last executing test programs:

2.317663223s ago: executing program 4 (id=866):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x4, 0x3, 0x3}, 0x10)
r2 = socket$tipc(0x1e, 0x2, 0x0)
r3 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r3, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x4, 0x3, 0x3}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x4, 0x3, 0x3}, 0x10)

2.289066655s ago: executing program 4 (id=868):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r2}, 0x9)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000000b00010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)
close(r0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2f3}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4c001}, 0x4004110)
dup2(r3, r4)

2.237394869s ago: executing program 4 (id=870):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="ac0000000002010400000000000000000a0000000400018004000380900002800c00028005000100000000002c00018014000300fc02000000000000000000000000000014000400fe8000000000000000000000000000aa0c0002800500010011"], 0xac}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
perf_event_open(&(0x7f0000000400)={0x2, 0x80, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x2}, 0x0, 0x0, 0x0, 0x0, 0x4, 0x3}, 0x0, 0x80000000000000, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
ioctl$USBDEVFS_IOCTL(r2, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r2, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)

2.144345826s ago: executing program 4 (id=873):
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c00"], 0x48)
r1 = syz_open_procfs(0x0, &(0x7f00000042c0)='mounts\x00')
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, &(0x7f0000000000)={0x0, 0x1, r2, 0x2, 0x80000})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
r3 = add_key$keyring(&(0x7f0000000340), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$restrict_keyring(0xa, r3, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000400)='id\x0f\xac\xd1\xeb\xf4\xd8&w\xef\x9f`T3%\xfa\xbf\xef\xeb\x8e1w\xfd')
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000240), r4)
sendmsg$WG_CMD_SET_DEVICE(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000800)={0x54, r5, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}, @WGDEVICE_A_PEERS={0x2c, 0x8, 0x0, 0x1, [{0x28, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @a_g}]}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x4004840}, 0x40000)
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x800714, &(0x7f0000000180)={[{}, {@jqfmt_vfsv0}]}, 0xff, 0x4a9, &(0x7f0000000580)="$eJzs3M9rXNUeAPDvnUnS301eX1/fa1+r0SoWfyRNWrULFyoKLhQEXdRlTNJaO22kiWBLsFGkLqXgXlwK/gXu3Ii6EMGtgkspFA1CUxcSub+aZDKZ5menzXw+MJlz5p6Zc773njNz5p7cCaBt9aZ/koidEfFzRHTn2YUFevO7menJ4ZvTk8NJzM6+9nuSlbsxPTlcFi2ft6PIHKlEVD5K4tlkcb3jFy+dHarVRi8U+f6Jc+/0j1+89MSZc0OnR0+Pnh88ceL4sYGnnxp8cl3iTOO6ceD9sYP7X3rj6ivDJ6+++d2XabP2Hcq3z4/jtm42CKiB3nSv/TGbqd/28Arafi/YNS+ddLSwIaxINSLSw9WZjf/uqMbcweuOFz9saeOADZV+Nm1ZevPULLCJJdHqFgCtUX7Qp99/y9sdmnrcFa4/F9EV+fmKmenJ4Zlb8XdEpSjTuYH190bEyam/PktvsdLzEAAAq5DNbR5vNP+rxL7sPl/r2F2sofRExL8iYk9E/Dsi9kbEfyKysv+NiP/lT57tXmb9vXX5xfOfyrWGbV4n6fzvmZib+83Mi7+466kWuV1Z/J3JqTO10aPFPjkSnVvS/ECTOr5+4adPlto2f/6X3tL6y7lg0YBrHXUn6EaGJobWaydc/yDiQEej+JNbKwFpD9gfEQdi8TpWE7vLxJlHvzi4VKHbx9/EOqwzzX4e8Uh+/KeiLv5S0nx9sn9r1EaP9pe9YrHvf7zy6oIHqnPJNcW/DtLjv31h/68r0f1nkq/XdkatNnphfOV1XPnl4yW/06yk/5ddPu3/Xcnr2Zr1D2/lB+q9oYmJCwMRXcnLWZmuomz2+ODcq5X5snwa/5HDjcf/nuI5aQX/j4i0Ex+KiPsi4v6i7Q9ExIMRcbhJ/N8+/9DbTeJPIomWHv+Rhu9/t/p/TzJ/vX4VierZb75aasV8ecf/eExl77W57P3vNpbbwDXuPgAAALgnVCJiZySVvjzduzMqlb6+/H/498b2Sm1sfOKxU2Pvnh/JrxHoic5Keaare9750IFkqnjFPD9YnCsutx8rzht/Wt2W5fuGx2ojLY4d2t2OheM/yvGf+q3a6tYBG871WtC+6sd/pUXtAO685Xz++y4Am1OD8b+tFe0A7jzf/6F9NRr/l+vy5v+wOXUsSvza4CfrgM3I/B/al/EP7cv4h7a0luv6V58oLxZY/etsXfYV/psmcbl5mfIXLzayGdti7pGo3B27pWHi7+LnLe+W9qw5kY6YBY9EJLGhlc79hgoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMC97J8AAAD//wHu668=")

1.9884333s ago: executing program 0 (id=876):
perf_event_open(0x0, 0x0, 0x80000000000000, 0xffffffffffffffff, 0x0)
syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)

1.960150652s ago: executing program 4 (id=877):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xd, &(0x7f0000000500)=ANY=[@ANYBLOB="18000000220000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007"], &(0x7f0000000a00)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='mm_page_free\x00', r2}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10)
setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000240)={0x0, 0x1, 0x6, @multicast}, 0x10)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x4000, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)

1.925765874s ago: executing program 0 (id=878):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b707000008000000850000006900000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = gettid()
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000006c0), 0x2000)
read(r3, &(0x7f0000000200)=""/209, 0x128)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r3, 0x4040534e, &(0x7f0000000080)={0x2bd, @tick=0x5})
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000740)={0xfffffffb, 0x2, 0x1, 'queue0\x00'})
tkill(r2, 0x7)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r3, 0xc02c5341, &(0x7f0000000800))

1.72907403s ago: executing program 0 (id=880):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x16, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x23}, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698d0a881c51852e4451b57d037ad3c045942824251d7d17b5191584bcd4fbe40a23424d", "bcfd56f1375461caaa2f19935e6996c7096ffeeb0300000000000064", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0xc0}, 0x94)
recvmmsg(r0, &(0x7f0000003d40)=[{{0x0, 0x0, 0x0}, 0x5}], 0x1, 0x2, 0x0)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x5, 0x0, 0x0, 0x40f00}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

1.551396105s ago: executing program 1 (id=883):
setsockopt$llc_int(0xffffffffffffffff, 0x10c, 0x7, &(0x7f0000000040)=0x80ac2, 0x4)

1.4883598s ago: executing program 1 (id=884):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1e00000000000000010000000700000000000000", @ANYRES32=0x1, @ANYBLOB="000000fbff"], 0x48)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x601ae3b3c3dd9193, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001b80)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000fdfdfff67a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040000010000400404000001000000b7050000020000006a0a00fe00000000850000000a000000b70000000000000095000000000000009cc6b3fcd62c7d376238975d43a4505f80fc88943c4f0cf08e467b592f868ee30a0e8c1bf176db2a6b2feb4b6fd3d5707bfd2d84aaa3b1d4e984c46ea7e2a447a36f5662403e1b2be4cc7c2683908a0d411a9872971c7c56f0979bd10b97163c1d6d0e196bf02f46c7e81eb72c00000000d0d26b5069f8a98f7dc8f76b74635fde9ca3c00cb9bf4e418d07fa22f0610a70f2bdf4000000000000b0c2940dd8e263aa743f7555193161f45346b1004006000000e1ffff8816326d7d25c32aac1c7d5b5be399f6609876b5887437a172fbc02a74067529194e533583412dff048f000000008b260000b2728a0481e9f0da43bb6cfb851cd364ff19ffcafe3e64be033c9d2f002cc93c1c13caec04a347383420336bec88c24a9fb6a6991ddb737d527d6acb15426415b6e8b14fdfa2c6e94bf1339454c13ad3e328a100000000b515a1000000000000000eb2e9c15b6c8f6198282df27badac8507bc7d202e0990e0"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41100}, 0x94)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000004c0)={{{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in6=@private2}, 0x0, @in6=@private2}}, &(0x7f0000000080)=0xe8)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f00000001c0)={{0x1, 0x1, 0x18, <r3=>r1, {0xee01, <r4=>0xee00}}, './file0\x00'})
fstat(r1, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
getresgid(&(0x7f0000000c40), &(0x7f0000000140), &(0x7f0000000240)=<r6=>0x0)
syz_mount_image$msdos(&(0x7f00000000c0), &(0x7f0000000200)='./file0\x00', 0x10814, &(0x7f0000000700)=ANY=[@ANYBLOB='umask=00000000000000000000000,flush,nodots,dots,gid=', @ANYRESHEX=r6, @ANYBLOB="00006b746769643d0092", @ANYRES8, @ANYRESHEX=r3], 0x1, 0x1fa, &(0x7f0000000500)="$eJzs2zFrE2EYB/Dn2rRe7GAHJ1E4cHEK6icwSAUxIEQy6GSgurQipEsUxH4eZz+EX8alg2SLXO5om2sLjWdyEn8/ON6H/O/guSF53uHN27sfDvY/Hr3f+nISaZLFRsSTmETs5lUpKdd0Vm/HnCTq+FXraQDgj/T7w27TPbBco1F3eDsidi4kg2+NNAQAAAAAAAAAAEBti5z/34j4Wj3/f7zifgGA+pz/X1/tch2NusN7xf6twvl/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDmT6fTWNL/Sci2vGxGRRkQ7Im5GRCsi8s+b7hcAqG8ynZ/7V83/iEgiwvwHgDXw6vWbF91eb6+fZWnEz+PxYDwo1iJ/9ry39zCb2T176mQ8Hmye5o+KPJvPt2b7hjx/fGm+HQ/uF3mePX3Zq+Q7sb/81weA/1InO3Vuvm+WV0Snc1mez+eiOrc/qMzvVtxprew1AIAFHH36fDA8PHw3+utFsthT7bKhq+/53lpWq4prFT+Sf6INRd0ivc7NDf8wAUt39qWvJmkzDQEAAAAAAAAAAAAAABes4i9HTb8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADr53cAAAD//8h6UUs=")
r7 = syz_mount_image$ext4(&(0x7f0000002180)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x100c806, &(0x7f0000000000)={[{@jqfmt_vfsv1}, {@abort}, {@discard}, {@max_batch_time={'max_batch_time', 0x3d, 0x3}}, {@data_ordered}, {@mblk_io_submit}, {@usrquota}, {@nodioread_nolock}, {@dax_inode}, {}, {@auto_da_alloc}]}, 0x9, 0x606, &(0x7f0000000600)="$eJzs3c1vVFUbAPDnTD9oKe/bQt68igtpYgwkSksLGGJcwNaQBj/ixo2VFoIUaGiNFk0oCW5MjBtjTFy5EP8LJbJlpW5cuHFlSIgaliaOudM7pdPeaenH9Fbm90uGnnvu3J5zpzxzzj1zzp0A2tZg9k8lYn9ETKeI/jS/uK8z8p2DC8978OeHZ7NHimr1td9TpDyv/vyU/+zLD+6JiB++T7GvY2W5M3PXLo5PTU1ezbeHZy9ND8/MXTt84dL4+cnzk5dHXxg9cfzY8RMjRzZ0XtcL8k7ffOe9/o/H3vz6y7/SyDe/jKU4GS/nT1x6HltlMAZrr0lauavvxFYXVqLOZdtpeQY7Vkf+9+uKiCeiPzqW/DX746NXSq0c0FLVFFEF2lRaR/xnvYVW1gXYTvV+QP3afvl1cKWUXgmwHe6fWhgAWBn/nQtjg9FTGxvY/SA1jPOkiNjYyFyjPRFx987YzXN3xm5Gi8bhgGLzNyLiyaL4T7X4H4ieGKjFf6Uh/rN+wZn8Z5b/6gZ7CsuHisU/bJ+F+O9ZNf6jSfy/tST+395EHfJLkeu9DfHf6+oDAAAAAAAA1un2qYh4vujz/8ri/J8omP/TFxEnt6D8wWXbKz//r9zbgmKAAvdPRbxUOP+3Uv/8faAjT/2nNh+gK527MDV5JCL+GxGHomtXtj2yShmHP9n3RbN9g/n8v/ojK/9uPhcwr8e9zl2Nx0yMD45v9ryBiPs3Ip4qnP+bFtv/VND+Z+8H049Yxr5nb51ptm/t+AdapfpVxMHC9v/hXSvS6vfnGK71B4brvYKVnv7g02+blb/R+HeLCdi8rP3fvXr8D6Sl9+uZWfXXzRdlHp3rrDY7YGP9/9nx7vR67a5C3Xne++Ozs1dHIrrT6Y4styF/dK1XAR4zPxVn1+OhHi9Z/B96ZvXxv6L+f29BsKc/GtcU1/3/775fm1VT/x/Kk8X/xLra//UnRm8NfNes/Edr/4/V2vpDeU7W/rfuFYF/j8/rYdrdmF8Qjp1Fu7a7vgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwOKhExJ5IlaHFdKUyNBTRFxH/i92VqSszs8+du/Lu5YlsX+37/yv1b/rtX9hOte//r2Tph9uj0bh9NCL2RsRnHb217aGzV6Ymyj55AAAAAAAAAAAAAAAAAAAA2CH6mqz/z/zWUXbtgJbrLLsCQGkK4v/HMuoBbD/tP7SvDcV/mt/6igDbTvsP7Uv8Q/sS/9C+xD+0L/EP7WrZOH4qqx4AAAAAAMAW2Xvg9s8pIuZf7K09Mt35vq5Sawa0WqXsCgClcYsfaF+m/kH7co0PrDXrt6fpQZuZLzx9dhMHAwAAAAAAAAAAAEDbObjf+n9oV9b/Q/uy/h/aV339/4GS6wFsP9f4QKyxkr9w/f+aRwEAAAAAAAAAAAAAW2mmuitiamry6szctYvjLUt0R0SLi9h04o2dUY2iRG+LfnO1Wr2e/S8o/QQfj0R9KvxOqc+yRH2t36MdVd57EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0OifAAAA//8sxicA")
r8 = semget$private(0x0, 0x1, 0x8)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000001080)={{0x1, 0x1, 0x18, r7, {<r9=>0x0, 0xee01}}, './file0\x00'})
r10 = getgid()
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB='H\x00', @ANYBLOB="100029bd7000ffdbdf250e000000340041090800080006000000060002004e200000080007000800000005000d0001000000080006"], 0x48}, 0x1, 0x0, 0x0, 0x40081c4}, 0x44000)
r11 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="480000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002800128009000100626f6e6400000000180002"], 0x48}}, 0x0)
sendmmsg$inet(r11, &(0x7f0000005200)=[{{0x0, 0x4b, &(0x7f0000000000), 0x1}}], 0x1, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f00000010c0)={{{@in6=@private1, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r12=>0x0}}, {{@in6=@private1}, 0x0, @in6}}, &(0x7f00000011c0)=0xe8)
r13 = msgget$private(0x0, 0xfffffffffffffffd)
msgrcv(r13, 0x0, 0x0, 0x1, 0x3000)
msgsnd(r13, &(0x7f0000000000)={0x1}, 0x8, 0x0)
msgrcv(r13, &(0x7f0000000140)={0x0, ""/126}, 0x86, 0x2, 0x1000)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000)={0x0, <r14=>0x0}, &(0x7f0000000080)=0xc)
newfstatat(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, <r15=>0x0}, 0x4000)
getresuid(&(0x7f0000000180)=<r16=>0x0, &(0x7f0000000200), &(0x7f0000000500))
getgroups(0x2, &(0x7f0000000540)=[0xffffffffffffffff, <r17=>0xee01])
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000580)=<r18=>0x0)
msgctl$IPC_SET(r13, 0x1, &(0x7f0000000680)={{0x3, r14, r15, r16, r17, 0x80, 0x8}, 0x0, 0x0, 0x0, 0x19, 0x5, 0x2bde, 0xffffffffffffff27, 0xc7, 0x2, 0x9, r18})
semctl$IPC_SET(r8, 0x0, 0x1, &(0x7f0000001200)={{0x0, r9, r10, r12, r15, 0x1c0, 0x8}, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0xc213})
r19 = getgid()
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000380)=ANY=[@ANYBLOB="02000000010002000000000002000400", @ANYRES32=r2, @ANYBLOB="040004000000000008000300", @ANYRES32=r4, @ANYBLOB="08000400", @ANYRES32=r5, @ANYBLOB="08000100", @ANYRES32=r6, @ANYBLOB="c3213a73", @ANYRES32=r15, @ANYBLOB="08000200", @ANYRES32=r19, @ANYBLOB="10000400000000002000000000000000"], 0x54, 0x1)

1.467035751s ago: executing program 3 (id=885):
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffb}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x18, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x18)
pipe(&(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000940)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
writev(r3, &(0x7f0000000400)=[{&(0x7f0000000100)="92", 0x1}], 0x1)
pipe(&(0x7f0000000380)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
splice(r5, 0x0, r6, 0x0, 0xf3a, 0x0)
splice(r2, 0x0, r6, 0x0, 0x80, 0x6)
write(r6, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
write(r4, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)

1.36313541s ago: executing program 2 (id=886):
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000040)={<r0=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, &(0x7f0000000180)={0x3, 0x40, 0xfa02, {{0x6000000, 0x4e21, 0x7, @mcast2}, {0xa, 0x1, 0xb, @private1={0xfc, 0x1, '\x00', 0x1}, 0x400}, r0}}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x1e, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000061192800000000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000850000005000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r2 = syz_open_pts(0xffffffffffffffff, 0x80000)
ioctl$GIO_SCRNMAP(r2, 0x4b40, &(0x7f0000001480)=""/241)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0x66, &(0x7f0000001580)=ANY=[@ANYBLOB="ffffffffffff6487a2bed3d608004500001403000000006c907800000000000000000420880b0000000000000800000087dd080088ba00000000100000000100000000000000080022eb000000002000070002000000000900000000d662828ef76bd9000008006558000000005c08eaf9a4805752a2cfa2eeefe411dffa01c1193ada6c02b861ac965e92a657c937f2b8a4"], 0x0)
pipe(&(0x7f0000000140)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c)
sendto$inet6(r4, 0x0, 0x0, 0x22040881, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)
shutdown(r4, 0x1)
splice(r4, 0x0, r3, 0x0, 0x2, 0x0)
setsockopt$inet_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f0000000200), 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})

1.318225814s ago: executing program 2 (id=887):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
readv(r0, &(0x7f0000001340)=[{&(0x7f0000000580)=""/148, 0x94}], 0x1)
readv(r0, &(0x7f0000000100)=[{&(0x7f00000002c0)=""/215, 0xd7}], 0x1)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

1.187308204s ago: executing program 2 (id=888):
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000006000000a10200000700000001000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\b\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_netprio_ifpriomap(r0, &(0x7f0000000040), 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000001140)={0x11, 0xb, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000680), &(0x7f00000006c0)=0xe)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000740)={{{@in6=@initdev, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}}, {{@in6=@remote}, 0x0, @in=@private}}, &(0x7f0000000400)=0xe8)
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc0ed000e, &(0x7f0000000940)={[{@jqfmt_vfsold}, {@max_batch_time={'max_batch_time', 0x3d, 0x1}}, {@debug}, {@resuid={'resuid', 0x3d, r1}}, {@nombcache}, {@noblock_validity}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x8000000}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x400000}}]}, 0xfe, 0x46c, &(0x7f0000000f00)="$eJzs3M1vFOUfAPDvTF94+/FrRXwBQapoJL60tLzIwYtGEw6amOgB46m2hVQWamhNhBCtHvBoSLwb/wvjSS9GvWjiVe+GhBguoF7WzM4MLMtu2aXbLrCfTzLd55l5us/znZln95l5djeAvjWW/Uki/hcRv0fESJ69ucBY/nDtyvmZv6+cn0miWn3rr6RW7uqV8zNl0fL/tuSZarXIb2hS74V3I6YrlbkzRX5i6dQHE4tnz70wf2r6xNyJudNTR44cPLB7+PDUoa7EmcV1defHC7t2HH3n4hszxy6+91OSRh53NMTRLWP53m3q6W5X1mNb69LJYP2WPb/cSDc7E+ilgYjIDtdQrf+PxEBsur5tJF77rKeNA9ZUtVqtrvCqvFwF7mNJ9LoFQG+Ub/TZ9W+5rNPQ465w+eX8AiiL+1qx5FsGI80Te4Yarm+7aSwiji3/81W2xBrdhwAAqPddNv55vtn4L42H88Rw9uf/xRzKaEQ8EBHbIuLBiNgeEQ9F1Mo+EhGPdlh/4wzJreOf9NIdB9eGbPz3UjG3dfP4Ly2LjA4Uua21+IeS4/OVuf3FPtkXQxuOzydzkyvU8f2rv33Ralv9+C9bsvrLsWDRjkuDDTfoZqeXplcTc73Ln0bsHGwWfxLlNE4SETsiYucd1jH/7GDLbbePfwWtn7Zt1a8jnsmP/3I0xF9KWs5PTr54eOrQxMaozO2fKM+KW/3864U3W9W/qvi7IDv+m5ue/9fjH002RiyePXeyNl+72HkdF/74vOU1TYfn/9Gtxfk/nLxdWzFcbPhoemnpzGTEcPL6reunbjxbmS/LZ/Hv29u8/2+LG3visYjYFRG7I+Lx7KKwaPsTEfFkROxdIf4fX3nq/c7jX5+50iz+2dsd/6g//p0nBk7+8O3t498YEa2O/8Faal+xpp3Xv3YbuJp9BwAAAPeK/DPwSTp+PZ2m4+P5Z/i3x+a0srC49NzxhQ9Pz+aflR+NobS80zVSdz90srg3XOanGvIHivvGXw5squXHZxYqs70OHvrclhb9P/PnQK9bB6y5LsyjAfco/R/6l/4P/SnR/6Gv6f/Qv5r1/09alh7/Zk0bA6wr7//Qv9ro/8v5Q+tRAXBv8v4P/Uv/h77U8rvx6aq+8r/uiX+L3zO8W9pz/ycivSuacf8nBtv+MYsOEtWRvP9nazY0LdPrVyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDu+C8AAP//F0nluw==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000a00)=ANY=[@ANYBLOB="180100000700002c0000000000000004850000002a00000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x2}, 0x18)
r3 = perf_event_open(&(0x7f0000001480)={0x2, 0x80, 0x5a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8400, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={0x0, 0x4}, 0x0, 0x8, 0x101, 0x7, 0x0, 0x100000d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f0000000380)='cpu==0||!')

833.932523ms ago: executing program 0 (id=889):
r0 = socket$packet(0x11, 0x3, 0x300)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0xe, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000160000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
r2 = getpid()
r3 = syz_pidfd_open(r2, 0x0)
setns(r3, 0x24020000)
mount_setattr(0xffffffffffffff9c, &(0x7f0000000180)='.\x00', 0x8000, &(0x7f0000001dc0)={0x8, 0x70, 0x80000}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYRESHEX, @ANYRESDEC=r1], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x18)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x80000, 0x0, 0x0, 0x41100}, 0x94)
r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r6}, 0x10)
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000100)={0x0, 0x2, 0x6}, 0x10)
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000240)={0x0, 0x1, 0x6, @multicast}, 0x10)
r7 = socket$packet(0x11, 0x3, 0x300)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYRES16=0x0, @ANYRES16=r7, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)

679.688355ms ago: executing program 1 (id=890):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b707000008000000850000006900000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = gettid()
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000006c0), 0x2000)
read(r3, &(0x7f0000000200)=""/209, 0x128)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r3, 0x4040534e, &(0x7f0000000080)={0x2bd, @tick=0x5})
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000740)={0xfffffffb, 0x2, 0x1, 'queue0\x00'})
tkill(r2, 0x7)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r3, 0xc02c5341, &(0x7f0000000800))

608.617481ms ago: executing program 3 (id=891):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='cgroup\x00')
preadv(r2, &(0x7f00000000c0)=[{&(0x7f0000000380)=""/131, 0x83}], 0x1, 0x12e, 0x41000000)

540.525086ms ago: executing program 3 (id=892):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="ac0000000002010400000000000000000a0000000400018004000380900002800c00028005000100000000002c00018014000300fc02000000000000000000000000000014000400fe8000000000000000000000000000aa0c0002800500010011"], 0xac}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x50)
perf_event_open(&(0x7f0000000400)={0x2, 0x80, 0xe9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x2}, 0x0, 0x0, 0x0, 0x0, 0x4, 0x3}, 0x0, 0x80000000000000, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
ioctl$USBDEVFS_IOCTL(r1, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r1, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)

485.521351ms ago: executing program 2 (id=893):
r0 = socket(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, r0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000180), 0x20000, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x21, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="4000000010000304000000000000000000001000", @ANYRES32=0x0, @ANYBLOB="c5108dea2bd24dcf1800128008000100707070000c00028008000100", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x40}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r2 = socket(0x10, 0x803, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000001680)=ANY=[@ANYBLOB="1800000000030000000000000000000095"], &(0x7f0000001700)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='contention_end\x00', r3}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
r5 = fsopen(&(0x7f0000000400)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000240)=',-\x10*\x00', &(0x7f0000000380)='$\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r5, 0x2, 0x0, &(0x7f0000000740), 0x0)
close(r5)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000001680)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='xprtrdma_dma_maperr\x00', r6}, 0x18)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x17)
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4005, &(0x7f0000000040)=0x8000, 0x5, 0x5)
socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'bridge_slave_1\x00'})
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=@newlink={0x40, 0x10, 0x439, 0x70bd2c, 0xffffffea, {0x0, 0x0, 0xe403, 0x0, 0x610c3, 0x678eb}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x8, 0x3, @multicast1}, @IFLA_IPTUN_FLAGS={0x6, 0x8, 0xf}]}}}]}, 0x40}}, 0x4040)
close(r1)

379.227109ms ago: executing program 3 (id=894):
bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="120000000800000004000000b47c000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000e3ff01000000000000000000000000000000000081e2bd79048ffc22541c0c79e1297a4512429b9a572a4b98c123a86665e847873ee0f8f8785dc2960cf3e5fa415066aaee9f9e681429aa62bf40d66841c81cad2074cb1bff40beab343e8e010dd51c8657486284cd1959b759a1322a41e2c773b1efea00e4239632bf0f92c75d5ff5329db36ec8a06bd7f09e4806c97609a7cb982a03317f29f5571033a26ad3bd530c284ae422d4e6c33e26c2b584849086cd1e0840309e41f8f16064404c910b4f024fa585b7f9ecf022d75d8e6a89354466819ed7334368fd4dfb29200a79489926f76f4b4b24d2ac81e469e0ba61b40478b8d4ad8b333667915d9505004d39a8ec743483dd79559e15eeb272491e47b5c4ca4c3a5e1f2878ee4392fba965b7d761000b4fd228d2ab98a13bc77eb3604cdaab78d8d9dba77c47182349dbcdc2e19199c29d38c3a00ed1290c61f262d0a76d653ddf4fe4059a598bcd3303994e1b93b82b3702e7937eb7534f2d98699275fff86b2c05aee42bcb18171c22727c11f73a2e18eb70d68b77ec9f1f0bed3e2711e7c6721337224f07973badb0e0db485db0d6f5054d1e663dc01e4a87b8d5ee5351d761ace68b7bad1bdce736c3ab5979245e23a03eebad8348ec3c0d8319787be311dc8f016ec4132c079a51b8e8b620ef054e02bc5642dc6a660f9660a955e2ba"], 0x50)

322.092784ms ago: executing program 4 (id=895):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000001000040000000000000000000300000a20000000000a05000000000000000000070000000900010073797a300000000044000000090a010400000000000000000700ffff08000a40000000030900020073797a31000000000900010073797a3000000000080005400000002106000d40931000005c0000000c0a01020000000000000000070000000900020073797a31000000000900010073797a3000000000300003802c0000800400018024000b80100001800c000100636f756e7465720010000180090001006c617374"], 0xe8}, 0x1, 0x0, 0x0, 0x10}, 0x8000)
socket$netlink(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x2, 0x510, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x100, 0x7}, 0x2202, 0x10000, 0x5, 0x9, 0x8, 0x1, 0x3, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
r3 = syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x10, &(0x7f0000000040)={[{@usrjquota}]}, 0x1, 0x3e7, &(0x7f0000000480)="$eJzs3E1vG0UfAPD/bl7apn1qV3oOvFwsQCISImnSFqgEEhEXDu2JHjhixWmJ6jSoMRKtIl4E4gYSiA8AB+AjcIQD3wHOwAEqRSgHUm5Ga+86Jn5pQx0skt9PGnlmZ+OZ9WTWu+PZCeDIqkTEixExERFnI6KUb0/zEO+2Q7bfzvbm8p/bm8tJNJuv/J5Ekm8r3ivJX0/mbzCbRqQfJPFon3I3bt2+Xq3XV27m6fnG2hvzG7duP726Vr22cm3lxuIz585fuPDcxcVnR3asW2vJR098demXTz6sffrDb9+Ws/qeyvO6j2NUKlHpfCZ7XRx1YWN2vCueTI6xIgAADJXm1/6Trev/UkzE7sVbKT7+fqyVAwAAAEai2SxeAQAAgMMrce8PAAAAh1wxD2Bne3O5CGOcjsC/bGspIsrt9r+bh3bOZOeZ3qk9z/eOUiUiXj5+eTELcUDPYQMAAAAcZd8ttRf+6x3/S+Ohrv1ORMRMsbbfCFX2pHvHf9I7Iy6SLltLEc9HxN2e8b+02KU8kaf+1xoqnEqurtZXzkbE6YiYjaljWXphSBlvP3b960F53eN/n//86kJWfva6u0d6Z/LY3/+mVm1UH+SY2bX1XsQjk/3aP+mM+Xavk/lPvLa688KgvKz9s/YuQm/7c5CaX0Q82bf/765cmgxfn3W+dT6YL84KvX469eX7g8rv7v9ZyMovfgvg4GX9f2Z4+7fWye2s17ux/zK++ePyj4Py7t3+/c//08mVVgWn821vVRuNmwsR08ml3u3+mzqKz6P4vLL2n328//d/cf2X5N/9p7vWh+4x5AfCl945c2VQnv4/Xln71/bV//cfeX3m4dlB5d9f/z/fqkzxJq7/7u1+G2jc9QQAAAAAAABgNNLW3L4knevE03Rurj3P9/8xk9bXNxpPXV1/80atPQewHFNpMdOr1DUfdKH9GHknvbgnfS4izkTEZ6UTrfTc8nq9Nu6DBwAAgCPi5ID7/8yvAx/2AAAAAP5zyuOuAAAAAHDg3P8DAADAofYg6/qLiIgc1si4z0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAR9tfAQAA///8h8MD")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x1c1840, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x0, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000e80)='./bus\x00', 0x1c1002, 0x0)
write(r6, &(0x7f00000001c0)="f14a18f6", 0x4)
sendfile(r6, r4, 0x0, 0x40001)
sendfile(r6, r5, 0x0, 0x7ffff000)
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r5, 0x84, 0x22, &(0x7f00000000c0)={0x1ff, 0x8005, 0x1, 0x80, <r7=>0x0}, &(0x7f0000000100)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r3, 0x84, 0x1f, &(0x7f0000000200)={r7, @in={{0x2, 0x4e21, @empty}}, 0x3, 0x8}, 0x90)
openat(0xffffffffffffff9c, 0x0, 0x40, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
write$nci(0xffffffffffffffff, &(0x7f0000000140)=ANY=[@ANYRES32], 0x4)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
futex(0x0, 0x5, 0x2, &(0x7f0000fd7ff0)={0x0, 0x3938700}, 0x0, 0xfffffffd)

298.130465ms ago: executing program 1 (id=896):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b707000008000000850000006900000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
socket$netlink(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x8, 0x0, @perf_config_ext={0x1, 0xa}, 0x1184c, 0x9, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = gettid()
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000006c0), 0x2000)
read(r3, &(0x7f0000000200)=""/209, 0x128)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r3, 0x4040534e, &(0x7f0000000080)={0x2bd, @tick=0x5})
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000740)={0xfffffffb, 0x2, 0x1, 'queue0\x00'})
tkill(r2, 0x7)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r3, 0xc02c5341, &(0x7f0000000800))

278.416408ms ago: executing program 3 (id=897):
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000040)={<r0=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, &(0x7f0000000180)={0x3, 0x40, 0xfa02, {{0x6000000, 0x4e21, 0x7, @mcast2}, {0xa, 0x1, 0xb, @private1={0xfc, 0x1, '\x00', 0x1}, 0x400}, r0}}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x1e, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000061192800000000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000850000005000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r2 = syz_open_pts(0xffffffffffffffff, 0x80000)
ioctl$GIO_SCRNMAP(r2, 0x4b40, &(0x7f0000001480)=""/241)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0x66, &(0x7f0000001580)=ANY=[@ANYBLOB="ffffffffffff6487a2bed3d608004500001403000000006c907800000000000000000420880b0000000000000800000087dd080088ba00000000100000000100000000000000080022eb000000002000070002000000000900000000d662828ef76bd9000008006558000000005c08eaf9a4805752a2cfa2eeefe411dffa01c1193ada6c02b861ac965e92a657c937f2b8a4"], 0x0)
pipe(&(0x7f0000000140)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c)
sendto$inet6(r4, 0x0, 0x0, 0x22040881, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)
shutdown(r4, 0x1)
splice(r4, 0x0, r3, 0x0, 0x2, 0x0)
setsockopt$inet_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f0000000200), 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})

272.064848ms ago: executing program 0 (id=898):
openat$sysfs(0xffffff9c, &(0x7f00000037c0)='/sys/kernel/notes', 0x0, 0x0)
r0 = syz_io_uring_setup(0xbdc, &(0x7f0000000080)={0x0, 0xec21, 0x80, 0x1, 0x40000333}, &(0x7f0000000340)=<r1=>0x0, &(0x7f00000001c0))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r0, 0x4642, 0x2000, 0x6, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = socket$packet(0x11, 0x3, 0x300)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x800, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r5 = socket(0x400000000010, 0x3, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r6, 0x0, 0x1ffffffffffffffd}, 0x18)
r7 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r8, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x400}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtfilter={0x44, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r8, {0xffe0}, {}, {0x7, 0x4}}, [@filter_kind_options=@f_flow={{0x9}, {0x14, 0x2, [@TCA_FLOW_EMATCHES={0x10, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x4}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}]}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x10}, 0x20000000)
setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
close(r3)

219.144282ms ago: executing program 3 (id=899):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$VT_RELDISP(r1, 0x5605)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'ip_vti0\x00', <r2=>0x0})
ioctl$sock_inet_SIOCGIFNETMASK(r0, 0x891b, &(0x7f0000000040)={'syzkaller0\x00', {0x2, 0x0, @initdev}})
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x4, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000ffffffff000000000500000095000000009006c6c7e814976d000000"], &(0x7f00000000c0)='GPL\x00', 0xb, 0x65, &(0x7f00000001c0)=""/101, 0x41000, 0x1, '\x00', r2, @fallback=0x8, 0xffffffffffffffff, 0x8, &(0x7f0000000440)={0x5, 0x1}, 0x8, 0x10, &(0x7f0000000480)={0x2, 0xe, 0x7, 0x80000001}, 0x10, 0x0, r0, 0x6, 0x0, &(0x7f00000002c0)=[{0x2, 0x2, 0x4, 0xa}, {0x3, 0x1, 0x3, 0x7}, {0x4, 0x3, 0x8, 0x8}, {0x0, 0x3, 0x2, 0x4}, {0x1, 0x1, 0x7, 0x7}, {0x5, 0x4, 0xc}], 0x10, 0xffff34f0}, 0x94)
r3 = socket$kcm(0x10, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b0000000700000008000000a6ad6a1a05"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r6}, 0x10)
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
move_mount(0xffffffffffffff9c, &(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
sendmsg$kcm(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f00000000c0)="d800000018008103e00312ba0d8105040a600300ff0f040b067c55a1bc000900b80006990700000015000500fef32702d3001500030001400200000901ac040098007f6f94007100a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4b11602b2a10c11ce1b14d6d930dfe1d9d322fe04000000730d7a5025ccca262f3d40fad95667e04adcdf634c1f215ce3bb9ad809d5e1cace81ed0b66bce0b42a9ecbee5de6ccd40dd6e4edef3d93452a92307f00000e970300"/216, 0xd8}], 0x1}, 0x48002)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x1, '\x00', r2, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
syz_usbip_server_init(0x1)
r9 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_DEL(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x14, r9, 0x1, 0x0, 0x25dfdbfd, {0x54}}, 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x8000)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000400)={'veth0_to_team\x00', 0x4000})
sendmsg$DEVLINK_CMD_GET(r8, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16=r9, @ANYBLOB="010000000000fcdbcf2554"], 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x40010)
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x40)
futex(&(0x7f000000cffc)=0x2, 0xa, 0x100000, 0x0, 0x0, 0x3000000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r7}, 0x10)

197.451164ms ago: executing program 0 (id=900):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000001000040000000000000000000300000a20000000000a05000000000000000000070000000900010073797a300000000044000000090a010400000000000000000700ffff08000a40000000030900020073797a31000000000900010073797a3000000000080005400000002106000d40931000005c0000000c0a01020000000000000000070000000900020073797a31000000000900010073797a3000000000300003802c0000800400018024000b80100001800c000100636f756e7465720010000180090001006c617374"], 0xe8}, 0x1, 0x0, 0x0, 0x10}, 0x8000)
socket$netlink(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x2, 0x510, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x100, 0x7}, 0x2202, 0x10000, 0x5, 0x9, 0x8, 0x1, 0x3, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
r3 = syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x10, &(0x7f0000000040)={[{@usrjquota}]}, 0x1, 0x3e7, &(0x7f0000000480)="$eJzs3E1vG0UfAPD/bl7apn1qV3oOvFwsQCISImnSFqgEEhEXDu2JHjhixWmJ6jSoMRKtIl4E4gYSiA8AB+AjcIQD3wHOwAEqRSgHUm5Ga+86Jn5pQx0skt9PGnlmZ+OZ9WTWu+PZCeDIqkTEixExERFnI6KUb0/zEO+2Q7bfzvbm8p/bm8tJNJuv/J5Ekm8r3ivJX0/mbzCbRqQfJPFon3I3bt2+Xq3XV27m6fnG2hvzG7duP726Vr22cm3lxuIz585fuPDcxcVnR3asW2vJR098demXTz6sffrDb9+Ws/qeyvO6j2NUKlHpfCZ7XRx1YWN2vCueTI6xIgAADJXm1/6Trev/UkzE7sVbKT7+fqyVAwAAAEai2SxeAQAAgMMrce8PAAAAh1wxD2Bne3O5CGOcjsC/bGspIsrt9r+bh3bOZOeZ3qk9z/eOUiUiXj5+eTELcUDPYQMAAAAcZd8ttRf+6x3/S+Ohrv1ORMRMsbbfCFX2pHvHf9I7Iy6SLltLEc9HxN2e8b+02KU8kaf+1xoqnEqurtZXzkbE6YiYjaljWXphSBlvP3b960F53eN/n//86kJWfva6u0d6Z/LY3/+mVm1UH+SY2bX1XsQjk/3aP+mM+Xavk/lPvLa688KgvKz9s/YuQm/7c5CaX0Q82bf/765cmgxfn3W+dT6YL84KvX469eX7g8rv7v9ZyMovfgvg4GX9f2Z4+7fWye2s17ux/zK++ePyj4Py7t3+/c//08mVVgWn821vVRuNmwsR08ml3u3+mzqKz6P4vLL2n328//d/cf2X5N/9p7vWh+4x5AfCl945c2VQnv4/Xln71/bV//cfeX3m4dlB5d9f/z/fqkzxJq7/7u1+G2jc9QQAAAAAAABgNNLW3L4knevE03Rurj3P9/8xk9bXNxpPXV1/80atPQewHFNpMdOr1DUfdKH9GHknvbgnfS4izkTEZ6UTrfTc8nq9Nu6DBwAAgCPi5ID7/8yvAx/2AAAAAP5zyuOuAAAAAHDg3P8DAADAofYg6/qLiIgc1si4z0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAR9tfAQAA///8h8MD")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x1c1840, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x0, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000e80)='./bus\x00', 0x1c1002, 0x0)
write(r6, &(0x7f00000001c0)="f14a18f6", 0x4)
sendfile(r6, r4, 0x0, 0x40001)
sendfile(r6, r5, 0x0, 0x7ffff000)
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r5, 0x84, 0x22, &(0x7f00000000c0)={0x1ff, 0x8005, 0x1, 0x80, <r7=>0x0}, &(0x7f0000000100)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r3, 0x84, 0x1f, &(0x7f0000000200)={r7, @in={{0x2, 0x4e21, @empty}}, 0x3, 0x8}, 0x90)
openat(0xffffffffffffff9c, 0x0, 0x40, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
truncate(&(0x7f0000000000)='./bus\x00', 0x6)
write$nci(0xffffffffffffffff, &(0x7f0000000140)=ANY=[@ANYRES32], 0x4)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
futex(0x0, 0x5, 0x2, &(0x7f0000fd7ff0)={0x0, 0x3938700}, 0x0, 0xfffffffd)

78.846523ms ago: executing program 1 (id=901):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x95, 0x3}, 0x100002, 0x0, 0xffffffff, 0x3, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x3f, 0x0, 0x0, 0x0, 0xb}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000002"], 0x0, 0x26}, 0x28)
sendmsg$TIPC_CMD_ENABLE_BEARER(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000d000000000001000000000000000141000000030017"], 0x38}}, 0x0)
sendmsg$TIPC_CMD_SHOW_STATS(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)={0x1c, 0x0, 0x4, 0x70bd27, 0x25dfdbfc, {}, [""]}, 0x1c}}, 0x2000)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x6, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000920000"], &(0x7f0000000240)='syzkaller\x00', 0xf, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, 0x25, r4, 0x8, 0x0, 0x0, 0x60, &(0x7f00000002c0), 0x10}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r6, 0x29, 0x1b, &(0x7f00000000c0)={@remote={0xfe, 0x80, '\x00', 0xffffffffffffffff}}, 0x20)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r7, 0xffffffffffffffff, 0x0)

78.274354ms ago: executing program 2 (id=902):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x11)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x700, 0x0, 0xfffffffffffffd25)

18.329939ms ago: executing program 1 (id=903):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
r3 = socket$inet6(0x10, 0x4, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000c80)={'batadv_slave_0\x00', <r5=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000d40)={&(0x7f0000000000)=@ipv4_newaddr={0x48, 0x14, 0x509, 0x70bd2c, 0x25dfdbfd, {0x2, 0x20, 0x0, 0xff, r5}, [@IFA_LOCAL={0x8, 0x2, @remote}, @IFA_LOCAL={0x8, 0x2, @local}, @IFA_TARGET_NETNSID={0x8, 0xa, 0x2}, @IFA_ADDRESS={0x8, 0x1, @private=0xa010101}, @IFA_ADDRESS={0x8, 0x1, @empty}, @IFA_RT_PRIORITY={0x8, 0x9, 0x103}]}, 0x48}}, 0x20000000)
r6 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000000c0)=@o_path={&(0x7f0000000080)='./file0\x00', 0x0, 0x4018}, 0x18)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'veth0_vlan\x00', <r8=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {0x0, 0xfff1}, {0x3, 0x6}, {0x0, 0x1}}}, 0x24}, 0x1, 0x0, 0x0, 0x48080}, 0x0)
r9 = syz_open_dev$vcsa(&(0x7f0000000400), 0x7fff, 0x80)
r10 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000680)={r10, r0, 0x0, r0}, 0x10)
r11 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)={0x1b, 0x0, 0x0, 0x7, 0x0, 0x1, 0xc9b, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x3}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x5, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0, 0x1c}, [@map_val={0x18, 0x2, 0x2, 0x0, r6, 0x0, 0x0, 0x0, 0x401}]}, &(0x7f0000000180)='syzkaller\x00', 0xffffffdc, 0x43, &(0x7f0000000300)=""/67, 0x41100, 0x28, '\x00', r8, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000380)={0x0, 0x2}, 0x8, 0x10, &(0x7f00000003c0)={0x3, 0x2, 0x200, 0x1000}, 0x10, 0x0, 0x0, 0x9, &(0x7f00000004c0)=[r9, 0x1, r11], &(0x7f0000000500)=[{0x3, 0x1, 0xe, 0x6}, {0x1, 0x5, 0x10, 0xa}, {0x4, 0x1, 0x3, 0x5}, {0x2, 0x1, 0x7, 0x2}, {0x5, 0x4, 0xd, 0x4}, {0x2, 0x1, 0x7, 0x2}, {0x5, 0x2, 0xb, 0x6}, {0x5, 0x5, 0xd, 0x8}, {0x3, 0x5, 0xb, 0x2}], 0x10, 0x4aa5}, 0x94)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'batadv_slave_0\x00', <r12=>0x0})
r13 = socket$packet(0x11, 0x3, 0x300)
r14 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r13, 0x8933, &(0x7f00000000c0)={'geneve0\x00', <r15=>0x0})
sendto$packet(r14, &(0x7f0000000180)="0b036800e0ff64000200475486dd", 0xe, 0x0, &(0x7f0000000140)={0x11, 0x0, r15}, 0x14)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'vxcan0\x00', <r16=>0x0})
getsockname$packet(0xffffffffffffffff, &(0x7f0000000140)={0x11, 0x0, <r17=>0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000200)=0x14)
sendmsg$ETHTOOL_MSG_WOL_GET(r1, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000240)={&(0x7f00000006c0)=ANY=[@ANYBLOB="c8000000", @ANYRES16=r2, @ANYBLOB="000127bd7000fedbdf25090000000c000180080028c5020000002000018014000200776c616e300000000000000000000000080003000000000048000180080001003d560eeb8effa721f5291c65073101f351c62e6a6f19307742af214aa9ff5d757448903b9b69972b0e3e5c07bceecc0fc9e7cd221406998216fc00485a6834b441b2d8fa425e299a01ec034a6aaa85708029c66711589edb7c177cca6eecbc31228cfd943f59c59f25051d81d5b68569ea7fa161e0b7415a9ca9f5e1637d0f5d4c19f9144bc791236456d5d76bc958c6a144e2d5ce8a59dba80cac50057b6517923b8615694b8b7841a4bccd651cd1", @ANYRES32=r5, @ANYBLOB="08000100", @ANYRES32=r8, @ANYBLOB="08000100", @ANYRES32=r12, @ANYBLOB="08000100", @ANYRES32=r15, @ANYBLOB="08000100", @ANYRES32=r16, @ANYBLOB="1400020076657468305f746f5f626f6e64000000080003000000000040000180080003000200000008000300000000001400020076657468315f6d61637674617000000008000100", @ANYRES32=r17, @ANYBLOB="08000300000000000800030000000000"], 0xc8}, 0x1, 0x0, 0x0, 0x40}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='kfree\x00', r0, 0x0, 0xffff7ffffffffffd}, 0x18)
keyctl$instantiate_iov(0x14, 0x0, &(0x7f0000003580)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0xffffffffffffffff}], 0x9, 0x0)

0s ago: executing program 2 (id=904):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000980)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095", @ANYRESOCT=r0, @ANYRES64], &(0x7f00000009c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, 0x2}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newqdisc={0x44, 0x24, 0x4, 0x70bd2c, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x0, 0xf}, {0xffff, 0xfff1}, {0x0, 0x8}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x14, 0x8002, [@TCA_FQ_PIE_MEMORY_LIMIT={0x8, 0x8, 0x4}, @TCA_FQ_PIE_BYTEMODE={0x8, 0xb, 0x1}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x1}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e00"], 0x50}}, 0x4008840)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="06000000000600000040000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x3, 0x200000d5, &(0x7f0000000800)=ANY=[@ANYRESDEC, @ANYRES32=r2, @ANYRESDEC=0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IP_VS_SO_SET_ADD(r3, 0x0, 0x482, &(0x7f0000000180)={0x84, @remote, 0x0, 0x0, 'lblc\x00'}, 0x2c)
setsockopt$IP_VS_SO_SET_DEL(r3, 0x0, 0x484, &(0x7f0000001280)={0x20000000000084, @remote, 0x0, 0x0, 'rr\x00'}, 0x2c)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='kfree\x00', r4}, 0x18)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f00000001c0)='cdg\x00', 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r5, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
connect$inet(r5, &(0x7f0000000280)={0x2, 0x10, @dev={0xac, 0x14, 0x14, 0x1}}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f0000000340)='dctcp\x00', 0x6)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000940)=ANY=[@ANYBLOB="200000001000010700000000000000000a0000000c0002006e6c3830323131", @ANYRES16=r2], 0x20}, 0x1, 0x0, 0x0, 0x20000000}, 0x40050)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x0, &(0x7f0000000040)})
getsockname$packet(0xffffffffffffffff, &(0x7f0000000140)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[@ANYBLOB="4c000000100039092abd70008700000000000000", @ANYRES32=r8, @ANYBLOB="01180200031100002c0012800e00010069703665727370616e0000001800028008001500a8bc0d00040012"], 0x4c}, 0x1, 0x0, 0x0, 0x800}, 0x20008400)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000680)=ANY=[@ANYBLOB="60000000100001040000000003000000000000007e50f61a54a3534e89f2afdd20d6ccd647e87e2cf7431cc63e0a50977dbd4a0e7b", @ANYRES32=r8, @ANYBLOB="000000000d1c0000400012800e00010069703665727370616e0000002c00028004001200060010004e2000000800150080ef070014000700ff020000000000000000000000000001"], 0x60}, 0x1, 0x0, 0x0, 0x10}, 0x12)
setsockopt$inet6_IPV6_PKTINFO(0xffffffffffffffff, 0x29, 0x32, &(0x7f00000003c0)={@mcast1, r8}, 0x14)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x10000, &(0x7f00000012c0), 0xfe, 0x246, &(0x7f0000000ac0)="$eJzs3T9o9GQcB/Bvcne+9n0PedVFEP+AiGihvG6CS10UClKKiKBCRcRFaYXa4tY6uTjorNLJpYib1VG6FBdFcKraoS6CFgeLgw4nd2mltqdVr15ems8HQpJLnvyecPk+uSWXAI11Ncl0klaSySSdJMXxHe6upquHq+sT2/NJr/fET8Vgv2q9ctTuSpK1JA8l2SqLvNROVjaf2ftl57H73lzu3Pv+5tMTYz3JQ/t7u48fvDf7xkczD6588dUPs0Wm0/3TeZ2/Yshn7SK55f8odp0o2nX3gH9i7rUPv+7n/tYk9wzy30mZ6st7a+mGrU4eePev2r7945e3j7OvwPnr9Tr9e+BaD2icMkk3RTmVpFouy6mp6jf8N63L5cuLS69Ovri4vPBC3SMVcF66ye6jn1z6+MqJ/H/fqvIPXFz9/D85t/Ftf/mgVXdvgLG4o5r18z/53Or9kX9omhsj/9BY7v/QXPIPzSX/0FzyD80l/3CBdf5+s/xDc8k/NJf8Q3Mdzz8A0Cy9S3U/gQzUpe7xBwAAAAAAAAAAAAAAAAAAOG19Ynv+aBpXzc/eSfYfSdIeVr81eB9x9aqy5PLPRX+3PxRVs5E8e9eIBxjRBzU/fX3Td/XW//zOeuuvLiRrrye51m6fvv6Kw+vvv7v5jO2d50cs8C8VJ9Yffmq89U/6baPe+jM7yaf98efasPGnzG2D+fDxp3v2Xyyf6ZVfRzwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAY/N7AAAA//95+21I")

kernel console output (not intermixed with test programs):

fe336d7f0a0 RDI: 0000000000000004
[   55.952052][ T4644] RBP: 00007fe336d7f090 R08: 0000000000000000 R09: 0000000000000000
[   55.952064][ T4644] R10: 0000000000000067 R11: 0000000000000246 R12: 0000000000000002
[   55.952081][ T4644] R13: 00007fe338546038 R14: 00007fe338545fa0 R15: 00007fff6e92d038
[   55.952174][ T4644]  </TASK>
[   56.297357][ T4661] loop4: detected capacity change from 0 to 512
[   56.307176][ T4661] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   56.336156][ T4661] EXT4-fs error (device loop4): ext4_iget_extra_inode:5104: inode #15: comm syz.4.375: corrupted in-inode xattr: overlapping e_value 
[   56.362345][ T4661] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.375: couldn't read orphan inode 15 (err -117)
[   56.466517][ T4678] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   56.474244][ T4678] IPv6: NLM_F_CREATE should be set when creating new route
[   56.481459][ T4678] IPv6: NLM_F_CREATE should be set when creating new route
[   56.488700][ T4678] IPv6: NLM_F_CREATE should be set when creating new route
[   56.615797][ T4682] netlink: 36 bytes leftover after parsing attributes in process `syz.4.381'.
[   56.753238][ T4703] loop0: detected capacity change from 0 to 512
[   56.765532][ T4705] loop4: detected capacity change from 0 to 512
[   56.782623][ T4703] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF
[   56.791267][ T4703] FAT-fs (loop0): Filesystem has been set read-only
[   56.799354][ T4705] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   56.820722][ T4705] EXT4-fs error (device loop4): ext4_iget_extra_inode:5104: inode #15: comm syz.4.391: corrupted in-inode xattr: overlapping e_value 
[   56.836638][ T4712] FAULT_INJECTION: forcing a failure.
[   56.836638][ T4712] name failslab, interval 1, probability 0, space 0, times 0
[   56.849950][ T4712] CPU: 1 UID: 0 PID: 4712 Comm: syz.3.394 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   56.849976][ T4712] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   56.849989][ T4712] Call Trace:
[   56.849997][ T4712]  <TASK>
[   56.850004][ T4712]  __dump_stack+0x1d/0x30
[   56.850024][ T4712]  dump_stack_lvl+0xe8/0x140
[   56.850041][ T4712]  dump_stack+0x15/0x1b
[   56.850056][ T4712]  should_fail_ex+0x265/0x280
[   56.850075][ T4712]  should_failslab+0x8c/0xb0
[   56.850115][ T4712]  __kmalloc_noprof+0xa5/0x3e0
[   56.850141][ T4712]  ? process_preds+0x30a/0x2bb0
[   56.850159][ T4712]  process_preds+0x30a/0x2bb0
[   56.850172][ T4712]  ? terminate_walk+0x27f/0x2a0
[   56.850276][ T4712]  ? path_openat+0x1bf8/0x2170
[   56.850294][ T4712]  ? avc_has_perm_noaudit+0x1b1/0x200
[   56.850314][ T4712]  ? should_fail_ex+0xdb/0x280
[   56.850384][ T4712]  ? ftrace_profile_set_filter+0xc2/0x1b0
[   56.850437][ T4712]  ? should_failslab+0x8c/0xb0
[   56.850460][ T4712]  ? __kmalloc_cache_noprof+0x189/0x320
[   56.850553][ T4712]  ftrace_profile_set_filter+0xff/0x1b0
[   56.850585][ T4712]  perf_ioctl+0x7b3/0x12e0
[   56.850748][ T4712]  ? ioctl_has_perm+0x289/0x2a0
[   56.850769][ T4712]  ? do_vfs_ioctl+0x866/0xe10
[   56.850783][ T4712]  ? selinux_file_ioctl+0x308/0x3a0
[   56.850801][ T4712]  ? __fget_files+0x184/0x1c0
[   56.850827][ T4712]  ? __pfx_perf_ioctl+0x10/0x10
[   56.850870][ T4712]  __se_sys_ioctl+0xce/0x140
[   56.850885][ T4712]  __x64_sys_ioctl+0x43/0x50
[   56.850983][ T4712]  x64_sys_call+0x1816/0x2ff0
[   56.851004][ T4712]  do_syscall_64+0xd2/0x200
[   56.851026][ T4712]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   56.851150][ T4712]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   56.851173][ T4712]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   56.851191][ T4712] RIP: 0033:0x7f10ac42ebe9
[   56.851205][ T4712] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   56.851290][ T4712] RSP: 002b:00007f10aae97038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   56.851311][ T4712] RAX: ffffffffffffffda RBX: 00007f10ac655fa0 RCX: 00007f10ac42ebe9
[   56.851323][ T4712] RDX: 0000200000000080 RSI: 0000000040082406 RDI: 0000000000000003
[   56.851335][ T4712] RBP: 00007f10aae97090 R08: 0000000000000000 R09: 0000000000000000
[   56.851346][ T4712] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   56.851356][ T4712] R13: 00007f10ac656038 R14: 00007f10ac655fa0 R15: 00007ffde355d518
[   56.851371][ T4712]  </TASK>
[   57.103801][ T4705] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.391: couldn't read orphan inode 15 (err -117)
[   57.237685][ T4731] netlink: 3 bytes leftover after parsing attributes in process `syz.2.402'.
[   57.294033][ T4731] 0ªX¹¦À: renamed from caif0
[   57.303020][ T4731] 0ªX¹¦À: entered allmulticast mode
[   57.308513][ T4731] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[   57.330935][ T4738] loop4: detected capacity change from 0 to 512
[   57.356455][ T4744] netlink: 196 bytes leftover after parsing attributes in process `syz.1.407'.
[   57.420148][ T4755] loop1: detected capacity change from 0 to 512
[   57.429348][ T4755] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   57.452607][ T4755] EXT4-fs error (device loop1): ext4_iget_extra_inode:5104: inode #15: comm syz.1.410: corrupted in-inode xattr: overlapping e_value 
[   57.469030][ T4760] loop2: detected capacity change from 0 to 512
[   57.480562][ T4755] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.410: couldn't read orphan inode 15 (err -117)
[   57.501782][ T4760] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF
[   57.510690][ T4760] FAT-fs (loop2): Filesystem has been set read-only
[   58.012574][ T4787] loop2: detected capacity change from 0 to 512
[   58.020878][ T4787] EXT4-fs: quotafile must be on filesystem root
[   58.088108][ T4793] netlink: 60 bytes leftover after parsing attributes in process `syz.2.421'.
[   58.217926][ T4800] FAULT_INJECTION: forcing a failure.
[   58.217926][ T4800] name failslab, interval 1, probability 0, space 0, times 0
[   58.230686][ T4800] CPU: 0 UID: 0 PID: 4800 Comm: syz.4.425 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   58.230786][ T4800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   58.230872][ T4800] Call Trace:
[   58.230878][ T4800]  <TASK>
[   58.230887][ T4800]  __dump_stack+0x1d/0x30
[   58.230910][ T4800]  dump_stack_lvl+0xe8/0x140
[   58.230929][ T4800]  dump_stack+0x15/0x1b
[   58.230946][ T4800]  should_fail_ex+0x265/0x280
[   58.230973][ T4800]  should_failslab+0x8c/0xb0
[   58.230994][ T4800]  __kmalloc_noprof+0xa5/0x3e0
[   58.231016][ T4800]  ? tls_get_rec+0x75/0x410
[   58.231039][ T4800]  tls_get_rec+0x75/0x410
[   58.231079][ T4800]  tls_sw_sendmsg+0x321/0x14b0
[   58.231095][ T4800]  ? avc_has_perm_noaudit+0x1b1/0x200
[   58.231121][ T4800]  ? selinux_socket_sendmsg+0x175/0x1b0
[   58.231146][ T4800]  ? __pfx_tls_sw_sendmsg+0x10/0x10
[   58.231214][ T4800]  inet6_sendmsg+0xc2/0xd0
[   58.231241][ T4800]  __sock_sendmsg+0x8b/0x180
[   58.231269][ T4800]  sock_write_iter+0x165/0x1b0
[   58.231295][ T4800]  ? __pfx_sock_write_iter+0x10/0x10
[   58.231335][ T4800]  vfs_write+0x52a/0x960
[   58.231425][ T4800]  ksys_write+0xda/0x1a0
[   58.231445][ T4800]  __x64_sys_write+0x40/0x50
[   58.231467][ T4800]  x64_sys_call+0x27fe/0x2ff0
[   58.231486][ T4800]  do_syscall_64+0xd2/0x200
[   58.231559][ T4800]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   58.231583][ T4800]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   58.231664][ T4800]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   58.231696][ T4800] RIP: 0033:0x7f5624d5ebe9
[   58.231710][ T4800] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   58.231781][ T4800] RSP: 002b:00007f56237bf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   58.231798][ T4800] RAX: ffffffffffffffda RBX: 00007f5624f85fa0 RCX: 00007f5624d5ebe9
[   58.231808][ T4800] RDX: 000000000000000b RSI: 0000200000000500 RDI: 0000000000000003
[   58.231818][ T4800] RBP: 00007f56237bf090 R08: 0000000000000000 R09: 0000000000000000
[   58.231828][ T4800] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   58.231844][ T4800] R13: 00007f5624f86038 R14: 00007f5624f85fa0 R15: 00007ffcbcd64218
[   58.231903][ T4800]  </TASK>
[   58.467891][ T4802] loop4: detected capacity change from 0 to 512
[   58.555251][ T4824] netlink: 4 bytes leftover after parsing attributes in process `syz.1.433'.
[   58.564824][ T4824] netlink: 4 bytes leftover after parsing attributes in process `syz.1.433'.
[   58.628329][ T4824] capability: warning: `syz.1.433' uses 32-bit capabilities (legacy support in use)
[   58.783753][ T4853] loop0: detected capacity change from 0 to 512
[   58.893893][ T4860] netlink: 12 bytes leftover after parsing attributes in process `syz.0.445'.
[   58.902956][ T4860] netlink: 12 bytes leftover after parsing attributes in process `syz.0.445'.
[   59.404924][ T4872] loop4: detected capacity change from 0 to 512
[   59.413906][ T4872] EXT4-fs error (device loop4): ext4_xattr_inode_iget:437: inode #11: comm syz.4.449: missing EA_INODE flag
[   59.426076][ T4872] EXT4-fs error (device loop4): ext4_xattr_inode_iget:442: comm syz.4.449: error while reading EA inode 11 err=-117
[   59.440424][ T4872] EXT4-fs (loop4): 1 orphan inode deleted
[   59.585590][ T4888] loop1: detected capacity change from 0 to 512
[   59.643764][ T4895] loop1: detected capacity change from 0 to 512
[   59.650947][ T4895] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   59.661827][ T4895] EXT4-fs error (device loop1): ext4_iget_extra_inode:5104: inode #15: comm syz.1.456: corrupted in-inode xattr: overlapping e_value 
[   59.676896][ T4895] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.456: couldn't read orphan inode 15 (err -117)
[   59.737528][ T4902] loop1: detected capacity change from 0 to 1024
[   59.752587][   T29] kauditd_printk_skb: 902 callbacks suppressed
[   59.752604][   T29] audit: type=1400 audit(1756449934.887:4126): avc:  denied  { ioctl } for  pid=4903 comm="syz.0.459" path="socket:[8022]" dev="sockfs" ino=8022 ioctlcmd=0x943f scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   59.797510][   T29] audit: type=1326 audit(1756449934.927:4127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4903 comm="syz.0.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ea70febe9 code=0x7ffc0000
[   59.821183][   T29] audit: type=1326 audit(1756449934.927:4128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4903 comm="syz.0.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1ea70febe9 code=0x7ffc0000
[   59.844431][   T29] audit: type=1326 audit(1756449934.927:4129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4903 comm="syz.0.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ea70febe9 code=0x7ffc0000
[   59.867956][   T29] audit: type=1326 audit(1756449934.927:4130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4903 comm="syz.0.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f1ea70febe9 code=0x7ffc0000
[   59.891314][   T29] audit: type=1326 audit(1756449934.927:4131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4903 comm="syz.0.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ea70febe9 code=0x7ffc0000
[   59.915064][   T29] audit: type=1326 audit(1756449934.927:4132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4903 comm="syz.0.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1ea70febe9 code=0x7ffc0000
[   59.938628][   T29] audit: type=1326 audit(1756449934.927:4133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4903 comm="syz.0.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ea70febe9 code=0x7ffc0000
[   59.957024][ T4912] loop0: detected capacity change from 0 to 512
[   59.962174][   T29] audit: type=1326 audit(1756449934.937:4134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4903 comm="syz.0.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f1ea70febe9 code=0x7ffc0000
[   59.991862][   T29] audit: type=1326 audit(1756449934.937:4135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4903 comm="syz.0.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ea70febe9 code=0x7ffc0000
[   59.993319][ T4912] EXT4-fs: Ignoring removed mblk_io_submit option
[   60.024367][ T4912] ext2: Unknown parameter 'obj_type'
[   60.171002][ T4921] loop0: detected capacity change from 0 to 512
[   60.185226][ T4921] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF
[   60.193901][ T4921] FAT-fs (loop0): Filesystem has been set read-only
[   60.224817][ T4923] loop0: detected capacity change from 0 to 1024
[   60.231825][ T4923] EXT4-fs: Ignoring removed bh option
[   60.239995][ T4923] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   60.259456][ T4925] loop1: detected capacity change from 0 to 512
[   60.267315][ T4925] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   60.282996][ T4925] EXT4-fs error (device loop1): ext4_iget_extra_inode:5104: inode #15: comm syz.1.467: corrupted in-inode xattr: overlapping e_value 
[   60.298194][ T4925] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.467: couldn't read orphan inode 15 (err -117)
[   60.343178][ T4932] -1: renamed from syzkaller0
[   60.352903][ T4934] FAULT_INJECTION: forcing a failure.
[   60.352903][ T4934] name failslab, interval 1, probability 0, space 0, times 0
[   60.365943][ T4934] CPU: 0 UID: 0 PID: 4934 Comm: syz.4.470 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   60.366036][ T4934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   60.366047][ T4934] Call Trace:
[   60.366053][ T4934]  <TASK>
[   60.366060][ T4934]  __dump_stack+0x1d/0x30
[   60.366085][ T4934]  dump_stack_lvl+0xe8/0x140
[   60.366103][ T4934]  dump_stack+0x15/0x1b
[   60.366118][ T4934]  should_fail_ex+0x265/0x280
[   60.366175][ T4934]  should_failslab+0x8c/0xb0
[   60.366200][ T4934]  kmem_cache_alloc_noprof+0x50/0x310
[   60.366236][ T4934]  ? alloc_vfsmnt+0x2d/0x300
[   60.366280][ T4934]  alloc_vfsmnt+0x2d/0x300
[   60.366333][ T4934]  vfs_create_mount+0x3b/0x240
[   60.366369][ T4934]  __se_sys_fsmount+0x2d9/0x580
[   60.366390][ T4934]  __x64_sys_fsmount+0x43/0x50
[   60.366408][ T4934]  x64_sys_call+0x2ab3/0x2ff0
[   60.366438][ T4934]  do_syscall_64+0xd2/0x200
[   60.366614][ T4934]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   60.366637][ T4934]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   60.366657][ T4934]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   60.366674][ T4934] RIP: 0033:0x7f5624d5ebe9
[   60.366689][ T4934] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   60.366759][ T4934] RSP: 002b:00007f56237bf038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b0
[   60.366779][ T4934] RAX: ffffffffffffffda RBX: 00007f5624f85fa0 RCX: 00007f5624d5ebe9
[   60.366792][ T4934] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[   60.366803][ T4934] RBP: 00007f56237bf090 R08: 0000000000000000 R09: 0000000000000000
[   60.366814][ T4934] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   60.366824][ T4934] R13: 00007f5624f86038 R14: 00007f5624f85fa0 R15: 00007ffcbcd64218
[   60.366840][ T4934]  </TASK>
[   60.578105][ T4938] FAULT_INJECTION: forcing a failure.
[   60.578105][ T4938] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   60.591577][ T4938] CPU: 1 UID: 0 PID: 4938 Comm: syz.1.472 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   60.591603][ T4938] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   60.591614][ T4938] Call Trace:
[   60.591619][ T4938]  <TASK>
[   60.591626][ T4938]  __dump_stack+0x1d/0x30
[   60.591656][ T4938]  dump_stack_lvl+0xe8/0x140
[   60.591671][ T4938]  dump_stack+0x15/0x1b
[   60.591684][ T4938]  should_fail_ex+0x265/0x280
[   60.591702][ T4938]  should_fail_alloc_page+0xf2/0x100
[   60.591775][ T4938]  __alloc_frozen_pages_noprof+0xff/0x360
[   60.591865][ T4938]  alloc_pages_mpol+0xb3/0x250
[   60.591978][ T4938]  vma_alloc_folio_noprof+0x1aa/0x300
[   60.592009][ T4938]  do_wp_page+0x5db/0x24e0
[   60.592032][ T4938]  ? css_rstat_updated+0xb7/0x240
[   60.592100][ T4938]  ? __rcu_read_lock+0x37/0x50
[   60.592121][ T4938]  handle_mm_fault+0x77d/0x2c20
[   60.592230][ T4938]  do_user_addr_fault+0x636/0x1090
[   60.592258][ T4938]  ? fpregs_assert_state_consistent+0xb4/0xe0
[   60.592355][ T4938]  exc_page_fault+0x62/0xa0
[   60.592376][ T4938]  asm_exc_page_fault+0x26/0x30
[   60.592437][ T4938] RIP: 0033:0x7fe3381e0c50
[   60.592452][ T4938] Code: 39 4f 08 72 4c 8d 4d ff 85 ed 74 33 66 0f 1f 44 00 00 48 39 f0 72 1b 4d 8b 07 49 89 c1 49 29 f1 47 0f b6 0c 08 45 84 c9 74 08 <45> 88 0c 00 49 8b 47 10 48 83 c0 01 49 89 47 10 83 e9 01 73 d3 41
[   60.592467][ T4938] RSP: 002b:00007fe336d7e4a0 EFLAGS: 00010202
[   60.592492][ T4938] RAX: 0000000000005005 RBX: 00007fe336d7e540 RCX: 0000000000000013
[   60.592504][ T4938] RDX: 00000000000003ff RSI: 0000000000000400 RDI: 00007fe336d7e5e0
[   60.592556][ T4938] RBP: 0000000000000014 R08: 00007fe32e95f000 R09: 0000000000000004
[   60.592568][ T4938] R10: 0000200000000542 R11: 0000000000000474 R12: 0000000000000301
[   60.592579][ T4938] R13: 00007fe3383bda20 R14: 0000000000000013 R15: 00007fe336d7e5e0
[   60.592594][ T4938]  </TASK>
[   60.592649][ T4938] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[   60.783564][ T4938] loop1: detected capacity change from 0 to 512
[   60.790803][ T4942] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   60.803497][ T4938] EXT4-fs error (device loop1): ext4_xattr_inode_iget:442: comm syz.1.472: error while reading EA inode 32 err=-116
[   60.817254][ T4938] EXT4-fs (loop1): Remounting filesystem read-only
[   60.823941][ T4938] EXT4-fs warning (device loop1): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[   60.834197][ T4938] EXT4-fs (loop1): 1 orphan inode deleted
[   60.867727][ T4942] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   60.880074][ T4950] loop1: detected capacity change from 0 to 512
[   60.911039][ T4950] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF
[   60.919689][ T4950] FAT-fs (loop1): Filesystem has been set read-only
[   60.934463][ T4953] loop0: detected capacity change from 0 to 512
[   60.941619][ T4953] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   60.958641][ T4942] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   60.969160][ T4953] EXT4-fs error (device loop0): ext4_iget_extra_inode:5104: inode #15: comm syz.0.479: corrupted in-inode xattr: overlapping e_value 
[   60.983366][ T4953] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.479: couldn't read orphan inode 15 (err -117)
[   61.012393][ T4963] bridge: RTM_NEWNEIGH with invalid ether address
[   61.027814][ T4942] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   61.115483][   T12] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   61.127571][   T12] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   61.150790][   T12] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   61.164823][   T12] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   61.198427][ T4977] syzkaller1: entered promiscuous mode
[   61.204153][ T4977] syzkaller1: entered allmulticast mode
[   61.878458][ T4989] loop0: detected capacity change from 0 to 512
[   61.889669][ T4989] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF
[   61.898618][ T4989] FAT-fs (loop0): Filesystem has been set read-only
[   61.932804][ T4993] loop0: detected capacity change from 0 to 512
[   61.940765][ T4993] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[   61.961943][ T4993] EXT4-fs (loop0): failed to open journal device unknown-block(0,0) -6
[   62.018267][ T4998] loop0: detected capacity change from 0 to 8192
[   62.021836][ T5000] loop1: detected capacity change from 0 to 512
[   62.031892][ T5000] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   62.046487][ T5000] ext4 filesystem being mounted at /101/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   62.065096][ T4998]  loop0: p1 p2 p3 p4
[   62.069492][ T4998] loop0: p1 start 4294508288 is beyond EOD, truncated
[   62.076480][ T4998] loop0: p2 start 2936012800 is beyond EOD, truncated
[   62.083403][ T4998] loop0: p3 start 1912602624 is beyond EOD, truncated
[   62.090293][ T4998] loop0: p4 size 656640 extends beyond EOD, truncated
[   62.172978][ T5000] FAULT_INJECTION: forcing a failure.
[   62.172978][ T5000] name failslab, interval 1, probability 0, space 0, times 0
[   62.185961][ T5000] CPU: 0 UID: 0 PID: 5000 Comm: syz.1.497 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   62.185988][ T5000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   62.185998][ T5000] Call Trace:
[   62.186005][ T5000]  <TASK>
[   62.186012][ T5000]  __dump_stack+0x1d/0x30
[   62.186033][ T5000]  dump_stack_lvl+0xe8/0x140
[   62.186048][ T5000]  dump_stack+0x15/0x1b
[   62.186060][ T5000]  should_fail_ex+0x265/0x280
[   62.186078][ T5000]  should_failslab+0x8c/0xb0
[   62.186101][ T5000]  kmem_cache_alloc_noprof+0x50/0x310
[   62.186126][ T5000]  ? vm_area_alloc+0x2c/0xb0
[   62.186151][ T5000]  vm_area_alloc+0x2c/0xb0
[   62.186172][ T5000]  mmap_region+0xaa2/0x1630
[   62.186206][ T5000]  do_mmap+0x9b3/0xbe0
[   62.186236][ T5000]  vm_mmap_pgoff+0x17a/0x2e0
[   62.186264][ T5000]  ksys_mmap_pgoff+0xc2/0x310
[   62.186287][ T5000]  ? __x64_sys_mmap+0x49/0x70
[   62.186310][ T5000]  x64_sys_call+0x14a3/0x2ff0
[   62.186330][ T5000]  do_syscall_64+0xd2/0x200
[   62.186371][ T5000]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   62.186392][ T5000]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   62.186411][ T5000]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   62.186427][ T5000] RIP: 0033:0x7fe33831ec23
[   62.186444][ T5000] Code: f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 41 89 ca 41 f7 c1 ff 0f 00 00 75 14 b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 25 c3 0f 1f 40 00 48 c7 c0 a8 ff ff ff 64 c7
[   62.186458][ T5000] RSP: 002b:00007fe336d7ee18 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[   62.186478][ T5000] RAX: ffffffffffffffda RBX: 0000000000000459 RCX: 00007fe33831ec23
[   62.186489][ T5000] RDX: 0000000000000003 RSI: 0000000008400000 RDI: 0000000000000000
[   62.186501][ T5000] RBP: 00002000000010c2 R08: 00000000ffffffff R09: 0000000000000000
[   62.186511][ T5000] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000000005
[   62.186520][ T5000] R13: 00007fe336d7eef0 R14: 00007fe336d7eeb0 R15: 0000200000000240
[   62.186535][ T5000]  </TASK>
[   62.394150][ T5012] FAULT_INJECTION: forcing a failure.
[   62.394150][ T5012] name failslab, interval 1, probability 0, space 0, times 0
[   62.407010][ T5012] CPU: 1 UID: 0 PID: 5012 Comm: syz.1.500 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   62.407037][ T5012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   62.407048][ T5012] Call Trace:
[   62.407055][ T5012]  <TASK>
[   62.407063][ T5012]  __dump_stack+0x1d/0x30
[   62.407086][ T5012]  dump_stack_lvl+0xe8/0x140
[   62.407106][ T5012]  dump_stack+0x15/0x1b
[   62.407120][ T5012]  should_fail_ex+0x265/0x280
[   62.407142][ T5012]  should_failslab+0x8c/0xb0
[   62.407166][ T5012]  kmem_cache_alloc_node_noprof+0x57/0x320
[   62.407191][ T5012]  ? __alloc_skb+0x101/0x320
[   62.407291][ T5012]  __alloc_skb+0x101/0x320
[   62.407307][ T5012]  rtmsg_ifinfo_build_skb+0x5f/0x1b0
[   62.407356][ T5012]  ? __rcu_read_unlock+0x4f/0x70
[   62.407375][ T5012]  ? __pfx_rtnetlink_event+0x10/0x10
[   62.407398][ T5012]  rtnetlink_event+0x18c/0x200
[   62.407427][ T5012]  raw_notifier_call_chain+0x6c/0x1b0
[   62.407456][ T5012]  ? call_netdevice_notifiers_info+0x9c/0x100
[   62.407541][ T5012]  call_netdevice_notifiers_info+0xae/0x100
[   62.407564][ T5012]  netif_set_mtu_ext+0x356/0x470
[   62.407633][ T5012]  netif_set_mtu+0x4a/0xf0
[   62.407660][ T5012]  dev_set_mtu+0xc1/0x170
[   62.407685][ T5012]  dev_ifsioc+0x474/0xaa0
[   62.407705][ T5012]  ? __rcu_read_unlock+0x4f/0x70
[   62.407795][ T5012]  dev_ioctl+0x70a/0x960
[   62.407837][ T5012]  sock_do_ioctl+0x197/0x220
[   62.407866][ T5012]  sock_ioctl+0x41b/0x610
[   62.407887][ T5012]  ? __pfx_sock_ioctl+0x10/0x10
[   62.407908][ T5012]  __se_sys_ioctl+0xce/0x140
[   62.407923][ T5012]  __x64_sys_ioctl+0x43/0x50
[   62.407947][ T5012]  x64_sys_call+0x1816/0x2ff0
[   62.407968][ T5012]  do_syscall_64+0xd2/0x200
[   62.408043][ T5012]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   62.408062][ T5012]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   62.408161][ T5012]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   62.408178][ T5012] RIP: 0033:0x7fe33831ebe9
[   62.408194][ T5012] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   62.408211][ T5012] RSP: 002b:00007fe336d7f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   62.408311][ T5012] RAX: ffffffffffffffda RBX: 00007fe338545fa0 RCX: 00007fe33831ebe9
[   62.408318][ T5012] RDX: 0000200000003c80 RSI: 0000000000008922 RDI: 0000000000000003
[   62.408324][ T5012] RBP: 00007fe336d7f090 R08: 0000000000000000 R09: 0000000000000000
[   62.408331][ T5012] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   62.408338][ T5012] R13: 00007fe338546038 R14: 00007fe338545fa0 R15: 00007fff6e92d038
[   62.408348][ T5012]  </TASK>
[   62.738023][ T5024] loop1: detected capacity change from 0 to 512
[   62.745302][ T5024] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[   62.773445][ T5024] EXT4-fs (loop1): failed to open journal device unknown-block(0,0) -6
[   62.859948][ T3391] hid-generic 0000:0004:0000.0001: unknown main item tag 0x0
[   62.867484][ T3391] hid-generic 0000:0004:0000.0001: unknown main item tag 0x0
[   62.875082][ T3391] hid-generic 0000:0004:0000.0001: unknown main item tag 0x0
[   62.892947][ T3391] hid-generic 0000:0004:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[   63.061529][ T5040] SELinux: failed to load policy
[   63.122078][ T5046] loop0: detected capacity change from 0 to 512
[   63.129285][ T5046] EXT4-fs: Ignoring removed i_version option
[   63.135712][ T5046] EXT4-fs: Ignoring removed nobh option
[   63.141663][ T5046] EXT4-fs: inline encryption not supported
[   63.147979][ T5046] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   63.159575][ T5046] EXT4-fs (loop0): 1 truncate cleaned up
[   63.280150][ T5052] FAULT_INJECTION: forcing a failure.
[   63.280150][ T5052] name failslab, interval 1, probability 0, space 0, times 0
[   63.292981][ T5052] CPU: 0 UID: 0 PID: 5052 Comm: syz.0.517 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   63.293000][ T5052] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   63.293007][ T5052] Call Trace:
[   63.293013][ T5052]  <TASK>
[   63.293020][ T5052]  __dump_stack+0x1d/0x30
[   63.293035][ T5052]  dump_stack_lvl+0xe8/0x140
[   63.293046][ T5052]  dump_stack+0x15/0x1b
[   63.293088][ T5052]  should_fail_ex+0x265/0x280
[   63.293140][ T5052]  should_failslab+0x8c/0xb0
[   63.293155][ T5052]  kmem_cache_alloc_node_noprof+0x57/0x320
[   63.293171][ T5052]  ? alloc_vmap_area+0x231/0xe50
[   63.293233][ T5052]  alloc_vmap_area+0x231/0xe50
[   63.293249][ T5052]  ? should_failslab+0x8c/0xb0
[   63.293261][ T5052]  ? __kmalloc_cache_node_noprof+0x18a/0x320
[   63.293280][ T5052]  __get_vm_area_node+0x173/0x1d0
[   63.293296][ T5052]  __vmalloc_node_range_noprof+0x273/0xe00
[   63.293378][ T5052]  ? bpf_prog_alloc_no_stats+0x47/0x3a0
[   63.293405][ T5052]  ? avc_has_perm_noaudit+0x1b1/0x200
[   63.293470][ T5052]  ? cred_has_capability+0x210/0x280
[   63.293484][ T5052]  ? bpf_prog_alloc_no_stats+0x47/0x3a0
[   63.293547][ T5052]  __vmalloc_noprof+0x83/0xc0
[   63.293562][ T5052]  ? bpf_prog_alloc_no_stats+0x47/0x3a0
[   63.293632][ T5052]  bpf_prog_alloc_no_stats+0x47/0x3a0
[   63.293645][ T5052]  ? bpf_prog_alloc+0x2a/0x150
[   63.293658][ T5052]  bpf_prog_alloc+0x3c/0x150
[   63.293720][ T5052]  bpf_prog_load+0x514/0x1070
[   63.293740][ T5052]  ? security_bpf+0x2b/0x90
[   63.293758][ T5052]  __sys_bpf+0x462/0x7b0
[   63.293775][ T5052]  __x64_sys_bpf+0x41/0x50
[   63.293861][ T5052]  x64_sys_call+0x2aea/0x2ff0
[   63.293874][ T5052]  do_syscall_64+0xd2/0x200
[   63.293890][ T5052]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   63.293903][ T5052]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   63.293965][ T5052]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   63.293977][ T5052] RIP: 0033:0x7f1ea70febe9
[   63.293987][ T5052] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   63.294034][ T5052] RSP: 002b:00007f1ea5b5f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   63.294047][ T5052] RAX: ffffffffffffffda RBX: 00007f1ea7325fa0 RCX: 00007f1ea70febe9
[   63.294054][ T5052] RDX: 0000000000000078 RSI: 0000200000000440 RDI: 0000000000000005
[   63.294061][ T5052] RBP: 00007f1ea5b5f090 R08: 0000000000000000 R09: 0000000000000000
[   63.294067][ T5052] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   63.294074][ T5052] R13: 00007f1ea7326038 R14: 00007f1ea7325fa0 R15: 00007ffd815aa8d8
[   63.294084][ T5052]  </TASK>
[   63.294162][ T5052] syz.0.517: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0
[   63.565798][ T5052] CPU: 0 UID: 0 PID: 5052 Comm: syz.0.517 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   63.565859][ T5052] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   63.565869][ T5052] Call Trace:
[   63.565875][ T5052]  <TASK>
[   63.565884][ T5052]  __dump_stack+0x1d/0x30
[   63.565906][ T5052]  dump_stack_lvl+0xe8/0x140
[   63.565922][ T5052]  dump_stack+0x15/0x1b
[   63.565935][ T5052]  warn_alloc+0x12b/0x1a0
[   63.565982][ T5052]  __vmalloc_node_range_noprof+0x297/0xe00
[   63.566048][ T5052]  ? avc_has_perm_noaudit+0x1b1/0x200
[   63.566132][ T5052]  ? cred_has_capability+0x210/0x280
[   63.566145][ T5052]  ? bpf_prog_alloc_no_stats+0x47/0x3a0
[   63.566161][ T5052]  __vmalloc_noprof+0x83/0xc0
[   63.566202][ T5052]  ? bpf_prog_alloc_no_stats+0x47/0x3a0
[   63.566216][ T5052]  bpf_prog_alloc_no_stats+0x47/0x3a0
[   63.566287][ T5052]  ? bpf_prog_alloc+0x2a/0x150
[   63.566302][ T5052]  bpf_prog_alloc+0x3c/0x150
[   63.566315][ T5052]  bpf_prog_load+0x514/0x1070
[   63.566368][ T5052]  ? security_bpf+0x2b/0x90
[   63.566386][ T5052]  __sys_bpf+0x462/0x7b0
[   63.566403][ T5052]  __x64_sys_bpf+0x41/0x50
[   63.566521][ T5052]  x64_sys_call+0x2aea/0x2ff0
[   63.566539][ T5052]  do_syscall_64+0xd2/0x200
[   63.566564][ T5052]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   63.566587][ T5052]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   63.566685][ T5052]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   63.566697][ T5052] RIP: 0033:0x7f1ea70febe9
[   63.566708][ T5052] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   63.566717][ T5052] RSP: 002b:00007f1ea5b5f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   63.566729][ T5052] RAX: ffffffffffffffda RBX: 00007f1ea7325fa0 RCX: 00007f1ea70febe9
[   63.566736][ T5052] RDX: 0000000000000078 RSI: 0000200000000440 RDI: 0000000000000005
[   63.566743][ T5052] RBP: 00007f1ea5b5f090 R08: 0000000000000000 R09: 0000000000000000
[   63.566807][ T5052] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   63.566814][ T5052] R13: 00007f1ea7326038 R14: 00007f1ea7325fa0 R15: 00007ffd815aa8d8
[   63.566824][ T5052]  </TASK>
[   63.566845][ T5052] Mem-Info:
[   63.785524][ T5052] active_anon:3870 inactive_anon:6 isolated_anon:0
[   63.785524][ T5052]  active_file:18462 inactive_file:2461 isolated_file:0
[   63.785524][ T5052]  unevictable:0 dirty:219 writeback:0
[   63.785524][ T5052]  slab_reclaimable:3185 slab_unreclaimable:14631
[   63.785524][ T5052]  mapped:29342 shmem:183 pagetables:1305
[   63.785524][ T5052]  sec_pagetables:0 bounce:0
[   63.785524][ T5052]  kernel_misc_reclaimable:0
[   63.785524][ T5052]  free:1884539 free_pcp:17441 free_cma:0
[   63.830851][ T5052] Node 0 active_anon:15480kB inactive_anon:24kB active_file:73848kB inactive_file:9844kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:117368kB dirty:876kB writeback:0kB shmem:732kB kernel_stack:3392kB pagetables:5220kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[   63.858229][ T5052] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   63.886974][ T5052] lowmem_reserve[]: 0 2883 7862 7862
[   63.892311][ T5052] Node 0 DMA32 free:2949196kB boost:0kB min:4132kB low:7064kB high:9996kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2952828kB mlocked:0kB bounce:0kB free_pcp:3632kB local_pcp:100kB free_cma:0kB
[   63.922982][ T5052] lowmem_reserve[]: 0 0 4978 4978
[   63.928165][ T5052] Node 0 Normal free:4573600kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB free_highatomic:0KB active_anon:15596kB inactive_anon:24kB active_file:73848kB inactive_file:9844kB unevictable:0kB writepending:808kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:65888kB local_pcp:44664kB free_cma:0kB
[   63.960337][ T5052] lowmem_reserve[]: 0 0 0 0
[   63.964906][ T5052] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[   63.977708][ T5052] Node 0 DMA32: 3*4kB (M) 2*8kB (M) 3*16kB (M) 2*32kB (M) 3*64kB (M) 4*128kB (M) 3*256kB (M) 3*512kB (M) 3*1024kB (M) 3*2048kB (M) 717*4096kB (M) = 2949196kB
[   63.994426][ T5052] Node 0 Normal: 445*4kB (UME) 575*8kB (UME) 252*16kB (UME) 70*32kB (UE) 199*64kB (UME) 175*128kB (UME) 131*256kB (UME) 86*512kB (UM) 66*1024kB (UM) 55*2048kB (UME) 1042*4096kB (UM) = 4573612kB
[   64.013932][ T5052] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[   64.023380][ T5052] 21118 total pagecache pages
[   64.028241][ T5052] 15 pages in swap cache
[   64.032500][ T5052] Free swap  = 124648kB
[   64.036726][ T5052] Total swap = 124996kB
[   64.040912][ T5052] 2097051 pages RAM
[   64.044803][ T5052] 0 pages HighMem/MovableOnly
[   64.049666][ T5052] 80444 pages reserved
[   64.099181][ T5073] ./file0: Can't lookup blockdev
[   64.127922][ T5079] tipc: Started in network mode
[   64.132856][ T5079] tipc: Node identity e2a28a33d662, cluster identity 4711
[   64.140560][ T5079] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   64.230829][ T5087] FAULT_INJECTION: forcing a failure.
[   64.230829][ T5087] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   64.244076][ T5087] CPU: 1 UID: 0 PID: 5087 Comm: syz.3.533 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   64.244120][ T5087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   64.244130][ T5087] Call Trace:
[   64.244135][ T5087]  <TASK>
[   64.244142][ T5087]  __dump_stack+0x1d/0x30
[   64.244201][ T5087]  dump_stack_lvl+0xe8/0x140
[   64.244220][ T5087]  dump_stack+0x15/0x1b
[   64.244313][ T5087]  should_fail_ex+0x265/0x280
[   64.244336][ T5087]  should_fail+0xb/0x20
[   64.244354][ T5087]  should_fail_usercopy+0x1a/0x20
[   64.244390][ T5087]  _copy_to_user+0x20/0xa0
[   64.244427][ T5087]  simple_read_from_buffer+0xb5/0x130
[   64.244458][ T5087]  proc_fail_nth_read+0x10e/0x150
[   64.244492][ T5087]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   64.244546][ T5087]  vfs_read+0x1a8/0x770
[   64.244567][ T5087]  ? up_write+0x18/0x60
[   64.244587][ T5087]  ? __rcu_read_unlock+0x4f/0x70
[   64.244605][ T5087]  ? __fget_files+0x184/0x1c0
[   64.244637][ T5087]  ksys_read+0xda/0x1a0
[   64.244656][ T5087]  __x64_sys_read+0x40/0x50
[   64.244751][ T5087]  x64_sys_call+0x27bc/0x2ff0
[   64.244769][ T5087]  do_syscall_64+0xd2/0x200
[   64.244792][ T5087]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   64.244827][ T5087]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   64.244943][ T5087]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   64.244964][ T5087] RIP: 0033:0x7f10ac42d5fc
[   64.245043][ T5087] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   64.245061][ T5087] RSP: 002b:00007f10aae97030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   64.245078][ T5087] RAX: ffffffffffffffda RBX: 00007f10ac655fa0 RCX: 00007f10ac42d5fc
[   64.245090][ T5087] RDX: 000000000000000f RSI: 00007f10aae970a0 RDI: 000000000000000b
[   64.245101][ T5087] RBP: 00007f10aae97090 R08: 0000000000000000 R09: 0000000000000000
[   64.245114][ T5087] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   64.245126][ T5087] R13: 00007f10ac656038 R14: 00007f10ac655fa0 R15: 00007ffde355d518
[   64.245214][ T5087]  </TASK>
[   64.760802][   T29] kauditd_printk_skb: 579 callbacks suppressed
[   64.760814][   T29] audit: type=1400 audit(1756449939.897:4715): avc:  denied  { setopt } for  pid=5106 comm="syz.3.542" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[   64.812898][ T5119] FAULT_INJECTION: forcing a failure.
[   64.812898][ T5119] name failslab, interval 1, probability 0, space 0, times 0
[   64.826026][ T5119] CPU: 0 UID: 0 PID: 5119 Comm: syz.3.547 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   64.826045][ T5119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   64.826053][ T5119] Call Trace:
[   64.826069][ T5119]  <TASK>
[   64.826075][ T5119]  __dump_stack+0x1d/0x30
[   64.826115][ T5119]  dump_stack_lvl+0xe8/0x140
[   64.826171][ T5119]  dump_stack+0x15/0x1b
[   64.826184][ T5119]  should_fail_ex+0x265/0x280
[   64.826199][ T5119]  should_failslab+0x8c/0xb0
[   64.826213][ T5119]  kmem_cache_alloc_node_noprof+0x57/0x320
[   64.826306][ T5119]  ? perf_event_alloc+0x14c/0x1740
[   64.826390][ T5119]  perf_event_alloc+0x14c/0x1740
[   64.826404][ T5119]  ? ___slab_alloc+0x270/0x900
[   64.826420][ T5119]  ? inherit_task_group+0x142/0x690
[   64.826506][ T5119]  ? should_fail_ex+0xdb/0x280
[   64.826575][ T5119]  inherit_event+0xc9/0x730
[   64.826617][ T5119]  ? __kmalloc_cache_noprof+0x189/0x320
[   64.826632][ T5119]  inherit_task_group+0x268/0x690
[   64.826648][ T5119]  ? _raw_spin_unlock_irqrestore+0x2b/0x60
[   64.826692][ T5119]  perf_event_init_task+0x16c/0x3b0
[   64.826709][ T5119]  copy_process+0xb4a/0x2000
[   64.826724][ T5119]  ? kstrtouint+0x76/0xc0
[   64.826742][ T5119]  ? __rcu_read_unlock+0x4f/0x70
[   64.826756][ T5119]  kernel_clone+0x16c/0x5c0
[   64.826770][ T5119]  ? vfs_write+0x7e8/0x960
[   64.826786][ T5119]  __x64_sys_clone+0xe6/0x120
[   64.826883][ T5119]  x64_sys_call+0x119c/0x2ff0
[   64.826896][ T5119]  do_syscall_64+0xd2/0x200
[   64.826912][ T5119]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   64.826931][ T5119]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   64.826944][ T5119]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   64.826956][ T5119] RIP: 0033:0x7f10ac42ebe9
[   64.827032][ T5119] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   64.827072][ T5119] RSP: 002b:00007f10aae96fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[   64.827093][ T5119] RAX: ffffffffffffffda RBX: 00007f10ac655fa0 RCX: 00007f10ac42ebe9
[   64.827104][ T5119] RDX: 0000000000000000 RSI: 0000000000009000 RDI: 0000000004021400
[   64.827125][ T5119] RBP: 00007f10aae97090 R08: 0000000000000000 R09: 0000000000000000
[   64.827133][ T5119] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[   64.827143][ T5119] R13: 00007f10ac656038 R14: 00007f10ac655fa0 R15: 00007ffde355d518
[   64.827159][ T5119]  </TASK>
[   65.106733][   T29] audit: type=1326 audit(1756449940.247:4716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5124 comm="syz.0.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ea70febe9 code=0x7ffc0000
[   65.130574][   T29] audit: type=1326 audit(1756449940.247:4717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5124 comm="syz.0.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ea70febe9 code=0x7ffc0000
[   65.185455][   T29] audit: type=1326 audit(1756449940.297:4718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5124 comm="syz.0.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1ea70febe9 code=0x7ffc0000
[   65.209108][   T36] tipc: Node number set to 885033523
[   65.209158][   T29] audit: type=1326 audit(1756449940.297:4719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5124 comm="syz.0.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ea70febe9 code=0x7ffc0000
[   65.209197][   T29] audit: type=1326 audit(1756449940.297:4720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5124 comm="syz.0.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1ea70febe9 code=0x7ffc0000
[   65.261591][   T29] audit: type=1326 audit(1756449940.297:4721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5124 comm="syz.0.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ea70febe9 code=0x7ffc0000
[   65.285378][   T29] audit: type=1326 audit(1756449940.297:4722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5124 comm="syz.0.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1ea70febe9 code=0x7ffc0000
[   65.309276][   T29] audit: type=1326 audit(1756449940.297:4723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5124 comm="syz.0.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ea70febe9 code=0x7ffc0000
[   65.333167][   T29] audit: type=1326 audit(1756449940.297:4724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5124 comm="syz.0.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1ea70febe9 code=0x7ffc0000
[   65.408913][ T5145] netlink: 4 bytes leftover after parsing attributes in process `syz.1.556'.
[   65.434278][ T5145] netlink: 12 bytes leftover after parsing attributes in process `syz.1.556'.
[   65.445731][ T5149] netlink: 72 bytes leftover after parsing attributes in process `syz.0.558'.
[   65.492113][ T5149] hub 9-0:1.0: USB hub found
[   65.497158][ T5149] hub 9-0:1.0: 8 ports detected
[   65.500948][ T5155] loop1: detected capacity change from 0 to 512
[   65.513673][ T5155] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   65.539791][ T5155] EXT4-fs error (device loop1): ext4_iget_extra_inode:5104: inode #15: comm syz.1.561: corrupted in-inode xattr: overlapping e_value 
[   65.555129][ T5155] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.561: couldn't read orphan inode 15 (err -117)
[   65.714525][ T5173] IPv6: sit1: Disabled Multicast RS
[   65.751228][ T5176] netlink: 4 bytes leftover after parsing attributes in process `syz.3.569'.
[   66.006305][ T5185] loop0: detected capacity change from 0 to 512
[   66.029056][ T5185] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   66.045866][ T5187] hub 9-0:1.0: USB hub found
[   66.057623][ T5185] ext4 filesystem being mounted at /127/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   66.057727][ T5187] hub 9-0:1.0: 8 ports detected
[   66.114016][ T5191] netlink: 72 bytes leftover after parsing attributes in process `syz.3.575'.
[   66.365691][ T5203] FAULT_INJECTION: forcing a failure.
[   66.365691][ T5203] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   66.379183][ T5203] CPU: 0 UID: 0 PID: 5203 Comm: syz.3.580 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   66.379260][ T5203] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   66.379270][ T5203] Call Trace:
[   66.379277][ T5203]  <TASK>
[   66.379286][ T5203]  __dump_stack+0x1d/0x30
[   66.379389][ T5203]  dump_stack_lvl+0xe8/0x140
[   66.379407][ T5203]  dump_stack+0x15/0x1b
[   66.379421][ T5203]  should_fail_ex+0x265/0x280
[   66.379487][ T5203]  should_fail_alloc_page+0xf2/0x100
[   66.379512][ T5203]  __alloc_frozen_pages_noprof+0xff/0x360
[   66.379548][ T5203]  alloc_pages_mpol+0xb3/0x250
[   66.379617][ T5203]  vma_alloc_folio_noprof+0x1aa/0x300
[   66.379671][ T5203]  do_wp_page+0x5db/0x24e0
[   66.379732][ T5203]  ? css_rstat_updated+0xb7/0x240
[   66.379761][ T5203]  ? __rcu_read_lock+0x37/0x50
[   66.379853][ T5203]  handle_mm_fault+0x77d/0x2c20
[   66.379880][ T5203]  do_user_addr_fault+0x636/0x1090
[   66.379909][ T5203]  ? fpregs_assert_state_consistent+0xb4/0xe0
[   66.380002][ T5203]  exc_page_fault+0x62/0xa0
[   66.380030][ T5203]  asm_exc_page_fault+0x26/0x30
[   66.380111][ T5203] RIP: 0033:0x7f10ac2f0c50
[   66.380125][ T5203] Code: 39 4f 08 72 4c 8d 4d ff 85 ed 74 33 66 0f 1f 44 00 00 48 39 f0 72 1b 4d 8b 07 49 89 c1 49 29 f1 47 0f b6 0c 08 45 84 c9 74 08 <45> 88 0c 00 49 8b 47 10 48 83 c0 01 49 89 47 10 83 e9 01 73 d3 41
[   66.380138][ T5203] RSP: 002b:00007f10aae964a0 EFLAGS: 00010202
[   66.380197][ T5203] RAX: 0000000000004005 RBX: 00007f10aae96540 RCX: 000000000000000f
[   66.380208][ T5203] RDX: 00000000000069ff RSI: 0000000000000400 RDI: 00007f10aae965e0
[   66.380218][ T5203] RBP: 0000000000000010 R08: 00007f10a2a77000 R09: 0000000000000004
[   66.380229][ T5203] R10: 0000200000000542 R11: 0000000000000474 R12: 0000000000000301
[   66.380239][ T5203] R13: 00007f10ac4cda20 R14: 0000000000000013 R15: 00007f10aae965e0
[   66.380313][ T5203]  </TASK>
[   66.380331][ T5203] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[   66.557827][ T5185] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[   66.675819][ T5210] loop9: detected capacity change from 0 to 7
[   66.682283][ T5210] Buffer I/O error on dev loop9, logical block 0, async page read
[   66.690750][ T5210] Buffer I/O error on dev loop9, logical block 0, async page read
[   66.698637][ T5210]  loop9: unable to read partition table
[   66.706392][ T5210] loop_reread_partitions: partition scan of loop9 (þ被xüŸÑø éÚ¬§½dG¤´à–ƒÝ¡¯ �â·û
[   66.706392][ T5210] 
) failed (rc=-5)
[   67.022292][ T5184] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 9 with max blocks 1581 with error 28
[   67.034951][ T5184] EXT4-fs (loop0): This should not happen!! Data will be lost
[   67.034951][ T5184] 
[   67.044727][ T5184] EXT4-fs (loop0): Total free blocks count 0
[   67.050949][ T5184] EXT4-fs (loop0): Free/Dirty block details
[   67.057153][ T5184] EXT4-fs (loop0): free_blocks=39627
[   67.062805][ T5184] EXT4-fs (loop0): dirty_blocks=2929
[   67.068326][ T5184] EXT4-fs (loop0): Block reservation details
[   67.074421][ T5184] EXT4-fs (loop0): i_reserved_data_blocks=2962
[   67.190652][ T5231] loop4: detected capacity change from 0 to 512
[   67.191412][ T5185] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 1590 with max blocks 1520 with error 28
[   67.210020][ T5185] EXT4-fs (loop0): This should not happen!! Data will be lost
[   67.210020][ T5185] 
[   67.226524][ T5231] EXT4-fs mount: 43 callbacks suppressed
[   67.226565][ T5231] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   67.495926][ T3312] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   67.669397][ T5266] netlink: 4 bytes leftover after parsing attributes in process `syz.3.603'.
[   67.679527][ T5266] netlink: 12 bytes leftover after parsing attributes in process `syz.3.603'.
[   67.685641][ T5270] loop2: detected capacity change from 0 to 512
[   67.712141][ T5270] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[   67.736272][ T5270] EXT4-fs (loop2): failed to open journal device unknown-block(0,0) -6
[   67.758568][ T5279] loop0: detected capacity change from 0 to 512
[   67.781336][ T5279] EXT4-fs: Ignoring removed i_version option
[   67.787574][ T5279] EXT4-fs: Ignoring removed nobh option
[   67.812629][ T5286] FAULT_INJECTION: forcing a failure.
[   67.812629][ T5286] name failslab, interval 1, probability 0, space 0, times 0
[   67.819522][ T5279] EXT4-fs: inline encryption not supported
[   67.825418][ T5286] CPU: 1 UID: 0 PID: 5286 Comm: syz.3.612 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   67.825446][ T5286] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   67.825491][ T5286] Call Trace:
[   67.825499][ T5286]  <TASK>
[   67.825510][ T5286]  __dump_stack+0x1d/0x30
[   67.825533][ T5286]  dump_stack_lvl+0xe8/0x140
[   67.825550][ T5286]  dump_stack+0x15/0x1b
[   67.825565][ T5286]  should_fail_ex+0x265/0x280
[   67.825586][ T5286]  should_failslab+0x8c/0xb0
[   67.825680][ T5286]  kmem_cache_alloc_node_noprof+0x57/0x320
[   67.825708][ T5286]  ? __alloc_skb+0x101/0x320
[   67.825728][ T5286]  __alloc_skb+0x101/0x320
[   67.825744][ T5286]  ? audit_log_start+0x365/0x6c0
[   67.825784][ T5286]  audit_log_start+0x380/0x6c0
[   67.825871][ T5286]  audit_seccomp+0x48/0x100
[   67.825950][ T5286]  ? __seccomp_filter+0x68c/0x10d0
[   67.825970][ T5286]  __seccomp_filter+0x69d/0x10d0
[   67.826104][ T5286]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   67.826128][ T5286]  ? vfs_write+0x7e8/0x960
[   67.826205][ T5286]  ? __rcu_read_unlock+0x4f/0x70
[   67.826226][ T5286]  ? __fget_files+0x184/0x1c0
[   67.826315][ T5286]  __secure_computing+0x82/0x150
[   67.826405][ T5286]  syscall_trace_enter+0xcf/0x1e0
[   67.826428][ T5286]  do_syscall_64+0xac/0x200
[   67.826455][ T5286]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   67.826552][ T5286]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   67.826592][ T5286]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.826613][ T5286] RIP: 0033:0x7f10ac42ebe9
[   67.826629][ T5286] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   67.826645][ T5286] RSP: 002b:00007f10aae97038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab
[   67.826664][ T5286] RAX: ffffffffffffffda RBX: 00007f10ac655fa0 RCX: 00007f10ac42ebe9
[   67.826748][ T5286] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffffffffff
[   67.826760][ T5286] RBP: 00007f10aae97090 R08: 0000000000000000 R09: 0000000000000000
[   67.826772][ T5286] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   67.826784][ T5286] R13: 00007f10ac656038 R14: 00007f10ac655fa0 R15: 00007ffde355d518
[   67.826802][ T5286]  </TASK>
[   68.080315][ T5293] FAULT_INJECTION: forcing a failure.
[   68.080315][ T5293] name failslab, interval 1, probability 0, space 0, times 0
[   68.093268][ T5293] CPU: 1 UID: 0 PID: 5293 Comm: syz.2.614 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   68.093340][ T5293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   68.093352][ T5293] Call Trace:
[   68.093360][ T5293]  <TASK>
[   68.093369][ T5293]  __dump_stack+0x1d/0x30
[   68.093389][ T5293]  dump_stack_lvl+0xe8/0x140
[   68.093470][ T5293]  dump_stack+0x15/0x1b
[   68.093539][ T5293]  should_fail_ex+0x265/0x280
[   68.093556][ T5293]  ? audit_log_d_path+0x8d/0x150
[   68.093582][ T5293]  should_failslab+0x8c/0xb0
[   68.093750][ T5293]  __kmalloc_cache_noprof+0x4c/0x320
[   68.093776][ T5293]  audit_log_d_path+0x8d/0x150
[   68.093799][ T5293]  audit_log_d_path_exe+0x42/0x70
[   68.093849][ T5293]  audit_log_task+0x1e9/0x250
[   68.093874][ T5293]  audit_seccomp+0x61/0x100
[   68.093896][ T5293]  ? __seccomp_filter+0x68c/0x10d0
[   68.093979][ T5293]  __seccomp_filter+0x69d/0x10d0
[   68.094000][ T5293]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   68.094022][ T5293]  ? vfs_write+0x7e8/0x960
[   68.094044][ T5293]  __secure_computing+0x82/0x150
[   68.094175][ T5293]  syscall_trace_enter+0xcf/0x1e0
[   68.094196][ T5293]  do_syscall_64+0xac/0x200
[   68.094237][ T5293]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   68.094264][ T5293]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   68.094288][ T5293]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.094309][ T5293] RIP: 0033:0x7f80c260ebe9
[   68.094326][ T5293] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   68.094418][ T5293] RSP: 002b:00007f80c106f038 EFLAGS: 00000246 ORIG_RAX: 00000000000001bf
[   68.094436][ T5293] RAX: ffffffffffffffda RBX: 00007f80c2835fa0 RCX: 00007f80c260ebe9
[   68.094447][ T5293] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   68.094457][ T5293] RBP: 00007f80c106f090 R08: 0000000000000000 R09: 0000000000000000
[   68.094467][ T5293] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   68.094497][ T5293] R13: 00007f80c2836038 R14: 00007f80c2835fa0 R15: 00007ffef30f5418
[   68.094515][ T5293]  </TASK>
[   68.112591][ T5279] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   68.222080][ T5299] netlink: 72 bytes leftover after parsing attributes in process `syz.2.616'.
[   68.347774][ T5294] IPv6: sit1: Disabled Multicast RS
[   68.368978][ T5279] EXT4-fs (loop0): 1 truncate cleaned up
[   68.375542][ T5279] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   68.456597][ T5275] Set syz1 is full, maxelem 65536 reached
[   68.497246][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.508202][ T5305] loop2: detected capacity change from 0 to 512
[   68.515909][ T5306] netlink: 16 bytes leftover after parsing attributes in process `syz.1.617'.
[   68.530499][ T5305] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   68.546349][ T5305] EXT4-fs (loop2): 1 truncate cleaned up
[   68.552915][ T5305] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   68.600474][ T5318] loop0: detected capacity change from 0 to 512
[   68.614092][ T5318] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   68.640555][ T5318] EXT4-fs error (device loop0): ext4_iget_extra_inode:5104: inode #15: comm syz.0.623: corrupted in-inode xattr: overlapping e_value 
[   68.670155][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.683423][ T5318] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.623: couldn't read orphan inode 15 (err -117)
[   68.713247][ T5318] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   68.746353][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.757725][ T5329] netlink: 4 bytes leftover after parsing attributes in process `syz.3.626'.
[   69.153792][ T5365] loop1: detected capacity change from 0 to 512
[   69.223768][ T5365] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[   69.461288][ T5365] EXT4-fs (loop1): failed to open journal device unknown-block(0,0) -6
[   69.508231][ T5381] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   69.542319][ T5383] loop4: detected capacity change from 0 to 512
[   69.578381][ T5383] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   69.616259][ T5383] ext4 filesystem being mounted at /92/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   69.668746][ T5381] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   69.699448][ T5383] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.950475][   T29] kauditd_printk_skb: 426 callbacks suppressed
[   69.950489][   T29] audit: type=1326 audit(1756449945.087:5147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5391 comm="syz.4.641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5624d5ebe9 code=0x7ffc0000
[   69.983488][   T29] audit: type=1326 audit(1756449945.117:5148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5391 comm="syz.4.641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5624d5ebe9 code=0x7ffc0000
[   70.007147][   T29] audit: type=1326 audit(1756449945.117:5149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5391 comm="syz.4.641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5624d5ebe9 code=0x7ffc0000
[   70.030817][   T29] audit: type=1326 audit(1756449945.117:5150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5391 comm="syz.4.641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5624d5ebe9 code=0x7ffc0000
[   70.054726][   T29] audit: type=1326 audit(1756449945.117:5151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5391 comm="syz.4.641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5624d5ebe9 code=0x7ffc0000
[   70.079383][   T29] audit: type=1326 audit(1756449945.117:5152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5391 comm="syz.4.641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5624d5ebe9 code=0x7ffc0000
[   70.103505][   T29] audit: type=1326 audit(1756449945.117:5153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5391 comm="syz.4.641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=312 compat=0 ip=0x7f5624d5ebe9 code=0x7ffc0000
[   70.127249][   T29] audit: type=1326 audit(1756449945.117:5154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5391 comm="syz.4.641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5624d5ebe9 code=0x7ffc0000
[   70.151417][   T29] audit: type=1326 audit(1756449945.117:5155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5391 comm="syz.4.641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5624d5ebe9 code=0x7ffc0000
[   70.175237][   T29] audit: type=1326 audit(1756449945.117:5156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5391 comm="syz.4.641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5624d5ebe9 code=0x7ffc0000
[   70.288907][ T5381] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   70.308836][ T5398] loop0: detected capacity change from 0 to 512
[   70.316033][ T5398] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   70.334010][ T5398] EXT4-fs error (device loop0): ext4_iget_extra_inode:5104: inode #15: comm syz.0.642: corrupted in-inode xattr: overlapping e_value 
[   70.350057][ T5381] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   70.361499][ T5398] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.642: couldn't read orphan inode 15 (err -117)
[   70.379569][ T5398] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   70.403492][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.430798][  T112] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   70.446557][  T112] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   70.460044][  T112] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   70.478611][  T112] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   70.583414][ T5428] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[   70.612093][ T5431] netlink: 132 bytes leftover after parsing attributes in process `syz.1.654'.
[   70.723648][ T5437] FAULT_INJECTION: forcing a failure.
[   70.723648][ T5437] name failslab, interval 1, probability 0, space 0, times 0
[   70.736348][ T5437] CPU: 0 UID: 0 PID: 5437 Comm: syz.4.656 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   70.736374][ T5437] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   70.736386][ T5437] Call Trace:
[   70.736393][ T5437]  <TASK>
[   70.736402][ T5437]  __dump_stack+0x1d/0x30
[   70.736473][ T5437]  dump_stack_lvl+0xe8/0x140
[   70.736540][ T5437]  dump_stack+0x15/0x1b
[   70.736557][ T5437]  should_fail_ex+0x265/0x280
[   70.736579][ T5437]  should_failslab+0x8c/0xb0
[   70.736604][ T5437]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[   70.736661][ T5437]  ? sidtab_sid2str_get+0xa0/0x130
[   70.736679][ T5437]  kmemdup_noprof+0x2b/0x70
[   70.736701][ T5437]  sidtab_sid2str_get+0xa0/0x130
[   70.736790][ T5437]  security_sid_to_context_core+0x1eb/0x2e0
[   70.736852][ T5437]  security_sid_to_context+0x27/0x40
[   70.736868][ T5437]  selinux_lsmprop_to_secctx+0x67/0xf0
[   70.736890][ T5437]  security_lsmprop_to_secctx+0x43/0x80
[   70.736988][ T5437]  audit_log_task_context+0x77/0x190
[   70.737015][ T5437]  audit_log_task+0xf4/0x250
[   70.737040][ T5437]  audit_seccomp+0x61/0x100
[   70.737134][ T5437]  ? __seccomp_filter+0x68c/0x10d0
[   70.737151][ T5437]  __seccomp_filter+0x69d/0x10d0
[   70.737189][ T5437]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   70.737214][ T5437]  ? vfs_write+0x7e8/0x960
[   70.737243][ T5437]  __secure_computing+0x82/0x150
[   70.737264][ T5437]  syscall_trace_enter+0xcf/0x1e0
[   70.737338][ T5437]  do_syscall_64+0xac/0x200
[   70.737472][ T5437]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   70.737490][ T5437]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   70.737515][ T5437]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   70.737536][ T5437] RIP: 0033:0x7f5624d5ebe9
[   70.737551][ T5437] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   70.737591][ T5437] RSP: 002b:00007f56237bf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000138
[   70.737608][ T5437] RAX: ffffffffffffffda RBX: 00007f5624f85fa0 RCX: 00007f5624d5ebe9
[   70.737620][ T5437] RDX: 0000000000000004 RSI: 00000000000000f9 RDI: 00000000000000fa
[   70.737656][ T5437] RBP: 00007f56237bf090 R08: ffffffffffffffff R09: 0000000000000000
[   70.737666][ T5437] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[   70.737677][ T5437] R13: 00007f5624f86038 R14: 00007f5624f85fa0 R15: 00007ffcbcd64218
[   70.737692][ T5437]  </TASK>
[   71.222987][ T5416] syz.0.649 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[   71.237164][ T5416] CPU: 0 UID: 0 PID: 5416 Comm: syz.0.649 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   71.237260][ T5416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   71.237273][ T5416] Call Trace:
[   71.237282][ T5416]  <TASK>
[   71.237291][ T5416]  __dump_stack+0x1d/0x30
[   71.237316][ T5416]  dump_stack_lvl+0xe8/0x140
[   71.237335][ T5416]  dump_stack+0x15/0x1b
[   71.237349][ T5416]  dump_header+0x81/0x220
[   71.237523][ T5416]  oom_kill_process+0x342/0x400
[   71.237557][ T5416]  out_of_memory+0x979/0xb80
[   71.237700][ T5416]  try_charge_memcg+0x5e6/0x9e0
[   71.237732][ T5416]  obj_cgroup_charge_pages+0xa6/0x150
[   71.237842][ T5416]  __memcg_kmem_charge_page+0x9f/0x170
[   71.237869][ T5416]  __alloc_frozen_pages_noprof+0x188/0x360
[   71.237951][ T5416]  alloc_pages_mpol+0xb3/0x250
[   71.237978][ T5416]  alloc_pages_noprof+0x90/0x130
[   71.238050][ T5416]  __vmalloc_node_range_noprof+0x6f2/0xe00
[   71.238091][ T5416]  __kvmalloc_node_noprof+0x30f/0x4e0
[   71.238122][ T5416]  ? ip_set_alloc+0x1f/0x30
[   71.238168][ T5416]  ? ip_set_alloc+0x1f/0x30
[   71.238192][ T5416]  ? __kmalloc_cache_noprof+0x189/0x320
[   71.238299][ T5416]  ip_set_alloc+0x1f/0x30
[   71.238327][ T5416]  hash_netiface_create+0x282/0x740
[   71.238381][ T5416]  ? __pfx_hash_netiface_create+0x10/0x10
[   71.238461][ T5416]  ip_set_create+0x3c9/0x960
[   71.238491][ T5416]  ? __nla_parse+0x40/0x60
[   71.238515][ T5416]  nfnetlink_rcv_msg+0x4c3/0x590
[   71.238577][ T5416]  netlink_rcv_skb+0x123/0x220
[   71.238599][ T5416]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[   71.238643][ T5416]  nfnetlink_rcv+0x16b/0x1690
[   71.238668][ T5416]  ? nlmon_xmit+0x4f/0x60
[   71.238690][ T5416]  ? consume_skb+0x49/0x150
[   71.238739][ T5416]  ? nlmon_xmit+0x4f/0x60
[   71.238762][ T5416]  ? dev_hard_start_xmit+0x3b0/0x3e0
[   71.238788][ T5416]  ? __dev_queue_xmit+0x1200/0x2000
[   71.238810][ T5416]  ? __dev_queue_xmit+0x182/0x2000
[   71.238888][ T5416]  ? __alloc_frozen_pages_noprof+0x188/0x360
[   71.238919][ T5416]  ? ref_tracker_free+0x37d/0x3e0
[   71.238947][ T5416]  ? __netlink_deliver_tap+0x4dc/0x500
[   71.239001][ T5416]  netlink_unicast+0x5bd/0x690
[   71.239033][ T5416]  netlink_sendmsg+0x58b/0x6b0
[   71.239052][ T5416]  ? __pfx_netlink_sendmsg+0x10/0x10
[   71.239072][ T5416]  __sock_sendmsg+0x145/0x180
[   71.239188][ T5416]  ____sys_sendmsg+0x31e/0x4e0
[   71.239215][ T5416]  ___sys_sendmsg+0x17b/0x1d0
[   71.239248][ T5416]  __x64_sys_sendmsg+0xd4/0x160
[   71.239275][ T5416]  x64_sys_call+0x191e/0x2ff0
[   71.239357][ T5416]  do_syscall_64+0xd2/0x200
[   71.239386][ T5416]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   71.239429][ T5416]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   71.239450][ T5416]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   71.239469][ T5416] RIP: 0033:0x7f1ea70febe9
[   71.239528][ T5416] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   71.239594][ T5416] RSP: 002b:00007f1ea5b5f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   71.239617][ T5416] RAX: ffffffffffffffda RBX: 00007f1ea7325fa0 RCX: 00007f1ea70febe9
[   71.239631][ T5416] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000003
[   71.239642][ T5416] RBP: 00007f1ea7181e19 R08: 0000000000000000 R09: 0000000000000000
[   71.239653][ T5416] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   71.239664][ T5416] R13: 00007f1ea7326038 R14: 00007f1ea7325fa0 R15: 00007ffd815aa8d8
[   71.239719][ T5416]  </TASK>
[   71.239727][ T5416] memory: usage 307200kB, limit 307200kB, failcnt 638
[   71.584633][ T5416] memory+swap: usage 307428kB, limit 9007199254740988kB, failcnt 0
[   71.592666][ T5416] kmem: usage 307176kB, limit 9007199254740988kB, failcnt 0
[   71.600695][ T5416] Memory cgroup stats for /syz0:
[   71.601060][ T5416] cache 4096
[   71.609322][ T5416] rss 4096
[   71.612339][ T5416] shmem 0
[   71.615400][ T5416] mapped_file 4096
[   71.619103][ T5416] dirty 0
[   71.622038][ T5416] writeback 4096
[   71.625676][ T5416] workingset_refault_anon 74
[   71.630252][ T5416] workingset_refault_file 763
[   71.635080][ T5416] swap 237568
[   71.638530][ T5416] swapcached 16384
[   71.642600][ T5416] pgpgin 45922
[   71.646582][ T5416] pgpgout 45917
[   71.650267][ T5416] pgfault 51710
[   71.653825][ T5416] pgmajfault 44
[   71.657331][ T5416] inactive_anon 0
[   71.660993][ T5416] active_anon 12288
[   71.664953][ T5416] inactive_file 0
[   71.668592][ T5416] active_file 4096
[   71.672317][ T5416] unevictable 0
[   71.675827][ T5416] hierarchical_memory_limit 314572800
[   71.681346][ T5416] hierarchical_memsw_limit 9223372036854771712
[   71.687519][ T5416] total_cache 4096
[   71.691240][ T5416] total_rss 4096
[   71.694825][ T5416] total_shmem 0
[   71.698318][ T5416] total_mapped_file 4096
[   71.702617][ T5416] total_dirty 0
[   71.706090][ T5416] total_writeback 4096
[   71.710154][ T5416] total_workingset_refault_anon 74
[   71.715301][ T5416] total_workingset_refault_file 763
[   71.720495][ T5416] total_swap 237568
[   71.724640][ T5416] total_swapcached 16384
[   71.728961][ T5416] total_pgpgin 45922
[   71.732869][ T5416] total_pgpgout 45917
[   71.736884][ T5416] total_pgfault 51710
[   71.740952][ T5416] total_pgmajfault 44
[   71.745021][ T5416] total_inactive_anon 0
[   71.749164][ T5416] total_active_anon 12288
[   71.753596][ T5416] total_inactive_file 0
[   71.757772][ T5416] total_active_file 4096
[   71.762079][ T5416] total_unevictable 0
[   71.766102][ T5416] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.649,pid=5413,uid=0
[   71.780621][ T5416] Memory cgroup out of memory: Killed process 5413 (syz.0.649) total-vm:95680kB, anon-rss:944kB, file-rss:22052kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[   71.806304][ T5467] loop2: detected capacity change from 0 to 512
[   71.813275][ T5467] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[   71.823664][ T5467] EXT4-fs (loop2): invalid journal inode
[   71.829422][ T5467] EXT4-fs (loop2): can't get journal size
[   71.837803][ T5467] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e056c118, mo2=0002]
[   71.857714][ T5467] System zones: 1-12, 13-13
[   71.866430][ T5467] EXT4-fs (loop2): 1 truncate cleaned up
[   71.872774][ T5467] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.886456][ T3398] IPVS: starting estimator thread 0...
[   71.918099][ T5482] FAULT_INJECTION: forcing a failure.
[   71.918099][ T5482] name failslab, interval 1, probability 0, space 0, times 0
[   71.930784][ T5482] CPU: 0 UID: 0 PID: 5482 Comm: syz.3.669 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   71.930865][ T5482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   71.930875][ T5482] Call Trace:
[   71.930882][ T5482]  <TASK>
[   71.930943][ T5482]  __dump_stack+0x1d/0x30
[   71.930967][ T5482]  dump_stack_lvl+0xe8/0x140
[   71.931003][ T5482]  dump_stack+0x15/0x1b
[   71.931020][ T5482]  should_fail_ex+0x265/0x280
[   71.931042][ T5482]  should_failslab+0x8c/0xb0
[   71.931068][ T5482]  kmem_cache_alloc_noprof+0x50/0x310
[   71.931159][ T5482]  ? security_file_alloc+0x32/0x100
[   71.931202][ T5482]  security_file_alloc+0x32/0x100
[   71.931245][ T5482]  init_file+0x5c/0x1d0
[   71.931351][ T5482]  alloc_empty_file+0x8b/0x200
[   71.931376][ T5482]  path_openat+0x68/0x2170
[   71.931466][ T5482]  ? mntput+0x4b/0x80
[   71.931490][ T5482]  ? terminate_walk+0x27f/0x2a0
[   71.931553][ T5482]  ? path_openat+0x1bf8/0x2170
[   71.931568][ T5482]  ? _parse_integer_limit+0x170/0x190
[   71.931627][ T5482]  do_filp_open+0x109/0x230
[   71.931650][ T5482]  do_open_execat+0xd8/0x260
[   71.931666][ T5482]  alloc_bprm+0x25/0x350
[   71.931686][ T5482]  do_execveat_common+0x12e/0x750
[   71.931706][ T5482]  ? getname_flags+0x154/0x3b0
[   71.931782][ T5482]  __x64_sys_execveat+0x73/0x90
[   71.931802][ T5482]  x64_sys_call+0x1fec/0x2ff0
[   71.931888][ T5482]  do_syscall_64+0xd2/0x200
[   71.931911][ T5482]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   71.931983][ T5482]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   71.932071][ T5482]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   71.932090][ T5482] RIP: 0033:0x7f10ac42ebe9
[   71.932104][ T5482] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   71.932118][ T5482] RSP: 002b:00007f10aae97038 EFLAGS: 00000246 ORIG_RAX: 0000000000000142
[   71.932210][ T5482] RAX: ffffffffffffffda RBX: 00007f10ac655fa0 RCX: 00007f10ac42ebe9
[   71.932222][ T5482] RDX: 0000000000000000 RSI: 0000200000000280 RDI: ffffffffffffff9c
[   71.932233][ T5482] RBP: 00007f10aae97090 R08: 0000000000000000 R09: 0000000000000000
[   71.932245][ T5482] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   71.932255][ T5482] R13: 00007f10ac656038 R14: 00007f10ac655fa0 R15: 00007ffde355d518
[   71.932271][ T5482]  </TASK>
[   72.164334][ T5467] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.178155][ T5479] netlink: 'syz.4.668': attribute type 30 has an invalid length.
[   72.194854][ T5478] IPVS: using max 2784 ests per chain, 139200 per kthread
[   72.214196][ T5485] loop1: detected capacity change from 0 to 512
[   72.222042][ T5485] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   72.233317][ T5485] EXT4-fs error (device loop1): ext4_iget_extra_inode:5104: inode #15: comm syz.1.670: corrupted in-inode xattr: overlapping e_value 
[   72.248777][ T5485] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.670: couldn't read orphan inode 15 (err -117)
[   72.261635][ T5485] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   72.288869][ T5492] wg2: entered promiscuous mode
[   72.293778][ T5492] wg2: entered allmulticast mode
[   72.301539][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.332321][ T5500] FAULT_INJECTION: forcing a failure.
[   72.332321][ T5500] name failslab, interval 1, probability 0, space 0, times 0
[   72.344996][ T5500] CPU: 1 UID: 0 PID: 5500 Comm: syz.1.675 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   72.345027][ T5500] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   72.345037][ T5500] Call Trace:
[   72.345044][ T5500]  <TASK>
[   72.345051][ T5500]  __dump_stack+0x1d/0x30
[   72.345070][ T5500]  dump_stack_lvl+0xe8/0x140
[   72.345196][ T5500]  dump_stack+0x15/0x1b
[   72.345236][ T5500]  should_fail_ex+0x265/0x280
[   72.345333][ T5500]  should_failslab+0x8c/0xb0
[   72.345360][ T5500]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[   72.345389][ T5500]  ? sidtab_sid2str_get+0xa0/0x130
[   72.345417][ T5500]  kmemdup_noprof+0x2b/0x70
[   72.345449][ T5500]  sidtab_sid2str_get+0xa0/0x130
[   72.345467][ T5500]  security_sid_to_context_core+0x1eb/0x2e0
[   72.345486][ T5500]  security_sid_to_context+0x27/0x40
[   72.345568][ T5500]  selinux_lsmprop_to_secctx+0x67/0xf0
[   72.345585][ T5500]  security_lsmprop_to_secctx+0x43/0x80
[   72.345647][ T5500]  audit_log_task_context+0x77/0x190
[   72.345674][ T5500]  audit_log_task+0xf4/0x250
[   72.345701][ T5500]  audit_seccomp+0x61/0x100
[   72.345797][ T5500]  ? __seccomp_filter+0x68c/0x10d0
[   72.345819][ T5500]  __seccomp_filter+0x69d/0x10d0
[   72.345837][ T5500]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   72.345860][ T5500]  ? vfs_write+0x7e8/0x960
[   72.345886][ T5500]  __secure_computing+0x82/0x150
[   72.345977][ T5500]  syscall_trace_enter+0xcf/0x1e0
[   72.346001][ T5500]  do_syscall_64+0xac/0x200
[   72.346026][ T5500]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   72.346045][ T5500]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   72.346116][ T5500]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   72.346136][ T5500] RIP: 0033:0x7fe33831ebe9
[   72.346151][ T5500] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   72.346234][ T5500] RSP: 002b:00007fe336d7f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000079
[   72.346250][ T5500] RAX: ffffffffffffffda RBX: 00007fe338545fa0 RCX: 00007fe33831ebe9
[   72.346260][ T5500] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   72.346271][ T5500] RBP: 00007fe336d7f090 R08: 0000000000000000 R09: 0000000000000000
[   72.346281][ T5500] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   72.346293][ T5500] R13: 00007fe338546038 R14: 00007fe338545fa0 R15: 00007fff6e92d038
[   72.346309][ T5500]  </TASK>
[   72.598203][ T5504] loop2: detected capacity change from 0 to 764
[   72.618274][ T5503] netlink: 100 bytes leftover after parsing attributes in process `syz.2.677'.
[   72.656173][ T5508] loop1: detected capacity change from 0 to 2048
[   72.665444][ T5512] loop4: detected capacity change from 0 to 128
[   72.673770][ T5508] EXT4-fs: Ignoring removed mblk_io_submit option
[   72.681141][ T5510] netlink: 36 bytes leftover after parsing attributes in process `syz.0.680'.
[   72.690239][ T5510] netlink: 36 bytes leftover after parsing attributes in process `syz.0.680'.
[   72.709866][ T5510] netlink: 36 bytes leftover after parsing attributes in process `syz.0.680'.
[   72.726938][ T5508] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   72.733072][ T5510] netlink: 36 bytes leftover after parsing attributes in process `syz.0.680'.
[   72.748166][ T5510] netlink: 36 bytes leftover after parsing attributes in process `syz.0.680'.
[   72.778319][ T5510] netlink: 36 bytes leftover after parsing attributes in process `syz.0.680'.
[   72.778645][ T5512] bio_check_eod: 59 callbacks suppressed
[   72.778658][ T5512] syz.4.681: attempt to access beyond end of device
[   72.778658][ T5512] loop4: rw=2049, sector=153, nr_sectors = 8 limit=128
[   72.832671][ T5512] syz.4.681: attempt to access beyond end of device
[   72.832671][ T5512] loop4: rw=2049, sector=169, nr_sectors = 8 limit=128
[   72.859794][ T5510] netlink: 36 bytes leftover after parsing attributes in process `syz.0.680'.
[   72.861284][ T5512] syz.4.681: attempt to access beyond end of device
[   72.861284][ T5512] loop4: rw=2049, sector=185, nr_sectors = 8 limit=128
[   72.868970][ T5510] netlink: 36 bytes leftover after parsing attributes in process `syz.0.680'.
[   72.958142][ T5528] netlink: 'syz.0.683': attribute type 1 has an invalid length.
[   72.979893][ T5530] loop4: detected capacity change from 0 to 128
[   72.999875][ T5528] 8021q: adding VLAN 0 to HW filter on device bond0
[   73.012791][ T5530] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   73.027297][ T5530] ext4 filesystem being mounted at /102/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   73.027991][ T5533] bond0 (unregistering): Released all slaves
[   73.074520][ T5535] loop2: detected capacity change from 0 to 128
[   73.086558][ T5535] FAT-fs (loop2): Directory bread(block 32) failed
[   73.107275][ T5535] FAT-fs (loop2): Directory bread(block 33) failed
[   73.121695][ T5535] FAT-fs (loop2): Directory bread(block 34) failed
[   73.128429][ T5535] FAT-fs (loop2): Directory bread(block 35) failed
[   73.135860][ T5535] FAT-fs (loop2): Directory bread(block 36) failed
[   73.143189][ T5535] FAT-fs (loop2): Directory bread(block 37) failed
[   73.153350][ T5535] FAT-fs (loop2): Directory bread(block 38) failed
[   73.161598][ T5535] FAT-fs (loop2): Directory bread(block 39) failed
[   73.168355][ T5535] FAT-fs (loop2): Directory bread(block 40) failed
[   73.176553][ T5535] FAT-fs (loop2): Directory bread(block 41) failed
[   73.215015][ T5535] syz.2.685: attempt to access beyond end of device
[   73.215015][ T5535] loop2: rw=0, sector=4112, nr_sectors = 4 limit=128
[   73.228316][ T5535] Buffer I/O error on dev loop2, logical block 1028, async page read
[   73.238174][ T5535] syz.2.685: attempt to access beyond end of device
[   73.238174][ T5535] loop2: rw=0, sector=167964, nr_sectors = 4 limit=128
[   73.251664][ T5535] Buffer I/O error on dev loop2, logical block 41991, async page read
[   73.260458][ T5535] FAT-fs (loop2): Filesystem has been set read-only
[   73.269229][ T5535] syz.2.685: attempt to access beyond end of device
[   73.269229][ T5535] loop2: rw=0, sector=4112, nr_sectors = 4 limit=128
[   73.282396][ T5535] Buffer I/O error on dev loop2, logical block 1028, async page read
[   73.291741][ T5535] syz.2.685: attempt to access beyond end of device
[   73.291741][ T5535] loop2: rw=0, sector=167964, nr_sectors = 4 limit=128
[   73.305369][ T5535] Buffer I/O error on dev loop2, logical block 41991, async page read
[   73.408557][ T5561] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[   73.417658][ T5563] FAULT_INJECTION: forcing a failure.
[   73.417658][ T5563] name failslab, interval 1, probability 0, space 0, times 0
[   73.418573][ T5561] syzkaller0: entered promiscuous mode
[   73.430376][ T5563] CPU: 1 UID: 0 PID: 5563 Comm: ’ Not tainted syzkaller #0 PREEMPT(voluntary) 
[   73.430402][ T5563] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   73.430413][ T5563] Call Trace:
[   73.430486][ T5563]  <TASK>
[   73.430495][ T5563]  __dump_stack+0x1d/0x30
[   73.430517][ T5563]  dump_stack_lvl+0xe8/0x140
[   73.430536][ T5563]  dump_stack+0x15/0x1b
[   73.430550][ T5563]  should_fail_ex+0x265/0x280
[   73.430571][ T5563]  should_failslab+0x8c/0xb0
[   73.430601][ T5563]  kmem_cache_alloc_lru_noprof+0x55/0x310
[   73.430641][ T5563]  ? shmem_alloc_inode+0x34/0x50
[   73.430714][ T5563]  ? __pfx_shmem_alloc_inode+0x10/0x10
[   73.430734][ T5563]  shmem_alloc_inode+0x34/0x50
[   73.430762][ T5563]  alloc_inode+0x40/0x170
[   73.430783][ T5563]  new_inode+0x1d/0xe0
[   73.430804][ T5563]  shmem_get_inode+0x244/0x750
[   73.430826][ T5563]  __shmem_file_setup+0x113/0x210
[   73.430937][ T5563]  shmem_file_setup+0x3b/0x50
[   73.431018][ T5563]  __se_sys_memfd_create+0x2c3/0x590
[   73.431100][ T5563]  __x64_sys_memfd_create+0x31/0x40
[   73.431119][ T5563]  x64_sys_call+0x2abe/0x2ff0
[   73.431188][ T5563]  do_syscall_64+0xd2/0x200
[   73.431212][ T5563]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   73.431235][ T5563]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   73.431281][ T5563]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.431310][ T5563] RIP: 0033:0x7f10ac42ebe9
[   73.431325][ T5563] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   73.431345][ T5563] RSP: 002b:00007f10aae96d68 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[   73.431364][ T5563] RAX: ffffffffffffffda RBX: 00000000000005d6 RCX: 00007f10ac42ebe9
[   73.431405][ T5563] RDX: 00007f10aae96dec RSI: 0000000000000000 RDI: 00007f10ac4b27e8
[   73.431417][ T5563] RBP: 0000200000000880 R08: 00007f10aae96b07 R09: 0000000000000000
[   73.431428][ T5563] R10: 000000000000000a R11: 0000000000000202 R12: 0000000000000001
[   73.431440][ T5563] R13: 00007f10aae96dec R14: 00007f10aae96df0 R15: 00007ffde355d518
[   73.431459][ T5563]  </TASK>
[   73.574810][ T5400] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 234: padding at end of block bitmap is not set
[   73.591218][ T5561] syzkaller0: entered allmulticast mode
[   73.672392][ T5400] EXT4-fs (loop1): Remounting filesystem read-only
[   73.691521][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.700812][ T5570] loop2: detected capacity change from 0 to 512
[   73.711503][ T5570] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   73.739256][ T5570] EXT4-fs error (device loop2): ext4_iget_extra_inode:5104: inode #15: comm syz.2.698: corrupted in-inode xattr: overlapping e_value 
[   73.757990][ T5570] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.698: couldn't read orphan inode 15 (err -117)
[   73.770803][ T5570] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.779355][ T5574] sd 0:0:1:0: device reset
[   73.793143][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.813819][ T3312] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   73.898762][ T5594] loop2: detected capacity change from 0 to 512
[   73.908202][ T5594] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[   73.929778][ T5597] tipc: Started in network mode
[   73.931938][ T5594] EXT4-fs (loop2): failed to open journal device unknown-block(0,0) -6
[   73.934743][ T5597] tipc: Node identity a2df0e2c1ce, cluster identity 4711
[   73.950397][ T5597] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   73.973450][ T5602] hub 9-0:1.0: USB hub found
[   73.978708][ T5602] hub 9-0:1.0: 8 ports detected
[   74.002579][ T5597] syzkaller0: entered promiscuous mode
[   74.008448][ T5597] syzkaller0: entered allmulticast mode
[   74.032407][ T5595] tipc: Resetting bearer <eth:syzkaller0>
[   74.043466][ T5595] tipc: Disabling bearer <eth:syzkaller0>
[   74.106381][ T5608] loop2: detected capacity change from 0 to 512
[   74.112988][ T5608] EXT4-fs: Ignoring removed i_version option
[   74.119070][ T5608] EXT4-fs: Ignoring removed nobh option
[   74.130571][ T5608] EXT4-fs: inline encryption not supported
[   74.137541][ T5608] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   74.153226][ T5608] EXT4-fs (loop2): 1 truncate cleaned up
[   74.153329][ T5609] hub 9-0:1.0: USB hub found
[   74.159559][ T5608] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   74.174782][ T5609] hub 9-0:1.0: 8 ports detected
[   74.182878][ T5612] loop1: detected capacity change from 0 to 512
[   74.189885][ T5612] EXT4-fs: Ignoring removed i_version option
[   74.196095][ T5612] EXT4-fs: Ignoring removed nobh option
[   74.202366][ T5612] EXT4-fs: inline encryption not supported
[   74.217405][ T5612] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   74.247356][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.261784][ T5612] EXT4-fs (loop1): 1 truncate cleaned up
[   74.265402][ T5615] bridge0: port 1(bridge_slave_0) entered disabled state
[   74.267943][ T5612] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   74.289387][ T5615] bridge_slave_0 (unregistering): left allmulticast mode
[   74.296650][ T5615] bridge_slave_0 (unregistering): left promiscuous mode
[   74.303838][ T5615] bridge0: port 1(bridge_slave_0) entered disabled state
[   74.324089][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.758181][ T5672] sd 0:0:1:0: device reset
[   74.798967][ T5682] lo speed is unknown, defaulting to 1000
[   74.814847][ T5682] lo speed is unknown, defaulting to 1000
[   74.820912][ T5682] lo speed is unknown, defaulting to 1000
[   74.828633][ T5682] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   74.836342][ T5682] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[   74.846988][ T5682] lo speed is unknown, defaulting to 1000
[   74.853428][ T5682] lo speed is unknown, defaulting to 1000
[   74.886324][ T5690] netlink: 'syz.0.741': attribute type 13 has an invalid length.
[   74.891504][ T5682] lo speed is unknown, defaulting to 1000
[   74.908349][ T5598] syz.4.708 (5598) used greatest stack depth: 6408 bytes left
[   74.934052][ T5690] 8021q: adding VLAN 0 to HW filter on device $Hÿ
[   74.949787][ T5690] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   74.965611][ T5682] lo speed is unknown, defaulting to 1000
[   74.971620][ T5682] lo speed is unknown, defaulting to 1000
[   74.986110][   T29] kauditd_printk_skb: 430 callbacks suppressed
[   74.986129][   T29] audit: type=1400 audit(1756449950.127:5583): avc:  denied  { write } for  pid=5681 comm="syz.3.737" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[   74.999296][ T5704] netlink: 'syz.4.743': attribute type 10 has an invalid length.
[   75.032528][   T29] audit: type=1400 audit(1756449950.167:5584): avc:  denied  { audit_write } for  pid=5706 comm="syz.0.744" capability=29  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[   75.054023][   T29] audit: type=1107 audit(1756449950.167:5585): pid=5706 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg=''
[   75.079835][ T5711] 9pnet: Could not find request transport: 0xffffffffffffffff
[   75.100817][   T29] audit: type=1400 audit(1756449950.187:5586): avc:  denied  { wake_alarm } for  pid=5706 comm="syz.0.744" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   75.147567][ T5707] lo speed is unknown, defaulting to 1000
[   75.181170][ T5726] loop2: detected capacity change from 0 to 128
[   75.208636][ T5726] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   75.219300][ T5734] loop4: detected capacity change from 0 to 512
[   75.222421][ T5726] ext4 filesystem being mounted at /148/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   75.227804][ T5734] EXT4-fs: Ignoring removed i_version option
[   75.243713][ T5734] EXT4-fs: Ignoring removed nobh option
[   75.249762][ T5734] EXT4-fs: inline encryption not supported
[   75.258524][ T5734] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   75.269982][ T5734] EXT4-fs (loop4): 1 truncate cleaned up
[   75.288564][ T5734] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   75.311899][ T3411] kernel write not supported for file /500/attr/exec (pid: 3411 comm: kworker/1:4)
[   75.324304][   T29] audit: type=1326 audit(1756449950.457:5587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5725 comm="syz.2.749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80c260ebe9 code=0x7ffc0000
[   75.348092][   T29] audit: type=1326 audit(1756449950.457:5588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5725 comm="syz.2.749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f80c260ebe9 code=0x7ffc0000
[   75.394274][   T29] audit: type=1326 audit(1756449950.457:5589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5725 comm="syz.2.749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80c260ebe9 code=0x7ffc0000
[   75.417859][   T29] audit: type=1326 audit(1756449950.457:5590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5725 comm="syz.2.749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f80c260ebe9 code=0x7ffc0000
[   75.441256][   T29] audit: type=1326 audit(1756449950.477:5591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5725 comm="syz.2.749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80c260ebe9 code=0x7ffc0000
[   75.464854][   T29] audit: type=1326 audit(1756449950.477:5592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5725 comm="syz.2.749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f80c260ebe9 code=0x7ffc0000
[   75.504222][ T3311] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   75.536291][ T3312] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.562774][ T5758] FAULT_INJECTION: forcing a failure.
[   75.562774][ T5758] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   75.576058][ T5758] CPU: 0 UID: 0 PID: 5758 Comm: syz.4.757 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   75.576138][ T5758] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   75.576149][ T5758] Call Trace:
[   75.576157][ T5758]  <TASK>
[   75.576165][ T5758]  __dump_stack+0x1d/0x30
[   75.576192][ T5758]  dump_stack_lvl+0xe8/0x140
[   75.576208][ T5758]  dump_stack+0x15/0x1b
[   75.576349][ T5758]  should_fail_ex+0x265/0x280
[   75.576425][ T5758]  should_fail+0xb/0x20
[   75.576503][ T5758]  should_fail_usercopy+0x1a/0x20
[   75.576526][ T5758]  _copy_from_user+0x1c/0xb0
[   75.576622][ T5758]  ___sys_sendmsg+0xc1/0x1d0
[   75.576653][ T5758]  __x64_sys_sendmsg+0xd4/0x160
[   75.576673][ T5758]  x64_sys_call+0x191e/0x2ff0
[   75.576693][ T5758]  do_syscall_64+0xd2/0x200
[   75.576776][ T5758]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   75.576814][ T5758]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   75.576905][ T5758]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.576926][ T5758] RIP: 0033:0x7f5624d5ebe9
[   75.576942][ T5758] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.576957][ T5758] RSP: 002b:00007f56237bf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   75.576977][ T5758] RAX: ffffffffffffffda RBX: 00007f5624f85fa0 RCX: 00007f5624d5ebe9
[   75.576989][ T5758] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000007
[   75.577012][ T5758] RBP: 00007f56237bf090 R08: 0000000000000000 R09: 0000000000000000
[   75.577023][ T5758] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   75.577033][ T5758] R13: 00007f5624f86038 R14: 00007f5624f85fa0 R15: 00007ffcbcd64218
[   75.577049][ T5758]  </TASK>
[   75.841128][ T5776] sd 0:0:1:0: device reset
[   75.965285][ T5793] FAULT_INJECTION: forcing a failure.
[   75.965285][ T5793] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   75.978433][ T5793] CPU: 0 UID: 0 PID: 5793 Comm: syz.0.769 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   75.978480][ T5793] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   75.978497][ T5793] Call Trace:
[   75.978506][ T5793]  <TASK>
[   75.978514][ T5793]  __dump_stack+0x1d/0x30
[   75.978536][ T5793]  dump_stack_lvl+0xe8/0x140
[   75.978667][ T5793]  dump_stack+0x15/0x1b
[   75.978688][ T5793]  should_fail_ex+0x265/0x280
[   75.978707][ T5793]  should_fail+0xb/0x20
[   75.978739][ T5793]  should_fail_usercopy+0x1a/0x20
[   75.978758][ T5793]  _copy_from_iter+0xd2/0xe80
[   75.978831][ T5793]  ? __build_skb_around+0x1a0/0x200
[   75.978925][ T5793]  ? __alloc_skb+0x223/0x320
[   75.978942][ T5793]  pfkey_sendmsg+0x126/0x900
[   75.978969][ T5793]  ? avc_has_perm+0xf7/0x180
[   75.978993][ T5793]  ? selinux_socket_sendmsg+0x175/0x1b0
[   75.979085][ T5793]  ? __pfx_pfkey_sendmsg+0x10/0x10
[   75.979106][ T5793]  __sock_sendmsg+0x145/0x180
[   75.979142][ T5793]  ____sys_sendmsg+0x31e/0x4e0
[   75.979245][ T5793]  ___sys_sendmsg+0x17b/0x1d0
[   75.979283][ T5793]  __x64_sys_sendmsg+0xd4/0x160
[   75.979343][ T5793]  x64_sys_call+0x191e/0x2ff0
[   75.979366][ T5793]  do_syscall_64+0xd2/0x200
[   75.979410][ T5793]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   75.979435][ T5793]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   75.979456][ T5793]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.979474][ T5793] RIP: 0033:0x7f1ea70febe9
[   75.979553][ T5793] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.979568][ T5793] RSP: 002b:00007f1ea5b5f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   75.979652][ T5793] RAX: ffffffffffffffda RBX: 00007f1ea7325fa0 RCX: 00007f1ea70febe9
[   75.979665][ T5793] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000003
[   75.979679][ T5793] RBP: 00007f1ea5b5f090 R08: 0000000000000000 R09: 0000000000000000
[   75.979692][ T5793] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   75.979704][ T5793] R13: 00007f1ea7326038 R14: 00007f1ea7325fa0 R15: 00007ffd815aa8d8
[   75.979752][ T5793]  </TASK>
[   76.330114][ T5809] Option 'Í'M•O§±' to dns_resolver key: bad/missing value
[   76.450338][ T5825] loop4: detected capacity change from 0 to 256
[   76.458484][ T5825] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   76.471660][ T5829] __nla_validate_parse: 12 callbacks suppressed
[   76.471681][ T5829] netlink: 72 bytes leftover after parsing attributes in process `syz.3.777'.
[   76.518461][ T5825] netlink: 'syz.4.776': attribute type 6 has an invalid length.
[   76.526254][ T5825] netlink: 12 bytes leftover after parsing attributes in process `syz.4.776'.
[   76.790841][ T5850] loop2: detected capacity change from 0 to 512
[   76.797748][ T5850] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[   76.806976][ T5850] EXT4-fs (loop2): invalid journal inode
[   76.812640][ T5850] EXT4-fs (loop2): can't get journal size
[   76.819116][ T5850] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a054c118, mo2=0002]
[   76.827254][ T5850] System zones: 1-12, 13-13
[   76.832513][ T5850] EXT4-fs (loop2): 1 truncate cleaned up
[   76.838706][ T5850] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   76.862347][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.895280][ T5857] loop2: detected capacity change from 0 to 512
[   76.902212][ T5857] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   76.912503][ T5857] EXT4-fs error (device loop2): ext4_iget_extra_inode:5104: inode #15: comm syz.2.786: corrupted in-inode xattr: overlapping e_value 
[   76.926415][ T5857] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.786: couldn't read orphan inode 15 (err -117)
[   76.939365][ T5857] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   76.960040][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.142335][ T5870] netlink: 72 bytes leftover after parsing attributes in process `syz.0.791'.
[   77.466415][ T5895] FAULT_INJECTION: forcing a failure.
[   77.466415][ T5895] name failslab, interval 1, probability 0, space 0, times 0
[   77.477724][ T5892] loop4: detected capacity change from 0 to 1024
[   77.479801][ T5895] CPU: 1 UID: 0 PID: 5895 Comm: syz.0.798 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   77.479864][ T5895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   77.479882][ T5895] Call Trace:
[   77.479888][ T5895]  <TASK>
[   77.479895][ T5895]  __dump_stack+0x1d/0x30
[   77.479918][ T5895]  dump_stack_lvl+0xe8/0x140
[   77.479936][ T5895]  dump_stack+0x15/0x1b
[   77.479952][ T5895]  should_fail_ex+0x265/0x280
[   77.480046][ T5895]  should_failslab+0x8c/0xb0
[   77.480068][ T5895]  __kmalloc_noprof+0xa5/0x3e0
[   77.480093][ T5895]  ? copy_splice_read+0xc2/0x660
[   77.480112][ T5895]  copy_splice_read+0xc2/0x660
[   77.480132][ T5895]  ? __pfx_shmem_file_splice_read+0x10/0x10
[   77.480203][ T5895]  splice_direct_to_actor+0x290/0x680
[   77.480223][ T5895]  ? __pfx_direct_splice_actor+0x10/0x10
[   77.480245][ T5895]  do_splice_direct+0xda/0x150
[   77.480332][ T5895]  ? __pfx_direct_file_splice_eof+0x10/0x10
[   77.480367][ T5895]  do_sendfile+0x380/0x650
[   77.480395][ T5895]  __x64_sys_sendfile64+0x105/0x150
[   77.480437][ T5895]  x64_sys_call+0x2bb0/0x2ff0
[   77.480457][ T5895]  do_syscall_64+0xd2/0x200
[   77.480522][ T5895]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   77.480545][ T5895]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   77.480566][ T5895] RIP: 0033:0x7f1ea70febe9
[   77.480594][ T5895] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   77.480610][ T5895] RSP: 002b:00007f1ea5b5f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[   77.480628][ T5895] RAX: ffffffffffffffda RBX: 00007f1ea7325fa0 RCX: 00007f1ea70febe9
[   77.480641][ T5895] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 000000000000000a
[   77.480652][ T5895] RBP: 00007f1ea5b5f090 R08: 0000000000000000 R09: 0000000000000000
[   77.480683][ T5895] R10: 00008000fffffffc R11: 0000000000000246 R12: 0000000000000001
[   77.480696][ T5895] R13: 00007f1ea7326038 R14: 00007f1ea7325fa0 R15: 00007ffd815aa8d8
[   77.480714][ T5895]  </TASK>
[   77.698269][ T5892] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[   77.709911][ T5904] SELinux: security_context_str_to_sid () failed with errno=-22
[   77.730889][ T5904] lo speed is unknown, defaulting to 1000
[   77.747096][ T5906] netlink: 4 bytes leftover after parsing attributes in process `syz.3.802'.
[   77.761028][ T5906] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5906 comm=syz.3.802
[   77.774825][ T5892] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   77.835636][ T5892] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.858051][ T5914] netlink: 72 bytes leftover after parsing attributes in process `syz.2.803'.
[   78.027385][ T5927] loop2: detected capacity change from 0 to 512
[   78.063296][ T5932] loop4: detected capacity change from 0 to 2048
[   78.071020][ T5927] EXT4-fs: Ignoring removed i_version option
[   78.077265][ T5927] EXT4-fs: Ignoring removed nobh option
[   78.087060][ T5927] EXT4-fs: inline encryption not supported
[   78.093934][ T5927] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   78.121094][ T5932] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[   78.199338][ T5927] EXT4-fs (loop2): 1 truncate cleaned up
[   78.209933][ T5932] netlink: 'syz.4.810': attribute type 10 has an invalid length.
[   78.219552][ T5927] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   78.260121][ T5932] bond0: (slave dummy0): Enslaving as an active interface with an up link
[   78.281541][ T5899] syz.1.799 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[   78.295410][ T5944] netlink: 100 bytes leftover after parsing attributes in process `syz.3.812'.
[   78.295883][ T5899] CPU: 0 UID: 0 PID: 5899 Comm: syz.1.799 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   78.295916][ T5899] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   78.295929][ T5899] Call Trace:
[   78.295936][ T5899]  <TASK>
[   78.295944][ T5899]  __dump_stack+0x1d/0x30
[   78.295995][ T5899]  dump_stack_lvl+0xe8/0x140
[   78.296014][ T5899]  dump_stack+0x15/0x1b
[   78.296030][ T5899]  dump_header+0x81/0x220
[   78.296062][ T5899]  oom_kill_process+0x342/0x400
[   78.296122][ T5899]  out_of_memory+0x979/0xb80
[   78.296159][ T5899]  try_charge_memcg+0x5e6/0x9e0
[   78.296245][ T5899]  obj_cgroup_charge_pages+0xa6/0x150
[   78.296276][ T5899]  __memcg_kmem_charge_page+0x9f/0x170
[   78.296361][ T5899]  __alloc_frozen_pages_noprof+0x188/0x360
[   78.296397][ T5899]  alloc_pages_mpol+0xb3/0x250
[   78.296428][ T5899]  alloc_pages_noprof+0x90/0x130
[   78.296545][ T5899]  __vmalloc_node_range_noprof+0x6f2/0xe00
[   78.296698][ T5899]  __kvmalloc_node_noprof+0x30f/0x4e0
[   78.296726][ T5899]  ? ip_set_alloc+0x1f/0x30
[   78.296755][ T5899]  ? ip_set_alloc+0x1f/0x30
[   78.296918][ T5899]  ? hash_netiface_create+0x21b/0x740
[   78.296950][ T5899]  ? __kmalloc_cache_noprof+0x189/0x320
[   78.296978][ T5899]  ip_set_alloc+0x1f/0x30
[   78.297048][ T5899]  hash_netiface_create+0x282/0x740
[   78.297080][ T5899]  ? __pfx_hash_netiface_create+0x10/0x10
[   78.297112][ T5899]  ip_set_create+0x3c9/0x960
[   78.297197][ T5899]  ? __nla_parse+0x40/0x60
[   78.297223][ T5899]  nfnetlink_rcv_msg+0x4c3/0x590
[   78.297305][ T5899]  ? __rcu_read_unlock+0x34/0x70
[   78.297344][ T5899]  netlink_rcv_skb+0x123/0x220
[   78.297365][ T5899]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[   78.297467][ T5899]  nfnetlink_rcv+0x16b/0x1690
[   78.297513][ T5899]  ? nlmon_xmit+0x4f/0x60
[   78.297538][ T5899]  ? consume_skb+0x49/0x150
[   78.297620][ T5899]  ? nlmon_xmit+0x4f/0x60
[   78.297644][ T5899]  ? dev_hard_start_xmit+0x3b0/0x3e0
[   78.297669][ T5899]  ? __dev_queue_xmit+0x1200/0x2000
[   78.297690][ T5899]  ? __dev_queue_xmit+0x182/0x2000
[   78.297710][ T5899]  ? __alloc_frozen_pages_noprof+0x188/0x360
[   78.297790][ T5899]  ? ref_tracker_free+0x37d/0x3e0
[   78.297842][ T5899]  ? __netlink_deliver_tap+0x4dc/0x500
[   78.297867][ T5899]  netlink_unicast+0x5bd/0x690
[   78.297942][ T5899]  netlink_sendmsg+0x58b/0x6b0
[   78.297965][ T5899]  ? __pfx_netlink_sendmsg+0x10/0x10
[   78.297988][ T5899]  __sock_sendmsg+0x145/0x180
[   78.298070][ T5899]  ____sys_sendmsg+0x31e/0x4e0
[   78.298095][ T5899]  ___sys_sendmsg+0x17b/0x1d0
[   78.298130][ T5899]  __x64_sys_sendmsg+0xd4/0x160
[   78.298164][ T5899]  x64_sys_call+0x191e/0x2ff0
[   78.298272][ T5899]  do_syscall_64+0xd2/0x200
[   78.298346][ T5899]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   78.298448][ T5899]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   78.298473][ T5899]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.298494][ T5899] RIP: 0033:0x7fe33831ebe9
[   78.298512][ T5899] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   78.298529][ T5899] RSP: 002b:00007fe336d7f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   78.298549][ T5899] RAX: ffffffffffffffda RBX: 00007fe338545fa0 RCX: 00007fe33831ebe9
[   78.298623][ T5899] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000003
[   78.298635][ T5899] RBP: 00007fe3383a1e19 R08: 0000000000000000 R09: 0000000000000000
[   78.298648][ T5899] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   78.298661][ T5899] R13: 00007fe338546038 R14: 00007fe338545fa0 R15: 00007fff6e92d038
[   78.298680][ T5899]  </TASK>
[   78.298687][ T5899] memory: usage 307200kB, limit 307200kB, failcnt 623
[   78.665007][ T5899] memory+swap: usage 307464kB, limit 9007199254740988kB, failcnt 0
[   78.673067][ T5899] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[   78.680391][ T5899] Memory cgroup stats for /syz1:
[   78.682694][ T5899] cache 0
[   78.683234][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.687797][ T5899] rss 0
[   78.687809][ T5899] shmem 0
[   78.706397][ T5899] mapped_file 0
[   78.710137][ T5899] dirty 0
[   78.713172][ T5899] writeback 0
[   78.716723][ T5899] workingset_refault_anon 89
[   78.721414][ T5899] workingset_refault_file 687
[   78.726446][ T5899] swap 270336
[   78.729725][ T5899] swapcached 0
[   78.733269][ T5899] pgpgin 72352
[   78.736960][ T5899] pgpgout 72352
[   78.740910][ T5899] pgfault 49367
[   78.744710][ T5899] pgmajfault 52
[   78.748379][ T5899] inactive_anon 0
[   78.752153][ T5899] active_anon 0
[   78.755672][ T5899] inactive_file 0
[   78.759481][ T5899] active_file 0
[   78.762953][ T5899] unevictable 0
[   78.766446][ T5899] hierarchical_memory_limit 314572800
[   78.771994][ T5899] hierarchical_memsw_limit 9223372036854771712
[   78.778401][ T5899] total_cache 0
[   78.781957][ T5899] total_rss 0
[   78.785392][ T5899] total_shmem 0
[   78.788960][ T5899] total_mapped_file 0
[   78.792950][ T5899] total_dirty 0
[   78.796474][ T5899] total_writeback 0
[   78.800346][ T5899] total_workingset_refault_anon 89
[   78.805963][ T5899] total_workingset_refault_file 687
[   78.811377][ T5899] total_swap 270336
[   78.815376][ T5899] total_swapcached 0
[   78.819415][ T5899] total_pgpgin 72352
[   78.823393][ T5899] total_pgpgout 72352
[   78.827664][ T5899] total_pgfault 49367
[   78.831781][ T5899] total_pgmajfault 52
[   78.835903][ T5899] total_inactive_anon 0
[   78.840060][ T5899] total_active_anon 0
[   78.844048][ T5899] total_inactive_file 0
[   78.848345][ T5899] total_active_file 0
[   78.852431][ T5899] total_unevictable 0
[   78.856632][ T5899] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.799,pid=5898,uid=0
[   78.871644][ T5899] Memory cgroup out of memory: Killed process 5898 (syz.1.799) total-vm:93632kB, anon-rss:944kB, file-rss:22184kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[   78.944316][ T3312] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[   79.048336][ T5966] netlink: 72 bytes leftover after parsing attributes in process `syz.4.819'.
[   79.326517][ T6009] netlink: 72 bytes leftover after parsing attributes in process `syz.4.835'.
[   79.517200][ T6029] sd 0:0:1:0: device reset
[   80.043256][   T29] kauditd_printk_skb: 329 callbacks suppressed
[   80.043336][   T29] audit: type=1326 audit(1756449955.177:5922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6053 comm="syz.3.854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10ac42ebe9 code=0x7ffc0000
[   80.073978][   T29] audit: type=1326 audit(1756449955.177:5923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6053 comm="syz.3.854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10ac42ebe9 code=0x7ffc0000
[   80.127439][ T6001] syz.0.832 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[   80.142199][ T6001] CPU: 0 UID: 0 PID: 6001 Comm: syz.0.832 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   80.142227][ T6001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   80.142238][ T6001] Call Trace:
[   80.142245][ T6001]  <TASK>
[   80.142254][ T6001]  __dump_stack+0x1d/0x30
[   80.142276][ T6001]  dump_stack_lvl+0xe8/0x140
[   80.142293][ T6001]  dump_stack+0x15/0x1b
[   80.142378][ T6001]  dump_header+0x81/0x220
[   80.142418][ T6001]  oom_kill_process+0x342/0x400
[   80.142446][ T6001]  out_of_memory+0x979/0xb80
[   80.142546][ T6001]  try_charge_memcg+0x5e6/0x9e0
[   80.142564][ T6001]  obj_cgroup_charge_pages+0xa6/0x150
[   80.142597][ T6001]  __memcg_kmem_charge_page+0x9f/0x170
[   80.142647][ T6001]  __alloc_frozen_pages_noprof+0x188/0x360
[   80.142717][ T6001]  alloc_pages_mpol+0xb3/0x250
[   80.142815][ T6001]  alloc_pages_noprof+0x90/0x130
[   80.142831][ T6001]  __vmalloc_node_range_noprof+0x6f2/0xe00
[   80.142902][ T6001]  __kvmalloc_node_noprof+0x30f/0x4e0
[   80.142919][ T6001]  ? ip_set_alloc+0x1f/0x30
[   80.143062][ T6001]  ? ip_set_alloc+0x1f/0x30
[   80.143078][ T6001]  ? __kmalloc_cache_noprof+0x189/0x320
[   80.143093][ T6001]  ip_set_alloc+0x1f/0x30
[   80.143109][ T6001]  hash_netiface_create+0x282/0x740
[   80.143182][ T6001]  ? __pfx_hash_netiface_create+0x10/0x10
[   80.143275][ T6001]  ip_set_create+0x3c9/0x960
[   80.143291][ T6001]  ? __nla_parse+0x40/0x60
[   80.143306][ T6001]  nfnetlink_rcv_msg+0x4c3/0x590
[   80.143324][ T6001]  ? __rcu_read_unlock+0x34/0x70
[   80.143348][ T6001]  netlink_rcv_skb+0x123/0x220
[   80.143361][ T6001]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[   80.143380][ T6001]  nfnetlink_rcv+0x16b/0x1690
[   80.143404][ T6001]  ? nlmon_xmit+0x4f/0x60
[   80.143422][ T6001]  ? consume_skb+0x49/0x150
[   80.143438][ T6001]  ? nlmon_xmit+0x4f/0x60
[   80.143488][ T6001]  ? dev_hard_start_xmit+0x3b0/0x3e0
[   80.143570][ T6001]  ? __dev_queue_xmit+0x1200/0x2000
[   80.143581][ T6001]  ? __dev_queue_xmit+0x182/0x2000
[   80.143650][ T6001]  ? __alloc_frozen_pages_noprof+0x188/0x360
[   80.143668][ T6001]  ? ref_tracker_free+0x37d/0x3e0
[   80.143747][ T6001]  ? __netlink_deliver_tap+0x4dc/0x500
[   80.143761][ T6001]  netlink_unicast+0x5bd/0x690
[   80.143782][ T6001]  netlink_sendmsg+0x58b/0x6b0
[   80.143795][ T6001]  ? __pfx_netlink_sendmsg+0x10/0x10
[   80.143877][ T6001]  __sock_sendmsg+0x145/0x180
[   80.143894][ T6001]  ____sys_sendmsg+0x31e/0x4e0
[   80.143985][ T6001]  ___sys_sendmsg+0x17b/0x1d0
[   80.144125][ T6001]  __x64_sys_sendmsg+0xd4/0x160
[   80.144140][ T6001]  x64_sys_call+0x191e/0x2ff0
[   80.144210][ T6001]  do_syscall_64+0xd2/0x200
[   80.144226][ T6001]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   80.144254][ T6001]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   80.144338][ T6001]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.144422][ T6001] RIP: 0033:0x7f1ea70febe9
[   80.144439][ T6001] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   80.144454][ T6001] RSP: 002b:00007f1ea5b5f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   80.144471][ T6001] RAX: ffffffffffffffda RBX: 00007f1ea7325fa0 RCX: 00007f1ea70febe9
[   80.144484][ T6001] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000003
[   80.144495][ T6001] RBP: 00007f1ea7181e19 R08: 0000000000000000 R09: 0000000000000000
[   80.144506][ T6001] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   80.144516][ T6001] R13: 00007f1ea7326038 R14: 00007f1ea7325fa0 R15: 00007ffd815aa8d8
[   80.144533][ T6001]  </TASK>
[   80.144541][ T6001] memory: usage 307200kB, limit 307200kB, failcnt 816
[   80.212353][ T6061] netlink: 'syz.3.857': attribute type 1 has an invalid length.
[   80.217499][ T6001] memory+swap: usage 307440kB, limit 9007199254740988kB, failcnt 0
[   80.522818][ T6001] kmem: usage 307192kB, limit 9007199254740988kB, failcnt 0
[   80.530339][ T6001] Memory cgroup stats for /syz0:
[   80.530851][ T6001] cache 0
[   80.539265][ T6001] rss 4096
[   80.542291][ T6001] shmem 0
[   80.545321][ T6001] mapped_file 0
[   80.548869][ T6001] dirty 0
[   80.551841][ T6001] writeback 0
[   80.555358][ T6001] workingset_refault_anon 135
[   80.560215][ T6001] workingset_refault_file 1230
[   80.565108][ T6001] swap 245760
[   80.568729][ T6001] swapcached 8192
[   80.572729][ T6001] pgpgin 51227
[   80.576163][ T6001] pgpgout 51225
[   80.579630][ T6001] pgfault 58429
[   80.583288][ T6001] pgmajfault 105
[   80.586871][ T6001] inactive_anon 0
[   80.590769][ T6001] active_anon 0
[   80.594588][ T6001] inactive_file 0
[   80.598287][ T6001] active_file 0
[   80.601745][ T6001] unevictable 0
[   80.605320][ T6001] hierarchical_memory_limit 314572800
[   80.610915][ T6001] hierarchical_memsw_limit 9223372036854771712
[   80.617235][ T6001] total_cache 0
[   80.620781][ T6001] total_rss 4096
[   80.624413][ T6001] total_shmem 0
[   80.627943][ T6001] total_mapped_file 0
[   80.632527][ T6001] total_dirty 0
[   80.636164][ T6001] total_writeback 0
[   80.639984][ T6001] total_workingset_refault_anon 135
[   80.645411][ T6001] total_workingset_refault_file 1230
[   80.650753][ T6001] total_swap 245760
[   80.654694][ T6001] total_swapcached 8192
[   80.658847][ T6001] total_pgpgin 51227
[   80.662751][ T6001] total_pgpgout 51225
[   80.666762][ T6001] total_pgfault 58429
[   80.670840][ T6001] total_pgmajfault 105
[   80.675116][ T6001] total_inactive_anon 0
[   80.679272][ T6001] total_active_anon 0
[   80.683234][ T6001] total_inactive_file 0
[   80.687412][ T6001] total_active_file 0
[   80.691382][ T6001] total_unevictable 0
[   80.695394][ T6001] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.832,pid=6000,uid=0
[   80.710012][ T6001] Memory cgroup out of memory: Killed process 6000 (syz.0.832) total-vm:93632kB, anon-rss:1072kB, file-rss:22184kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[   80.766541][ T6071] loop1: detected capacity change from 0 to 512
[   80.793775][ T6071] EXT4-fs: Ignoring removed i_version option
[   80.799983][ T6071] EXT4-fs: Ignoring removed nobh option
[   80.806653][ T6071] EXT4-fs: inline encryption not supported
[   80.813077][ T6071] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   80.839840][ T6071] EXT4-fs (loop1): 1 truncate cleaned up
[   80.844403][   T29] audit: type=1326 audit(1756449955.977:5924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6076 comm="syz.2.864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80c260ebe9 code=0x7ffc0000
[   80.846668][ T6071] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   80.869319][   T29] audit: type=1326 audit(1756449955.977:5925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6076 comm="syz.2.864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f80c260ebe9 code=0x7ffc0000
[   80.905372][   T29] audit: type=1326 audit(1756449955.977:5926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6076 comm="syz.2.864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80c260ebe9 code=0x7ffc0000
[   80.928905][   T29] audit: type=1326 audit(1756449955.977:5927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6076 comm="syz.2.864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f80c260ebe9 code=0x7ffc0000
[   80.952889][   T29] audit: type=1326 audit(1756449955.977:5928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6076 comm="syz.2.864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80c260ebe9 code=0x7ffc0000
[   80.976927][   T29] audit: type=1326 audit(1756449955.977:5929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6076 comm="syz.2.864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=312 compat=0 ip=0x7f80c260ebe9 code=0x7ffc0000
[   81.000449][   T29] audit: type=1326 audit(1756449955.977:5930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6076 comm="syz.2.864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f80c260ebe9 code=0x7ffc0000
[   81.024087][   T29] audit: type=1326 audit(1756449955.977:5931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6076 comm="syz.2.864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f80c260ebe9 code=0x7ffc0000
[   81.079163][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.132459][ T6090] netlink: 72 bytes leftover after parsing attributes in process `syz.4.870'.
[   81.171278][ T6090] hub 9-0:1.0: USB hub found
[   81.176534][ T6090] hub 9-0:1.0: 8 ports detected
[   81.236942][ T6101] loop4: detected capacity change from 0 to 512
[   81.284793][ T6101] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   81.296801][ T6101] EXT4-fs error (device loop4): ext4_iget_extra_inode:5104: inode #15: comm syz.4.873: corrupted in-inode xattr: overlapping e_value 
[   81.336577][ T6101] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.873: couldn't read orphan inode 15 (err -117)
[   81.355301][ T6101] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   81.407065][ T3312] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.841945][ T6129] loop1: detected capacity change from 0 to 256
[   81.851287][ T6129] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   81.895153][ T6129] netlink: 'syz.1.884': attribute type 6 has an invalid length.
[   81.903166][ T6129] netlink: 12 bytes leftover after parsing attributes in process `syz.1.884'.
[   82.185666][ T6146] loop2: detected capacity change from 0 to 512
[   82.192899][ T6146] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[   82.237608][ T6146] EXT4-fs (loop2): failed to open journal device unknown-block(0,0) -6
[   82.239812][ T6112] syz.4.877 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[   82.260452][ T6112] CPU: 0 UID: 0 PID: 6112 Comm: syz.4.877 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   82.260479][ T6112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   82.260520][ T6112] Call Trace:
[   82.260528][ T6112]  <TASK>
[   82.260536][ T6112]  __dump_stack+0x1d/0x30
[   82.260559][ T6112]  dump_stack_lvl+0xe8/0x140
[   82.260577][ T6112]  dump_stack+0x15/0x1b
[   82.260592][ T6112]  dump_header+0x81/0x220
[   82.260742][ T6112]  oom_kill_process+0x342/0x400
[   82.260772][ T6112]  out_of_memory+0x979/0xb80
[   82.260853][ T6112]  try_charge_memcg+0x5e6/0x9e0
[   82.260881][ T6112]  obj_cgroup_charge_pages+0xa6/0x150
[   82.260908][ T6112]  __memcg_kmem_charge_page+0x9f/0x170
[   82.260973][ T6112]  __alloc_frozen_pages_noprof+0x188/0x360
[   82.261009][ T6112]  alloc_pages_mpol+0xb3/0x250
[   82.261044][ T6112]  alloc_pages_noprof+0x90/0x130
[   82.261108][ T6112]  __vmalloc_node_range_noprof+0x6f2/0xe00
[   82.261182][ T6112]  __kvmalloc_node_noprof+0x30f/0x4e0
[   82.261207][ T6112]  ? ip_set_alloc+0x1f/0x30
[   82.261359][ T6112]  ? ip_set_alloc+0x1f/0x30
[   82.261391][ T6112]  ? __kmalloc_cache_noprof+0x189/0x320
[   82.261422][ T6112]  ip_set_alloc+0x1f/0x30
[   82.261524][ T6112]  hash_netiface_create+0x282/0x740
[   82.261607][ T6112]  ? __pfx_hash_netiface_create+0x10/0x10
[   82.261639][ T6112]  ip_set_create+0x3c9/0x960
[   82.261688][ T6112]  ? __nla_parse+0x40/0x60
[   82.261723][ T6112]  nfnetlink_rcv_msg+0x4c3/0x590
[   82.261767][ T6112]  netlink_rcv_skb+0x123/0x220
[   82.261785][ T6112]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[   82.261884][ T6112]  nfnetlink_rcv+0x16b/0x1690
[   82.261947][ T6112]  ? nlmon_xmit+0x4f/0x60
[   82.262008][ T6112]  ? consume_skb+0x49/0x150
[   82.262030][ T6112]  ? nlmon_xmit+0x4f/0x60
[   82.262135][ T6112]  ? dev_hard_start_xmit+0x3b0/0x3e0
[   82.262233][ T6112]  ? __dev_queue_xmit+0x1200/0x2000
[   82.262255][ T6112]  ? __dev_queue_xmit+0x182/0x2000
[   82.262288][ T6112]  ? __alloc_frozen_pages_noprof+0x188/0x360
[   82.262392][ T6112]  ? ref_tracker_free+0x37d/0x3e0
[   82.262421][ T6112]  ? __netlink_deliver_tap+0x4dc/0x500
[   82.262448][ T6112]  netlink_unicast+0x5bd/0x690
[   82.262540][ T6112]  netlink_sendmsg+0x58b/0x6b0
[   82.262565][ T6112]  ? __pfx_netlink_sendmsg+0x10/0x10
[   82.262587][ T6112]  __sock_sendmsg+0x145/0x180
[   82.262654][ T6112]  ____sys_sendmsg+0x31e/0x4e0
[   82.262682][ T6112]  ___sys_sendmsg+0x17b/0x1d0
[   82.262718][ T6112]  __x64_sys_sendmsg+0xd4/0x160
[   82.262741][ T6112]  x64_sys_call+0x191e/0x2ff0
[   82.262764][ T6112]  do_syscall_64+0xd2/0x200
[   82.262809][ T6112]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   82.262832][ T6112]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   82.262901][ T6112]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.262924][ T6112] RIP: 0033:0x7f5624d5ebe9
[   82.262941][ T6112] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   82.262998][ T6112] RSP: 002b:00007f56237bf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   82.263015][ T6112] RAX: ffffffffffffffda RBX: 00007f5624f85fa0 RCX: 00007f5624d5ebe9
[   82.263070][ T6112] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000003
[   82.263093][ T6112] RBP: 00007f5624de1e19 R08: 0000000000000000 R09: 0000000000000000
[   82.263104][ T6112] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   82.263115][ T6112] R13: 00007f5624f86038 R14: 00007f5624f85fa0 R15: 00007ffcbcd64218
[   82.263131][ T6112]  </TASK>
[   82.263137][ T6112] memory: usage 307200kB, limit 307200kB, failcnt 279
[   82.615592][ T6112] memory+swap: usage 307512kB, limit 9007199254740988kB, failcnt 0
[   82.623485][ T6112] kmem: usage 307184kB, limit 9007199254740988kB, failcnt 0
[   82.631052][ T6112] Memory cgroup stats for /syz4:
[   82.631253][ T6112] cache 0
[   82.639209][ T6112] rss 4096
[   82.642216][ T6112] shmem 0
[   82.645259][ T6112] mapped_file 0
[   82.648750][ T6112] dirty 0
[   82.652268][ T6112] writeback 0
[   82.655691][ T6112] workingset_refault_anon 63
[   82.660453][ T6112] workingset_refault_file 890
[   82.665562][ T6112] swap 319488
[   82.668835][ T6112] swapcached 12288
[   82.672640][ T6112] pgpgin 56482
[   82.676023][ T6112] pgpgout 56478
[   82.679471][ T6112] pgfault 43951
[   82.682977][ T6112] pgmajfault 58
[   82.686562][ T6112] inactive_anon 4096
[   82.690538][ T6112] active_anon 8192
[   82.694281][ T6112] inactive_file 0
[   82.698016][ T6112] active_file 4096
[   82.701740][ T6112] unevictable 0
[   82.705240][ T6112] hierarchical_memory_limit 314572800
[   82.710871][ T6112] hierarchical_memsw_limit 9223372036854771712
[   82.717046][ T6112] total_cache 0
[   82.720764][ T6112] total_rss 4096
[   82.724299][ T6112] total_shmem 0
[   82.727855][ T6112] total_mapped_file 0
[   82.731951][ T6112] total_dirty 0
[   82.735427][ T6112] total_writeback 0
[   82.739236][ T6112] total_workingset_refault_anon 63
[   82.744506][ T6112] total_workingset_refault_file 890
[   82.749900][ T6112] total_swap 319488
[   82.753694][ T6112] total_swapcached 12288
[   82.758017][ T6112] total_pgpgin 56482
[   82.761915][ T6112] total_pgpgout 56478
[   82.765954][ T6112] total_pgfault 43951
[   82.770027][ T6112] total_pgmajfault 58
[   82.774006][ T6112] total_inactive_anon 4096
[   82.778525][ T6112] total_active_anon 8192
[   82.782836][ T6112] total_inactive_file 0
[   82.787012][ T6112] total_active_file 4096
[   82.788522][ T6155] netlink: 72 bytes leftover after parsing attributes in process `syz.3.892'.
[   82.791252][ T6112] total_unevictable 0
[   82.791264][ T6112] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.877,pid=6111,uid=0
[   82.819001][ T6112] Memory cgroup out of memory: Killed process 6111 (syz.4.877) total-vm:93632kB, anon-rss:944kB, file-rss:22184kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[   82.861601][ T6155] hub 9-0:1.0: USB hub found
[   82.869732][ T6155] hub 9-0:1.0: 8 ports detected
[   83.014505][ T6166] loop4: detected capacity change from 0 to 512
[   83.030667][ T6166] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   83.170015][ T6180] IPv6: Can't replace route, no match found
[   83.215666][ T6180] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(10)
[   83.222403][ T6180] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   83.230085][ T6180] vhci_hcd vhci_hcd.0: Device attached
[   83.366041][ T6196] netlink: 4 bytes leftover after parsing attributes in process `syz.1.903'.
[   83.378684][ T6198] netlink: 8 bytes leftover after parsing attributes in process `syz.2.904'.
[   83.387900][ T6198] netlink: 4 bytes leftover after parsing attributes in process `syz.2.904'.
[   83.396900][ T6198] netlink: 'syz.2.904': attribute type 11 has an invalid length.
[   83.432253][ T1035] IPVS: starting estimator thread 0...
[   83.440085][ T6198] netlink: 64 bytes leftover after parsing attributes in process `syz.2.904'.
[   83.456581][ T6198] loop2: detected capacity change from 0 to 128
[   83.475130][ T6198] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   83.488380][ T3411] usb 7-1: new low-speed USB device number 2 using vhci_hcd
[   83.498525][ T6177] ==================================================================
[   83.506639][ T6177] BUG: KCSAN: data-race in __xa_set_mark / xas_find_marked
[   83.513886][ T6177] 
[   83.516290][ T6177] write to 0xffff888107639c9c of 4 bytes by task 6166 on cpu 1:
[   83.520804][ T6198] ext4 filesystem being mounted at /178/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   83.523914][ T6177]  __xa_set_mark+0x172/0x1a0
[   83.538889][ T6177]  __folio_mark_dirty+0x3af/0x4d0
[   83.544013][ T6177]  mark_buffer_dirty+0x11e/0x210
[   83.545725][ T6200] IPVS: using max 2736 ests per chain, 136800 per kthread
[   83.549133][ T6177]  block_write_end+0x12d/0x210
[   83.561203][ T6177]  ext4_write_end+0x134/0x730
[   83.565880][ T6177]  ext4_da_write_end+0x65/0x800
[   83.570749][ T6177]  generic_perform_write+0x312/0x490
[   83.576210][ T6177]  ext4_buffered_write_iter+0x1ee/0x3c0
[   83.582101][ T6177]  ext4_file_write_iter+0x383/0xf00
[   83.587308][ T6177]  iter_file_splice_write+0x663/0xa60
[   83.592754][ T6177]  direct_splice_actor+0x153/0x2a0
[   83.597948][ T6177]  splice_direct_to_actor+0x30f/0x680
[   83.603397][ T6177]  do_splice_direct+0xda/0x150
[   83.608591][ T6177]  do_sendfile+0x380/0x650
[   83.613008][ T6177]  __x64_sys_sendfile64+0x105/0x150
[   83.618208][ T6177]  x64_sys_call+0x2bb0/0x2ff0
[   83.622873][ T6177]  do_syscall_64+0xd2/0x200
[   83.627365][ T6177]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   83.633246][ T6177] 
[   83.635555][ T6177] read to 0xffff888107639c9c of 4 bytes by task 6177 on cpu 0:
[   83.643080][ T6177]  xas_find_marked+0x5dc/0x620
[   83.647834][ T6177]  find_get_entry+0x5d/0x380
[   83.652485][ T6177]  filemap_get_folios_tag+0x92/0x210
[   83.657763][ T6177]  file_write_and_wait_range+0x1ea/0x2c0
[   83.663436][ T6177]  generic_buffers_fsync_noflush+0x45/0x120
[   83.669403][ T6177]  ext4_sync_file+0x1ab/0x690
[   83.674171][ T6177]  vfs_fsync_range+0x10d/0x130
[   83.678919][ T6177]  ext4_buffered_write_iter+0x34f/0x3c0
[   83.684459][ T6177]  ext4_file_write_iter+0x383/0xf00
[   83.689650][ T6177]  iter_file_splice_write+0x663/0xa60
[   83.695002][ T6177]  direct_splice_actor+0x153/0x2a0
[   83.700191][ T6177]  splice_direct_to_actor+0x30f/0x680
[   83.705548][ T6177]  do_splice_direct+0xda/0x150
[   83.710295][ T6177]  do_sendfile+0x380/0x650
[   83.714702][ T6177]  __x64_sys_sendfile64+0x105/0x150
[   83.719888][ T6177]  x64_sys_call+0x2bb0/0x2ff0
[   83.724551][ T6177]  do_syscall_64+0xd2/0x200
[   83.729057][ T6177]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   83.734950][ T6177] 
[   83.737262][ T6177] value changed: 0x04000021 -> 0x0e000021
[   83.743058][ T6177] 
[   83.745365][ T6177] Reported by Kernel Concurrency Sanitizer on:
[   83.751678][ T6177] CPU: 0 UID: 0 PID: 6177 Comm: syz.4.895 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   83.761498][ T6177] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   83.771724][ T6177] ==================================================================
[   83.987835][ T6185] vhci_hcd: connection reset by peer
[   83.996830][ T3311] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   84.017400][  T312] vhci_hcd: stop threads
[   84.021676][  T312] vhci_hcd: release socket
[   84.026301][  T312] vhci_hcd: disconnect device
[   84.033816][ T3312] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.534788][ T3411] usb 7-1: enqueue for inactive port 0
[   88.540316][ T3411] usb 7-1: enqueue for inactive port 0
[   88.615012][ T3411] vhci_hcd: vhci_device speed not set