last executing test programs:

15.683212393s ago: executing program 3 (id=489):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000750000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000e00000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500000057"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
lremovexattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)=@known='system.posix_acl_access\x00')

15.558584155s ago: executing program 3 (id=490):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r2)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000003e00000095"], &(0x7f00000000c0)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=ANY=[@ANYBLOB="1200000004000000080000000b"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000a40)=ANY=[@ANYRES32=r5, @ANYRES32=r4, @ANYBLOB='\a'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r5, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r3}, 0x20)
sendmsg$IPCTNL_MSG_EXP_DELETE(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[], 0xc3ff}}, 0x0)
close(r2)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000000000b7030000000000008500000070"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00'}, 0x10)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x23}, 0x38)

15.436253056s ago: executing program 3 (id=491):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@broadcast, @dev, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @dest_unreach={0x3, 0x0, 0x0, 0x0, 0x0, 0x0, {0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x89, 0x0, @dev, @local, {[@noop, @generic={0x0, 0xd, "c045d45768dc37efa0fc58"}, @timestamp_prespec={0x44, 0xc, 0x0, 0x3, 0x0, [{@loopback}]}, @ssrr={0x89, 0xf, 0x0, [@empty, @broadcast, @broadcast]}, @timestamp_addr={0x44, 0x4c, 0x0, 0x1, 0x0, [{}, {@private}, {}, {@local}, {@loopback}, {@private}, {@multicast2}, {@empty}, {@broadcast}]}, @timestamp={0x44, 0x8, 0x0, 0x0, 0x0, [0x0]}]}}}}}}}, 0x0)

15.322032488s ago: executing program 3 (id=493):
r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x3, 0x80000, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x50, 0x0, 0x20000, 0xfffffffffffffffd, 0x5, 0x2, 0xb, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000026c0)=ANY=[@ANYRESHEX=r0], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000480)=ANY=[@ANYRES32=r1, @ANYRES32=r1, @ANYBLOB="2f0000052000000004000000", @ANYRES32=0x0, @ANYRES64=0x0], 0x20)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r3}, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x10001, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x10000000}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r5}, 0x10)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='./file1\x00', 0x3000000, &(0x7f0000000200)={[{@nobarrier}, {@dioread_nolock}]}, 0x1, 0x527, &(0x7f0000019580)="$eJzs3W1rZFcdAPD/vZPZZndTM1WRtWBbbGW36M5sGttGkXYF0RdSUOv7NSaTEDLJhMykbkLRLH4AQUSFfgDfCH4AQfoRRCjoe1FRRLf6UnvlztyxeZhJhjzN7uT3g5M55z6c/zmXzJ37cLg3gEvruYi4GxGliHgxIqaL6WmRYreb8uXef/j2Qp6SyLI3/5FEUkzr1ZWXJyLierHaZER862sR300Ox21t76zONxr1zaJca69t1FrbO7dX1uaX68v19dnZmVfmXp17ee5OVjhVPysR8dpX/vLTH/3iq6/95nPf++O9v936ft6sL32i2+6IWDhVgAG6dZc726In30ab5xFsRPL+lEujbgUAAMPIj/E/GhGf7hz/T0epczQHAAAAjJPs9an4TxKRAQAAAGMrjYipSNJqMRZgKtK0Wu2O4f14XEsbzVb7s0vNrfXFfF5EJcrp0kqjfqcYK1yJcpKXZ4oxtr3ySwfKsxHxVET8ZPpqp1xdaDYWR33xAwAAAC6J68/uP///93TayQMAAABjpjKwAAAAAIwLp/wAAAAw/pz/AwAAwFj7xhtv5Cnrvcd78a3trdXmW7cX663V6trWQnWhublRXW42lzvP7Fs7rr5Gs7nx+Vjful9r11vtWmt7595ac2u9fW9l3yuwAQAAgAv01LPv/iGJiN0vXu2kKJ4DCFwWX78y1GJ/PveGABeoNOoGACMzMeoGACNTPnYJewgYd8kx8w8P3uleK4zfnk97AACAs3fzk3vv/7/Tmda7GXj8tQHgcWasDwBcPu7uweVVjtKDE61448ybAozIR7ofTwyaP/DhHUPc/+9eY8iyEzUMAAA4M1OdlKTV4jh9KtK0Wo14svNagHKytNKo3ynOD34/XX4iL8901kyOHTMMAAAAAAAAAAAAAAAAAAAAAAAAAHRlWRJZX1G8Fbz/XAAAAODxEZH+NSnO9G9OvzC1/+rAgbd+vfPmz+7Pt9ubMxFXkn9O55OuRET758X0lzKvBAAAAIBHQPc8vficGXVrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABg37z98e6GXLjLu378cEZV+8SdisvM5GeWIuPavJCb2rJdEROkM4u8+iIgb/eIn8UGWZZWiFf3iXz3n+JXOpukfP42I62cQHy6zd/P9z91+3780nut89v/+TRTptAbv/9L/7/9KA/Y/Tx4oD/L0e7+qDYz/IOLpif77n178pBt/X4i88PyQffzOt3d2+s7YU2W/+Htj1dprG7XW9s7tlbX55fpyfX12duaVuVfnXp67U1taadSLv33D/PhTv/7gqP5fGxC/sr//h7b/C0P1Pov/vnf/4ce6hXK/+Lee7//7e2NA/LT47ftMkc/n3+zld7v5vZ755e+eOar/iwP6P3lM/28N1f/4wovf/OGf+s45tDUAgIvQ2t5ZnW806ptHZCaHWOaCM68/Gs04w0w8Gs0YVSb7Qff/8XT1nHL1Q5nsNKtPxBk048qh72kpTlphErGb1zXkPyQAADBmPjzoP+oOEgAAAAAAAAAAAAAAAAAAAHCeTvhYssmIOHKZu3tqPhhzdzRdBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA40v8CAAD//+SZylA=")
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpu.stat\x00', 0x275a, 0x0)
ioctl$FS_IOC_GETFSMAP(r6, 0xc0c0583b, &(0x7f0000005d00)=ANY=[@ANYBLOB="000000004c900200080000000300010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000070000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff"])
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x2014800, 0x0)
r7 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r7, &(0x7f0000f67fe4)={0xa, 0x4e20, 0xfffffffd, @ipv4={'\x00', '\xff\xff', @multicast2}}, 0x1c)
socket$inet6(0xa, 0x2, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a000000020000000110000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r9}, 0x10)
r10 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
syz_usb_connect$printer(0x3, 0x36, &(0x7f0000000080)=ANY=[], 0x0)
close_range(r10, 0xffffffffffffffff, 0x0)
r11 = socket(0x2, 0x80805, 0x0)
r12 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r12, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r13=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r11, 0x84, 0x76, &(0x7f0000000140)=@assoc_value={r13}, 0x8)

14.481391028s ago: executing program 3 (id=500):
shutdown(0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, 0x0})
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0x44, 0x11cfe, 0x10000000, 0x8000008, 0x3, 0x4, 0x80000001})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x40505330, &(0x7f00000001c0)={0x800100, 0xffffffff, 0x22, 0xe1d9, 0x1101, 0xff})
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x5, 0x2240, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x0, 0x1}, 0x0, 0x80000, 0x0, 0x8, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$selinux_load(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="8cff9af9080000005345204c696e757895f493b46ed538de76a7a92b1a02460c"], 0xd)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x40505330, &(0x7f00000004c0)={0x800100, 0xfffffffd, 0x4, 0x8, 0x9, 0x6})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYRES64=r0, @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffef5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x2, 0x1, 0x0, r3}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x43}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffe7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
syz_usb_connect$printer(0x3, 0x36, &(0x7f0000000080)=ANY=[], 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)
r5 = getpid()
sched_setscheduler(r5, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x409, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r6 = syz_open_dev$usbmon(&(0x7f00000005c0), 0x0, 0x0)
r7 = syz_open_dev$usbfs(&(0x7f0000000040), 0x20000007d, 0x0)
r8 = dup3(r6, r7, 0x0)
ioctl$MON_IOCX_MFETCH(r8, 0xc0109207, &(0x7f00000001c0)={0x0, 0x0, 0xe9})
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./cgroup\x00', &(0x7f0000000040)='iso9660\x00', 0x0, 0x0)

13.316140053s ago: executing program 3 (id=513):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x210000000013, &(0x7f0000000580)=0x100000001, 0x4)
connect$inet(r2, &(0x7f0000000140)={0x2, 0x0, @remote}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000600)=[@sack_perm], 0x8cbd752)
setsockopt$inet_tcp_int(r2, 0x6, 0x18, &(0x7f0000000040)=0x9, 0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r3}, 0x10)
io_setup(0x3, &(0x7f0000000340))
r4 = socket$inet6(0xa, 0x3, 0x6)
setsockopt$inet6_buf(r4, 0x29, 0x39, 0x0, 0x0)

13.293042473s ago: executing program 32 (id=513):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x210000000013, &(0x7f0000000580)=0x100000001, 0x4)
connect$inet(r2, &(0x7f0000000140)={0x2, 0x0, @remote}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000600)=[@sack_perm], 0x8cbd752)
setsockopt$inet_tcp_int(r2, 0x6, 0x18, &(0x7f0000000040)=0x9, 0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r3}, 0x10)
io_setup(0x3, &(0x7f0000000340))
r4 = socket$inet6(0xa, 0x3, 0x6)
setsockopt$inet6_buf(r4, 0x29, 0x39, 0x0, 0x0)

4.487786994s ago: executing program 2 (id=659):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)=@updpolicy={0x1bc, 0x19, 0x1, 0x0, 0xffffffff, {{@in=@multicast2, @in6=@local, 0x4e21, 0x0, 0x3, 0x0, 0xa, 0x0, 0xa0}, {0x0, 0xe9}, {0x0, 0x0, 0x0, 0x20000000000000}, 0x0, 0x200}, [@tmpl={0x104, 0x5, [{{@in=@loopback, 0x4d6, 0x3c}, 0x2, @in=@multicast1, 0x3504, 0x4, 0x3, 0x7, 0x8, 0x4, 0x1}, {{@in6=@mcast2, 0x4d3, 0x3c}, 0x2, @in=@multicast1, 0x3506, 0x2, 0x3, 0x27, 0x5, 0x3, 0x200}, {{@in6=@loopback, 0x4d4, 0x32}, 0x2, @in6=@mcast1, 0x3502, 0x3, 0x1, 0x7, 0x5, 0x3, 0x7}, {{@in6=@remote, 0x4d3, 0x3c}, 0xa, @in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x0, 0x1, 0x1, 0x9, 0x8, 0xe7, 0x7}]}]}, 0x1bc}}, 0x0)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
syz_usb_connect(0x0, 0x24, &(0x7f0000002c80)={{0x12, 0x1, 0x0, 0x41, 0x7, 0xf5, 0x40, 0xcf3, 0x9375, 0x1a9e, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xbe, 0xe4, 0xf9}}]}}]}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
execve(&(0x7f00000190c0)='./file0\x00', 0x0, 0x0)
r6 = memfd_create(&(0x7f0000000340)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\xdenJ\xeb\x87\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38\x14\xcb\xfa\xb3j\x92\f\xe0\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf0\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x2)
sendto$inet6(0xffffffffffffffff, &(0x7f00000001c0)='O', 0x1, 0x80, &(0x7f0000000280)={0xa, 0x0, 0x0, @private2}, 0x1c)
shutdown(0xffffffffffffffff, 0x1)
ftruncate(r6, 0xffff)
fcntl$addseals(r6, 0x409, 0x7)
socket$tipc(0x1e, 0x2, 0x0)
r7 = syz_genetlink_get_family_id$batadv(&(0x7f0000000780), r0)
sendmsg$BATADV_CMD_GET_GATEWAYS(r0, &(0x7f0000000840)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000800)={&(0x7f00000007c0)=ANY=[@ANYBLOB, @ANYRES16=r7, @ANYBLOB="000229bd7000fedbdf250a000000050029000000000008003900030000000500300001000005002f0001000000"], 0x3c}, 0x1, 0x0, 0x0, 0x4000}, 0x20)
sendmsg$TIPC_NL_BEARER_SET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100280000000000000002000000200001800d0001007564703a73797a32"], 0x34}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00'}, 0x18)
syz_io_uring_setup(0x10a, &(0x7f0000000340)={0x0, 0xfd69, 0x80, 0x7ffff, 0x2000088}, &(0x7f00000004c0), &(0x7f0000000200))

2.696155746s ago: executing program 0 (id=688):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000b80)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b40)={0x0, r0}, 0x18)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0b0000000c000000040000004f0c000001000000", @ANYRES32=0x1, @ANYBLOB="0095a91a4b494b341437c61d83f87300000000000000000000000000800000000000706429a5b49b9e0d71b2886b542dffe231226507cec18ae9dfab39674a6fa8b27010e752d9d95a336225128037ac0faf817b760e1376a1515d10dd02e41804f71a64b7f113f2184052d690d144e2aa07e1a43d9a0c43983f107faa0be1aa58b3d56b5a7a395ee218a1dec6d6065115c302eb7da5938507a4bd7d2bc301104bd9650b51090235207c0673d95e7d3522031ce7b57efd313646bbf3de3555c2323a2bb4b49f94ca", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r2 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x30000c6, &(0x7f0000000180), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x242, 0x0)
pwrite64(r3, &(0x7f0000000200)='2', 0x1, 0x8080c61)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
fallocate(r4, 0x0, 0x0, 0x8000c62)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r5, 0x40305829, &(0x7f00000000c0)={0x17c04, r5, 0x8, 0xfff, 0x7fffffffc})
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffff4, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[@ANYRESHEX=r2, @ANYRES32=<r9=>r7, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r10 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000140)={0x0, 0xfffffffffffffc22, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="380000006c0015000000d9fece23b820000000004934a71211949da6bbf312", @ANYRES8=r6, @ANYBLOB="0000f30000000001180034"], 0x38}, 0x1, 0x300}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r7}, &(0x7f0000000380), &(0x7f00000003c0)=r8}, 0x20)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYRESOCT, @ANYRES8=r10, @ANYBLOB="529bbb12a04f13bdb60ace396746e765168562ec01d320ff95ebd027b4824a75989b63dce3b1be8178d89a991b94ab7520a055d1f4af987abc1d9d5b6f5f5e061d46ce589dd53c60929a35b60c06d01eb3c817057b99e09a9e06d000ce5aec33544fe19e2995a40862ca438b0ca498389d1539b9baa03909a05d4d2bebe5b02907ff5751ae1f943b91c4ee1fe19c1f2e132c3dd80b8578199407ed2b9e", @ANYRESOCT, @ANYRESOCT=r4, @ANYRES8=r4, @ANYRES32=r9, @ANYRES8=r1, @ANYRESDEC=r2], &(0x7f00000002c0)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r11}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000380)=[{0x200000000006, 0x1, 0x7, 0x7ffc1ffb}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00'}, 0x10)
r12 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r12, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000000000000000008000a20000000000a03000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30010000000800054000000006440000001e0a05010000000000000000070000000900020073797a31000000000900010073797a30000000001800038014000080100001800a000100fefe807eb37b0000140000001000010000000000000000000084000a"], 0xc8}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x1e, 0xc, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, @void, @value}, 0x94)
r13 = socket(0x10, 0x3, 0x0)
r14 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0xe, &(0x7f0000000700)=ANY=[@ANYBLOB="b7020000b96871dfbfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe00000000850000001a000000b7000000000000009500000000000000455781a5feee5e1ce784909b849d5550adf200000000000000b61d69f2ffdaa10350e11cb97c8ad51bcda0c4ee6d9674c77404ceb9971e43405d621ffbc9a4fd39b0631f6dde53a9a53608c10556e5734eb84049761451ce2e2d9f8004e26f7fcc059c06220002595f6dba87b81d1106fb0289ce67a66afd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7480884bd8048a967d9b912ef9f1dcc4ff8546fee53f5b2e7b91c61ced1ebad000000000000e8122a793c080a882add4e1179bd4a44f231b6d753a78845d8363e0401861abebe428ba953df4aece69311687f4122073a236c3ad198e3f3a532efa04137d452ff47d2638da3261c8362bb7c7824be6195a66d2e17e122040e11e3bd4a69fc6e8d9f7043e09b9e10dc7777bfae5884e4ba1e9cc4a2bbe99e30816127f46a1aae33d4d63d716c0975e1ce4a655362e7062ff6ab3934555c01840219829472adefa06d3482c7b2711b98eabdca89b77efd13e6dba4a431ce47911834118093b6cabaa17a57727474e1785ee234835088445aa4a9b677d3d342640e328504aea02a2d727e62b7f097a02dbf8fe1d704765de7482040b2fc3000000000000000008947baeaaf954aff687deaa2f804924600273ee26d8115cbca081a14cba247886a9291745083fccdddc90d7af35c528d46362ea0d8d79c79ddca066da478c197d4a550470557bc99cca336bd88cd28a5ee651627e3a6fbf6ea53b95ddb64c69c7d8d2f4baddc239828760459564124bad68209d2a1d16ad085886c017679cfcda8b1e152ac1e2bcc5ede5b5687aa418abfa29acd7339e73b2cd185c9eb5fb34fccd20ffa155b16c0c309ed6f6663677df37de0ec0d0f548b273940be5d1fe0bae14d1a76bf741330dacd9cc19c0163bcc93059e8d2d1bfa928e2ba458ecd989cb3581a3f270ad48255ac0dad4923e3e3364871ee77ba64ae799a29d42c4365f8b9928eb15a7523f43020d9803060c8221d4d8f691ac14187fa7fe929eada4e16ac2eaef502c9912c59bc1f461aa032057030e4f8fa907f80b40638c022cf66b16ca7a05c35cc075ba7c93d6556c3e736a16f24f4561115962be30c4d6a248df33862d98e3b802f20ecd8348dce1149f0d11a55345a8c6410759ab7b3da2a0813df6b07385acd40a9600aa4da6eb2cc38c522bb135da7ee2c0522a4c83c97380d83c919a34fbe774744da402cff16093328e1309bbfbe881a1e9e1221a51dbef9372f0078843e95887c91fe62efc46d25fc84109f"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000340), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
setsockopt$sock_attach_bpf(r13, 0x1, 0x32, &(0x7f00000001c0)=r14, 0x4)

2.159648523s ago: executing program 1 (id=700):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00'}, 0x10)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x11, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000012c0)={&(0x7f0000000040)='kfree\x00', r0}, 0x10)
r2 = bpf$TOKEN_CREATE(0x24, &(0x7f00000002c0)={0x0, r1}, 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x78, '\x00', 0x0, 0x2, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x173b0da, @void, @value}, 0x94)
r3 = accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000080)={0x1f, 0x0, @none}, 0x0, 0x80800)
getsockopt$bt_BT_SNDMTU(r3, 0x112, 0xc, 0x0, 0x0)
openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r4, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0x62, 0x11cfa, 0x0, 0x8000008, 0x7, 0x4, 0x1, 0x0, 0x7cce8c743ee810df})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r4, 0x40505330, &(0x7f00000000c0)={0x800000, 0x80, 0xffffffbc, 0x7, 0x0, 0x55a})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r4, 0x40505330, &(0x7f0000000bc0)={0x800080, 0x856, 0x8, 0x9, 0x40, 0x558})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x2, 0x0, 0x7fff0000}]})
r5 = io_uring_setup(0xf08, &(0x7f0000000780)={0x0, 0x826e, 0x40, 0x3, 0xf0})
syz_clone3(&(0x7f0000000000)={0x285002400, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x46)
io_uring_register$IORING_REGISTER_FILES(r5, 0x1e, &(0x7f0000000000)=[r5], 0x1)

2.108841734s ago: executing program 1 (id=701):
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
getgroups(0x2, &(0x7f0000000000)=[0x0, 0x0])
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x5c, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x0, 0x0, 0x200}, @IPSET_ATTR_SIZE={0x8, 0x17, 0x1, 0x0, 0x6}]}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'list:set\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xef7ab6f359d7b58a}, @IPSET_ATTR_REVISION={0x5}]}, 0x5c}, 0x1, 0x0, 0x0, 0x44}, 0x0)
r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000140), 0x141000, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r1}, 0x0, 0x0}, 0x20)
r2 = socket$inet6(0xa, 0x6, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000004c0)={'ip6tnl0\x00', &(0x7f0000000740)={'syztnl1\x00', 0x0, 0x29, 0x0, 0x3, 0x0, 0x0, @local, @local, 0x10, 0x7, 0x2, 0x8}})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r2, 0x89f2, &(0x7f0000000600)={'syztnl1\x00', 0x0})
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000001001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
fchmod(r0, 0x10)
socket(0x28, 0x5, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x28, 0x7, 0x6, 0x5, 0x0, 0x0, {0x2}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x4002}, 0x4004044)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000080), r0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000005e000100"/20, @ANYRES32, @ANYRES16], 0x1c}}, 0x10)

1.989889245s ago: executing program 1 (id=704):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xd, &(0x7f0000000340)=ANY=[@ANYRES64=r0, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000009582b26279bcd7062a9a0f88bf1523e052876bc15b4d4d1896c6becf95f41102969319fad6e7650d5c43d4b6c60a3d837f6bf6c18ab026671e2b99f5734003f444"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r4 = dup(r3)
ioctl$PTP_EXTTS_REQUEST2(r4, 0x43403d05, 0x0)
setregid(0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_lru_insertion\x00', r6}, 0x10)
ppoll(&(0x7f0000000040)=[{r5, 0x80}, {r0, 0x8a}], 0x2, &(0x7f0000000080)={0x77359400}, &(0x7f00000001c0)={[0xcc31]}, 0x8)
syz_open_dev$sg(&(0x7f0000000000), 0x6, 0x48e01)
r7 = syz_io_uring_setup(0x3c3d, &(0x7f0000000780)={0x0, 0xfffffffe, 0x10100, 0x1, 0x179}, &(0x7f0000000100)=<r8=>0x0, &(0x7f0000000700)=<r9=>0x0)
add_key$fscrypt_v1(&(0x7f0000000040), 0x0, 0x0, 0x0, 0xffffffffffffffff)
syz_io_uring_submit(r8, r9, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x3, 0x0, &(0x7f0000000440)=[{&(0x7f0000000580)="1a", 0x1}], 0x1})
io_uring_enter(r7, 0x4d10, 0x2, 0x2, 0x0, 0x0)

1.605240359s ago: executing program 1 (id=705):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = syz_open_dev$usbfs(&(0x7f0000000040), 0x400000001fc, 0x301)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000900)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3, 0x0, 0xfffffffffffffffe}, 0x18)
ioctl$USBDEVFS_REAPURB(r1, 0x4008550c, &(0x7f0000000180))
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x0, 0xc, &(0x7f00000001c0)=ANY=[@ANYRES8=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f00000007c0)='skb_copy_datagram_iovec\x00', r5}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000003c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmsg$inet(r7, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0)
recvmsg$unix(r6, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdc8}, 0x0)

1.465940241s ago: executing program 0 (id=706):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x18)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r1)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000003e00000095"], &(0x7f00000000c0)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=ANY=[@ANYBLOB="1200000004000000080000000b"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000a40)=ANY=[@ANYRES32=r4, @ANYRES32=r3, @ANYBLOB='\a'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r4, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r2}, 0x20)
sendmsg$IPCTNL_MSG_EXP_DELETE(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[], 0xc3ff}}, 0x0)
close(r1)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000000000b7030000000000008500000070"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00'}, 0x10)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x23}, 0x38)

1.392085383s ago: executing program 2 (id=708):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fa540000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@broadcast, @dev, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @dest_unreach={0x3, 0x0, 0x0, 0x0, 0x0, 0x0, {0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x89, 0x0, @dev, @local, {[@noop, @generic={0x0, 0xd, "c045d45768dc37efa0fc58"}, @timestamp_prespec={0x44, 0xc, 0x0, 0x3, 0x0, [{@loopback}]}, @ssrr={0x89, 0xf, 0x0, [@empty, @broadcast, @broadcast]}, @timestamp_addr={0x44, 0x4c, 0x0, 0x1, 0x0, [{}, {@private}, {}, {@local}, {@loopback}, {@private}, {@multicast2}, {@empty}, {@broadcast}]}, @timestamp={0x44, 0x8, 0x0, 0x0, 0x0, [0x0]}]}}}}}}}, 0x0)

1.305742694s ago: executing program 2 (id=710):
r0 = open(&(0x7f0000000000)='./bus\x00', 0x1050c1, 0x170)
fgetxattr(r0, &(0x7f00000003c0)=@known='security.selinux\x00', 0x0, 0x0)

1.228344754s ago: executing program 2 (id=714):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000002c0)=0x1)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x105042, 0x1db)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r2, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29}, './file0\x00'})
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd23e, 0x0, @perf_bp={0x0, 0xe}, 0x100002, 0x0, 0xfffffffc, 0x3, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="1802000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="180300000005000000000000000000001801000011af000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000020000838500000071000000180100002020752500000000806020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x88882, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c5902, 0x0)
write$RDMA_USER_CM_CMD_DESTROY_ID(r6, &(0x7f0000003280)={0x1, 0x10, 0xfa00, {0x0}}, 0x18)
sendfile(r6, r5, 0x0, 0x7ffff000)
fallocate(r4, 0x1, 0x0, 0x1001f0)

891.526189ms ago: executing program 0 (id=718):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000500000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000c0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000430000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x54, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000001640)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000580)=@deltaction={0x4c, 0x18, 0x1, 0x0, 0x25dfdbfe, {0xa}, [@TCA_ACT_TAB={0x38, 0x1, [{0xc, 0x80, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}, {0x14, 0x8, 0x0, 0x0, @TCA_ACT_KIND={0x6, 0x1, 'tunnel_key\x00'}}, {0x14, 0x9, 0x0, 0x0, @TCA_ACT_KIND={0xf, 0x1, 'tunnel_key\x00'}}]}]}, 0x4c}}, 0x0)

863.965629ms ago: executing program 0 (id=720):
setfsgid(0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0xc0802, 0x0)
close(r0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000080)=@nat={'nat\x00', 0x1b, 0x5, 0x618, 0x428, 0x258, 0xffffffff, 0x428, 0x258, 0x548, 0x548, 0xffffffff, 0x548, 0x548, 0x5, &(0x7f0000000000), {[{{@ipv6={@mcast1, @private1, [0xffffffff, 0x0, 0xffffff00, 0xff000000], [0xff, 0xffffff00, 0xff, 0xffffffff], 'veth1_vlan\x00', 'bridge0\x00', {0xff}, {}, 0x89, 0xf, 0x0, 0x6f}, 0x0, 0xd0, 0x118, 0x0, {}, [@common=@ipv6header={{0x28}, {0x40, 0x1b}}]}, @MASQUERADE={0x48, 'MASQUERADE\x00', 0x0, {0x8, @ipv6=@remote, @ipv6=@rand_addr=' \x01\x00', @port=0x4e22, @port=0x4e24}}}, {{@uncond, 0x0, 0xf8, 0x140, 0x0, {}, [@common=@inet=@set3={{0x50}, {{0x0, 0x5, 0x6}, {0x0, 0x3}, {0xcd, 0x6}, 0xc}}]}, @MASQUERADE={0x48, 'MASQUERADE\x00', 0x0, {0x2, @ipv4=@private=0xa010101, @ipv4=@multicast1, @icmp_id=0x66, @port=0x4e24}}}, {{@ipv6={@local, @loopback, [0xff, 0x0, 0x0, 0xff000000], [0xffffff00, 0xff, 0xffffffff, 0xffffffff], 'veth1_to_batadv\x00', 'pim6reg\x00', {0xff}, {0xff}, 0x3a, 0x3a, 0x4, 0x2}, 0x0, 0xa8, 0x1d0}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x1, 0x81, 'system_u:object_r:apt_exec_t:s0\x00'}}}, {{@ipv6={@private0={0xfc, 0x0, '\x00', 0x1}, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, [0xffffff00, 0xff000000, 0xffffffff, 0xffffff00], [0xff, 0x0, 0xff, 0xffffff00], 'hsr0\x00', 'veth1_macvtap\x00', {}, {0xff}, 0x2b, 0xfe, 0x4}, 0x0, 0xd8, 0x120, 0x0, {}, [@common=@inet=@tcp={{0x30}, {[0x4e21, 0x4e21], [0x4e24, 0x4e23], 0x4, 0x1, 0xc2, 0x3}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@rand_addr=0x64010101, 'erspan0\x00', {0x2}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x678)
socket$packet(0x11, 0x2, 0x300)

808.85709ms ago: executing program 0 (id=722):
setfsgid(0x0)

808.23954ms ago: executing program 0 (id=723):
openat$tun(0xffffffffffffff9c, 0x0, 0x48241, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'vcan0\x00', 0x4000})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/19], 0x8f)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x3, 0x4, 0x4, 0x98, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000005c0)={r1, 0xe0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000340)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
socket$kcm(0x2, 0x8, 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="190000"], 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f0000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000040)={r0, 0xfe1e, &(0x7f0000000500)}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r4, 0x0, 0x80000}, 0x18)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x4000000000000, 0x40, &(0x7f0000000340)=@raw={'raw\x00', 0xc01, 0x3, 0x2a8, 0x210, 0x5002004a, 0xa, 0x0, 0x0, 0x210, 0x3c8, 0x3c8, 0x210, 0x3c8, 0x3, 0x0, {[{{@ip={@loopback, @loopback, 0x0, 0x0, 'veth0_to_team\x00', 'macvtap0\x00'}, 0x60, 0xd8, 0x118, 0x0, {}, [@common=@unspec=@physdev={{0x68}, {'bridge0\x00', {}, 'batadv0\x00', {}, 0x0, 0x4}}]}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x0, 0x0, "c7a6bc1f54b88fa2267673e9bdbd68ed89f86114fe5e4c4969e359fcb117"}}}, {{@ip={@remote, @multicast2, 0x0, 0x0, 'pim6reg1\x00', 'veth1_to_bridge\x00'}, 0x0, 0xd8, 0xf8, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@unspec=@connlimit={{0x40}}]}, @unspec=@TRACE={0x20}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x34d)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000bc00000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008001000b704000000000400850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r7, 0x5, 0xe, 0x0, &(0x7f0000000440)="6121eed4cd50552b01e841acde1a", 0x0, 0x29d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x6}, 0x50)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x6c, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r9}, 0x10)
write(0xffffffffffffffff, 0x0, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000240)='kfree\x00', r10}, 0x18)

732.925051ms ago: executing program 4 (id=726):
r0 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x6, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x5, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3ff, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f00000001c0)='cpu&00\t&&')

651.350172ms ago: executing program 4 (id=727):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a000020095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000000c0)='kfree\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000400)={[{@errors_remount}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x7}}, {@dioread_lock}, {@data_err_ignore}, {@mblk_io_submit}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@nojournal_checksum}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
lsetxattr$trusted_overlay_upper(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000180), &(0x7f00000001c0)=ANY=[], 0x361, 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file1\x00', &(0x7f0000000080)='system.posix_acl_access\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="02000000010002000000000002000500", @ANYRES32=0x0, @ANYBLOB="02000400", @ANYRES32=0x0, @ANYBLOB="02000200a048d493401b7f0c08e6e9bf815254c16e90b696c1b6dce9be0d7f74f92d00c2f6eef87bb64594d38f3f7469", @ANYRES32=0x0, @ANYBLOB="040000000000000010000500000000002000000000000000"], 0x3c, 0x2)

650.836422ms ago: executing program 5 (id=728):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xd, &(0x7f0000000340)=ANY=[@ANYRES64=r0, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000009582b26279bcd7062a9a0f88bf1523e052876bc15b4d4d1896c6becf95f41102969319fad6e7650d5c43d4b6c60a3d837f6bf6c18ab026671e2b99f5734003f444"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r4 = dup(r3)
ioctl$PTP_EXTTS_REQUEST2(r4, 0x43403d05, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x1c, 0xc, 0x0, &(0x7f0000000800)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setregid(0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_lru_insertion\x00', r6}, 0x10)
ppoll(&(0x7f0000000040)=[{r5, 0x80}, {r0, 0x8a}], 0x2, &(0x7f0000000080)={0x77359400}, &(0x7f00000001c0)={[0xcc31]}, 0x8)
add_key$fscrypt_v1(&(0x7f0000000040), 0x0, 0x0, 0x0, 0xffffffffffffffff)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x3, 0x0, &(0x7f0000000440)=[{&(0x7f0000000580)="1a", 0x1}], 0x1})
io_uring_enter(0xffffffffffffffff, 0x4d10, 0x2, 0x2, 0x0, 0x0)

604.343622ms ago: executing program 5 (id=729):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x18)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r1)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000003e00000095"], &(0x7f00000000c0)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=ANY=[@ANYBLOB="1200000004000000080000000b"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000a40)=ANY=[@ANYRES32=r4, @ANYRES32=r3, @ANYBLOB='\a'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r4, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r2}, 0x20)
sendmsg$IPCTNL_MSG_EXP_DELETE(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[], 0xc3ff}}, 0x0)
close(r1)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000000000b7030000000000008500000070"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00'}, 0x10)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x23}, 0x38)

587.446153ms ago: executing program 1 (id=730):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000500000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000c0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000430000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x54, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000001640)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000580)=@deltaction={0x4c, 0x18, 0x1, 0x0, 0x25dfdbfe, {0xa}, [@TCA_ACT_TAB={0x38, 0x1, [{0xc, 0x80, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}, {0x14, 0x8, 0x0, 0x0, @TCA_ACT_KIND={0x6, 0x1, 'tunnel_key\x00'}}, {0x14, 0x9, 0x0, 0x0, @TCA_ACT_KIND={0xf, 0x1, 'tunnel_key\x00'}}]}]}, 0x4c}}, 0x0)

553.820943ms ago: executing program 4 (id=731):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000750000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000e00000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500000057"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)})
lremovexattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)=@known='system.posix_acl_access\x00')

553.233033ms ago: executing program 5 (id=732):
setfsgid(0x0) (fail_nth: 1)

300.237847ms ago: executing program 1 (id=733):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x44, 0x86}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0xc, 0x7, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESOCT=r1, @ANYRES8], &(0x7f0000000200)='GPL\x00', 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000001c0)='percpu_destroy_chunk\x00', r3}, 0x18)
syz_emit_ethernet(0x56, &(0x7f0000000ac0)={@random="b5ee3b0473e6", @broadcast, @void, {@canfd={0xd, {{}, 0xd, 0x1, 0x0, 0x0, "55537ebdf61bd02aa675d13b206815c5b8971dbb393cb06d6c041138cb45bafc64bd6457f1faa73af74e33e210607cc68402727b1183548444eb60c051695442"}}}}, 0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000180), r4)
sendmsg$NLBL_MGMT_C_ADD(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000002c0)={0x100, r5, 0xe701ac47a3d23ecd, 0x0, 0x2000, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_DOMAIN={0xce, 0x1, 'C\xec\xf8\xa0w\x15|\xd8\xbcs\xe1\xb93\x14\xcd\xcb\xb6\xb9\xbb\x84\xe5\xbc\xdb\x7f\x9a\xf2\xea\xcc\x91:v@\xe83-\x1d\xaagQl\x7f\tKt\fc\x1f\x17]\xd5\xd0\xf0\xa8\xeb\xd2g\x92\x04\x02\v\x00od\xe6,\xd3@I\x17\xf3\xbees0\xad\xc6\xbf/*\xb6(o\x91t\x12\x93U6\xf4@n\xdc\xdc\x8a7y\x81FY\xbe\xbbc\xd2\xc3\x01\xa5\xe2V\x8c\xb3im~\xd2V\xdaG\xbdbF\xc8n\x86\xac\x9c\xfb\xda\xe2&\"\xb4:\x13\xe9\tc\x85\xb4\xcb\x17\xbfm\x846\xe7\x7fp\x9eCdb\xad;\xa2\x8fs\xbf6\xe8\xe3Xg3&\xe2 \xd6\n\x9d=~<\x93/\xaf\x89\x06+\x96]\xb5+\xee\xff8^D*\xdb\xb8\xd8t\x80\xd4\x8fK=E0\xe8R\x83'}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @dev}]}, 0x100}}, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB=',wfdno=', @ANYRESOCT=r7])
r8 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$UHID_CREATE(r8, &(0x7f0000000a00)={0x0, {'syz0\x00', 'syz1\x00', 'syz0\x00', &(0x7f0000000940)=""/3, 0x3, 0x0, 0x4, 0x0, 0x0, 0xc08}}, 0x120)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1801000001ffffeb00000000eb658e0d850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r9}, 0x18)
r10 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r10, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
io_uring_register$IORING_UNREGISTER_PBUF_RING(r6, 0x17, &(0x7f0000000880)={&(0x7f0000001000)={[{&(0x7f0000000400), 0x0, 0x3}, {&(0x7f0000000540)="0a375ee5f110866a0fc5ba6eb6fac567f619a9c804e6074d67691f80254b672f9ceeb5381278e429d19f75acdaac56189c8864f7abe0a248721b7030b39dc1cead006fed488b19f288f554cd268bc24f00eb", 0x52}, {&(0x7f00000005c0)="c2a06cbbd7e07d3908648c7af684922763031e1c3f475b685dfb90", 0x1b, 0x3}, {&(0x7f0000000600)="cca86d95c02a60fb3586dfaebd2252464cc8e5274e07ddf9b9df9fa8bb91dc0a51acde880a866ed549794badcaf6da5dc2009be33e1838da4e99d6028a50d9b5cb5e0c1a9d74b32315cd881f355982cd7bc4bfc84ece99fe7a4a71fa1721c3882766f27e638c9f5754d0706124ec", 0x6e, 0x2}, {&(0x7f0000000780)="257f0a2312ca8f40db6ac8c307711ce8839a6ba964ec1f5eb57e8247bf23fa444c1b3e988434571675b87346371cae7bb8210b8158015cbe25d8983b95af6f35ba1d087833ecaa5fe8a95ae9f5c0c632741399f53cefeeb76a57d85bb00c38783a1650ff92892c9937f20bf9a3e915ea188d03216c005fcf92bc8e03691400b5c1312d32f3e857c455baaf9401bc1fb5bba2a85f0e07ff27ceda0be95d8431a4630f58ea9207bb3f59601edf91765aeadfe7942b07fd4cf3daa0dfdfbf0ad53cd50d06c208db788185bdd18ca1704cd163e988d53af536346cbc699662175f7962f4ca547494ede67e2fa16cec3f7d1edfecae", 0xf3}]}, 0x5, 0x2}, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$XDP_UMEM_FILL_RING(r10, 0x11b, 0x5, &(0x7f0000000340)=0x8000, 0x4)
syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_DAEMON(0xffffffffffffffff, &(0x7f0000007580)={0x0, 0x0, &(0x7f0000007540)={&(0x7f0000000000)=ANY=[@ANYBLOB], 0x50}}, 0x48040)
write$UHID_DESTROY(r8, &(0x7f0000000200), 0x4)

299.741267ms ago: executing program 4 (id=734):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fa540000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@broadcast, @dev, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @dest_unreach={0x3, 0x0, 0x0, 0x0, 0x0, 0x0, {0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x89, 0x0, @dev, @local, {[@noop, @generic={0x0, 0xd, "c045d45768dc37efa0fc58"}, @timestamp_prespec={0x44, 0xc, 0x0, 0x3, 0x0, [{@loopback}]}, @ssrr={0x89, 0xf, 0x0, [@empty, @broadcast, @broadcast]}, @timestamp_addr={0x44, 0x4c, 0x0, 0x1, 0x0, [{}, {@private}, {}, {@local}, {@loopback}, {@private}, {@multicast2}, {@empty}, {@broadcast}]}, @timestamp={0x44, 0x8, 0x0, 0x0, 0x0, [0x0]}]}}}}}}}, 0x0)

264.746467ms ago: executing program 5 (id=735):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x11, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000012c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x10)
r3 = bpf$TOKEN_CREATE(0x24, &(0x7f00000002c0)={0x0, r2}, 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x78, '\x00', 0x0, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x173b0da, @void, @value}, 0x94)
r4 = accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000080)={0x1f, 0x0, @none}, 0x0, 0x80800)
getsockopt$bt_BT_SNDMTU(r4, 0x112, 0xc, 0x0, 0x0)
openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r5, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0x62, 0x11cfa, 0x0, 0x8000008, 0x7, 0x4, 0x1, 0x0, 0x7cce8c743ee810df})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r5, 0x40505330, &(0x7f00000000c0)={0x800000, 0x80, 0xffffffbc, 0x7, 0x0, 0x55a})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r5, 0x40505330, &(0x7f0000000bc0)={0x800080, 0x856, 0x8, 0x9, 0x40, 0x558})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x2, 0x0, 0x7fff0000}]})
r6 = io_uring_setup(0xf08, &(0x7f0000000780)={0x0, 0x826e, 0x40, 0x3, 0xf0})
syz_clone3(&(0x7f0000000000)={0x285002400, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x46)
io_uring_register$IORING_REGISTER_FILES(r6, 0x1e, &(0x7f0000000000)=[r6], 0x1)

263.874427ms ago: executing program 4 (id=736):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50) (async)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r2, @ANYRESHEX=r0], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x18) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x18)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
io_setup(0x7f, &(0x7f0000000940)) (async)
io_setup(0x7f, &(0x7f0000000940))
vmsplice(r6, &(0x7f0000000cc0)=[{&(0x7f0000000100)="03", 0x1}], 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000000b70300000000fff58500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b70200000000000c8500000085000000b70000000000000395"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000000b70300000000fff58500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b70200000000000c8500000085000000b70000000000000395"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000180)='kfree\x00', r7}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000040)={[{@jqfmt_vfsold}]}, 0xfe, 0x55d, &(0x7f0000000980)="$eJzs3d9rW1UcAPDvTX/sp66DMdQHKezByVy6tv6Y4MN8FB0O9H2G9q6Mpsto0rHWgduDe9mLDEHEgfgH+O7j8B/wrxjoYMgo+uBL5aY3XbYmbZZlSzSfD9ztnPuj55yce07OyUm4AQytyeyfQsSrEfFNEnGo6dho5AcnN89bf3htLtuS2Nj47M8kknxf4/wk//9AHnklIn79OuJEYXu61dW1xVK5nC7n8ana0uWp6urayYtLpYV0Ib00Mzt7+p3Zmfffe7dnZX3z3N/ff3r3o9O3jq1/9/P9w7eTOBMH82PN5XgG15sjkzGZvyZjceaJE6d7kNggSfqdAboykrfzscj6gEMxkrd64P/vq4jYAIZUov3DkGqMAxpz+x7Ng/8zHny4OQHaXv7Rzc9GYm99brR/PXlsZpTNdyd6kH6Wxi9/3LmdbdG7zyEAdnX9RkScGh3d3v8lef/XvVMdnPNkGvo/eHHuZuOft1qNfwpb459oMf450KLtdmP39l+43+KypFefUmfjvw9ajn+3Fq0mRvLYS/Ux31hy4WI5zfq2lyPieIztyeI7reecXr+30e5Y8/gv27L0G2PBPB/3R/c8fs18qVZ6ljI3e3Aj4rWW499kq/6TFvWfvR7nOkzjaHrn9XbHdi//87XxU8QbLev/0YpWsvP65FT9fphq3BXb/XXz6G/t0u93+bP6379z+SeS5vXa6tOn8ePef9J2x7q9/8eTz+vh8Xzf1VKttjwdMZ58sn3/zKNrG/HG+Vn5jx/buf9rdf/vi4gvOiz/zSM32546CPU//1T1//SBex9/+UO79Dur/7froeP5nk76v04z+CyvHQAAAAAAAAyaQkQcjKRQ3AoXCsXi5vc7jsT+QrlSrZ24UFm5NB/138pOxFihsdJ9qOn7ENP592Eb8Zkn4rMRcTgivh3ZV48X5yrl+X4XHgAAAAAAAAAAAAAAAAAAAAbEgTa//8/8PtLykvEXm0PgufLIbxheu7b/XjzpCRhI3v9heHXV/vf1Ph/Ai+f9H4bUWL8zAPST938YXto/DC/tH4aX9g8AAAAAAAAAAAAAAAAAAAAAAAAAAAA9de7s2WzbWH94bS6Lz19ZXVmsXDk5n1YXi0src8W5yvLl4kKlslBOi3OVpd3+XrlSuTw9EytXp2pptTZVXV07v1RZuVQ7f3GptJCeTz1tCAAAAAAAAAAAAAAAAAAAALarrq4tlsrldFlAoKvA6GBkQ6ApcKsHrbvPHRMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANPk3AAD//0unNek=")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
getitimer(0x0, &(0x7f00000010c0)) (async)
getitimer(0x0, &(0x7f00000010c0))
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r9=>r4, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r8}, 0x10)
socket$kcm(0x29, 0x2, 0x0) (async)
r10 = socket$kcm(0x29, 0x2, 0x0)
sendmmsg$inet(r10, &(0x7f0000000780)=[{{0x0, 0xff60, &(0x7f00000006c0)=[{&(0x7f0000000580)="99", 0x1}], 0x1, &(0x7f0000000040)=ANY=[], 0xd0}}, {{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000001c0)="bc", 0x1}], 0x1}}], 0x2, 0x0)
close(r10) (async)
close(r10)
r11 = syz_open_dev$evdev(&(0x7f0000000000), 0x2, 0x80682)
ioctl$EVIOCSREP(r11, 0x40084503, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x4004110)
r12 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_TYPE(r12, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x1c, 0xd, 0x6, 0x101, 0x0, 0x0, {0x7, 0x0, 0x4}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000010}, 0x8050)
openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff) (async)
r13 = openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
close$binfmt(r13)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000003c0)=ANY=[@ANYRESOCT=r9, @ANYRES16=r9], 0x7c}, 0x1, 0x0, 0x0, 0x48055}, 0x2004c000) (async)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000003c0)=ANY=[@ANYRESOCT=r9, @ANYRES16=r9], 0x7c}, 0x1, 0x0, 0x0, 0x48055}, 0x2004c000)

257.039757ms ago: executing program 2 (id=737):
r0 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x6, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x5, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3ff, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f00000001c0)='cpu&00\t&&')

199.841858ms ago: executing program 5 (id=738):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001500)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f00000004c0)={'#! ', './file0'}, 0xb)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r3, &(0x7f0000000180)="1a", 0x34000, 0x0, &(0x7f0000000480)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) (fail_nth: 2)

156.444858ms ago: executing program 2 (id=739):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000016000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000480)={'ip_vti0\x00', &(0x7f0000001e80)={'tunl0\x00', <r1=>0x0, 0x0, 0x7, 0x1ff, 0xa, {{0xf, 0x4, 0x3, 0x1f, 0x3c, 0x66, 0x0, 0xf1, 0x29, 0x0, @empty, @multicast2, {[@timestamp={0x44, 0x14, 0x18, 0x0, 0x1, [0x97ff, 0xeeac, 0xfffffffc, 0x2]}, @timestamp_prespec={0x44, 0x14, 0x19, 0x3, 0x7, [{@private=0xa010101, 0xf}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x4}]}]}}}}})
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000006c0)={0xffffffffffffffff, 0x20, &(0x7f0000000680)={&(0x7f0000000580)=""/182, 0xb6, <r2=>0x0, &(0x7f0000000640)=""/20, 0x14}}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000800)={{0x1, <r4=>0xffffffffffffffff}, &(0x7f0000000700), &(0x7f0000000740)='%pI4   \x00'}, 0x20)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000840)={{0x1, 0x1, 0x18, <r5=>0xffffffffffffffff, {0x1}}, '.\x00'})
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xffd, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = openat(0xffffffffffffffff, &(0x7f0000000880)='./bus/file0\x00', 0x101400, 0x0)
r8 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000008c0)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x7, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x2, 0x5, 0x0, @void, @value, @void, @value}, 0x50)
r9 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
writev(r9, &(0x7f00000025c0)=[{&(0x7f0000000240)='4', 0x1}, {0x0, 0x900}], 0x2)
r10 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000940)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x7, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x3, 0x3, 0x0, @void, @value, @void, @value}, 0x50)
r11 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000001cc0)={0xffffffffffffffff, 0x8, 0x18}, 0xc)
r12 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000013c0)={0x11, 0xc, &(0x7f0000001080)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r12, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000001dc0)={0x10, 0x12, &(0x7f0000000280)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x8}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@cb_func={0x18, 0x3, 0x4, 0x0, 0xfffffffffffffffe}, @exit], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000040)='GPL\x00', 0x100, 0x4, &(0x7f0000000380)=""/4, 0x40f00, 0xc, '\x00', r1, @fallback=0x27, 0xffffffffffffffff, 0x8, &(0x7f0000000500)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000540)={0x1, 0x0, 0x7, 0x81}, 0x10, r2, r3, 0x7, &(0x7f0000001d00)=[r4, r5, r6, r7, 0x1, r8, r9, r10, r11, r12], &(0x7f0000001d40)=[{0x0, 0x4, 0x10, 0x6}, {0x4, 0x4, 0x9, 0x7}, {0x3, 0x1, 0xb, 0x8}, {0x3, 0x5, 0x0, 0xc}, {0x4, 0x5, 0xf, 0x3}, {0x0, 0x3, 0x5, 0x8}, {0x1, 0x2, 0xe, 0x8}], 0x10, 0x1000, @void, @value}, 0x94)
r13 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0a000000020000000900000008"], 0x48)
r14 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r13, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
prctl$PR_SET_NAME(0xf, &(0x7f0000000180)='wg1\x00')
r15 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r15, 0x0, 0xfffffffff7ffffe9}, 0x18)
r16 = open(&(0x7f0000000000)='./bus\x00', 0x40, 0x0)
fgetxattr(r16, &(0x7f00000003c0)=@known='security.selinux\x00', 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000000)='kfree\x00', r14}, 0x18)
r17 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000180)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r17, @ANYBLOB="010300000000fedbdf250100"], 0x28}, 0x1, 0x0, 0x0, 0x88d1}, 0x40)

131.653678ms ago: executing program 5 (id=740):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = syz_open_dev$usbfs(&(0x7f0000000040), 0x400000001fc, 0x301)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000900)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3, 0x0, 0xfffffffffffffffe}, 0x18)
ioctl$USBDEVFS_REAPURB(r1, 0x4008550c, &(0x7f0000000180))
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x0, 0xc, &(0x7f00000001c0)=ANY=[@ANYRES8=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f00000007c0)='skb_copy_datagram_iovec\x00', r5}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000003c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmsg$inet(r7, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0)
recvmsg$unix(r6, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdc8}, 0x0)

0s ago: executing program 4 (id=741):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xd, &(0x7f0000000340)=ANY=[@ANYRES64=r0, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000009582b26279bcd7062a9a0f88bf1523e052876bc15b4d4d1896c6becf95f41102969319fad6e7650d5c43d4b6c60a3d837f6bf6c18ab026671e2b99f5734003f444"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r4 = dup(r3)
ioctl$PTP_EXTTS_REQUEST2(r4, 0x43403d05, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x1c, 0xc, 0x0, &(0x7f0000000800)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setregid(0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_lru_insertion\x00', r6}, 0x10)
ppoll(&(0x7f0000000040)=[{r5, 0x80}, {r0, 0x8a}], 0x2, &(0x7f0000000080)={0x77359400}, &(0x7f00000001c0)={[0xcc31]}, 0x8)
add_key$fscrypt_v1(&(0x7f0000000040), 0x0, 0x0, 0x0, 0xffffffffffffffff)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x3, 0x0, &(0x7f0000000440)=[{&(0x7f0000000580)="1a", 0x1}], 0x1})
io_uring_enter(0xffffffffffffffff, 0x4d10, 0x2, 0x2, 0x0, 0x0)

kernel console output (not intermixed with test programs):

3766][ T4036]  __dump_stack+0x1d/0x30
[   51.343803][ T4036]  dump_stack_lvl+0xe8/0x140
[   51.343909][ T4036]  dump_stack+0x15/0x1b
[   51.343933][ T4036]  dump_header+0x81/0x220
[   51.344017][ T4036]  oom_kill_process+0x334/0x3f0
[   51.344077][ T4036]  out_of_memory+0x979/0xb80
[   51.344110][ T4036]  ? css_next_descendant_pre+0x138/0x160
[   51.344185][ T4036]  mem_cgroup_out_of_memory+0x13d/0x190
[   51.344307][ T4036]  try_charge_memcg+0x5e2/0x870
[   51.344349][ T4036]  charge_memcg+0x51/0xc0
[   51.344381][ T4036]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[   51.344414][ T4036]  __read_swap_cache_async+0x1df/0x350
[   51.344468][ T4036]  swap_cluster_readahead+0x277/0x3e0
[   51.344508][ T4036]  swapin_readahead+0xde/0x6f0
[   51.344535][ T4036]  ? __filemap_get_folio+0x49f/0x650
[   51.344629][ T4036]  ? swap_cache_get_folio+0x77/0x200
[   51.344662][ T4036]  do_swap_page+0x301/0x2460
[   51.344778][ T4036]  ? cgroup_rstat_updated+0xa3/0x510
[   51.344819][ T4036]  ? __pfx_default_wake_function+0x10/0x10
[   51.344890][ T4036]  handle_mm_fault+0xb60/0x2ae0
[   51.344922][ T4036]  ? mas_walk+0xf2/0x120
[   51.344954][ T4036]  do_user_addr_fault+0x636/0x1090
[   51.344998][ T4036]  ? switch_fpu_return+0xe/0x20
[   51.345072][ T4036]  ? fpregs_assert_state_consistent+0x84/0xa0
[   51.345115][ T4036]  exc_page_fault+0x54/0xc0
[   51.345160][ T4036]  asm_exc_page_fault+0x26/0x30
[   51.345186][ T4036] RIP: 0033:0x7f910d6d53ac
[   51.345203][ T4036] Code: 66 0f 1f 44 00 00 69 3d 06 03 e8 00 e8 03 00 00 48 8d 1d 07 0c 35 00 e8 22 95 12 00 eb 0c 48 81 c3 e0 00 00 00 48 39 eb 74 24 <80> 7b 20 00 74 ee 8b 43 0c 85 c0 74 e7 48 89 df 48 81 c3 e0 00 00
[   51.345272][ T4036] RSP: 002b:00007ffd187f7f80 EFLAGS: 00010206
[   51.345294][ T4036] RAX: 0000000000000000 RBX: 00007f910da25fa0 RCX: 0000000000000000
[   51.345383][ T4036] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000055557c59e808
[   51.345399][ T4036] RBP: 00007f910da27ba0 R08: 0000000000000000 R09: 7fffffffffffffff
[   51.345423][ T4036] R10: 0000000000000000 R11: 0000000000000293 R12: 000000000000c937
[   51.345440][ T4036] R13: 00007f910da26160 R14: ffffffffffffffff R15: 00007ffd187f8090
[   51.345471][ T4036]  </TASK>
[   51.345480][ T4036] memory: usage 307200kB, limit 307200kB, failcnt 480
[   51.588443][ T4036] memory+swap: usage 126724kB, limit 9007199254740988kB, failcnt 0
[   51.596398][ T4036] kmem: usage 113716kB, limit 9007199254740988kB, failcnt 0
[   51.603714][ T4036] Memory cgroup stats for /syz4:
[   51.604025][ T4036] cache 0
[   51.612072][ T4036] rss 0
[   51.614855][ T4036] shmem 0
[   51.617889][ T4036] mapped_file 0
[   51.621374][ T4036] dirty 0
[   51.624313][ T4036] writeback 0
[   51.627629][ T4036] workingset_refault_anon 23
[   51.632231][ T4036] workingset_refault_file 1
[   51.636774][ T4036] swap 290816
[   51.640147][ T4036] swapcached 8192
[   51.643965][ T4036] pgpgin 11312
[   51.647443][ T4036] pgpgout 11310
[   51.651396][ T4036] pgfault 16036
[   51.654916][ T4036] pgmajfault 23
[   51.658512][ T4036] inactive_anon 8192
[   51.662521][ T4036] active_anon 0
[   51.666079][ T4036] inactive_file 0
[   51.669796][ T4036] active_file 0
[   51.673397][ T4036] unevictable 0
[   51.676882][ T4036] hierarchical_memory_limit 314572800
[   51.682276][ T4036] hierarchical_memsw_limit 9223372036854771712
[   51.688479][ T4036] total_cache 0
[   51.692044][ T4036] total_rss 0
[   51.695543][ T4036] total_shmem 0
[   51.699263][ T4036] total_mapped_file 0
[   51.703448][ T4036] total_dirty 0
[   51.706969][ T4036] total_writeback 0
[   51.710854][ T4036] total_workingset_refault_anon 23
[   51.716144][ T4036] total_workingset_refault_file 1
[   51.721229][ T4036] total_swap 290816
[   51.725050][ T4036] total_swapcached 8192
[   51.729388][ T4036] total_pgpgin 11312
[   51.733370][ T4036] total_pgpgout 11310
[   51.737402][ T4036] total_pgfault 16036
[   51.741412][ T4036] total_pgmajfault 23
[   51.745502][ T4036] total_inactive_anon 8192
[   51.749998][ T4036] total_active_anon 0
[   51.754014][ T4036] total_inactive_file 0
[   51.758256][ T4036] total_active_file 0
[   51.762253][ T4036] total_unevictable 0
[   51.766382][ T4036] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.197,pid=4036,uid=0
[   51.781215][ T4036] Memory cgroup out of memory: Killed process 4036 (syz.4.197) total-vm:93880kB, anon-rss:932kB, file-rss:22440kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[   51.782818][ T4090] loop3: detected capacity change from 0 to 256
[   51.943596][ T4131] loop2: detected capacity change from 0 to 2048
[   52.000132][ T4131] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   52.014805][ T4131] ext4 filesystem being mounted at /34/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   52.038780][ T4157] netlink: 12 bytes leftover after parsing attributes in process `syz.0.216'.
[   52.157283][ T4161] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(17)
[   52.163952][ T4161] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   52.171901][ T4161] vhci_hcd vhci_hcd.0: Device attached
[   52.205011][ T4173] loop1: detected capacity change from 0 to 1024
[   52.221039][ T4169] vhci_hcd: connection closed
[   52.221213][  T158] vhci_hcd: stop threads
[   52.229956][ T4178] netlink: 8 bytes leftover after parsing attributes in process `syz.0.220'.
[   52.230250][  T158] vhci_hcd: release socket
[   52.243454][  T158] vhci_hcd: disconnect device
[   52.250417][ T4178] netlink: 8 bytes leftover after parsing attributes in process `syz.0.220'.
[   52.270092][ T4178] netlink: 8 bytes leftover after parsing attributes in process `syz.0.220'.
[   52.283695][ T4173] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   52.296730][ T4178] netlink: 8 bytes leftover after parsing attributes in process `syz.0.220'.
[   52.315723][ T4173] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4113: comm syz.1.221: Allocating blocks 497-513 which overlap fs metadata
[   52.334828][ T4173] EXT4-fs (loop1): pa ffff8881074bc070: logic 16, phys. 145, len 23
[   52.342962][ T4173] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[   52.361155][ T4173] netlink: 24 bytes leftover after parsing attributes in process `syz.1.221'.
[   52.388554][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.522791][ T4198] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[   52.532181][ T4194] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[   52.712066][ T3306] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.779962][ T4211] loop2: detected capacity change from 0 to 1024
[   52.810633][ T4211] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   52.842268][ T4211] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4113: comm syz.2.235: Allocating blocks 497-513 which overlap fs metadata
[   52.857384][ T4211] EXT4-fs (loop2): pa ffff8881074bc000: logic 16, phys. 145, len 23
[   52.865507][ T4211] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[   52.877022][ T4211] netlink: 24 bytes leftover after parsing attributes in process `syz.2.235'.
[   52.903078][ T3306] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.943860][ T4223] FAULT_INJECTION: forcing a failure.
[   52.943860][ T4223] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   52.957038][ T4223] CPU: 1 UID: 0 PID: 4223 Comm: syz.2.240 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(voluntary) 
[   52.957071][ T4223] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   52.957087][ T4223] Call Trace:
[   52.957122][ T4223]  <TASK>
[   52.957131][ T4223]  __dump_stack+0x1d/0x30
[   52.957155][ T4223]  dump_stack_lvl+0xe8/0x140
[   52.957183][ T4223]  dump_stack+0x15/0x1b
[   52.957199][ T4223]  should_fail_ex+0x265/0x280
[   52.957238][ T4223]  should_fail+0xb/0x20
[   52.957273][ T4223]  should_fail_usercopy+0x1a/0x20
[   52.957295][ T4223]  _copy_from_user+0x1c/0xb0
[   52.957359][ T4223]  ___sys_sendmsg+0xc1/0x1d0
[   52.957396][ T4223]  __x64_sys_sendmsg+0xd4/0x160
[   52.957422][ T4223]  x64_sys_call+0x2999/0x2fb0
[   52.957450][ T4223]  do_syscall_64+0xd0/0x1a0
[   52.957488][ T4223]  ? clear_bhb_loop+0x25/0x80
[   52.957514][ T4223]  ? clear_bhb_loop+0x25/0x80
[   52.957534][ T4223]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   52.957553][ T4223] RIP: 0033:0x7fe55500e969
[   52.957570][ T4223] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   52.957625][ T4223] RSP: 002b:00007fe553677038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   52.957648][ T4223] RAX: ffffffffffffffda RBX: 00007fe555235fa0 RCX: 00007fe55500e969
[   52.957660][ T4223] RDX: 0000000000000000 RSI: 00002000000012c0 RDI: 0000000000000003
[   52.957671][ T4223] RBP: 00007fe553677090 R08: 0000000000000000 R09: 0000000000000000
[   52.957682][ T4223] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   52.957759][ T4223] R13: 0000000000000000 R14: 00007fe555235fa0 R15: 00007fffa2585948
[   52.957781][ T4223]  </TASK>
[   53.272117][ T4229] loop2: detected capacity change from 0 to 128
[   53.280525][ T4229] /dev/loop2: Can't open blockdev
[   53.294481][ T4229] vhci_hcd: default hub control req: 8010 v0002 i0000 l86
[   53.304299][ T4230] vhci_hcd: default hub control req: 8010 v0002 i0000 l86
[   53.327451][ T2969] IPVS: starting estimator thread 0...
[   53.336486][ T4247] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[   53.343320][ T4247] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   53.351059][ T4247] vhci_hcd vhci_hcd.0: Device attached
[   53.447664][ T4245] IPVS: using max 2304 ests per chain, 115200 per kthread
[   53.545880][ T4248] vhci_hcd: connection closed
[   53.546112][ T1321] vhci_hcd: stop threads
[   53.555361][ T1321] vhci_hcd: release socket
[   53.559868][ T1321] vhci_hcd: disconnect device
[   53.597194][ T3380] usb 7-1: new low-speed USB device number 2 using vhci_hcd
[   53.605073][ T3380] usb 7-1: enqueue for inactive port 0
[   53.606425][ T3381] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0
[   53.612613][ T3380] usb 7-1: enqueue for inactive port 0
[   53.618144][ T3381] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0
[   53.623877][ T3380] usb 7-1: enqueue for inactive port 0
[   53.631267][ T3381] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0
[   53.645420][ T3381] hid-generic 0000:0004:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   53.655873][ T4271] loop1: detected capacity change from 0 to 512
[   53.658559][ T4273] FAULT_INJECTION: forcing a failure.
[   53.658559][ T4273] name failslab, interval 1, probability 0, space 0, times 0
[   53.662508][ T4271] EXT4-fs: Ignoring removed oldalloc option
[   53.675676][ T4273] CPU: 0 UID: 0 PID: 4273 Comm: syz.2.259 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(voluntary) 
[   53.675745][ T4273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   53.675761][ T4273] Call Trace:
[   53.675769][ T4273]  <TASK>
[   53.675780][ T4273]  __dump_stack+0x1d/0x30
[   53.675807][ T4273]  dump_stack_lvl+0xe8/0x140
[   53.675832][ T4273]  dump_stack+0x15/0x1b
[   53.675854][ T4273]  should_fail_ex+0x265/0x280
[   53.675957][ T4273]  should_failslab+0x8c/0xb0
[   53.676039][ T4273]  __kmalloc_cache_node_noprof+0x54/0x320
[   53.676109][ T4273]  ? __get_vm_area_node+0x106/0x1c0
[   53.676140][ T4273]  __get_vm_area_node+0x106/0x1c0
[   53.676169][ T4273]  __vmalloc_node_range_noprof+0x26a/0xdf0
[   53.676256][ T4273]  ? ip_set_sockfn_get+0x10a/0x6b0
[   53.676335][ T4273]  ? avc_has_perm_noaudit+0x1b1/0x200
[   53.676400][ T4273]  ? selinux_capable+0x1f9/0x270
[   53.676484][ T4273]  ? ip_set_sockfn_get+0x10a/0x6b0
[   53.676521][ T4273]  vmalloc_noprof+0x5e/0x70
[   53.676549][ T4273]  ? ip_set_sockfn_get+0x10a/0x6b0
[   53.676591][ T4273]  ip_set_sockfn_get+0x10a/0x6b0
[   53.676710][ T4273]  nf_getsockopt+0x18d/0x1b0
[   53.676832][ T4273]  ip_getsockopt+0x137/0x180
[   53.676928][ T4273]  tcp_getsockopt+0xaa/0xe0
[   53.677009][ T4273]  sock_common_getsockopt+0x5d/0x70
[   53.677053][ T4273]  ? __pfx_sock_common_getsockopt+0x10/0x10
[   53.677088][ T4273]  smc_getsockopt+0x103/0x260
[   53.677122][ T4273]  ? __pfx_smc_getsockopt+0x10/0x10
[   53.677226][ T4273]  do_sock_getsockopt+0x1fd/0x240
[   53.677270][ T4273]  __x64_sys_getsockopt+0x11e/0x1a0
[   53.677370][ T4273]  x64_sys_call+0x12aa/0x2fb0
[   53.677397][ T4273]  do_syscall_64+0xd0/0x1a0
[   53.677425][ T4273]  ? clear_bhb_loop+0x25/0x80
[   53.677520][ T4273]  ? clear_bhb_loop+0x25/0x80
[   53.677548][ T4273]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   53.677583][ T4273] RIP: 0033:0x7fe55500e969
[   53.677603][ T4273] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   53.677625][ T4273] RSP: 002b:00007fe553677038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[   53.677669][ T4273] RAX: ffffffffffffffda RBX: 00007fe555235fa0 RCX: 00007fe55500e969
[   53.677765][ T4273] RDX: 0000000000000053 RSI: 0000000000000000 RDI: 0000000000000003
[   53.677781][ T4273] RBP: 00007fe553677090 R08: 0000200000000040 R09: 0000000000000000
[   53.677797][ T4273] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[   53.677891][ T4273] R13: 0000000000000000 R14: 00007fe555235fa0 R15: 00007fffa2585948
[   53.677915][ T4273]  </TASK>
[   53.677994][ T4273] syz.2.259: vmalloc error: size 8, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null)
[   53.858110][ T4271] EXT4-fs error (device loop1): ext4_quota_enable:7126: inode #4: comm syz.1.258: unexpected EA_INODE flag
[   53.862555][ T4273] ,cpuset=/,mems_allowed=0
[   53.870694][ T4271] EXT4-fs error (device loop1): ext4_quota_enable:7129: comm syz.1.258: Bad quota inode: 4, type: 1
[   53.872986][ T4273] 
[   53.872998][ T4273] CPU: 0 UID: 0 PID: 4273 Comm: syz.2.259 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(voluntary) 
[   53.873024][ T4273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   53.873070][ T4273] Call Trace:
[   53.873079][ T4273]  <TASK>
[   53.873091][ T4273]  __dump_stack+0x1d/0x30
[   53.873119][ T4273]  dump_stack_lvl+0xe8/0x140
[   53.873172][ T4273]  dump_stack+0x15/0x1b
[   53.873193][ T4273]  warn_alloc+0x12b/0x1a0
[   53.873221][ T4273]  ? __get_vm_area_node+0x106/0x1c0
[   53.873255][ T4273]  __vmalloc_node_range_noprof+0x28e/0xdf0
[   53.873289][ T4273]  ? avc_has_perm_noaudit+0x1b1/0x200
[   53.873343][ T4273]  ? selinux_capable+0x1f9/0x270
[   53.873384][ T4273]  ? ip_set_sockfn_get+0x10a/0x6b0
[   53.873420][ T4273]  vmalloc_noprof+0x5e/0x70
[   53.873519][ T4273]  ? ip_set_sockfn_get+0x10a/0x6b0
[   53.873554][ T4273]  ip_set_sockfn_get+0x10a/0x6b0
[   53.873593][ T4273]  nf_getsockopt+0x18d/0x1b0
[   53.873688][ T4273]  ip_getsockopt+0x137/0x180
[   53.873723][ T4273]  tcp_getsockopt+0xaa/0xe0
[   53.873763][ T4273]  sock_common_getsockopt+0x5d/0x70
[   53.873864][ T4273]  ? __pfx_sock_common_getsockopt+0x10/0x10
[   53.873946][ T4273]  smc_getsockopt+0x103/0x260
[   53.874069][ T4273]  ? __pfx_smc_getsockopt+0x10/0x10
[   53.874159][ T4273]  do_sock_getsockopt+0x1fd/0x240
[   53.874204][ T4273]  __x64_sys_getsockopt+0x11e/0x1a0
[   53.874250][ T4273]  x64_sys_call+0x12aa/0x2fb0
[   53.874356][ T4273]  do_syscall_64+0xd0/0x1a0
[   53.874384][ T4273]  ? clear_bhb_loop+0x25/0x80
[   53.874412][ T4273]  ? clear_bhb_loop+0x25/0x80
[   53.874530][ T4273]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   53.874560][ T4273] RIP: 0033:0x7fe55500e969
[   53.874581][ T4273] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   53.874604][ T4273] RSP: 002b:00007fe553677038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[   53.874629][ T4273] RAX: ffffffffffffffda RBX: 00007fe555235fa0 RCX: 00007fe55500e969
[   53.874645][ T4273] RDX: 0000000000000053 RSI: 0000000000000000 RDI: 0000000000000003
[   53.874661][ T4273] RBP: 00007fe553677090 R08: 0000200000000040 R09: 0000000000000000
[   53.874741][ T4273] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[   53.874757][ T4273] R13: 0000000000000000 R14: 00007fe555235fa0 R15: 00007fffa2585948
[   53.874781][ T4273]  </TASK>
[   53.874789][ T4273] Mem-Info:
[   53.893083][ T4271] EXT4-fs warning (device loop1): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   53.893175][ T4271] EXT4-fs (loop1): mount failed
[   54.252664][ T4273] active_anon:3444 inactive_anon:1 isolated_anon:0
[   54.252664][ T4273]  active_file:7207 inactive_file:2051 isolated_file:0
[   54.252664][ T4273]  unevictable:0 dirty:166 writeback:0
[   54.252664][ T4273]  slab_reclaimable:2878 slab_unreclaimable:14735
[   54.252664][ T4273]  mapped:28328 shmem:289 pagetables:894
[   54.252664][ T4273]  sec_pagetables:0 bounce:0
[   54.252664][ T4273]  kernel_misc_reclaimable:0
[   54.252664][ T4273]  free:1836890 free_pcp:68033 free_cma:0
[   54.298034][ T4273] Node 0 active_anon:13776kB inactive_anon:4kB active_file:28828kB inactive_file:8204kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:113312kB dirty:664kB writeback:0kB shmem:1156kB writeback_tmp:0kB kernel_stack:2960kB pagetables:3576kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[   54.327953][ T4273] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   54.356228][ T4273] lowmem_reserve[]: 0 2884 7863 7863
[   54.362443][ T4273] Node 0 DMA32 free:2949936kB boost:0kB min:4132kB low:7064kB high:9996kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2953568kB mlocked:0kB bounce:0kB free_pcp:3632kB local_pcp:100kB free_cma:0kB
[   54.392193][ T4273] lowmem_reserve[]: 0 0 4978 4978
[   54.397439][ T4273] Node 0 Normal free:4382264kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB active_anon:13776kB inactive_anon:4kB active_file:28828kB inactive_file:8204kB unevictable:0kB writepending:664kB present:5242880kB managed:5098244kB mlocked:0kB bounce:0kB free_pcp:268476kB local_pcp:161472kB free_cma:0kB
[   54.429964][ T4273] lowmem_reserve[]: 0 0 0 0
[   54.434604][ T4273] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[   54.447543][ T4273] Node 0 DMA32: 4*4kB (M) 2*8kB (M) 1*16kB (M) 4*32kB (M) 2*64kB (M) 2*128kB (M) 3*256kB (M) 3*512kB (M) 4*1024kB (M) 3*2048kB (M) 717*4096kB (M) = 2949936kB
[   54.465092][ T4273] Node 0 Normal: 1040*4kB (UME) 700*8kB (UME) 520*16kB (UME) 403*32kB (UME) 411*64kB (UME) 255*128kB (UME) 129*256kB (UME) 100*512kB (UM) 58*1024kB (UME) 28*2048kB (UME) 1029*4096kB (UM) = 4505664kB
[   54.485027][ T4273] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[   54.495022][ T4273] 9547 total pagecache pages
[   54.500097][ T4273] 0 pages in swap cache
[   54.504290][ T4273] Free swap  = 124904kB
[   54.508487][ T4273] Total swap = 124996kB
[   54.512754][ T4273] 2097051 pages RAM
[   54.517316][ T4273] 0 pages HighMem/MovableOnly
[   54.522019][ T4273] 80258 pages reserved
[   54.526296][ T3380] vhci_hcd: vhci_device speed not set
[   54.671422][ T4290] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   54.680442][ T4290] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   54.787673][ T4300] loop4: detected capacity change from 0 to 128
[   54.794353][ T4300] msdos: Unknown parameter '00000000000000000000'
[   54.810053][ T4300] loop4: detected capacity change from 0 to 512
[   54.818392][ T4290] netlink: 12 bytes leftover after parsing attributes in process `syz.1.265'.
[   54.928817][ T4300] EXT4-fs error (device loop4): ext4_clear_blocks:876: inode #13: comm syz.4.263: attempt to clear invalid blocks 1 len 1
[   54.943280][ T4300] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.263: bg 0: block 343: padding at end of block bitmap is not set
[   54.961064][ T4300] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem
[   54.971949][ T4300] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.263: invalid indirect mapped block 1819239214 (level 0)
[   54.987823][ T4300] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.263: invalid indirect mapped block 1819239214 (level 1)
[   55.003224][ T4300] EXT4-fs (loop4): 1 truncate cleaned up
[   55.010049][ T4300] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   55.356699][   T29] kauditd_printk_skb: 406 callbacks suppressed
[   55.356716][   T29] audit: type=1326 audit(1745983798.555:3823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4316 comm="syz.2.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe55500e969 code=0x7ffc0000
[   55.499983][   T29] audit: type=1326 audit(1745983798.585:3824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4316 comm="syz.2.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe55500e969 code=0x7ffc0000
[   55.523804][   T29] audit: type=1326 audit(1745983798.585:3825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4316 comm="syz.2.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=198 compat=0 ip=0x7fe55500e969 code=0x7ffc0000
[   55.548222][   T29] audit: type=1326 audit(1745983798.585:3826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4316 comm="syz.2.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe55500e969 code=0x7ffc0000
[   55.571816][   T29] audit: type=1326 audit(1745983798.585:3827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4316 comm="syz.2.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe55500e969 code=0x7ffc0000
[   55.595382][   T29] audit: type=1400 audit(1745983798.685:3828): avc:  denied  { create } for  pid=4320 comm="syz.2.275" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   55.893608][ T4329] audit: audit_backlog=65 > audit_backlog_limit=64
[   55.900265][ T4329] audit: audit_lost=3 audit_rate_limit=0 audit_backlog_limit=64
[   55.907986][ T4329] audit: backlog limit exceeded
[   55.914759][ T4329] audit: audit_backlog=65 > audit_backlog_limit=64
[   55.929356][ T4329] netlink: 8 bytes leftover after parsing attributes in process `syz.2.277'.
[   56.013362][ T4329] program syz.2.277 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   56.176291][ T4340] netlink: 'syz.3.282': attribute type 3 has an invalid length.
[   56.282654][ T4350] loop1: detected capacity change from 0 to 512
[   56.334904][ T4350] EXT4-fs: Ignoring removed nomblk_io_submit option
[   56.374965][ T4350] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   56.383259][ T4350] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01d, mo2=0102]
[   56.423805][ T4350] EXT4-fs (loop1): couldn't mount RDWR because of unsupported optional features (80)
[   56.433563][ T4350] EXT4-fs (loop1): Skipping orphan cleanup due to unknown ROCOMPAT features
[   56.443936][ T4350] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   56.446982][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.465940][ T4350] EXT4-fs (loop1): couldn't mount RDWR because of unsupported optional features (80)
[   56.510107][ T4350] EXT4-fs warning (device loop1): dx_probe:863: inode #2: comm syz.1.286: dx entry: limit 65535 != root limit 120
[   56.522498][ T4350] EXT4-fs warning (device loop1): dx_probe:936: inode #2: comm syz.1.286: Corrupt directory, running e2fsck is recommended
[   56.549577][ T4354] FAULT_INJECTION: forcing a failure.
[   56.549577][ T4354] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   56.563606][ T4354] CPU: 0 UID: 0 PID: 4354 Comm: syz.4.287 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(voluntary) 
[   56.563636][ T4354] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   56.563650][ T4354] Call Trace:
[   56.563675][ T4354]  <TASK>
[   56.563715][ T4354]  __dump_stack+0x1d/0x30
[   56.563736][ T4354]  dump_stack_lvl+0xe8/0x140
[   56.563758][ T4354]  dump_stack+0x15/0x1b
[   56.563845][ T4354]  should_fail_ex+0x265/0x280
[   56.563883][ T4354]  should_fail+0xb/0x20
[   56.563916][ T4354]  should_fail_usercopy+0x1a/0x20
[   56.563934][ T4354]  _copy_from_user+0x1c/0xb0
[   56.563957][ T4354]  __sys_bpf+0x178/0x790
[   56.564048][ T4354]  __x64_sys_bpf+0x41/0x50
[   56.564132][ T4354]  x64_sys_call+0x2478/0x2fb0
[   56.564153][ T4354]  do_syscall_64+0xd0/0x1a0
[   56.564177][ T4354]  ? clear_bhb_loop+0x25/0x80
[   56.564253][ T4354]  ? clear_bhb_loop+0x25/0x80
[   56.564308][ T4354]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   56.564409][ T4354] RIP: 0033:0x7f910d7fe969
[   56.564426][ T4354] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   56.564448][ T4354] RSP: 002b:00007f910be67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   56.564470][ T4354] RAX: ffffffffffffffda RBX: 00007f910da25fa0 RCX: 00007f910d7fe969
[   56.564499][ T4354] RDX: 0000000000000040 RSI: 00002000000005c0 RDI: 000000000000001c
[   56.564514][ T4354] RBP: 00007f910be67090 R08: 0000000000000000 R09: 0000000000000000
[   56.564529][ T4354] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   56.564543][ T4354] R13: 0000000000000000 R14: 00007f910da25fa0 R15: 00007ffd187f7e18
[   56.564562][ T4354]  </TASK>
[   56.793190][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.017134][ T4373] netlink: 4 bytes leftover after parsing attributes in process `syz.2.294'.
[   57.038788][ T4373] team0 (unregistering): Port device team_slave_0 removed
[   57.049592][ T4375] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   57.059009][ T4375] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   57.063541][ T4373] team0 (unregistering): Port device team_slave_1 removed
[   57.179503][ T3381] syz!: Port: 1 Link DOWN
[   57.235803][ T4385] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   57.244429][ T4386] loop2: detected capacity change from 0 to 256
[   57.245921][ T4385] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   57.682238][ T4386] FAT-fs (loop2): IO charset c not found
[   58.019529][ T4399] loop4: detected capacity change from 0 to 128
[   58.027195][ T4400] loop2: detected capacity change from 0 to 1024
[   58.050209][ T4400] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   58.061493][ T4400] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   58.143961][ T4400] JBD2: no valid journal superblock found
[   58.149889][ T4400] EXT4-fs (loop2): Could not load journal inode
[   58.330852][ T4416] netlink: 8 bytes leftover after parsing attributes in process `syz.2.307'.
[   58.393986][ T4421] netlink: 'syz.2.310': attribute type 5 has an invalid length.
[   58.918970][ T4442] loop2: detected capacity change from 0 to 128
[   58.998778][ T4445] bridge0: entered promiscuous mode
[   59.013419][ T4445] macsec1: entered allmulticast mode
[   59.019025][ T4445] bridge0: entered allmulticast mode
[   59.030896][ T4445] bridge0: port 3(macsec1) entered blocking state
[   59.038311][ T4445] bridge0: port 3(macsec1) entered disabled state
[   59.059743][ T4445] bridge0: left allmulticast mode
[   59.064971][ T4445] bridge0: left promiscuous mode
[   59.071248][ T4447] loop2: detected capacity change from 0 to 2048
[   59.117811][ T4447]  loop2: p1 < > p4
[   59.123063][ T4447] loop2: p4 size 8388608 extends beyond EOD, truncated
[   59.776270][ T4458] loop2: detected capacity change from 0 to 2048
[   59.801515][ T4458] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   59.834837][ T4458] netlink: 44 bytes leftover after parsing attributes in process `syz.2.324'.
[   59.845207][ T4458] netlink: 43 bytes leftover after parsing attributes in process `syz.2.324'.
[   59.855434][ T4458] netlink: 'syz.2.324': attribute type 6 has an invalid length.
[   59.864834][ T4458] netlink: 'syz.2.324': attribute type 5 has an invalid length.
[   59.873060][ T4458] netlink: 43 bytes leftover after parsing attributes in process `syz.2.324'.
[   59.932171][ T4467] vhci_hcd: default hub control req: 4000 v0000 i0000 l0
[   60.022839][ T4468] SELinux: ebitmap: truncated map
[   60.044739][ T4468] SELinux: failed to load policy
[   60.157390][ T4473] FAULT_INJECTION: forcing a failure.
[   60.157390][ T4473] name failslab, interval 1, probability 0, space 0, times 0
[   60.171935][ T4473] CPU: 0 UID: 0 PID: 4473 Comm: syz.3.329 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(voluntary) 
[   60.171968][ T4473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   60.171982][ T4473] Call Trace:
[   60.172066][ T4473]  <TASK>
[   60.172076][ T4473]  __dump_stack+0x1d/0x30
[   60.172102][ T4473]  dump_stack_lvl+0xe8/0x140
[   60.172122][ T4473]  dump_stack+0x15/0x1b
[   60.172142][ T4473]  should_fail_ex+0x265/0x280
[   60.172191][ T4473]  should_failslab+0x8c/0xb0
[   60.172228][ T4473]  __kmalloc_cache_node_noprof+0x54/0x320
[   60.172252][ T4473]  ? __get_vm_area_node+0x106/0x1c0
[   60.172274][ T4473]  __get_vm_area_node+0x106/0x1c0
[   60.172356][ T4473]  __vmalloc_node_range_noprof+0x26a/0xdf0
[   60.172439][ T4473]  ? sel_write_load+0x158/0x380
[   60.172481][ T4473]  ? _parse_integer+0x27/0x40
[   60.172526][ T4473]  ? __rcu_read_unlock+0x4f/0x70
[   60.172550][ T4473]  ? sel_write_load+0x158/0x380
[   60.172602][ T4473]  vmalloc_noprof+0x5e/0x70
[   60.172629][ T4473]  ? sel_write_load+0x158/0x380
[   60.172665][ T4473]  sel_write_load+0x158/0x380
[   60.172704][ T4473]  ? __pfx_sel_write_load+0x10/0x10
[   60.172768][ T4473]  vfs_write+0x266/0x8d0
[   60.172849][ T4473]  ? __rcu_read_unlock+0x4f/0x70
[   60.172874][ T4473]  ? __fget_files+0x184/0x1c0
[   60.172917][ T4473]  ksys_write+0xda/0x1a0
[   60.172949][ T4473]  __x64_sys_write+0x40/0x50
[   60.173076][ T4473]  x64_sys_call+0x2cdd/0x2fb0
[   60.173103][ T4473]  do_syscall_64+0xd0/0x1a0
[   60.173130][ T4473]  ? clear_bhb_loop+0x25/0x80
[   60.173157][ T4473]  ? clear_bhb_loop+0x25/0x80
[   60.173183][ T4473]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   60.173211][ T4473] RIP: 0033:0x7fa940f0e969
[   60.173229][ T4473] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   60.173251][ T4473] RSP: 002b:00007fa93f577038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   60.173273][ T4473] RAX: ffffffffffffffda RBX: 00007fa941135fa0 RCX: 00007fa940f0e969
[   60.173289][ T4473] RDX: 000000000000ffa8 RSI: 0000200000000000 RDI: 0000000000000006
[   60.173303][ T4473] RBP: 00007fa93f577090 R08: 0000000000000000 R09: 0000000000000000
[   60.173316][ T4473] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   60.173327][ T4473] R13: 0000000000000000 R14: 00007fa941135fa0 R15: 00007ffe95123f28
[   60.173398][ T4473]  </TASK>
[   60.453636][ T4463] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   60.497208][ T4483] netlink: 'syz.1.334': attribute type 3 has an invalid length.
[   60.510906][   T29] kauditd_printk_skb: 433 callbacks suppressed
[   60.510922][   T29] audit: type=1400 audit(1745983803.705:4260): avc:  denied  { write } for  pid=4474 comm="syz.0.330" name="net" dev="proc" ino=9267 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[   60.542090][   T29] audit: type=1400 audit(1745983803.705:4261): avc:  denied  { add_name } for  pid=4474 comm="syz.0.330" name="pfkey" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[   60.562155][   T29] audit: type=1400 audit(1745983803.705:4262): avc:  denied  { create } for  pid=4474 comm="syz.0.330" name="pfkey" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=file permissive=1
[   60.582740][ T4484] netlink: 'syz.1.334': attribute type 3 has an invalid length.
[   60.591200][   T29] audit: type=1400 audit(1745983803.705:4263): avc:  denied  { associate } for  pid=4474 comm="syz.0.330" name="pfkey" scontext=root:object_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[   60.591228][   T29] audit: type=1400 audit(1745983803.705:4264): avc:  denied  { write } for  pid=4474 comm="syz.0.330" name="pfkey" dev="proc" ino=4026532756 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[   60.638622][ T4475] netlink: 4 bytes leftover after parsing attributes in process `syz.0.330'.
[   60.662437][   T29] audit: type=1400 audit(1745983803.835:4265): avc:  denied  { setopt } for  pid=4474 comm="syz.0.330" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   60.701184][ T4483] bridge0: entered promiscuous mode
[   60.708340][ T3306] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   60.718088][ T4485] rdma_rxe: rxe_newlink: failed to add team_slave_0
[   60.719483][ T4483] bridge0: port 3(macsec1) entered blocking state
[   60.731376][ T4483] bridge0: port 3(macsec1) entered disabled state
[   60.739270][ T4487] SELinux:  policydb magic number 0x5 does not match expected magic number 0xf97cff8c
[   60.750792][ T4487] SELinux: failed to load policy
[   60.761340][ T4483] macsec1: entered allmulticast mode
[   60.767728][ T4483] bridge0: entered allmulticast mode
[   60.784992][ T4489] netlink: 12 bytes leftover after parsing attributes in process `syz.2.335'.
[   60.794930][ T4483] macsec1: left allmulticast mode
[   60.800896][ T4483] bridge0: left allmulticast mode
[   60.807829][ T4483] bridge0: left promiscuous mode
[   61.058611][ T4503] netlink: 16 bytes leftover after parsing attributes in process `syz.2.340'.
[   61.081389][   T29] audit: type=1400 audit(1745983804.265:4266): avc:  denied  { mount } for  pid=4502 comm="+}[@" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   61.323509][ T4512] FAULT_INJECTION: forcing a failure.
[   61.323509][ T4512] name failslab, interval 1, probability 0, space 0, times 0
[   61.338789][ T4512] CPU: 0 UID: 0 PID: 4512 Comm: syz.2.341 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(voluntary) 
[   61.338826][ T4512] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   61.338840][ T4512] Call Trace:
[   61.338847][ T4512]  <TASK>
[   61.338897][ T4512]  __dump_stack+0x1d/0x30
[   61.338924][ T4512]  dump_stack_lvl+0xe8/0x140
[   61.339009][ T4512]  dump_stack+0x15/0x1b
[   61.339061][ T4512]  should_fail_ex+0x265/0x280
[   61.339094][ T4512]  should_failslab+0x8c/0xb0
[   61.339189][ T4512]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[   61.339216][ T4512]  ? sidtab_sid2str_get+0xa0/0x130
[   61.339250][ T4512]  ? skb_put+0xa9/0xf0
[   61.339286][ T4512]  kmemdup_noprof+0x2b/0x70
[   61.339319][ T4512]  sidtab_sid2str_get+0xa0/0x130
[   61.339357][ T4512]  security_sid_to_context_core+0x1eb/0x2e0
[   61.339396][ T4512]  security_sid_to_context+0x27/0x40
[   61.339469][ T4512]  avc_audit_post_callback+0x9d/0x520
[   61.339564][ T4512]  ? __pfx_avc_audit_post_callback+0x10/0x10
[   61.339607][ T4512]  common_lsm_audit+0x1b8/0x230
[   61.339636][ T4512]  ? __pfx_avc_audit_post_callback+0x10/0x10
[   61.339760][ T4512]  slow_avc_audit+0x104/0x140
[   61.339854][ T4512]  avc_has_perm+0x128/0x150
[   61.339893][ T4512]  selinux_socket_sendmsg+0x175/0x1b0
[   61.339920][ T4512]  security_socket_sendmsg+0x48/0x80
[   61.339942][ T4512]  __sock_sendmsg+0x30/0x180
[   61.340041][ T4512]  ____sys_sendmsg+0x345/0x4e0
[   61.340149][ T4512]  ___sys_sendmsg+0x17b/0x1d0
[   61.340189][ T4512]  __sys_sendmmsg+0x178/0x300
[   61.340220][ T4512]  __x64_sys_sendmmsg+0x57/0x70
[   61.340239][ T4512]  x64_sys_call+0x2f2f/0x2fb0
[   61.340300][ T4512]  do_syscall_64+0xd0/0x1a0
[   61.340326][ T4512]  ? clear_bhb_loop+0x25/0x80
[   61.340347][ T4512]  ? clear_bhb_loop+0x25/0x80
[   61.340373][ T4512]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   61.340426][ T4512] RIP: 0033:0x7fe55500e969
[   61.340446][ T4512] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   61.340467][ T4512] RSP: 002b:00007fe553635038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   61.340487][ T4512] RAX: ffffffffffffffda RBX: 00007fe555236160 RCX: 00007fe55500e969
[   61.340518][ T4512] RDX: 0000000000000001 RSI: 0000200000000180 RDI: 0000000000000005
[   61.340530][ T4512] RBP: 00007fe553635090 R08: 0000000000000000 R09: 0000000000000000
[   61.340541][ T4512] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   61.340552][ T4512] R13: 0000000000000000 R14: 00007fe555236160 R15: 00007fffa2585948
[   61.340570][ T4512]  </TASK>
[   61.613926][   T29] audit: type=1400 audit(1745983804.515:4267): avc:  denied  { create } for  pid=4504 comm="syz.2.341" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[   61.635055][   T29] audit: type=1400 audit(1745983804.515:4268): avc:  denied  { connect } for  pid=4504 comm="syz.2.341" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[   61.656136][   T29] audit: type=1400 audit(1745983804.515:4269): avc:  denied  { write } for  pid=4504 comm="syz.2.341" ssid=135 tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[   61.786776][ T4523] 9pnet_fd: Insufficient options for proto=fd
[   61.798256][ T3378] hid-generic 0000:0004:0000.0003: unknown main item tag 0x0
[   61.802047][ T4525] syz.3.348 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   61.805963][ T3378] hid-generic 0000:0004:0000.0003: unknown main item tag 0x0
[   61.806003][ T3378] hid-generic 0000:0004:0000.0003: unknown main item tag 0x0
[   61.845326][ T3378] hid-generic 0000:0004:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   61.859029][ T4520] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.343'.
[   61.871171][ T4520] program syz.0.343 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   61.880690][ T4511] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.343'.
[   62.114091][ T4548] loop2: detected capacity change from 0 to 1024
[   62.121482][ T4548] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   62.187322][ T4548] Falling back ldisc for ttyS3.
[   62.213624][ T4550] loop1: detected capacity change from 0 to 2048
[   62.228718][ T4550] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   62.311358][ T4550] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 1 with max blocks 1 with error 28
[   62.323889][ T4550] EXT4-fs (loop1): This should not happen!! Data will be lost
[   62.323889][ T4550] 
[   62.334193][ T4550] EXT4-fs (loop1): Total free blocks count 0
[   62.341031][ T4550] EXT4-fs (loop1): Free/Dirty block details
[   62.347326][ T4550] EXT4-fs (loop1): free_blocks=0
[   62.352287][ T4550] EXT4-fs (loop1): dirty_blocks=0
[   62.357515][ T4550] EXT4-fs (loop1): Block reservation details
[   62.363941][ T4550] EXT4-fs (loop1): i_reserved_data_blocks=0
[   62.391167][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   62.452327][ T4565] netlink: 'syz.0.362': attribute type 3 has an invalid length.
[   62.460254][ T4565] netlink: 20 bytes leftover after parsing attributes in process `syz.0.362'.
[   62.582289][ T4578] SELinux:  policydb magic number 0xf99aff8c does not match expected magic number 0xf97cff8c
[   62.593861][ T4578] SELinux: failed to load policy
[   62.604321][ T4578] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   62.613391][ T4578] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   62.797758][ T4592] loop3: detected capacity change from 0 to 512
[   62.868349][ T4592] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   62.883456][ T4592] ext4 filesystem being mounted at /69/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   62.933931][ T4607] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=4607 comm=syz.0.378
[   62.962349][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   63.011462][ T4617] netlink: 'syz.3.383': attribute type 3 has an invalid length.
[   63.049884][ T4622] SELinux:  policydb magic number 0xf99aff8c does not match expected magic number 0xf97cff8c
[   63.062316][ T4624] loop2: detected capacity change from 0 to 2048
[   63.069550][ T4622] SELinux: failed to load policy
[   63.080039][ T4624] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   63.093920][ T4626] loop3: detected capacity change from 0 to 512
[   63.094328][ T4626] EXT4-fs: Ignoring removed mblk_io_submit option
[   63.094821][ T4626] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   63.104895][ T4622] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   63.111373][ T4624] ext4 filesystem being mounted at /76/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   63.119506][ T4622] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   63.146294][ T4626] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   63.163236][ T4626] EXT4-fs (loop3): 1 truncate cleaned up
[   63.170753][ T4626] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   63.224138][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   63.276981][ T4633] 9pnet_fd: Insufficient options for proto=fd
[   63.285274][ T4633] openvswitch: netlink: Message has 6 unknown bytes.
[   63.293169][ T3306] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   63.349400][ T4638] FAULT_INJECTION: forcing a failure.
[   63.349400][ T4638] name failslab, interval 1, probability 0, space 0, times 0
[   63.362948][ T4638] CPU: 0 UID: 0 PID: 4638 Comm: syz.3.390 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(voluntary) 
[   63.362999][ T4638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   63.363014][ T4638] Call Trace:
[   63.363021][ T4638]  <TASK>
[   63.363028][ T4638]  __dump_stack+0x1d/0x30
[   63.363048][ T4638]  dump_stack_lvl+0xe8/0x140
[   63.363077][ T4638]  dump_stack+0x15/0x1b
[   63.363094][ T4638]  should_fail_ex+0x265/0x280
[   63.363124][ T4638]  ? __hw_addr_add_ex+0x162/0x440
[   63.363151][ T4638]  should_failslab+0x8c/0xb0
[   63.363223][ T4638]  __kmalloc_cache_noprof+0x4c/0x320
[   63.363244][ T4638]  __hw_addr_add_ex+0x162/0x440
[   63.363277][ T4638]  dev_addr_init+0xb1/0x120
[   63.363383][ T4638]  alloc_netdev_mqs+0x212/0xab0
[   63.363428][ T4638]  ? __pfx_bond_setup+0x10/0x10
[   63.363511][ T4638]  rtnl_create_link+0x239/0x710
[   63.363599][ T4638]  rtnl_newlink_create+0x151/0x630
[   63.363633][ T4638]  ? security_capable+0x83/0x90
[   63.363739][ T4638]  ? netlink_ns_capable+0x86/0xa0
[   63.363766][ T4638]  rtnl_newlink+0xf29/0x12d0
[   63.363805][ T4638]  ? bpf_trace_run3+0x12c/0x1d0
[   63.363829][ T4638]  ? __kfree_skb+0x109/0x150
[   63.363883][ T4638]  ? __memcg_slab_free_hook+0xb7/0x1c0
[   63.363908][ T4638]  ? __kfree_skb+0x109/0x150
[   63.363945][ T4638]  ? __rcu_read_unlock+0x4f/0x70
[   63.363971][ T4638]  ? avc_has_perm_noaudit+0x1b1/0x200
[   63.364085][ T4638]  ? selinux_capable+0x1f9/0x270
[   63.364115][ T4638]  ? security_capable+0x83/0x90
[   63.364145][ T4638]  ? ns_capable+0x7d/0xb0
[   63.364185][ T4638]  ? __pfx_rtnl_newlink+0x10/0x10
[   63.364214][ T4638]  rtnetlink_rcv_msg+0x5fb/0x6d0
[   63.364246][ T4638]  netlink_rcv_skb+0x120/0x220
[   63.364274][ T4638]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   63.364314][ T4638]  rtnetlink_rcv+0x1c/0x30
[   63.364334][ T4638]  netlink_unicast+0x59e/0x670
[   63.364362][ T4638]  netlink_sendmsg+0x58b/0x6b0
[   63.364495][ T4638]  ? __pfx_netlink_sendmsg+0x10/0x10
[   63.364536][ T4638]  __sock_sendmsg+0x142/0x180
[   63.364577][ T4638]  ____sys_sendmsg+0x31e/0x4e0
[   63.364696][ T4638]  ___sys_sendmsg+0x17b/0x1d0
[   63.364739][ T4638]  __x64_sys_sendmsg+0xd4/0x160
[   63.364761][ T4638]  x64_sys_call+0x2999/0x2fb0
[   63.364783][ T4638]  do_syscall_64+0xd0/0x1a0
[   63.364862][ T4638]  ? clear_bhb_loop+0x25/0x80
[   63.364889][ T4638]  ? clear_bhb_loop+0x25/0x80
[   63.364917][ T4638]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   63.364944][ T4638] RIP: 0033:0x7fa940f0e969
[   63.364960][ T4638] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   63.364977][ T4638] RSP: 002b:00007fa93f577038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   63.365024][ T4638] RAX: ffffffffffffffda RBX: 00007fa941135fa0 RCX: 00007fa940f0e969
[   63.365040][ T4638] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000006
[   63.365056][ T4638] RBP: 00007fa93f577090 R08: 0000000000000000 R09: 0000000000000000
[   63.365108][ T4638] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   63.365155][ T4638] R13: 0000000000000000 R14: 00007fa941135fa0 R15: 00007ffe95123f28
[   63.365174][ T4638]  </TASK>
[   63.694909][ T4640] loop2: detected capacity change from 0 to 512
[   63.702265][ T4640] EXT4-fs: Ignoring removed mblk_io_submit option
[   63.712487][ T4640] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   63.734033][ T4645] loop1: detected capacity change from 0 to 1024
[   63.744706][ T4645] ext4: Unknown parameter 'tap0'
[   63.752656][ T4640] EXT4-fs (loop2): 1 truncate cleaned up
[   63.759386][ T4640] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   63.803863][ T3306] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   63.844583][ T4663] FAULT_INJECTION: forcing a failure.
[   63.844583][ T4663] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   63.858359][ T4663] CPU: 1 UID: 0 PID: 4663 Comm: syz.2.398 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(voluntary) 
[   63.858401][ T4663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   63.858416][ T4663] Call Trace:
[   63.858424][ T4663]  <TASK>
[   63.858433][ T4663]  __dump_stack+0x1d/0x30
[   63.858530][ T4663]  dump_stack_lvl+0xe8/0x140
[   63.858574][ T4663]  dump_stack+0x15/0x1b
[   63.858595][ T4663]  should_fail_ex+0x265/0x280
[   63.858635][ T4663]  should_fail+0xb/0x20
[   63.858742][ T4663]  should_fail_usercopy+0x1a/0x20
[   63.858765][ T4663]  strncpy_from_user+0x25/0x230
[   63.858813][ T4663]  ? __kmalloc_cache_noprof+0x189/0x320
[   63.858895][ T4663]  __se_sys_memfd_create+0x1ff/0x590
[   63.858927][ T4663]  __x64_sys_memfd_create+0x31/0x40
[   63.858983][ T4663]  x64_sys_call+0x122f/0x2fb0
[   63.859010][ T4663]  do_syscall_64+0xd0/0x1a0
[   63.859036][ T4663]  ? clear_bhb_loop+0x25/0x80
[   63.859063][ T4663]  ? clear_bhb_loop+0x25/0x80
[   63.859122][ T4663]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   63.859148][ T4663] RIP: 0033:0x7fe55500e969
[   63.859168][ T4663] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   63.859190][ T4663] RSP: 002b:00007fe553676e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[   63.859212][ T4663] RAX: ffffffffffffffda RBX: 0000000000000446 RCX: 00007fe55500e969
[   63.859227][ T4663] RDX: 00007fe553676ef0 RSI: 0000000000000000 RDI: 00007fe555091444
[   63.859281][ T4663] RBP: 0000200000000d40 R08: 00007fe553676bb7 R09: 00007fe553676e40
[   63.859325][ T4663] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000000
[   63.859339][ T4663] R13: 00007fe553676ef0 R14: 00007fe553676eb0 R15: 0000200000000480
[   63.859363][ T4663]  </TASK>
[   63.890575][ T4668] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   64.064444][ T4668] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   64.082313][ T4674] __nla_validate_parse: 4 callbacks suppressed
[   64.082329][ T4674] netlink: 8 bytes leftover after parsing attributes in process `syz.0.404'.
[   64.158233][ T4682] loop4: detected capacity change from 0 to 128
[   64.193712][ T4674] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=4674 comm=syz.0.404
[   64.288282][ T4699] netlink: 12 bytes leftover after parsing attributes in process `syz.3.403'.
[   64.751654][ T4697] netlink: 104 bytes leftover after parsing attributes in process `syz.0.414'.
[   64.835544][ T4718] netlink: 300 bytes leftover after parsing attributes in process `syz.2.418'.
[   64.970183][ T4728] netlink: 'syz.4.422': attribute type 13 has an invalid length.
[   64.978041][ T4728] netlink: 36 bytes leftover after parsing attributes in process `syz.4.422'.
[   64.987340][ T4729] netlink: 'syz.4.422': attribute type 13 has an invalid length.
[   64.995282][ T4729] netlink: 36 bytes leftover after parsing attributes in process `syz.4.422'.
[   65.005864][ T4731] FAULT_INJECTION: forcing a failure.
[   65.005864][ T4731] name failslab, interval 1, probability 0, space 0, times 0
[   65.019821][ T4731] CPU: 0 UID: 0 PID: 4731 Comm: syz.2.423 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(voluntary) 
[   65.019855][ T4731] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   65.019871][ T4731] Call Trace:
[   65.019878][ T4731]  <TASK>
[   65.019888][ T4731]  __dump_stack+0x1d/0x30
[   65.019967][ T4731]  dump_stack_lvl+0xe8/0x140
[   65.020002][ T4731]  dump_stack+0x15/0x1b
[   65.020022][ T4731]  should_fail_ex+0x265/0x280
[   65.020126][ T4731]  should_failslab+0x8c/0xb0
[   65.020200][ T4731]  kmem_cache_alloc_noprof+0x50/0x310
[   65.020317][ T4731]  ? alloc_empty_file+0x76/0x200
[   65.020425][ T4731]  alloc_empty_file+0x76/0x200
[   65.020475][ T4731]  path_openat+0x68/0x2170
[   65.020554][ T4731]  ? _parse_integer_limit+0x170/0x190
[   65.020593][ T4731]  ? _parse_integer+0x27/0x40
[   65.020627][ T4731]  ? kstrtoull+0x111/0x140
[   65.020659][ T4731]  ? kstrtouint+0x76/0xc0
[   65.020737][ T4731]  do_filp_open+0x109/0x230
[   65.020776][ T4731]  do_sys_openat2+0xa6/0x110
[   65.020801][ T4731]  __x64_sys_open+0xe6/0x110
[   65.020842][ T4731]  x64_sys_call+0x14d4/0x2fb0
[   65.020865][ T4731]  do_syscall_64+0xd0/0x1a0
[   65.020898][ T4731]  ? clear_bhb_loop+0x25/0x80
[   65.020925][ T4731]  ? clear_bhb_loop+0x25/0x80
[   65.020952][ T4731]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   65.020978][ T4731] RIP: 0033:0x7fe55500e969
[   65.020997][ T4731] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   65.021063][ T4731] RSP: 002b:00007fe553677038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[   65.021086][ T4731] RAX: ffffffffffffffda RBX: 00007fe555235fa0 RCX: 00007fe55500e969
[   65.021102][ T4731] RDX: 0000000000000020 RSI: 00000000004b8e82 RDI: 0000200000000180
[   65.021116][ T4731] RBP: 00007fe553677090 R08: 0000000000000000 R09: 0000000000000000
[   65.021129][ T4731] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   65.021144][ T4731] R13: 0000000000000000 R14: 00007fe555235fa0 R15: 00007fffa2585948
[   65.021168][ T4731]  </TASK>
[   65.340072][ T4737] netlink: 132 bytes leftover after parsing attributes in process `syz.2.426'.
[   65.355520][ T4737] netlink: 96 bytes leftover after parsing attributes in process `syz.2.426'.
[   65.468792][ T4746] loop1: detected capacity change from 0 to 2048
[   65.476036][ T4753] mmap: syz.2.432 (4753) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   65.501734][ T4751] loop4: detected capacity change from 0 to 764
[   65.502970][ T4754] syz.0.431 (4754) used greatest stack depth: 8112 bytes left
[   65.522165][ T4746] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   65.578440][ T4760] loop2: detected capacity change from 0 to 764
[   65.588089][   T29] kauditd_printk_skb: 258 callbacks suppressed
[   65.588104][   T29] audit: type=1400 audit(1745983808.785:4528): avc:  denied  { mount } for  pid=4758 comm="syz.2.435" name="/" dev="loop2" ino=1792 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1
[   65.623500][ T4760] FAULT_INJECTION: forcing a failure.
[   65.623500][ T4760] name failslab, interval 1, probability 0, space 0, times 0
[   65.624446][ T4746] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 1 with max blocks 1 with error 28
[   65.636634][ T4760] CPU: 0 UID: 0 PID: 4760 Comm: syz.2.435 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(voluntary) 
[   65.636668][ T4760] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   65.636683][ T4760] Call Trace:
[   65.636693][ T4760]  <TASK>
[   65.636704][ T4760]  __dump_stack+0x1d/0x30
[   65.636732][ T4760]  dump_stack_lvl+0xe8/0x140
[   65.636831][ T4760]  dump_stack+0x15/0x1b
[   65.636853][ T4760]  should_fail_ex+0x265/0x280
[   65.636894][ T4760]  should_failslab+0x8c/0xb0
[   65.637011][ T4760]  kmem_cache_alloc_noprof+0x50/0x310
[   65.637123][ T4760]  ? getname_flags+0x80/0x3b0
[   65.637162][ T4760]  getname_flags+0x80/0x3b0
[   65.637200][ T4760]  do_sys_openat2+0x60/0x110
[   65.637287][ T4760]  __x64_sys_openat+0xf2/0x120
[   65.637313][ T4760]  x64_sys_call+0x1af/0x2fb0
[   65.637333][ T4760]  do_syscall_64+0xd0/0x1a0
[   65.637360][ T4760]  ? clear_bhb_loop+0x25/0x80
[   65.637388][ T4760]  ? clear_bhb_loop+0x25/0x80
[   65.637416][ T4760]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   65.637443][ T4760] RIP: 0033:0x7fe55500e969
[   65.637520][ T4760] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   65.637542][ T4760] RSP: 002b:00007fe553677038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   65.637645][ T4760] RAX: ffffffffffffffda RBX: 00007fe555235fa0 RCX: 00007fe55500e969
[   65.637680][ T4760] RDX: 0000000000000441 RSI: 0000200000000080 RDI: ffffffffffffff9c
[   65.637696][ T4760] RBP: 00007fe553677090 R08: 0000000000000000 R09: 0000000000000000
[   65.637711][ T4760] R10: 0000000000000104 R11: 0000000000000246 R12: 0000000000000001
[   65.637726][ T4760] R13: 0000000000000000 R14: 00007fe555235fa0 R15: 00007fffa2585948
[   65.637751][ T4760]  </TASK>
[   65.702697][   T29] audit: type=1400 audit(1745983808.895:4529): avc:  denied  { unmount } for  pid=3306 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1
[   65.704676][ T4746] EXT4-fs (loop1): This should not happen!! Data will be lost
[   65.704676][ T4746] 
[   65.704698][ T4746] EXT4-fs (loop1): Total free blocks count 0
[   65.869585][ T4746] EXT4-fs (loop1): Free/Dirty block details
[   65.875710][ T4746] EXT4-fs (loop1): free_blocks=0
[   65.880793][ T4746] EXT4-fs (loop1): dirty_blocks=0
[   65.886514][ T4746] EXT4-fs (loop1): Block reservation details
[   65.892813][ T4746] EXT4-fs (loop1): i_reserved_data_blocks=0
[   65.913825][   T29] audit: type=1326 audit(1745983809.105:4530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4770 comm="syz.2.436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe55500e969 code=0x7ffc0000
[   65.938578][   T29] audit: type=1326 audit(1745983809.105:4531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4770 comm="syz.2.436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe55500e969 code=0x7ffc0000
[   65.962575][   T29] audit: type=1326 audit(1745983809.105:4532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4770 comm="syz.2.436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe55500e969 code=0x7ffc0000
[   65.984193][ T4777] loop4: detected capacity change from 0 to 2048
[   65.987464][   T29] audit: type=1326 audit(1745983809.105:4533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4770 comm="syz.2.436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe55500e969 code=0x7ffc0000
[   65.994762][ T4777] EXT4-fs: Ignoring removed bh option
[   66.018037][   T29] audit: type=1326 audit(1745983809.105:4534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4770 comm="syz.2.436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe55500e969 code=0x7ffc0000
[   66.022675][ T4777] EXT4-fs: Ignoring removed nomblk_io_submit option
[   66.048025][   T29] audit: type=1326 audit(1745983809.105:4535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4770 comm="syz.2.436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe55500e969 code=0x7ffc0000
[   66.057847][ T4777] EXT4-fs: Ignoring removed nobh option
[   66.078848][   T29] audit: type=1326 audit(1745983809.105:4536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4770 comm="syz.2.436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe55500e969 code=0x7ffc0000
[   66.107696][   T29] audit: type=1326 audit(1745983809.105:4537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4770 comm="syz.2.436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe55500e969 code=0x7ffc0000
[   66.108075][ T4776] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4776 comm=syz.2.436
[   66.149532][ T4777] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   66.164195][ T4772] loop2: detected capacity change from 0 to 512
[   66.171979][ T4772] EXT4-fs: test_dummy_encryption option not supported
[   66.173041][ T4777] EXT4-fs error (device loop4): ext4_read_inline_dir:1501: inode #12: block 5: comm syz.4.441: path /84/file0/file0: bad entry in directory: directory entry overrun - offset=24, inode=13, rec_len=7952, size=80 fake=0
[   66.209993][ T4781] x_tables: ip6_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD
[   66.225135][ T4777] program syz.4.441 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   66.262079][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   66.282276][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   66.368541][ T4802] SELinux:  Context system_u:object_r:agp_device_t:s0 is not valid (left unmapped).
[   66.384771][ T4802] netlink: 100 bytes leftover after parsing attributes in process `syz.4.446'.
[   66.773052][ T4851] FAULT_INJECTION: forcing a failure.
[   66.773052][ T4851] name failslab, interval 1, probability 0, space 0, times 0
[   66.786438][ T4851] CPU: 0 UID: 0 PID: 4851 Comm: syz.4.466 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(voluntary) 
[   66.786474][ T4851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   66.786490][ T4851] Call Trace:
[   66.786498][ T4851]  <TASK>
[   66.786510][ T4851]  __dump_stack+0x1d/0x30
[   66.786580][ T4851]  dump_stack_lvl+0xe8/0x140
[   66.786605][ T4851]  dump_stack+0x15/0x1b
[   66.786700][ T4851]  should_fail_ex+0x265/0x280
[   66.786749][ T4851]  should_failslab+0x8c/0xb0
[   66.786863][ T4851]  kmem_cache_alloc_noprof+0x50/0x310
[   66.786908][ T4851]  ? alloc_empty_file+0x76/0x200
[   66.786986][ T4851]  alloc_empty_file+0x76/0x200
[   66.787020][ T4851]  path_openat+0x68/0x2170
[   66.787061][ T4851]  ? _parse_integer_limit+0x170/0x190
[   66.787101][ T4851]  ? _parse_integer+0x27/0x40
[   66.787210][ T4851]  ? kstrtoull+0x111/0x140
[   66.787240][ T4851]  ? kstrtouint+0x76/0xc0
[   66.787272][ T4851]  do_filp_open+0x109/0x230
[   66.787405][ T4851]  do_sys_openat2+0xa6/0x110
[   66.787427][ T4851]  __x64_sys_open+0xe6/0x110
[   66.787510][ T4851]  x64_sys_call+0x14d4/0x2fb0
[   66.787536][ T4851]  do_syscall_64+0xd0/0x1a0
[   66.787563][ T4851]  ? clear_bhb_loop+0x25/0x80
[   66.787586][ T4851]  ? clear_bhb_loop+0x25/0x80
[   66.787653][ T4851]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   66.787680][ T4851] RIP: 0033:0x7f910d7fe969
[   66.787698][ T4851] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   66.787719][ T4851] RSP: 002b:00007f910be67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[   66.787738][ T4851] RAX: ffffffffffffffda RBX: 00007f910da25fa0 RCX: 00007f910d7fe969
[   66.787750][ T4851] RDX: 0000000000000020 RSI: 00000000004b8e82 RDI: 0000200000000180
[   66.787769][ T4851] RBP: 00007f910be67090 R08: 0000000000000000 R09: 0000000000000000
[   66.787783][ T4851] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   66.787797][ T4851] R13: 0000000000000000 R14: 00007f910da25fa0 R15: 00007ffd187f7e18
[   66.787825][ T4851]  </TASK>
[   67.060289][ T4853] loop1: detected capacity change from 0 to 164
[   67.100966][ T4859] loop3: detected capacity change from 0 to 164
[   67.109944][ T4859] netlink: 4 bytes leftover after parsing attributes in process `syz.3.469'.
[   67.187839][ T4865] FAULT_INJECTION: forcing a failure.
[   67.187839][ T4865] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   67.201134][ T4865] CPU: 0 UID: 0 PID: 4865 Comm: syz.4.471 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(voluntary) 
[   67.201167][ T4865] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   67.201195][ T4865] Call Trace:
[   67.201202][ T4865]  <TASK>
[   67.201211][ T4865]  __dump_stack+0x1d/0x30
[   67.201237][ T4865]  dump_stack_lvl+0xe8/0x140
[   67.201264][ T4865]  dump_stack+0x15/0x1b
[   67.201279][ T4865]  should_fail_ex+0x265/0x280
[   67.201312][ T4865]  should_fail+0xb/0x20
[   67.201347][ T4865]  should_fail_usercopy+0x1a/0x20
[   67.201410][ T4865]  _copy_to_user+0x20/0xa0
[   67.201469][ T4865]  simple_read_from_buffer+0xb5/0x130
[   67.201495][ T4865]  proc_fail_nth_read+0x100/0x140
[   67.201520][ T4865]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   67.201550][ T4865]  vfs_read+0x19d/0x6f0
[   67.201611][ T4865]  ? __rcu_read_unlock+0x4f/0x70
[   67.201635][ T4865]  ? __fget_files+0x184/0x1c0
[   67.201730][ T4865]  ksys_read+0xda/0x1a0
[   67.201757][ T4865]  __x64_sys_read+0x40/0x50
[   67.201786][ T4865]  x64_sys_call+0x2d77/0x2fb0
[   67.201811][ T4865]  do_syscall_64+0xd0/0x1a0
[   67.201908][ T4865]  ? clear_bhb_loop+0x25/0x80
[   67.201943][ T4865]  ? clear_bhb_loop+0x25/0x80
[   67.201963][ T4865]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.201988][ T4865] RIP: 0033:0x7f910d7fd37c
[   67.202013][ T4865] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   67.202035][ T4865] RSP: 002b:00007f910be67030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   67.202074][ T4865] RAX: ffffffffffffffda RBX: 00007f910da25fa0 RCX: 00007f910d7fd37c
[   67.202086][ T4865] RDX: 000000000000000f RSI: 00007f910be670a0 RDI: 0000000000000003
[   67.202100][ T4865] RBP: 00007f910be67090 R08: 0000000000000000 R09: 0000000000000000
[   67.202114][ T4865] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   67.202127][ T4865] R13: 0000000000000001 R14: 00007f910da25fa0 R15: 00007ffd187f7e18
[   67.202223][ T4865]  </TASK>
[   67.467235][ T4869] loop3: detected capacity change from 0 to 512
[   67.479133][ T4869] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   67.502452][ T4869] ext4 filesystem being mounted at /81/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   67.649780][ T4884] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   67.680119][ T4884] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   67.807736][ T4891] xt_TPROXY: Can be used only with -p tcp or -p udp
[   67.841071][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.552472][ T4926] loop3: detected capacity change from 0 to 512
[   68.609848][ T4926] EXT4-fs (loop3): 1 orphan inode deleted
[   68.619611][ T4926] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   68.634622][ T1321] EXT4-fs error (device loop3): ext4_release_dquot:6971: comm kworker/u8:6: Failed to release dquot type 1
[   68.663189][ T4926] ext4 filesystem being mounted at /87/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   68.696565][ T4926] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   68.715677][ T4926] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   68.936361][ T4933] ip6gretap1: entered allmulticast mode
[   68.955579][ T4931] loop2: detected capacity change from 0 to 512
[   68.970490][ T4931] journal_path: Lookup failure for './file0'
[   68.978020][ T4931] EXT4-fs: error: could not find journal device path
[   68.988313][ T4933] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=4933 comm=syz.0.495
[   69.084743][ T4938] netlink: 'GPL': attribute type 10 has an invalid length.
[   69.092244][ T4938] netlink: 'GPL': attribute type 10 has an invalid length.
[   69.125824][ T4940] 9pnet: p9_errstr2errno: server reported unknown error �@þLì²¼	O€!ÝëL›8iHÑ¡
[   69.181149][ T4920] syz.1.492 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[   69.192559][ T4920] CPU: 1 UID: 0 PID: 4920 Comm: syz.1.492 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(voluntary) 
[   69.192595][ T4920] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   69.192653][ T4920] Call Trace:
[   69.192661][ T4920]  <TASK>
[   69.192671][ T4920]  __dump_stack+0x1d/0x30
[   69.192693][ T4920]  dump_stack_lvl+0xe8/0x140
[   69.192712][ T4920]  dump_stack+0x15/0x1b
[   69.192777][ T4920]  dump_header+0x81/0x220
[   69.192824][ T4920]  oom_kill_process+0x334/0x3f0
[   69.192890][ T4920]  out_of_memory+0x979/0xb80
[   69.192915][ T4920]  ? css_next_descendant_pre+0x138/0x160
[   69.192958][ T4920]  mem_cgroup_out_of_memory+0x13d/0x190
[   69.193009][ T4920]  try_charge_memcg+0x5e2/0x870
[   69.193080][ T4920]  charge_memcg+0x51/0xc0
[   69.193108][ T4920]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[   69.193135][ T4920]  __read_swap_cache_async+0x1df/0x350
[   69.193161][ T4920]  swap_cluster_readahead+0x376/0x3e0
[   69.193265][ T4920]  swapin_readahead+0xde/0x6f0
[   69.193290][ T4920]  ? __filemap_get_folio+0x49f/0x650
[   69.193321][ T4920]  ? __rcu_read_unlock+0x34/0x70
[   69.193406][ T4920]  ? swap_cache_get_folio+0x77/0x200
[   69.193473][ T4920]  do_swap_page+0x301/0x2460
[   69.193503][ T4920]  ? cgroup_rstat_updated+0xa3/0x510
[   69.193549][ T4920]  ? __pfx_default_wake_function+0x10/0x10
[   69.193576][ T4920]  handle_mm_fault+0xb60/0x2ae0
[   69.193609][ T4920]  ? mas_walk+0xf2/0x120
[   69.193709][ T4920]  do_user_addr_fault+0x636/0x1090
[   69.193790][ T4920]  ? fpregs_restore_userregs+0x7d/0x190
[   69.193834][ T4920]  exc_page_fault+0x54/0xc0
[   69.193868][ T4920]  asm_exc_page_fault+0x26/0x30
[   69.193894][ T4920] RIP: 0033:0x7fb820c36700
[   69.193983][ T4920] Code: 6e c7 89 13 48 8b 50 08 0f 16 40 50 0f 11 00 48 89 50 50 48 8b 50 10 48 89 78 10 48 89 50 40 48 89 d7 eb b2 66 0f 1f 44 00 00 <64> 48 8b 0c 25 10 00 00 00 8b 91 08 03 00 00 48 8d b9 08 03 00 00
[   69.194000][ T4920] RSP: 002b:00007ffcd02b6ea8 EFLAGS: 00010202
[   69.194082][ T4920] RAX: 00000000fffffffa RBX: 00007fb820e35fa0 RCX: 0000000000000000
[   69.194098][ T4920] RDX: 00007ffcd02b6ef0 RSI: 0000000000000000 RDI: 0000000000000000
[   69.194113][ T4920] RBP: 00007fb820e37ba0 R08: 0000000007981877 R09: 7fffffffffffffff
[   69.194241][ T4920] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000010e91
[   69.194256][ T4920] R13: 00007fb820e35fa0 R14: ffffffffffffffff R15: 00007ffcd02b7030
[   69.194280][ T4920]  </TASK>
[   69.194288][ T4920] memory: usage 307200kB, limit 307200kB, failcnt 11278
[   69.281791][ T3310] EXT4-fs error (device loop3): ext4_readdir:264: inode #11: block 4: comm syz-executor: path /87/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1
[   69.284089][ T4920] memory+swap: usage 287252kB, limit 9007199254740988kB, failcnt 0
[   69.284104][ T4920] kmem: usage 287052kB, limit 9007199254740988kB, failcnt 0
[   69.284117][ T4920] Memory cgroup stats for /syz1:
[   69.302691][ T4944] __nla_validate_parse: 2 callbacks suppressed
[   69.302710][ T4944] netlink: 28 bytes leftover after parsing attributes in process `syz.0.497'.
[   69.305795][ T4920] cache 0
[   69.310941][ T4944] netlink: 28 bytes leftover after parsing attributes in process `syz.0.497'.
[   69.314842][ T4920] rss 0
[   69.314853][ T4920] shmem 0
[   69.314860][ T4920] mapped_file 0
[   69.314932][ T4920] dirty 0
[   69.314940][ T4920] writeback 0
[   69.314948][ T4920] workingset_refault_anon 49
[   69.314956][ T4920] workingset_refault_file 181
[   69.314965][ T4920] swap 204800
[   69.315035][ T4920] swapcached 0
[   69.322284][ T3310] EXT4-fs error (device loop3): ext4_empty_dir:3086: inode #11: block 4: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1
[   69.326109][ T4920] pgpgin 53652
[   69.326120][ T4920] pgpgout 53652
[   69.326129][ T4920] pgfault 32435
[   69.326137][ T4920] pgmajfault 45
[   69.339687][ T3310] EXT4-fs warning (device loop3): ext4_empty_dir:3088: inode #11: comm syz-executor: directory missing '.'
[   69.340519][ T4920] inactive_anon 0
[   69.354627][ T3310] EXT4-fs error (device loop3): ext4_readdir:264: inode #11: block 4: comm syz-executor: path /87/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1
[   69.356065][ T4920] active_anon 0
[   69.356076][ T4920] inactive_file 0
[   69.356084][ T4920] active_file 0
[   69.387632][ T3310] EXT4-fs error (device loop3): ext4_empty_dir:3086: inode #11: block 4: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1
[   69.394507][ T4920] unevictable 0
[   69.394518][ T4920] hierarchical_memory_limit 314572800
[   69.394528][ T4920] hierarchical_memsw_limit 9223372036854771712
[   69.394539][ T4920] total_cache 0
[   69.460382][ T3310] EXT4-fs warning (device loop3): ext4_empty_dir:3088: inode #11: comm syz-executor: directory missing '.'
[   69.466023][ T4920] total_rss 0
[   69.466033][ T4920] total_shmem 0
[   69.466042][ T4920] total_mapped_file 0
[   69.506237][ T3310] EXT4-fs error (device loop3): ext4_readdir:264: inode #11: block 4: comm syz-executor: path /87/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1
[   69.508328][ T4920] total_dirty 0
[   69.508337][ T4920] total_writeback 0
[   69.508343][ T4920] total_workingset_refault_anon 49
[   69.508350][ T4920] total_workingset_refault_file 181
[   69.508358][ T4920] total_swap 204800
[   69.508364][ T4920] total_swapcached 0
[   69.508370][ T4920] total_pgpgin 53652
[   69.508376][ T4920] total_pgpgout 53652
[   69.508383][ T4920] total_pgfault 32435
[   69.706678][ T3310] EXT4-fs error (device loop3): ext4_empty_dir:3086: inode #11: block 4: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1
[   69.710189][ T4920] total_pgmajfault 45
[   69.715607][ T3310] EXT4-fs warning (device loop3): ext4_empty_dir:3088: inode #11: comm syz-executor: directory missing '.'
[   69.719383][ T4920] total_inactive_anon 0
[   69.719393][ T4920] total_active_anon 0
[   69.719399][ T4920] total_inactive_file 0
[   69.719408][ T4920] total_active_file 0
[   69.719416][ T4920] total_unevictable 0
[   69.723565][ T3310] EXT4-fs error (device loop3): ext4_readdir:264: inode #11: block 4: comm syz-executor: path /87/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1
[   69.727387][ T4920] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.492,pid=4920,uid=0
[   69.727496][ T4920] Memory cgroup out of memory: Killed process 4920 (syz.1.492) total-vm:93748kB, anon-rss:904kB, file-rss:22376kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[   69.855102][ T3310] EXT4-fs error (device loop3): ext4_empty_dir:3086: inode #11: block 4: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1
[   69.877238][ T3310] EXT4-fs warning (device loop3): ext4_empty_dir:3088: inode #11: comm syz-executor: directory missing '.'
[   69.891501][ T3310] EXT4-fs error (device loop3): ext4_readdir:264: inode #11: block 4: comm syz-executor: path /87/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=7947, rec_len=12, size=4096 fake=1
[   69.914924][ T3310] EXT4-fs warning (device loop3): ext4_empty_dir:3088: inode #11: comm syz-executor: directory missing '.'
[   69.928156][ T3310] EXT4-fs warning (device loop3): ext4_empty_dir:3088: inode #11: comm syz-executor: directory missing '.'
[   69.940968][ T3310] EXT4-fs warning (device loop3): ext4_empty_dir:3088: inode #11: comm syz-executor: directory missing '.'
[   69.955632][ T3310] EXT4-fs warning (device loop3): ext4_empty_dir:3088: inode #11: comm syz-executor: directory missing '.'
[   69.970328][ T3310] EXT4-fs warning (device loop3): ext4_empty_dir:3088: inode #11: comm syz-executor: directory missing '.'
[   69.982539][ T3310] EXT4-fs warning (device loop3): ext4_empty_dir:3088: inode #11: comm syz-executor: directory missing '.'
[   70.023442][ T4963] netlink: 'syz.0.508': attribute type 21 has an invalid length.
[   70.033749][ T4963] netlink: 132 bytes leftover after parsing attributes in process `syz.0.508'.
[   70.049588][ T4965] FAULT_INJECTION: forcing a failure.
[   70.049588][ T4965] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   70.063033][ T4965] CPU: 1 UID: 0 PID: 4965 Comm: syz.1.509 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(voluntary) 
[   70.063139][ T4965] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   70.063153][ T4965] Call Trace:
[   70.063160][ T4965]  <TASK>
[   70.063168][ T4965]  __dump_stack+0x1d/0x30
[   70.063192][ T4965]  dump_stack_lvl+0xe8/0x140
[   70.063215][ T4965]  dump_stack+0x15/0x1b
[   70.063236][ T4965]  should_fail_ex+0x265/0x280
[   70.063320][ T4965]  should_fail+0xb/0x20
[   70.063355][ T4965]  should_fail_usercopy+0x1a/0x20
[   70.063378][ T4965]  _copy_from_user+0x1c/0xb0
[   70.063405][ T4965]  ___sys_sendmsg+0xc1/0x1d0
[   70.063512][ T4965]  __x64_sys_sendmsg+0xd4/0x160
[   70.063541][ T4965]  x64_sys_call+0x2999/0x2fb0
[   70.063568][ T4965]  do_syscall_64+0xd0/0x1a0
[   70.063602][ T4965]  ? clear_bhb_loop+0x25/0x80
[   70.063630][ T4965]  ? clear_bhb_loop+0x25/0x80
[   70.063658][ T4965]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   70.063679][ T4965] RIP: 0033:0x7fb820c0e969
[   70.063727][ T4965] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   70.063746][ T4965] RSP: 002b:00007fb81f277038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   70.063787][ T4965] RAX: ffffffffffffffda RBX: 00007fb820e35fa0 RCX: 00007fb820c0e969
[   70.063803][ T4965] RDX: 0000000000000000 RSI: 00002000000006c0 RDI: 0000000000000005
[   70.063818][ T4965] RBP: 00007fb81f277090 R08: 0000000000000000 R09: 0000000000000000
[   70.063833][ T4965] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   70.063847][ T4965] R13: 0000000000000000 R14: 00007fb820e35fa0 R15: 00007ffcd02b6db8
[   70.063869][ T4965]  </TASK>
[   70.401841][ T4974] IPVS: sync thread started: state = BACKUP, mcast_ifn = ip_vti0, syncid = 0, id = 0
[   70.440630][ T1321] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   70.453395][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.498685][ T1321] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   70.559217][ T1321] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   70.619093][ T1321] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   70.742618][   T29] kauditd_printk_skb: 296 callbacks suppressed
[   70.742634][   T29] audit: type=1326 audit(1745983813.935:4833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4990 comm="syz.4.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f910d7fe969 code=0x7ffc0000
[   70.818786][   T29] audit: type=1326 audit(1745983813.935:4834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4990 comm="syz.4.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f910d7fe969 code=0x7ffc0000
[   70.843150][   T29] audit: type=1326 audit(1745983813.935:4835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4990 comm="syz.4.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f910d7fe969 code=0x7ffc0000
[   70.867448][   T29] audit: type=1326 audit(1745983813.935:4836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4990 comm="syz.4.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f910d7fe969 code=0x7ffc0000
[   70.891139][   T29] audit: type=1326 audit(1745983813.935:4837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4990 comm="syz.4.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f910d7fe969 code=0x7ffc0000
[   70.915269][   T29] audit: type=1326 audit(1745983813.935:4838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4990 comm="syz.4.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f910d7fe969 code=0x7ffc0000
[   70.939366][   T29] audit: type=1326 audit(1745983813.935:4839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4990 comm="syz.4.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f910d7fe969 code=0x7ffc0000
[   70.962853][   T29] audit: type=1326 audit(1745983813.935:4840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4990 comm="syz.4.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f910d7fe969 code=0x7ffc0000
[   70.987050][   T29] audit: type=1326 audit(1745983813.935:4841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4990 comm="syz.4.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f910d7fe969 code=0x7ffc0000
[   71.011495][   T29] audit: type=1326 audit(1745983813.935:4842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4990 comm="syz.4.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f910d7fe969 code=0x7ffc0000
[   71.039225][ T1321] bridge_slave_1: left allmulticast mode
[   71.045931][ T1321] bridge_slave_1: left promiscuous mode
[   71.052394][ T1321] bridge0: port 2(bridge_slave_1) entered disabled state
[   71.087095][ T1321] bridge_slave_0: left allmulticast mode
[   71.092858][ T1321] bridge_slave_0: left promiscuous mode
[   71.098601][ T1321] bridge0: port 1(bridge_slave_0) entered disabled state
[   71.289171][ T1321] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   71.308079][ T1321] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   71.327560][ T1321] bond0 (unregistering): Released all slaves
[   71.455343][ T4990] syz.4.516 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[   71.466494][ T4990] CPU: 0 UID: 0 PID: 4990 Comm: syz.4.516 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(voluntary) 
[   71.466522][ T4990] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   71.466534][ T4990] Call Trace:
[   71.466562][ T4990]  <TASK>
[   71.466570][ T4990]  __dump_stack+0x1d/0x30
[   71.466593][ T4990]  dump_stack_lvl+0xe8/0x140
[   71.466616][ T4990]  dump_stack+0x15/0x1b
[   71.466637][ T4990]  dump_header+0x81/0x220
[   71.466739][ T4990]  oom_kill_process+0x334/0x3f0
[   71.466766][ T4990]  out_of_memory+0x979/0xb80
[   71.466795][ T4990]  ? css_next_descendant_pre+0x138/0x160
[   71.466838][ T4990]  mem_cgroup_out_of_memory+0x13d/0x190
[   71.466896][ T4990]  try_charge_memcg+0x5e2/0x870
[   71.466961][ T4990]  charge_memcg+0x51/0xc0
[   71.466989][ T4990]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[   71.467023][ T4990]  __read_swap_cache_async+0x1df/0x350
[   71.467084][ T4990]  swap_cluster_readahead+0x376/0x3e0
[   71.467122][ T4990]  swapin_readahead+0xde/0x6f0
[   71.467146][ T4990]  ? __filemap_get_folio+0x49f/0x650
[   71.467178][ T4990]  ? __rcu_read_unlock+0x34/0x70
[   71.467276][ T4990]  ? swap_cache_get_folio+0x77/0x200
[   71.467306][ T4990]  do_swap_page+0x301/0x2460
[   71.467343][ T4990]  ? cgroup_rstat_updated+0xa3/0x510
[   71.467385][ T4990]  ? __pfx_default_wake_function+0x10/0x10
[   71.467483][ T4990]  handle_mm_fault+0xb60/0x2ae0
[   71.467514][ T4990]  ? mas_walk+0xf2/0x120
[   71.467546][ T4990]  do_user_addr_fault+0x636/0x1090
[   71.467598][ T4990]  ? restore_fpregs_from_fpstate+0x61/0x120
[   71.467625][ T4990]  ? fpregs_restore_userregs+0xbb/0x190
[   71.467717][ T4990]  exc_page_fault+0x54/0xc0
[   71.467754][ T4990]  asm_exc_page_fault+0x26/0x30
[   71.467773][ T4990] RIP: 0033:0x7f910d8311d3
[   71.467789][ T4990] Code: de 08 00 48 8d 3d d6 de 08 00 e8 d8 48 f6 ff 0f 1f 84 00 00 00 00 00 83 ff 03 74 7b 83 ff 02 b8 fa ff ff ff 49 89 ca 0f 44 f8 <80> 3d 5e 33 1c 00 00 74 14 b8 e6 00 00 00 0f 05 f7 d8 c3 66 2e 0f
[   71.467810][ T4990] RSP: 002b:00007ffd187f7f38 EFLAGS: 00010293
[   71.467889][ T4990] RAX: 00000000fffffffa RBX: 00007f910da25fa0 RCX: 0000000000000000
[   71.467904][ T4990] RDX: 00007ffd187f7f50 RSI: 0000000000000000 RDI: 0000000000000000
[   71.467919][ T4990] RBP: 00007f910da27ba0 R08: 0000000017953940 R09: 7fffffffffffffff
[   71.467934][ T4990] R10: 0000000000000000 R11: 0000000000000293 R12: 000000000001176a
[   71.468024][ T4990] R13: 00007f910da26080 R14: ffffffffffffffff R15: 00007ffd187f8090
[   71.468048][ T4990]  </TASK>
[   71.468054][ T4990] memory: usage 307200kB, limit 307200kB, failcnt 870
[   71.718998][ T4990] memory+swap: usage 144392kB, limit 9007199254740988kB, failcnt 0
[   71.726961][ T4990] kmem: usage 137864kB, limit 9007199254740988kB, failcnt 0
[   71.734283][ T4990] Memory cgroup stats for /syz4:
[   71.736967][ T4990] cache 4096
[   71.745328][ T4990] rss 4096
[   71.748501][ T4990] shmem 0
[   71.751521][ T4990] mapped_file 4096
[   71.755854][ T4990] dirty 0
[   71.758853][ T4990] writeback 0
[   71.762148][ T4990] workingset_refault_anon 65
[   71.766845][ T4990] workingset_refault_file 155
[   71.771723][ T4990] swap 483328
[   71.775469][ T4990] swapcached 4096
[   71.779178][ T4990] pgpgin 29984
[   71.782728][ T4990] pgpgout 29982
[   71.786225][ T4990] pgfault 42385
[   71.789814][ T4990] pgmajfault 49
[   71.793276][ T4990] inactive_anon 0
[   71.797022][ T4990] active_anon 4096
[   71.800763][ T4990] inactive_file 0
[   71.804536][ T4990] active_file 4096
[   71.808539][ T4990] unevictable 0
[   71.812143][ T4990] hierarchical_memory_limit 314572800
[   71.817759][ T4990] hierarchical_memsw_limit 9223372036854771712
[   71.824100][ T4990] total_cache 4096
[   71.827876][ T4990] total_rss 4096
[   71.831610][ T4990] total_shmem 0
[   71.835153][ T4990] total_mapped_file 4096
[   71.839436][ T4990] total_dirty 0
[   71.842913][ T4990] total_writeback 0
[   71.846774][ T4990] total_workingset_refault_anon 65
[   71.851961][ T4990] total_workingset_refault_file 155
[   71.857200][ T4990] total_swap 483328
[   71.861027][ T4990] total_swapcached 4096
[   71.865326][ T4990] total_pgpgin 29984
[   71.869417][ T4990] total_pgpgout 29982
[   71.873630][ T4990] total_pgfault 42385
[   71.878345][ T4990] total_pgmajfault 49
[   71.882335][ T4990] total_inactive_anon 0
[   71.886549][ T4990] total_active_anon 4096
[   71.890828][ T4990] total_inactive_file 0
[   71.895003][ T4990] total_active_file 4096
[   71.899352][ T4990] total_unevictable 0
[   71.903356][ T4990] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.516,pid=4990,uid=0
[   71.918145][ T4990] Memory cgroup out of memory: Killed process 4990 (syz.4.516) total-vm:93748kB, anon-rss:936kB, file-rss:22440kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[   72.116297][ T5000] loop4: detected capacity change from 0 to 2048
[   72.143425][ T1321] hsr_slave_0: left promiscuous mode
[   72.149290][ T1321] hsr_slave_1: left promiscuous mode
[   72.155318][ T1321] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   72.163218][ T1321] batman_adv: batadv0: Removing interface: batadv_slave_0
[   72.166448][ T5000] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   72.184390][ T1321] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   72.191911][ T1321] batman_adv: batadv0: Removing interface: batadv_slave_1
[   72.202099][ T1321] veth1_vlan: left promiscuous mode
[   72.207843][ T1321] veth0_vlan: left promiscuous mode
[   72.269224][ T5000] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 1 with max blocks 1 with error 28
[   72.282319][ T5000] EXT4-fs (loop4): This should not happen!! Data will be lost
[   72.282319][ T5000] 
[   72.292314][ T5000] EXT4-fs (loop4): Total free blocks count 0
[   72.298351][ T5000] EXT4-fs (loop4): Free/Dirty block details
[   72.305143][ T5000] EXT4-fs (loop4): free_blocks=0
[   72.310314][ T5000] EXT4-fs (loop4): dirty_blocks=0
[   72.315472][ T5000] EXT4-fs (loop4): Block reservation details
[   72.321596][ T5000] EXT4-fs (loop4): i_reserved_data_blocks=0
[   72.327833][ T1321] team0 (unregistering): Port device team_slave_1 removed
[   72.342549][ T1321] team0 (unregistering): Port device team_slave_0 removed
[   72.493791][ T4978] chnl_net:caif_netlink_parms(): no params data found
[   72.504277][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.614767][ T4978] bridge0: port 1(bridge_slave_0) entered blocking state
[   72.621996][ T4978] bridge0: port 1(bridge_slave_0) entered disabled state
[   72.631279][ T4978] bridge_slave_0: entered allmulticast mode
[   72.642275][ T4978] bridge_slave_0: entered promiscuous mode
[   72.666120][ T4978] bridge0: port 2(bridge_slave_1) entered blocking state
[   72.673423][ T4978] bridge0: port 2(bridge_slave_1) entered disabled state
[   72.701097][ T4978] bridge_slave_1: entered allmulticast mode
[   72.711603][ T5022] SELinux:  policydb magic number 0xf99aff8c does not match expected magic number 0xf97cff8c
[   72.711945][ T4978] bridge_slave_1: entered promiscuous mode
[   72.723684][ T5022] SELinux: failed to load policy
[   72.740302][ T5022] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   72.758276][ T5022] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   72.803106][ T4978] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   72.834292][ T4978] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   72.883084][ T4978] team0: Port device team_slave_0 added
[   72.890017][ T4978] team0: Port device team_slave_1 added
[   72.919836][ T4978] batman_adv: batadv0: Adding interface: batadv_slave_0
[   72.926892][ T4978] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   72.952941][ T4978] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   72.991015][ T4978] batman_adv: batadv0: Adding interface: batadv_slave_1
[   72.998246][ T4978] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   73.024674][ T4978] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   73.062265][ T5034] loop1: detected capacity change from 0 to 1024
[   73.073870][ T4978] hsr_slave_0: entered promiscuous mode
[   73.083281][ T4978] hsr_slave_1: entered promiscuous mode
[   73.091817][ T4978] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   73.095178][ T5034] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   73.099483][ T4978] Cannot create hsr debugfs directory
[   73.338739][ T4978] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   73.348034][ T4978] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   73.357091][ T4978] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   73.368969][ T4978] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   73.398821][ T4978] bridge0: port 2(bridge_slave_1) entered blocking state
[   73.406006][ T4978] bridge0: port 2(bridge_slave_1) entered forwarding state
[   73.413600][ T4978] bridge0: port 1(bridge_slave_0) entered blocking state
[   73.420785][ T4978] bridge0: port 1(bridge_slave_0) entered forwarding state
[   73.445211][ T5054] ipvlan2: entered promiscuous mode
[   73.452529][ T5054] bridge0: port 4(ipvlan2) entered blocking state
[   73.459238][ T5054] bridge0: port 4(ipvlan2) entered disabled state
[   73.466124][ T5054] ipvlan2: entered allmulticast mode
[   73.471527][ T5054] bridge0: entered allmulticast mode
[   73.477924][ T5054] ipvlan2: left allmulticast mode
[   73.483031][ T5054] bridge0: left allmulticast mode
[   73.506259][  T158] bridge0: port 1(bridge_slave_0) entered disabled state
[   73.519777][  T158] bridge0: port 2(bridge_slave_1) entered disabled state
[   73.589065][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.602413][ T4978] 8021q: adding VLAN 0 to HW filter on device bond0
[   73.615232][ T4978] 8021q: adding VLAN 0 to HW filter on device team0
[   73.626802][  T158] bridge0: port 1(bridge_slave_0) entered blocking state
[   73.633927][  T158] bridge0: port 1(bridge_slave_0) entered forwarding state
[   73.650554][ T5068] SELinux:  policydb magic number 0xf99aff8c does not match expected magic number 0xf97cff8c
[   73.672153][ T5068] SELinux: failed to load policy
[   73.688445][  T158] bridge0: port 2(bridge_slave_1) entered blocking state
[   73.695577][  T158] bridge0: port 2(bridge_slave_1) entered forwarding state
[   73.695793][ T5068] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   73.716270][ T5071] 9pnet_fd: Insufficient options for proto=fd
[   73.717638][ T4978] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   73.733167][ T4978] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   73.735029][ T5068] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   73.814271][ T5080] SELinux:  Context system_u:object_r:restorecond_exec_t:s0 is not valid (left unmapped).
[   73.892701][ T4978] 8021q: adding VLAN 0 to HW filter on device batadv0
[   73.903505][ T5091] pim6reg1: entered promiscuous mode
[   73.909139][ T5091] pim6reg1: entered allmulticast mode
[   74.101821][ T5123] netlink: 24 bytes leftover after parsing attributes in process `syz.0.556'.
[   74.126164][ T5123] netlink: 4 bytes leftover after parsing attributes in process `syz.0.556'.
[   74.155549][ T5127] loop1: detected capacity change from 0 to 2048
[   74.170264][ T4978] veth0_vlan: entered promiscuous mode
[   74.180980][ T5133] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5133 comm=syz.0.556
[   74.182162][ T4978] veth1_vlan: entered promiscuous mode
[   74.203136][ T5127] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   74.213096][ T4978] veth0_macvtap: entered promiscuous mode
[   74.222229][ T5133] netlink: 24 bytes leftover after parsing attributes in process `syz.0.556'.
[   74.242749][ T4978] veth1_macvtap: entered promiscuous mode
[   74.261871][ T4978] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   74.272551][ T4978] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   74.282638][ T4978] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   74.293223][ T4978] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   74.303176][ T4978] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   74.313788][ T4978] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   74.323673][ T4978] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   74.334597][ T4978] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   74.357471][ T4978] batman_adv: batadv0: Interface activated: batadv_slave_0
[   74.366300][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.368124][ T4978] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   74.386135][ T4978] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   74.395968][ T4978] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   74.406839][ T4978] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   74.416731][ T4978] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   74.427619][ T4978] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   74.437614][ T4978] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   74.448143][ T4978] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   74.460206][ T4978] batman_adv: batadv0: Interface activated: batadv_slave_1
[   74.481572][ T4978] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   74.490382][ T4978] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   74.499190][ T4978] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   74.508007][ T4978] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   74.518278][ T5144] IPv6: NLM_F_CREATE should be specified when creating new route
[   74.708362][ T5155] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[   74.765553][ T3303] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[   74.776616][ T3303] CPU: 0 UID: 0 PID: 3303 Comm: syz-executor Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(voluntary) 
[   74.776722][ T3303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   74.776739][ T3303] Call Trace:
[   74.776746][ T3303]  <TASK>
[   74.776755][ T3303]  __dump_stack+0x1d/0x30
[   74.776824][ T3303]  dump_stack_lvl+0xe8/0x140
[   74.776849][ T3303]  dump_stack+0x15/0x1b
[   74.776866][ T3303]  dump_header+0x81/0x220
[   74.776901][ T3303]  oom_kill_process+0x334/0x3f0
[   74.776972][ T3303]  out_of_memory+0x979/0xb80
[   74.776994][ T3303]  ? css_next_descendant_pre+0x138/0x160
[   74.777035][ T3303]  mem_cgroup_out_of_memory+0x13d/0x190
[   74.777086][ T3303]  try_charge_memcg+0x5e2/0x870
[   74.777177][ T3303]  charge_memcg+0x51/0xc0
[   74.777206][ T3303]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[   74.777241][ T3303]  __read_swap_cache_async+0x1df/0x350
[   74.777269][ T3303]  swap_cluster_readahead+0x277/0x3e0
[   74.777318][ T3303]  swapin_readahead+0xde/0x6f0
[   74.777361][ T3303]  ? __filemap_get_folio+0x49f/0x650
[   74.777398][ T3303]  ? swap_cache_get_folio+0x77/0x200
[   74.777450][ T3303]  do_swap_page+0x301/0x2460
[   74.777479][ T3303]  ? _raw_spin_unlock+0x26/0x50
[   74.777508][ T3303]  ? finish_task_switch+0xad/0x2b0
[   74.777534][ T3303]  ? __pfx_default_wake_function+0x10/0x10
[   74.777627][ T3303]  handle_mm_fault+0xb60/0x2ae0
[   74.777665][ T3303]  ? mas_walk+0xf2/0x120
[   74.777696][ T3303]  do_user_addr_fault+0x636/0x1090
[   74.777808][ T3303]  ? switch_fpu_return+0xe/0x20
[   74.777864][ T3303]  exc_page_fault+0x54/0xc0
[   74.777899][ T3303]  asm_exc_page_fault+0x26/0x30
[   74.777917][ T3303] RIP: 0033:0x7f910d8311e5
[   74.777932][ T3303] Code: 00 00 00 00 00 83 ff 03 74 7b 83 ff 02 b8 fa ff ff ff 49 89 ca 0f 44 f8 80 3d 5e 33 1c 00 00 74 14 b8 e6 00 00 00 0f 05 f7 d8 <c3> 66 2e 0f 1f 84 00 00 00 00 00 48 83 ec 28 48 89 54 24 10 89 74
[   74.777952][ T3303] RSP: 002b:00007ffd187f8158 EFLAGS: 00010246
[   74.778002][ T3303] RAX: 0000000000000000 RBX: 0000000000000143 RCX: 00007f910d8311e3
[   74.778015][ T3303] RDX: 00007ffd187f8170 RSI: 0000000000000000 RDI: 0000000000000000
[   74.778030][ T3303] RBP: 00007ffd187f81dc R08: 000000002825cf4e R09: 0000000000000000
[   74.778046][ T3303] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000001388
[   74.778139][ T3303] R13: 00000000000927c0 R14: 0000000000012250 R15: 00007ffd187f8230
[   74.778158][ T3303]  </TASK>
[   74.778165][ T3303] memory: usage 307200kB, limit 307200kB, failcnt 1214
[   74.924255][ T5164] loop2: detected capacity change from 0 to 1024
[   74.927748][ T3303] memory+swap: usage 259788kB, limit 9007199254740988kB, failcnt 0
[   74.971991][ T5164] EXT4-fs: Ignoring removed i_version option
[   74.976003][ T3303] kmem: usage 221428kB, limit 9007199254740988kB, failcnt 0
[   75.007938][ T5168] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[   75.008378][ T3303] Memory cgroup stats for /syz4:
[   75.058325][ T3303] cache 0
[   75.066266][ T3303] rss 0
[   75.069100][ T3303] shmem 0
[   75.072161][ T3303] mapped_file 0
[   75.075641][ T3303] dirty 0
[   75.078688][ T3303] writeback 0
[   75.081991][ T3303] workingset_refault_anon 90
[   75.086700][ T3303] workingset_refault_file 274
[   75.091483][ T3303] swap 487424
[   75.094833][ T3303] swapcached 0
[   75.098235][ T3303] pgpgin 34285
[   75.101613][ T3303] pgpgout 34285
[   75.105075][ T3303] pgfault 47812
[   75.108560][ T3303] pgmajfault 73
[   75.112029][ T3303] inactive_anon 0
[   75.115707][ T3303] active_anon 0
[   75.119305][ T3303] inactive_file 0
[   75.123076][ T3303] active_file 0
[   75.126774][ T3303] unevictable 0
[   75.130348][ T3303] hierarchical_memory_limit 314572800
[   75.135734][ T3303] hierarchical_memsw_limit 9223372036854771712
[   75.141964][ T3303] total_cache 0
[   75.145777][ T3303] total_rss 0
[   75.149220][ T3303] total_shmem 0
[   75.152738][ T3303] total_mapped_file 0
[   75.156842][ T3303] total_dirty 0
[   75.160323][ T3303] total_writeback 0
[   75.164346][ T3303] total_workingset_refault_anon 90
[   75.166631][ T5164] EXT4-fs (loop2): stripe (8) is not aligned with cluster size (16), stripe is disabled
[   75.169526][ T3303] total_workingset_refault_file 274
[   75.184887][ T3303] total_swap 487424
[   75.188848][ T3303] total_swapcached 0
[   75.192757][ T3303] total_pgpgin 34285
[   75.196683][ T3303] total_pgpgout 34285
[   75.200845][ T3303] total_pgfault 47812
[   75.204867][ T3303] total_pgmajfault 73
[   75.208931][ T3303] total_inactive_anon 0
[   75.213108][ T3303] total_active_anon 0
[   75.217173][ T3303] total_inactive_file 0
[   75.221346][ T3303] total_active_file 0
[   75.225341][ T3303] total_unevictable 0
[   75.229549][ T3303] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.561,pid=5135,uid=0
[   75.244185][ T3303] Memory cgroup out of memory: Killed process 5135 (syz.4.561) total-vm:93748kB, anon-rss:936kB, file-rss:22440kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[   75.276254][ T5170] loop5: detected capacity change from 0 to 2048
[   75.283977][ T5164] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm +}[@: Failed to acquire dquot type 0
[   75.298409][ T5164] EXT4-fs error (device loop2): mb_free_blocks:1948: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[   75.314758][ T5164] EXT4-fs error (device loop2): ext4_do_update_inode:5211: inode #13: comm +}[@: corrupted inode contents
[   75.327084][ T5164] EXT4-fs error (device loop2): ext4_dirty_inode:6103: inode #13: comm +}[@: mark_inode_dirty error
[   75.338558][ T5164] EXT4-fs error (device loop2): ext4_do_update_inode:5211: inode #13: comm +}[@: corrupted inode contents
[   75.350203][ T5170] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   75.366639][ T5164] EXT4-fs error (device loop2): __ext4_ext_dirty:207: inode #13: comm +}[@: mark_inode_dirty error
[   75.382631][ T5164] EXT4-fs error (device loop2): ext4_do_update_inode:5211: inode #13: comm +}[@: corrupted inode contents
[   75.396430][ T5164] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem
[   75.405277][ T5164] EXT4-fs error (device loop2): ext4_do_update_inode:5211: inode #13: comm +}[@: corrupted inode contents
[   75.417000][ T5164] EXT4-fs error (device loop2): ext4_truncate:4255: inode #13: comm +}[@: mark_inode_dirty error
[   75.437915][ T5164] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem
[   75.448181][ T4978] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.458173][ T5164] EXT4-fs (loop2): 1 truncate cleaned up
[   75.464380][ T5164] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   75.480719][ T5164] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.513963][ T5183] IPv6: NLM_F_CREATE should be specified when creating new route
[   75.595442][ T5195] netlink: 65039 bytes leftover after parsing attributes in process `syz.5.583'.
[   75.675722][ T5211] SELinux:  policydb magic number 0xf99aff8c does not match expected magic number 0xf97cff8c
[   75.734482][ T5216] netlink: 24 bytes leftover after parsing attributes in process `syz.0.585'.
[   75.753368][   T29] kauditd_printk_skb: 453 callbacks suppressed
[   75.753386][   T29] audit: type=1400 audit(1745983818.945:5294): avc:  denied  { write } for  pid=5210 comm="syz.2.589" name="raw-gadget" dev="devtmpfs" ino=142 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   75.753873][ T5215] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   75.766178][   T29] audit: type=1400 audit(1745983818.945:5295): avc:  denied  { ioctl } for  pid=5210 comm="syz.2.589" path="/dev/raw-gadget" dev="devtmpfs" ino=142 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   75.836635][ T5211] SELinux: failed to load policy
[   75.878526][   T29] audit: type=1326 audit(1745983819.035:5296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5200 comm="syz.0.585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb986bde969 code=0x7ffc0000
[   75.902351][   T29] audit: type=1326 audit(1745983819.035:5297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5200 comm="syz.0.585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb986bde969 code=0x7ffc0000
[   75.926113][   T29] audit: type=1326 audit(1745983819.035:5298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5200 comm="syz.0.585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7fb986bde969 code=0x7ffc0000
[   75.949914][   T29] audit: type=1326 audit(1745983819.035:5299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5200 comm="syz.0.585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb986bde969 code=0x7ffc0000
[   75.973638][   T29] audit: type=1326 audit(1745983819.035:5300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5200 comm="syz.0.585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb986bde969 code=0x7ffc0000
[   75.973802][ T5215] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   75.997039][   T29] audit: type=1326 audit(1745983819.035:5301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5200 comm="syz.0.585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=190 compat=0 ip=0x7fb986bde969 code=0x7ffc0000
[   76.029195][   T29] audit: type=1326 audit(1745983819.035:5302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5200 comm="syz.0.585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb986bde969 code=0x7ffc0000
[   76.052832][   T29] audit: type=1326 audit(1745983819.035:5303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5200 comm="syz.0.585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb986bde969 code=0x7ffc0000
[   76.402900][ T5230] loop4: detected capacity change from 0 to 2048
[   76.420112][ T5215] syz.2.589: attempt to access beyond end of device
[   76.420112][ T5215] loop2: rw=0, sector=64, nr_sectors = 2 limit=0
[   76.433933][ T5231] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[   76.471318][ T5230] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   76.529411][ T5215] isofs_fill_super: bread failed, dev=loop2, iso_blknum=16, block=32
[   76.545420][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.547924][ T5237] SELinux:  policydb magic number 0xf99aff8c does not match expected magic number 0xf97cff8c
[   76.583121][ T5237] SELinux: failed to load policy
[   76.604082][ T5237] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   76.620793][ T5237] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   76.865346][ T5248] netlink: 96 bytes leftover after parsing attributes in process `syz.5.603'.
[   76.885733][ T5248] netlink: 4 bytes leftover after parsing attributes in process `syz.5.603'.
[   76.894734][ T5248] netlink: 4 bytes leftover after parsing attributes in process `syz.5.603'.
[   76.956774][ T5248] netlink: 4 bytes leftover after parsing attributes in process `syz.5.603'.
[   76.981006][ T5255] loop1: detected capacity change from 0 to 128
[   76.987723][ T5248] netlink: 4 bytes leftover after parsing attributes in process `syz.5.603'.
[   76.996701][ T5248] netlink: 4 bytes leftover after parsing attributes in process `syz.5.603'.
[   77.017269][ T5248] netlink: 4 bytes leftover after parsing attributes in process `syz.5.603'.
[   77.046833][ T5248] netlink: 4 bytes leftover after parsing attributes in process `syz.5.603'.
[   77.239582][ T5283] loop5: detected capacity change from 0 to 1024
[   77.258499][ T5283] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   77.273652][ T5283] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4113: comm syz.5.616: Allocating blocks 497-513 which overlap fs metadata
[   77.289116][ T5283] EXT4-fs (loop5): pa ffff888104ec9700: logic 16, phys. 145, len 23
[   77.297262][ T5283] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[   77.322820][ T4978] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.400173][ T5290] loop5: detected capacity change from 0 to 2048
[   77.418055][ T5290] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   77.485415][ T4978] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.580637][ T5303] loop5: detected capacity change from 0 to 512
[   77.588504][ T5303] EXT4-fs (loop5): couldn't mount as ext3 due to feature incompatibilities
[   77.602511][ T5303] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(8)
[   77.609170][ T5303] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   77.616947][ T5303] vhci_hcd vhci_hcd.0: Device attached
[   77.623966][ T5304] vhci_hcd: connection closed
[   77.624187][ T1321] vhci_hcd: stop threads
[   77.633644][ T1321] vhci_hcd: release socket
[   77.638218][ T1321] vhci_hcd: disconnect device
[   77.748706][ T5308] loop2: detected capacity change from 0 to 512
[   77.755440][ T5308] EXT4-fs: Ignoring removed i_version option
[   77.778445][ T5308] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   77.791609][ T5308] ext4 filesystem being mounted at /117/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[   77.968537][ T3306] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.169699][ T5342] ipvlan2: entered promiscuous mode
[   78.176463][ T5342] bridge0: port 3(ipvlan2) entered blocking state
[   78.183061][ T5342] bridge0: port 3(ipvlan2) entered disabled state
[   78.191574][ T5342] ipvlan2: entered allmulticast mode
[   78.196974][ T5342] bridge0: entered allmulticast mode
[   78.204000][ T5342] ipvlan2: left allmulticast mode
[   78.209260][ T5342] bridge0: left allmulticast mode
[   78.800460][ T5363] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[   78.874391][ T5369] ipvlan2: entered promiscuous mode
[   78.885332][ T5369] bridge0: port 3(ipvlan2) entered blocking state
[   78.892075][ T5369] bridge0: port 3(ipvlan2) entered disabled state
[   78.898831][ T5369] ipvlan2: entered allmulticast mode
[   78.904144][ T5369] bridge0: entered allmulticast mode
[   78.910104][ T5369] ipvlan2: left allmulticast mode
[   78.915225][ T5369] bridge0: left allmulticast mode
[   78.975074][ T5377] loop2: detected capacity change from 0 to 512
[   79.028076][ T5377] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[   79.070714][ T5385] loop5: detected capacity change from 0 to 1024
[   79.079758][ T5377] EXT4-fs (loop2): orphan cleanup on readonly fs
[   79.088753][ T5377] EXT4-fs error (device loop2): ext4_orphan_get:1391: inode #15: comm +}[@: iget: bad extended attribute block 19
[   79.118111][ T5377] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm +}[@: couldn't read orphan inode 15 (err -117)
[   79.148358][ T5385] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   79.182036][ T5377] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   79.187831][ T5385] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4113: comm syz.5.655: Allocating blocks 497-513 which overlap fs metadata
[   79.244583][ T5395] EXT4-fs (loop5): pa ffff8881074bc1c0: logic 16, phys. 145, len 23
[   79.252880][ T5395] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[   79.264462][ T3306] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.312756][ T4978] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.344158][ T5402] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   79.354774][ T5402] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   79.371968][ T5401] loop5: detected capacity change from 0 to 2048
[   79.379054][ T5401] EXT4-fs: Ignoring removed nomblk_io_submit option
[   79.387177][ T5401] EXT4-fs (loop5): stripe (3) is not aligned with cluster size (16), stripe is disabled
[   79.528518][ T5401] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   80.024672][ T4978] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.072383][ T5421] ipvlan2: entered promiscuous mode
[   80.102410][ T5421] bridge0: port 4(ipvlan2) entered blocking state
[   80.109773][ T5421] bridge0: port 4(ipvlan2) entered disabled state
[   80.152708][ T5421] ipvlan2: entered allmulticast mode
[   80.158121][ T5421] bridge0: entered allmulticast mode
[   80.210314][ T5421] ipvlan2: left allmulticast mode
[   80.215433][ T5421] bridge0: left allmulticast mode
[   80.460578][ T5441] loop5: detected capacity change from 0 to 1024
[   80.479020][ T5441] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   80.480747][ T5439] SELinux:  policydb magic number 0xf99aff8c does not match expected magic number 0xf97cff8c
[   80.503905][ T5439] SELinux: failed to load policy
[   80.513107][ T5441] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4113: comm syz.5.671: Allocating blocks 497-513 which overlap fs metadata
[   80.534411][ T5441] EXT4-fs (loop5): pa ffff8881074bc150: logic 16, phys. 145, len 23
[   80.542578][ T5441] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[   80.553612][ T5439] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   80.562631][ T5439] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   80.610483][ T4978] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.745929][ T5471] ipvlan2: entered promiscuous mode
[   80.753704][ T5471] bridge0: port 3(ipvlan2) entered blocking state
[   80.760392][ T5471] bridge0: port 3(ipvlan2) entered disabled state
[   80.767219][ T5471] ipvlan2: entered allmulticast mode
[   80.772831][ T5471] bridge0: entered allmulticast mode
[   80.778935][ T5471] ipvlan2: left allmulticast mode
[   80.784092][ T5471] bridge0: left allmulticast mode
[   80.843895][   T29] kauditd_printk_skb: 667 callbacks suppressed
[   80.843913][   T29] audit: type=1326 audit(1745983824.035:5971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5475 comm="syz.4.685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f910d7fe969 code=0x7ffc0000
[   80.873880][   T29] audit: type=1326 audit(1745983824.055:5972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5475 comm="syz.4.685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=115 compat=0 ip=0x7f910d7fe969 code=0x7ffc0000
[   80.897431][   T29] audit: type=1326 audit(1745983824.055:5973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5475 comm="syz.4.685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f910d7fe969 code=0x7ffc0000
[   80.921607][   T29] audit: type=1326 audit(1745983824.055:5974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5475 comm="syz.4.685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f910d7fe969 code=0x7ffc0000
[   80.945607][   T29] audit: type=1326 audit(1745983824.055:5975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5475 comm="syz.4.685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f910d7fe969 code=0x7ffc0000
[   80.968983][   T29] audit: type=1326 audit(1745983824.055:5976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5475 comm="syz.4.685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f910d7fe969 code=0x7ffc0000
[   80.992673][   T29] audit: type=1326 audit(1745983824.055:5977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5475 comm="syz.4.685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f910d7fe969 code=0x7ffc0000
[   81.016786][   T29] audit: type=1326 audit(1745983824.055:5978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5475 comm="syz.4.685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f910d7fe969 code=0x7ffc0000
[   81.040937][   T29] audit: type=1326 audit(1745983824.055:5979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5475 comm="syz.4.685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f910d7fe969 code=0x7ffc0000
[   81.064632][   T29] audit: type=1326 audit(1745983824.055:5980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5475 comm="syz.4.685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f910d7fe969 code=0x7ffc0000
[   81.203963][ T5488] IPv6: NLM_F_CREATE should be specified when creating new route
[   81.217016][ T5489] __nla_validate_parse: 11 callbacks suppressed
[   81.217076][ T5489] netlink: 24 bytes leftover after parsing attributes in process `syz.0.688'.
[   81.853974][ T5495] syz.4.693 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[   81.864954][ T5495] CPU: 0 UID: 0 PID: 5495 Comm: syz.4.693 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(voluntary) 
[   81.864986][ T5495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   81.865001][ T5495] Call Trace:
[   81.865008][ T5495]  <TASK>
[   81.865017][ T5495]  __dump_stack+0x1d/0x30
[   81.865040][ T5495]  dump_stack_lvl+0xe8/0x140
[   81.865139][ T5495]  dump_stack+0x15/0x1b
[   81.865154][ T5495]  dump_header+0x81/0x220
[   81.865254][ T5495]  oom_kill_process+0x334/0x3f0
[   81.865283][ T5495]  out_of_memory+0x979/0xb80
[   81.865309][ T5495]  ? css_next_descendant_pre+0x138/0x160
[   81.865348][ T5495]  mem_cgroup_out_of_memory+0x13d/0x190
[   81.865488][ T5495]  try_charge_memcg+0x5e2/0x870
[   81.865522][ T5495]  charge_memcg+0x51/0xc0
[   81.865546][ T5495]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[   81.865609][ T5495]  __read_swap_cache_async+0x1df/0x350
[   81.865638][ T5495]  swap_cluster_readahead+0x277/0x3e0
[   81.865676][ T5495]  swapin_readahead+0xde/0x6f0
[   81.865702][ T5495]  ? __filemap_get_folio+0x49f/0x650
[   81.865790][ T5495]  ? swap_cache_get_folio+0x77/0x200
[   81.865879][ T5495]  do_swap_page+0x301/0x2460
[   81.865909][ T5495]  ? cgroup_rstat_updated+0xa3/0x510
[   81.865944][ T5495]  ? __pfx_default_wake_function+0x10/0x10
[   81.865971][ T5495]  handle_mm_fault+0xb60/0x2ae0
[   81.866048][ T5495]  do_user_addr_fault+0x636/0x1090
[   81.866207][ T5495]  ? fpregs_restore_userregs+0x7d/0x190
[   81.866239][ T5495]  exc_page_fault+0x54/0xc0
[   81.866316][ T5495]  asm_exc_page_fault+0x26/0x30
[   81.866350][ T5495] RIP: 0033:0x7f910d8311d3
[   81.866369][ T5495] Code: de 08 00 48 8d 3d d6 de 08 00 e8 d8 48 f6 ff 0f 1f 84 00 00 00 00 00 83 ff 03 74 7b 83 ff 02 b8 fa ff ff ff 49 89 ca 0f 44 f8 <80> 3d 5e 33 1c 00 00 74 14 b8 e6 00 00 00 0f 05 f7 d8 c3 66 2e 0f
[   81.866516][ T5495] RSP: 002b:00007ffd187f7f38 EFLAGS: 00010293
[   81.866536][ T5495] RAX: 00000000fffffffa RBX: 00007f910da25fa0 RCX: 0000000000000000
[   81.866550][ T5495] RDX: 00007ffd187f7f50 RSI: 0000000000000000 RDI: 0000000000000000
[   81.866562][ T5495] RBP: 00007f910da27ba0 R08: 000000002de6cb69 R09: 7fffffffffffffff
[   81.866574][ T5495] R10: 0000000000000000 R11: 0000000000000293 R12: 00000000000140b8
[   81.866589][ T5495] R13: 00007f910da26080 R14: ffffffffffffffff R15: 00007ffd187f8090
[   81.866677][ T5495]  </TASK>
[   82.092038][ T5495] memory: usage 307200kB, limit 307200kB, failcnt 1527
[   82.099069][ T5495] memory+swap: usage 307660kB, limit 9007199254740988kB, failcnt 0
[   82.107001][ T5495] kmem: usage 307184kB, limit 9007199254740988kB, failcnt 0
[   82.114323][ T5495] Memory cgroup stats for /syz4:
[   82.130417][ T5495] cache 0
[   82.138503][ T5495] rss 0
[   82.141280][ T5495] shmem 0
[   82.144282][ T5495] mapped_file 0
[   82.147850][ T5495] dirty 0
[   82.151050][ T5495] writeback 8192
[   82.154729][ T5495] workingset_refault_anon 137
[   82.159441][ T5495] workingset_refault_file 388
[   82.164135][ T5495] swap 471040
[   82.167576][ T5495] swapcached 16384
[   82.171574][ T5495] pgpgin 38982
[   82.175010][ T5495] pgpgout 38978
[   82.178521][ T5495] pgfault 54824
[   82.182000][ T5495] pgmajfault 99
[   82.185653][ T5495] inactive_anon 16384
[   82.189952][ T5495] active_anon 0
[   82.193741][ T5495] inactive_file 0
[   82.197454][ T5495] active_file 0
[   82.201038][ T5495] unevictable 0
[   82.204695][ T5495] hierarchical_memory_limit 314572800
[   82.210207][ T5495] hierarchical_memsw_limit 9223372036854771712
[   82.216412][ T5495] total_cache 0
[   82.219975][ T5495] total_rss 0
[   82.223320][ T5495] total_shmem 0
[   82.226863][ T5495] total_mapped_file 0
[   82.230863][ T5495] total_dirty 0
[   82.234335][ T5495] total_writeback 8192
[   82.238489][ T5495] total_workingset_refault_anon 137
[   82.243741][ T5495] total_workingset_refault_file 388
[   82.249074][ T5495] total_swap 471040
[   82.253191][ T5495] total_swapcached 16384
[   82.257753][ T5495] total_pgpgin 38982
[   82.261702][ T5495] total_pgpgout 38978
[   82.265730][ T5495] total_pgfault 54824
[   82.269927][ T5495] total_pgmajfault 99
[   82.273999][ T5495] total_inactive_anon 16384
[   82.278576][ T5495] total_active_anon 0
[   82.282671][ T5495] total_inactive_file 0
[   82.286964][ T5495] total_active_file 0
[   82.291093][ T5495] total_unevictable 0
[   82.295225][ T5495] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.693,pid=5495,uid=0
[   82.310047][ T5495] Memory cgroup out of memory: Killed process 5495 (syz.4.693) total-vm:93748kB, anon-rss:936kB, file-rss:22312kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[   82.641820][ T5545] SELinux:  policydb magic number 0xf99aff8c does not match expected magic number 0xf97cff8c
[   82.656471][ T5545] SELinux: failed to load policy
[   82.676424][ T5548] loop5: detected capacity change from 0 to 1024
[   82.683468][ T5545] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   82.698314][ T5545] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   82.719868][ T5548] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   82.738295][ T5548] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4113: comm syz.5.716: Allocating blocks 497-513 which overlap fs metadata
[   82.756925][ T5548] EXT4-fs (loop5): pa ffff8881074bc1c0: logic 16, phys. 145, len 23
[   82.765086][ T5548] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 1
[   82.794026][ T5548] netlink: 24 bytes leftover after parsing attributes in process `syz.5.716'.
[   82.843221][ T4978] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.119679][ T5579] loop4: detected capacity change from 0 to 1024
[   83.127780][ T5579] EXT4-fs: Ignoring removed mblk_io_submit option
[   83.135514][ T5579] EXT4-fs: Ignoring removed nobh option
[   83.141160][ T5579] EXT4-fs: Ignoring removed bh option
[   83.170000][ T5579] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   83.229244][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.243964][ T5588] IPv6: NLM_F_CREATE should be specified when creating new route
[   83.260731][ T5590] FAULT_INJECTION: forcing a failure.
[   83.260731][ T5590] name failslab, interval 1, probability 0, space 0, times 0
[   83.273490][ T5590] CPU: 0 UID: 0 PID: 5590 Comm: syz.5.732 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(voluntary) 
[   83.273608][ T5590] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   83.273624][ T5590] Call Trace:
[   83.273632][ T5590]  <TASK>
[   83.273642][ T5590]  __dump_stack+0x1d/0x30
[   83.273717][ T5590]  dump_stack_lvl+0xe8/0x140
[   83.273798][ T5590]  dump_stack+0x15/0x1b
[   83.273819][ T5590]  should_fail_ex+0x265/0x280
[   83.273866][ T5590]  should_failslab+0x8c/0xb0
[   83.273902][ T5590]  kmem_cache_alloc_noprof+0x50/0x310
[   83.274001][ T5590]  ? prepare_creds+0x37/0x4c0
[   83.274025][ T5590]  prepare_creds+0x37/0x4c0
[   83.274046][ T5590]  __sys_setfsgid+0x90/0x1f0
[   83.274066][ T5590]  __x64_sys_setfsgid+0x1e/0x30
[   83.274157][ T5590]  x64_sys_call+0x1b85/0x2fb0
[   83.274178][ T5590]  do_syscall_64+0xd0/0x1a0
[   83.274231][ T5590]  ? clear_bhb_loop+0x25/0x80
[   83.274252][ T5590]  ? clear_bhb_loop+0x25/0x80
[   83.274311][ T5590]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   83.274407][ T5590] RIP: 0033:0x7fea2ad5e969
[   83.274422][ T5590] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   83.274440][ T5590] RSP: 002b:00007fea293c7038 EFLAGS: 00000246 ORIG_RAX: 000000000000007b
[   83.274459][ T5590] RAX: ffffffffffffffda RBX: 00007fea2af85fa0 RCX: 00007fea2ad5e969
[   83.274472][ T5590] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   83.274517][ T5590] RBP: 00007fea293c7090 R08: 0000000000000000 R09: 0000000000000000
[   83.274528][ T5590] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   83.274540][ T5590] R13: 0000000000000001 R14: 00007fea2af85fa0 R15: 00007ffe614501f8
[   83.274559][ T5590]  </TASK>
[   83.564426][ T5600] loop4: detected capacity change from 0 to 1024
[   83.588201][ T1040] hid-generic 0000:0004:0000.0004: unknown main item tag 0x0
[   83.595926][ T1040] hid-generic 0000:0004:0000.0004: unknown main item tag 0x0
[   83.603518][ T1040] hid-generic 0000:0004:0000.0004: unknown main item tag 0x0
[   83.613916][ T1040] hid-generic 0000:0004:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   83.625527][ T5600] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   83.746463][ T3311] ==================================================================
[   83.754617][ T3311] BUG: KCSAN: data-race in mem_cgroup_flush_stats_ratelimited / tick_do_update_jiffies64
[   83.764707][ T3311] 
[   83.767163][ T3311] read-write to 0xffffffff868099c0 of 8 bytes by interrupt on cpu 0:
[   83.775545][ T3311]  tick_do_update_jiffies64+0x113/0x1c0
[   83.781125][ T3311]  tick_nohz_handler+0x7f/0x2d0
[   83.786031][ T3311]  __hrtimer_run_queues+0x20c/0x5a0
[   83.791260][ T3311]  hrtimer_interrupt+0x21a/0x460
[   83.796389][ T3311]  __sysvec_apic_timer_interrupt+0x5c/0x1d0
[   83.802339][ T3311]  sysvec_apic_timer_interrupt+0x6f/0x80
[   83.808112][ T3311]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[   83.814140][ T3311]  kcsan_setup_watchpoint+0x415/0x430
[   83.819637][ T3311]  avtab_search_node+0x49/0x2b0
[   83.824594][ T3311]  context_struct_compute_av+0x332/0xaa0
[   83.830244][ T3311]  security_compute_av+0x25c/0x920
[   83.835379][ T3311]  avc_compute_av+0x5a/0x3e0
[   83.840005][ T3311]  avc_perm_nonode+0x5e/0xe0
[   83.844648][ T3311]  avc_has_perm_noaudit+0x156/0x200
[   83.849970][ T3311]  avc_has_perm+0x61/0x150
[   83.854426][ T3311]  file_has_perm+0x324/0x370
[   83.859041][ T3311]  selinux_file_permission+0x31f/0x360
[   83.864516][ T3311]  security_file_permission+0x3e/0x80
[   83.869914][ T3311]  vfs_write+0x135/0x8d0
[   83.874168][ T3311]  ksys_write+0xda/0x1a0
[   83.878421][ T3311]  __x64_sys_write+0x40/0x50
[   83.883034][ T3311]  x64_sys_call+0x2cdd/0x2fb0
[   83.887735][ T3311]  do_syscall_64+0xd0/0x1a0
[   83.892267][ T3311]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   83.898167][ T3311] 
[   83.900537][ T3311] read to 0xffffffff868099c0 of 8 bytes by task 3311 on cpu 1:
[   83.908259][ T3311]  mem_cgroup_flush_stats_ratelimited+0x29/0x70
[   83.914634][ T3311]  count_shadow_nodes+0x6a/0x230
[   83.919603][ T3311]  do_shrink_slab+0x60/0x680
[   83.924203][ T3311]  shrink_slab+0x448/0x760
[   83.928642][ T3311]  shrink_node+0x6c3/0x2110
[   83.933164][ T3311]  do_try_to_free_pages+0x3f6/0xcd0
[   83.938387][ T3311]  try_to_free_mem_cgroup_pages+0x1ab/0x410
[   83.944388][ T3311]  try_charge_memcg+0x3ab/0x870
[   83.949343][ T3311]  charge_memcg+0x51/0xc0
[   83.953794][ T3311]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[   83.959791][ T3311]  __read_swap_cache_async+0x1df/0x350
[   83.965269][ T3311]  swap_cluster_readahead+0x277/0x3e0
[   83.970655][ T3311]  swapin_readahead+0xde/0x6f0
[   83.975430][ T3311]  do_swap_page+0x301/0x2460
[   83.980208][ T3311]  handle_mm_fault+0xb60/0x2ae0
[   83.985207][ T3311]  do_user_addr_fault+0x636/0x1090
[   83.990357][ T3311]  exc_page_fault+0x54/0xc0
[   83.994890][ T3311]  asm_exc_page_fault+0x26/0x30
[   83.999750][ T3311] 
[   84.002101][ T3311] value changed: 0x00000000ffffab51 -> 0x00000000ffffab52
[   84.009225][ T3311] 
[   84.011580][ T3311] Reported by Kernel Concurrency Sanitizer on:
[   84.017850][ T3311] CPU: 1 UID: 0 PID: 3311 Comm: syz-executor Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(voluntary) 
[   84.030960][ T3311] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   84.041056][ T3311] ==================================================================
[   84.062448][ T3311] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[   84.073511][ T3311] CPU: 0 UID: 0 PID: 3311 Comm: syz-executor Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(voluntary) 
[   84.073542][ T3311] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   84.073555][ T3311] Call Trace:
[   84.073561][ T3311]  <TASK>
[   84.073569][ T3311]  __dump_stack+0x1d/0x30
[   84.073593][ T3311]  dump_stack_lvl+0xe8/0x140
[   84.073635][ T3311]  dump_stack+0x15/0x1b
[   84.073651][ T3311]  dump_header+0x81/0x220
[   84.073684][ T3311]  oom_kill_process+0x334/0x3f0
[   84.073724][ T3311]  out_of_memory+0x979/0xb80
[   84.073823][ T3311]  ? css_next_descendant_pre+0x138/0x160
[   84.073859][ T3311]  mem_cgroup_out_of_memory+0x13d/0x190
[   84.073919][ T3311]  try_charge_memcg+0x5e2/0x870
[   84.073957][ T3311]  charge_memcg+0x51/0xc0
[   84.073985][ T3311]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[   84.074066][ T3311]  __read_swap_cache_async+0x1df/0x350
[   84.074096][ T3311]  swap_cluster_readahead+0x277/0x3e0
[   84.074196][ T3311]  swapin_readahead+0xde/0x6f0
[   84.074225][ T3311]  ? __filemap_get_folio+0x49f/0x650
[   84.074334][ T3311]  ? swap_cache_get_folio+0x77/0x200
[   84.074433][ T3311]  do_swap_page+0x301/0x2460
[   84.074460][ T3311]  ? save_fpregs_to_fpstate+0x100/0x160
[   84.074495][ T3311]  ? _raw_spin_unlock+0x26/0x50
[   84.074526][ T3311]  ? finish_task_switch+0xad/0x2b0
[   84.074589][ T3311]  ? __pfx_default_wake_function+0x10/0x10
[   84.074621][ T3311]  handle_mm_fault+0xb60/0x2ae0
[   84.074772][ T3311]  ? mas_walk+0xf2/0x120
[   84.074806][ T3311]  do_user_addr_fault+0x636/0x1090
[   84.074845][ T3311]  ? switch_fpu_return+0xe/0x20
[   84.074892][ T3311]  exc_page_fault+0x54/0xc0
[   84.074925][ T3311]  asm_exc_page_fault+0x26/0x30
[   84.074944][ T3311] RIP: 0033:0x7fb986c111e5
[   84.074959][ T3311] Code: 00 00 00 00 00 83 ff 03 74 7b 83 ff 02 b8 fa ff ff ff 49 89 ca 0f 44 f8 80 3d 5e 33 1c 00 00 74 14 b8 e6 00 00 00 0f 05 f7 d8 <c3> 66 2e 0f 1f 84 00 00 00 00 00 48 83 ec 28 48 89 54 24 10 89 74
[   84.075010][ T3311] RSP: 002b:00007fff46eb7d68 EFLAGS: 00010246
[   84.075028][ T3311] RAX: 0000000000000000 RBX: 0000000000000189 RCX: 00007fb986c111e3
[   84.075044][ T3311] RDX: 00007fff46eb7d80 RSI: 0000000000000000 RDI: 0000000000000000
[   84.075059][ T3311] RBP: 00007fff46eb7dec R08: 0000000029deb22c R09: 0000000000000000
[   84.075074][ T3311] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000001388
[   84.075087][ T3311] R13: 00000000000927c0 R14: 0000000000014475 R15: 00007fff46eb7e40
[   84.075106][ T3311]  </TASK>
[   84.075112][ T3311] memory: usage 307200kB, limit 307200kB, failcnt 10254
[   84.324318][ T3311] memory+swap: usage 254676kB, limit 9007199254740988kB, failcnt 0
[   84.333092][ T3311] kmem: usage 254480kB, limit 9007199254740988kB, failcnt 0
[   84.340869][ T3311] Memory cgroup stats for /syz0:
[   84.341629][ T3311] cache 0
[   84.349739][ T3311] rss 0
[   84.352762][ T3311] shmem 0
[   84.355746][ T3311] mapped_file 0
[   84.358439][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.359336][ T3311] dirty 0
[   84.371469][ T3311] writeback 0
[   84.374769][ T3311] workingset_refault_anon 61
[   84.379478][ T3311] workingset_refault_file 45
[   84.384096][ T3311] swap 192512
[   84.387413][ T3311] swapcached 8192
[   84.391151][ T3311] pgpgin 194607
[   84.394621][ T3311] pgpgout 194605
[   84.398299][ T3311] pgfault 44995
[   84.401945][ T3311] pgmajfault 24
[   84.405434][ T3311] inactive_anon 8192
[   84.409514][ T3311] active_anon 0
[   84.412998][ T3311] inactive_file 0
[   84.416831][ T3311] active_file 0
[   84.420299][ T3311] unevictable 0
[   84.423760][ T3311] hierarchical_memory_limit 314572800
[   84.429292][ T3311] hierarchical_memsw_limit 9223372036854771712
[   84.435463][ T3311] total_cache 0
[   84.439051][ T3311] total_rss 0
[   84.442351][ T3311] total_shmem 0
[   84.445848][ T3311] total_mapped_file 0
[   84.449892][ T3311] total_dirty 0
[   84.453426][ T3311] total_writeback 0
[   84.457335][ T3311] total_workingset_refault_anon 61
[   84.462476][ T3311] total_workingset_refault_file 45
[   84.467628][ T3311] total_swap 192512
[   84.471463][ T3311] total_swapcached 8192
[   84.475628][ T3311] total_pgpgin 194607
[   84.479904][ T3311] total_pgpgout 194605
[   84.484043][ T3311] total_pgfault 44995
[   84.488192][ T3311] total_pgmajfault 24
[   84.492235][ T3311] total_inactive_anon 8192
[   84.496705][ T3311] total_active_anon 0
[   84.500760][ T3311] total_inactive_file 0
[   84.505047][ T3311] total_active_file 0
[   84.509139][ T3311] total_unevictable 0
[   84.513205][ T3311] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.723,pid=5567,uid=0
[   84.528423][ T3311] Memory cgroup out of memory: Killed process 5567 (syz.0.723) total-vm:93748kB, anon-rss:936kB, file-rss:22440kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000