last executing test programs:

58.122990535s ago: executing program 4 (id=3305):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[], 0x50)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
close_range(r2, r2, 0x2)
epoll_create1(0x0)
r3 = socket$unix(0x1, 0x5, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000180))
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r4, 0x25, &(0x7f0000000000)={0x1})
fcntl$lock(r4, 0x7, &(0x7f00000006c0))
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000011c0)="93bffce623851797a8dc79018d7716840ffc6906bb2b0eb2fe32d2f0048678cd35ef833c350900f95a94770a6845b091e69f243dea0d601c54e9c93ee3568b89a3427c84262ff67b679ccac305b5cea1dcd151d7bb5754603b6b0e362d8041bdc61529260e6c4046d55927c96dcce1609b9c4f8424b9da760270a470f95b99ebb60000", 0x83}, {&(0x7f0000000400)="029993440c7a1d95d3bb8cf353fd63c588ffa39f0ff0fced20927ea4b2a247d082247558bef6b2b2cd6a0dffece1b36526e9388c344fb7ac429e434ccb0330483c0604aaf296d8218e240055cb92f17b1b47fd7b1b178ca0d1c470154ed985a179f87c9bc40206c86df9abc5", 0x6c}, {&(0x7f0000000740)="c8605474ee573ad5ad5acedf22046d983c7964dad745eb7c8eb102c0d2b166382d3f325806513b1eb3fe7b135bfef85013c74b374f5892a7254e3405ebe8d6125ace8414fc44456c1c521ce19dae4a7f37f08f5e7b686c02967dfb02fa1ec528de641f95606c3be81b643b62d206a8aadea3d7663c32b159036bde2ee6fb0441c70b", 0x82}], 0x3}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000000)="acc841985992b79554acfc02163bb0fb2bb293e68c02bb40b6b870bde5700d3687", 0x21}, {&(0x7f0000000a00)="b1f56ee29c433328d3b2a83bd97e37007087acae7568edff43ed556d76770122635aea1dc48755381c71590cd542e796cc2669e2af442a03760c5cdfc691b3da35ad6a8d2ef9c2baa53a8dec36a2e434d46e643a1277b1dd932f3ef2cf46c257d6a19523b8b789ef34b46e461725b5e437323385b88c368f8bb5b933aa9169f5f7b51dd5319b8016623d1863d70581691a79a6678db1e5e7fa1c98c5b9e4a87272e9c4a1bd98dbb2ab76919ba5c1020e80bd0659e82d861dc6fe4c62639134c504aa438689d28748c22ebfe2772d64b64e706d94864d785dcc6b", 0xda}, {&(0x7f0000000e80)="5be3b011e12323e4ab88c0472f0700000000000000e71ba6231f303d2db97401439932cfd4855c4cc243dae723789d8a9a16be3135c5f82691837c90ab19545f7a1dcf1449fd59eecae5f52fba1e89d6d34b39297bbbc2580600000000000000d6e36e737691a1c6bd2a64b2a85cbaaf646e72f8fe08c33a33b275787892f61fbb621794716f96031931b55af30fa01d72aa5a53ee4c07ab7c96a4a9ed93f4d20269982ab6feb22d8e77afb7b861622ab963b07f0026fd6424082bcd0864a854e542aacc3201fff776fe1c000000000000000000000000000000002da46e8a95bcead77a244256266fe952d151a841aaa0c9c727bf08c37869c70d6aed073d6bb9fb037a079b697f3ba963ba49b6aecdc3e839ae25d497b0e60408b8e0a9931aeb1be35eea2a22fa50d66a634804121bde6a4a2d7a23c08d8237aac90c577c24f4ec2949d9202659fe626262e0764eed651fe91d276cd8918ba1a079c716281613b127eca886d75e994a1b41314ff21f5a4fd8a7e55c65b2eebabf0db0268c53503bb309959c1c0b222c6fb8310e8f25e7c26e24baedcc72d41798c95c01626c311e9f1262dfa4dedd161672c578a7af36c8a95437f295e14a1e0c7245cb53f83cc7b4b9294bb13473331502b7735a955080f7c2fd79d3fe0de99505840905376e957c012fc4e4e0ea1c8db07ac01ae1e0", 0x1f1}], 0x3}}], 0x2, 0xc0)

56.805916773s ago: executing program 4 (id=3309):
r0 = syz_io_uring_setup(0x63a4, &(0x7f00000003c0)={0x0, 0xb396, 0x20, 0x3, 0x2d7}, &(0x7f0000000440), &(0x7f0000000480))
r1 = io_uring_setup(0x7d2e, &(0x7f0000000180)={0x0, 0x0, 0x40, 0x1, 0x1b8, 0x0, r0})
io_uring_register$IORING_REGISTER_ENABLE_RINGS(r1, 0xc, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
kexec_load(0x0, 0x1, &(0x7f0000000140)=[{0x0, 0x3e00, 0x116094000, 0x41000000}], 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000006c0)='kfree\x00', r5}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
ioctl$BTRFS_IOC_TREE_SEARCH(0xffffffffffffffff, 0x7005, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000054850000000400000095"], &(0x7f0000000640)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000980)={&(0x7f0000000200)='rxrpc_recvmsg\x00', r5, 0x0, 0x8000000000000001}, 0x18)
r6 = eventfd(0xfffffffe)
io_uring_register$IORING_REGISTER_EVENTFD(0xffffffffffffffff, 0x4, &(0x7f0000000240)=r6, 0x1)
r7 = socket(0x21, 0x2, 0x10000000000002)
recvmmsg(r7, &(0x7f00000002c0)=[{{&(0x7f0000000000)=@sco, 0x80, 0x0}, 0x7}], 0x1, 0x20, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x48340, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)

56.511140327s ago: executing program 4 (id=3313):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffc}]})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000580)='sched_switch\x00', r0}, 0x10)
r1 = syz_io_uring_setup(0x5c2, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x4}, &(0x7f00000001c0)=<r2=>0x0, &(0x7f0000000580)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x18, 0x0, 0x0, 0x4, &(0x7f0000000280)={0x0, 0x989680}, 0x1, 0x40, 0x1})
io_uring_enter(r1, 0x6e2, 0x3900, 0x1, 0x0, 0xe00)
pipe(&(0x7f0000000440)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
splice(r6, 0x0, r5, 0x0, 0x10000008ebc, 0x0)
splice(r4, 0x0, r7, 0x0, 0x25a5, 0x0)
socket$tipc(0x1e, 0x5, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff530000008003950323030302e75"], 0x15)
pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r8, &(0x7f0000000300)=ANY=[], 0x15)
r9 = dup(r8)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000e00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x8010)
sendmsg$NFT_BATCH(r10, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a80)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a44000000060a0b040000000000000000020000001800048014000180090001006d61737100000000040002800900010073797a30000000200900020073797a3200000000140000001100010000000000000000000000000a"], 0x6c}, 0x1, 0x0, 0x0, 0x48000}, 0x0)
syz_emit_ethernet(0x33, &(0x7f0000000200)=ANY=[@ANYBLOB="e90c610faca20180c20000000800450100250000e0000100000000000000000000000000000000119078a20c00010000000009"], 0x0)
syz_emit_ethernet(0x3a, &(0x7f0000000000)=ANY=[@ANYBLOB="0180c2000002bbbbbbbbbbbb6e004500003c00000002001190780000000000000000000000070018907804000000800000000300000000000000"], 0x0)
write$P9_RLERRORu(r9, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r9, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r9, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
lstat(&(0x7f0000000200)='./file0\x00', 0x0)
syz_emit_ethernet(0x3e, &(0x7f0000000200)={@broadcast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x67, 0x0, @rand_addr, @multicast1}, @time_exceeded={0x21, 0x0, 0x0, 0x12, 0x0, 0x2802, {0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @multicast1}}}}}}, 0x0)

55.227361165s ago: executing program 4 (id=3322):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000001240)='./bus\x00', 0x4010, &(0x7f0000000a40)=ANY=[@ANYBLOB="00e789da34e04a1ffbc2f05cefeb4ee6d5ae1071124b2c2fb684f5c7ac05000000c7880f67e775c748f6381a3e01e7f93330b30b90bbb4d2b697899a16f2df4fa2a8f06ac2c5352ddcae2b83672ef3d9f532e55f4e798924ac6332751e737383f6890d2dcfcbdbd41940a64c7b4374674e7bb6dd0d1b8d3d62f6d77b0282e166e2ce4c353d2d4d315a81146bf46a1508ef0d2ddc7d0b447fe17b85b292d13cea2256a16cab12d75a852bc680da7ea837480feb2e1e0000000000003bc18c52d0351cd285197b0641569048b5b416ba1c570000000000100083794afff0a9eed63b1226b18c4b455ab222d7ae1be52a22e8ec8bf2c0c7d99770415863f50aa18bcb66061a29bc55105f3482ed752f882d224a386b51836c1b437036b677156e22e174ff516dbab0b2cdf52bee43c4ffffffffffffffffd9487b8663a339b98df63b4bf3e97f02d6f1e7e65f968dd90841506355d9ac40f1b434c8a9b5bd91a70c53a5aadbebd9ed9d0a55bd47a967163e0c02753f8895bfbf1b41b5490667c241068d59983ae1d0f03e650f5357425284b76d793e25a2558fa437e38b8200000000630000000000000000000000000000000000000000000000e911000000000066e073c14bb74617079e0b6ecfc830db14244567fd8f4e4e5903eaf983786e28295783f130b95dc37f59a658000e88047db7783ce8a9cba6c255902cfb83946ea3f5f7a8cee911b2b37ae4b01e65ea86d5ea7ae17b2a9bc250c9b8fc9fbc04617939bdd13457954172d18701768f8a461bee740f2d82ae566d2e30a93ad2b201a6d16a93c75a950cc437e7f25d3aadddb8edd028d84490b6bafd636aa4fb482a8a4b3987dafe58e742448c4b36b03790090198145dee533257bb9050554f8cace210a5bc5c768f83e99019f7c00ff9ca679768dbba3f7d21c545c99c2f7688f7030fe37121d625d1f81018feb74c9d48eebdf1702550b097271ab9bd38c62f4b31fd9482c05ba064dfa60bd7fafb3c22dc057e6f9e2a5eb144290afe5369110a71d4b7fc5937a32e213c443f3b9e506b25cf9e2520999b330fc9e86bde8c8ec78f67c0c7f24db0000000", @ANYRES16], 0x1, 0x11ee, &(0x7f0000002480)="$eJzs3MGLG1UcB/Bf17Xdbt3NqrXagvjQi16GZg9e9BJkC9KA0jZCKwhTd6IhYxIyYSEiVk9e/TvEozdBvOllL/4N3vbisQdxxKS1jUSpSDdSPp9LfvDel997BAZmmDdHr3/5Ub9bZd18EmsnTsTaKCLdTpFiLe76LF557Ycfn796/cblVru9dyWlS61rzVdTStsvfPfuJ1+/+P3kzDvfbH97Kg533jv6Zffnw3OH549+u/Zhr0q9Kg2Gk5Snm8PhJL9ZFmm/V/WzlN4ui7wqUm9QFeOF8W45HI2mKR/sb22OxkVVpXwwTf1imibDNBlPU/5B3hukLMvS1mbwX3S+ul3XdURdPx4no67r+nRsxpl4IrZiOxqxE0/GU/F0nI1n4lw8G8/F+dmsVa8bAAAAAAAAAAAAAAAAAAAAHi3O/wMAAAAAAAAAAAAAAAAAAMDqXb1+43Kr3d67ktJGRPnFQeegM/+dj7e60YsyirgYjfg1Zqf/5+b1pTfbexfTzE58Xt66k7910HlsMd+cfU5gab45z6fF/KnYvD+/G404uzy/uzS/ES+/dF8+i0b89H4Mo4z9+CN7L/9pM6U33mr/JX9hNg8AAAAeBVn609L79yz7u/F5/kGeD6zdbbaQX48L6yvbNndU04/7eVkW44dWnIyH3uKfio2IWF33By/W43+xDIViXqz6ysRxuPenr3olAAAAAAAAAAAA/BvH8Trh0sanj32rAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA7+zAsQAAAACAMH/rNDo2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYKgAA///20tEU")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0)
write$cgroup_int(r1, &(0x7f0000000000), 0xffffff6a)
r2 = creat(&(0x7f0000000580)='./bus\x00', 0xac)
io_setup(0x1, &(0x7f0000000040)=<r3=>0x0)
io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x1a00001a}])
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r4, &(0x7f0000000140)='Q', 0x1, 0x200980)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
socket$nl_route(0x10, 0x3, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r5}, 0x18)
perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x3f, 0xad, 0x0, 0xcb, 0x0, 0x0, 0x8308, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, @perf_config_ext={0x2, 0xb}, 0x19200, 0x0, 0xfffffffe, 0x3, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='kfree\x00', r6, 0x0, 0x20000401}, 0x18)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x101a00, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x4, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x6c, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000001a40)=ANY=[], 0xf8}, 0x1, 0x0, 0x0, 0x80}, 0x0)
fgetxattr(r7, &(0x7f00000002c0)=@known='security.selinux\x00', 0x0, 0x0)

54.87693894s ago: executing program 4 (id=3326):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x10, &(0x7f00000002c0)={[{@norecovery}, {@max_batch_time={'max_batch_time', 0x3d, 0x3}}]}, 0xee, 0x474, &(0x7f00000004c0)="$eJzs3EtsG0UfAPD/rvNo+viSr5RHSwuBgqh4JE36oAcuIJA4gIQEhyJOIUmrUrdBTZBoVUHhUI6oEnfEEYk7Eie4IOCAkLjCHVWqql5aOBmtvZs6jp06tRu3+PeT1p7ZXWfm79mxxzN2Auhb49lNErE1Iv6IiNFaduUJ47W7G9fOz/597fxsEpXKm1eT6nnXr52fLU4tHrellqlUIoaz5HCTci++EzFTLs+fyfOTS6fen1w8e+65E6dmjs8fnz89feTIwQN7hg5PH+oovjS/z+K6vuujhd07X3370uuzRy+9+/M3WX235sfr47gtWbQNxmvPbqNHs5snOyrsrvJrdrOtbkcy0PrkiQ2oEO0rRUTWXIPV/j8apRhZPjYar3za08oBd1SlUqk0e3/OXagA/2FJ9LoGQG8Ub/TZ599i26Chx13hyou1D0BZ3DfyrXZkYHnuYLDh8203jUfE0Qv/fJlt0Y15CACAW/g+G/8822z8l8YDdef9L19DGYuI/0fE9oi4LyJ2RMT9EdVzH4yIh9ZZfuMKyerxT3r5tgJrUzb+eyFf21o5/itGfzFWynPbqvEPJsdOlOf358/JvhgczvJTa5Txw8u/f16kNzUcqx//ZVtWfjEWzOtxeaBhgm5uZmmm07gLVz6J2DXQLP4kimWcJCJ2RsSu2yzjxNNf72517Nbxr2GNdaZ2Vb6KeKrW/hdiRfw3myppuT459fzh6UOTm6I8v3+yuCpW++W3i2+0Kr+j+Lsga//NTa//5VXgsWRTxOLZcyer67WL6y/j4p+f1fXpFavLWfzptxHrvv6Hkreq6aF834czS0tnpiKGktdW75+++dgiX5yfxb9vb/P+v72uxg9HRHYR74mIR/JF3KztHouIxyNi7xrx//TSE++1Oraq/UeK+NeYle+iLP65W7V/1Lf/+hOlkz9+13b8Tdv/YDW1L9/TzutfuxXs5LkDAACAe0Va/Q58kk4sp9N0YqL2Hf4dsTktLywuPXNs4YPTc7Xvyo/FYFrMdI3WzYdO5XPDRX66IX8gnzf+ojRSzU/MLpTneh089LktLfp/5q9Sr2sH3HFdWEcD7lH6P/Qv/R/6l/4P/Uv/h/7VrP9/3IN6ABvP+z/0L/0f+pf+D/1L/4e+1PK38WlHP/nvcaL43wkd/J2rvY+i48TInSwi0t4H2BeJgU4u43YSw00P9fiFCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoEv+DQAA//9L2OJW")
openat(0xffffffffffffff9c, 0x0, 0x101042, 0x0)
r2 = openat(0xffffffffffffff9c, 0x0, 0x42, 0x1)
fallocate(r2, 0x3, 0x2, 0x8000c62)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
ftruncate(r4, 0x8979)
write$binfmt_script(r3, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x759, &(0x7f0000000180)={[{@nouid32}, {@jqfmt_vfsv1}, {@prjquota}, {@errors_remount}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x7}, 0x0}, {@dioread_nolock}, {@user_xattr}, {@grpjquota_path={'grpjquota', 0x3d, './file0'}}, {@journal_dev={'journal_dev', 0x3d, 0x6bd}}, {@resuid}, {@nombcache}, {@nogrpid}], [], 0x2c}, 0x2, 0x504, &(0x7f0000000c00)="$eJzs3MtvVNUfAPDvnbaU/ni0P3zyUEbR2GiktDwXLoBowsbERGNwZ20LQQoYWhMgjRRjIHGh4S/wsTPxL3ClG6PGhcatxK0xIaYb0IW55s7cGaedmXZap62ln08ywzn3njPnnLn3MOcx0wDWrWL2lERsjoifI6K3HJ2doFj+5+7M1MgfM1MjSaTpy78npXR3ZqZGKkkr+Tblkf5CROG9JHbWF9s9cfnK2eHx8bGL+YGByUIeOjd8euz02PmhI0cO7O85fGjoYFvamdXpzo53LuzafuK1my+OnLz5xrefZ/VN8/O17SjrKz1vaLmEjrojxSjOfi9rPNl61deELTXhpDN7LqxeZWhZdtdml6ur1P97o6MUK+uNF95tmrF7hSoILJs0TdP6rlz9LJtOayVJOUOaXkuBe0ASq10DYHVUPujvzGQz1amR+nnwve32sSjNgLJ2380f5TOdpRlssa88N+papvLvj4iT039+lD2i4ToEAEB7fXks4sbx8rij8iifKcSDNem25ntDfRHx/4jYFhH35eOXByJKaR+KiIdr8mxuYRegOCdeP/75sScP1A5X2yYb/z2X723NHv9Va97Xkce2lNrflZw6Mz62L39P+qOrO4sP1r90dVntq+d/+rBZ+cWa8V/2yMqvjAXzevzWOWeBbnR4crhduyu3r5Xe2Kv17U+iM6mEIrZHxI4lvH72np15+rNdzc7Pan/Wzrr2f9D8xTuXUKE50k8inipf/+mY0/7I9/+S0v7kubcGJi5fefZM7f7k4OFDQwcHNsb42L6Byl1R77sfrr+UB+umEfNc/0rXWNaNtOz6/6/h/V/duezLQtX92onFl3H91o2mc5ql3v8bkldK4cr+7KXhycmLgxEbkun640P/5L003DMrfdb+/j2N+/+2iL8+zvPtjIjsJn4kIh6NiN153R+LiMcjYs887f/m+BNvNptCLtz+5ZW1f3RR179Z4Oj3EY1PdZz9+ou6gt8v1rW/K5pd/wOlUH9+ZHR4cuNC7ZqvprWBf/0GAgAAwBqwu7ROmxT25gtNm6NQ2Ls3YlN1BWVi8plTF94+P1pez+2LrkJlpau3Zj10MF8bzuJZrqGaeHZ+f2ndOE3TtCeLZ/P38S2r23RY9zY16f+ZX+t/0gLcaxa1j9bsF23AmjS3/99qOWf7v5ABrKw2fI8GWKP0f1i/Wu7/y/UrOGDVNOr/VyPurkJVgBXWqP+/Wnfk6IrUBVhZ5v+wfi29//syAKx1Pv9hXWrpR/JLCGw7MU+apHN5Cm0eKMT8fwWgL6JypDKmmf8FfylEtKeGHW1tac+sa1pomGZjNMhe2dppuawoLJimcxF/iGEFAq9vrR4p/BfqUwl0R8QCd2/1ZrtaCVxZ7oqV7oZPV+9/JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgPb4OwAA///LX8/3")
fdatasync(r3)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
mlock2(&(0x7f0000004000/0x4000)=nil, 0x40ef, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
brk(0x4)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0)
mknod(&(0x7f0000000080)='./bus\x00', 0x1000, 0x0)
r5 = open(&(0x7f0000000100)='./bus\x00', 0x143142, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x105042, 0x1db)
splice(r5, 0x0, r6, 0x0, 0x1c, 0x9)
creat(&(0x7f00000000c0)='./file0\x00', 0x198)

53.812952744s ago: executing program 4 (id=3336):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x10, &(0x7f00000002c0)={[{@norecovery}, {@max_batch_time={'max_batch_time', 0x3d, 0x3}}]}, 0xee, 0x474, &(0x7f00000004c0)="$eJzs3EtsG0UfAPD/rvNo+viSr5RHSwuBgqh4JE36oAcuIJA4gIQEhyJOIUmrUrdBTZBoVUHhUI6oEnfEEYk7Eie4IOCAkLjCHVWqql5aOBmtvZs6jp06tRu3+PeT1p7ZXWfm79mxxzN2Auhb49lNErE1Iv6IiNFaduUJ47W7G9fOz/597fxsEpXKm1eT6nnXr52fLU4tHrellqlUIoaz5HCTci++EzFTLs+fyfOTS6fen1w8e+65E6dmjs8fnz89feTIwQN7hg5PH+oovjS/z+K6vuujhd07X3370uuzRy+9+/M3WX235sfr47gtWbQNxmvPbqNHs5snOyrsrvJrdrOtbkcy0PrkiQ2oEO0rRUTWXIPV/j8apRhZPjYar3za08oBd1SlUqk0e3/OXagA/2FJ9LoGQG8Ub/TZ599i26Chx13hyou1D0BZ3DfyrXZkYHnuYLDh8203jUfE0Qv/fJlt0Y15CACAW/g+G/8822z8l8YDdef9L19DGYuI/0fE9oi4LyJ2RMT9EdVzH4yIh9ZZfuMKyerxT3r5tgJrUzb+eyFf21o5/itGfzFWynPbqvEPJsdOlOf358/JvhgczvJTa5Txw8u/f16kNzUcqx//ZVtWfjEWzOtxeaBhgm5uZmmm07gLVz6J2DXQLP4kimWcJCJ2RsSu2yzjxNNf72517Nbxr2GNdaZ2Vb6KeKrW/hdiRfw3myppuT459fzh6UOTm6I8v3+yuCpW++W3i2+0Kr+j+Lsga//NTa//5VXgsWRTxOLZcyer67WL6y/j4p+f1fXpFavLWfzptxHrvv6Hkreq6aF834czS0tnpiKGktdW75+++dgiX5yfxb9vb/P+v72uxg9HRHYR74mIR/JF3KztHouIxyNi7xrx//TSE++1Oraq/UeK+NeYle+iLP65W7V/1Lf/+hOlkz9+13b8Tdv/YDW1L9/TzutfuxXs5LkDAACAe0Va/Q58kk4sp9N0YqL2Hf4dsTktLywuPXNs4YPTc7Xvyo/FYFrMdI3WzYdO5XPDRX66IX8gnzf+ojRSzU/MLpTneh089LktLfp/5q9Sr2sH3HFdWEcD7lH6P/Qv/R/6l/4P/Uv/h/7VrP9/3IN6ABvP+z/0L/0f+pf+D/1L/4e+1PK38WlHP/nvcaL43wkd/J2rvY+i48TInSwi0t4H2BeJgU4u43YSw00P9fiFCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoEv+DQAA//9L2OJW")
openat(0xffffffffffffff9c, 0x0, 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, 0x0, 0x42, 0x1)
fallocate(r1, 0x3, 0x2, 0x8000c62)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
ftruncate(r3, 0x8979)
write$binfmt_script(r2, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x759, &(0x7f0000000180)={[{@nouid32}, {@jqfmt_vfsv1}, {@prjquota}, {@errors_remount}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x7}, 0x0}, {@dioread_nolock}, {@user_xattr}, {@grpjquota_path={'grpjquota', 0x3d, './file0'}}, {@journal_dev={'journal_dev', 0x3d, 0x6bd}}, {@resuid}, {@nombcache}, {@nogrpid}], [], 0x2c}, 0x2, 0x504, &(0x7f0000000c00)="$eJzs3MtvVNUfAPDvnbaU/ni0P3zyUEbR2GiktDwXLoBowsbERGNwZ20LQQoYWhMgjRRjIHGh4S/wsTPxL3ClG6PGhcatxK0xIaYb0IW55s7cGaedmXZap62ln08ywzn3njPnnLn3MOcx0wDWrWL2lERsjoifI6K3HJ2doFj+5+7M1MgfM1MjSaTpy78npXR3ZqZGKkkr+Tblkf5CROG9JHbWF9s9cfnK2eHx8bGL+YGByUIeOjd8euz02PmhI0cO7O85fGjoYFvamdXpzo53LuzafuK1my+OnLz5xrefZ/VN8/O17SjrKz1vaLmEjrojxSjOfi9rPNl61deELTXhpDN7LqxeZWhZdtdml6ur1P97o6MUK+uNF95tmrF7hSoILJs0TdP6rlz9LJtOayVJOUOaXkuBe0ASq10DYHVUPujvzGQz1amR+nnwve32sSjNgLJ2380f5TOdpRlssa88N+papvLvj4iT039+lD2i4ToEAEB7fXks4sbx8rij8iifKcSDNem25ntDfRHx/4jYFhH35eOXByJKaR+KiIdr8mxuYRegOCdeP/75sScP1A5X2yYb/z2X723NHv9Va97Xkce2lNrflZw6Mz62L39P+qOrO4sP1r90dVntq+d/+rBZ+cWa8V/2yMqvjAXzevzWOWeBbnR4crhduyu3r5Xe2Kv17U+iM6mEIrZHxI4lvH72np15+rNdzc7Pan/Wzrr2f9D8xTuXUKE50k8inipf/+mY0/7I9/+S0v7kubcGJi5fefZM7f7k4OFDQwcHNsb42L6Byl1R77sfrr+UB+umEfNc/0rXWNaNtOz6/6/h/V/duezLQtX92onFl3H91o2mc5ql3v8bkldK4cr+7KXhycmLgxEbkun640P/5L003DMrfdb+/j2N+/+2iL8+zvPtjIjsJn4kIh6NiN153R+LiMcjYs887f/m+BNvNptCLtz+5ZW1f3RR179Z4Oj3EY1PdZz9+ou6gt8v1rW/K5pd/wOlUH9+ZHR4cuNC7ZqvprWBf/0GAgAAwBqwu7ROmxT25gtNm6NQ2Ls3YlN1BWVi8plTF94+P1pez+2LrkJlpau3Zj10MF8bzuJZrqGaeHZ+f2ndOE3TtCeLZ/P38S2r23RY9zY16f+ZX+t/0gLcaxa1j9bsF23AmjS3/99qOWf7v5ABrKw2fI8GWKP0f1i/Wu7/y/UrOGDVNOr/VyPurkJVgBXWqP+/Wnfk6IrUBVhZ5v+wfi29//syAKx1Pv9hXWrpR/JLCGw7MU+apHN5Cm0eKMT8fwWgL6JypDKmmf8FfylEtKeGHW1tac+sa1pomGZjNMhe2dppuawoLJimcxF/iGEFAq9vrR4p/BfqUwl0R8QCd2/1ZrtaCVxZ7oqV7oZPV+9/JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgPb4OwAA///LX8/3")
fdatasync(r2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
mlock2(&(0x7f0000004000/0x4000)=nil, 0x40ef, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x27, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r0}, 0x10)
brk(0x4)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0)
mknod(&(0x7f0000000080)='./bus\x00', 0x1000, 0x0)
r4 = open(&(0x7f0000000100)='./bus\x00', 0x143142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x105042, 0x1db)
write$cgroup_subtree(r4, &(0x7f0000000480)=ANY=[], 0x9)
splice(r4, 0x0, r5, 0x0, 0x1c, 0x9)
creat(&(0x7f00000000c0)='./file0\x00', 0x198)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @cgroup_device, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)

38.733441903s ago: executing program 32 (id=3336):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x10, &(0x7f00000002c0)={[{@norecovery}, {@max_batch_time={'max_batch_time', 0x3d, 0x3}}]}, 0xee, 0x474, &(0x7f00000004c0)="$eJzs3EtsG0UfAPD/rvNo+viSr5RHSwuBgqh4JE36oAcuIJA4gIQEhyJOIUmrUrdBTZBoVUHhUI6oEnfEEYk7Eie4IOCAkLjCHVWqql5aOBmtvZs6jp06tRu3+PeT1p7ZXWfm79mxxzN2Auhb49lNErE1Iv6IiNFaduUJ47W7G9fOz/597fxsEpXKm1eT6nnXr52fLU4tHrellqlUIoaz5HCTci++EzFTLs+fyfOTS6fen1w8e+65E6dmjs8fnz89feTIwQN7hg5PH+oovjS/z+K6vuujhd07X3370uuzRy+9+/M3WX235sfr47gtWbQNxmvPbqNHs5snOyrsrvJrdrOtbkcy0PrkiQ2oEO0rRUTWXIPV/j8apRhZPjYar3za08oBd1SlUqk0e3/OXagA/2FJ9LoGQG8Ub/TZ599i26Chx13hyou1D0BZ3DfyrXZkYHnuYLDh8203jUfE0Qv/fJlt0Y15CACAW/g+G/8822z8l8YDdef9L19DGYuI/0fE9oi4LyJ2RMT9EdVzH4yIh9ZZfuMKyerxT3r5tgJrUzb+eyFf21o5/itGfzFWynPbqvEPJsdOlOf358/JvhgczvJTa5Txw8u/f16kNzUcqx//ZVtWfjEWzOtxeaBhgm5uZmmm07gLVz6J2DXQLP4kimWcJCJ2RsSu2yzjxNNf72517Nbxr2GNdaZ2Vb6KeKrW/hdiRfw3myppuT459fzh6UOTm6I8v3+yuCpW++W3i2+0Kr+j+Lsga//NTa//5VXgsWRTxOLZcyer67WL6y/j4p+f1fXpFavLWfzptxHrvv6Hkreq6aF834czS0tnpiKGktdW75+++dgiX5yfxb9vb/P+v72uxg9HRHYR74mIR/JF3KztHouIxyNi7xrx//TSE++1Oraq/UeK+NeYle+iLP65W7V/1Lf/+hOlkz9+13b8Tdv/YDW1L9/TzutfuxXs5LkDAACAe0Va/Q58kk4sp9N0YqL2Hf4dsTktLywuPXNs4YPTc7Xvyo/FYFrMdI3WzYdO5XPDRX66IX8gnzf+ojRSzU/MLpTneh089LktLfp/5q9Sr2sH3HFdWEcD7lH6P/Qv/R/6l/4P/Uv/h/7VrP9/3IN6ABvP+z/0L/0f+pf+D/1L/4e+1PK38WlHP/nvcaL43wkd/J2rvY+i48TInSwi0t4H2BeJgU4u43YSw00P9fiFCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoEv+DQAA//9L2OJW")
openat(0xffffffffffffff9c, 0x0, 0x101042, 0x0)
r1 = openat(0xffffffffffffff9c, 0x0, 0x42, 0x1)
fallocate(r1, 0x3, 0x2, 0x8000c62)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
ftruncate(r3, 0x8979)
write$binfmt_script(r2, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x759, &(0x7f0000000180)={[{@nouid32}, {@jqfmt_vfsv1}, {@prjquota}, {@errors_remount}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x7}, 0x0}, {@dioread_nolock}, {@user_xattr}, {@grpjquota_path={'grpjquota', 0x3d, './file0'}}, {@journal_dev={'journal_dev', 0x3d, 0x6bd}}, {@resuid}, {@nombcache}, {@nogrpid}], [], 0x2c}, 0x2, 0x504, &(0x7f0000000c00)="$eJzs3MtvVNUfAPDvnbaU/ni0P3zyUEbR2GiktDwXLoBowsbERGNwZ20LQQoYWhMgjRRjIHGh4S/wsTPxL3ClG6PGhcatxK0xIaYb0IW55s7cGaedmXZap62ln08ywzn3njPnnLn3MOcx0wDWrWL2lERsjoifI6K3HJ2doFj+5+7M1MgfM1MjSaTpy78npXR3ZqZGKkkr+Tblkf5CROG9JHbWF9s9cfnK2eHx8bGL+YGByUIeOjd8euz02PmhI0cO7O85fGjoYFvamdXpzo53LuzafuK1my+OnLz5xrefZ/VN8/O17SjrKz1vaLmEjrojxSjOfi9rPNl61deELTXhpDN7LqxeZWhZdtdml6ur1P97o6MUK+uNF95tmrF7hSoILJs0TdP6rlz9LJtOayVJOUOaXkuBe0ASq10DYHVUPujvzGQz1amR+nnwve32sSjNgLJ2380f5TOdpRlssa88N+papvLvj4iT039+lD2i4ToEAEB7fXks4sbx8rij8iifKcSDNem25ntDfRHx/4jYFhH35eOXByJKaR+KiIdr8mxuYRegOCdeP/75sScP1A5X2yYb/z2X723NHv9Va97Xkce2lNrflZw6Mz62L39P+qOrO4sP1r90dVntq+d/+rBZ+cWa8V/2yMqvjAXzevzWOWeBbnR4crhduyu3r5Xe2Kv17U+iM6mEIrZHxI4lvH72np15+rNdzc7Pan/Wzrr2f9D8xTuXUKE50k8inipf/+mY0/7I9/+S0v7kubcGJi5fefZM7f7k4OFDQwcHNsb42L6Byl1R77sfrr+UB+umEfNc/0rXWNaNtOz6/6/h/V/duezLQtX92onFl3H91o2mc5ql3v8bkldK4cr+7KXhycmLgxEbkun640P/5L003DMrfdb+/j2N+/+2iL8+zvPtjIjsJn4kIh6NiN153R+LiMcjYs887f/m+BNvNptCLtz+5ZW1f3RR179Z4Oj3EY1PdZz9+ou6gt8v1rW/K5pd/wOlUH9+ZHR4cuNC7ZqvprWBf/0GAgAAwBqwu7ROmxT25gtNm6NQ2Ls3YlN1BWVi8plTF94+P1pez+2LrkJlpau3Zj10MF8bzuJZrqGaeHZ+f2ndOE3TtCeLZ/P38S2r23RY9zY16f+ZX+t/0gLcaxa1j9bsF23AmjS3/99qOWf7v5ABrKw2fI8GWKP0f1i/Wu7/y/UrOGDVNOr/VyPurkJVgBXWqP+/Wnfk6IrUBVhZ5v+wfi29//syAKx1Pv9hXWrpR/JLCGw7MU+apHN5Cm0eKMT8fwWgL6JypDKmmf8FfylEtKeGHW1tac+sa1pomGZjNMhe2dppuawoLJimcxF/iGEFAq9vrR4p/BfqUwl0R8QCd2/1ZrtaCVxZ7oqV7oZPV+9/JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgPb4OwAA///LX8/3")
fdatasync(r2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
mlock2(&(0x7f0000004000/0x4000)=nil, 0x40ef, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x27, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r0}, 0x10)
brk(0x4)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0)
mknod(&(0x7f0000000080)='./bus\x00', 0x1000, 0x0)
r4 = open(&(0x7f0000000100)='./bus\x00', 0x143142, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x105042, 0x1db)
write$cgroup_subtree(r4, &(0x7f0000000480)=ANY=[], 0x9)
splice(r4, 0x0, r5, 0x0, 0x1c, 0x9)
creat(&(0x7f00000000c0)='./file0\x00', 0x198)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @cgroup_device, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)

4.773396594s ago: executing program 0 (id=3859):
r0 = socket$kcm(0x2d, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f0000000340)={<r1=>r0})
getsockopt$inet_sctp_SCTP_RTOINFO(r1, 0x11d, 0x0, 0x0, 0x0) (fail_nth: 1)

4.35261512s ago: executing program 0 (id=3864):
r0 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r0, &(0x7f0000000040), 0xc)
recvmmsg(r0, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}, 0x9}], 0x1, 0x2, 0x0)
r1 = getpgid(0x0)
r2 = syz_open_dev$usbfs(&(0x7f0000000340), 0x800000001f7, 0x82)
creat(0x0, 0x48)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x2)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xd, &(0x7f0000000780)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
ioctl$KDFONTOP_SET(r3, 0x4b72, &(0x7f0000000080)={0x0, 0x3000040, 0x8, 0x1b, 0xfe, &(0x7f00000000c0)="387ed7626d850509a2d6c1aa38f15cd00f85c263cb226db671261fff7ce9c555f189afae3530db6dd493f28fd988721b9ae21b3e3b4523ae2594f47d8f62b480c4160b1f90ac9c41fae6ab12ac4c113fef588684ef495689092883b902a41cd75387ef6f7bc7d460d5e665f398ff95596dc94ec97003a3db08e500c2fb07e11aa4031a61c51caf7a65a2b613bda33f3eaeae635d7cd81761e74c38a7695800a15516eb337056e02335f9a7d10aa2eaf7beb7e1f7a1e850ecb3421143c5c4ded0f083a0c524dcf320827266819b6a952db5bc96141b26c54db857edbcbbc81c7af7aadf50bc549974b6401a19cdb130282b955592efa94242065a4c8d695a2cdd9ada350defd58c775b92d348305774d3a256c7520b285d8da0dbf5e20d604413ed2ddf9bcbf881caf811852806175d63892a15234fbcd7a88a2a0aea45d19148f0e7dada7d6d0d77881387fdeaa02863be90b88dfff412bff40c31c6415c54ae3335e54a49d315851feffe30d999c36def4df7df747695ef060000001bbe1b649f42f310859122c0d2c1e558dc6586958a28374f386ecf369274e43003a09b5159ea515eb44521901ef0d00baa91c10a8e44a76aac3468a15bd3d45ad389977467f306f9bcde071b30769795eed2f1580414d168f557cd90040c4bd2a3d6bc509254a12cece59181fcb5bad8c24bd9f8f78d17ab01831325501e80d899e9252f99d3a2666343392fda115048e4f4dd9f45657f8224fc78eb1168fe0527fac33466aadf48f16994d29a47778566e0f3945b2bf36b6eecc7fa18914beb66ac9e519bd3330000000000000009a3237aebbe3bed781e39d5a0fb0cdc60e196f2261305feb596b5b66ab89d2d6333f699b16db68986ab3eee7b199fefb5f79ffb2d1050e46982af1c14a88dd9b647ba812f56a8404755c73e74bb90e64bab9647c70ed5afca1c3d87907d14df8aa9df6f40a80ace2bb8a2aad3b0c66915927db4173181943d88c0c76d5969e2043db5bd77fd60ba0f012139929ccfec965c1f769785a4d23332d71f0875e3146afef5b20cc306d3ecee65944fe9829e0ad0c3f6bb2fdc1bc31152538db50f47dc38ba908a0d808687e478a609fe0daa0000000000000000e7f2e98597e27f3e1dba9c3c16e9fab3bda6ed33cb1c75513e2264b69d4794ded98eff9aa53d22eb77c9d93169c04ab2490bf28106f770e07eb7a9e8fd4e71929f918b98c4cbfcb11a90139264a9ee807c973167f493760278df0cc34be9e8f86f948d9a62e63ad6ca9d174d2465380b1a00ddc42915e4f3a5db640600000095a3d63904c9ecd1c313c08e29b814bd8fed1ab6d2846c73345962895d289ac77152cac2e04c93a5470774975b42091f218dd1e68a15f8226577bf9481ae0555db64a717eb23a811356d00000000ddffffff00"})
r6 = dup(r2)
r7 = socket$inet6(0xa, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mbind(&(0x7f00005b4000/0x4000)=nil, 0x100000000004000, 0x0, 0x0, 0x0, 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0xb, &(0x7f0000000880)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r8}, 0x10)
r9 = syz_open_dev$usbfs(&(0x7f0000000040), 0x1ff, 0x8401)
fcntl$dupfd(r9, 0x0, r9)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
fstatfs(0xffffffffffffffff, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r7, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@empty, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0xa}, {0xffffffdfffffffff, 0x0, 0x0, 0x0, 0xfffffffffffff4f7, 0x0, 0x6}, {}, 0x0, 0x0, 0x0, 0x1, 0x3}, {{@in=@multicast1, 0x4d6, 0x2b}, 0x0, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x3}}, 0xe8)
r10 = socket$key(0xf, 0x3, 0x2)
r11 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/18, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmsg$key(r10, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0)
ioctl$USBDEVFS_CONTROL(r6, 0xc0185500, &(0x7f0000000040)={0x1, 0x3, 0x18, 0xf, 0x0, 0x2, 0x0})
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @tid=r1}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)

3.439518563s ago: executing program 3 (id=3884):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000500000002"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
r2 = open$dir(&(0x7f0000000100)='./file0\x00', 0x149800, 0x0)
io_setup(0x1, &(0x7f0000000b80)=<r3=>0x0)
mount(0x0, &(0x7f0000000240)='./cgroup\x00', &(0x7f0000000500)='autofs\x00', 0x0, &(0x7f0000000280)='gid=0,no9\xe1\x12 \x91\xfdP\x83\x0e\xb9G!8\xb0\x89\x99\x81\x02\x85\x1cE\b\x9f\x0f8-\xf6\xa4 \x99\x8d\x1d\x8a\xc7\xc5\x96\xe8Ee\xd5\xac\x18(\x9d\tIr\xdd\\\x95\x9eu}\x06ib\x88\x8c\x9d\xde\xeaT0;\xb4\x1f\x8cm\x15y\xb4[Gc\xaf\xee#\xcf>Qk\xcf\xfc\x12bY\xfc&\x93\xe0\xcc#\x93w\x84@/VV\xbc\x0eL\xeb~1\x832\xa7\xf7l\x1b\xffh<y\xde\b\xaf\x1a\xf0\xd5M\xc8v\xf7\xab\x17\x19^\x167 !\x14\x05J\xd0>\x96O\x84h\x1b\'\x15\xae\xc8\xfbrK1\x1b\x82\\kU{!\x8fe\xbd\xfa\xf3\xac\xdc\x9a7\xbb\xdf\xdf\n\xc4U\xfa\x15\x03e\xe2[\xa6\xd3\xce%\b#s\x05\x00\x00\xc0\x03\x84\x0e\xc3\x0e\xce\x1e\xe4\xc8\xd4s\xd8\xe4W\x8a\x18j\xc4S\xbf\xc9\xcc1\x87\xa0\f\x91/\x8b\a\xdd\x1bj\xff\xae\xfcJM\x9b\xc3\xe6q\xc1T\x19\xa9,\xef\x8ax\xbb\x18\xe7\x99\xff\x10\x15S\x19\'?\xfbt/\x86\xc6\xd3\xb2c\xc4*\x06\x05NT\xaa_\x97\xda8\xc8\xd0\x8d\x87Yk\xa1\x83\x9f\x86.[\x83\xdf&\x13\xcc\xb9\x01`D7R\xb7o\xa1\x1e\xffD#\t\x18i\xed\xa4<\x9c\x02\x00\x82\xbd\x93\x9e+\x03\xc6w?\x83\x05\x0e\xf3TB]\xc0V\x1b\xf3\xfe\xe1s1r\xcb\xbc9\x19#3k\xd4#r\x9e=C\xd6k\xf89S\xb3\xf4\x84\xd8)\x17L\xeb\xf4\xf3iW\xe6\x9b\x8a\x13\x01\x0ej\x88N\xb5\xf7e;\xdd\xe1\xfc\x9c\x8a\xae>=n\xb3\x12\x7f\x94\x19~\x93\x92xK\x9b\x9e\xa6\x9e\x16v\"e\xe80\xa3%oS\xb4\xad\xb1\xb6\xe0\xef\x1fy\xf2\x1aN\xd7\xee\\*6\xa6\x8e\x84 \xc5\xc0\xd4/\x0eVg\xc1\xd9\xcb\xdc\xc7p)1\x00u\xa5\x8c\n\x91l\xef\x17\xfc\xc2\xef\xb9\x03\b*\x1c\xc6\xe8\x9a\xe0o\xba\x1d {%\x904\xa2\x8f\xed\xca%Z\x1a#\xddA7\x1b\xdf\xd5]\xc6\x0f\x9a\xf5)g\x8c\x98\x9e\xe6\x9b\xbd\x96\xc3\xb6}3\x98r\\.o\xe0\xee\x1d\x80\x0f\x8c\xa0%>]\x9a{=\xdd\x80\x13.\x96\xf9]u\x96P\xdb+A\xaa\xce\x9dP\xde\v\x16\x1d\x05\xbe\xd3\x8c\x99\xb2\x1b\xccX\xfdy\x05\xb0Q]bB')
symlink(&(0x7f0000001780)='./file0/../file0\x00', &(0x7f00000017c0)='./file0\x00')
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={0xffffffffffffffff, 0x0, 0x41, 0x0, &(0x7f0000000100)="ccfbb1398f1fe15bef5619bef9215fc8c576c57bc7aebdbfd1a5d7e5f4a1fb5b380b65bc0dd3f6482cd438a752757d04473041bf936e6d17ec6cb4db6033684951", 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x82}, 0x50)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r4, 0x84, 0x6d, &(0x7f0000000080), &(0x7f0000000140)=0x8)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
io_submit(r3, 0x1, &(0x7f0000001d00)=[&(0x7f0000001a80)={0x0, 0x0, 0x0, 0x5, 0x1, r2, 0x0, 0x0, 0x1, 0x0, 0x3}])
mount$bind(&(0x7f0000000200)='./file0\x00', &(0x7f00000004c0)='./file0\x00', &(0x7f0000000540), 0x3814406, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r1}, 0x10)
r5 = socket$can_raw(0x1d, 0x3, 0x1)
unshare(0x2c020400)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000cbffffff00000000000000008500000041000000850000005000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r6, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
setsockopt$CAN_RAW_FILTER(r5, 0x65, 0x1, &(0x7f0000000340)=[{{0x0, 0x0, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{}, {0x0, 0x0, 0x1, 0x1}}], 0x10)
setsockopt$CAN_RAW_FILTER(r5, 0x65, 0x1, &(0x7f0000000100)=[{{0x0, 0x0, 0x1}, {0x0, 0x0, 0x1, 0x1}}], 0x8)

3.104376717s ago: executing program 3 (id=3886):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000001600)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB='@\x00\x00\x00\x00\x00\x00\x00\x00'], 0x1c}}, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000000085008b00700000009572299c9322236d30842d30cb57f082ffef4fcc3808b58bb7e4158072fde5eec11b044dc9ce2d71e9f820a0706b5fe800c9dae6e6bd580202039b35ff849b"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sys_enter\x00', r3}, 0x10)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000180)={'rose0\x00', 0x112})
bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="090000000c000000080000000300000040000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00G\x00\x00\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x50)
syz_usb_connect$hid(0x0, 0x0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x20000084)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000240), 0x36, 0xcc800)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000c, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
syz_clone3(&(0x7f00000002c0)={0x44100000, 0x0, 0x0, 0x0, {0x31}, 0x0, 0x0, 0x0, 0x0}, 0x58)

2.678076323s ago: executing program 1 (id=3891):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xf, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x10, &(0x7f0000000580)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
timer_create(0x0, 0x0, 0x0)
timer_gettime(0x0, &(0x7f0000000140))
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000200)={'vxcan1\x00'})
bind$can_raw(r2, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000"], 0x48)
syz_usb_connect(0x0, 0x5f, 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
socket$key(0xf, 0x3, 0x2)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000400)='./file0/../file0\x00', &(0x7f00000001c0), 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x800714, &(0x7f0000000000)={[{@nobarrier}]}, 0xff, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDv7Db93SbWWm1tNVrF4o+kSav24EFFwYOCoId6jElaa7eNNBFsCRpF6lEK3sWj4F/gzYuoBxG8KniUQtEgNPW0Mr+a7WaTJmmSNdnPBzb73s6bfe87M2/3zbzMBtCxetM/ScTOiPgtIrrz7K0FevOnmenJ4RvTk8NJ1Otv/JVk5a5PTw6XRcv1dhSZI5WIyqdJPJ/MrXf84qWzQ7Xa6IUi3z9x7r3+8YuXnjpzbuj06OnR84MnThw/NvDsM4NPr0icaVzXD3w4dnD/K29deW345JW3f/wmbda+Q/nyxjhu60aLgFroTbfa3/VM87JHl9D29WBXQzrZ1MaGsCTViEh3V1fW/7ujGrM7rzte/qStjQNWVfrdtGX+xVN1YANLot0tANqj/KJPz3/LxxoNPf4Xrr0QsblIz0xPDs/cjL9arxSvd61i/b0RcXLq3y/TRyz1OgQAwDJkY5snW43/KrEve87nOnYXcyg9EXFXROyJiLsjYm9E3BORlb03Iu7LV653L7L+3qb83PFP5WrLNq+QdPz3XMPYb6Yh/uKpp1rkdmXxdyWnztRGjxbb5Eh0bUnzAwvU8d1Lv34+37LG8V/6SOsvx4JFA65uarpANzI0MbRSG+HaxxEHNrWKP7k5E5AeAfsj4sDS3np3mTjz+NcH5yt0+/gXsALzTPWvIh7L9/9UNMVfShaen+zfGrXRo/3lUTHXT79cfn2++u8o/hWQ7v/ttx7/TSW6/0ny+dquqNVGL4wvvY7Lv3827znNco//zcmb2Zz1z+/kr30wNDFxYSBic/Jqli/P6bLXB2fXLfNl+TT+I4db9/89xTpp/PdHRHoQH4qIByLiwaLtD0XEwxFxeIH4f3jxkXcXiD+JJNq6/0dafv7dPP57ksb5+mUkqme//3a+GfPF7f/jMZV91uayz7/bWGwD73DzAQAAwLpQiYidkVT68nTvzqhU+vry/+HfG9srtbHxiSdOjb1/fiS/R6Anuirlla7uhuuhA8lU8Y55frC4VlwuP1ZcN/6iui3L9w2P1UbaHDt0uh239v8o+3/qz2q7WwesOvdrQedq7v+VNrUDWHuL+f53LgAbU4v+v60d7QDWnvN/6Fyt+v9HTXnjf9iY5vb/P1r8ZB2wERn/Q+fS/6Fz6f/Qke7kvv7lJ8qbBZb/PlsXfYd/pyTKX7xYzbq2xewrUWl7yB2USHvM2lY6+xsqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA69l/AQAA//9EvefZ")
setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x6, 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000000), 0x208e24b)

1.813673145s ago: executing program 1 (id=3902):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0, <r1=>0xffffffffffffffff}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r4, 0x1, 0x2e, &(0x7f0000000380)=0x80, 0x4)
setsockopt$inet6_tcp_int(r4, 0x6, 0x13, &(0x7f00000000c0)=0x100000001, 0x4)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000cc0)={0x11, 0x4, &(0x7f00000001c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000c80)='rpcb_getport\x00', r5, 0x0, 0xfffffffffffffff7}, 0x18)
readahead(0xffffffffffffffff, 0x5, 0xc33)
connect$inet6(r4, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c)
recvmmsg(r4, &(0x7f0000000080), 0x21e, 0x40010002, 0x0)
renameat2(r3, &(0x7f0000000240)='./file1\x00', r3, &(0x7f00000002c0)='./file1\x00', 0x1)
pipe2$watch_queue(&(0x7f0000000080)={0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x80)
r7 = signalfd(0xffffffffffffffff, &(0x7f0000000240)={[0xfffffffe]}, 0x8)
read(r7, &(0x7f0000000740)=""/384, 0x200008ca)
r8 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x281c2, 0x0)
fcntl$setlease(r8, 0x400, 0x0)
r9 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000d80)=ANY=[@ANYBLOB="0300000004000000040000000a00c07accee00006e7db36d32b27db968e18554769eba26cc3046c4ea5a81a72a11c0f19e9359c09bbe4b181f927ad9a2705a18303b8b32950960377692d7ef34effb8942eb69694e5648387d6884a333576d5fd884613cbc177167826377a416e48cc87531d2b124e451f7e62a228621549a5a8aa1f0da05c0cfbd370c7348af5bac5f45492790f29cbb6433d76b11fc2d23aa5d985c00"/176, @ANYRES32=r1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="03000000030000000400"/28], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000880)={0x6, 0x2, &(0x7f0000000080)=@raw=[@cb_func={0x18, 0x7, 0x4, 0x0, 0x8}], &(0x7f0000000300)='GPL\x00', 0x8, 0xec, &(0x7f0000000340)=""/236, 0x41000, 0x23, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x1e, 0x18, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000800000000000000ff00000018170000", @ANYRES32=r3, @ANYBLOB="000000000000000085000000350000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300004c957b548500000006000000c52af4ff0000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000060000007b8a2e207829ad91219100000000000007020000f8ffffffb703000008000000b70400000200000085000000820004100000000000000000"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0xda, &(0x7f0000000380)=""/218, 0x0, 0x41, '\x00', 0x0, @sk_lookup=0x24, r7, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000300)={0x3, 0x9, 0x8, 0x100}, 0x10, 0x0, r2, 0x2, &(0x7f0000000640)=[r8, r9], &(0x7f0000000680)=[{0x4, 0x5, 0xc, 0x9}, {0x3, 0x3, 0x6, 0x5}], 0x10, 0x3, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x69, 0x7ffc0005}]})
llistxattr(0x0, 0x0, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r6, 0x89f3, &(0x7f0000000ac0)={'syztnl1\x00', &(0x7f0000000a40)={'gretap0\x00', <r10=>0x0, 0x700, 0x80, 0x4, 0x9, {{0xe, 0x4, 0x0, 0x34, 0x38, 0x64, 0x0, 0x1, 0x2f, 0x0, @multicast1, @local, {[@timestamp_prespec={0x44, 0x24, 0x90, 0x3, 0x0, [{@loopback, 0x1}, {@remote, 0x8f1}, {@empty, 0x10}, {@multicast1}]}]}}}}})
r11 = creat(&(0x7f00000002c0)='./file0\x00', 0x6)
r12 = syz_clone3(&(0x7f0000001880)={0x120000000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
tgkill(r12, r12, 0x21)
write$tun(r11, &(0x7f0000000380)=ANY=[], 0x36)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000bc0)={0x11, 0x15, &(0x7f00000008c0)=@raw=[@map_idx_val={0x18, 0xa, 0x6, 0x0, 0xf, 0x0, 0x0, 0x0, 0x41}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffe}, @printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xffffffff}}, @printk={@llx, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3}}, @map_idx={0x18, 0x2, 0x5, 0x0, 0x2}], &(0x7f0000000980)='GPL\x00', 0xa, 0x4c, &(0x7f00000009c0)=""/76, 0x41000, 0x0, '\x00', r10, 0x0, r11, 0x8, &(0x7f0000000b00)={0x1, 0x3}, 0x8, 0x10, &(0x7f0000000b40)={0x0, 0x10, 0xfffffffd, 0x5}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000b80)=[r7, r1, r3, r7, r9, r7, r7, r1], 0x0, 0x10, 0x120, @void, @value}, 0x94)

1.758421026s ago: executing program 3 (id=3903):
unlink(&(0x7f0000000180)='./file1\x00')
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x80801c, &(0x7f00000001c0)={[{@quota}, {@jqfmt_vfsv0}, {@init_itable}, {@errors_remount}, {@nobarrier}]}, 0x1, 0x520, &(0x7f0000001300)="$eJzs3c9vI1cdAPDveDeJs02btPQACOhSCgtarbPxtquqB1hOCKEKRI8gbUPijaLYcRQ7pQl7SP8HJCpxgiN/AOdKSNy5ILhxKQckfkSgphIHoxmPs05iN2GTeNL485FG894bx9/vW8vv2c9rvwDG1s2I2I2IyYh4OyJm8/YkP+JB90hv99He46X9vcdLSXQ6b/0zya6nbdH3N6ln8vssR8QPvxPxk+R43Nb2ztpivV7b7Fan59uNjfnW9s6d1cbiSm2ltl6t3l+4f/f1e69Vz62vLzUm89IXP/zD7jd+lqY1k7f09+M8dbs+cRAndT0ivncRwQpwLe/PZNGJ8FRKEfFCRLycPf9n41r2aAIAV1mnMxud2f76IDE3uB0A+DQqZWtgSamSrwXMRKlUqXTX8F6MG6V6s9W+/ai5tb7cXSubi4nSo9V67W6+VjgXE0laX8jKT+rVI/V7EfF8RPx8ajqrV5aa9eUiX/gAwBh75sj8/5+p7vzfb6pX+F0BCQIAF6NcdAIAwMiZ/wFg7PjuBgCMIe//AWD8PJn/HxSaBwAwOt7/A8D4Mf8DwFj5wZtvpkdnP//96+V3trfWmu/cWa611iqNraXKUnNzo7LSbK5kv9nTOOn+6s3mxsKrsfXu3Dc3Wu351vbOw0Zza739MPtd74e1iZH0CgD4JM+/9MGfk4jYfWM6O6Lv+wDmarjaSkUnABTmWtEJAIWx2xeMrzO8x7c8AFfEgC16DylHxPTRxk6n07m4lIALdutz1v9hXPWt//tfwDBmrP/D+LL+D+Or00mG7Pl/TJz2hgDA5WaNHxjy+f8L+fk3+YcDP14+eov3LzIrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuNx6+/9W8r3AZ6JUqlQino2IuZhIHq3Wa3cj4rmI+NPUxFRaXyg4ZwDgrEp/S/L9v27NvjJz9Opk8vFUdo6In/7yrV+8u9hub/4xbf/XQXv7/by9WkT+AMBJevN0du57I//R3uOl3pE3fX8U+fz92xFR7sbf35uM/YP41+N6di7HRETc+HeS17uSvrWLs9h9LyI+O6j/ScxkayDdnU+Pxk9jPzvS+KVD8UvZte45/bf4zDnkAuPmg3T8eTDo+VeKm9l58PO/nI1QZ5ePf+ldLe1nY+CT+L3x79qQ8e/maWO8+vvvdkvTx6+9F/H56xG92Pt9408vfjIk/iunjP+XL3zp5WHXOr+KuBWD4/fHmm83NuZb2zt3VhuLK7WV2nq1en/h/t3X771Wnc/WqOeHzwb/eOP2c1lhwE3S/t8YEr98Qv+/esr+//q/b//oy0OupfG//pVB8Uvx4ifET+fEr50y/uKN35aHXUvjLw/p/0mP/+1Txv/wrzvHtg0HAIrT2t5ZW6zXa5ujLPReSIw0aKGF6cuRxmkKU/mDc1nyOVS4tImtLda/NapYk/F//VWn81SxDg0TfZ8LnseqG3AZHDzpI+LjopMBAAAAAAAAAAAAAAAGutAvKiXdQtF9BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Or6XwAAAP//wlnKBg==")
r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000001800)=ANY=[@ANYBLOB="0180c200000050a245d5cde0080045000028000000000002907800000000ff13ffff16009078e0000002000100010000000000000000"], 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001900)={0x11, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x2000)
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file1\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)

1.694180677s ago: executing program 3 (id=3906):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000027b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000e00)='kfree\x00', r1, 0x0, 0x4ab}, 0x18)
unshare(0x22040200)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x6a)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r5}, 0x18)
move_pages(0x0, 0x2064, &(0x7f0000000040)=[&(0x7f0000ff9000/0x2000)=nil], &(0x7f0000001180), &(0x7f0000000000), 0x0)
ioctl$TCSETAF(r3, 0x5408, &(0x7f0000001040)={0x1002, 0xff5, 0x5650, 0x2, 0x16, "67f24dbe4dccb676"})
write$UHID_INPUT(r3, &(0x7f0000000000)={0xfc, {"a2e3ad1bed0d09f91b5e071887f70e09d038e7ff7fc6e5539b0d500a8b089b3f36356d030890e0879b0af8c6e70a9b334a959b669a242f0a0af3988f7ef319520100ffe8d178708c523c921b1b5b31070d0773090acd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d263030000009bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b92b7b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b28ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
openat$cgroup_procs(r2, &(0x7f0000000480)='cgroup.threads\x00', 0x2, 0x0)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6}]})
socket$inet(0x2, 0xa, 0xfffffff7)
bind$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
close_range(r6, 0xffffffffffffffff, 0x0)
socket$kcm(0xa, 0x922000000003, 0x11)

1.592485198s ago: executing program 2 (id=3910):
socket$nl_route(0x10, 0x3, 0x0)
r0 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x1)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a31b16ac5fb73fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9d66ebbc8bab4ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7436b97bf3825a19d6c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb9b1c63b84470364942e90d1cf856cead864f5e38c83b9ed86cc5725a20299ce512b165"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$SO_TIMESTAMP(r2, 0x1, 0x23, 0x0, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r0, 0x0, 0x20)
symlinkat(&(0x7f0000000200)='./file1\x00', r3, &(0x7f0000002440)='./file2\x00')
socket$netlink(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
request_key(&(0x7f0000000380)='asymmetric\x00', &(0x7f0000000400)={'syz', 0x1}, &(0x7f00000004c0)='sy\x8akI,\xb3\f6L\xcb\xe7\xbd\x11\xa8\x052\x94.\xcf\xc62s\xf6ll\x84]\xe1\x81=\xf3\x91_m)\x81>\xab>\xaf6\x82n\x80b\xc5\t38%\xab\xdd\"4e9\xbfp\xb9\x920d\xc8S\xd0\x80\x0f\x1f\a\xac\x0f\x87|:\xee\x04\x1ba\xa5w\x18\xa1\x1c\xb15s8 \xaa\x99\xea\xcb\xb4\x83\a\t\xc6\xcf\xc5\xed\x1d=a%\xe8\x9e9\x12u\x9c\x13~\x97\xe3\x9c\x03L\xe0i\x13~}d\xd0\x82|\xe1B6d\xcaMj\x03\xb2l\x97\xce\\b\xc702\xb5\x1b\xc9V\x95Gd0\xeb\xa0\xcai\x1b\xcf\xba\xe2\xa0\xc1\xa7\x0e\xc7D\xc9\x8d\xdfk\x7fTwX\xaaaq\xfe)WG\xb5\xbb\xd6.\xd1F#[B\xb58', 0x0)
r6 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
getsockname$packet(r6, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000300)=0x14)
r7 = socket$inet6(0xa, 0x80002, 0x0)
sendto$inet6(r7, 0x0, 0x0, 0x200c8004, &(0x7f0000000280)={0xa, 0xe20, 0x0, @remote}, 0x1c)
sendto$inet6(r7, &(0x7f00000009c0)="c7cfcaaa22e10542fca5c0195350f15147657e0bfc59d383a47190db88690e6fedc3040ab5809ae02a54cd429cc3338c5afa0c9dce3f91950d1f567f358ac21154159130e88cbb6c43197813b2f23f3e442f80877490b393408142ebcfea6821f543e5ee9e27032e2b75d78f1b79f5a6bb6f0645e267770ef7e8f3a92148091217450ce8581e54223eeb6486205a209bf1fe854d211c03f8c3140fc3979d824082990d119473d20e94f253c9621fac339560ae46cb24b88bf2d01559bb658e343257b90f233b81bc5c398be3bbddb23a1e", 0xffd6, 0xc001, 0x0, 0xffffffffffffff0c)
setsockopt$inet6_mtu(r7, 0x29, 0x17, &(0x7f0000000640)=0x3, 0x4)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r8, 0x29, 0x1b, &(0x7f00000000c0)={@remote}, 0x20)
setsockopt$inet6_udp_int(r7, 0x88, 0x1, &(0x7f0000000080), 0x4)
prctl$PR_CAP_AMBIENT(0x2f, 0x3, 0x201000000000000d)

1.582855758s ago: executing program 5 (id=3911):
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
pipe2$9p(0x0, 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[], 0x15)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX])

1.544034179s ago: executing program 2 (id=3912):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000011000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x41, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x800000000003}, 0x1100, 0x5dd8, 0x0, 0x3, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="180000000000120000000000000000"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='freezer.state\x00', 0x275a, 0x0)
fcntl$lock(r2, 0x25, &(0x7f0000000000))
fcntl$lock(r2, 0x25, &(0x7f00000000c0)={0x2, 0x0, 0x4004, 0x409})
ptrace$pokeuser(0x6, 0x0, 0x7ffd, 0x2)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1a, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x0, 0xffffffffffffffd8, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3, 0x0, 0xffffffffffffffff}, 0x18)
socket$packet(0x11, 0x2, 0x300)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETTABLE(r5, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x400c895}, 0x20000000)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a80)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x30, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = socket(0x10, 0x3, 0x0)
sendto$inet6(r6, &(0x7f0000000100)="c10e000018001f06b9409b0dffff110d0207be040205060506100a044300040018000000fac8388827a685a168d9a44604094565360c648dcaaf6c26c291214549932fde4a460c89b6ec0cff3959547f509058ba86c902fc3a10004a320c0400160012000a00000000000000000000080756ede4ccbe5880", 0xec1, 0x0, 0x0, 0x9e5e111c47e3504f)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r7], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='sched_process_fork\x00', r8}, 0x10)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

1.539312119s ago: executing program 5 (id=3913):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xf, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
timer_create(0x0, 0x0, 0x0)
timer_gettime(0x0, &(0x7f0000000140))
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000200)={'vxcan1\x00'})
bind$can_raw(r1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000"], 0x48)
syz_usb_connect(0x0, 0x5f, 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
socket$key(0xf, 0x3, 0x2)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000400)='./file0/../file0\x00', &(0x7f00000001c0), 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x800714, &(0x7f0000000000)={[{@nobarrier}]}, 0xff, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDv7Db93SbWWm1tNVrF4o+kSav24EFFwYOCoId6jElaa7eNNBFsCRpF6lEK3sWj4F/gzYuoBxG8KniUQtEgNPW0Mr+a7WaTJmmSNdnPBzb73s6bfe87M2/3zbzMBtCxetM/ScTOiPgtIrrz7K0FevOnmenJ4RvTk8NJ1Otv/JVk5a5PTw6XRcv1dhSZI5WIyqdJPJ/MrXf84qWzQ7Xa6IUi3z9x7r3+8YuXnjpzbuj06OnR84MnThw/NvDsM4NPr0icaVzXD3w4dnD/K29deW345JW3f/wmbda+Q/nyxjhu60aLgFroTbfa3/VM87JHl9D29WBXQzrZ1MaGsCTViEh3V1fW/7ujGrM7rzte/qStjQNWVfrdtGX+xVN1YANLot0tANqj/KJPz3/LxxoNPf4Xrr0QsblIz0xPDs/cjL9arxSvd61i/b0RcXLq3y/TRyz1OgQAwDJkY5snW43/KrEve87nOnYXcyg9EXFXROyJiLsjYm9E3BORlb03Iu7LV653L7L+3qb83PFP5WrLNq+QdPz3XMPYb6Yh/uKpp1rkdmXxdyWnztRGjxbb5Eh0bUnzAwvU8d1Lv34+37LG8V/6SOsvx4JFA65uarpANzI0MbRSG+HaxxEHNrWKP7k5E5AeAfsj4sDS3np3mTjz+NcH5yt0+/gXsALzTPWvIh7L9/9UNMVfShaen+zfGrXRo/3lUTHXT79cfn2++u8o/hWQ7v/ttx7/TSW6/0ny+dquqNVGL4wvvY7Lv3827znNco//zcmb2Zz1z+/kr30wNDFxYSBic/Jqli/P6bLXB2fXLfNl+TT+I4db9/89xTpp/PdHRHoQH4qIByLiwaLtD0XEwxFxeIH4f3jxkXcXiD+JJNq6/0dafv7dPP57ksb5+mUkqme//3a+GfPF7f/jMZV91uayz7/bWGwD73DzAQAAwLpQiYidkVT68nTvzqhU+vry/+HfG9srtbHxiSdOjb1/fiS/R6Anuirlla7uhuuhA8lU8Y55frC4VlwuP1ZcN/6iui3L9w2P1UbaHDt0uh239v8o+3/qz2q7WwesOvdrQedq7v+VNrUDWHuL+f53LgAbU4v+v60d7QDWnvN/6Fyt+v9HTXnjf9iY5vb/P1r8ZB2wERn/Q+fS/6Fz6f/Qke7kvv7lJ8qbBZb/PlsXfYd/pyTKX7xYzbq2xewrUWl7yB2USHvM2lY6+xsqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA69l/AQAA//9EvefZ")
setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x6, 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)

1.392700431s ago: executing program 2 (id=3914):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
fcntl$getownex(r5, 0x10, 0x0)
syz_clone3(&(0x7f0000000d80)={0xba0000, &(0x7f00000002c0), 0x0, 0x0, {0xa}, &(0x7f0000000640)=""/44, 0x2c, 0x0, &(0x7f0000000440)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)

1.348749071s ago: executing program 0 (id=3915):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x10, &(0x7f00000002c0)={[{@norecovery}, {@max_batch_time={'max_batch_time', 0x3d, 0x3}}]}, 0xee, 0x474, &(0x7f00000004c0)="$eJzs3EtsG0UfAPD/rvNo+viSr5RHSwuBgqh4JE36oAcuIJA4gIQEhyJOIUmrUrdBTZBoVUHhUI6oEnfEEYk7Eie4IOCAkLjCHVWqql5aOBmtvZs6jp06tRu3+PeT1p7ZXWfm79mxxzN2Auhb49lNErE1Iv6IiNFaduUJ47W7G9fOz/597fxsEpXKm1eT6nnXr52fLU4tHrellqlUIoaz5HCTci++EzFTLs+fyfOTS6fen1w8e+65E6dmjs8fnz89feTIwQN7hg5PH+oovjS/z+K6vuujhd07X3370uuzRy+9+/M3WX235sfr47gtWbQNxmvPbqNHs5snOyrsrvJrdrOtbkcy0PrkiQ2oEO0rRUTWXIPV/j8apRhZPjYar3za08oBd1SlUqk0e3/OXagA/2FJ9LoGQG8Ub/TZ599i26Chx13hyou1D0BZ3DfyrXZkYHnuYLDh8203jUfE0Qv/fJlt0Y15CACAW/g+G/8822z8l8YDdef9L19DGYuI/0fE9oi4LyJ2RMT9EdVzH4yIh9ZZfuMKyerxT3r5tgJrUzb+eyFf21o5/itGfzFWynPbqvEPJsdOlOf358/JvhgczvJTa5Txw8u/f16kNzUcqx//ZVtWfjEWzOtxeaBhgm5uZmmm07gLVz6J2DXQLP4kimWcJCJ2RsSu2yzjxNNf72517Nbxr2GNdaZ2Vb6KeKrW/hdiRfw3myppuT459fzh6UOTm6I8v3+yuCpW++W3i2+0Kr+j+Lsga//NTa//5VXgsWRTxOLZcyer67WL6y/j4p+f1fXpFavLWfzptxHrvv6Hkreq6aF834czS0tnpiKGktdW75+++dgiX5yfxb9vb/P+v72uxg9HRHYR74mIR/JF3KztHouIxyNi7xrx//TSE++1Oraq/UeK+NeYle+iLP65W7V/1Lf/+hOlkz9+13b8Tdv/YDW1L9/TzutfuxXs5LkDAACAe0Va/Q58kk4sp9N0YqL2Hf4dsTktLywuPXNs4YPTc7Xvyo/FYFrMdI3WzYdO5XPDRX66IX8gnzf+ojRSzU/MLpTneh089LktLfp/5q9Sr2sH3HFdWEcD7lH6P/Qv/R/6l/4P/Uv/h/7VrP9/3IN6ABvP+z/0L/0f+pf+D/1L/4e+1PK38WlHP/nvcaL43wkd/J2rvY+i48TInSwi0t4H2BeJgU4u43YSw00P9fiFCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoEv+DQAA//9L2OJW")
openat(0xffffffffffffff9c, 0x0, 0x101042, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x42, 0x1)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
ftruncate(r2, 0x8979)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x759, &(0x7f0000000180)={[{@nouid32}, {@jqfmt_vfsv1}, {@prjquota}, {@errors_remount}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x7}, 0x0}, {@dioread_nolock}, {@user_xattr}, {@grpjquota_path={'grpjquota', 0x3d, './file0'}}, {@journal_dev={'journal_dev', 0x3d, 0x6bd}}, {@resuid}, {@nombcache}, {@nogrpid}], [], 0x2c}, 0x2, 0x504, &(0x7f0000000c00)="$eJzs3MtvVNUfAPDvnbaU/ni0P3zyUEbR2GiktDwXLoBowsbERGNwZ20LQQoYWhMgjRRjIHGh4S/wsTPxL3ClG6PGhcatxK0xIaYb0IW55s7cGaedmXZap62ln08ywzn3njPnnLn3MOcx0wDWrWL2lERsjoifI6K3HJ2doFj+5+7M1MgfM1MjSaTpy78npXR3ZqZGKkkr+Tblkf5CROG9JHbWF9s9cfnK2eHx8bGL+YGByUIeOjd8euz02PmhI0cO7O85fGjoYFvamdXpzo53LuzafuK1my+OnLz5xrefZ/VN8/O17SjrKz1vaLmEjrojxSjOfi9rPNl61deELTXhpDN7LqxeZWhZdtdml6ur1P97o6MUK+uNF95tmrF7hSoILJs0TdP6rlz9LJtOayVJOUOaXkuBe0ASq10DYHVUPujvzGQz1amR+nnwve32sSjNgLJ2380f5TOdpRlssa88N+papvLvj4iT039+lD2i4ToEAEB7fXks4sbx8rij8iifKcSDNem25ntDfRHx/4jYFhH35eOXByJKaR+KiIdr8mxuYRegOCdeP/75sScP1A5X2yYb/z2X723NHv9Va97Xkce2lNrflZw6Mz62L39P+qOrO4sP1r90dVntq+d/+rBZ+cWa8V/2yMqvjAXzevzWOWeBbnR4crhduyu3r5Xe2Kv17U+iM6mEIrZHxI4lvH72np15+rNdzc7Pan/Wzrr2f9D8xTuXUKE50k8inipf/+mY0/7I9/+S0v7kubcGJi5fefZM7f7k4OFDQwcHNsb42L6Byl1R77sfrr+UB+umEfNc/0rXWNaNtOz6/6/h/V/duezLQtX92onFl3H91o2mc5ql3v8bkldK4cr+7KXhycmLgxEbkun640P/5L003DMrfdb+/j2N+/+2iL8+zvPtjIjsJn4kIh6NiN153R+LiMcjYs887f/m+BNvNptCLtz+5ZW1f3RR179Z4Oj3EY1PdZz9+ou6gt8v1rW/K5pd/wOlUH9+ZHR4cuNC7ZqvprWBf/0GAgAAwBqwu7ROmxT25gtNm6NQ2Ls3YlN1BWVi8plTF94+P1pez+2LrkJlpau3Zj10MF8bzuJZrqGaeHZ+f2ndOE3TtCeLZ/P38S2r23RY9zY16f+ZX+t/0gLcaxa1j9bsF23AmjS3/99qOWf7v5ABrKw2fI8GWKP0f1i/Wu7/y/UrOGDVNOr/VyPurkJVgBXWqP+/Wnfk6IrUBVhZ5v+wfi29//syAKx1Pv9hXWrpR/JLCGw7MU+apHN5Cm0eKMT8fwWgL6JypDKmmf8FfylEtKeGHW1tac+sa1pomGZjNMhe2dppuawoLJimcxF/iGEFAq9vrR4p/BfqUwl0R8QCd2/1ZrtaCVxZ7oqV7oZPV+9/JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgPb4OwAA///LX8/3")
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
mknod(&(0x7f0000000080)='./bus\x00', 0x1000, 0x0)
r3 = open(&(0x7f0000000100)='./bus\x00', 0x143142, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x105042, 0x1db)
write$cgroup_subtree(r3, &(0x7f0000000480)=ANY=[], 0x9)
splice(r3, 0x0, r4, 0x0, 0x1c, 0x9)
creat(&(0x7f00000000c0)='./file0\x00', 0x198)

1.305235173s ago: executing program 0 (id=3916):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
fcntl$getownex(r5, 0x10, 0x0)
syz_clone3(&(0x7f0000000d80)={0xba0000, &(0x7f00000002c0), 0x0, 0x0, {0xa}, &(0x7f0000000640)=""/44, 0x2c, 0x0, &(0x7f0000000440)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)

944.089847ms ago: executing program 2 (id=3917):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'dvmrp0\x00', 0x84aebfbd6349b7f2}) (async)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000003c0), 0x183081, 0x0)
close(r1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)) (async)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
getresuid(&(0x7f0000000080), &(0x7f0000000100), &(0x7f0000000140))
write$cgroup_subtree(r0, &(0x7f0000000380)=ANY=[@ANYBLOB="8fedcb5d07081196f37538e486dd6372ce22667f2c00dbf6e97158b33d4fec877f1b6d76745b686158bbcfe8875afdef00010000000029"], 0x66)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2}, 0x10)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="d8000000180081054e81f783db4cb9040a1d080006007c03e8fc55a10a0015000600142603600e120800060000000401a80008002000000001000000035c0461c1d67f6f94007134cf6efb8000a007a290457f010400000700000000ceac3c2fb14c2ee5a7cef4090000001fb71b14d6d930dfe1d9d322fe7c9f8775820d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad9e3bf9ad809d5e1cace0d81ed0bffece0b42a9ecbee5de6ccd4e1ffffffffc1c9b6278754ca397c388b0dd6e4edef3d9300"/216, 0xd8}], 0x1}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x2, &(0x7f0000000000)=[{0x200000000006, 0x0, 0x0, 0x8}, {0xf0b2, 0xfd, 0x3, 0x1c0}]})
mlock2(&(0x7f0000ffa000/0x2000)=nil, 0x2000, 0x0)

907.400168ms ago: executing program 0 (id=3918):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'tunl0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newqdisc={0x148, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xfffffffe, {0x0, 0x0, 0x0, r2, {0x0, 0xb}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_red={{0x8}, {0x11c, 0x2, [@TCA_RED_STAB={0x104, 0x2, "0a1fb0699d46dac48f29d158dbe8cfb1979e12979688dc039b90627d7b60f0d5ca47f33eed46409b7c8722ce020df6b24c2e6ac7b97dc04d01be2092874115214b1ebb764511f69cd1e9f6263346363d2c639c7667ce67af25166c2f0f85f36aa8867406119c2a6f1f892e31dea982c5ab0348d560eae59ea49ef95d73202a6e3b5e1eb38244e694e7410d33bc92794ad27031f2a19698b51424df36e2a876a4fc871207bf12a84f1d4d132f5bb7edcf2d08d677e6a7268e106b6ced3c7f53df24092ddb9e0fac6a1153c3fc88bfd1404fef22cf3e825a6e19c6a48a5444eabb459af0ec9a278df4011773d2f2e6529ed0ad424b47ec67522477f979360b76d1"}, @TCA_RED_PARMS={0x14, 0x1, {0x3f26, 0x7, 0x81, 0x9, 0xb, 0x14, 0x5}}]}}]}, 0x148}}, 0x4000010)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x1, &(0x7f0000001340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
openat2$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080)={0x0, 0x0, 0x21}, 0x18)
openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x2d)
socket$netlink(0x10, 0x3, 0x12)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
r8 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
fcntl$getownex(r8, 0x10, 0x0)
syz_clone3(&(0x7f0000000d80)={0xba0000, &(0x7f00000002c0), 0x0, 0x0, {0xa}, &(0x7f0000000640)=""/44, 0x2c, 0x0, &(0x7f0000000440)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)

894.857408ms ago: executing program 1 (id=3919):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
write$binfmt_elf64(r1, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c460d04000c028000000000000003003e"], 0x78)
close(r1)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0)

874.744608ms ago: executing program 2 (id=3920):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffc}]})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000580)='sched_switch\x00', r0}, 0x10)
r1 = syz_io_uring_setup(0x5c2, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x4}, &(0x7f00000001c0)=<r2=>0x0, &(0x7f0000000580)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x18, 0x0, 0x0, 0x4, &(0x7f0000000280)={0x0, 0x989680}, 0x1, 0x40, 0x1})
io_uring_enter(r1, 0x6e2, 0x3900, 0x1, 0x0, 0xe00)
pipe(&(0x7f0000000440)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
splice(r6, 0x0, r5, 0x0, 0x10000008ebc, 0x0)
splice(r4, 0x0, r7, 0x0, 0x25a5, 0x0)
socket$tipc(0x1e, 0x5, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff5300000"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r9, &(0x7f0000000300)=ANY=[], 0x15)
r10 = dup(r9)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r11 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r11, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000e00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x8010)
sendmsg$NFT_BATCH(r11, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a80)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a44000000060a0b040000000000000000020000001800048014000180090001006d61737100000000040002800900010073797a30000000200900020073797a3200000000140000001100010000000000000000000000000a"], 0x6c}, 0x1, 0x0, 0x0, 0x48000}, 0x0)
syz_emit_ethernet(0x33, &(0x7f0000000200)=ANY=[@ANYBLOB="e90c610faca20180c20000000800450100250000e0000100000000000000000000000000000000119078a20c00010000000009"], 0x0)
syz_emit_ethernet(0x3a, &(0x7f0000000000)=ANY=[@ANYBLOB="0180c2000002bbbbbbbbbbbb6e004500003c00000002001190780000000000000000000000070018907804000000800000000300000000000000"], 0x0)
write$P9_RLERRORu(r10, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r10, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r8, @ANYBLOB=',wfdno=', @ANYRESHEX=r10])
lstat(&(0x7f0000000200)='./file0\x00', 0x0)
syz_emit_ethernet(0x3e, &(0x7f0000000200)={@broadcast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x67, 0x0, @rand_addr, @multicast1}, @time_exceeded={0x21, 0x0, 0x0, 0x12, 0x0, 0x2802, {0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @multicast1}}}}}}, 0x0)

874.160819ms ago: executing program 1 (id=3921):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffc}]})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000580)='sched_switch\x00', r0}, 0x10)
r1 = syz_io_uring_setup(0x5c2, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x4}, &(0x7f00000001c0)=<r2=>0x0, &(0x7f0000000580)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x18, 0x0, 0x0, 0x4, &(0x7f0000000280)={0x0, 0x989680}, 0x1, 0x40, 0x1})
io_uring_enter(r1, 0x6e2, 0x3900, 0x1, 0x0, 0xe00)
pipe(&(0x7f0000000440)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
splice(r6, 0x0, r5, 0x0, 0x10000008ebc, 0x0)
splice(r4, 0x0, r7, 0x0, 0x25a5, 0x0)
socket$tipc(0x1e, 0x5, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff5300000"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r9, &(0x7f0000000300)=ANY=[], 0x15)
r10 = dup(r9)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r11 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r11, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000e00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x8010)
sendmsg$NFT_BATCH(r11, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a80)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a44000000060a0b040000000000000000020000001800048014000180090001006d61737100000000040002800900010073797a30000000200900020073797a3200000000140000001100010000000000000000000000000a"], 0x6c}, 0x1, 0x0, 0x0, 0x48000}, 0x0)
syz_emit_ethernet(0x33, &(0x7f0000000200)=ANY=[@ANYBLOB="e90c610faca20180c20000000800450100250000e0000100000000000000000000000000000000119078a20c00010000000009"], 0x0)
syz_emit_ethernet(0x3a, &(0x7f0000000000)=ANY=[@ANYBLOB="0180c2000002bbbbbbbbbbbb6e004500003c00000002001190780000000000000000000000070018907804000000800000000300000000000000"], 0x0)
write$P9_RLERRORu(r10, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r10, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r8, @ANYBLOB=',wfdno=', @ANYRESHEX=r10])
lstat(&(0x7f0000000200)='./file0\x00', 0x0)
syz_emit_ethernet(0x3e, &(0x7f0000000200)={@broadcast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x67, 0x0, @rand_addr, @multicast1}, @time_exceeded={0x21, 0x0, 0x0, 0x12, 0x0, 0x2802, {0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @multicast1}}}}}}, 0x0)

820.858899ms ago: executing program 3 (id=3922):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000300)=ANY=[@ANYRESHEX=r2, @ANYRESDEC=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x2d)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
r5 = socket(0x2, 0x80805, 0x0)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r6, 0x84, 0x6f, &(0x7f0000000340)={0x0, 0x10, &(0x7f0000000200)=[@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0xb}}]}, &(0x7f00000002c0)=0x10)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r6, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r7=>0x0}, &(0x7f00000004c0)=0x27)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r5, 0x84, 0x76, &(0x7f0000000080)={r7, 0x2}, &(0x7f00000000c0)=0x8)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r4, 0x84, 0x10, &(0x7f00000000c0)=@assoc_value={r7, 0x7}, 0x8)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00', <r8=>0x0})
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r9, 0x6, 0x19, &(0x7f0000000040)=0x100000001, 0x4)
r10 = fcntl$dupfd(r9, 0x0, r9)
connect$unix(r10, &(0x7f00000000c0)=@abs, 0x6e)
poll(&(0x7f00000002c0)=[{r9, 0x4}], 0x1, 0x93a5)
setsockopt$inet6_IPV6_PKTINFO(r1, 0x29, 0x32, &(0x7f0000000040)={@ipv4={'\x00', '\xff\xff', @local}, r8}, 0x14)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
r11 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
fcntl$getownex(r11, 0x10, 0x0)
syz_clone3(&(0x7f0000000d80)={0xba0000, &(0x7f00000002c0), 0x0, 0x0, {0xa}, &(0x7f0000000640)=""/44, 0x2c, 0x0, &(0x7f0000000440)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58)

773.55654ms ago: executing program 5 (id=3923):
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
pipe2$9p(0x0, 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[], 0x15)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX])

709.12057ms ago: executing program 5 (id=3924):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
write$binfmt_elf64(r1, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c460d04000c028000000000000003003e"], 0x78)
close(r1)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0)

691.215151ms ago: executing program 5 (id=3925):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="190000000400000008000000080000000000"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r2}, &(0x7f0000000000), &(0x7f0000000180)=r3}, 0x20)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000400)={r3, 0xe0, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, &(0x7f00000001c0)=[0x0, 0x0], &(0x7f0000000280)=[0x0], <r4=>0x0, 0x63, &(0x7f0000000300), 0x0, 0x0, 0x0, &(0x7f0000000380), 0x8, 0x42, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
r6 = syz_open_dev$usbfs(&(0x7f0000000480), 0x76, 0x160341)
ioctl$USBDEVFS_IOCTL(r6, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)

456.700744ms ago: executing program 3 (id=3926):
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, 0x0, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[], 0x50)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
close_range(r1, r1, 0x2)
epoll_create1(0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000180))
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r3, 0x25, &(0x7f0000000000)={0x1})
fcntl$lock(r3, 0x7, &(0x7f00000006c0))
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000011c0)="93bffce623851797a8dc79018d7716840ffc6906bb2b0eb2fe32d2f0048678cd35ef833c350900f95a94770a6845b091e69f243dea0d601c54e9c93ee3568b89a3427c84262ff67b679ccac305b5cea1dcd151d7bb5754603b6b0e362d8041bdc61529260e6c4046d55927c96dcce1609b9c4f8424b9da760270a470f95b99ebb60000", 0x83}, {&(0x7f0000000400)="029993440c7a1d95d3bb8cf353fd63c588ffa39f0ff0fced20927ea4b2a247d082247558bef6b2b2cd6a0dffece1b36526e9388c344fb7ac429e434ccb0330483c0604aaf296d8218e240055cb92f17b1b47fd7b1b178ca0d1c470154ed985a179f87c9bc40206c86df9abc5", 0x6c}, {&(0x7f0000000740)="c8605474ee573ad5ad5acedf22046d983c7964dad745eb7c8eb102c0d2b166382d3f325806513b1eb3fe7b135bfef85013c74b374f5892a7254e3405ebe8d6125ace8414fc44456c1c521ce19dae4a7f37f08f5e7b686c02967dfb02fa1ec528de641f95606c3be81b643b62d206a8aadea3d7663c32b159036bde2ee6fb0441c70b", 0x82}], 0x3}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000000)="acc841985992b79554acfc02163bb0fb2bb293e68c02bb40b6b870bde5700d3687", 0x21}, {&(0x7f0000000a00)="b1f56ee29c433328d3b2a83bd97e37007087acae7568edff43ed556d76770122635aea1dc48755381c71590cd542e796cc2669e2af442a03760c5cdfc691b3da35ad6a8d2ef9c2baa53a8dec36a2e434d46e643a1277b1dd932f3ef2cf46c257d6a19523b8b789ef34b46e461725b5e437323385b88c368f8bb5b933aa9169f5f7b51dd5319b8016623d1863d70581691a79a6678db1e5e7fa1c98c5b9e4a87272e9c4a1bd98dbb2ab76919ba5c1020e80bd0659e82d861dc6fe4c62639134c504aa438689d28748c22ebfe2772d64b64e706d94864d785dcc6b", 0xda}, {&(0x7f0000000e80)="5be3b011e12323e4ab88c0472f0700000000000000e71ba6231f303d2db97401439932cfd4855c4cc243dae723789d8a9a16be3135c5f82691837c90ab19545f7a1dcf1449fd59eecae5f52fba1e89d6d34b39297bbbc2580600000000000000d6e36e737691a1c6bd2a64b2a85cbaaf646e72f8fe08c33a33b275787892f61fbb621794716f96031931b55af30fa01d72aa5a53ee4c07ab7c96a4a9ed93f4d20269982ab6feb22d8e77afb7b861622ab963b07f0026fd6424082bcd0864a854e542aacc3201fff776fe1c000000000000000000000000000000002da46e8a95bcead77a244256266fe952d151a841aaa0c9c727bf08c37869c70d6aed073d6bb9fb037a079b697f3ba963ba49b6aecdc3e839ae25d497b0e60408b8e0a9931aeb1be35eea2a22fa50d66a634804121bde6a4a2d7a23c08d8237aac90c577c24f4ec2949d9202659fe626262e0764eed651fe91d276cd8918ba1a079c716281613b127eca886d75e994a1b41314ff21f5a4fd8a7e55c65b2eebabf0db0268c53503bb309959c1c0b222c6fb8310e8f25e7c26e24baedcc72d41798c95c01626c311e9f1262dfa4dedd161672c578a7af36c8a95437f295e14a1e0c7245cb53f83cc7b4b9294bb13473331502b7735a955080f7c2fd79d3fe0de99505840905376e957c012fc4e4e0ea1c8db07ac01ae1e0e5c38a", 0x1f4}], 0x3}}], 0x2, 0xc0)

342.355735ms ago: executing program 5 (id=3927):
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, 0x0, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[], 0x50)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
close_range(r1, r1, 0x2)
epoll_create1(0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000180))
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r3, 0x25, &(0x7f0000000000)={0x1})
fcntl$lock(r3, 0x7, &(0x7f00000006c0))
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000011c0)="93bffce623851797a8dc79018d7716840ffc6906bb2b0eb2fe32d2f0048678cd35ef833c350900f95a94770a6845b091e69f243dea0d601c54e9c93ee3568b89a3427c84262ff67b679ccac305b5cea1dcd151d7bb5754603b6b0e362d8041bdc61529260e6c4046d55927c96dcce1609b9c4f8424b9da760270a470f95b99ebb60000", 0x83}, {&(0x7f0000000400)="029993440c7a1d95d3bb8cf353fd63c588ffa39f0ff0fced20927ea4b2a247d082247558bef6b2b2cd6a0dffece1b36526e9388c344fb7ac429e434ccb0330483c0604aaf296d8218e240055cb92f17b1b47fd7b1b178ca0d1c470154ed985a179f87c9bc40206c86df9abc5", 0x6c}, {&(0x7f0000000740)="c8605474ee573ad5ad5acedf22046d983c7964dad745eb7c8eb102c0d2b166382d3f325806513b1eb3fe7b135bfef85013c74b374f5892a7254e3405ebe8d6125ace8414fc44456c1c521ce19dae4a7f37f08f5e7b686c02967dfb02fa1ec528de641f95606c3be81b643b62d206a8aadea3d7663c32b159036bde2ee6fb0441c70b", 0x82}], 0x3}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000000)="acc841985992b79554acfc02163bb0fb2bb293e68c02bb40b6b870bde5700d3687", 0x21}, {&(0x7f0000000a00)="b1f56ee29c433328d3b2a83bd97e37007087acae7568edff43ed556d76770122635aea1dc48755381c71590cd542e796cc2669e2af442a03760c5cdfc691b3da35ad6a8d2ef9c2baa53a8dec36a2e434d46e643a1277b1dd932f3ef2cf46c257d6a19523b8b789ef34b46e461725b5e437323385b88c368f8bb5b933aa9169f5f7b51dd5319b8016623d1863d70581691a79a6678db1e5e7fa1c98c5b9e4a87272e9c4a1bd98dbb2ab76919ba5c1020e80bd0659e82d861dc6fe4c62639134c504aa438689d28748c22ebfe2772d64b64e706d94864d785dcc6b", 0xda}, {&(0x7f0000000e80)="5be3b011e12323e4ab88c0472f0700000000000000e71ba6231f303d2db97401439932cfd4855c4cc243dae723789d8a9a16be3135c5f82691837c90ab19545f7a1dcf1449fd59eecae5f52fba1e89d6d34b39297bbbc2580600000000000000d6e36e737691a1c6bd2a64b2a85cbaaf646e72f8fe08c33a33b275787892f61fbb621794716f96031931b55af30fa01d72aa5a53ee4c07ab7c96a4a9ed93f4d20269982ab6feb22d8e77afb7b861622ab963b07f0026fd6424082bcd0864a854e542aacc3201fff776fe1c000000000000000000000000000000002da46e8a95bcead77a244256266fe952d151a841aaa0c9c727bf08c37869c70d6aed073d6bb9fb037a079b697f3ba963ba49b6aecdc3e839ae25d497b0e60408b8e0a9931aeb1be35eea2a22fa50d66a634804121bde6a4a2d7a23c08d8237aac90c577c24f4ec2949d9202659fe626262e0764eed651fe91d276cd8918ba1a079c716281613b127eca886d75e994a1b41314ff21f5a4fd8a7e55c65b2eebabf0db0268c53503bb309959c1c0b222c6fb8310e8f25e7c26e24baedcc72d41798c95c01626c311e9f1262dfa4dedd161672c578a7af36c8a95437f295e14a1e0c7245cb53f83cc7b4b9294bb13473331502b7735a955080f7c2fd79d3fe0de99505840905376e957c012fc4e4e0ea1c8db07ac01ae1e0e5c38a", 0x1f4}], 0x3}}], 0x2, 0xc0)

62.884989ms ago: executing program 0 (id=3928):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffc}]})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000580)='sched_switch\x00', r0}, 0x10)
r1 = syz_io_uring_setup(0x5c2, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x4}, &(0x7f00000001c0)=<r2=>0x0, &(0x7f0000000580)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x18, 0x0, 0x0, 0x4, &(0x7f0000000280)={0x0, 0x989680}, 0x1, 0x40, 0x1})
io_uring_enter(r1, 0x6e2, 0x3900, 0x1, 0x0, 0xe00)
pipe(&(0x7f0000000440)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
splice(r6, 0x0, r5, 0x0, 0x10000008ebc, 0x0)
splice(r4, 0x0, r7, 0x0, 0x25a5, 0x0)
socket$tipc(0x1e, 0x5, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff5300000"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r9, &(0x7f0000000300)=ANY=[], 0x15)
r10 = dup(r9)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r11 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r11, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000e00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x8010)
sendmsg$NFT_BATCH(r11, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a80)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a44000000060a0b040000000000000000020000001800048014000180090001006d61737100000000040002800900010073797a30000000200900020073797a3200000000140000001100010000000000000000000000000a"], 0x6c}, 0x1, 0x0, 0x0, 0x48000}, 0x0)
syz_emit_ethernet(0x33, &(0x7f0000000200)=ANY=[@ANYBLOB="e90c610faca20180c20000000800450100250000e0000100000000000000000000000000000000119078a20c00010000000009"], 0x0)
syz_emit_ethernet(0x3a, &(0x7f0000000000)=ANY=[@ANYBLOB="0180c2000002bbbbbbbbbbbb6e004500003c00000002001190780000000000000000000000070018907804000000800000000300000000000000"], 0x0)
write$P9_RLERRORu(r10, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r10, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r8, @ANYBLOB=',wfdno=', @ANYRESHEX=r10])
lstat(&(0x7f0000000200)='./file0\x00', 0x0)
syz_emit_ethernet(0x3e, &(0x7f0000000200)={@broadcast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x67, 0x0, @rand_addr, @multicast1}, @time_exceeded={0x21, 0x0, 0x0, 0x12, 0x0, 0x2802, {0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @multicast1}}}}}}, 0x0)

35.46868ms ago: executing program 2 (id=3929):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000001240)='./bus\x00', 0x4010, &(0x7f0000000a40)=ANY=[@ANYBLOB="00e789da34e04a1ffbc2f05cefeb4ee6d5ae1071124b2c2fb684f5c7ac05000000c7880f67e775c748f6381a3e01e7f93330b30b90bbb4d2b697899a16f2df4fa2a8f06ac2c5352ddcae2b83672ef3d9f532e55f4e798924ac6332751e737383f6890d2dcfcbdbd41940a64c7b4374674e7bb6dd0d1b8d3d62f6d77b0282e166e2ce4c353d2d4d315a81146bf46a1508ef0d2ddc7d0b447fe17b85b292d13cea2256a16cab12d75a852bc680da7ea837480feb2e1e0000000000003bc18c52d0351cd285197b0641569048b5b416ba1c570000000000100083794afff0a9eed63b1226b18c4b455ab222d7ae1be52a22e8ec8bf2c0c7d99770415863f50aa18bcb66061a29bc55105f3482ed752f882d224a386b51836c1b437036b677156e22e174ff516dbab0b2cdf52bee43c4ffffffffffffffffd9487b8663a339b98df63b4bf3e97f02d6f1e7e65f968dd90841506355d9ac40f1b434c8a9b5bd91a70c53a5aadbebd9ed9d0a55bd47a967163e0c02753f8895bfbf1b41b5490667c241068d59983ae1d0f03e650f5357425284b76d793e25a2558fa437e38b8200000000630000000000000000000000000000000000000000000000e911000000000066e073c14bb74617079e0b6ecfc830db14244567fd8f4e4e5903eaf983786e28295783f130b95dc37f59a658000e88047db7783ce8a9cba6c255902cfb83946ea3f5f7a8cee911b2b37ae4b01e65ea86d5ea7ae17b2a9bc250c9b8fc9fbc04617939bdd13457954172d18701768f8a461bee740f2d82ae566d2e30a93ad2b201a6d16a93c75a950cc437e7f25d3aadddb8edd028d84490b6bafd636aa4fb482a8a4b3987dafe58e742448c4b36b03790090198145dee533257bb9050554f8cace210a5bc5c768f83e99019f7c00ff9ca679768dbba3f7d21c545c99c2f7688f7030fe37121d625d1f81018feb74c9d48eebdf1702550b097271ab9bd38c62f4b31fd9482c05ba064dfa60bd7fafb3c22dc057e6f9e2a5eb144290afe5369110a71d4b7fc5937a32e213c443f3b9e506b25cf9e2520999b330fc9e86bde8c8ec78f67c0c7f24db0000000", @ANYRES16], 0x1, 0x11ee, &(0x7f0000002480)="$eJzs3MGLG1UcB/Bf17Xdbt3NqrXagvjQi16GZg9e9BJkC9KA0jZCKwhTd6IhYxIyYSEiVk9e/TvEozdBvOllL/4N3vbisQdxxKS1jUSpSDdSPp9LfvDel997BAZmmDdHr3/5Ub9bZd18EmsnTsTaKCLdTpFiLe76LF557Ycfn796/cblVru9dyWlS61rzVdTStsvfPfuJ1+/+P3kzDvfbH97Kg533jv6Zffnw3OH549+u/Zhr0q9Kg2Gk5Snm8PhJL9ZFmm/V/WzlN4ui7wqUm9QFeOF8W45HI2mKR/sb22OxkVVpXwwTf1imibDNBlPU/5B3hukLMvS1mbwX3S+ul3XdURdPx4no67r+nRsxpl4IrZiOxqxE0/GU/F0nI1n4lw8G8/F+dmsVa8bAAAAAAAAAAAAAAAAAAAAHi3O/wMAAAAAAAAAAAAAAAAAAMDqXb1+43Kr3d67ktJGRPnFQeegM/+dj7e60YsyirgYjfg1Zqf/5+b1pTfbexfTzE58Xt66k7910HlsMd+cfU5gab45z6fF/KnYvD+/G404uzy/uzS/ES+/dF8+i0b89H4Mo4z9+CN7L/9pM6U33mr/JX9hNg8AAAAeBVn609L79yz7u/F5/kGeD6zdbbaQX48L6yvbNndU04/7eVkW44dWnIyH3uKfio2IWF33By/W43+xDIViXqz6ysRxuPenr3olAAAAAAAAAAAA/BvH8Trh0sanj32rAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA7+zAsQAAAACAMH/rNDo2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYKgAA///20tEU")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0)
write$cgroup_int(r1, &(0x7f0000000000), 0xffffff6a)
r2 = creat(&(0x7f0000000580)='./bus\x00', 0xac)
io_setup(0x1, &(0x7f0000000040)=<r3=>0x0)
io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x15, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x1a00001a}])
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r4, &(0x7f0000000140)='Q', 0x1, 0x200980)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0}, 0x18)
perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x3f, 0xad, 0x0, 0xcb, 0x0, 0x0, 0x8308, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, @perf_config_ext={0x2, 0xb}, 0x19200, 0x0, 0xfffffffe, 0x3, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='kfree\x00', r5, 0x0, 0x20000401}, 0x18)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x101a00, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x4, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x6c, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000001a40)=ANY=[], 0xf8}, 0x1, 0x0, 0x0, 0x80}, 0x0)
fgetxattr(r6, &(0x7f00000002c0)=@known='security.selinux\x00', 0x0, 0x0)
r8 = getpid()
syz_pidfd_open(r8, 0x0)

24.66456ms ago: executing program 1 (id=3930):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000c80)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000001200)={0x0, 0x6800, &(0x7f0000000000)={&(0x7f0000000500)=@newqdisc={0x9c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x6c, 0x2, {{}, [@TCA_NETEM_LOSS={0x30, 0x5, 0x0, 0x1, [@NETEM_LOSS_GE={0x4}, @NETEM_LOSS_GI={0x18}]}, @TCA_NETEM_RATE={0x14, 0xd}, @TCA_NETEM_CORRUPT={0xc}]}}}]}, 0x9c}}, 0x0)

0s ago: executing program 1 (id=3931):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a000000020000000110000007"], 0x50)
r2 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
write$P9_RLERRORu(r2, 0x0, 0x18) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) (async)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSARP(r3, 0x8955, &(0x7f0000000080)={{0x2, 0x4e24, @multicast2}, {0x306, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}, 0x28, {0x2, 0x4e20, @multicast1}, 'wg2\x00'}) (async)
getsockopt$inet_sctp_SCTP_RECVRCVINFO(r2, 0x84, 0x20, &(0x7f00000001c0), &(0x7f0000000340)=0x4) (async)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
socket$inet_sctp(0x2, 0x1, 0x84) (async)
pipe2$9p(&(0x7f00000000c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0) (async)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x8, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r7}, 0x10) (async)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYBLOB="2c7766646e6f3da0f0bb6e24ba8aab8eb983aecc96321c8359e0c779ac130217728a0d6781b990d150232e2c65154e0934758fc2c100000000000000000000000000000000b4a666fda59ee414822a2a1affd8417a67d6fcbc554e3fd85eb07dad906eaa10e757e986fe2913a8d0e1b3bc167f", @ANYRESHEX=r6, @ANYBLOB=',\x00'])
r8 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r8}, &(0x7f0000000300))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) (async)
r9 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_GET_EVENT(r9, &(0x7f0000000080)={0xc, 0x8, 0xfa00, {0x0}}, 0x10) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
getsockopt$sock_buf(r10, 0x1, 0x1c, 0xffffffffffffffff, &(0x7f00000003c0))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000180)='kfree\x00', r4, 0x0, 0xa24}, 0x18) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

kernel console output (not intermixed with test programs):

0x90
[  332.390247][T14846]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  332.390296][T14846] RIP: 0033:0x7f4070cfe969
[  332.390314][T14846] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  332.390336][T14846] RSP: 002b:00007f406f346038 EFLAGS: 00000246 ORIG_RAX: 0000000000000012
[  332.390359][T14846] RAX: ffffffffffffffda RBX: 00007f4070f26080 RCX: 00007f4070cfe969
[  332.390374][T14846] RDX: 00000000200000c1 RSI: 00002000000000c0 RDI: 0000000000000006
[  332.390389][T14846] RBP: 00007f4070d80ab1 R08: 0000000000000000 R09: 0000000000000000
[  332.390403][T14846] R10: 0000000000009000 R11: 0000000000000246 R12: 0000000000000000
[  332.390418][T14846] R13: 0000000000000000 R14: 00007f4070f26080 R15: 00007ffcf5971928
[  332.390519][T14846]  </TASK>
[  332.390527][T14846] memory: usage 307200kB, limit 307200kB, failcnt 842
[  332.619259][T14846] memory+swap: usage 185468kB, limit 9007199254740988kB, failcnt 0
[  332.627353][T14846] kmem: usage 90876kB, limit 9007199254740988kB, failcnt 0
[  332.634690][T14846] Memory cgroup stats for /syz3:
[  332.649962][T14846] cache 86142976
[  332.658548][T14846] rss 225280
[  332.661853][T14846] shmem 5357568
[  332.665329][T14846] mapped_file 0
[  332.668812][T14846] dirty 0
[  332.671838][T14846] writeback 0
[  332.675180][T14846] workingset_refault_anon 755
[  332.679865][T14846] workingset_refault_file 546
[  332.684589][T14846] swap 245760
[  332.687884][T14846] swapcached 36864
[  332.691637][T14846] pgpgin 577395
[  332.695097][T14846] pgpgout 556300
[  332.698681][T14846] pgfault 602232
[  332.702270][T14846] pgmajfault 148
[  332.705820][T14846] inactive_anon 200704
[  332.710015][T14846] active_anon 5419008
[  332.714082][T14846] inactive_file 0
[  332.717728][T14846] active_file 0
[  332.721192][T14846] unevictable 80785408
[  332.725286][T14846] hierarchical_memory_limit 314572800
[  332.730667][T14846] hierarchical_memsw_limit 9223372036854771712
[  332.736849][T14846] total_cache 86142976
[  332.740932][T14846] total_rss 225280
[  332.744683][T14846] total_shmem 5357568
[  332.748719][T14846] total_mapped_file 0
[  332.752842][T14846] total_dirty 0
[  332.756317][T14846] total_writeback 0
[  332.760211][T14846] total_workingset_refault_anon 755
[  332.765470][T14846] total_workingset_refault_file 546
[  332.770676][T14846] total_swap 245760
[  332.774513][T14846] total_swapcached 36864
[  332.778762][T14846] total_pgpgin 577395
[  332.782763][T14846] total_pgpgout 556300
[  332.786852][T14846] total_pgfault 602232
[  332.790930][T14846] total_pgmajfault 148
[  332.795202][T14846] total_inactive_anon 200704
[  332.800091][T14846] total_active_anon 5419008
[  332.804642][T14846] total_inactive_file 0
[  332.808859][T14846] total_active_file 0
[  332.812891][T14846] total_unevictable 80785408
[  332.817482][T14846] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.3166,pid=14837,uid=0
[  332.832390][T14846] Memory cgroup out of memory: Killed process 14837 (syz.3.3166) total-vm:95928kB, anon-rss:1192kB, file-rss:22440kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:0
[  333.388680][T14878] syz.3.3176 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[  333.398350][T14878] CPU: 1 UID: 0 PID: 14878 Comm: syz.3.3176 Not tainted 6.15.0-rc6-syzkaller-00278-g172a9d94339c #0 PREEMPT(voluntary) 
[  333.398459][T14878] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  333.398475][T14878] Call Trace:
[  333.398482][T14878]  <TASK>
[  333.398491][T14878]  __dump_stack+0x1d/0x30
[  333.398511][T14878]  dump_stack_lvl+0xe8/0x140
[  333.398534][T14878]  dump_stack+0x15/0x1b
[  333.398617][T14878]  dump_header+0x81/0x220
[  333.398657][T14878]  oom_kill_process+0x334/0x3f0
[  333.398687][T14878]  out_of_memory+0x979/0xb80
[  333.398720][T14878]  ? css_next_descendant_pre+0x138/0x160
[  333.398753][T14878]  mem_cgroup_out_of_memory+0x13d/0x190
[  333.398806][T14878]  try_charge_memcg+0x5e2/0x870
[  333.398844][T14878]  charge_memcg+0x51/0xc0
[  333.398916][T14878]  __mem_cgroup_charge+0x28/0xb0
[  333.398942][T14878]  handle_mm_fault+0x1077/0x2ae0
[  333.398983][T14878]  ? mas_walk+0xf2/0x120
[  333.399012][T14878]  do_user_addr_fault+0x636/0x1090
[  333.399115][T14878]  ? __se_sys_ioctl+0x129/0x140
[  333.399147][T14878]  exc_page_fault+0x54/0xc0
[  333.399211][T14878]  asm_exc_page_fault+0x26/0x30
[  333.399236][T14878] RIP: 0033:0x7f4070bbe02e
[  333.399259][T14878] Code: f6 31 c0 e8 f4 f1 13 00 48 81 c4 90 00 00 00 48 98 5b c3 66 0f 1f 84 00 00 00 00 00 41 54 55 53 48 89 fb 48 81 ec d0 00 00 00 <48> 89 74 24 28 48 89 54 24 30 48 89 4c 24 38 4c 89 44 24 40 4c 89
[  333.399282][T14878] RSP: 002b:00007f406f324f70 EFLAGS: 00010202
[  333.399302][T14878] RAX: 0000000000000000 RBX: 00007f4070d81dab RCX: 00007f4070d92270
[  333.399380][T14878] RDX: 000000000004ab8c RSI: 0000000000000002 RDI: 00007f4070d81dab
[  333.399395][T14878] RBP: 00007f4070f26160 R08: 0000000012dc5c36 R09: 7fffffffffffffff
[  333.399411][T14878] R10: 3fffffffffffffff R11: 0000000000000246 R12: 00007f4070f2616c
[  333.399427][T14878] R13: 0000000000000001 R14: 00007f4070f26160 R15: 00007ffcf5971928
[  333.399452][T14878]  </TASK>
[  333.399469][T14878] memory: usage 307200kB, limit 307200kB, failcnt 969
[  333.589951][T14878] memory+swap: usage 234676kB, limit 9007199254740988kB, failcnt 0
[  333.597909][T14878] kmem: usage 142576kB, limit 9007199254740988kB, failcnt 0
[  333.605373][T14878] Memory cgroup stats for /syz3:
[  333.624252][T14878] cache 81960960
[  333.632890][T14878] rss 229376
[  333.636102][T14878] shmem 1171456
[  333.639567][T14878] mapped_file 4096
[  333.643403][T14878] dirty 4096
[  333.646690][T14878] writeback 0
[  333.649972][T14878] workingset_refault_anon 755
[  333.654678][T14878] workingset_refault_file 548
[  333.659375][T14878] swap 245760
[  333.662671][T14878] swapcached 36864
[  333.666462][T14878] pgpgin 578136
[  333.669986][T14878] pgpgout 558061
[  333.673586][T14878] pgfault 603026
[  333.677131][T14878] pgmajfault 149
[  333.680680][T14878] inactive_anon 724992
[  333.684851][T14878] active_anon 704512
[  333.688790][T14878] inactive_file 0
[  333.692501][T14878] active_file 4096
[  333.696274][T14878] unevictable 80785408
[  333.700358][T14878] hierarchical_memory_limit 314572800
[  333.705920][T14878] hierarchical_memsw_limit 9223372036854771712
[  333.712459][T14878] total_cache 81960960
[  333.716550][T14878] total_rss 229376
[  333.720293][T14878] total_shmem 1171456
[  333.724303][T14878] total_mapped_file 4096
[  333.730269][T14878] total_dirty 4096
[  333.734287][T14878] total_writeback 0
[  333.738112][T14878] total_workingset_refault_anon 755
[  333.743373][T14878] total_workingset_refault_file 548
[  333.748612][T14878] total_swap 245760
[  333.752460][T14878] total_swapcached 36864
[  333.756709][T14878] total_pgpgin 578136
[  333.760755][T14878] total_pgpgout 558061
[  333.764868][T14878] total_pgfault 603026
[  333.768949][T14878] total_pgmajfault 149
[  333.773064][T14878] total_inactive_anon 724992
[  333.777740][T14878] total_active_anon 704512
[  333.782221][T14878] total_inactive_file 0
[  333.786387][T14878] total_active_file 4096
[  333.790714][T14878] total_unevictable 80785408
[  333.795379][T14878] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.3176,pid=14863,uid=0
[  333.810225][T14878] Memory cgroup out of memory: Killed process 14863 (syz.3.3176) total-vm:100164kB, anon-rss:1064kB, file-rss:26408kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:0
[  333.828235][T14886] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.3182'.
[  333.838024][T14885] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.3182'.
[  334.865343][T14931] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.3197'.
[  334.886636][T14934] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3199'.
[  334.901398][T14927] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.3197'.
[  336.090415][   T29] kauditd_printk_skb: 359 callbacks suppressed
[  336.090432][   T29] audit: type=1400 audit(1747485658.222:17924): avc:  denied  { unlink } for  pid=3326 comm="syz-executor" name="file0" dev="tmpfs" ino=3197 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  336.303250][T14971] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3211'.
[  336.474776][   T29] audit: type=1400 audit(1747485658.602:17925): avc:  denied  { kexec_image_load } for  pid=14980 comm="syz.4.3214" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1
[  336.504763][   T29] audit: type=1400 audit(1747485658.642:17926): avc:  denied  { read } for  pid=14980 comm="syz.4.3214" name="rtc0" dev="devtmpfs" ino=244 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  336.528436][   T29] audit: type=1400 audit(1747485658.642:17927): avc:  denied  { open } for  pid=14980 comm="syz.4.3214" path="/dev/rtc0" dev="devtmpfs" ino=244 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  336.552037][   T29] audit: type=1400 audit(1747485658.642:17928): avc:  denied  { ioctl } for  pid=14980 comm="syz.4.3214" path="/dev/rtc0" dev="devtmpfs" ino=244 ioctlcmd=0x7005 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  336.586132][T14987] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.3212'.
[  336.596511][T14973] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.3212'.
[  336.606996][   T29] audit: type=1400 audit(1747485658.642:17929): avc:  denied  { module_request } for  pid=14982 comm="syz.1.3217" kmod="netdev-batadv0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  336.629290][   T29] audit: type=1400 audit(1747485658.662:17930): avc:  denied  { sys_module } for  pid=14982 comm="syz.1.3217" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  336.703809][   T29] audit: type=1400 audit(1747485658.742:17931): avc:  denied  { create } for  pid=14980 comm="syz.4.3214" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  336.723724][   T29] audit: type=1400 audit(1747485658.742:17932): avc:  denied  { read } for  pid=14980 comm="syz.4.3214" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  336.743328][   T29] audit: type=1400 audit(1747485658.742:17933): avc:  denied  { read write } for  pid=14980 comm="syz.4.3214" name="snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  337.913569][T15022] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3227'.
[  340.488886][T15098] SELinux: syz.4.3251 (15098) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  342.293331][   T29] kauditd_printk_skb: 260 callbacks suppressed
[  342.293348][   T29] audit: type=1400 audit(1747485664.432:18194): avc:  denied  { read } for  pid=15121 comm="syz.0.3259" name="rtc0" dev="devtmpfs" ino=244 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  342.323053][   T29] audit: type=1400 audit(1747485664.432:18195): avc:  denied  { open } for  pid=15121 comm="syz.0.3259" path="/dev/rtc0" dev="devtmpfs" ino=244 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  342.346672][   T29] audit: type=1400 audit(1747485664.432:18196): avc:  denied  { ioctl } for  pid=15121 comm="syz.0.3259" path="/dev/rtc0" dev="devtmpfs" ino=244 ioctlcmd=0x7005 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  342.396430][   T29] audit: type=1326 audit(1747485664.522:18197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15126 comm="syz.3.3260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4070cfe969 code=0x7ffc0000
[  342.420129][   T29] audit: type=1326 audit(1747485664.522:18198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15126 comm="syz.3.3260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4070cfe969 code=0x7ffc0000
[  342.443873][   T29] audit: type=1326 audit(1747485664.522:18199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15126 comm="syz.3.3260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4070cfe969 code=0x7ffc0000
[  342.467502][   T29] audit: type=1326 audit(1747485664.522:18200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15126 comm="syz.3.3260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4070cfe969 code=0x7ffc0000
[  342.491133][   T29] audit: type=1326 audit(1747485664.522:18201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15126 comm="syz.3.3260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4070cfe969 code=0x7ffc0000
[  342.514923][   T29] audit: type=1326 audit(1747485664.522:18202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15126 comm="syz.3.3260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4070cfe969 code=0x7ffc0000
[  342.538581][   T29] audit: type=1326 audit(1747485664.522:18203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15126 comm="syz.3.3260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4070cfe969 code=0x7ffc0000
[  345.968846][T15237] netlink: 2 bytes leftover after parsing attributes in process `syz.0.3292'.
[  345.984333][T15237] netlink: 'syz.0.3292': attribute type 3 has an invalid length.
[  345.992569][T15237] netlink: 132 bytes leftover after parsing attributes in process `syz.0.3292'.
[  346.559988][T15253] SELinux: syz.2.3296 (15253) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  347.308081][   T29] kauditd_printk_skb: 548 callbacks suppressed
[  347.308097][   T29] audit: type=1326 audit(1747485669.442:18752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15260 comm="syz.1.3299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7f2a5f94e969 code=0x7ffc0000
[  347.353843][   T29] audit: type=1326 audit(1747485669.472:18753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15260 comm="syz.1.3299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7f2a5f94e969 code=0x7ffc0000
[  347.377838][   T29] audit: type=1326 audit(1747485669.482:18754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15260 comm="syz.1.3299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7f2a5f94e969 code=0x7ffc0000
[  347.468843][   T29] audit: type=1326 audit(1747485669.512:18755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15260 comm="syz.1.3299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7f2a5f94e969 code=0x7ffc0000
[  347.492582][   T29] audit: type=1326 audit(1747485669.522:18756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15260 comm="syz.1.3299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7f2a5f94e969 code=0x7ffc0000
[  347.516352][   T29] audit: type=1326 audit(1747485669.532:18757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15260 comm="syz.1.3299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7f2a5f94e969 code=0x7ffc0000
[  347.532382][T15253] syz.2.3296 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  347.540220][   T29] audit: type=1326 audit(1747485669.602:18758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15260 comm="syz.1.3299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7f2a5f94e969 code=0x7ffc0000
[  347.554325][T15253] CPU: 1 UID: 0 PID: 15253 Comm: syz.2.3296 Not tainted 6.15.0-rc6-syzkaller-00278-g172a9d94339c #0 PREEMPT(voluntary) 
[  347.554393][T15253] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  347.554410][T15253] Call Trace:
[  347.554417][T15253]  <TASK>
[  347.554427][T15253]  __dump_stack+0x1d/0x30
[  347.554455][T15253]  dump_stack_lvl+0xe8/0x140
[  347.554483][T15253]  dump_stack+0x15/0x1b
[  347.554562][T15253]  dump_header+0x81/0x220
[  347.554616][T15253]  oom_kill_process+0x334/0x3f0
[  347.554653][T15253]  out_of_memory+0x979/0xb80
[  347.554686][T15253]  ? css_next_descendant_pre+0x138/0x160
[  347.554765][T15253]  mem_cgroup_out_of_memory+0x13d/0x190
[  347.554815][T15253]  try_charge_memcg+0x5e2/0x870
[  347.554859][T15253]  obj_cgroup_charge_pages+0xb7/0x1a0
[  347.554912][T15253]  __memcg_kmem_charge_page+0x9f/0x170
[  347.554943][T15253]  __alloc_frozen_pages_noprof+0x188/0x360
[  347.554985][T15253]  alloc_pages_mpol+0xb3/0x250
[  347.555127][T15253]  alloc_pages_noprof+0x90/0x130
[  347.555159][T15253]  __vmalloc_node_range_noprof+0x6a4/0xdf0
[  347.555264][T15253]  __kvmalloc_node_noprof+0x2f3/0x4d0
[  347.555295][T15253]  ? ip_set_alloc+0x1f/0x30
[  347.555329][T15253]  ? ip_set_alloc+0x1f/0x30
[  347.555431][T15253]  ? __kmalloc_cache_noprof+0x189/0x320
[  347.555462][T15253]  ip_set_alloc+0x1f/0x30
[  347.555497][T15253]  hash_netiface_create+0x282/0x740
[  347.555562][T15253]  ? __pfx_hash_netiface_create+0x10/0x10
[  347.555609][T15253]  ip_set_create+0x3c9/0x960
[  347.555665][T15253]  ? __nla_parse+0x40/0x60
[  347.555694][T15253]  nfnetlink_rcv_msg+0x4c6/0x590
[  347.555819][T15253]  netlink_rcv_skb+0x123/0x220
[  347.555863][T15253]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  347.555913][T15253]  nfnetlink_rcv+0x16b/0x1690
[  347.555947][T15253]  ? __dquot_free_space+0x52d/0x800
[  347.555986][T15253]  ? xas_find+0x15e/0x3e0
[  347.556017][T15253]  ? xas_load+0x405/0x430
[  347.556047][T15253]  ? find_get_entry+0x374/0x380
[  347.556111][T15253]  ? __rcu_read_unlock+0x4f/0x70
[  347.556140][T15253]  ? find_get_entries+0x1ea/0x220
[  347.556175][T15253]  ? percpu_counter_add_batch+0xb6/0x130
[  347.556286][T15253]  ? shmem_recalc_inode+0x19f/0x1c0
[  347.556322][T15253]  ? shmem_undo_range+0xa4b/0xa80
[  347.556356][T15253]  ? rb_insert_color+0x264/0x2b0
[  347.556386][T15253]  ? rb_erase+0x10c/0x680
[  347.556467][T15253]  ? should_fail_ex+0x30/0x280
[  347.556511][T15253]  ? selinux_nlmsg_lookup+0x99/0x8b0
[  347.556545][T15253]  ? selinux_netlink_send+0x59f/0x5f0
[  347.556582][T15253]  ? __rcu_read_unlock+0x34/0x70
[  347.556616][T15253]  ? __netlink_lookup+0x266/0x2a0
[  347.556638][T15253]  netlink_unicast+0x5a1/0x670
[  347.556681][T15253]  netlink_sendmsg+0x58b/0x6b0
[  347.556710][T15253]  ? __pfx_netlink_sendmsg+0x10/0x10
[  347.556756][T15253]  __sock_sendmsg+0x145/0x180
[  347.556794][T15253]  ____sys_sendmsg+0x31e/0x4e0
[  347.556915][T15253]  ___sys_sendmsg+0x17b/0x1d0
[  347.556965][T15253]  __x64_sys_sendmsg+0xd4/0x160
[  347.556999][T15253]  x64_sys_call+0x2999/0x2fb0
[  347.557028][T15253]  do_syscall_64+0xd0/0x1a0
[  347.557114][T15253]  ? clear_bhb_loop+0x40/0x90
[  347.557144][T15253]  ? clear_bhb_loop+0x40/0x90
[  347.557216][T15253]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  347.557244][T15253] RIP: 0033:0x7f2e1239e969
[  347.557267][T15253] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  347.557342][T15253] RSP: 002b:00007f2e10a07038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  347.557408][T15253] RAX: ffffffffffffffda RBX: 00007f2e125c5fa0 RCX: 00007f2e1239e969
[  347.557425][T15253] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000007
[  347.557441][T15253] RBP: 00007f2e12420ab1 R08: 0000000000000000 R09: 0000000000000000
[  347.557457][T15253] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  347.557473][T15253] R13: 0000000000000000 R14: 00007f2e125c5fa0 R15: 00007ffd18980488
[  347.557546][T15253]  </TASK>
[  347.557554][T15253] memory: usage 307200kB, limit 307200kB, failcnt 449
[  347.654139][   T29] audit: type=1326 audit(1747485669.772:18759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15260 comm="syz.1.3299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7f2a5f94e969 code=0x7ffc0000
[  347.655626][T15253] memory+swap: usage 307200kB, limit 9007199254740988kB, failcnt 0
[  347.661050][   T29] audit: type=1326 audit(1747485669.782:18760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15260 comm="syz.1.3299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7f2a5f94e969 code=0x7ffc0000
[  347.666842][T15253] kmem: usage 239380kB, limit 9007199254740988kB, failcnt 0
[  347.666859][T15253] Memory cgroup stats for /syz2
[  347.681280][   T29] audit: type=1326 audit(1747485669.802:18761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15260 comm="syz.1.3299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7f2a5f94e969 code=0x7ffc0000
[  347.682382][T15253] :
[  347.682958][T15253] cache 69025792
[  348.064255][T15253] rss 417792
[  348.067545][T15253] shmem 69025792
[  348.071106][T15253] mapped_file 0
[  348.074611][T15253] dirty 0
[  348.077640][T15253] writeback 0
[  348.080923][T15253] workingset_refault_anon 0
[  348.085494][T15253] workingset_refault_file 274
[  348.090174][T15253] swap 0
[  348.093078][T15253] swapcached 0
[  348.096462][T15253] pgpgin 641989
[  348.099924][T15253] pgpgout 625034
[  348.103575][T15253] pgfault 470010
[  348.107122][T15253] pgmajfault 28
[  348.110579][T15253] inactive_anon 4096
[  348.114530][T15253] active_anon 69439488
[  348.118615][T15253] inactive_file 0
[  348.122374][T15253] active_file 4096
[  348.126304][T15253] unevictable 0
[  348.129764][T15253] hierarchical_memory_limit 314572800
[  348.135413][T15253] hierarchical_memsw_limit 9223372036854771712
[  348.141676][T15253] total_cache 69025792
[  348.145755][T15253] total_rss 417792
[  348.149486][T15253] total_shmem 69025792
[  348.153613][T15253] total_mapped_file 0
[  348.157645][T15253] total_dirty 0
[  348.161095][T15253] total_writeback 0
[  348.164935][T15253] total_workingset_refault_anon 0
[  348.169963][T15253] total_workingset_refault_file 274
[  348.175194][T15253] total_swap 0
[  348.178630][T15253] total_swapcached 0
[  348.182554][T15253] total_pgpgin 641989
[  348.186569][T15253] total_pgpgout 625034
[  348.190764][T15253] total_pgfault 470010
[  348.195137][T15253] total_pgmajfault 28
[  348.199122][T15253] total_inactive_anon 4096
[  348.203636][T15253] total_active_anon 69439488
[  348.208233][T15253] total_inactive_file 0
[  348.212411][T15253] total_active_file 4096
[  348.216715][T15253] total_unevictable 0
[  348.220770][T15253] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.3296,pid=15252,uid=0
[  348.235479][T15253] Memory cgroup out of memory: Killed process 15252 (syz.2.3296) total-vm:95796kB, anon-rss:1064kB, file-rss:22376kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  350.570925][T15337] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.3317'.
[  350.580766][T15334] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.3317'.
[  352.313313][   T29] kauditd_printk_skb: 496 callbacks suppressed
[  352.313336][   T29] audit: type=1326 audit(1747485674.452:19258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15365 comm="syz.3.3327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7f4070cfe969 code=0x7ffc0000
[  352.429789][   T29] audit: type=1326 audit(1747485674.562:19259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15365 comm="syz.3.3327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7f4070cfe969 code=0x7ffc0000
[  352.461025][   T29] audit: type=1326 audit(1747485674.592:19260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15365 comm="syz.3.3327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7f4070cfe969 code=0x7ffc0000
[  352.517722][   T29] audit: type=1326 audit(1747485674.622:19261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15365 comm="syz.3.3327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7f4070cfe969 code=0x7ffc0000
[  352.542094][   T29] audit: type=1400 audit(1747485674.652:19262): avc:  denied  { bind } for  pid=15391 comm="syz.3.3335" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  352.561736][   T29] audit: type=1400 audit(1747485674.652:19263): avc:  denied  { name_bind } for  pid=15391 comm="syz.3.3335" src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  352.583872][   T29] audit: type=1400 audit(1747485674.652:19264): avc:  denied  { node_bind } for  pid=15391 comm="syz.3.3335" src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1
[  352.605438][   T29] audit: type=1400 audit(1747485674.652:19265): avc:  denied  { create } for  pid=15393 comm="syz.1.3333" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  352.625260][   T29] audit: type=1400 audit(1747485674.652:19266): avc:  denied  { setopt } for  pid=15393 comm="syz.1.3333" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  352.646022][   T29] audit: type=1404 audit(1747485674.702:19267): enforcing=1 old_enforcing=0 auid=4294967295 ses=4294967295 enabled=1 old-enabled=1 lsm=selinux res=1
[  354.741675][T15445] SELinux: syz.0.3351 (15445) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  355.388105][T15465] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.3355'.
[  355.398121][T15460] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.3355'.
[  355.522460][T15470] SELinux: syz.2.3359 (15470) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  355.907682][T15476] SELinux: syz.2.3360 (15476) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  356.877965][T15510] SELinux: syz.1.3371 (15510) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  357.322907][   T29] kauditd_printk_skb: 512 callbacks suppressed
[  357.322925][   T29] audit: type=1400 audit(1747485679.462:19780): avc:  denied  { open } for  pid=15521 comm="syz.1.3374" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=0
[  357.348828][   T29] audit: type=1400 audit(1747485679.462:19781): avc:  denied  { prog_load } for  pid=15521 comm="syz.1.3374" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  357.368460][   T29] audit: type=1400 audit(1747485679.462:19782): avc:  denied  { prog_load } for  pid=15521 comm="syz.1.3374" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  357.409104][T15526] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.3374'.
[  357.434464][T15522] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.3374'.
[  357.445558][   T29] audit: type=1400 audit(1747485679.512:19783): avc:  denied  { prog_load } for  pid=15523 comm="syz.2.3376" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  357.464851][   T29] audit: type=1400 audit(1747485679.512:19784): avc:  denied  { prog_load } for  pid=15523 comm="syz.2.3376" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  357.484343][   T29] audit: type=1400 audit(1747485679.512:19785): avc:  denied  { map_create } for  pid=15523 comm="syz.2.3376" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  357.503783][   T29] audit: type=1400 audit(1747485679.512:19786): avc:  denied  { prog_load } for  pid=15523 comm="syz.2.3376" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  357.523021][   T29] audit: type=1400 audit(1747485679.512:19787): avc:  denied  { create } for  pid=15523 comm="syz.2.3376" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=0
[  357.542663][   T29] audit: type=1400 audit(1747485679.512:19788): avc:  denied  { map_create } for  pid=15523 comm="syz.2.3376" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  357.562206][   T29] audit: type=1400 audit(1747485679.512:19789): avc:  denied  { create } for  pid=15523 comm="syz.2.3376" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=0
[  357.595037][T15528] SELinux: syz.1.3377 (15528) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  359.285793][T15574] SELinux: syz.2.3390 (15574) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  360.783409][ T3324] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  360.794409][ T3324] CPU: 0 UID: 0 PID: 3324 Comm: syz-executor Not tainted 6.15.0-rc6-syzkaller-00278-g172a9d94339c #0 PREEMPT(voluntary) 
[  360.794435][ T3324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  360.794450][ T3324] Call Trace:
[  360.794458][ T3324]  <TASK>
[  360.794468][ T3324]  __dump_stack+0x1d/0x30
[  360.794526][ T3324]  dump_stack_lvl+0xe8/0x140
[  360.794550][ T3324]  dump_stack+0x15/0x1b
[  360.794566][ T3324]  dump_header+0x81/0x220
[  360.794661][ T3324]  oom_kill_process+0x334/0x3f0
[  360.794694][ T3324]  out_of_memory+0x979/0xb80
[  360.794796][ T3324]  ? css_next_descendant_pre+0x138/0x160
[  360.794821][ T3324]  mem_cgroup_out_of_memory+0x13d/0x190
[  360.794855][ T3324]  try_charge_memcg+0x5e2/0x870
[  360.794885][ T3324]  charge_memcg+0x51/0xc0
[  360.794964][ T3324]  __mem_cgroup_charge+0x28/0xb0
[  360.794995][ T3324]  filemap_add_folio+0x4e/0x1b0
[  360.795025][ T3324]  __filemap_get_folio+0x31e/0x650
[  360.795131][ T3324]  filemap_fault+0x41d/0xb40
[  360.795169][ T3324]  __do_fault+0xb9/0x200
[  360.795235][ T3324]  handle_mm_fault+0x110c/0x2ae0
[  360.795271][ T3324]  ? mas_walk+0xf2/0x120
[  360.795303][ T3324]  do_user_addr_fault+0x636/0x1090
[  360.795344][ T3324]  exc_page_fault+0x54/0xc0
[  360.795476][ T3324]  asm_exc_page_fault+0x26/0x30
[  360.795499][ T3324] RIP: 0033:0x7f4070bd5994
[  360.795600][ T3324] Code: 85 ed 09 00 00 48 b8 db 34 b6 d7 82 de 1b 43 48 f7 a4 24 98 00 00 00 48 8b 05 08 fe e7 00 48 69 8c 24 90 00 00 00 e8 03 00 00 <8b> 78 08 48 8b 44 24 18 48 c1 ea 12 4c 8b 0d 19 fd e7 00 48 01 d1
[  360.795621][ T3324] RSP: 002b:00007ffcf5971cb0 EFLAGS: 00010202
[  360.795640][ T3324] RAX: 0000001b32b20000 RBX: 00000000000009e1 RCX: 0000000000057e40
[  360.795655][ T3324] RDX: 000000000ba2e6c2 RSI: 00007ffcf5971d40 RDI: 0000000000000001
[  360.795669][ T3324] RBP: 00007ffcf5971cec R08: 000000002c639b67 R09: 7fffffffffffffff
[  360.795683][ T3324] R10: 3fffffffffffffff R11: 0000000000000202 R12: 0000000000001388
[  360.795698][ T3324] R13: 00000000000927c0 R14: 00000000000580c7 R15: 00007ffcf5971d40
[  360.795721][ T3324]  </TASK>
[  360.795728][ T3324] memory: usage 307200kB, limit 307200kB, failcnt 1099
[  361.000695][ T3324] memory+swap: usage 195224kB, limit 9007199254740988kB, failcnt 0
[  361.008639][ T3324] kmem: usage 103092kB, limit 9007199254740988kB, failcnt 0
[  361.015980][ T3324] Memory cgroup stats for /syz3:
[  361.043510][ T3324] cache 83951616
[  361.052118][ T3324] rss 225280
[  361.055328][ T3324] shmem 3166208
[  361.058799][ T3324] mapped_file 0
[  361.062310][ T3324] dirty 0
[  361.065263][ T3324] writeback 0
[  361.068565][ T3324] workingset_refault_anon 755
[  361.073322][ T3324] workingset_refault_file 580
[  361.078011][ T3324] swap 245760
[  361.081624][ T3324] swapcached 36864
[  361.085594][ T3324] pgpgin 631378
[  361.089087][ T3324] pgpgout 610818
[  361.092854][ T3324] pgfault 642551
[  361.096406][ T3324] pgmajfault 151
[  361.099956][ T3324] inactive_anon 897024
[  361.104061][ T3324] active_anon 2531328
[  361.108055][ T3324] inactive_file 0
[  361.111717][ T3324] active_file 0
[  361.115184][ T3324] unevictable 80785408
[  361.119266][ T3324] hierarchical_memory_limit 314572800
[  361.124897][ T3324] hierarchical_memsw_limit 9223372036854771712
[  361.131076][ T3324] total_cache 83951616
[  361.135174][ T3324] total_rss 225280
[  361.139068][ T3324] total_shmem 3166208
[  361.143108][ T3324] total_mapped_file 0
[  361.147097][ T3324] total_dirty 0
[  361.149966][T15627] SELinux: syz.2.3405 (15627) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  361.150547][ T3324] total_writeback 0
[  361.150557][ T3324] total_workingset_refault_anon 755
[  361.150566][ T3324] total_workingset_refault_file 580
[  361.150573][ T3324] total_swap 245760
[  361.150580][ T3324] total_swapcached 36864
[  361.150586][ T3324] total_pgpgin 631378
[  361.150600][ T3324] total_pgpgout 610818
[  361.194606][ T3324] total_pgfault 642551
[  361.198751][ T3324] total_pgmajfault 151
[  361.202851][ T3324] total_inactive_anon 897024
[  361.207467][ T3324] total_active_anon 2531328
[  361.212072][ T3324] total_inactive_file 0
[  361.216237][ T3324] total_active_file 0
[  361.220231][ T3324] total_unevictable 80785408
[  361.224847][ T3324] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.3402,pid=15613,uid=0
[  361.239680][ T3324] Memory cgroup out of memory: Killed process 15613 (syz.3.3402) total-vm:95928kB, anon-rss:1192kB, file-rss:22440kB, shmem-rss:0kB, UID:0 pgtables:132kB oom_score_adj:0
[  362.332106][   T29] kauditd_printk_skb: 536 callbacks suppressed
[  362.332124][   T29] audit: type=1326 audit(1747485684.472:20326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15657 comm="syz.0.3415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7efdd8b5e969 code=0x7ffc0000
[  362.394538][   T29] audit: type=1326 audit(1747485684.502:20327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15657 comm="syz.0.3415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7efdd8b5e969 code=0x7ffc0000
[  362.418447][   T29] audit: type=1326 audit(1747485684.522:20328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15657 comm="syz.0.3415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7efdd8b5e969 code=0x7ffc0000
[  362.442253][   T29] audit: type=1326 audit(1747485684.532:20329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15657 comm="syz.0.3415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7efdd8b5e969 code=0x7ffc0000
[  362.501984][   T29] audit: type=1326 audit(1747485684.532:20330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15657 comm="syz.0.3415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7efdd8b5e969 code=0x7ffc0000
[  362.525731][   T29] audit: type=1326 audit(1747485684.532:20331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15657 comm="syz.0.3415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7efdd8b5e969 code=0x7ffc0000
[  362.549345][   T29] audit: type=1326 audit(1747485684.552:20332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15657 comm="syz.0.3415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7efdd8b5e969 code=0x7ffc0000
[  362.573019][   T29] audit: type=1326 audit(1747485684.552:20333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15657 comm="syz.0.3415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7efdd8b5e969 code=0x7ffc0000
[  362.596726][   T29] audit: type=1326 audit(1747485684.582:20334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15657 comm="syz.0.3415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7efdd8b5e969 code=0x7ffc0000
[  362.615290][T15668] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.3417'.
[  362.620401][   T29] audit: type=1326 audit(1747485684.582:20335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15657 comm="syz.0.3415" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7efdd8b5e969 code=0x7ffc0000
[  362.655451][T15663] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.3417'.
[  363.681478][T15693] SELinux: syz.2.3427 (15693) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  363.933897][T15700] syz.2.3427 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  363.943922][T15700] CPU: 1 UID: 0 PID: 15700 Comm: syz.2.3427 Not tainted 6.15.0-rc6-syzkaller-00278-g172a9d94339c #0 PREEMPT(voluntary) 
[  363.943949][T15700] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  363.943964][T15700] Call Trace:
[  363.943973][T15700]  <TASK>
[  363.943991][T15700]  __dump_stack+0x1d/0x30
[  363.944019][T15700]  dump_stack_lvl+0xe8/0x140
[  363.944039][T15700]  dump_stack+0x15/0x1b
[  363.944058][T15700]  dump_header+0x81/0x220
[  363.944094][T15700]  oom_kill_process+0x334/0x3f0
[  363.944200][T15700]  out_of_memory+0x979/0xb80
[  363.944229][T15700]  ? css_next_descendant_pre+0x138/0x160
[  363.944263][T15700]  mem_cgroup_out_of_memory+0x13d/0x190
[  363.944369][T15700]  try_charge_memcg+0x5e2/0x870
[  363.944412][T15700]  charge_memcg+0x51/0xc0
[  363.944444][T15700]  __mem_cgroup_charge+0x28/0xb0
[  363.944525][T15700]  shmem_get_folio_gfp+0x470/0xd40
[  363.944572][T15700]  shmem_write_begin+0xa8/0x190
[  363.944649][T15700]  generic_perform_write+0x181/0x490
[  363.944699][T15700]  shmem_file_write_iter+0xc5/0xf0
[  363.944735][T15700]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  363.944834][T15700]  vfs_write+0x49d/0x8d0
[  363.944872][T15700]  __x64_sys_pwrite64+0xfd/0x150
[  363.944948][T15700]  x64_sys_call+0xe45/0x2fb0
[  363.944970][T15700]  do_syscall_64+0xd0/0x1a0
[  363.945001][T15700]  ? clear_bhb_loop+0x40/0x90
[  363.945022][T15700]  ? clear_bhb_loop+0x40/0x90
[  363.945049][T15700]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  363.945078][T15700] RIP: 0033:0x7f2e1239e969
[  363.945099][T15700] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  363.945120][T15700] RSP: 002b:00007f2e109e6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000012
[  363.945216][T15700] RAX: ffffffffffffffda RBX: 00007f2e125c6080 RCX: 00007f2e1239e969
[  363.945233][T15700] RDX: 00000000200000c1 RSI: 00002000000000c0 RDI: 0000000000000008
[  363.945250][T15700] RBP: 00007f2e12420ab1 R08: 0000000000000000 R09: 0000000000000000
[  363.945264][T15700] R10: 0000000000009000 R11: 0000000000000246 R12: 0000000000000000
[  363.945276][T15700] R13: 0000000000000000 R14: 00007f2e125c6080 R15: 00007ffd18980488
[  363.945303][T15700]  </TASK>
[  363.945313][T15700] memory: usage 307200kB, limit 307200kB, failcnt 656
[  364.169797][T15700] memory+swap: usage 280856kB, limit 9007199254740988kB, failcnt 0
[  364.177747][T15700] kmem: usage 210568kB, limit 9007199254740988kB, failcnt 0
[  364.185114][T15700] Memory cgroup stats for /syz2:
[  364.191559][T15700] cache 71544832
[  364.200205][T15700] rss 425984
[  364.203447][T15700] shmem 71544832
[  364.207091][T15700] mapped_file 0
[  364.210571][T15700] dirty 0
[  364.213541][T15700] writeback 0
[  364.216905][T15700] workingset_refault_anon 0
[  364.221477][T15700] workingset_refault_file 339
[  364.226200][T15700] swap 0
[  364.229090][T15700] swapcached 0
[  364.232515][T15700] pgpgin 725052
[  364.236041][T15700] pgpgout 707480
[  364.239606][T15700] pgfault 539074
[  364.243244][T15700] pgmajfault 31
[  364.246713][T15700] inactive_anon 77824
[  364.250769][T15700] active_anon 71892992
[  364.254932][T15700] inactive_file 0
[  364.258606][T15700] active_file 4096
[  364.262371][T15700] unevictable 0
[  364.265851][T15700] hierarchical_memory_limit 314572800
[  364.271276][T15700] hierarchical_memsw_limit 9223372036854771712
[  364.277454][T15700] total_cache 71544832
[  364.281574][T15700] total_rss 425984
[  364.285300][T15700] total_shmem 71544832
[  364.289413][T15700] total_mapped_file 0
[  364.293494][T15700] total_dirty 0
[  364.296956][T15700] total_writeback 0
[  364.300768][T15700] total_workingset_refault_anon 0
[  364.305918][T15700] total_workingset_refault_file 339
[  364.311124][T15700] total_swap 0
[  364.314553][T15700] total_swapcached 0
[  364.318453][T15700] total_pgpgin 725052
[  364.322465][T15700] total_pgpgout 707480
[  364.326609][T15700] total_pgfault 539074
[  364.330699][T15700] total_pgmajfault 31
[  364.334723][T15700] total_inactive_anon 77824
[  364.339237][T15700] total_active_anon 71892992
[  364.343933][T15700] total_inactive_file 0
[  364.348151][T15700] total_active_file 4096
[  364.352435][T15700] total_unevictable 0
[  364.356537][T15700] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.3427,pid=15692,uid=0
[  364.371335][T15700] Memory cgroup out of memory: Killed process 15692 (syz.2.3427) total-vm:95928kB, anon-rss:1192kB, file-rss:22568kB, shmem-rss:0kB, UID:0 pgtables:132kB oom_score_adj:1000
[  364.558170][T15710] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3429'.
[  366.263675][T15755] SELinux: syz.2.3440 (15755) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  366.958407][T15766] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3443'.
[  367.342168][   T29] kauditd_printk_skb: 745 callbacks suppressed
[  367.342186][   T29] audit: type=1326 audit(1747485689.482:21081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15769 comm="syz.0.3445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7efdd8b5e969 code=0x7ffc0000
[  367.411503][   T29] audit: type=1326 audit(1747485689.482:21082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15769 comm="syz.0.3445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7efdd8b5e969 code=0x7ffc0000
[  367.435196][   T29] audit: type=1326 audit(1747485689.522:21083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15769 comm="syz.0.3445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7efdd8b5e969 code=0x7ffc0000
[  367.458920][   T29] audit: type=1326 audit(1747485689.532:21084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15769 comm="syz.0.3445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7efdd8b5e969 code=0x7ffc0000
[  367.540868][   T29] audit: type=1326 audit(1747485689.622:21085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15769 comm="syz.0.3445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7efdd8b5e969 code=0x7ffc0000
[  367.564514][   T29] audit: type=1326 audit(1747485689.662:21086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15769 comm="syz.0.3445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7efdd8b5e969 code=0x7ffc0000
[  367.584840][T15779] 9pnet_fd: Insufficient options for proto=fd
[  367.588217][   T29] audit: type=1326 audit(1747485689.672:21087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15769 comm="syz.0.3445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7efdd8b5e969 code=0x7ffc0000
[  367.617785][   T29] audit: type=1326 audit(1747485689.682:21088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15769 comm="syz.0.3445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7efdd8b5e969 code=0x7ffc0000
[  367.641413][   T29] audit: type=1326 audit(1747485689.692:21089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15769 comm="syz.0.3445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7efdd8b5e969 code=0x7ffc0000
[  367.665135][   T29] audit: type=1326 audit(1747485689.702:21090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15769 comm="syz.0.3445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7efdd8b5e969 code=0x7ffc0000
[  368.231187][T15787] chnl_net:caif_netlink_parms(): no params data found
[  368.315002][T15787] bridge0: port 1(bridge_slave_0) entered blocking state
[  368.322153][T15787] bridge0: port 1(bridge_slave_0) entered disabled state
[  368.331442][T15787] bridge_slave_0: entered allmulticast mode
[  368.338733][T15787] bridge_slave_0: entered promiscuous mode
[  368.358762][T15787] bridge0: port 2(bridge_slave_1) entered blocking state
[  368.366031][T15787] bridge0: port 2(bridge_slave_1) entered disabled state
[  368.383077][T15787] bridge_slave_1: entered allmulticast mode
[  368.389666][T15787] bridge_slave_1: entered promiscuous mode
[  368.408575][T15787] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  368.422673][T15787] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  368.478002][T15787] team0: Port device team_slave_0 added
[  368.486504][T15787] team0: Port device team_slave_1 added
[  368.511535][T15787] batman_adv: batadv0: Adding interface: batadv_slave_0
[  368.518524][T15787] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  368.544657][T15787] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  368.556132][T15787] batman_adv: batadv0: Adding interface: batadv_slave_1
[  368.563212][T15787] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  368.589364][T15787] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  368.637426][T15787] hsr_slave_0: entered promiscuous mode
[  368.656629][T15787] hsr_slave_1: entered promiscuous mode
[  368.672454][T15787] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  368.687763][T15787] Cannot create hsr debugfs directory
[  369.283681][ T4771] bond0 (unregistering): Released all slaves
[  369.614291][ T4771] hsr_slave_0: left promiscuous mode
[  369.624293][ T4771] hsr_slave_1: left promiscuous mode
[  369.639748][T15870] SELinux: syz.1.3461 (15870) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  369.673549][ T4775] smc: removing ib device syz2
[  370.154383][T15887] 9pnet: Could not find request transport: fd0x0000000000000003
[  370.188467][T15787] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  370.224682][T15787] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  370.292307][T15787] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  370.315488][T15787] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  370.443286][T15787] 8021q: adding VLAN 0 to HW filter on device bond0
[  370.481877][T15787] 8021q: adding VLAN 0 to HW filter on device team0
[  370.511151][ T4775] bridge0: port 1(bridge_slave_0) entered blocking state
[  370.518290][ T4775] bridge0: port 1(bridge_slave_0) entered forwarding state
[  370.545017][ T4778] bridge0: port 2(bridge_slave_1) entered blocking state
[  370.552188][ T4778] bridge0: port 2(bridge_slave_1) entered forwarding state
[  370.573627][ T4771] IPVS: stop unused estimator thread 0...
[  370.700026][T15787] 8021q: adding VLAN 0 to HW filter on device batadv0
[  370.925559][T15787] veth0_vlan: entered promiscuous mode
[  370.936842][T15787] veth1_vlan: entered promiscuous mode
[  370.959377][T15787] veth0_macvtap: entered promiscuous mode
[  370.977789][T15787] veth1_macvtap: entered promiscuous mode
[  371.000068][T15787] batman_adv: batadv0: Interface activated: batadv_slave_0
[  371.017403][T15787] batman_adv: batadv0: Interface activated: batadv_slave_1
[  371.033636][T15787] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  371.042673][T15787] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  371.051456][T15787] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  371.060185][T15787] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  372.016926][T16009] 9pnet: Could not find request transport: fd0x0000000000000003
[  372.499088][   T29] kauditd_printk_skb: 411 callbacks suppressed
[  372.499106][   T29] audit: type=1326 audit(1747485694.632:21502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16000 comm="syz.1.3476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7f2a5f94e969 code=0x7ffc0000
[  372.610382][   T29] audit: type=1326 audit(1747485694.742:21503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16000 comm="syz.1.3476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7f2a5f94e969 code=0x7ffc0000
[  372.637001][   T29] audit: type=1326 audit(1747485694.772:21504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16000 comm="syz.1.3476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7f2a5f94e969 code=0x7ffc0000
[  372.710717][   T29] audit: type=1326 audit(1747485694.842:21505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16000 comm="syz.1.3476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7f2a5f94e969 code=0x7ffc0000
[  372.734507][   T29] audit: type=1326 audit(1747485694.842:21506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16000 comm="syz.1.3476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a5f94e969 code=0x7ffc0000
[  372.758203][   T29] audit: type=1326 audit(1747485694.842:21507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16000 comm="syz.1.3476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a5f94e969 code=0x7ffc0000
[  372.830274][   T29] audit: type=1326 audit(1747485694.932:21508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16000 comm="syz.1.3476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a5f94e969 code=0x7ffc0000
[  372.951520][   T29] audit: type=1326 audit(1747485695.082:21509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16063 comm="syz.1.3484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a5f94e969 code=0x7ffc0000
[  372.975269][   T29] audit: type=1326 audit(1747485695.082:21510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16063 comm="syz.1.3484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a5f94e969 code=0x7ffc0000
[  372.998868][   T29] audit: type=1326 audit(1747485695.082:21511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16063 comm="syz.1.3484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2a5f94e969 code=0x7ffc0000
[  373.093031][T16074] netlink: 16402 bytes leftover after parsing attributes in process `syz.5.3485'.
[  373.107513][T16060] netlink: 16402 bytes leftover after parsing attributes in process `syz.5.3485'.
[  373.349421][T16087] 9pnet_fd: Insufficient options for proto=fd
[  373.929784][T16104] SELinux: syz.1.3492 (16104) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  373.953942][T16106] SELinux: syz.2.3494 (16106) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  374.882412][T16127] 9pnet: Could not find request transport: fd0x0000000000000003
[  374.984758][T16132] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.3499'.
[  375.000740][T16130] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.3499'.
[  375.622407][T16145] SELinux: syz.1.3504 (16145) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  376.123773][ T3313] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  376.134722][ T3313] CPU: 0 UID: 0 PID: 3313 Comm: syz-executor Not tainted 6.15.0-rc6-syzkaller-00278-g172a9d94339c #0 PREEMPT(voluntary) 
[  376.134812][ T3313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  376.134828][ T3313] Call Trace:
[  376.134836][ T3313]  <TASK>
[  376.134846][ T3313]  __dump_stack+0x1d/0x30
[  376.134873][ T3313]  dump_stack_lvl+0xe8/0x140
[  376.134900][ T3313]  dump_stack+0x15/0x1b
[  376.134989][ T3313]  dump_header+0x81/0x220
[  376.135031][ T3313]  oom_kill_process+0x334/0x3f0
[  376.135066][ T3313]  out_of_memory+0x979/0xb80
[  376.135098][ T3313]  ? css_next_descendant_pre+0x138/0x160
[  376.135128][ T3313]  mem_cgroup_out_of_memory+0x13d/0x190
[  376.135174][ T3313]  try_charge_memcg+0x5e2/0x870
[  376.135214][ T3313]  charge_memcg+0x51/0xc0
[  376.135268][ T3313]  __mem_cgroup_charge+0x28/0xb0
[  376.135376][ T3313]  filemap_add_folio+0x4e/0x1b0
[  376.135408][ T3313]  __filemap_get_folio+0x31e/0x650
[  376.135465][ T3313]  filemap_fault+0x41d/0xb40
[  376.135506][ T3313]  __do_fault+0xb9/0x200
[  376.135618][ T3313]  handle_mm_fault+0x110c/0x2ae0
[  376.135662][ T3313]  ? mas_walk+0xf2/0x120
[  376.135777][ T3313]  do_user_addr_fault+0x636/0x1090
[  376.135821][ T3313]  exc_page_fault+0x54/0xc0
[  376.135846][ T3313]  asm_exc_page_fault+0x26/0x30
[  376.135908][ T3313] RIP: 0033:0x7f2a5f825994
[  376.135927][ T3313] Code: 85 ed 09 00 00 48 b8 db 34 b6 d7 82 de 1b 43 48 f7 a4 24 98 00 00 00 48 8b 05 08 fe e7 00 48 69 8c 24 90 00 00 00 e8 03 00 00 <8b> 78 08 48 8b 44 24 18 48 c1 ea 12 4c 8b 0d 19 fd e7 00 48 01 d1
[  376.135952][ T3313] RSP: 002b:00007ffc42fca210 EFLAGS: 00010206
[  376.135971][ T3313] RAX: 0000001b32920000 RBX: 0000000000000754 RCX: 000000000005bcc0
[  376.135993][ T3313] RDX: 0000000000aca0c0 RSI: 00007ffc42fca2a0 RDI: 0000000000000001
[  376.136009][ T3313] RBP: 00007ffc42fca24c R08: 00000000029285f8 R09: 7fffffffffffffff
[  376.136025][ T3313] R10: 3fffffffffffffff R11: 0000000000000202 R12: 0000000000001388
[  376.136117][ T3313] R13: 00000000000927c0 R14: 000000000005bc16 R15: 00007ffc42fca2a0
[  376.136143][ T3313]  </TASK>
[  376.136151][ T3313] memory: usage 307200kB, limit 307200kB, failcnt 1527
[  376.340553][ T3313] memory+swap: usage 249600kB, limit 9007199254740988kB, failcnt 0
[  376.348587][ T3313] kmem: usage 160656kB, limit 9007199254740988kB, failcnt 0
[  376.356194][ T3313] Memory cgroup stats for /syz1:
[  376.588598][ T3313] cache 46051328
[  376.597325][ T3313] rss 327680
[  376.600601][ T3313] shmem 45973504
[  376.604264][ T3313] mapped_file 4096
[  376.608045][ T3313] dirty 4096
[  376.611271][ T3313] writeback 0
[  376.614563][ T3313] workingset_refault_anon 180
[  376.619375][ T3313] workingset_refault_file 500
[  376.624150][ T3313] swap 44756992
[  376.627616][ T3313] swapcached 20480
[  376.631374][ T3313] pgpgin 639236
[  376.634843][ T3313] pgpgout 627908
[  376.638392][ T3313] pgfault 447357
[  376.641972][ T3313] pgmajfault 63
[  376.646930][ T3313] inactive_anon 36020224
[  376.651197][ T3313] active_anon 10301440
[  376.655298][ T3313] inactive_file 0
[  376.659032][ T3313] active_file 77824
[  376.663156][ T3313] unevictable 0
[  376.666621][ T3313] hierarchical_memory_limit 314572800
[  376.672134][ T3313] hierarchical_memsw_limit 9223372036854771712
[  376.678316][ T3313] total_cache 46051328
[  376.682517][ T3313] total_rss 327680
[  376.686273][ T3313] total_shmem 45973504
[  376.687742][T16167] SELinux: syz.2.3508 (16167) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  376.690339][ T3313] total_mapped_file 4096
[  376.708257][ T3313] total_dirty 4096
[  376.712015][ T3313] total_writeback 0
[  376.715871][ T3313] total_workingset_refault_anon 180
[  376.721079][ T3313] total_workingset_refault_file 500
[  376.726364][ T3313] total_swap 44756992
[  376.730477][ T3313] total_swapcached 20480
[  376.734761][ T3313] total_pgpgin 639236
[  376.738775][ T3313] total_pgpgout 627908
[  376.742984][ T3313] total_pgfault 447357
[  376.747074][ T3313] total_pgmajfault 63
[  376.751151][ T3313] total_inactive_anon 36020224
[  376.755963][ T3313] total_active_anon 10301440
[  376.760564][ T3313] total_inactive_file 0
[  376.764797][ T3313] total_active_file 77824
[  376.769154][ T3313] total_unevictable 0
[  376.773172][ T3313] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.3504,pid=16144,uid=0
[  376.788073][ T3313] Memory cgroup out of memory: Killed process 16144 (syz.1.3504) total-vm:95928kB, anon-rss:1064kB, file-rss:22568kB, shmem-rss:0kB, UID:0 pgtables:140kB oom_score_adj:1000
[  377.340290][T16168] syz.2.3508 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  377.350277][T16168] CPU: 1 UID: 0 PID: 16168 Comm: syz.2.3508 Not tainted 6.15.0-rc6-syzkaller-00278-g172a9d94339c #0 PREEMPT(voluntary) 
[  377.350313][T16168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  377.350329][T16168] Call Trace:
[  377.350338][T16168]  <TASK>
[  377.350349][T16168]  __dump_stack+0x1d/0x30
[  377.350432][T16168]  dump_stack_lvl+0xe8/0x140
[  377.350457][T16168]  dump_stack+0x15/0x1b
[  377.350478][T16168]  dump_header+0x81/0x220
[  377.350521][T16168]  oom_kill_process+0x334/0x3f0
[  377.350556][T16168]  out_of_memory+0x979/0xb80
[  377.350594][T16168]  ? css_next_descendant_pre+0x138/0x160
[  377.350624][T16168]  mem_cgroup_out_of_memory+0x13d/0x190
[  377.350722][T16168]  try_charge_memcg+0x5e2/0x870
[  377.350763][T16168]  charge_memcg+0x51/0xc0
[  377.350810][T16168]  __mem_cgroup_charge+0x28/0xb0
[  377.350843][T16168]  shmem_get_folio_gfp+0x470/0xd40
[  377.350893][T16168]  shmem_write_begin+0xa8/0x190
[  377.350948][T16168]  generic_perform_write+0x181/0x490
[  377.350996][T16168]  shmem_file_write_iter+0xc5/0xf0
[  377.351068][T16168]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  377.351185][T16168]  vfs_write+0x49d/0x8d0
[  377.351281][T16168]  ? _raw_spin_unlock+0x26/0x50
[  377.351401][T16168]  __x64_sys_pwrite64+0xfd/0x150
[  377.351496][T16168]  x64_sys_call+0xe45/0x2fb0
[  377.351576][T16168]  do_syscall_64+0xd0/0x1a0
[  377.351607][T16168]  ? clear_bhb_loop+0x40/0x90
[  377.351634][T16168]  ? clear_bhb_loop+0x40/0x90
[  377.351662][T16168]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  377.351690][T16168] RIP: 0033:0x7f2e1239e969
[  377.351760][T16168] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  377.351784][T16168] RSP: 002b:00007f2e109e6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000012
[  377.351809][T16168] RAX: ffffffffffffffda RBX: 00007f2e125c6080 RCX: 00007f2e1239e969
[  377.351825][T16168] RDX: 00000000200000c1 RSI: 00002000000000c0 RDI: 0000000000000008
[  377.351842][T16168] RBP: 00007f2e12420ab1 R08: 0000000000000000 R09: 0000000000000000
[  377.351858][T16168] R10: 0000000000009000 R11: 0000000000000246 R12: 0000000000000000
[  377.351915][T16168] R13: 0000000000000000 R14: 00007f2e125c6080 R15: 00007ffd18980488
[  377.351942][T16168]  </TASK>
[  377.573078][T16168] memory: usage 301480kB, limit 307200kB, failcnt 1709
[  377.579961][T16168] memory+swap: usage 353760kB, limit 9007199254740988kB, failcnt 0
[  377.587928][T16168] kmem: usage 280272kB, limit 9007199254740988kB, failcnt 0
[  377.595443][T16168] Memory cgroup stats for /syz2:
[  377.596032][   T29] kauditd_printk_skb: 519 callbacks suppressed
[  377.596047][   T29] audit: type=1326 audit(1747485699.722:22031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16163 comm="syz.5.3507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7f1a95f1e969 code=0x7ffc0000
[  377.631052][   T29] audit: type=1326 audit(1747485699.732:22032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16195 comm="syz.3.3514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4070cfe969 code=0x7ffc0000
[  377.654679][   T29] audit: type=1326 audit(1747485699.732:22033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16195 comm="syz.3.3514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4070cfe969 code=0x7ffc0000
[  377.711896][T16168] cache 20963328
[  377.715485][T16168] rss 389120
[  377.718699][T16168] shmem 20959232
[  377.722385][T16168] mapped_file 4096
[  377.726119][T16168] dirty 4096
[  377.729324][T16168] writeback 0
[  377.732652][T16168] workingset_refault_anon 0
[  377.737190][T16168] workingset_refault_file 438
[  377.742157][T16168] swap 53612544
[  377.745624][T16168] swapcached 286720
[  377.749502][T16168] pgpgin 771739
[  377.753024][T16168] pgpgout 766455
[  377.756608][T16168] pgfault 573223
[  377.760187][T16168] pgmajfault 37
[  377.763684][T16168] inactive_anon 15482880
[  377.767934][T16168] active_anon 6152192
[  377.771968][T16168] inactive_file 0
[  377.775720][T16168] active_file 8192
[  377.779457][T16168] unevictable 0
[  377.782992][T16168] hierarchical_memory_limit 314572800
[  377.788516][T16168] hierarchical_memsw_limit 9223372036854771712
[  377.794789][T16168] total_cache 20963328
[  377.798949][T16168] total_rss 389120
[  377.802709][T16168] total_shmem 20959232
[  377.806791][T16168] total_mapped_file 4096
[  377.811040][T16168] total_dirty 4096
[  377.814799][T16168] total_writeback 0
[  377.818621][T16168] total_workingset_refault_anon 0
[  377.823678][T16168] total_workingset_refault_file 438
[  377.828893][T16168] total_swap 53612544
[  377.832915][T16168] total_swapcached 286720
[  377.837251][T16168] total_pgpgin 771739
[  377.841272][T16168] total_pgpgout 766455
[  377.845350][T16168] total_pgfault 573223
[  377.849429][T16168] total_pgmajfault 37
[  377.853454][T16168] total_inactive_anon 15482880
[  377.858305][T16168] total_active_anon 6152192
[  377.862868][T16168] total_inactive_file 0
[  377.867085][T16168] total_active_file 8192
[  377.867094][T16168] total_unevictable 0
[  377.867101][T16168] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.3508,pid=16166,uid=0
[  377.867284][T16168] Memory cgroup out of memory: Killed process 16166 (syz.2.3508) total-vm:95928kB, anon-rss:1192kB, file-rss:22508kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000
[  377.907570][   T29] audit: type=1326 audit(1747485699.732:22034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16163 comm="syz.5.3507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7f1a95f1e969 code=0x7ffc0000
[  377.907609][   T29] audit: type=1326 audit(1747485699.732:22035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16163 comm="syz.5.3507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a95f1e969 code=0x7ffc0000
[  377.907739][   T29] audit: type=1326 audit(1747485699.732:22036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16163 comm="syz.5.3507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a95f1e969 code=0x7ffc0000
[  377.907772][   T29] audit: type=1326 audit(1747485699.822:22037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16195 comm="syz.3.3514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4070cfe969 code=0x7ffc0000
[  378.043902][T16210] SELinux: syz.0.3517 (16210) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  378.421803][   T29] audit: type=1326 audit(1747485700.552:22038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16219 comm="syz.1.3520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a5f94e969 code=0x7ffc0000
[  378.445578][   T29] audit: type=1326 audit(1747485700.552:22039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16219 comm="syz.1.3520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2a5f94e969 code=0x7ffc0000
[  378.469573][   T29] audit: type=1326 audit(1747485700.552:22040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16219 comm="syz.1.3520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a5f94e969 code=0x7ffc0000
[  378.607089][T16229] SELinux: syz.5.3521 (16229) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  379.552108][T16253] netlink: 2 bytes leftover after parsing attributes in process `syz.0.3527'.
[  379.563877][T16253] netlink: 'syz.0.3527': attribute type 3 has an invalid length.
[  379.571878][T16253] netlink: 132 bytes leftover after parsing attributes in process `syz.0.3527'.
[  381.242624][T16312] netlink: 2 bytes leftover after parsing attributes in process `syz.1.3539'.
[  381.254656][T16312] netlink: 'syz.1.3539': attribute type 3 has an invalid length.
[  381.262674][T16312] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3539'.
[  381.673908][T16326] SELinux: syz.2.3544 (16326) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  382.086138][T16338] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3547'.
[  382.196406][T16343] SELinux: syz.0.3549 (16343) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  382.468540][T16345] netlink: 'syz.1.3551': attribute type 7 has an invalid length.
[  382.476473][T16345] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3551'.
[  382.607738][   T29] kauditd_printk_skb: 356 callbacks suppressed
[  382.607791][   T29] audit: type=1326 audit(1747485704.742:22397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16347 comm="syz.5.3550" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7f1a95f1e969 code=0x7ffc0000
[  382.657666][   T29] audit: type=1326 audit(1747485704.772:22398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16347 comm="syz.5.3550" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7f1a95f1e969 code=0x7ffc0000
[  382.681365][   T29] audit: type=1326 audit(1747485704.792:22399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16347 comm="syz.5.3550" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7f1a95f1e969 code=0x7ffc0000
[  382.756676][   T29] audit: type=1326 audit(1747485704.852:22400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16347 comm="syz.5.3550" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7f1a95f1e969 code=0x7ffc0000
[  382.780409][   T29] audit: type=1326 audit(1747485704.862:22401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16347 comm="syz.5.3550" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7f1a95f1e969 code=0x7ffc0000
[  382.804060][   T29] audit: type=1326 audit(1747485704.872:22402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16347 comm="syz.5.3550" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7f1a95f1e969 code=0x7ffc0000
[  382.813146][T16360] netlink: 'syz.3.3553': attribute type 7 has an invalid length.
[  382.827741][   T29] audit: type=1326 audit(1747485704.882:22403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16347 comm="syz.5.3550" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7f1a95f1e969 code=0x7ffc0000
[  382.835503][T16360] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3553'.
[  382.859015][   T29] audit: type=1326 audit(1747485704.892:22404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16347 comm="syz.5.3550" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7f1a95f1e969 code=0x7ffc0000
[  383.001692][   T29] audit: type=1326 audit(1747485705.002:22405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16347 comm="syz.5.3550" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7f1a95f1e969 code=0x7ffc0000
[  383.025416][   T29] audit: type=1326 audit(1747485705.052:22406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16347 comm="syz.5.3550" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7f1a95f1e969 code=0x7ffc0000
[  383.069626][T16363] netlink: 'syz.1.3554': attribute type 7 has an invalid length.
[  383.077556][T16363] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3554'.
[  383.286039][T16390] SELinux: syz.2.3560 (16390) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  383.326298][T16394] SELinux: syz.5.3559 (16394) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  384.084106][T16440] 9pnet_fd: Insufficient options for proto=fd
[  384.515309][T16473] netlink: 'syz.2.3565': attribute type 7 has an invalid length.
[  384.523251][T16473] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3565'.
[  384.648870][T16491] 9pnet: Could not find request transport: fd0x0000000000000003
[  384.775795][T16494] netlink: 'syz.0.3571': attribute type 7 has an invalid length.
[  384.783640][T16494] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3571'.
[  384.856471][T16506] SELinux: syz.0.3574 (16506) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  385.015973][T16509] syz.0.3574 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  385.025938][T16509] CPU: 1 UID: 0 PID: 16509 Comm: syz.0.3574 Not tainted 6.15.0-rc6-syzkaller-00278-g172a9d94339c #0 PREEMPT(voluntary) 
[  385.025980][T16509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  385.025997][T16509] Call Trace:
[  385.026005][T16509]  <TASK>
[  385.026015][T16509]  __dump_stack+0x1d/0x30
[  385.026041][T16509]  dump_stack_lvl+0xe8/0x140
[  385.026063][T16509]  dump_stack+0x15/0x1b
[  385.026082][T16509]  dump_header+0x81/0x220
[  385.026153][T16509]  oom_kill_process+0x334/0x3f0
[  385.026184][T16509]  out_of_memory+0x979/0xb80
[  385.026208][T16509]  ? css_next_descendant_pre+0x138/0x160
[  385.026230][T16509]  mem_cgroup_out_of_memory+0x13d/0x190
[  385.026277][T16509]  try_charge_memcg+0x5e2/0x870
[  385.026308][T16509]  charge_memcg+0x51/0xc0
[  385.026336][T16509]  __mem_cgroup_charge+0x28/0xb0
[  385.026373][T16509]  shmem_get_folio_gfp+0x470/0xd40
[  385.026438][T16509]  shmem_write_begin+0xa8/0x190
[  385.026476][T16509]  generic_perform_write+0x181/0x490
[  385.026573][T16509]  shmem_file_write_iter+0xc5/0xf0
[  385.026612][T16509]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  385.026695][T16509]  vfs_write+0x49d/0x8d0
[  385.026736][T16509]  __x64_sys_pwrite64+0xfd/0x150
[  385.026772][T16509]  x64_sys_call+0xe45/0x2fb0
[  385.026798][T16509]  do_syscall_64+0xd0/0x1a0
[  385.026824][T16509]  ? clear_bhb_loop+0x40/0x90
[  385.026861][T16509]  ? clear_bhb_loop+0x40/0x90
[  385.026884][T16509]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  385.026910][T16509] RIP: 0033:0x7efdd8b5e969
[  385.026929][T16509] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  385.026952][T16509] RSP: 002b:00007efdd71a6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000012
[  385.026973][T16509] RAX: ffffffffffffffda RBX: 00007efdd8d86080 RCX: 00007efdd8b5e969
[  385.026985][T16509] RDX: 00000000200000c1 RSI: 00002000000000c0 RDI: 0000000000000008
[  385.027011][T16509] RBP: 00007efdd8be0ab1 R08: 0000000000000000 R09: 0000000000000000
[  385.027023][T16509] R10: 0000000000009000 R11: 0000000000000246 R12: 0000000000000000
[  385.027037][T16509] R13: 0000000000000000 R14: 00007efdd8d86080 R15: 00007ffd0240d1e8
[  385.027062][T16509]  </TASK>
[  385.027069][T16509] memory: usage 307200kB, limit 307200kB, failcnt 420
[  385.251351][T16509] memory+swap: usage 93852kB, limit 9007199254740988kB, failcnt 0
[  385.259332][T16509] kmem: usage 67688kB, limit 9007199254740988kB, failcnt 0
[  385.266592][T16509] Memory cgroup stats for /syz0:
[  385.267368][T16509] cache 2174976
[  385.275827][T16509] rss 221184
[  385.279073][T16509] shmem 2170880
[  385.282586][T16509] mapped_file 4096
[  385.286314][T16509] dirty 0
[  385.289430][T16509] writeback 0
[  385.292768][T16509] workingset_refault_anon 93
[  385.297388][T16509] workingset_refault_file 393
[  385.302121][T16509] swap 23810048
[  385.305603][T16509] swapcached 0
[  385.309027][T16509] pgpgin 642829
[  385.312565][T16509] pgpgout 642243
[  385.316122][T16509] pgfault 466378
[  385.319673][T16509] pgmajfault 52
[  385.323171][T16509] inactive_anon 1789952
[  385.327377][T16509] active_anon 602112
[  385.331350][T16509] inactive_file 0
[  385.335005][T16509] active_file 4096
[  385.338994][T16509] unevictable 0
[  385.342554][T16509] hierarchical_memory_limit 314572800
[  385.348163][T16509] hierarchical_memsw_limit 9223372036854771712
[  385.354382][T16509] total_cache 2174976
[  385.358439][T16509] total_rss 221184
[  385.362232][T16509] total_shmem 2170880
[  385.366287][T16509] total_mapped_file 4096
[  385.370548][T16509] total_dirty 0
[  385.374068][T16509] total_writeback 0
[  385.377967][T16509] total_workingset_refault_anon 93
[  385.383176][T16509] total_workingset_refault_file 393
[  385.388393][T16509] total_swap 23810048
[  385.392474][T16509] total_swapcached 0
[  385.396463][T16509] total_pgpgin 642829
[  385.400530][T16509] total_pgpgout 642243
[  385.404739][T16509] total_pgfault 466378
[  385.408906][T16509] total_pgmajfault 52
[  385.412987][T16509] total_inactive_anon 1789952
[  385.417765][T16509] total_active_anon 602112
[  385.422249][T16509] total_inactive_file 0
[  385.426419][T16509] total_active_file 4096
[  385.430726][T16509] total_unevictable 0
[  385.434786][T16509] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.3574,pid=16505,uid=0
[  385.449551][T16509] Memory cgroup out of memory: Killed process 16505 (syz.0.3574) total-vm:95928kB, anon-rss:1064kB, file-rss:22440kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  385.545600][T16516] SELinux: syz.1.3575 (16516) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  385.850624][T16532] netlink: 'syz.0.3579': attribute type 7 has an invalid length.
[  385.858496][T16532] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3579'.
[  385.872480][T16549] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3580'.
[  386.339452][T16516] syz.1.3575 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  386.353653][T16516] CPU: 0 UID: 0 PID: 16516 Comm: syz.1.3575 Not tainted 6.15.0-rc6-syzkaller-00278-g172a9d94339c #0 PREEMPT(voluntary) 
[  386.353689][T16516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  386.353702][T16516] Call Trace:
[  386.353740][T16516]  <TASK>
[  386.353747][T16516]  __dump_stack+0x1d/0x30
[  386.353769][T16516]  dump_stack_lvl+0xe8/0x140
[  386.353787][T16516]  dump_stack+0x15/0x1b
[  386.353808][T16516]  dump_header+0x81/0x220
[  386.353840][T16516]  oom_kill_process+0x334/0x3f0
[  386.353953][T16516]  out_of_memory+0x979/0xb80
[  386.353977][T16516]  ? css_next_descendant_pre+0x138/0x160
[  386.354002][T16516]  mem_cgroup_out_of_memory+0x13d/0x190
[  386.354073][T16516]  try_charge_memcg+0x5e2/0x870
[  386.354104][T16516]  obj_cgroup_charge_pages+0xb7/0x1a0
[  386.354182][T16516]  __memcg_kmem_charge_page+0x9f/0x170
[  386.354241][T16516]  __alloc_frozen_pages_noprof+0x188/0x360
[  386.354275][T16516]  alloc_pages_mpol+0xb3/0x250
[  386.354308][T16516]  alloc_pages_noprof+0x90/0x130
[  386.354342][T16516]  __vmalloc_node_range_noprof+0x6a4/0xdf0
[  386.354383][T16516]  __kvmalloc_node_noprof+0x2f3/0x4d0
[  386.354413][T16516]  ? ip_set_alloc+0x1f/0x30
[  386.354449][T16516]  ? ip_set_alloc+0x1f/0x30
[  386.354484][T16516]  ? __kmalloc_cache_noprof+0x189/0x320
[  386.354558][T16516]  ip_set_alloc+0x1f/0x30
[  386.354591][T16516]  hash_netiface_create+0x282/0x740
[  386.354629][T16516]  ? __pfx_hash_netiface_create+0x10/0x10
[  386.354667][T16516]  ip_set_create+0x3c9/0x960
[  386.354797][T16516]  ? __nla_parse+0x40/0x60
[  386.354820][T16516]  nfnetlink_rcv_msg+0x4c6/0x590
[  386.354863][T16516]  netlink_rcv_skb+0x123/0x220
[  386.354901][T16516]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  386.355053][T16516]  nfnetlink_rcv+0x16b/0x1690
[  386.355084][T16516]  ? dl_server_start+0x52/0xa0
[  386.355119][T16516]  ? enqueue_task_fair+0x8ac/0x990
[  386.355158][T16516]  ? _raw_spin_unlock+0x26/0x50
[  386.355258][T16516]  ? sched_balance_rq+0x1936/0x1e80
[  386.355401][T16516]  ? should_fail_ex+0x30/0x280
[  386.355464][T16516]  ? selinux_nlmsg_lookup+0x99/0x8b0
[  386.355489][T16516]  ? selinux_netlink_send+0x59f/0x5f0
[  386.355582][T16516]  ? __rcu_read_unlock+0x34/0x70
[  386.355648][T16516]  ? __netlink_lookup+0x266/0x2a0
[  386.355678][T16516]  netlink_unicast+0x5a1/0x670
[  386.355726][T16516]  netlink_sendmsg+0x58b/0x6b0
[  386.355747][T16516]  ? __pfx_netlink_sendmsg+0x10/0x10
[  386.355774][T16516]  __sock_sendmsg+0x145/0x180
[  386.355847][T16516]  ____sys_sendmsg+0x31e/0x4e0
[  386.355876][T16516]  ___sys_sendmsg+0x17b/0x1d0
[  386.355909][T16516]  __x64_sys_sendmsg+0xd4/0x160
[  386.355936][T16516]  x64_sys_call+0x2999/0x2fb0
[  386.355986][T16516]  do_syscall_64+0xd0/0x1a0
[  386.356062][T16516]  ? clear_bhb_loop+0x40/0x90
[  386.356088][T16516]  ? clear_bhb_loop+0x40/0x90
[  386.356109][T16516]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  386.356129][T16516] RIP: 0033:0x7f2a5f94e969
[  386.356146][T16516] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  386.356247][T16516] RSP: 002b:00007f2a5dfb7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  386.356268][T16516] RAX: ffffffffffffffda RBX: 00007f2a5fb75fa0 RCX: 00007f2a5f94e969
[  386.356283][T16516] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000007
[  386.356366][T16516] RBP: 00007f2a5f9d0ab1 R08: 0000000000000000 R09: 0000000000000000
[  386.356421][T16516] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  386.356434][T16516] R13: 0000000000000000 R14: 00007f2a5fb75fa0 R15: 00007ffc42fc9e88
[  386.356456][T16516]  </TASK>
[  386.356464][T16516] memory: usage 307200kB, limit 307200kB, failcnt 1720
[  386.567185][T16569] 9pnet: Could not find request transport: fd0x0000000000000003
[  386.571828][T16516] memory+swap: usage 350896kB, limit 9007199254740988kB, failcnt 0
[  386.571848][T16516] kmem: usage 255420kB, limit 9007199254740988kB, failcnt 0
[  386.571864][T16516] Memory cgroup stats for /syz1:
[  386.736825][T16516] cache 52662272
[  386.745423][T16516] rss 327680
[  386.748675][T16516] shmem 52662272
[  386.752263][T16516] mapped_file 0
[  386.755800][T16516] dirty 0
[  386.758749][T16516] writeback 0
[  386.762108][T16516] workingset_refault_anon 183
[  386.766951][T16516] workingset_refault_file 672
[  386.771701][T16516] swap 44744704
[  386.775257][T16516] swapcached 32768
[  386.778993][T16516] pgpgin 654190
[  386.782655][T16516] pgpgout 641245
[  386.786240][T16516] pgfault 461502
[  386.789871][T16516] pgmajfault 73
[  386.793361][T16516] inactive_anon 38150144
[  386.797616][T16516] active_anon 14872576
[  386.801728][T16516] inactive_file 0
[  386.805440][T16516] active_file 0
[  386.808906][T16516] unevictable 0
[  386.812401][T16516] hierarchical_memory_limit 314572800
[  386.817784][T16516] hierarchical_memsw_limit 9223372036854771712
[  386.824029][T16516] total_cache 52662272
[  386.828299][T16516] total_rss 327680
[  386.832068][T16516] total_shmem 52662272
[  386.836377][T16516] total_mapped_file 0
[  386.840421][T16516] total_dirty 0
[  386.844321][T16516] total_writeback 0
[  386.848210][T16516] total_workingset_refault_anon 183
[  386.853445][T16516] total_workingset_refault_file 672
[  386.858678][T16516] total_swap 44744704
[  386.862681][T16516] total_swapcached 32768
[  386.866987][T16516] total_pgpgin 654190
[  386.870977][T16516] total_pgpgout 641245
[  386.875211][T16516] total_pgfault 461502
[  386.879371][T16516] total_pgmajfault 73
[  386.883394][T16516] total_inactive_anon 38150144
[  386.888278][T16516] total_active_anon 14872576
[  386.893007][T16516] total_inactive_file 0
[  386.897153][T16516] total_active_file 0
[  386.901126][T16516] total_unevictable 0
[  386.905305][T16516] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.3575,pid=16515,uid=0
[  386.920023][T16516] Memory cgroup out of memory: Killed process 16515 (syz.1.3575) total-vm:95928kB, anon-rss:1064kB, file-rss:22440kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000
[  387.034814][T16591] SELinux: syz.2.3588 (16591) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  387.290887][T16593] syz.2.3588 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  387.300903][T16593] CPU: 1 UID: 0 PID: 16593 Comm: syz.2.3588 Not tainted 6.15.0-rc6-syzkaller-00278-g172a9d94339c #0 PREEMPT(voluntary) 
[  387.300929][T16593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  387.300946][T16593] Call Trace:
[  387.300955][T16593]  <TASK>
[  387.300964][T16593]  __dump_stack+0x1d/0x30
[  387.301002][T16593]  dump_stack_lvl+0xe8/0x140
[  387.301075][T16593]  dump_stack+0x15/0x1b
[  387.301167][T16593]  dump_header+0x81/0x220
[  387.301202][T16593]  oom_kill_process+0x334/0x3f0
[  387.301239][T16593]  out_of_memory+0x979/0xb80
[  387.301272][T16593]  ? css_next_descendant_pre+0x138/0x160
[  387.301302][T16593]  mem_cgroup_out_of_memory+0x13d/0x190
[  387.301349][T16593]  try_charge_memcg+0x5e2/0x870
[  387.301387][T16593]  charge_memcg+0x51/0xc0
[  387.301410][T16593]  __mem_cgroup_charge+0x28/0xb0
[  387.301439][T16593]  shmem_get_folio_gfp+0x470/0xd40
[  387.301472][T16593]  shmem_write_begin+0xa8/0x190
[  387.301579][T16593]  generic_perform_write+0x181/0x490
[  387.301619][T16593]  shmem_file_write_iter+0xc5/0xf0
[  387.301651][T16593]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  387.301690][T16593]  vfs_write+0x49d/0x8d0
[  387.301731][T16593]  ? _raw_spin_unlock+0x26/0x50
[  387.301775][T16593]  __x64_sys_pwrite64+0xfd/0x150
[  387.301812][T16593]  x64_sys_call+0xe45/0x2fb0
[  387.301880][T16593]  do_syscall_64+0xd0/0x1a0
[  387.301911][T16593]  ? clear_bhb_loop+0x40/0x90
[  387.301939][T16593]  ? clear_bhb_loop+0x40/0x90
[  387.302022][T16593]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  387.302050][T16593] RIP: 0033:0x7f2e1239e969
[  387.302068][T16593] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  387.302086][T16593] RSP: 002b:00007f2e109e6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000012
[  387.302104][T16593] RAX: ffffffffffffffda RBX: 00007f2e125c6080 RCX: 00007f2e1239e969
[  387.302116][T16593] RDX: 00000000200000c1 RSI: 00002000000000c0 RDI: 0000000000000006
[  387.302159][T16593] RBP: 00007f2e12420ab1 R08: 0000000000000000 R09: 0000000000000000
[  387.302173][T16593] R10: 0000000000009000 R11: 0000000000000246 R12: 0000000000000000
[  387.302184][T16593] R13: 0000000000000000 R14: 00007f2e125c6080 R15: 00007ffd18980488
[  387.302203][T16593]  </TASK>
[  387.523393][T16593] memory: usage 57368kB, limit 307200kB, failcnt 2069
[  387.530216][T16593] memory+swap: usage 114632kB, limit 9007199254740988kB, failcnt 0
[  387.538221][T16593] kmem: usage 36888kB, limit 9007199254740988kB, failcnt 0
[  387.545523][T16593] Memory cgroup stats for /syz2:
[  387.563708][T16593] cache 16650240
[  387.572248][T16593] rss 389120
[  387.575465][T16593] shmem 16646144
[  387.579079][T16593] mapped_file 4096
[  387.582831][T16593] dirty 0
[  387.585773][T16593] writeback 0
[  387.589065][T16593] workingset_refault_anon 0
[  387.593652][T16593] workingset_refault_file 632
[  387.598346][T16593] swap 58638336
[  387.601870][T16593] swapcached 405504
[  387.605966][T16593] pgpgin 802650
[  387.609494][T16593] pgpgout 798390
[  387.613082][T16593] pgfault 599056
[  387.616653][T16593] pgmajfault 45
[  387.620132][T16593] inactive_anon 6213632
[  387.624356][T16593] active_anon 11227136
[  387.628452][T16593] inactive_file 0
[  387.632126][T16593] active_file 8192
[  387.635862][T16593] unevictable 0
[  387.639332][T16593] hierarchical_memory_limit 314572800
[  387.644751][T16593] hierarchical_memsw_limit 9223372036854771712
[  387.650975][T16593] total_cache 16650240
[  387.655285][T16593] total_rss 389120
[  387.659019][T16593] total_shmem 16646144
[  387.663132][T16593] total_mapped_file 4096
[  387.667389][T16593] total_dirty 0
[  387.670867][T16593] total_writeback 0
[  387.674740][T16593] total_workingset_refault_anon 0
[  387.679776][T16593] total_workingset_refault_file 632
[  387.685008][T16593] total_swap 58638336
[  387.689056][T16593] total_swapcached 405504
[  387.693431][T16593] total_pgpgin 802650
[  387.697504][T16593] total_pgpgout 798390
[  387.701697][T16593] total_pgfault 599056
[  387.705801][T16593] total_pgmajfault 45
[  387.709792][T16593] total_inactive_anon 6213632
[  387.714523][T16593] total_active_anon 11227136
[  387.719616][T16593] total_inactive_file 0
[  387.723797][T16593] total_active_file 8192
[  387.728039][T16593] total_unevictable 0
[  387.732054][T16593] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.3588,pid=16590,uid=0
[  387.746993][T16593] Memory cgroup out of memory: Killed process 16590 (syz.2.3588) total-vm:95928kB, anon-rss:1192kB, file-rss:22440kB, shmem-rss:0kB, UID:0 pgtables:140kB oom_score_adj:1000
[  387.773833][T16602] SELinux: syz.1.3591 (16602) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  387.847236][T16601] netlink: 'syz.3.3590': attribute type 7 has an invalid length.
[  387.855041][T16601] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3590'.
[  387.886082][T16608] 9pnet: Could not find request transport: fd0x0000000000000003
[  387.913740][T16613] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3595'.
[  387.923183][   T29] kauditd_printk_skb: 1143 callbacks suppressed
[  387.923200][   T29] audit: type=1400 audit(1747485710.042:23550): avc:  denied  { create } for  pid=16610 comm="syz.5.3592" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  387.943899][T16615] SELinux: syz.0.3596 (16615) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  388.152092][T16622] netlink: 'syz.5.3598': attribute type 7 has an invalid length.
[  388.159884][T16622] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3598'.
[  388.187276][T16616] syz.1.3591 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  388.197218][T16616] CPU: 0 UID: 0 PID: 16616 Comm: syz.1.3591 Not tainted 6.15.0-rc6-syzkaller-00278-g172a9d94339c #0 PREEMPT(voluntary) 
[  388.197245][T16616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  388.197257][T16616] Call Trace:
[  388.197263][T16616]  <TASK>
[  388.197271][T16616]  __dump_stack+0x1d/0x30
[  388.197359][T16616]  dump_stack_lvl+0xe8/0x140
[  388.197456][T16616]  dump_stack+0x15/0x1b
[  388.197555][T16616]  dump_header+0x81/0x220
[  388.197598][T16616]  oom_kill_process+0x334/0x3f0
[  388.197664][T16616]  out_of_memory+0x979/0xb80
[  388.197688][T16616]  ? css_next_descendant_pre+0x138/0x160
[  388.197715][T16616]  mem_cgroup_out_of_memory+0x13d/0x190
[  388.197765][T16616]  try_charge_memcg+0x5e2/0x870
[  388.197841][T16616]  charge_memcg+0x51/0xc0
[  388.197865][T16616]  __mem_cgroup_charge+0x28/0xb0
[  388.197897][T16616]  shmem_get_folio_gfp+0x470/0xd40
[  388.197941][T16616]  shmem_write_begin+0xa8/0x190
[  388.197987][T16616]  generic_perform_write+0x181/0x490
[  388.198028][T16616]  shmem_file_write_iter+0xc5/0xf0
[  388.198138][T16616]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  388.198186][T16616]  vfs_write+0x49d/0x8d0
[  388.198282][T16616]  ? _raw_spin_unlock+0x26/0x50
[  388.198318][T16616]  __x64_sys_pwrite64+0xfd/0x150
[  388.198358][T16616]  x64_sys_call+0xe45/0x2fb0
[  388.198386][T16616]  do_syscall_64+0xd0/0x1a0
[  388.198456][T16616]  ? clear_bhb_loop+0x40/0x90
[  388.198477][T16616]  ? clear_bhb_loop+0x40/0x90
[  388.198501][T16616]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  388.198591][T16616] RIP: 0033:0x7f2a5f94e969
[  388.198606][T16616] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  388.198630][T16616] RSP: 002b:00007f2a5df96038 EFLAGS: 00000246 ORIG_RAX: 0000000000000012
[  388.198652][T16616] RAX: ffffffffffffffda RBX: 00007f2a5fb76080 RCX: 00007f2a5f94e969
[  388.198664][T16616] RDX: 00000000200000c1 RSI: 00002000000000c0 RDI: 0000000000000006
[  388.198719][T16616] RBP: 00007f2a5f9d0ab1 R08: 0000000000000000 R09: 0000000000000000
[  388.198734][T16616] R10: 0000000000009000 R11: 0000000000000246 R12: 0000000000000000
[  388.198751][T16616] R13: 0000000000000000 R14: 00007f2a5fb76080 R15: 00007ffc42fc9e88
[  388.198774][T16616]  </TASK>
[  388.198782][T16616] memory: usage 307200kB, limit 307200kB, failcnt 1884
[  388.264943][   T29] audit: type=1400 audit(1747485710.382:23551): avc:  denied  { setopt } for  pid=16627 comm="syz.2.3601" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  388.266516][T16616] memory+swap: usage 350896kB, limit 9007199254740988kB, failcnt 0
[  388.271395][   T29] audit: type=1404 audit(1747485710.402:23552): enforcing=1 old_enforcing=0 auid=4294967295 ses=4294967295 enabled=1 old-enabled=1 lsm=selinux res=1
[  388.285480][   T29] audit: type=1400 audit(1747485710.422:23553): avc:  denied  { prog_load } for  pid=16632 comm="syz.5.3602" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  388.286018][T16616] kmem: usage 264076kB, limit 9007199254740988kB, failcnt 0
[  388.294561][   T29] audit: type=1400 audit(1747485710.432:23554): avc:  denied  { execute } for  pid=16632 comm="syz.5.3602" name="file1" dev="tmpfs" ino=180 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=0
[  388.296217][T16616] Memory cgroup stats for /syz1:
[  388.520975][   T29] audit: type=1400 audit(1747485710.442:23555): avc:  denied  { prog_load } for  pid=16627 comm="syz.2.3601" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  388.521332][T16616] cache 43798528
[  388.525969][   T29] audit: type=1400 audit(1747485710.452:23556): avc:  denied  { create } for  pid=16627 comm="syz.2.3601" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=0
[  388.545117][T16616] rss 327680
[  388.545128][T16616] shmem 43798528
[  388.548701][   T29] audit: type=1400 audit(1747485710.452:23557): avc:  denied  { map_create } for  pid=16627 comm="syz.2.3601" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  388.568256][T16616] mapped_file 0
[  388.568267][T16616] dirty 0
[  388.568276][T16616] writeback 0
[  388.571545][   T29] audit: type=1400 audit(1747485710.452:23558): avc:  denied  { prog_load } for  pid=16627 comm="syz.2.3601" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  388.575021][T16616] workingset_refault_anon 183
[  388.575032][T16616] workingset_refault_file 673
[  388.594359][   T29] audit: type=1400 audit(1747485710.452:23559): avc:  denied  { prog_load } for  pid=16627 comm="syz.2.3601" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  388.597817][T16616] swap 44744704
[  388.597828][T16616] swapcached 32768
[  388.603874][T16634] netlink: 'syz.3.3600': attribute type 7 has an invalid length.
[  388.604042][T16616] pgpgin 656650
[  388.604052][T16616] pgpgout 645869
[  388.604059][T16616] pgfault 464085
[  388.604066][T16616] pgmajfault 74
[  388.604072][T16616] inactive_anon 43778048
[  388.623358][T16634] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3600'.
[  388.627991][T16616] active_anon 380928
[  388.628003][T16616] inactive_file 0
[  388.701996][T16616] active_file 0
[  388.705476][T16616] unevictable 0
[  388.709131][T16616] hierarchical_memory_limit 314572800
[  388.714610][T16616] hierarchical_memsw_limit 9223372036854771712
[  388.720872][T16616] total_cache 43798528
[  388.725104][T16616] total_rss 327680
[  388.728829][T16616] total_shmem 43798528
[  388.732975][T16616] total_mapped_file 0
[  388.736985][T16616] total_dirty 0
[  388.740452][T16616] total_writeback 0
[  388.744365][T16616] total_workingset_refault_anon 183
[  388.749578][T16616] total_workingset_refault_file 673
[  388.754850][T16616] total_swap 44744704
[  388.758851][T16616] total_swapcached 32768
[  388.763285][T16616] total_pgpgin 656650
[  388.767444][T16616] total_pgpgout 645869
[  388.771573][T16616] total_pgfault 464085
[  388.775727][T16616] total_pgmajfault 74
[  388.779847][T16616] total_inactive_anon 43778048
[  388.784643][T16616] total_active_anon 380928
[  388.789141][T16616] total_inactive_file 0
[  388.793466][T16616] total_active_file 0
[  388.797657][T16616] total_unevictable 0
[  388.801668][T16616] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.3591,pid=16599,uid=0
[  388.816452][T16616] Memory cgroup out of memory: Killed process 16599 (syz.1.3591) total-vm:95928kB, anon-rss:1192kB, file-rss:22568kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000
[  388.904136][T16650] netem: incorrect ge model size
[  388.942701][T16654] SELinux: syz.2.3611 (16654) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  389.081376][T16665] netem: incorrect ge model size
[  389.303083][T16680] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.3620'.
[  389.320514][T16679] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.3620'.
[  389.383544][T16690] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3625'.
[  389.445195][T16697] SELinux: syz.2.3628 (16697) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  389.941000][T16720] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3637'.
[  390.814313][T16759] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.3650'.
[  390.823958][T16757] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.3650'.
[  391.046394][T16779] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.3659'.
[  391.056289][T16778] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.3659'.
[  391.336477][T16791] netlink: 'syz.1.3663': attribute type 3 has an invalid length.
[  391.338435][T16793] SELinux: syz.2.3664 (16793) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  391.344271][T16791] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3663'.
[  391.375823][T16795] SELinux: syz.1.3665 (16795) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  391.938104][T16808] SELinux: syz.2.3669 (16808) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  392.193665][T16824] netlink: 'syz.3.3675': attribute type 3 has an invalid length.
[  392.201557][T16824] netlink: 132 bytes leftover after parsing attributes in process `syz.3.3675'.
[  392.415901][T16820] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3676'.
[  392.936096][   T29] kauditd_printk_skb: 810 callbacks suppressed
[  392.936113][   T29] audit: type=1400 audit(1747485715.072:24370): avc:  denied  { create } for  pid=16858 comm="syz.0.3688" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_scsitransport_socket permissive=0
[  392.964280][   T29] audit: type=1326 audit(1747485715.072:24371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16851 comm="syz.3.3686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f4070cf5927 code=0x7ffc0000
[  392.988116][   T29] audit: type=1326 audit(1747485715.072:24372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16851 comm="syz.3.3686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f4070c9ab39 code=0x7ffc0000
[  393.011774][   T29] audit: type=1326 audit(1747485715.072:24373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16851 comm="syz.3.3686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4070cfe969 code=0x7ffc0000
[  393.035476][   T29] audit: type=1326 audit(1747485715.082:24374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16851 comm="syz.3.3686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f4070cf5927 code=0x7ffc0000
[  393.059086][   T29] audit: type=1326 audit(1747485715.082:24375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16851 comm="syz.3.3686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f4070c9ab39 code=0x7ffc0000
[  393.059123][   T29] audit: type=1326 audit(1747485715.082:24376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16851 comm="syz.3.3686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4070cfe969 code=0x7ffc0000
[  393.059217][   T29] audit: type=1326 audit(1747485715.092:24377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16851 comm="syz.3.3686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f4070cf5927 code=0x7ffc0000
[  393.059248][   T29] audit: type=1326 audit(1747485715.092:24378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16851 comm="syz.3.3686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f4070c9ab39 code=0x7ffc0000
[  393.059280][   T29] audit: type=1326 audit(1747485715.092:24379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16851 comm="syz.3.3686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4070cfe969 code=0x7ffc0000
[  393.595060][T16890] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.3698'.
[  393.607936][T16888] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.3698'.
[  393.665449][T16896] netlink: 'syz.3.3701': attribute type 3 has an invalid length.
[  393.760516][T16894] netlink: 'syz.1.3700': attribute type 7 has an invalid length.
[  395.436197][T16957] __nla_validate_parse: 9 callbacks suppressed
[  395.436233][T16957] netlink: 16402 bytes leftover after parsing attributes in process `syz.5.3722'.
[  395.452107][T16956] netlink: 16402 bytes leftover after parsing attributes in process `syz.5.3722'.
[  396.023861][T16989] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.3734'.
[  396.034637][T16986] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.3734'.
[  396.366372][T17007] netlink: 'syz.0.3742': attribute type 3 has an invalid length.
[  396.374208][T17007] netlink: 132 bytes leftover after parsing attributes in process `syz.0.3742'.
[  396.416475][T17014] netlink: 'syz.3.3745': attribute type 3 has an invalid length.
[  396.424364][T17014] netlink: 132 bytes leftover after parsing attributes in process `syz.3.3745'.
[  396.473782][T17021] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.3746'.
[  396.490829][T17016] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.3746'.
[  396.591531][T17025] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.3749'.
[  396.601106][T17023] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.3749'.
[  396.831065][T17039] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=25974 sclass=netlink_route_socket pid=17039 comm=syz.3.3754
[  396.886948][T17043] SELinux: syz.1.3756 (17043) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  397.085198][T17048] netlink: 'syz.2.3758': attribute type 7 has an invalid length.
[  397.134646][T17052] netlink: 'syz.0.3760': attribute type 3 has an invalid length.
[  397.202483][T17058] SELinux: syz.0.3763 (17058) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  397.374443][T17076] SELinux: syz.1.3770 (17076) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  397.739941][T17083] netlink: 'syz.0.3771': attribute type 7 has an invalid length.
[  398.126014][   T29] kauditd_printk_skb: 1094 callbacks suppressed
[  398.126031][   T29] audit: type=1400 audit(1747485720.262:25474): avc:  denied  { map_create } for  pid=17097 comm="syz.5.3777" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  398.161258][   T29] audit: type=1400 audit(1747485720.292:25475): avc:  denied  { prog_load } for  pid=17097 comm="syz.5.3777" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  398.180591][   T29] audit: type=1400 audit(1747485720.292:25476): avc:  denied  { prog_load } for  pid=17097 comm="syz.5.3777" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  398.199889][   T29] audit: type=1400 audit(1747485720.292:25477): avc:  denied  { map_create } for  pid=17097 comm="syz.5.3777" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  398.219250][   T29] audit: type=1400 audit(1747485720.292:25478): avc:  denied  { prog_load } for  pid=17097 comm="syz.5.3777" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  398.238520][   T29] audit: type=1400 audit(1747485720.292:25479): avc:  denied  { create } for  pid=17097 comm="syz.5.3777" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=0
[  398.258144][   T29] audit: type=1400 audit(1747485720.292:25480): avc:  denied  { map_create } for  pid=17097 comm="syz.5.3777" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=0
[  398.277526][   T29] audit: type=1400 audit(1747485720.292:25481): avc:  denied  { create } for  pid=17097 comm="syz.5.3777" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=0
[  398.297115][   T29] audit: type=1400 audit(1747485720.292:25482): avc:  denied  { create } for  pid=17097 comm="syz.5.3777" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=0
[  398.316722][   T29] audit: type=1400 audit(1747485720.292:25483): avc:  denied  { create } for  pid=17097 comm="syz.5.3777" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=0
[  398.437438][T17104] netlink: 'syz.3.3780': attribute type 3 has an invalid length.
[  398.537028][T17110] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=25974 sclass=netlink_route_socket pid=17110 comm=syz.1.3782
[  398.635063][T17112] netlink: 'syz.0.3783': attribute type 3 has an invalid length.
[  398.721055][T17118] netlink: 'syz.2.3786': attribute type 3 has an invalid length.
[  399.160861][T17134] netlink: 'syz.2.3792': attribute type 3 has an invalid length.
[  399.326129][T17140] netlink: 'syz.1.3795': attribute type 3 has an invalid length.
[  400.547912][T17209] __nla_validate_parse: 18 callbacks suppressed
[  400.547931][T17209] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3823'.
[  400.750894][T17233] FAULT_INJECTION: forcing a failure.
[  400.750894][T17233] name failslab, interval 1, probability 0, space 0, times 1
[  400.763635][T17233] CPU: 1 UID: 0 PID: 17233 Comm: syz.1.3833 Not tainted 6.15.0-rc6-syzkaller-00278-g172a9d94339c #0 PREEMPT(voluntary) 
[  400.763671][T17233] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  400.763687][T17233] Call Trace:
[  400.763774][T17233]  <TASK>
[  400.763782][T17233]  __dump_stack+0x1d/0x30
[  400.763808][T17233]  dump_stack_lvl+0xe8/0x140
[  400.763831][T17233]  dump_stack+0x15/0x1b
[  400.763852][T17233]  should_fail_ex+0x265/0x280
[  400.763893][T17233]  ? __se_sys_memfd_create+0x1cc/0x590
[  400.763944][T17233]  should_failslab+0x8c/0xb0
[  400.763982][T17233]  __kmalloc_cache_noprof+0x4c/0x320
[  400.764008][T17233]  ? fput+0x8f/0xc0
[  400.764042][T17233]  __se_sys_memfd_create+0x1cc/0x590
[  400.764121][T17233]  __x64_sys_memfd_create+0x31/0x40
[  400.764205][T17233]  x64_sys_call+0x122f/0x2fb0
[  400.764230][T17233]  do_syscall_64+0xd0/0x1a0
[  400.764257][T17233]  ? clear_bhb_loop+0x40/0x90
[  400.764281][T17233]  ? clear_bhb_loop+0x40/0x90
[  400.764319][T17233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  400.764344][T17233] RIP: 0033:0x7f2a5f94e969
[  400.764361][T17233] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  400.764382][T17233] RSP: 002b:00007f2a5dfb6e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  400.764404][T17233] RAX: ffffffffffffffda RBX: 000000000000052e RCX: 00007f2a5f94e969
[  400.764417][T17233] RDX: 00007f2a5dfb6ef0 RSI: 0000000000000000 RDI: 00007f2a5f9d1444
[  400.764433][T17233] RBP: 0000200000000600 R08: 00007f2a5dfb6bb7 R09: 00007f2a5dfb6e40
[  400.764456][T17233] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000580
[  400.764469][T17233] R13: 00007f2a5dfb6ef0 R14: 00007f2a5dfb6eb0 R15: 00002000000005c0
[  400.764490][T17233]  </TASK>
[  401.001077][T17242] FAULT_INJECTION: forcing a failure.
[  401.001077][T17242] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  401.014356][T17242] CPU: 0 UID: 0 PID: 17242 Comm: syz.5.3837 Not tainted 6.15.0-rc6-syzkaller-00278-g172a9d94339c #0 PREEMPT(voluntary) 
[  401.014390][T17242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  401.014462][T17242] Call Trace:
[  401.014469][T17242]  <TASK>
[  401.014478][T17242]  __dump_stack+0x1d/0x30
[  401.014502][T17242]  dump_stack_lvl+0xe8/0x140
[  401.014524][T17242]  dump_stack+0x15/0x1b
[  401.014543][T17242]  should_fail_ex+0x265/0x280
[  401.014643][T17242]  should_fail+0xb/0x20
[  401.014678][T17242]  should_fail_usercopy+0x1a/0x20
[  401.014700][T17242]  _copy_from_user+0x1c/0xb0
[  401.014726][T17242]  __sys_bind+0x106/0x2a0
[  401.014837][T17242]  __x64_sys_bind+0x3f/0x50
[  401.014870][T17242]  x64_sys_call+0x2086/0x2fb0
[  401.014894][T17242]  do_syscall_64+0xd0/0x1a0
[  401.014922][T17242]  ? clear_bhb_loop+0x40/0x90
[  401.014946][T17242]  ? clear_bhb_loop+0x40/0x90
[  401.014998][T17242]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  401.015055][T17242] RIP: 0033:0x7f1a95f1e969
[  401.015072][T17242] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  401.015093][T17242] RSP: 002b:00007f1a94587038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  401.015114][T17242] RAX: ffffffffffffffda RBX: 00007f1a96145fa0 RCX: 00007f1a95f1e969
[  401.015129][T17242] RDX: 000000000000006e RSI: 0000200000000280 RDI: 0000000000000003
[  401.015143][T17242] RBP: 00007f1a94587090 R08: 0000000000000000 R09: 0000000000000000
[  401.015212][T17242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  401.015226][T17242] R13: 0000000000000000 R14: 00007f1a96145fa0 R15: 00007ffe168e4a48
[  401.015248][T17242]  </TASK>
[  401.191886][T17243] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.3836'.
[  401.201551][T17240] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.3836'.
[  401.290701][T17248] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3839'.
[  401.548304][T17273] validate_nla: 4 callbacks suppressed
[  401.548323][T17273] netlink: 'syz.3.3851': attribute type 7 has an invalid length.
[  401.548639][T17275] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3852'.
[  401.553907][T17273] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3851'.
[  401.623780][T17286] FAULT_INJECTION: forcing a failure.
[  401.623780][T17286] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  401.637278][T17286] CPU: 1 UID: 0 PID: 17286 Comm: syz.2.3856 Not tainted 6.15.0-rc6-syzkaller-00278-g172a9d94339c #0 PREEMPT(voluntary) 
[  401.637313][T17286] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  401.637329][T17286] Call Trace:
[  401.637337][T17286]  <TASK>
[  401.637346][T17286]  __dump_stack+0x1d/0x30
[  401.637446][T17286]  dump_stack_lvl+0xe8/0x140
[  401.637466][T17286]  dump_stack+0x15/0x1b
[  401.637481][T17286]  should_fail_ex+0x265/0x280
[  401.637516][T17286]  should_fail_alloc_page+0xf2/0x100
[  401.637607][T17286]  __alloc_frozen_pages_noprof+0xff/0x360
[  401.637646][T17286]  alloc_pages_mpol+0xb3/0x250
[  401.637686][T17286]  vma_alloc_folio_noprof+0x1aa/0x300
[  401.637718][T17286]  handle_mm_fault+0x1056/0x2ae0
[  401.637768][T17286]  ? mas_walk+0xf2/0x120
[  401.637794][T17286]  do_user_addr_fault+0x636/0x1090
[  401.637884][T17286]  exc_page_fault+0x54/0xc0
[  401.637903][T17286]  asm_exc_page_fault+0x26/0x30
[  401.637923][T17286] RIP: 0033:0x7f2e1226ffd6
[  401.637984][T17286] Code: 00 00 00 00 41 57 31 c0 41 56 49 89 d6 41 55 49 89 f5 48 89 d6 41 54 49 89 fc 48 8d 3d e6 1e 1b 00 55 53 48 81 ec 88 20 00 00 <48> 89 0c 24 4c 89 44 24 08 e8 3c e0 fe ff 4d 85 f6 0f 84 46 0a 00
[  401.638008][T17286] RSP: 002b:00007f2e10a04f70 EFLAGS: 00010202
[  401.638028][T17286] RAX: 0000000000000000 RBX: 00007f2e125c5fa0 RCX: 0000000000000000
[  401.638042][T17286] RDX: 0000200000000080 RSI: 0000200000000080 RDI: 00007f2e12421eb3
[  401.638058][T17286] RBP: 00007f2e10a07090 R08: 00007f2e1225e350 R09: 0000000000000000
[  401.638074][T17286] R10: 0000000000000003 R11: 0000200000000080 R12: 0000000000000003
[  401.638125][T17286] R13: 000000000000005a R14: 0000200000000080 R15: 00007ffd18980488
[  401.638149][T17286]  </TASK>
[  401.638159][T17286] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  401.645957][T17289] FAULT_INJECTION: forcing a failure.
[  401.645957][T17289] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  401.826040][T17289] CPU: 0 UID: 0 PID: 17289 Comm: syz.0.3859 Not tainted 6.15.0-rc6-syzkaller-00278-g172a9d94339c #0 PREEMPT(voluntary) 
[  401.826069][T17289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  401.826081][T17289] Call Trace:
[  401.826088][T17289]  <TASK>
[  401.826098][T17289]  __dump_stack+0x1d/0x30
[  401.826123][T17289]  dump_stack_lvl+0xe8/0x140
[  401.826168][T17289]  dump_stack+0x15/0x1b
[  401.826183][T17289]  should_fail_ex+0x265/0x280
[  401.826215][T17289]  should_fail+0xb/0x20
[  401.826244][T17289]  should_fail_usercopy+0x1a/0x20
[  401.826302][T17289]  _copy_to_user+0x20/0xa0
[  401.826328][T17289]  simple_read_from_buffer+0xb5/0x130
[  401.826366][T17289]  proc_fail_nth_read+0x100/0x140
[  401.826400][T17289]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  401.826488][T17289]  vfs_read+0x19d/0x6f0
[  401.826520][T17289]  ? __rcu_read_unlock+0x4f/0x70
[  401.826547][T17289]  ? __fget_files+0x184/0x1c0
[  401.826578][T17289]  ksys_read+0xda/0x1a0
[  401.826613][T17289]  __x64_sys_read+0x40/0x50
[  401.826662][T17289]  x64_sys_call+0x2d77/0x2fb0
[  401.826688][T17289]  do_syscall_64+0xd0/0x1a0
[  401.826714][T17289]  ? clear_bhb_loop+0x40/0x90
[  401.826784][T17289]  ? clear_bhb_loop+0x40/0x90
[  401.826811][T17289]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  401.826837][T17289] RIP: 0033:0x7efdd8b5d37c
[  401.826856][T17289] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  401.826881][T17289] RSP: 002b:00007efdd71c7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  401.826952][T17289] RAX: ffffffffffffffda RBX: 00007efdd8d85fa0 RCX: 00007efdd8b5d37c
[  401.826969][T17289] RDX: 000000000000000f RSI: 00007efdd71c70a0 RDI: 0000000000000003
[  401.826984][T17289] RBP: 00007efdd71c7090 R08: 0000000000000000 R09: 0000000000000000
[  401.827009][T17289] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  401.827025][T17289] R13: 0000000000000000 R14: 00007efdd8d85fa0 R15: 00007ffd0240d1e8
[  401.827049][T17289]  </TASK>
[  402.072396][T17303] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3864'.
[  402.258064][T17319] FAULT_INJECTION: forcing a failure.
[  402.258064][T17319] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  402.271547][T17319] CPU: 0 UID: 0 PID: 17319 Comm: syz.2.3871 Not tainted 6.15.0-rc6-syzkaller-00278-g172a9d94339c #0 PREEMPT(voluntary) 
[  402.271580][T17319] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  402.271596][T17319] Call Trace:
[  402.271603][T17319]  <TASK>
[  402.271612][T17319]  __dump_stack+0x1d/0x30
[  402.271699][T17319]  dump_stack_lvl+0xe8/0x140
[  402.271717][T17319]  dump_stack+0x15/0x1b
[  402.271733][T17319]  should_fail_ex+0x265/0x280
[  402.271764][T17319]  should_fail+0xb/0x20
[  402.271848][T17319]  should_fail_usercopy+0x1a/0x20
[  402.271873][T17319]  _copy_from_user+0x1c/0xb0
[  402.271902][T17319]  __sys_bpf+0x178/0x790
[  402.271986][T17319]  __x64_sys_bpf+0x41/0x50
[  402.272019][T17319]  x64_sys_call+0x2478/0x2fb0
[  402.272117][T17319]  do_syscall_64+0xd0/0x1a0
[  402.272145][T17319]  ? clear_bhb_loop+0x40/0x90
[  402.272243][T17319]  ? clear_bhb_loop+0x40/0x90
[  402.272272][T17319]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  402.272319][T17319] RIP: 0033:0x7f2e1239e969
[  402.272337][T17319] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  402.272360][T17319] RSP: 002b:00007f2e10a07038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  402.272383][T17319] RAX: ffffffffffffffda RBX: 00007f2e125c5fa0 RCX: 00007f2e1239e969
[  402.272400][T17319] RDX: 0000000000000090 RSI: 00002000000000c0 RDI: 0000000000000005
[  402.272414][T17319] RBP: 00007f2e10a07090 R08: 0000000000000000 R09: 0000000000000000
[  402.272464][T17319] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  402.272480][T17319] R13: 0000000000000000 R14: 00007f2e125c5fa0 R15: 00007ffd18980488
[  402.272503][T17319]  </TASK>
[  402.608528][T17337] netem: incorrect ge model size
[  402.647673][T17340] FAULT_INJECTION: forcing a failure.
[  402.647673][T17340] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  402.660817][T17340] CPU: 1 UID: 0 PID: 17340 Comm: syz.2.3880 Not tainted 6.15.0-rc6-syzkaller-00278-g172a9d94339c #0 PREEMPT(voluntary) 
[  402.660854][T17340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  402.660870][T17340] Call Trace:
[  402.660877][T17340]  <TASK>
[  402.660887][T17340]  __dump_stack+0x1d/0x30
[  402.660910][T17340]  dump_stack_lvl+0xe8/0x140
[  402.661048][T17340]  dump_stack+0x15/0x1b
[  402.661069][T17340]  should_fail_ex+0x265/0x280
[  402.661106][T17340]  should_fail+0xb/0x20
[  402.661203][T17340]  should_fail_usercopy+0x1a/0x20
[  402.661229][T17340]  _copy_to_user+0x20/0xa0
[  402.661257][T17340]  simple_read_from_buffer+0xb5/0x130
[  402.661332][T17340]  proc_fail_nth_read+0x100/0x140
[  402.661358][T17340]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  402.661394][T17340]  vfs_read+0x19d/0x6f0
[  402.661424][T17340]  ? __rcu_read_unlock+0x4f/0x70
[  402.661449][T17340]  ? __rcu_read_unlock+0x4f/0x70
[  402.661468][T17340]  ? __fget_files+0x184/0x1c0
[  402.661561][T17340]  ksys_read+0xda/0x1a0
[  402.661646][T17340]  __x64_sys_read+0x40/0x50
[  402.661677][T17340]  x64_sys_call+0x2d77/0x2fb0
[  402.661729][T17340]  do_syscall_64+0xd0/0x1a0
[  402.661821][T17340]  ? clear_bhb_loop+0x40/0x90
[  402.661846][T17340]  ? clear_bhb_loop+0x40/0x90
[  402.661867][T17340]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  402.661908][T17340] RIP: 0033:0x7f2e1239d37c
[  402.661954][T17340] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  402.661978][T17340] RSP: 002b:00007f2e10a07030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  402.662002][T17340] RAX: ffffffffffffffda RBX: 00007f2e125c5fa0 RCX: 00007f2e1239d37c
[  402.662080][T17340] RDX: 000000000000000f RSI: 00007f2e10a070a0 RDI: 0000000000000003
[  402.662092][T17340] RBP: 00007f2e10a07090 R08: 0000000000000000 R09: 0000000000000000
[  402.662103][T17340] R10: 0000200000000340 R11: 0000000000000246 R12: 0000000000000001
[  402.662115][T17340] R13: 0000000000000000 R14: 00007f2e125c5fa0 R15: 00007ffd18980488
[  402.662146][T17340]  </TASK>
[  403.032956][T17352] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.3883'.
[  403.131945][   T29] kauditd_printk_skb: 2533 callbacks suppressed
[  403.131959][   T29] audit: type=1326 audit(1747485725.272:28017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17302 comm="syz.0.3864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7efdd8afab39 code=0x7ffc0000
[  403.218344][   T29] audit: type=1326 audit(1747485725.302:28018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17302 comm="syz.0.3864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7efdd8afab39 code=0x7ffc0000
[  403.242374][   T29] audit: type=1326 audit(1747485725.302:28019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17302 comm="syz.0.3864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7efdd8afab39 code=0x7ffc0000
[  403.265950][   T29] audit: type=1326 audit(1747485725.302:28020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17302 comm="syz.0.3864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7efdd8afab39 code=0x7ffc0000
[  403.289444][   T29] audit: type=1326 audit(1747485725.302:28021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17302 comm="syz.0.3864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7efdd8afab39 code=0x7ffc0000
[  403.313006][   T29] audit: type=1326 audit(1747485725.302:28022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17302 comm="syz.0.3864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7efdd8afab39 code=0x7ffc0000
[  403.336562][   T29] audit: type=1326 audit(1747485725.302:28023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17302 comm="syz.0.3864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7efdd8afab39 code=0x7ffc0000
[  403.360169][   T29] audit: type=1326 audit(1747485725.302:28024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17302 comm="syz.0.3864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7efdd8afab39 code=0x7ffc0000
[  403.383782][   T29] audit: type=1326 audit(1747485725.302:28025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17302 comm="syz.0.3864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7efdd8afab39 code=0x7ffc0000
[  403.407440][   T29] audit: type=1326 audit(1747485725.302:28026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17302 comm="syz.0.3864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7efdd8afab39 code=0x7ffc0000
[  403.540704][T17363] FAULT_INJECTION: forcing a failure.
[  403.540704][T17363] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  403.554067][T17363] CPU: 1 UID: 0 PID: 17363 Comm: syz.5.3887 Not tainted 6.15.0-rc6-syzkaller-00278-g172a9d94339c #0 PREEMPT(voluntary) 
[  403.554131][T17363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  403.554147][T17363] Call Trace:
[  403.554155][T17363]  <TASK>
[  403.554245][T17363]  __dump_stack+0x1d/0x30
[  403.554273][T17363]  dump_stack_lvl+0xe8/0x140
[  403.554298][T17363]  dump_stack+0x15/0x1b
[  403.554315][T17363]  should_fail_ex+0x265/0x280
[  403.554366][T17363]  should_fail_alloc_page+0xf2/0x100
[  403.554421][T17363]  __alloc_frozen_pages_noprof+0xff/0x360
[  403.554461][T17363]  alloc_pages_mpol+0xb3/0x250
[  403.554489][T17363]  vma_alloc_folio_noprof+0x1aa/0x300
[  403.554566][T17363]  handle_mm_fault+0x1056/0x2ae0
[  403.554664][T17363]  ? mas_walk+0xf2/0x120
[  403.554697][T17363]  do_user_addr_fault+0x636/0x1090
[  403.554741][T17363]  exc_page_fault+0x54/0xc0
[  403.554766][T17363]  asm_exc_page_fault+0x26/0x30
[  403.554792][T17363] RIP: 0033:0x7f1a95ecbf6b
[  403.554861][T17363] Code: c0 8b 87 c0 00 00 00 66 0f 6c c0 85 c0 0f 85 44 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 21 00 00 48 8d 7c 24 20 <0f> 29 44 24 40 49 89 e4 48 89 44 24 50 8b 43 74 48 89 9c 24 00 01
[  403.554879][T17363] RSP: 002b:00007f1a94584e10 EFLAGS: 00010246
[  403.554894][T17363] RAX: 00007f1a94586f30 RBX: 00007f1a96113620 RCX: 0000000000000000
[  403.554910][T17363] RDX: 00007f1a94586f78 RSI: 00007f1a95f7dbf8 RDI: 00007f1a94584e30
[  403.554926][T17363] RBP: 0000000000000009 R08: 0000000000000000 R09: 0000000000000000
[  403.555005][T17363] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  403.555016][T17363] R13: 0000000000000000 R14: 00007f1a96145fa0 R15: 00007ffe168e4a48
[  403.555041][T17363]  </TASK>
[  403.555052][T17363] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  403.932237][T17381] FAULT_INJECTION: forcing a failure.
[  403.932237][T17381] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  403.945488][T17381] CPU: 1 UID: 0 PID: 17381 Comm: syz.2.3896 Not tainted 6.15.0-rc6-syzkaller-00278-g172a9d94339c #0 PREEMPT(voluntary) 
[  403.945597][T17381] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  403.945613][T17381] Call Trace:
[  403.945682][T17381]  <TASK>
[  403.945690][T17381]  __dump_stack+0x1d/0x30
[  403.945729][T17381]  dump_stack_lvl+0xe8/0x140
[  403.945753][T17381]  dump_stack+0x15/0x1b
[  403.945858][T17381]  should_fail_ex+0x265/0x280
[  403.945902][T17381]  should_fail+0xb/0x20
[  403.945941][T17381]  should_fail_usercopy+0x1a/0x20
[  403.945964][T17381]  _copy_from_user+0x1c/0xb0
[  403.945986][T17381]  ___sys_sendmsg+0xc1/0x1d0
[  403.946086][T17381]  __x64_sys_sendmsg+0xd4/0x160
[  403.946111][T17381]  x64_sys_call+0x2999/0x2fb0
[  403.946135][T17381]  do_syscall_64+0xd0/0x1a0
[  403.946162][T17381]  ? clear_bhb_loop+0x40/0x90
[  403.946202][T17381]  ? clear_bhb_loop+0x40/0x90
[  403.946228][T17381]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  403.946256][T17381] RIP: 0033:0x7f2e1239e969
[  403.946273][T17381] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  403.946290][T17381] RSP: 002b:00007f2e10a07038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  403.946313][T17381] RAX: ffffffffffffffda RBX: 00007f2e125c5fa0 RCX: 00007f2e1239e969
[  403.946377][T17381] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000004
[  403.946394][T17381] RBP: 00007f2e10a07090 R08: 0000000000000000 R09: 0000000000000000
[  403.946410][T17381] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  403.946426][T17381] R13: 0000000000000000 R14: 00007f2e125c5fa0 R15: 00007ffd18980488
[  403.946451][T17381]  </TASK>
[  404.158056][T17385] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3897'.
[  404.167589][T17384] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3897'.
[  404.179100][T17387] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=25974 sclass=netlink_route_socket pid=17387 comm=syz.5.3895
[  404.180572][T17385] netdevsim netdevsim2 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  404.200382][T17385] netdevsim netdevsim2 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  404.208656][T17385] netdevsim netdevsim2 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  404.216884][T17385] netdevsim netdevsim2 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  404.227411][T17385] netdevsim netdevsim2 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  404.235838][T17385] netdevsim netdevsim2 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  404.244262][T17385] netdevsim netdevsim2 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  404.252659][T17385] netdevsim netdevsim2 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  404.292763][T17384] netdevsim netdevsim2 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  404.301015][T17384] netdevsim netdevsim2 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  404.309312][T17384] netdevsim netdevsim2 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  404.317585][T17384] netdevsim netdevsim2 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  404.335479][T17384] netdevsim netdevsim2 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  404.343981][T17384] netdevsim netdevsim2 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  404.352390][T17384] netdevsim netdevsim2 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  404.360795][T17384] netdevsim netdevsim2 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  404.543481][T17398] geneve0: entered allmulticast mode
[  404.918438][T17429] netlink: 'syz.2.3912': attribute type 4 has an invalid length.
[  405.497922][T17442] netlink: 'syz.2.3917': attribute type 21 has an invalid length.
[  406.418110][T17479] netem: incorrect ge model size
[  406.442563][T17483] ==================================================================
[  406.450690][T17483] BUG: KCSAN: data-race in call_rcu / mas_state_walk
[  406.457580][T17483] 
[  406.459921][T17483] write to 0xffff888108e11208 of 8 bytes by task 17481 on cpu 0:
[  406.467675][T17483]  call_rcu+0x48/0x3e0
[  406.471820][T17483]  mas_wmb_replace+0xc6b/0x14a0
[  406.476701][T17483]  mas_wr_store_entry+0x17ae/0x2b60
[  406.481913][T17483]  mas_store_prealloc+0x74d/0x9e0
[  406.486969][T17483]  vma_iter_store_new+0x1c5/0x200
[  406.492030][T17483]  vma_complete+0x125/0x570
[  406.496562][T17483]  __split_vma+0x594/0x610
[  406.500993][T17483]  vma_modify+0x1a4/0x210
[  406.505373][T17483]  vma_modify_flags+0x101/0x130
[  406.510267][T17483]  mprotect_fixup+0x2cc/0x570
[  406.514979][T17483]  do_mprotect_pkey+0x6d6/0x980
[  406.519857][T17483]  __x64_sys_mprotect+0x48/0x60
[  406.524736][T17483]  x64_sys_call+0x2794/0x2fb0
[  406.529438][T17483]  do_syscall_64+0xd0/0x1a0
[  406.533977][T17483]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  406.539899][T17483] 
[  406.542234][T17483] read to 0xffff888108e11208 of 8 bytes by task 17483 on cpu 1:
[  406.549883][T17483]  mas_state_walk+0x28f/0x650
[  406.554584][T17483]  mas_walk+0x30/0x120
[  406.558677][T17483]  lock_vma_under_rcu+0xa2/0x2f0
[  406.563648][T17483]  do_user_addr_fault+0x233/0x1090
[  406.568786][T17483]  exc_page_fault+0x54/0xc0
[  406.573317][T17483]  asm_exc_page_fault+0x26/0x30
[  406.578193][T17483] 
[  406.580524][T17483] value changed: 0x0000555587ea2fff -> 0xffff888108e11a08
[  406.587646][T17483] 
[  406.589989][T17483] Reported by Kernel Concurrency Sanitizer on:
[  406.596164][T17483] CPU: 1 UID: 0 PID: 17483 Comm: syz.1.3931 Not tainted 6.15.0-rc6-syzkaller-00278-g172a9d94339c #0 PREEMPT(voluntary) 
[  406.608692][T17483] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  406.618767][T17483] ==================================================================