 0 to 2048
[  117.682335][ T7349] EXT4-fs: Ignoring removed orlov option
[  117.701207][ T7349] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  117.730111][ T3268] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.870683][ T7359] syzkaller0: entered promiscuous mode
[  117.876187][ T7359] syzkaller0: entered allmulticast mode
[  118.003380][ T7362] netlink: 'syz.4.1262': attribute type 10 has an invalid length.
[  118.011270][ T7362] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1262'.
[  118.027505][ T7362] loop4: detected capacity change from 0 to 256
[  118.040226][ T7362] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  118.191246][ T7383] loop4: detected capacity change from 0 to 1024
[  118.198140][ T7383] EXT4-fs: Ignoring removed orlov option
[  118.203884][ T7383] EXT4-fs: Ignoring removed nomblk_io_submit option
[  118.211911][ T7384] loop2: detected capacity change from 0 to 512
[  118.219265][ T7384] EXT4-fs (loop2): external journal device major/minor numbers have changed
[  118.229670][ T7383] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a843e018, mo2=0002]
[  118.244121][ T7384] EXT4-fs (loop2): failed to open journal device unknown-block(0,3) -6
[  118.246507][ T7383] System zones: 0-1, 3-12
[  118.257300][ T7383] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  118.287840][ T7383] EXT4-fs error (device loop4): ext4_expand_extra_isize_ea:2792: inode #14: comm syz.4.1270: corrupted in-inode xattr: bad magic number in in-inode xattr
[  118.300268][ T7384] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1267'.
[  118.305921][ T7383] EXT4-fs error (device loop4): ext4_clear_blocks:883: inode #14: comm syz.4.1270: attempt to clear invalid blocks 1886221359 len 1
[  118.331251][ T7384] ebt_limit: overflow, try lower: 570423552/2483027968
[  118.346307][ T3265] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.378826][ T7402] bridge0: port 4(vlan2) entered blocking state
[  118.385208][ T7402] bridge0: port 4(vlan2) entered disabled state
[  118.391915][ T7402] vlan2: entered allmulticast mode
[  118.397724][ T7402] vlan2: left allmulticast mode
[  118.592719][ T7418] loop4: detected capacity change from 0 to 256
[  118.604592][ T7418] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  119.020253][ T7426] loop4: detected capacity change from 0 to 1024
[  119.036066][ T7426] EXT4-fs: Ignoring removed orlov option
[  119.043893][ T7426] EXT4-fs: Ignoring removed nomblk_io_submit option
[  119.087506][ T7426] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a843e018, mo2=0002]
[  119.095662][ T7426] System zones: 0-1, 3-12
[  119.101076][ T7426] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  119.117743][ T7426] EXT4-fs error (device loop4): ext4_expand_extra_isize_ea:2792: inode #14: comm syz.4.1286: corrupted in-inode xattr: bad magic number in in-inode xattr
[  119.133559][ T7426] EXT4-fs error (device loop4): ext4_clear_blocks:883: inode #14: comm syz.4.1286: attempt to clear invalid blocks 1886221359 len 1
[  119.150982][ T3265] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  119.170545][ T7432] rdma_op ffff8881427a1180 conn xmit_rdma 0000000000000000
[  119.247926][ T7447] bridge0: port 4(vlan2) entered blocking state
[  119.254238][ T7447] bridge0: port 4(vlan2) entered disabled state
[  119.260889][ T7447] vlan2: entered allmulticast mode
[  119.267003][ T7447] vlan2: left allmulticast mode
[  119.329016][ T7452] loop4: detected capacity change from 0 to 512
[  119.335879][ T7452] EXT4-fs (loop4): external journal device major/minor numbers have changed
[  119.359458][ T7452] EXT4-fs (loop4): failed to open journal device unknown-block(0,3) -6
[  119.391498][ T7452] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1295'.
[  119.400535][ T7455] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1296'.
[  119.401397][ T7452] ebt_limit: overflow, try lower: 570423552/2483027968
[  119.416193][ T7455] ebt_limit: overflow, try lower: 570423552/2483027968
[  119.460280][ T7467] loop3: detected capacity change from 0 to 128
[  120.439112][   T29] kauditd_printk_skb: 505 callbacks suppressed
[  120.439173][   T29] audit: type=1326 audit(1725466005.234:19340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7491 comm="syz.3.1311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a046dcef9 code=0x7ffc0000
[  120.468883][   T29] audit: type=1326 audit(1725466005.234:19341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7491 comm="syz.3.1311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a046dcef9 code=0x7ffc0000
[  120.492635][   T29] audit: type=1326 audit(1725466005.234:19342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7491 comm="syz.3.1311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3a046dcef9 code=0x7ffc0000
[  120.516199][   T29] audit: type=1326 audit(1725466005.234:19343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7491 comm="syz.3.1311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a046dcef9 code=0x7ffc0000
[  120.539694][   T29] audit: type=1326 audit(1725466005.234:19344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7491 comm="syz.3.1311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a046dcef9 code=0x7ffc0000
[  120.563350][   T29] audit: type=1326 audit(1725466005.234:19345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7491 comm="syz.3.1311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=237 compat=0 ip=0x7f3a046dcef9 code=0x7ffc0000
[  120.586833][   T29] audit: type=1326 audit(1725466005.234:19346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7491 comm="syz.3.1311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a046dcef9 code=0x7ffc0000
[  120.610470][   T29] audit: type=1326 audit(1725466005.234:19347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7491 comm="syz.3.1311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a046dcef9 code=0x7ffc0000
[  120.634328][   T29] audit: type=1326 audit(1725466005.234:19348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7491 comm="syz.3.1311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3a046dcef9 code=0x7ffc0000
[  120.657760][   T29] audit: type=1326 audit(1725466005.234:19349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7491 comm="syz.3.1311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a046dcef9 code=0x7ffc0000
[  120.797347][ T7498] netlink: 'syz.2.1313': attribute type 10 has an invalid length.
[  120.805370][ T7498] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1313'.
[  120.824969][ T7498] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  121.080681][ T7522] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=37204 sclass=netlink_route_socket pid=7522 comm=syz.4.1322
[  121.086989][ T7524] netlink: 'syz.0.1324': attribute type 10 has an invalid length.
[  121.117989][ T7524] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  121.122468][ T7522] loop4: detected capacity change from 0 to 2048
[  121.274929][ T7554] netlink: 'syz.4.1338': attribute type 10 has an invalid length.
[  121.290071][ T7554] loop4: detected capacity change from 0 to 256
[  121.303622][ T7554] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  121.356723][ T7568] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=37204 sclass=netlink_route_socket pid=7568 comm=syz.2.1343
[  122.364547][ T7612] rdma_op ffff888109586580 conn xmit_rdma 0000000000000000
[  122.520964][ T7619] FAULT_INJECTION: forcing a failure.
[  122.520964][ T7619] name failslab, interval 1, probability 0, space 0, times 0
[  122.533672][ T7619] CPU: 1 UID: 0 PID: 7619 Comm: syz.0.1363 Not tainted 6.11.0-rc6-syzkaller-00026-g88fac17500f4 #0
[  122.544438][ T7619] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  122.554498][ T7619] Call Trace:
[  122.557869][ T7619]  <TASK>
[  122.560872][ T7619]  dump_stack_lvl+0xf2/0x150
[  122.565577][ T7619]  dump_stack+0x15/0x20
[  122.569812][ T7619]  should_fail_ex+0x229/0x230
[  122.574497][ T7619]  ? __anon_vma_prepare+0x73/0x310
[  122.579622][ T7619]  should_failslab+0x8f/0xb0
[  122.584379][ T7619]  kmem_cache_alloc_noprof+0x4c/0x290
[  122.589768][ T7619]  __anon_vma_prepare+0x73/0x310
[  122.594781][ T7619]  ? do_wp_page+0xfb8/0x22c0
[  122.599816][ T7619]  do_wp_page+0xfc0/0x22c0
[  122.604310][ T7619]  ? __rcu_read_lock+0x36/0x50
[  122.609082][ T7619]  ? __rcu_read_lock+0x36/0x50
[  122.613869][ T7619]  handle_mm_fault+0xc4d/0x2a30
[  122.618857][ T7619]  exc_page_fault+0x3b9/0x650
[  122.623572][ T7619]  asm_exc_page_fault+0x26/0x30
[  122.628513][ T7619] RIP: 0033:0x7f35fb4f0c13
[  122.633211][ T7619] Code: 1f 84 00 00 00 00 00 3d 00 01 00 00 75 29 45 31 f6 48 83 c4 18 44 89 f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 40 00 49 8b 0f <44> 88 34 01 49 83 47 10 01 eb 92 66 90 8d 90 ff fe ff ff 83 fa 1c
[  122.652842][ T7619] RSP: 002b:00007f35fa2a63f0 EFLAGS: 00010202
[  122.659034][ T7619] RAX: 00000000000001c0 RBX: 00007f35fa2a6490 RCX: 00007f35f1e87000
[  122.666995][ T7619] RDX: 00007f35fa2a6630 RSI: 0000000000000001 RDI: 00007f35fa2a6530
[  122.675025][ T7619] RBP: 00000000000000bd R08: 0000000000000007 R09: 0000000000000039
[  122.682983][ T7619] R10: 000000000000004a R11: 00007f35fa2a6490 R12: 0000000000000001
[  122.690951][ T7619] R13: 00007f35fb6b3580 R14: 0000000000000002 R15: 00007f35fa2a6530
[  122.698997][ T7619]  </TASK>
[  122.702307][ T7619] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  122.814397][ T7629] __nla_validate_parse: 6 callbacks suppressed
[  122.814416][ T7629] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1366'.
[  123.148850][ T7648] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=37204 sclass=netlink_route_socket pid=7648 comm=syz.4.1371
[  123.170682][ T7648] loop4: detected capacity change from 0 to 2048
[  123.218391][ T7648] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1371'.
[  123.227371][ T7648] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1371'.
[  123.254121][ T7650] rdma_op ffff888117f60580 conn xmit_rdma 0000000000000000
[  123.339603][ T7658] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=37204 sclass=netlink_route_socket pid=7658 comm=syz.4.1374
[  123.362485][ T7658] loop4: detected capacity change from 0 to 2048
[  123.409769][ T7658] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1374'.
[  123.418701][ T7658] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1374'.
[  123.435853][ T7660] sd 0:0:1:0: device reset
[  123.498319][ T7669] loop4: detected capacity change from 0 to 512
[  123.537759][ T7675] netlink: 'syz.4.1382': attribute type 10 has an invalid length.
[  123.545675][ T7675] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1382'.
[  123.561252][ T7675] loop4: detected capacity change from 0 to 256
[  123.572253][ T7675] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  123.606135][ T7679] rdma_op ffff888117f60180 conn xmit_rdma 0000000000000000
[  123.624244][ T7681] netlink: 'syz.4.1384': attribute type 10 has an invalid length.
[  123.632113][ T7681] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1384'.
[  123.653134][ T7681] loop4: detected capacity change from 0 to 256
[  123.672807][ T7681] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  123.762388][ T7688] sd 0:0:1:0: device reset
[  123.800387][ T7693] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=37204 sclass=netlink_route_socket pid=7693 comm=syz.2.1389
[  123.841448][ T7693] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1389'.
[  123.850412][ T7693] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1389'.
[  123.977223][ T7706] rdma_op ffff88814279b580 conn xmit_rdma 0000000000000000
[  124.030504][ T7711] netlink: 'syz.4.1396': attribute type 10 has an invalid length.
[  124.038370][ T7711] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1396'.
[  124.058610][ T7711] loop4: detected capacity change from 0 to 256
[  124.076325][ T7711] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  124.121784][ T7720] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=37204 sclass=netlink_route_socket pid=7720 comm=syz.4.1398
[  124.144110][ T7720] loop4: detected capacity change from 0 to 2048
[  124.366767][ T7740] rdma_op ffff888117f60980 conn xmit_rdma 0000000000000000
[  124.437133][ T7748] loop3: detected capacity change from 0 to 1024
[  124.443797][ T7748] EXT4-fs: Ignoring removed orlov option
[  124.449552][ T7748] EXT4-fs: Ignoring removed nomblk_io_submit option
[  124.467854][ T7748] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a843e018, mo2=0002]
[  124.476079][ T7748] System zones: 0-1, 3-12
[  124.481054][ T7748] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  124.501040][ T4531] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  124.570116][ T7754] loop3: detected capacity change from 0 to 512
[  124.578072][ T7754] EXT4-fs (loop3): external journal device major/minor numbers have changed
[  124.601425][ T7754] EXT4-fs (loop3): failed to open journal device unknown-block(0,3) -6
[  124.628128][ T7754] ebt_limit: overflow, try lower: 570423552/2483027968
[  125.199488][ T7777] sd 0:0:1:0: device reset
[  125.227373][ T7784] netlink: 'syz.2.1420': attribute type 10 has an invalid length.
[  125.247896][ T7784] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  125.352174][ T7772] chnl_net:caif_netlink_parms(): no params data found
[  125.393465][ T7808] rdma_op ffff888141ee9980 conn xmit_rdma 0000000000000000
[  125.410949][ T7772] bridge0: port 1(bridge_slave_0) entered blocking state
[  125.418070][ T7772] bridge0: port 1(bridge_slave_0) entered disabled state
[  125.432445][ T7772] bridge_slave_0: entered allmulticast mode
[  125.439764][ T7772] bridge_slave_0: entered promiscuous mode
[  125.447051][ T7800] ebt_limit: overflow, try lower: 570423552/2483027968
[  125.454675][ T7772] bridge0: port 2(bridge_slave_1) entered blocking state
[  125.461778][ T7772] bridge0: port 2(bridge_slave_1) entered disabled state
[  125.469070][ T7772] bridge_slave_1: entered allmulticast mode
[  125.475803][ T7772] bridge_slave_1: entered promiscuous mode
[  125.492949][ T7772] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  125.503497][ T7772] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  125.522309][ T7772] team0: Port device team_slave_0 added
[  125.529142][ T7772] team0: Port device team_slave_1 added
[  125.544041][ T7772] batman_adv: batadv0: Adding interface: batadv_slave_0
[  125.551049][ T7772] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  125.577093][ T7772] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  125.588266][ T7772] batman_adv: batadv0: Adding interface: batadv_slave_1
[  125.595197][ T7772] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  125.621233][ T7772] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  125.646078][ T7772] hsr_slave_0: entered promiscuous mode
[  125.652320][ T7772] hsr_slave_1: entered promiscuous mode
[  125.658333][ T7772] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  125.665948][ T7772] Cannot create hsr debugfs directory
[  125.715091][ T7772] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  125.747896][ T7772] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  125.807739][ T7772] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  125.857214][ T7772] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  126.120805][   T29] kauditd_printk_skb: 1038 callbacks suppressed
[  126.120820][   T29] audit: type=1400 audit(1725466010.974:20388): avc:  denied  { bind } for  pid=7825 comm="syz.4.1430" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  126.148187][   T29] audit: type=1400 audit(1725466010.984:20389): avc:  denied  { create } for  pid=7825 comm="syz.4.1430" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  126.180217][   T29] audit: type=1400 audit(1725466011.034:20390): avc:  denied  { write } for  pid=7825 comm="syz.4.1430" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  126.202547][   T29] audit: type=1400 audit(1725466011.034:20391): avc:  denied  { read } for  pid=7825 comm="syz.4.1430" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  126.222660][   T29] audit: type=1326 audit(1725466011.054:20392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7830 comm="syz.2.1432" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5391ecef9 code=0x7ffc0000
[  126.246295][   T29] audit: type=1326 audit(1725466011.054:20393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7830 comm="syz.2.1432" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5391ecef9 code=0x7ffc0000
[  126.270057][   T29] audit: type=1326 audit(1725466011.054:20394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7830 comm="syz.2.1432" exe="/root/syz-executor" sig=0 arch=c000003e syscall=232 compat=0 ip=0x7fd5391ecef9 code=0x7ffc0000
[  126.293593][   T29] audit: type=1326 audit(1725466011.054:20395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7830 comm="syz.2.1432" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5391ecef9 code=0x7ffc0000
[  126.318875][ T7772] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  126.328338][ T7772] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  126.335284][   T29] audit: type=1326 audit(1725466011.124:20396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7836 comm="syz.2.1435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5391ecef9 code=0x7ffc0000
[  126.358801][   T29] audit: type=1326 audit(1725466011.124:20397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7836 comm="syz.2.1435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5391ecef9 code=0x7ffc0000
[  126.385308][ T7772] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  126.417305][ T7772] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  126.488693][ T7856] netlink: 'syz.2.1453': attribute type 10 has an invalid length.
[  126.529725][ T7772] 8021q: adding VLAN 0 to HW filter on device bond0
[  126.549447][ T7772] 8021q: adding VLAN 0 to HW filter on device team0
[  126.559723][ T1745] bridge0: port 1(bridge_slave_0) entered blocking state
[  126.566787][ T1745] bridge0: port 1(bridge_slave_0) entered forwarding state
[  126.579250][ T1745] bridge0: port 2(bridge_slave_1) entered blocking state
[  126.586313][ T1745] bridge0: port 2(bridge_slave_1) entered forwarding state
[  126.656808][ T7772] 8021q: adding VLAN 0 to HW filter on device batadv0
[  126.703158][ T7886] rdma_op ffff88811590d580 conn xmit_rdma 0000000000000000
[  126.725284][ T7890] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=37204 sclass=netlink_route_socket pid=7890 comm=syz.0.1451
[  126.750426][ T7772] veth0_vlan: entered promiscuous mode
[  126.759787][ T7772] veth1_vlan: entered promiscuous mode
[  126.780925][ T7772] veth0_macvtap: entered promiscuous mode
[  126.789582][ T7772] veth1_macvtap: entered promiscuous mode
[  126.801150][ T7772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  126.811739][ T7772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  126.821833][ T7772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  126.832290][ T7772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  126.842977][ T7772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  126.853458][ T7772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  126.863353][ T7772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  126.873885][ T7772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  126.883740][ T7772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  126.894226][ T7772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  126.905715][ T7772] batman_adv: batadv0: Interface activated: batadv_slave_0
[  126.916286][ T7772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  126.926875][ T7772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  126.936695][ T7772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  126.947141][ T7772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  126.956968][ T7772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  126.967442][ T7772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  126.977245][ T7772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  126.987718][ T7772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  126.997670][ T7772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  127.008096][ T7772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  127.019695][ T7772] batman_adv: batadv0: Interface activated: batadv_slave_1
[  127.028748][ T7772] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  127.037489][ T7772] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  127.046189][ T7772] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  127.054862][ T7772] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  127.156149][ T7902] netlink: 'syz.0.1456': attribute type 10 has an invalid length.
[  127.548211][ T7924] batadv0: entered promiscuous mode
[  127.560597][ T7924] batadv_slave_0: entered promiscuous mode
[  127.566777][ T7924] batadv_slave_0: left promiscuous mode
[  127.581002][ T7926] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=37204 sclass=netlink_route_socket pid=7926 comm=syz.2.1464
[  127.600281][ T7924] batadv0: left promiscuous mode
[  127.671250][ T7931] sd 0:0:1:0: device reset
[  127.705726][ T7939] netlink: 'syz.3.1470': attribute type 10 has an invalid length.
[  127.725472][ T7939] loop3: detected capacity change from 0 to 256
[  127.747667][ T7939] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  128.154846][ T7965] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7965 comm=syz.1.1477
[  128.190978][ T7965] netlink: 'syz.1.1477': attribute type 7 has an invalid length.
[  128.199292][ T7965] netlink: 'syz.1.1477': attribute type 39 has an invalid length.
[  128.216664][ T7967] __nla_validate_parse: 13 callbacks suppressed
[  128.216694][ T7967] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1479'.
[  128.249993][ T7970] FAULT_INJECTION: forcing a failure.
[  128.249993][ T7970] name failslab, interval 1, probability 0, space 0, times 0
[  128.262643][ T7970] CPU: 1 UID: 0 PID: 7970 Comm: syz.3.1478 Not tainted 6.11.0-rc6-syzkaller-00026-g88fac17500f4 #0
[  128.273340][ T7970] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  128.283498][ T7970] Call Trace:
[  128.286777][ T7970]  <TASK>
[  128.289730][ T7970]  dump_stack_lvl+0xf2/0x150
[  128.294327][ T7970]  dump_stack+0x15/0x20
[  128.298474][ T7970]  should_fail_ex+0x229/0x230
[  128.303196][ T7970]  ? vm_area_dup+0x98/0x130
[  128.307713][ T7970]  should_failslab+0x8f/0xb0
[  128.312323][ T7970]  kmem_cache_alloc_noprof+0x4c/0x290
[  128.317689][ T7970]  vm_area_dup+0x98/0x130
[  128.322087][ T7970]  copy_mm+0x60b/0x10e0
[  128.326269][ T7970]  copy_process+0xee1/0x1f90
[  128.330968][ T7970]  kernel_clone+0x167/0x5e0
[  128.335467][ T7970]  __se_sys_clone3+0x1b5/0x1f0
[  128.340235][ T7970]  __x64_sys_clone3+0x31/0x40
[  128.344914][ T7970]  x64_sys_call+0x287d/0x2d60
[  128.349648][ T7970]  do_syscall_64+0xc9/0x1c0
[  128.354143][ T7970]  ? clear_bhb_loop+0x55/0xb0
[  128.358837][ T7970]  ? clear_bhb_loop+0x55/0xb0
[  128.363500][ T7970]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  128.369416][ T7970] RIP: 0033:0x7f3a046dcef9
[  128.373818][ T7970] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  128.393478][ T7970] RSP: 002b:00007f3a03356f08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  128.401877][ T7970] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f3a046dcef9
[  128.409834][ T7970] RDX: 00007f3a03356f20 RSI: 0000000000000058 RDI: 00007f3a03356f20
[  128.417804][ T7970] RBP: 00007f3a03357090 R08: 0000000000000000 R09: 0000000000000058
[  128.425775][ T7970] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  128.433743][ T7970] R13: 0000000000000000 R14: 00007f3a04895f80 R15: 00007ffc99b95268
[  128.441752][ T7970]  </TASK>
[  128.613186][ T7967] batadv0: entered promiscuous mode
[  128.625384][ T7967] batadv_slave_0: entered promiscuous mode
[  128.631284][ T7967] batadv_slave_0: left promiscuous mode
[  128.687302][ T7967] batadv0: left promiscuous mode
[  128.698100][ T7980] netlink: 'syz.4.1483': attribute type 10 has an invalid length.
[  128.705983][ T7980] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1483'.
[  128.722638][ T7980] loop4: detected capacity change from 0 to 256
[  128.750285][ T7980] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  128.756627][ T7983] loop3: detected capacity change from 0 to 128
[  128.934525][ T8004] sd 0:0:1:0: device reset
[  129.331909][ T8029] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1499'.
[  129.408153][ T8034] batadv0: entered promiscuous mode
[  129.414664][ T8034] batadv_slave_0: entered promiscuous mode
[  129.420675][ T8034] batadv_slave_0: left promiscuous mode
[  129.427928][ T8034] batadv0: left promiscuous mode
[  129.779804][ T8048] sd 0:0:1:0: device reset
[  129.808012][ T8050] loop4: detected capacity change from 0 to 1024
[  129.814791][ T8050] EXT4-fs: Ignoring removed nomblk_io_submit option
[  129.821825][ T8050] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  129.837554][ T8050] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.854300][ T8050] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  129.875038][ T3265] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.969262][ T8057] loop4: detected capacity change from 0 to 1024
[  129.978200][ T8057] EXT4-fs: Ignoring removed orlov option
[  129.984122][ T8057] EXT4-fs: Ignoring removed nomblk_io_submit option
[  129.997045][ T8057] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a843e018, mo2=0002]
[  130.005282][ T8057] System zones: 0-1, 3-12
[  130.010019][ T8057] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  130.037399][ T3265] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.075964][ T8020] ==================================================================
[  130.084070][ T8020] BUG: KCSAN: data-race in atime_needs_update / inode_update_timestamps
[  130.092422][ T8020] 
[  130.094744][ T8020] write to 0xffff888115e5c6c4 of 4 bytes by task 8032 on cpu 0:
[  130.102622][ T8020]  inode_update_timestamps+0x166/0x280
[  130.108085][ T8020]  file_update_time+0x229/0x2c0
[  130.112944][ T8020]  shmem_file_write_iter+0x9f/0xf0
[  130.118061][ T8020]  iter_file_splice_write+0x5e6/0x970
[  130.123439][ T8020]  direct_splice_actor+0x16c/0x2c0
[  130.128540][ T8020]  splice_direct_to_actor+0x305/0x670
[  130.133919][ T8020]  do_splice_direct+0xd7/0x150
[  130.139379][ T8020]  do_sendfile+0x3ab/0x950
[  130.143786][ T8020]  __x64_sys_sendfile64+0x110/0x150
[  130.148991][ T8020]  x64_sys_call+0xed5/0x2d60
[  130.153583][ T8020]  do_syscall_64+0xc9/0x1c0
[  130.158088][ T8020]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  130.163988][ T8020] 
[  130.166300][ T8020] read to 0xffff888115e5c6c4 of 4 bytes by task 8020 on cpu 1:
[  130.173834][ T8020]  atime_needs_update+0x2aa/0x3e0
[  130.178879][ T8020]  touch_atime+0x4a/0x350
[  130.183225][ T8020]  shmem_file_splice_read+0x56a/0x5c0
[  130.188600][ T8020]  splice_direct_to_actor+0x26c/0x670
[  130.193979][ T8020]  do_splice_direct+0xd7/0x150
[  130.198755][ T8020]  do_sendfile+0x3ab/0x950
[  130.203169][ T8020]  __x64_sys_sendfile64+0x110/0x150
[  130.208373][ T8020]  x64_sys_call+0xed5/0x2d60
[  130.212967][ T8020]  do_syscall_64+0xc9/0x1c0
[  130.217467][ T8020]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  130.223369][ T8020] 
[  130.225681][ T8020] value changed: 0x371d2788 -> 0x37b5be08
[  130.231390][ T8020] 
[  130.233700][ T8020] Reported by Kernel Concurrency Sanitizer on:
[  130.239830][ T8020] CPU: 1 UID: 0 PID: 8020 Comm: syz.2.1496 Not tainted 6.11.0-rc6-syzkaller-00026-g88fac17500f4 #0
[  130.250593][ T8020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  130.260642][ T8020] ==================================================================