[    3.878185][  T100] udevd[100]: starting eudev-3.2.11
[    4.847014][  T146] rm (146) used greatest stack depth: 23120 bytes left
[    7.537338][  T113] udevd (113) used greatest stack depth: 22576 bytes left
[   11.667329][   T30] kauditd_printk_skb: 50 callbacks suppressed
[   11.667341][   T30] audit: type=1400 audit(1716410713.584:61): avc:  denied  { transition } for  pid=222 comm="sshd" path="/bin/sh" dev="sda1" ino=89 scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   11.671132][   T30] audit: type=1400 audit(1716410713.584:62): avc:  denied  { noatsecure } for  pid=222 comm="sshd" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   11.673770][   T30] audit: type=1400 audit(1716410713.584:63): avc:  denied  { write } for  pid=222 comm="sh" path="pipe:[1288]" dev="pipefs" ino=1288 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
[   11.677030][   T30] audit: type=1400 audit(1716410713.584:64): avc:  denied  { rlimitinh } for  pid=222 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   11.679791][   T30] audit: type=1400 audit(1716410713.584:65): avc:  denied  { siginh } for  pid=222 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   12.748123][  T226] sftp-server (226) used greatest stack depth: 22096 bytes left
Warning: Permanently added '10.128.1.52' (ED25519) to the list of known hosts.
2024/05/22 20:45:20 fuzzer started
2024/05/22 20:45:20 dialing manager at 10.128.0.163:30008
[   18.773641][   T30] audit: type=1400 audit(1716410720.684:66): avc:  denied  { node_bind } for  pid=281 comm="syz-fuzzer" saddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[   18.776609][   T30] audit: type=1400 audit(1716410720.684:67): avc:  denied  { name_bind } for  pid=281 comm="syz-fuzzer" src=6060 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[   18.802904][   T30] audit: type=1400 audit(1716410720.714:68): avc:  denied  { setattr } for  pid=290 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   18.819187][  T289] cgroup: Unknown subsys name 'net'
[   18.831537][  T289] cgroup: Unknown subsys name 'devices'
[   18.832330][   T30] audit: type=1400 audit(1716410720.734:69): avc:  denied  { integrity } for  pid=289 comm="syz-executor" lockdown_reason="debugfs access" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=lockdown permissive=1
[   18.858972][   T30] audit: type=1400 audit(1716410720.734:70): avc:  denied  { mounton } for  pid=289 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1925 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   18.881573][   T30] audit: type=1400 audit(1716410720.734:71): avc:  denied  { mount } for  pid=289 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   18.886613][  T295] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[   18.903736][   T30] audit: type=1400 audit(1716410720.744:72): avc:  denied  { unmount } for  pid=289 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   18.932218][   T30] audit: type=1400 audit(1716410720.764:73): avc:  denied  { mounton } for  pid=292 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[   18.956729][   T30] audit: type=1400 audit(1716410720.764:74): avc:  denied  { mount } for  pid=292 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[   18.979745][   T30] audit: type=1400 audit(1716410720.844:75): avc:  denied  { relabelto } for  pid=295 comm="mkswap" name="swap-file" dev="sda1" ino=1927 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   18.981532][  T294] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   19.066951][  T289] cgroup: Unknown subsys name 'hugetlb'
[   19.072375][  T289] cgroup: Unknown subsys name 'rlimit'
2024/05/22 20:45:21 starting 5 executor processes
[   19.800131][  T305] bridge0: port 1(bridge_slave_0) entered blocking state
[   19.807041][  T305] bridge0: port 1(bridge_slave_0) entered disabled state
[   19.814199][  T305] device bridge_slave_0 entered promiscuous mode
[   19.827408][  T304] bridge0: port 1(bridge_slave_0) entered blocking state
[   19.834240][  T304] bridge0: port 1(bridge_slave_0) entered disabled state
[   19.841454][  T304] device bridge_slave_0 entered promiscuous mode
[   19.848896][  T304] bridge0: port 2(bridge_slave_1) entered blocking state
[   19.855764][  T304] bridge0: port 2(bridge_slave_1) entered disabled state
[   19.862904][  T304] device bridge_slave_1 entered promiscuous mode
[   19.869186][  T305] bridge0: port 2(bridge_slave_1) entered blocking state
[   19.876039][  T305] bridge0: port 2(bridge_slave_1) entered disabled state
[   19.883071][  T305] device bridge_slave_1 entered promiscuous mode
[   19.946923][  T308] bridge0: port 1(bridge_slave_0) entered blocking state
[   19.953758][  T308] bridge0: port 1(bridge_slave_0) entered disabled state
[   19.960997][  T308] device bridge_slave_0 entered promiscuous mode
[   19.979712][  T308] bridge0: port 2(bridge_slave_1) entered blocking state
[   19.986570][  T308] bridge0: port 2(bridge_slave_1) entered disabled state
[   19.993628][  T308] device bridge_slave_1 entered promiscuous mode
[   20.003069][  T307] bridge0: port 1(bridge_slave_0) entered blocking state
[   20.009912][  T307] bridge0: port 1(bridge_slave_0) entered disabled state
[   20.017075][  T307] device bridge_slave_0 entered promiscuous mode
[   20.024563][  T307] bridge0: port 2(bridge_slave_1) entered blocking state
[   20.031461][  T307] bridge0: port 2(bridge_slave_1) entered disabled state
[   20.038463][  T307] device bridge_slave_1 entered promiscuous mode
[   20.090978][  T306] bridge0: port 1(bridge_slave_0) entered blocking state
[   20.097846][  T306] bridge0: port 1(bridge_slave_0) entered disabled state
[   20.104855][  T306] device bridge_slave_0 entered promiscuous mode
[   20.123217][  T306] bridge0: port 2(bridge_slave_1) entered blocking state
[   20.130086][  T306] bridge0: port 2(bridge_slave_1) entered disabled state
[   20.137241][  T306] device bridge_slave_1 entered promiscuous mode
[   20.212823][  T305] bridge0: port 2(bridge_slave_1) entered blocking state
[   20.219669][  T305] bridge0: port 2(bridge_slave_1) entered forwarding state
[   20.226762][  T305] bridge0: port 1(bridge_slave_0) entered blocking state
[   20.233540][  T305] bridge0: port 1(bridge_slave_0) entered forwarding state
[   20.248571][  T304] bridge0: port 2(bridge_slave_1) entered blocking state
[   20.255418][  T304] bridge0: port 2(bridge_slave_1) entered forwarding state
[   20.262484][  T304] bridge0: port 1(bridge_slave_0) entered blocking state
[   20.269318][  T304] bridge0: port 1(bridge_slave_0) entered forwarding state
[   20.317002][  T307] bridge0: port 2(bridge_slave_1) entered blocking state
[   20.323822][  T307] bridge0: port 2(bridge_slave_1) entered forwarding state
[   20.330939][  T307] bridge0: port 1(bridge_slave_0) entered blocking state
[   20.337724][  T307] bridge0: port 1(bridge_slave_0) entered forwarding state
[   20.350335][  T308] bridge0: port 2(bridge_slave_1) entered blocking state
[   20.357178][  T308] bridge0: port 2(bridge_slave_1) entered forwarding state
[   20.364248][  T308] bridge0: port 1(bridge_slave_0) entered blocking state
[   20.371071][  T308] bridge0: port 1(bridge_slave_0) entered forwarding state
[   20.396052][  T321] bridge0: port 1(bridge_slave_0) entered disabled state
[   20.403037][  T321] bridge0: port 2(bridge_slave_1) entered disabled state
[   20.410018][  T321] bridge0: port 1(bridge_slave_0) entered disabled state
[   20.416980][  T321] bridge0: port 2(bridge_slave_1) entered disabled state
[   20.423916][  T321] bridge0: port 1(bridge_slave_0) entered disabled state
[   20.430804][  T321] bridge0: port 2(bridge_slave_1) entered disabled state
[   20.438177][  T321] bridge0: port 1(bridge_slave_0) entered disabled state
[   20.445076][  T321] bridge0: port 2(bridge_slave_1) entered disabled state
[   20.452795][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   20.459973][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   20.487785][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   20.495493][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   20.503380][   T39] bridge0: port 1(bridge_slave_0) entered blocking state
[   20.510148][   T39] bridge0: port 1(bridge_slave_0) entered forwarding state
[   20.517317][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   20.525159][   T39] bridge0: port 2(bridge_slave_1) entered blocking state
[   20.531970][   T39] bridge0: port 2(bridge_slave_1) entered forwarding state
[   20.539277][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   20.546974][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   20.554591][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   20.562438][   T39] bridge0: port 1(bridge_slave_0) entered blocking state
[   20.569269][   T39] bridge0: port 1(bridge_slave_0) entered forwarding state
[   20.576451][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   20.584397][   T39] bridge0: port 2(bridge_slave_1) entered blocking state
[   20.591218][   T39] bridge0: port 2(bridge_slave_1) entered forwarding state
[   20.616448][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   20.624977][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   20.633215][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   20.640345][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   20.648305][   T39] bridge0: port 1(bridge_slave_0) entered blocking state
[   20.655123][   T39] bridge0: port 1(bridge_slave_0) entered forwarding state
[   20.662532][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   20.670620][   T39] bridge0: port 2(bridge_slave_1) entered blocking state
[   20.677448][   T39] bridge0: port 2(bridge_slave_1) entered forwarding state
[   20.684588][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   20.691808][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   20.699749][   T39] bridge0: port 1(bridge_slave_0) entered blocking state
[   20.706570][   T39] bridge0: port 1(bridge_slave_0) entered forwarding state
[   20.713672][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   20.721612][   T39] bridge0: port 2(bridge_slave_1) entered blocking state
[   20.728442][   T39] bridge0: port 2(bridge_slave_1) entered forwarding state
[   20.735612][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   20.743252][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   20.759674][  T304] device veth0_vlan entered promiscuous mode
[   20.767527][  T305] device veth0_vlan entered promiscuous mode
[   20.781555][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   20.789794][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   20.797494][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   20.804589][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   20.811793][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   20.819740][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   20.827486][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   20.835208][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   20.843652][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   20.851347][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   20.863348][  T304] device veth1_macvtap entered promiscuous mode
[   20.870093][  T326] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   20.877231][  T326] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   20.889490][  T305] device veth1_macvtap entered promiscuous mode
[   20.900988][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   20.909221][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   20.917123][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   20.924413][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   20.931583][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   20.938817][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   20.946885][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   20.954872][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   20.962873][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   20.970892][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   20.978889][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   21.002892][  T306] device veth0_vlan entered promiscuous mode
[   21.008858][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   21.017218][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   21.025067][   T60] bridge0: port 1(bridge_slave_0) entered blocking state
[   21.031861][   T60] bridge0: port 1(bridge_slave_0) entered forwarding state
[   21.038989][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   21.046992][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   21.054830][   T60] bridge0: port 2(bridge_slave_1) entered blocking state
[   21.061634][   T60] bridge0: port 2(bridge_slave_1) entered forwarding state
[   21.068749][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   21.076760][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   21.084720][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   21.092472][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   21.100244][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   21.108000][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   21.115748][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   21.123668][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   21.131782][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   21.139781][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   21.147783][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   21.155344][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   21.163187][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   21.170390][   T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   21.179268][  T308] device veth0_vlan entered promiscuous mode
[   21.190907][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
executing program 2:
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000004440)={0x0, 0x0, &(0x7f0000004340)=[{&(0x7f0000000f00)="34cbf9c55466da0eadc249236ab3cbf316717306be4c08c8c7da1f1ee04ab4b4eac14995ebdf620ff778a4e3452587e42a3c6aa1bd35dfd99f23b525893bc3b5f9f3bed1986bf8d0dddd7c5cdada611f9bf641e421ed71a842d84fa289a542f941d6e06b2b14e2a706ce30acf7d82f224f3e30cadd9d15f3dddbb29dbeb9f68fb68bedb91e0b1ef48832778fe36699c7ebf101659a8f476c4a065eac71d6d1e7fafc6f25ec2c9a8f431fe347a2d30e912c5b2397613ce784637ec71e37566eb0548b461f71028459c6f137c18737d58b56949d022bf1eaf486692bb76836a233c7879d740ad0beaf5159d3380442824f536a41bb22d08fe53952b9c6fed2605d53", 0x101}], 0x1}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000001100208500"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000400)='sched_switch\x00', r0}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r3}, &(0x7f00000006c0), &(0x7f0000000700)=r2}, 0x20)
recvmsg$unix(r2, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000280)=""/160, 0xa0}], 0x1, 0x0, 0x18}, 0x0)
sendmsg$inet(r1, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000640)='U', 0x1}], 0x1}, 0x0)

executing program 1:
syz_usb_connect(0x0, 0x24, &(0x7f00000007c0)=ANY=[@ANYBLOB="1201000064172f2057155081ed29010203010902120001"], 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0xfffffffb)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000400)='global_dirty_state\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000640), &(0x7f0000000900), 0x71, r1}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000002000000008000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='global_dirty_state\x00', r2}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r3, &(0x7f0000000180), 0x40001)

[   21.198655][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   21.206642][  T326] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   21.213833][  T326] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   21.240340][  T306] device veth1_macvtap entered promiscuous mode
[   21.254448][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   21.262772][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   21.271037][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   21.286181][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   21.294114][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
executing program 2:
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000001180)=ANY=[@ANYBLOB="12010000090003206d0414c34000ffff000109022400010400a000090400000103010100093700086ce82201000905815f"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, &(0x7f0000000dc0)=ANY=[@ANYBLOB="00020c0000000c0002"], 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000080)={0x7b, &(0x7f00000000c0)=ANY=[], 0x0, 0x0, 0x0, 0x0})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x1, 0x8, 0x8}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000003c0)='kmem_cache_free\x00', r2}, 0x10)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000280)={{r1}, &(0x7f0000000080), &(0x7f0000000200)='%-010d \x00'}, 0x20)
syz_mount_image$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f00000011c0), 0x18)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r3, 0x800c6613, &(0x7f0000000880)=@v1={0x0, @adiantum, 0x0, @desc1})
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x8, &(0x7f0000000340)=ANY=[@ANYBLOB="620af8ff25200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fa093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415bd1966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b7845e6b607130c89f18c0c1089d8b853289d01aa27ae82e61b0f9223684198e1148f49faf2ad0000000000000026fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364145835108333719acd97cfa107d40224edc5465a932b77e74e80140d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf560fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e68242aff9fa740b5b763296b652d40229b24a96759823481cf32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc8734ff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000009731e6e8861c46495ba585a4b2d02edc3e28dd271c896249edc9981b5f240a2e57244b9fc9df0ff285b980680b000020435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da2a6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce5dfd3467decb05d1dbe5d2bc159ce262d9d10a64c1083d5e71b5565b1748ee58969c41595229df17bcad70fb4021428ce909000000b78100788f11f761036cd3f7ec4e7fb8bc6ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec57c92f7285acd324d2c91be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c55609a6e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a061887a20639b41c8c12ee86c50984042b3eac1f879b13634c31da2c25cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f233e22de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ece0ac0694dc55bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9af04bffb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2b90d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4d58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6006e56237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b7030c1743d70e3aac9ef6c45c4c49b3bc19faa5449609b0a3dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d122a7cca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710db8f3e5c7ebfd6d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aed7a1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba891cea500000000b4ba686fcdf240430a537a395dc73bda367bf12cb7d81643a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de553101cae9e48b0ed1254a83100e45b2569dc0d90b075225f728d44d0973171ad47d6b70ebc660309e1e245b00001743af932cd6db49a47613808bad959719c0000000000378a921c7f7f6933bee24c7e8000f2c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b606000000000000001a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e000000000000037010632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5d6d4523497e4d64f95f08493564a1df87111c9bf3194fef96ccecc467acc45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127cf72748a028daf5fc4d4e6d5265bec44219ee8fbfe84f441c724fa7b3d1ff0555e63ad00a1c7f9f72f10154f1e109dc3f7dd87ea308a1fb5a983490c6c93610864623613dabec4c0b64461d21f807515d8fadec636c99aa95ff895c25aad5ac0993a65c7668ca2b6d46edbad410df7390d27e4ddc8f47d5a918b14da4ec07c8199259b8e3dd36de9b35ce25d39686f2470afb1b1db18221841cee6e5531280d65f1d28886e0f06856a5ca37a91ea6e19977c517b10fb66858a05b03084d1f3bd5542d2796a33cfe545be3dc03d302e48301b9f97f694142e48f23271787d3a2360996ca3c9b18000000000700000000000000000000004882ce2e7a68512b23b0ab1f7a6c960bd002984955dc620614f97a234c8e1df96d5e7a67c8d26cd7a4bbacc4a08600000000f5fab1f01e2b7cf653f9d25f942b1cff6d738e17df64464fbc9d89911829458645ef2d2d23f55eb1b09855cc74d29cbca2aeff07a9bf56c3fa68a7d71aad094d5d968ad88fdda027c65e434e9a6bc68ec751d6d21fa471c38646d714ce68f1f46f6ec4c1e87d720385be6f3a70fe730ccad42a9051cd07f356023e855e5acd5ec7d990cebcac66cbd3229d18511bfa1e3d2c82af72932cfd875584d0fc2daff4dfebe41c37494b8136a37f12caecba3e09a31a00410ff161089935db303df012b165663cc1f915d65f69f9d2c1d853b0150445d088da47c170155cd0cc863f4efc2bd7e2246916e0322494eb7bbc0f6c4efeac3d49b5318c410ddd8892aae7e22a558acfc4c2c08d54bd8f64469c43feaf6c9d49e701af9471f9d0cc02ed80f05f0a196bf4695cec437bea2d62515882d856c8a70f8f158da96ec472655529a4e87fc743080d59d747d4377e7e9d1d62b1d08eb1f051412b309208c8be79f66271b4ebd6800688955132ecc654d0e3bcb258b1da03b77cb17d2f4c1e557462f0a710b68056f3e272000d3bf4f49631f8d3677e5803ea1e52727c69afe25f0905a1dfaa0ffc168601e0fddaeff35269e24ba5675504f0c4f735cfa668aab6fca35eef66f9dcbabb5710f20a75e99c5bdc0f95deca2efa57ffb35dc5f555419b712cb63f8ae93fa5ccf0268617f9bb26c767cc1215d29e426aaab79f500d53e0be9cd41ad42da2d54a31e0eeab9faac817d99ec2d862074088fb8dffe3cd11d1b56d3712c2cf486f0017e013d3f80fe602501c4e4f87001eaa4e4d7f653dabfa7273598211be7f42401d0bd68f47076894dcc004bbce94423bf925a39e6a58ab08b26aca704ff47dbca3e05f6715cd9c5c40e4d02d98b0b32b9c528e235605a4baac3b"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0xffe9}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r4}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r5 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0)
faccessat(r5, &(0x7f0000000000)='./file0\x00', 0x5)

[   21.302453][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   21.310590][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   21.325442][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   21.333499][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   21.342105][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
executing program 4:
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
fallocate(r0, 0x0, 0x0, 0x0)
r1 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000072000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r3}, 0x10)
pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x7a00, 0x0, 0x3)

[   21.350030][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   21.370567][  T307] device veth0_vlan entered promiscuous mode
[   21.377036][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   21.384679][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   21.397451][  T307] device veth1_macvtap entered promiscuous mode
[   21.405965][  T308] device veth1_macvtap entered promiscuous mode
[   21.417280][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   21.424877][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   21.432374][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   21.439572][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   21.447714][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
executing program 3:
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000000040)={'sit0\x00', @local})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000070018110000", @ANYRES32=r1], 0x0}, 0x90)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000e00)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
bpf$BPF_PROG_DETACH(0x9, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000040)={'sit0\x00', @random="4f33e363a4b1"})

[   21.455692][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   21.463112][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   21.471306][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   21.479475][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   21.487552][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
executing program 0:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000004fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0xfff, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f00000002c0)='mm_page_alloc\x00', r2}, 0x10)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10)
r4 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r3}, 0x8)
write$cgroup_int(r4, &(0x7f00000001c0), 0xfffffdef)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x4, 0x1, 0x3ff, 0x23, 0x1, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x2, 0x1, 0xd}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r5, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000cc0), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xd, &(0x7f0000000440)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x23}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r8}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000380)='ext4_ext_handle_unwritten_extents\x00', r10}, 0x9)
ioctl$SIOCSIFHWADDR(r9, 0x40305839, &(0x7f0000000540)={'\x00', @link_local={0x1, 0x80, 0xc2, 0x5}})

[   21.515449][  T327] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   21.526694][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   21.534690][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   21.545066][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   21.553220][  T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
executing program 3:
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001100)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000001080), &(0x7f00000010c0)='%pI4   \x00'}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000080007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r1, <r2=>0xffffffffffffffff}, &(0x7f00000002c0), &(0x7f0000000300)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000d0039000000000000b4a518110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000140)=@base={0xa, 0xc000, 0x37b0, 0x5c, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4}, 0x48)

executing program 4:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000200000000000000000818110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x8, 0x4, 0x4, 0x10000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3}, 0x48)

executing program 4:
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x2, 0x4, 0x1, 0xbf22}, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000180)={0xffffffffffffffff, &(0x7f0000000080), 0x0}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0x3, 0x1}, 0x48)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r2, &(0x7f0000000240)={0x0, 0x810100, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1, 0x0, 0x0, 0x3}, 0x40000000)
sendmsg(r1, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x0)

[   21.585554][  T339] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   21.613691][  T350] device sit0 entered promiscuous mode
executing program 0:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008f50850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000640)='fib6_table_lookup\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100000100000000000000002020207b1af8ff000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000480)='syzkaller\x00', 0x0, 0xffffffffffffff2c, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
close(r2)
recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r3=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r3, &(0x7f0000000640)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd"], 0xfdef)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
sendmsg$sock(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000280)=@generic={0x0, "6f170d12df70358adb888ff5ef17b29276e644e8aa561499e7dacbd39856fab17c10110bb0776a3e3126e8ad9d5ffccc9cd0086ded8af08d86bb3026ac6dc0936fac7777d275e599ecc6c99fa213fc656430d89f4758161cb93ac47fce56e4689240cc24072b41415cc0cce9453a472ce996fda4b7f16db0515e20924fc6"}, 0x80, 0x0}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x5, 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000020004000000bb7f1a00c600feff0000000a9500000000000001"], &(0x7f0000000000)='syzkaller\x00', 0x5, 0xf4240, &(0x7f0000000100)=""/147}, 0x80)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
close(0xffffffffffffffff)
ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0x40086607, 0x20001419)

executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000a40)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0xb)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
rt_tgsigqueueinfo(0x0, 0x0, 0x0, 0x0)

executing program 0:
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r0}, 0x10)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)

executing program 0:
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001100)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000001080), &(0x7f00000010c0)='%pI4   \x00'}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000080007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r1, <r2=>0xffffffffffffffff}, &(0x7f00000002c0), &(0x7f0000000300)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000d0039000000000000b4a518110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000140)=@base={0xa, 0xc000, 0x37b0, 0x5c, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4}, 0x48)

executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x0, 0x9}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0xe)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r3, <r4=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x10, &(0x7f0000000740)=@framed={{}, [@snprintf={{0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x8, 0xfe00}, {0x7, 0x0, 0x8}, {}, {0x5}, {0x7, 0x0, 0x0, 0x0}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4, 0x0, 0x0, 0x0, 0x5}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0xa3}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r5 = getpid()
sched_setscheduler(r5, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000240)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f00000bd000), 0x318, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x52, '\x00', 0x0, 0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='ext4_da_write_pages\x00', r8}, 0x10)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r9, &(0x7f0000000180), 0x2000)

[   21.806502][  T327] usb 2-1: Using ep0 maxpacket: 32
executing program 0:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x20081e, &(0x7f00000020c0), 0x1, 0x4ef, &(0x7f0000000a00)="$eJzs3U1vW1kZAODXzpeTyUwywywAAVOGgYKqOonbRlUXUFYIoUqILkFqQ+JGUew4ip3ShC7S/4BEJVaw5Aew7oo9GwQ7NmWBxEcEaiqxMLrXN6mb2k1oEjuKn0e6uvfcY/s9J849x36d+AQwsC5FxE5EjEbE/YiYys7nsi1ut7bkdi92Hy/u7T5ezEWzefefubQ+ORdt90m8lz1mISJ+9L2In+bejFvf2l5dqFTKG63i+Eyjuj5T39q+ulJdWC4vl9dKpfm5+dmb126UTq2vn1RHs6MvP//Dzrd+njRrMjvT3o/T1Or6yEGcxHBE/OAsgvXBUNaf0X43hHeSj4iPIuLT9PqfiqH02QQALrJmcyqaU+1lAOCiy6c5sFy+mOUCJiOfLxZbObyPYyJfqdUbVx7UNteWWrmy6RjJP1iplGezXOF0jOSS8lx6/KpcOlS+FhEfRsQvxsbTcnGxVlnq5wsfABhg7x2a//8z1pr/AYALrtDvBgAAPWf+B4DBY/4HgMFj/geAwWP+B4DBY/4HgMFj/geAgfLDO3eSrbmXff/10sOtzdXaw6tL5fpqsbq5WFysbawXl2u15fQ7e6pHPV6lVlufux6bj6a/vV5vzNS3tu9Va5trjXvp93rfK4/0pFcAwNt8+MmzP+ciYufWeLpF21oO5mq42PL9bgDQN0P9bgDQN1b7gsF1gvf40gNwQXRYovc1hYgYP3yy2Ww2z65JwBm7/AX5fxhUbfl/fwUMA0b+HwaX/D8MrmYzd9w1/+O4NwQAzjc5fqDL5/8fZfvfZh8O/GTp8C2enmWrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4HzbX/+3mK0FPhn5fLEY8X5ETMdI7sFKpTwbER9ExJ/GRsaS8lyf2wwAnFT+b7ls/a/LU59NHq4dzb0cS/cR8bNf3f3lo4VGY+OPyfl/HZxvPM3Ol/rRfgDgKPvzdLpveyP/Yvfx4v7Wy/b8/bsRUWjF39sdjb2D+MMxnO4LMRIRE//OZeWWXFvu4iR2nkTE5zv1PxeTaQ6ktfLp4fhJ7Pd7Gj//Wvx8WtfaJz+Lz51CW2DQPEvGn9udrr98XEr3na//QjpCnVw2/iUPtbiXjoGv4u+Pf0Ndxr9Lx41x/fffbx2Nv1n3JOKLwxH7sffaxp/9+Lku8T87Zvy/fOkrn3ara/464nJ0jt8ea6ZRXZ+pb21fXakuLJeXy2ul0vzc/OzNazdKM2mOeqb7bPCPW1c+6FaX9H+iS/zCEf3/+jH7/5v/3v/xV98S/5tf6xQ/Hx+/JX4yJ37jmPEXJn5X6FaXxF/q0v+jnv8rx4z//K/bbywbDgD0T31re3WhUilv9PJg/4VET4M6uAAHyW/NOWhGx4Pv9CrWaPxf92o23ylWtxHjNLJuwHlwcNFHxMt+NwYAAAAAAAAAAAAAAOioF/+x1O8+AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHH9LwAA//89fM7W")
r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
mkdirat(r0, &(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
r1 = open(0x0, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
r4 = open(&(0x7f0000000100)='.\x00', 0x0, 0x0)
renameat2(r1, &(0x7f0000000000)='./file0\x00', r4, &(0x7f00000004c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//file0\x00', 0x5)

[   21.855438][  T339] usb 3-1: Using ep0 maxpacket: 32
[   21.863940][  T371] loop0: detected capacity change from 0 to 512
[   21.926601][  T327] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   21.936775][  T327] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000500)='./bus\x00', 0x1000000, &(0x7f00000000c0)={[{@errors_remount}]}, 0xfe, 0x53d, &(0x7f0000000540)="$eJzs3d9rZFcdAPDvncxks7vRRO1DFVoXW9gtujO7rbXBh+4WxLeCUn1eQ3YSQiaZkJm0m1Aki3+AIKIFX/TJF8E/QJD9E0Qo2HdRURbdKtgH7ZX7Y0w2O9NMdjOZZfL5wJl77r3nzvecJHN/nTO5AZxZlyLiZkRMRcRLETFXLq+UKfaKlJX78MG7S1lKIk3f+nsSSbksK5aUKXOx3GymmPTV2dldW2y1mlvlfKO7vtno7OxeXV1fXGnOlEtfW3h14dpxmjMzaEXWrte/8Zef/PCX33z9t19554+3/nbl+1l9Z8v1vXactOJnUnuoYtWI2BpFsDGYKttTi94LAABPs+wc/7MR8aX8/H8upvKzucGmD+STkdcOAAAAOAnpjdn4TxKRAgAAABOrko+BTSr1cizAbFQq9XoxhveZuFBptTvdLy+3tzduF2Nl56NWWV5tNa+VY2rno5Zk89f/f0ehmH85X5el5KExwD+eO5+vry+1W7fHccMDAAAAzqCLh67//zVXXP8DAAAAE2Z+3BUAAAAARs71PwAAAEy+x7j+nx5FPQAAAICR+Nabb2Yp7T3/+vbbO9tr7bev3m521urr20v1pfbWZn2l3R7yYX+tdnvzq7GxfafRbXa6jc7O7q319vZG99bq4GdzAwAAAKP1mS/e+yC7tN/7+vk8Ra9vf2rABr4rABOjMmS5NHv582jrApyuQYd5YPJVP3m1Yb4wwWrFZMjefWASHbUDmBlU4nejqA0AADAKlz9/74M0ebT/v7p/bwCYUMP2/wOTZ0D/fzp32hUBTt0R/f/ABKsZAQhn3tH9/wMM3f+fpke+FwAAMFKzeUoq9bIvcDYqH6WFmI9asrzaal6LiE9HxB/mauey+ev5lokvDQAAAAAAAAAAAAAAAAAAAAAAAADAkNI0ifQxVB9rKwAAAGAcIip/Tcrnf12ee3H28P2B6eSj/FHAH6dp+s7P3vrpncVud+t6tvwf+fLpiOi+Vy5/eRx3MAAAAICe3lP+i+v02phrAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCk+vDBu0u9dJpx778REfOPxr8Z1ZjJS8xELSIu/DOJ6oHtkoiYOoH4e3cj4tl+7U+yasV8WYvD8SsRcT6vxcjjP5emad/4F584Opxt997IdzZ9Pn+VuJRP+3/+q0W68aTxB+3/svi9/d/U4fjVYv/3qSFjfOH9XzcOzH53P3uuWF/tv//pxU8G7H9f6Bes+uii731nd3dQ3dJfRFzue/xJHorV6K5vNjo7u1dX1xdXmivNjVdeuf61hdcWXl241lhebTXL174xfvTcbz4eFP/+pYgLZfzpXp3KA8t8MblZtn/xcPtfzDK1Qe+877/v33nwuSJbO/QWcf9uxJUX+v/+n82nfX/+P/93msuPA9n6y+UxIdkr8gc9/6vfPz+w/Xdnytzxf/9Xjm567qVv/+BPQxYFAE5BZ2d3bbHVam6NPPNemqbDFc7OSp8sVnYCd8KtOB8Rx9oqhi38zElX9TQyN45TOD13rD+2ZO8paOAZzkznf5Dj3jMBAAAnbf/sf9w1AQAAAAAAAAAAAAAAAAAAgLPrNP6v2OGYe+NpKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAJ/pfAAAA//+alNPW")
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000300)='./bus/file0\x00', 0x1c917, &(0x7f0000000380)={[{}, {@noblock_validity}, {@usrquota}, {@barrier_val}, {@nogrpid}, {@resgid={'resgid', 0x3d, 0xee01}}, {@noinit_itable}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x80}}, {@resgid={'resgid', 0x3d, 0xee00}, 0x32}]}, 0x1b, 0x4f2, &(0x7f0000000a40)="$eJzs3V1rHNcZAOB3Rlp/ypVMe+Ea6praRXJb70pWbYteuB+U9srQ1r2urUorIbTSCu3KtoRpZfoDCqW0hUKhV7kJ5AcEgn9CCBiS+5CEhJDYyYUvEm/YL3/Iu5KMV1qhfR4YzTlnZvSed5ed3TMzzATQs05HxJmIeFypVM5FxGCjPW1MP6pW1uvrPXxwZ6o6JVGpXPssiUjqbdVVRp75n0frm8ShiPjDbyP+nLwYt7S6Nj9ZKOSXG/VceWEpV1pdOz+3MDmbn80vjo+PXZq4PHFxYrQjeQ5ExJVff/Svv7/2mytv/eTW+9c/GflL0miPeJpHp9VTz9Rei6b+iFjeiWBd0NfIJ9NsaPFeAwCwdzR/5/8gIs7FYPTVfs0BAAAA+0nl5wPxVRJRAQAAAPattHYNbJJmG9cBDESaZrP1a3i/E0fSQrFU/vFMcWVxun6t7FBk0pm5Qn60ca3wUGSSan2sVn5av7ChPh4RxyPin4OHa/XsVLEw3e2DHwAAANAjjm4Y/385WB//AwAAAPvMULc7AAAAAOw4438AAADY/4z/AQAAYF/73dWr1anSfP719M3VlfnizfPT+dJ8dmFlKjtVXF7KzhaLs7V79i1s9f8KxeLST2Nx5XaunC+Vc6XVtesLxZXF8vW55x6BDQAAAOyi49+/914SEes/O1ybqg50u1PAruh/mZU/3Ll+ALuvr9sdALrmpb7/gX0l0+0OAF2XRMT/Nlne9uKdt3emPwAAQOcNf7f1+f9ky2MD6+kudRHYIY7/Qe9y/h96l/P/0Lsy0RcG8tDbki2Wv/r5/0rlpToEAAB03EBtStJsRO04wECkaTYbcaz2WIBMMjNXyI9GxLci4t3BzMFqfay2ZbLlmAEAAAAAAAAAAAAAAAAAAAAAAAAAqKtUkqgAAAAA+1pE+nHSeP7X8ODZgY3HBw4kjwZr84i49d9r/749WS4vj1XbP3/SXv5Po/1CN45gAAAAABs1x+nNcTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdNLDB3emmtNuxv30lxEx1Cp+fxyqzQ9FJiKOfJFE/zPbJRHR14H463cj4ld/ahE/qXYrhhq9aBX/cKfin2iV/+bx04g42oH40MvuVfc/v2j1+UvjdG2+8fN38Mm2/R2I337/lz7Z//W12f8c22aMk/ffyLWNfzfiZH/r/U8zftIm/pltxr/xx7W1dssq/48Ybvn9kzwXK1deWMqVVtfOzy1MzuZn84vj42OXJi5PXJwYzc3MFfKNvy1j/ON7bz7eLP8jbeIPbZH/2W3m//X92w++XS9mWsUfOdP6/T/RJn7a+O77YaNcXT7cLK/Xy8869fo7pzbLf7pN/lu9/yPbzP/c7//2wTZXBQB2QWl1bX6yUMgv93ThlV6N6s+iPZGFwlaFSmPw1mz5617p2B4sND8Tj7qzYwIAADruxTHwdtzYuQ4BAAAAAAAAAAAAAAAAAABAD+rMPcOa98Te/O56Tev12Qv3QgYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6KZvAgAA//9F0tDB")
r0 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0x4, &(0x7f0000000300)=@framed={{}, [@call]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0)

[   21.975505][  T339] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   21.982477][  T371] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   21.986342][  T339] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   21.997402][  T371] ext4 filesystem being mounted at /root/syzkaller-testdir3611103088/syzkaller.lrFAKb/5/file1 supports timestamps until 2038 (0x7fffffff)
[   22.094611][  T376] loop0: detected capacity change from 0 to 512
[   22.105589][  T327] usb 2-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed
[   22.114486][  T327] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   22.122585][  T327] usb 2-1: Product: syz
[   22.126254][  T376] EXT4-fs (loop0): Number of reserved GDT blocks insanely large: 2048
[   22.128533][  T339] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[   22.144199][  T327] usb 2-1: Manufacturer: syz
[   22.148738][  T327] usb 2-1: SerialNumber: syz
[   22.153517][  T339] usb 3-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[   22.162184][  T327] usb 2-1: config 0 descriptor??
[   22.167942][  T339] usb 3-1: Product: syz
[   22.171882][  T339] usb 3-1: Manufacturer: syz
[   22.216007][  T339] hub 3-1:4.0: USB hub found
[   22.239764][  T376] loop0: detected capacity change from 0 to 512
[   22.327321][  T376] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[   22.337299][  T376] EXT4-fs (loop0): orphan cleanup on readonly fs
[   22.344000][  T376] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 19 vs 41 free clusters
[   22.358235][  T376] EXT4-fs (loop0): 1 truncate cleaned up
[   22.375699][  T376] EXT4-fs (loop0): mounted filesystem without journal. Opts: bsddf,noblock_validity,usrquota,barrier=0x0000000000000000,nogrpid,resgid=0x000000000000ee01,noinit_itable,inode_readahead_blks=0x0000000000000080,resgid=0x000000000000ee002,errors=continue. Quota mode: writeback.
[   22.402637][  T376] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[   22.418690][  T376] EXT4-fs (loop0): re-mounted. Opts: (null). Quota mode: writeback.
executing program 0:
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
syz_usb_control_io$hid(r0, &(0x7f0000001540)={0x24, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00220f"], 0x0}, 0x0)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)

[   22.426760][  T376] syz-executor.0 (376) used greatest stack depth: 21536 bytes left
[   22.435506][  T339] hub 3-1:4.0: 2 ports detected
[   22.440940][   T26] usb 2-1: USB disconnect, device number 2
executing program 4:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x6, 0x4, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000009c0)='kfree\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x2000480, &(0x7f0000000080)={[{@nogrpid}, {@noauto_da_alloc}, {@sysvgroups}]}, 0x5, 0x762, &(0x7f0000001180)="$eJzs3c9rHFUcAPDvbJKmTauJIGg9BQQNlG5Mja2Ch4oHESwU9GxdNttQs8mW7KY0IaAighdBxYOgl579UW/exB9X/S88SEvVtFjxIJHZzKbbZrfJpkmWup8PTPt9M7N5892Zee/tzrATQM8aTf/JRRyOiA+TiOFsfhIRA/WoP+Lk2no3V5aL6ZTE6uqrfyT1dW6sLBej6TWpg1nh0Yj48b2II7mN9VYXl2YK5XJpPiuP12bPj1cXl46emy1Ml6ZLc8cnJiePnXjmxPGdy/WvX5YOXf3opSe/PvnPu49c/uCnJE7GoWxZcx47ZTRGs/dkIH0Lb/PiTlfWZUm3N4BtSU/NvrWzPA7HcPTVIwDg/+ytiFgFAHpMov8HgB7T+B7gxspysTF19xuJvXXthYjYv5Z/4/rm2pL+7Jrd/vp10KEbyW1XRpKIGNmB+kcj4vNvX/8ynWKXrkMCtPL2d1mwof1PNtyz0KmntrDO6B1l7R/sne/T8c+zrcZ/ufXxT7QY/wy2OHe3Y/PzP3dlB6ppKx3/Pd90b9vNpvwzI31Z6YH6mG8gOXuuXErbtgcjYiwGBtPyxF3qGLv+7/V2y5rHf39+/OYXaf3p/7fWyF3pH7z9NVOFWuFecm527Z2Ix/pb5Z+s7/+kzfj39BbrePm59z9rtyzNP823MW3Mf3etXop4ouX+v3VHW3LX+xPH64fDeOOgaOGbXz8dald/8/5Pp7T+xmeBvZDu/6G75z+SNN+vWe28jp8vDf/Qbtnm+bc+/vclr9Xjfdm8i4VabX4iYl/yysb5x269tlFurJ/mP/Z4Pf8D2Sob2r9Wx3/6mfCNzRLPNqL/6u9fbT//3ZXmP9XR/u88uHxzpq9d/Vvb/5P1aCybs5X2b6sbeC/vHQAAAAAAAAAAAAAAAAAAAAAAAABsVS4iDkWSy6/HuVw+v/YM74djKFeuVGtHzlYW5qai/qzskRjINX7qcrjp91Anst/Db5SP3VF+OiIeiohPBg/Uy/lipTzV7eQBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIHOwzfP/U78NdnvrAIBds7/bGwAA7Dn9PwD0nk77f+MFALj/6c8BoPfo/wGg9+j/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2GWnT51Kp9W/V5aLaXnqwuLCTOXC0alSdSY/u1DMFyvz5/PTlcp0uZQvVmY3+3vlSuX8ZMwtXByvlaq18eri0pnZysJc7cy52cJ06UxpYE+yAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDOVBeXZgrlcmleIBAI1oNut0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA94f/AgAA///tuiN0")
r2 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
fallocate(r2, 0x0, 0x0, 0x1000f4)
r3 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r3, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x2000, 0x0, 0x3)

executing program 4:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x2})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r3}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @broadcast})

executing program 3:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000d00)=@base={0x1, 0x3, 0x20009, 0x8}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000100)={{r0, <r1=>0xffffffffffffffff}, 0x0, &(0x7f00000000c0)}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000080)={r1, &(0x7f0000000000), 0x0}, 0x20)

executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000", @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_enter\x00', r0}, 0x10)
epoll_create1(0x0)

[   22.530020][  T384] loop4: detected capacity change from 0 to 2048
[   22.546696][  T384] EXT4-fs (loop4): mounted filesystem without journal. Opts: nogrpid,noauto_da_alloc,sysvgroups,,errors=continue. Quota mode: none.
executing program 3:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x12, 0x5, 0x8, 0x1}, 0x48)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000940)={r0, &(0x7f0000000780), &(0x7f0000000900)=@udp=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000300)='kfree\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0x3, &(0x7f0000000000)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r3, 0x0, 0xe, 0x0, &(0x7f0000000380)="0000ffffffffa00076b8638b6b0a", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

[   22.622715][  T392] device pim6reg1 entered promiscuous mode
[  122.625431][    C1] rcu: INFO: rcu_preempt self-detected stall on CPU
[  122.631895][    C1] rcu: 	1-...!: (10000 ticks this GP) idle=80b/1/0x4000000000000000 softirq=2416/2416 fqs=0 last_accelerate: 935e/ba6e dyntick_enabled: 1
[  122.645769][    C1] 	(t=10000 jiffies g=1021 q=325)
[  122.650625][    C1] rcu: rcu_preempt kthread timer wakeup didn't happen for 9999 jiffies! g1021 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402
[  122.662603][    C1] rcu: 	Possible timer handling issue on cpu=1 timer-softirq=428
[  122.670153][    C1] rcu: rcu_preempt kthread starved for 10000 jiffies! g1021 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=1
[  122.681263][    C1] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  122.691073][    C1] rcu: RCU grace-period kthread stack dump:
[  122.696804][    C1] task:rcu_preempt     state:I stack:28328 pid:   14 ppid:     2 flags:0x00004000
[  122.705841][    C1] Call Trace:
[  122.708959][    C1]  <TASK>
[  122.711740][    C1]  __schedule+0xccc/0x1590
[  122.715982][    C1]  ? __sched_text_start+0x8/0x8
[  122.720667][    C1]  ? __kasan_check_write+0x14/0x20
[  122.725617][    C1]  schedule+0x11f/0x1e0
[  122.729606][    C1]  schedule_timeout+0x18c/0x370
[  122.734300][    C1]  ? _raw_spin_unlock_irq+0x4e/0x70
[  122.739329][    C1]  ? console_conditional_schedule+0x30/0x30
[  122.745057][    C1]  ? update_process_times+0x200/0x200
[  122.750266][    C1]  ? prepare_to_swait_event+0x308/0x320
[  122.755647][    C1]  rcu_gp_fqs_loop+0x2af/0xf80
[  122.760246][    C1]  ? debug_smp_processor_id+0x17/0x20
[  122.765455][    C1]  ? __note_gp_changes+0x4ab/0x920
[  122.770401][    C1]  ? rcu_gp_init+0xc30/0xc30
[  122.774827][    C1]  ? _raw_spin_unlock_irq+0x4e/0x70
[  122.779862][    C1]  ? rcu_gp_init+0x9cf/0xc30
[  122.784288][    C1]  rcu_gp_kthread+0xa4/0x350
[  122.788713][    C1]  ? _raw_spin_lock+0x1b0/0x1b0
[  122.793402][    C1]  ? rcu_barrier_callback+0x50/0x50
[  122.798435][    C1]  ? __kasan_check_read+0x11/0x20
[  122.803295][    C1]  ? __kthread_parkme+0xb2/0x200
[  122.808071][    C1]  kthread+0x421/0x510
[  122.811973][    C1]  ? rcu_barrier_callback+0x50/0x50
[  122.817009][    C1]  ? kthread_blkcg+0xd0/0xd0
[  122.821436][    C1]  ret_from_fork+0x1f/0x30
[  122.825690][    C1]  </TASK>
[  122.828557][    C1] rcu: Stack dump where RCU GP kthread last ran:
[  122.834719][    C1] NMI backtrace for cpu 1
[  122.838896][    C1] CPU: 1 PID: 395 Comm: syz-executor.3 Not tainted 5.15.149-syzkaller-00490-g5d96939590c0 #0
[  122.848861][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[  122.858757][    C1] Call Trace:
[  122.861882][    C1]  <IRQ>
[  122.864571][    C1]  dump_stack_lvl+0x151/0x1b7
[  122.869085][    C1]  ? io_uring_drop_tctx_refs+0x190/0x190
[  122.874553][    C1]  dump_stack+0x15/0x17
[  122.878546][    C1]  nmi_cpu_backtrace+0x2f7/0x300
[  122.883318][    C1]  ? nmi_trigger_cpumask_backtrace+0x270/0x270
[  122.889317][    C1]  ? panic+0x751/0x751
[  122.893212][    C1]  ? arch_trigger_cpumask_backtrace+0x20/0x20
[  122.899128][    C1]  nmi_trigger_cpumask_backtrace+0x15d/0x270
[  122.904934][    C1]  ? arch_trigger_cpumask_backtrace+0x20/0x20
[  122.910834][    C1]  arch_trigger_cpumask_backtrace+0x10/0x20
[  122.916561][    C1]  rcu_check_gp_kthread_starvation+0x1e3/0x250
[  122.922548][    C1]  ? rcu_check_gp_kthread_expired_fqs_timer+0x18e/0x230
[  122.929319][    C1]  print_cpu_stall+0x310/0x5f0
[  122.933920][    C1]  rcu_sched_clock_irq+0x989/0x12f0
[  122.938956][    C1]  ? rcu_boost_kthread_setaffinity+0x340/0x340
[  122.944942][    C1]  ? hrtimer_run_queues+0x15f/0x440
[  122.949978][    C1]  update_process_times+0x198/0x200
[  122.955010][    C1]  tick_sched_timer+0x188/0x240
[  122.959697][    C1]  ? tick_setup_sched_timer+0x480/0x480
[  122.965079][    C1]  __hrtimer_run_queues+0x41a/0xad0
[  122.970113][    C1]  ? hrtimer_interrupt+0xaa0/0xaa0
[  122.975059][    C1]  ? clockevents_program_event+0x22f/0x300
[  122.980700][    C1]  ? ktime_get_update_offsets_now+0x2ba/0x2d0
[  122.986605][    C1]  hrtimer_interrupt+0x40c/0xaa0
[  122.991378][    C1]  __sysvec_apic_timer_interrupt+0xfd/0x3c0
[  122.997106][    C1]  sysvec_apic_timer_interrupt+0x95/0xc0
[  123.002572][    C1]  </IRQ>
[  123.005351][    C1]  <TASK>
[  123.008127][    C1]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  123.013953][    C1] RIP: 0010:kvm_wait+0x147/0x180
[  123.018717][    C1] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 5b 03 f3 03 fb f4 <e9> 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c
[  123.038159][    C1] RSP: 0018:ffffc90005b86d20 EFLAGS: 00000246
[  123.044061][    C1] RAX: 0000000000000001 RBX: 1ffff92000b70da8 RCX: 1ffffffff0d1aa9c
[  123.051877][    C1] RDX: 0000000000000001 RSI: 0000000000000001 RDI: ffff8881f7137ed4
[  123.059684][    C1] RBP: ffffc90005b86dd0 R08: dffffc0000000000 R09: ffffed103ee26fdb
[  123.067493][    C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[  123.075305][    C1] R13: ffff8881f7137ed4 R14: 0000000000000001 R15: 1ffff92000b70dac
[  123.083121][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  123.089107][    C1]  ? kvm_arch_para_hints+0x30/0x30
[  123.094055][    C1]  __pv_queued_spin_lock_slowpath+0x41b/0xc40
[  123.099956][    C1]  ? __pv_queued_spin_unlock_slowpath+0x310/0x310
[  123.106204][    C1]  ? __reset_page_owner+0x190/0x190
[  123.111237][    C1]  ? free_unref_page+0xe8/0x750
[  123.115927][    C1]  ? __free_pages+0x61/0xf0
[  123.120265][    C1]  _raw_spin_lock_bh+0x139/0x1b0
[  123.125039][    C1]  ? _raw_spin_lock_irq+0x1b0/0x1b0
[  123.130073][    C1]  ? sock_hash_bucket_hash+0x36d/0x7e0
[  123.135366][    C1]  sock_hash_delete_elem+0xb1/0x2f0
[  123.140402][    C1]  ? kvfree+0x35/0x40
[  123.144220][    C1]  bpf_prog_2c29ac5cdc6b1842+0x3a/0xb78
[  123.149604][    C1]  bpf_trace_run2+0xec/0x210
[  123.154028][    C1]  ? bpf_trace_run1+0x1c0/0x1c0
[  123.158715][    C1]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[  123.164358][    C1]  ? kvfree+0x35/0x40
[  123.168173][    C1]  ? free_unref_page+0x2b3/0x750
[  123.172949][    C1]  ? kvfree+0x35/0x40
[  123.176767][    C1]  __bpf_trace_kfree+0x6f/0x90
[  123.181371][    C1]  ? kvfree+0x35/0x40
[  123.185187][    C1]  kfree+0x1f3/0x220
[  123.188921][    C1]  kvfree+0x35/0x40
[  123.192562][    C1]  __vunmap+0x850/0x8f0
[  123.196558][    C1]  vfree+0x7f/0xb0
[  123.200113][    C1]  bpf_prog_calc_tag+0x69a/0x8f0
[  123.204889][    C1]  ? __bpf_prog_free+0xe0/0xe0
[  123.209490][    C1]  resolve_pseudo_ldimm64+0xe2/0x1240
[  123.214696][    C1]  ? check_attach_btf_id+0x40f/0xef0
[  123.219818][    C1]  ? bpf_check+0x12bf0/0x12bf0
[  123.224419][    C1]  ? check_attach_btf_id+0xef0/0xef0
[  123.229537][    C1]  ? __mark_reg_known+0x1b0/0x1b0
[  123.234398][    C1]  ? security_capable+0x87/0xb0
[  123.239088][    C1]  bpf_check+0x3174/0x12bf0
[  123.243428][    C1]  ? 0xffffffffa0010488
[  123.247417][    C1]  ? is_bpf_text_address+0x172/0x190
[  123.252544][    C1]  ? stack_trace_save+0x1c0/0x1c0
[  123.257398][    C1]  ? __kernel_text_address+0x9b/0x110
[  123.262606][    C1]  ? unwind_get_return_address+0x4d/0x90
[  123.268074][    C1]  ? bpf_get_btf_vmlinux+0x60/0x60
[  123.273021][    C1]  ? arch_stack_walk+0xf3/0x140
[  123.277711][    C1]  ? stack_trace_save+0x113/0x1c0
[  123.282569][    C1]  ? stack_trace_snprint+0xf0/0xf0
[  123.287515][    C1]  ? stack_trace_snprint+0xf0/0xf0
[  123.292463][    C1]  ? __stack_depot_save+0x34/0x470
[  123.297411][    C1]  ? ____kasan_kmalloc+0xed/0x110
[  123.302270][    C1]  ? ____kasan_kmalloc+0xdb/0x110
[  123.307131][    C1]  ? __kasan_kmalloc+0x9/0x10
[  123.311644][    C1]  ? kmem_cache_alloc_trace+0x115/0x210
[  123.317025][    C1]  ? selinux_bpf_prog_alloc+0x51/0x140
[  123.322319][    C1]  ? security_bpf_prog_alloc+0x62/0x90
[  123.327615][    C1]  ? bpf_prog_load+0x9ee/0x1b50
[  123.332300][    C1]  ? __sys_bpf+0x4bc/0x760
[  123.336555][    C1]  ? __x64_sys_bpf+0x7c/0x90
[  123.340980][    C1]  ? do_syscall_64+0x3d/0xb0
[  123.345409][    C1]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  123.351312][    C1]  ? __kasan_kmalloc+0x9/0x10
[  123.355824][    C1]  ? memset+0x35/0x40
[  123.359640][    C1]  ? bpf_obj_name_cpy+0x196/0x1e0
[  123.364501][    C1]  bpf_prog_load+0x12ac/0x1b50
[  123.369107][    C1]  ? map_freeze+0x370/0x370
[  123.373442][    C1]  ? selinux_bpf+0xcb/0x100
[  123.377782][    C1]  ? security_bpf+0x82/0xb0
[  123.382123][    C1]  __sys_bpf+0x4bc/0x760
[  123.386201][    C1]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[  123.391408][    C1]  ? __kasan_check_read+0x11/0x20
[  123.396270][    C1]  __x64_sys_bpf+0x7c/0x90
[  123.400522][    C1]  do_syscall_64+0x3d/0xb0
[  123.404867][    C1]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  123.410597][    C1] RIP: 0033:0x7f9fef131ee9
[  123.414945][    C1] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  123.434376][    C1] RSP: 002b:00007f9fedea60c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  123.442621][    C1] RAX: ffffffffffffffda RBX: 00007f9fef260f80 RCX: 00007f9fef131ee9
[  123.450433][    C1] RDX: 0000000000000090 RSI: 00000000200000c0 RDI: 0000000000000005
[  123.458244][    C1] RBP: 00007f9fef17e49e R08: 0000000000000000 R09: 0000000000000000
[  123.466057][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  123.473868][    C1] R13: 000000000000000b R14: 00007f9fef260f80 R15: 00007ffc28226378
[  123.481681][    C1]  </TASK>
[  123.484607][    C1] NMI backtrace for cpu 1
[  123.488711][    C1] CPU: 1 PID: 395 Comm: syz-executor.3 Not tainted 5.15.149-syzkaller-00490-g5d96939590c0 #0
[  123.498690][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[  123.508585][    C1] Call Trace:
[  123.511711][    C1]  <IRQ>
[  123.514401][    C1]  dump_stack_lvl+0x151/0x1b7
[  123.518914][    C1]  ? io_uring_drop_tctx_refs+0x190/0x190
[  123.524383][    C1]  ? ttwu_do_wakeup+0x187/0x430
[  123.529070][    C1]  dump_stack+0x15/0x17
[  123.533060][    C1]  nmi_cpu_backtrace+0x2f7/0x300
[  123.537837][    C1]  ? nmi_trigger_cpumask_backtrace+0x270/0x270
[  123.543822][    C1]  ? _raw_spin_lock_irqsave+0xf9/0x210
[  123.549117][    C1]  ? _raw_spin_lock+0x1b0/0x1b0
[  123.553804][    C1]  ? arch_trigger_cpumask_backtrace+0x20/0x20
[  123.559705][    C1]  nmi_trigger_cpumask_backtrace+0x15d/0x270
[  123.565523][    C1]  ? arch_trigger_cpumask_backtrace+0x20/0x20
[  123.571425][    C1]  arch_trigger_cpumask_backtrace+0x10/0x20
[  123.577153][    C1]  rcu_dump_cpu_stacks+0x1d8/0x330
[  123.582099][    C1]  print_cpu_stall+0x315/0x5f0
[  123.586699][    C1]  rcu_sched_clock_irq+0x989/0x12f0
[  123.591732][    C1]  ? rcu_boost_kthread_setaffinity+0x340/0x340
[  123.597723][    C1]  ? hrtimer_run_queues+0x15f/0x440
[  123.602763][    C1]  update_process_times+0x198/0x200
[  123.607792][    C1]  tick_sched_timer+0x188/0x240
[  123.612481][    C1]  ? tick_setup_sched_timer+0x480/0x480
[  123.617861][    C1]  __hrtimer_run_queues+0x41a/0xad0
[  123.622894][    C1]  ? hrtimer_interrupt+0xaa0/0xaa0
[  123.627840][    C1]  ? clockevents_program_event+0x22f/0x300
[  123.633479][    C1]  ? ktime_get_update_offsets_now+0x2ba/0x2d0
[  123.639383][    C1]  hrtimer_interrupt+0x40c/0xaa0
[  123.644159][    C1]  __sysvec_apic_timer_interrupt+0xfd/0x3c0
[  123.649885][    C1]  sysvec_apic_timer_interrupt+0x95/0xc0
[  123.655354][    C1]  </IRQ>
[  123.658129][    C1]  <TASK>
[  123.660908][    C1]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  123.666722][    C1] RIP: 0010:kvm_wait+0x147/0x180
[  123.671496][    C1] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 5b 03 f3 03 fb f4 <e9> 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c
[  123.690938][    C1] RSP: 0018:ffffc90005b86d20 EFLAGS: 00000246
[  123.696839][    C1] RAX: 0000000000000001 RBX: 1ffff92000b70da8 RCX: 1ffffffff0d1aa9c
[  123.704652][    C1] RDX: 0000000000000001 RSI: 0000000000000001 RDI: ffff8881f7137ed4
[  123.712462][    C1] RBP: ffffc90005b86dd0 R08: dffffc0000000000 R09: ffffed103ee26fdb
[  123.720274][    C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[  123.728093][    C1] R13: ffff8881f7137ed4 R14: 0000000000000001 R15: 1ffff92000b70dac
[  123.735908][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  123.741887][    C1]  ? kvm_arch_para_hints+0x30/0x30
[  123.746834][    C1]  __pv_queued_spin_lock_slowpath+0x41b/0xc40
[  123.752735][    C1]  ? __pv_queued_spin_unlock_slowpath+0x310/0x310
[  123.758986][    C1]  ? __reset_page_owner+0x190/0x190
[  123.764018][    C1]  ? free_unref_page+0xe8/0x750
[  123.768706][    C1]  ? __free_pages+0x61/0xf0
[  123.773044][    C1]  _raw_spin_lock_bh+0x139/0x1b0
[  123.777823][    C1]  ? _raw_spin_lock_irq+0x1b0/0x1b0
[  123.782852][    C1]  ? sock_hash_bucket_hash+0x36d/0x7e0
[  123.788147][    C1]  sock_hash_delete_elem+0xb1/0x2f0
[  123.793180][    C1]  ? kvfree+0x35/0x40
[  123.797002][    C1]  bpf_prog_2c29ac5cdc6b1842+0x3a/0xb78
[  123.802381][    C1]  bpf_trace_run2+0xec/0x210
[  123.806812][    C1]  ? bpf_trace_run1+0x1c0/0x1c0
[  123.811493][    C1]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[  123.817136][    C1]  ? kvfree+0x35/0x40
[  123.820955][    C1]  ? free_unref_page+0x2b3/0x750
[  123.825730][    C1]  ? kvfree+0x35/0x40
[  123.829549][    C1]  __bpf_trace_kfree+0x6f/0x90
[  123.834149][    C1]  ? kvfree+0x35/0x40
[  123.837968][    C1]  kfree+0x1f3/0x220
[  123.841698][    C1]  kvfree+0x35/0x40
[  123.845342][    C1]  __vunmap+0x850/0x8f0
[  123.849341][    C1]  vfree+0x7f/0xb0
[  123.852895][    C1]  bpf_prog_calc_tag+0x69a/0x8f0
[  123.857670][    C1]  ? __bpf_prog_free+0xe0/0xe0
[  123.862269][    C1]  resolve_pseudo_ldimm64+0xe2/0x1240
[  123.867476][    C1]  ? check_attach_btf_id+0x40f/0xef0
[  123.872597][    C1]  ? bpf_check+0x12bf0/0x12bf0
[  123.877197][    C1]  ? check_attach_btf_id+0xef0/0xef0
[  123.882318][    C1]  ? __mark_reg_known+0x1b0/0x1b0
[  123.887179][    C1]  ? security_capable+0x87/0xb0
[  123.891866][    C1]  bpf_check+0x3174/0x12bf0
[  123.896209][    C1]  ? 0xffffffffa0010488
[  123.900198][    C1]  ? is_bpf_text_address+0x172/0x190
[  123.905318][    C1]  ? stack_trace_save+0x1c0/0x1c0
[  123.910179][    C1]  ? __kernel_text_address+0x9b/0x110
[  123.915387][    C1]  ? unwind_get_return_address+0x4d/0x90
[  123.920855][    C1]  ? bpf_get_btf_vmlinux+0x60/0x60
[  123.925806][    C1]  ? arch_stack_walk+0xf3/0x140
[  123.930488][    C1]  ? stack_trace_save+0x113/0x1c0
[  123.935347][    C1]  ? stack_trace_snprint+0xf0/0xf0
[  123.940299][    C1]  ? stack_trace_snprint+0xf0/0xf0
[  123.945243][    C1]  ? __stack_depot_save+0x34/0x470
[  123.950192][    C1]  ? ____kasan_kmalloc+0xed/0x110
[  123.955051][    C1]  ? ____kasan_kmalloc+0xdb/0x110
[  123.959910][    C1]  ? __kasan_kmalloc+0x9/0x10
[  123.964423][    C1]  ? kmem_cache_alloc_trace+0x115/0x210
[  123.969806][    C1]  ? selinux_bpf_prog_alloc+0x51/0x140
[  123.975100][    C1]  ? security_bpf_prog_alloc+0x62/0x90
[  123.980394][    C1]  ? bpf_prog_load+0x9ee/0x1b50
[  123.985081][    C1]  ? __sys_bpf+0x4bc/0x760
[  123.989334][    C1]  ? __x64_sys_bpf+0x7c/0x90
[  123.993760][    C1]  ? do_syscall_64+0x3d/0xb0
[  123.998187][    C1]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  124.004094][    C1]  ? __kasan_kmalloc+0x9/0x10
[  124.008603][    C1]  ? memset+0x35/0x40
[  124.012422][    C1]  ? bpf_obj_name_cpy+0x196/0x1e0
[  124.017284][    C1]  bpf_prog_load+0x12ac/0x1b50
[  124.021883][    C1]  ? map_freeze+0x370/0x370
[  124.026224][    C1]  ? selinux_bpf+0xcb/0x100
[  124.030561][    C1]  ? security_bpf+0x82/0xb0
[  124.034901][    C1]  __sys_bpf+0x4bc/0x760
[  124.038979][    C1]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[  124.044187][    C1]  ? __kasan_check_read+0x11/0x20
[  124.049048][    C1]  __x64_sys_bpf+0x7c/0x90
[  124.053300][    C1]  do_syscall_64+0x3d/0xb0
[  124.057554][    C1]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  124.063282][    C1] RIP: 0033:0x7f9fef131ee9
[  124.067536][    C1] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  124.086979][    C1] RSP: 002b:00007f9fedea60c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  124.095222][    C1] RAX: ffffffffffffffda RBX: 00007f9fef260f80 RCX: 00007f9fef131ee9
[  124.103034][    C1] RDX: 0000000000000090 RSI: 00000000200000c0 RDI: 0000000000000005
[  124.110845][    C1] RBP: 00007f9fef17e49e R08: 0000000000000000 R09: 0000000000000000
[  124.118656][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  124.126468][    C1] R13: 000000000000000b R14: 00007f9fef260f80 R15: 00007ffc28226378
[  124.134280][    C1]  </TASK>
[  155.005334][    C0] watchdog: BUG: soft lockup - CPU#0 stuck for 144s! [syz-executor.4:392]
[  155.013657][    C0] Modules linked in:
[  155.017382][    C0] CPU: 0 PID: 392 Comm: syz-executor.4 Not tainted 5.15.149-syzkaller-00490-g5d96939590c0 #0
[  155.027360][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[  155.037257][    C0] RIP: 0010:kvm_wait+0x147/0x180
[  155.042030][    C0] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 5b 03 f3 03 fb f4 <e9> 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c
[  155.061822][    C0] RSP: 0018:ffffc90005766880 EFLAGS: 00000246
[  155.067805][    C0] RAX: 0000000000000003 RBX: 1ffff92000aecd14 RCX: ffffffff8154fa7f
[  155.075617][    C0] RDX: dffffc0000000000 RSI: 0000000000000003 RDI: ffff88810bac8ee8
[  155.083431][    C0] RBP: ffffc90005766930 R08: dffffc0000000000 R09: ffffed10217591de
[  155.091241][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[  155.099052][    C0] R13: ffff88810bac8ee8 R14: 0000000000000003 R15: 1ffff92000aecd18
[  155.106863][    C0] FS:  00007f3d1efbe6c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  155.115629][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  155.122051][    C0] CR2: 0000001b2e722000 CR3: 000000012c91a000 CR4: 00000000003506b0
[  155.129868][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  155.137675][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  155.145489][    C0] Call Trace:
[  155.148611][    C0]  <IRQ>
[  155.151303][    C0]  ? show_regs+0x58/0x60
[  155.155380][    C0]  ? watchdog_timer_fn+0x4b1/0x5f0
[  155.160328][    C0]  ? proc_watchdog_cpumask+0xd0/0xd0
[  155.165451][    C0]  ? __hrtimer_run_queues+0x41a/0xad0
[  155.170656][    C0]  ? hrtimer_interrupt+0xaa0/0xaa0
[  155.175604][    C0]  ? clockevents_program_event+0x22f/0x300
[  155.181245][    C0]  ? ktime_get_update_offsets_now+0x2ba/0x2d0
[  155.187147][    C0]  ? hrtimer_interrupt+0x40c/0xaa0
[  155.192095][    C0]  ? __sysvec_apic_timer_interrupt+0xfd/0x3c0
[  155.197999][    C0]  ? sysvec_apic_timer_interrupt+0x95/0xc0
[  155.203637][    C0]  </IRQ>
[  155.206415][    C0]  <TASK>
[  155.209192][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  155.215181][    C0]  ? __pv_queued_spin_lock_slowpath+0x65f/0xc40
[  155.221257][    C0]  ? kvm_wait+0x147/0x180
[  155.225425][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  155.231422][    C0]  ? kvm_arch_para_hints+0x30/0x30
[  155.236359][    C0]  ? __pv_queued_spin_lock_slowpath+0x65f/0xc40
[  155.242438][    C0]  __pv_queued_spin_lock_slowpath+0x6bc/0xc40
[  155.248341][    C0]  ? __pv_queued_spin_unlock_slowpath+0x310/0x310
[  155.254588][    C0]  _raw_spin_lock_bh+0x139/0x1b0
[  155.259360][    C0]  ? _raw_spin_lock_irq+0x1b0/0x1b0
[  155.264393][    C0]  ? sock_hash_bucket_hash+0x36d/0x7e0
[  155.269688][    C0]  sock_hash_delete_elem+0xb1/0x2f0
[  155.274721][    C0]  ? sock_map_unref+0x352/0x4d0
[  155.279410][    C0]  bpf_prog_2c29ac5cdc6b1842+0x3a/0xb78
[  155.284789][    C0]  bpf_trace_run2+0xec/0x210
[  155.289218][    C0]  ? bpf_trace_run1+0x1c0/0x1c0
[  155.293902][    C0]  ? sock_map_unref+0x352/0x4d0
[  155.298589][    C0]  ? sock_map_unref+0x352/0x4d0
[  155.303276][    C0]  __bpf_trace_kfree+0x6f/0x90
[  155.307876][    C0]  ? sock_map_unref+0x352/0x4d0
[  155.312563][    C0]  kfree+0x1f3/0x220
[  155.316296][    C0]  sock_map_unref+0x352/0x4d0
[  155.320811][    C0]  sock_hash_delete_elem+0x274/0x2f0
[  155.325929][    C0]  ? skb_release_data+0x8a9/0xa80
[  155.330789][    C0]  bpf_prog_2c29ac5cdc6b1842+0x3a/0xb78
[  155.336172][    C0]  bpf_trace_run2+0xec/0x210
[  155.340597][    C0]  ? asm_sysvec_call_function_single+0x1b/0x20
[  155.346586][    C0]  ? bpf_trace_run1+0x1c0/0x1c0
[  155.351273][    C0]  ? skb_release_data+0x8a9/0xa80
[  155.356134][    C0]  ? irqentry_exit+0x30/0x40
[  155.360559][    C0]  ? skb_release_data+0x8a9/0xa80
[  155.365423][    C0]  __bpf_trace_kfree+0x6f/0x90
[  155.370021][    C0]  ? skb_release_data+0x8a9/0xa80
[  155.374880][    C0]  kfree+0x1f3/0x220
[  155.378615][    C0]  skb_release_data+0x8a9/0xa80
[  155.383300][    C0]  consume_skb+0xac/0x250
[  155.387467][    C0]  netlink_broadcast_filtered+0x10f4/0x1220
[  155.393194][    C0]  ? rt6_dump_route+0xa90/0xa90
[  155.397882][    C0]  nlmsg_notify+0x101/0x1c0
[  155.402222][    C0]  rtnl_notify+0x9c/0xd0
[  155.406301][    C0]  inet6_rt_notify+0x3c8/0x550
[  155.410901][    C0]  ? rt6_nh_dump_exceptions+0x650/0x650
[  155.416282][    C0]  fib6_add+0x23ac/0x3df0
[  155.420450][    C0]  ? skb_gro_incr_csum_unnecessary+0x260/0x260
[  155.426438][    C0]  ? ipv6_addr_prefix+0x42/0x180
[  155.431211][    C0]  ? fib6_update_sernum_stub+0x1a0/0x1a0
[  155.436679][    C0]  ? __kasan_check_write+0x14/0x20
[  155.441624][    C0]  ? _raw_spin_lock_bh+0xa4/0x1b0
[  155.446488][    C0]  ? _raw_spin_lock_irq+0x1b0/0x1b0
[  155.451520][    C0]  ip6_route_add+0x8a/0x130
[  155.455861][    C0]  addrconf_add_dev+0x415/0x610
[  155.460550][    C0]  ? local_bh_enable+0x30/0x30
[  155.465148][    C0]  ? __kasan_check_read+0x11/0x20
[  155.470007][    C0]  addrconf_init_auto_addrs+0xad0/0x1060
[  155.475476][    C0]  ? addrconf_dad_run+0x610/0x610
[  155.480334][    C0]  ? __local_bh_enable_ip+0x58/0x80
[  155.485370][    C0]  ? _raw_write_unlock_bh+0x32/0x48
[  155.490404][    C0]  ? addrconf_permanent_addr+0xb40/0xba0
[  155.495873][    C0]  ? __kasan_check_write+0x14/0x20
[  155.500818][    C0]  ? addrconf_notify+0xdd0/0xdd0
[  155.505594][    C0]  ? igmpv3_del_delrec+0x740/0x740
[  155.510540][    C0]  ? __local_bh_enable_ip+0x58/0x80
[  155.515574][    C0]  ? __kasan_check_write+0x14/0x20
[  155.520520][    C0]  ? mutex_unlock+0xb2/0x260
[  155.524948][    C0]  ? irqentry_exit+0x30/0x40
[  155.529374][    C0]  ? sysvec_call_function_single+0x52/0xb0
[  155.535014][    C0]  ? __mutex_lock_slowpath+0x10/0x10
[  155.540137][    C0]  ? addrconf_link_ready+0xfb/0x1e0
[  155.545169][    C0]  addrconf_notify+0x91d/0xdd0
[  155.549771][    C0]  raw_notifier_call_chain+0x8c/0xf0
[  155.554890][    C0]  __dev_notify_flags+0x304/0x610
[  155.559752][    C0]  ? __dev_change_flags+0x6e0/0x6e0
[  155.564785][    C0]  ? __dev_change_flags+0x569/0x6e0
[  155.569820][    C0]  ? avc_denied+0x1b0/0x1b0
[  155.574159][    C0]  ? dev_get_flags+0x1e0/0x1e0
[  155.578761][    C0]  dev_change_flags+0xf0/0x1a0
[  155.583359][    C0]  dev_ifsioc+0x147/0x10c0
[  155.587613][    C0]  ? dev_ioctl+0xe70/0xe70
[  155.591864][    C0]  ? mutex_lock+0xb6/0x1e0
[  155.596119][    C0]  ? wait_for_completion_killable_timeout+0x10/0x10
[  155.602541][    C0]  dev_ioctl+0x54d/0xe70
[  155.606621][    C0]  sock_do_ioctl+0x34f/0x5a0
[  155.611046][    C0]  ? sock_show_fdinfo+0xa0/0xa0
[  155.615734][    C0]  ? alloc_empty_file_noaccount+0x80/0x80
[  155.621288][    C0]  ? put_pid+0xc3/0x110
[  155.625280][    C0]  ? selinux_file_ioctl+0x3cc/0x540
[  155.630317][    C0]  sock_ioctl+0x455/0x740
[  155.634480][    C0]  ? sock_poll+0x400/0x400
[  155.638734][    C0]  ? __fget_files+0x31e/0x380
[  155.643248][    C0]  ? security_file_ioctl+0x84/0xb0
[  155.648194][    C0]  ? sock_poll+0x400/0x400
[  155.652449][    C0]  __se_sys_ioctl+0x114/0x190
[  155.656961][    C0]  __x64_sys_ioctl+0x7b/0x90
[  155.661387][    C0]  do_syscall_64+0x3d/0xb0
[  155.665639][    C0]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  155.671372][    C0] RIP: 0033:0x7f3d20249ee9
[  155.675624][    C0] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  155.695062][    C0] RSP: 002b:00007f3d1efbe0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  155.703307][    C0] RAX: ffffffffffffffda RBX: 00007f3d20378f80 RCX: 00007f3d20249ee9
[  155.711118][    C0] RDX: 0000000020000140 RSI: 0000000000008914 RDI: 0000000000000006
[  155.718930][    C0] RBP: 00007f3d2029649e R08: 0000000000000000 R09: 0000000000000000
[  155.726745][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  155.734552][    C0] R13: 000000000000000b R14: 00007f3d20378f80 R15: 00007ffe3ef3a418
[  155.742366][    C0]  </TASK>
[  155.745230][    C0] Sending NMI from CPU 0 to CPUs 1:
[  155.750293][    C1] NMI backtrace for cpu 1
[  155.750302][    C1] CPU: 1 PID: 395 Comm: syz-executor.3 Not tainted 5.15.149-syzkaller-00490-g5d96939590c0 #0
[  155.750318][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[  155.750326][    C1] RIP: 0010:kvm_wait+0x147/0x180
[  155.750345][    C1] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 5b 03 f3 03 fb f4 <e9> 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c
[  155.750356][    C1] RSP: 0018:ffffc90005b86d20 EFLAGS: 00000246
[  155.750369][    C1] RAX: 0000000000000001 RBX: 1ffff92000b70da8 RCX: 1ffffffff0d1aa9c
[  155.750379][    C1] RDX: 0000000000000001 RSI: 0000000000000001 RDI: ffff8881f7137ed4
[  155.750389][    C1] RBP: ffffc90005b86dd0 R08: dffffc0000000000 R09: ffffed103ee26fdb
[  155.750399][    C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[  155.750409][    C1] R13: ffff8881f7137ed4 R14: 0000000000000001 R15: 1ffff92000b70dac
[  155.750420][    C1] FS:  00007f9fedea66c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  155.750433][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  155.750443][    C1] CR2: 0000001b2ea22000 CR3: 000000012c94f000 CR4: 00000000003506a0
[  155.750457][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  155.750465][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  155.750474][    C1] Call Trace:
[  155.750479][    C1]  <NMI>
[  155.750484][    C1]  ? show_regs+0x58/0x60
[  155.750500][    C1]  ? nmi_cpu_backtrace+0x29f/0x300
[  155.750518][    C1]  ? nmi_trigger_cpumask_backtrace+0x270/0x270
[  155.750535][    C1]  ? kvm_wait+0x147/0x180
[  155.750547][    C1]  ? kvm_wait+0x147/0x180
[  155.750560][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  155.750576][    C1]  ? nmi_handle+0xa8/0x280
[  155.750590][    C1]  ? kvm_wait+0x147/0x180
[  155.750603][    C1]  ? default_do_nmi+0x69/0x160
[  155.750618][    C1]  ? exc_nmi+0xaf/0x120
[  155.750632][    C1]  ? end_repeat_nmi+0x16/0x31
[  155.750647][    C1]  ? kvm_wait+0x147/0x180
[  155.750668][    C1]  ? kvm_wait+0x147/0x180
[  155.750681][    C1]  ? kvm_wait+0x147/0x180
[  155.750694][    C1]  </NMI>
[  155.750698][    C1]  <TASK>
[  155.750703][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1b/0x20
[  155.750717][    C1]  ? kvm_arch_para_hints+0x30/0x30
[  155.750732][    C1]  __pv_queued_spin_lock_slowpath+0x41b/0xc40
[  155.750751][    C1]  ? __pv_queued_spin_unlock_slowpath+0x310/0x310
[  155.750767][    C1]  ? __reset_page_owner+0x190/0x190
[  155.750781][    C1]  ? free_unref_page+0xe8/0x750
[  155.750795][    C1]  ? __free_pages+0x61/0xf0
[  155.750809][    C1]  _raw_spin_lock_bh+0x139/0x1b0
[  155.750825][    C1]  ? _raw_spin_lock_irq+0x1b0/0x1b0
[  155.750840][    C1]  ? sock_hash_bucket_hash+0x36d/0x7e0
[  155.750857][    C1]  sock_hash_delete_elem+0xb1/0x2f0
[  155.750872][    C1]  ? kvfree+0x35/0x40
[  155.750886][    C1]  bpf_prog_2c29ac5cdc6b1842+0x3a/0xb78
[  155.750898][    C1]  bpf_trace_run2+0xec/0x210
[  155.750915][    C1]  ? bpf_trace_run1+0x1c0/0x1c0
[  155.750929][    C1]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[  155.750945][    C1]  ? kvfree+0x35/0x40
[  155.750957][    C1]  ? free_unref_page+0x2b3/0x750
[  155.750972][    C1]  ? kvfree+0x35/0x40
[  155.750984][    C1]  __bpf_trace_kfree+0x6f/0x90
[  155.750998][    C1]  ? kvfree+0x35/0x40
[  155.751010][    C1]  kfree+0x1f3/0x220
[  155.751026][    C1]  kvfree+0x35/0x40
[  155.751038][    C1]  __vunmap+0x850/0x8f0
[  155.751052][    C1]  vfree+0x7f/0xb0
[  155.751064][    C1]  bpf_prog_calc_tag+0x69a/0x8f0
[  155.751080][    C1]  ? __bpf_prog_free+0xe0/0xe0
[  155.751098][    C1]  resolve_pseudo_ldimm64+0xe2/0x1240
[  155.751114][    C1]  ? check_attach_btf_id+0x40f/0xef0
[  155.751129][    C1]  ? bpf_check+0x12bf0/0x12bf0
[  155.751144][    C1]  ? check_attach_btf_id+0xef0/0xef0
[  155.751158][    C1]  ? __mark_reg_known+0x1b0/0x1b0
[  155.751173][    C1]  ? security_capable+0x87/0xb0
[  155.751188][    C1]  bpf_check+0x3174/0x12bf0
[  155.751208][    C1]  ? 0xffffffffa0010488
[  155.751217][    C1]  ? is_bpf_text_address+0x172/0x190
[  155.751232][    C1]  ? stack_trace_save+0x1c0/0x1c0
[  155.751247][    C1]  ? __kernel_text_address+0x9b/0x110
[  155.751261][    C1]  ? unwind_get_return_address+0x4d/0x90
[  155.751276][    C1]  ? bpf_get_btf_vmlinux+0x60/0x60
[  155.751290][    C1]  ? arch_stack_walk+0xf3/0x140
[  155.751307][    C1]  ? stack_trace_save+0x113/0x1c0
[  155.751321][    C1]  ? stack_trace_snprint+0xf0/0xf0
[  155.751335][    C1]  ? stack_trace_snprint+0xf0/0xf0
[  155.751350][    C1]  ? __stack_depot_save+0x34/0x470
[  155.751366][    C1]  ? ____kasan_kmalloc+0xed/0x110
[  155.751386][    C1]  ? ____kasan_kmalloc+0xdb/0x110
[  155.751399][    C1]  ? __kasan_kmalloc+0x9/0x10
[  155.751411][    C1]  ? kmem_cache_alloc_trace+0x115/0x210
[  155.751426][    C1]  ? selinux_bpf_prog_alloc+0x51/0x140
[  155.751440][    C1]  ? security_bpf_prog_alloc+0x62/0x90
[  155.751454][    C1]  ? bpf_prog_load+0x9ee/0x1b50
[  155.751467][    C1]  ? __sys_bpf+0x4bc/0x760
[  155.751479][    C1]  ? __x64_sys_bpf+0x7c/0x90
[  155.751492][    C1]  ? do_syscall_64+0x3d/0xb0
[  155.751505][    C1]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  155.751528][    C1]  ? __kasan_kmalloc+0x9/0x10
[  155.751542][    C1]  ? memset+0x35/0x40
[  155.751555][    C1]  ? bpf_obj_name_cpy+0x196/0x1e0
[  155.751569][    C1]  bpf_prog_load+0x12ac/0x1b50
[  155.751584][    C1]  ? map_freeze+0x370/0x370
[  155.751600][    C1]  ? selinux_bpf+0xcb/0x100
[  155.751613][    C1]  ? security_bpf+0x82/0xb0
[  155.751626][    C1]  __sys_bpf+0x4bc/0x760
[  155.751640][    C1]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[  155.751656][    C1]  ? __kasan_check_read+0x11/0x20
[  155.751675][    C1]  __x64_sys_bpf+0x7c/0x90
[  155.751688][    C1]  do_syscall_64+0x3d/0xb0
[  155.751701][    C1]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  155.751717][    C1] RIP: 0033:0x7f9fef131ee9
[  155.751730][    C1] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  155.751741][    C1] RSP: 002b:00007f9fedea60c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  155.751755][    C1] RAX: ffffffffffffffda RBX: 00007f9fef260f80 RCX: 00007f9fef131ee9
[  155.751765][    C1] RDX: 0000000000000090 RSI: 00000000200000c0 RDI: 0000000000000005
[  155.751774][    C1] RBP: 00007f9fef17e49e R08: 0000000000000000 R09: 0000000000000000
[  155.751783][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  155.751791][    C1] R13: 000000000000000b R14: 00007f9fef260f80 R15: 00007ffc28226378
[  155.751804][    C1]  </TASK>