last executing test programs:

29.995132997s ago: executing program 0 (id=500):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x18, 0xfa00, {0xffffffffffffffff, 0x0, 0x2, 0x4}}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x14, 0x4, 0x8, 0xb, 0x180}, 0x50)
write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r0}, 0x10)
r1 = open(0x0, 0x14927e, 0x0)
fallocate(r1, 0x0, 0x0, 0x1000f4)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6, 0x1, 0x80, 0x7ff}]})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000740)={'veth0_virt_wifi\x00', &(0x7f00000006c0)=@ethtool_gstrings={0x1b, 0x5}})

28.854339176s ago: executing program 0 (id=512):
r0 = creat(&(0x7f0000000340)='./file0\x00', 0x14)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x5, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000003c0)='kfree\x00', r1, 0x0, 0x3}, 0x18)
mount$9p_fd(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f00000000c0), 0x1004001, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r0}})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x0, 0x7ffc0001}]})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a31b16ac5fb73fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9d66ebbc8bab4ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7436b97bf3825a19d6c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb9b1c63b84470364942e90d1cf856cead864f5e38c83b9ed86cc5725a20299ce512b165"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18)
r3 = shmget$private(0x0, 0x400000, 0x8, &(0x7f000000e000/0x400000)=nil)
shmat(r3, &(0x7f0000ffd000/0x1000)=nil, 0x7000)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1d, &(0x7f0000000000)={0x1, &(0x7f0000000200)=[{0x6, 0x4, 0x40, 0x7fff0000}]})
creat(&(0x7f0000000340)='./file0\x00', 0x14) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x5, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff9}, 0x94) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000003c0)='kfree\x00', r1, 0x0, 0x3}, 0x18) (async)
mount$9p_fd(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f00000000c0), 0x1004001, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r0}}) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x0, 0x7ffc0001}]}) (async)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a31b16ac5fb73fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9d66ebbc8bab4ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7436b97bf3825a19d6c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb9b1c63b84470364942e90d1cf856cead864f5e38c83b9ed86cc5725a20299ce512b165"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18) (async)
shmget$private(0x0, 0x400000, 0x8, &(0x7f000000e000/0x400000)=nil) (async)
shmat(r3, &(0x7f0000ffd000/0x1000)=nil, 0x7000) (async)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1d, &(0x7f0000000000)={0x1, &(0x7f0000000200)=[{0x6, 0x4, 0x40, 0x7fff0000}]}) (async)

19.083786226s ago: executing program 0 (id=622):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x31, 0xffffffffffffffff, 0xf983e000)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000001"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000900)={'bridge0\x00', @remote})
setsockopt$inet_int(r1, 0x0, 0x7, &(0x7f00000002c0)=0x803, 0x4)
recvmmsg(r1, &(0x7f0000001980)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000003680)=""/43, 0x2b}}], 0x1, 0x2, 0x0)
listen(r0, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f00000002c0)=0x7, 0x4)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x9, 0x4, 0x7ffc0002}]})
syz_emit_ethernet(0x36, &(0x7f0000000b80)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x26, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @empty, @empty}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x10}}}}}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

10.594355256s ago: executing program 0 (id=688):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000180)={0x1f, 0xffff, 0x3}, 0x6)
io_setup(0x8f0, &(0x7f0000002400)=<r1=>0x0)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6, 0x2b, 0x81}]}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000000000000000000004b84ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
io_submit(r1, 0x1, &(0x7f00000001c0)=[&(0x7f0000000100)={0x2000000000, 0x4, 0x0, 0x1, 0x0, r0, &(0x7f0000000040)='\x00\x00\x00\x00\x00\x00', 0x6, 0x0, 0x0, 0x2}])

9.628087351s ago: executing program 0 (id=698):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x31, 0xffffffffffffffff, 0xf983e000)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000001"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000900)={'bridge0\x00', @remote})
setsockopt$inet_int(r1, 0x0, 0x7, &(0x7f00000002c0)=0x803, 0x4)
recvmmsg(r1, &(0x7f0000001980)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000003680)=""/43, 0x2b}}], 0x1, 0x2, 0x0)
listen(r0, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f00000002c0)=0x7, 0x4)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x9, 0x4, 0x7ffc0002}]})
syz_emit_ethernet(0x36, &(0x7f0000000b80)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x26, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @empty, @empty}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x10}}}}}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

8.10067534s ago: executing program 0 (id=712):
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000180)='./file1\x00', 0x1218088, &(0x7f00000005c0)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c757466383d312c696f636861727365743d61736369692c73686f72746e616d653d77696e39352c73686f77657865632c6e66732c636865636b3d7374726963742c756e695f786c6174653d302c757466383d312c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c726f6469722c726f6469722c64656275672c757466383d302c726f6469722c71756965742c6572726f72733d72656d6f756e742d726f2c009c8a8fc4f74784ad79ec08fb556262ebc972ef94821f3565ef5f75f11e30ef1f72a065c510b17cae356940538b7b2c5d72f4627c25306b2479725add28f511a68f5f6f47f9facdd0cc574286d00ab52d6b9374b6a58eac694336ebe971f41860d01084c1a0fa6b51d80fa9f9d2c1a2e7a5284f93296217ef8f28e0a36e573296a0bfb38b94191f4b82873563f3759b5e193ecfab6ed7892542364757e47d656ad6a0fbb6e8bf138bddae620a3602991821d4844f628e6bdd8b62cca73744332f0185a54b52a0352a82c794995bbb97c82fcde79d14fb20e5127150de"], 0x4a, 0x2d1, &(0x7f0000000c80)="$eJzs3U9rI2UcB/DfpOlk1ENy8CTCDrgHT4vdm3hJkV0Qe3LJYfWgxd0FaYKwCwX/YNyTVy8ePPgKBMGL72IvvgPBq+DNFRZGZjLTTGraJtpUbD+fS3995vnO8zzp0zQ55OkHL08O7uXx4PHnv0SWJdEZxjCeJjGITjS+jAXDrwMA+D97WhTxezGzTi6JiGxz0wIANmi1v//defnjhUwLANigO3fffXt3b+/WO1lkcXvy1eGofGdffp1d330QH8U47sdr0Y9nEdXrhPqNf1nfLopi2s1Lg7g+mR6OyuTk/Sf1/Xd/i6jyO9GPwVGserVR5d/au7VTxfNeKz8t5/F8Pf6wzN+Mfrx4FF7I35zl83Y+Rmm8+kpr/jeiHz9/GB/HOO5Vk5jnv9jJ8zeLb/747L1yemU+mR6OelW/uWLrIn8uAAAAAAAAAAAAAAAAAAAAAABcbjfy5vCd/Fpcn5RN9fk7W8/Suk/dZTBPlddnVdI0tc4HKk2L+G52pOD2wnjz83268VK3fbAgAAAAAAAAAAAAAAAAAAAAXF2PPvn0YH88vv/wXIrmNIBuRPx5J+Kf3mfYarkWp3fu1WPuj8edulzo8yRtt8RW0yeJOHUa5SLO6WE5q3guOzbnpvj+h3KB69wwa7W8vnyB22et627v3+6NZncd7CfLx+pF05LVm+TbNGLeJ40Vx0pPulREe/udteR06aX+2mtPX6iK6Yl9imTJFm0Vb/w6u163JHHslyitHtWlo2/XRSt+bG+stJ8jm8X//lyRVKd19DbxNAQAAAAAAAAAAAAAAAAAACx8xrv87qfFi49PjXYKHwUGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4JKY////NYppHV6hcxoPH/3HSwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAK+CsAAP//cutM2w==")
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000280)='./bus\x00', 0x3c9c9b, 0x0, 0x0, 0x0, &(0x7f00000000c0))
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000b40)=@bpf_lsm={0xb, 0x4, &(0x7f0000000040)=ANY=[@ANYRES64=r0], &(0x7f0000000b00)='syzkaller\x00'}, 0x94)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101842, 0x0)
name_to_handle_at(0xffffffffffffffff, &(0x7f0000000c40)='./file1\x00', &(0x7f0000000fc0)=ANY=[@ANYRESDEC=r1], &(0x7f0000000f80), 0x600)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r2 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x103, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x11c167, 0x0, 0xfffffffa, 0xb95b5ec032cc8e84}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x17, 0x2000000000000242, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r3}, &(0x7f0000000180), &(0x7f00000001c0)=r2}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r4}, 0x10)
r5 = socket(0xa, 0x5, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, &(0x7f0000000200)=[@in6={0xa, 0x4e24, 0x4, @loopback, 0x1}], 0x1c)
sendto$inet6(r5, &(0x7f00000000c0)='\x00', 0x1a000, 0x2004c051, &(0x7f0000000040)={0xa, 0x4e24, 0xb, @loopback, 0xa}, 0x1c)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1000040, &(0x7f00000004c0)={[{@nouid32}, {@jqfmt_vfsold}, {@journal_path={'journal_path', 0x3d, './file1'}}, {@commit={'commit', 0x3d, 0x7}}, {@journal_dev={'journal_dev', 0x3d, 0x8}}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x1, 0x5cc, &(0x7f00000016c0)="$eJzs3TtsG+cdAPD/HUnLD7VygRZoCw9GW8AFDFOSH63byV6LGjDgoUCXVqBowRAlGiLVWoKAyrtRxEOQBF6cLRkyJsiQIciSMauXPOYARiwkgOUhYUDyKNMyaVOyHo75+wEnfd/d8f7/j8fvuweOYABD63jzTxrxm4i4nESMdS3LR7bweHu99bWV0qO1lVISjcaVb5JIIuLh2kqps36S/T8SEasR8euI+KQQcTLd2OSBTqG2tDw7VamUF7L6eH3u+nhtafnUtbmpmfJMef7Mn/9y7vzZc5OnJ7vTfdTorhW21tZbX9z+/63P/nb39rvvHVstvT6VxIUYzZZ1t+MJjUbj3nqjsbVIjyVZohc2zT+73Q2+pJL9ToBtyWX9vNmVfhVjkct6fS+N7sFhZE/SA3ZRY6R1iMt0FYEhkOj0MKQ65wHN69/ONNiZw8EdOf+4f7F9AdKMu762UvpfdOLn2/cm4mDr2uTwt8kTVybN682jO5IBw2z1ZkRM5PNPf/6T7PO3fRM7kSC76uOL7R319P5PN8af6DH+jHbunb6gzvi3no1/613xV7L4uT7j3+UBY3z/z6/e6hv/5kj8tmf8ZKP9SY/4aUT8O7Kbvc9x5x8fnu+3rPF2xInoHb8jefb94fGr1yrlifbfnjE+OnHsr/3bH3G4T/z2PduDrUS6238gyyl9ftNbPvj0/d+tPiP+H3/fe/8/6/0/FBGvDRj/Fw/f+Xu/ZfdvJg+aZwFb3f9JFOLugPH/dOH451nRXUMAAAAAAAAAANhBaetZtiQtbpTTtFhsP9b1yzicVqq1+smr1cX56fYzb0ejkHaetBpr15NmfTJ7HrdTP72pfiaXBcwdatWLpWplep/bDgAAAAAAAAAAAAAAAAAAAC+LI5u+//9drvX9/80/Vw28qvr/5DfwqtP/YXg92f+TfcsD2HuO/zC0Gvo/DC/9H4bX1vp/umt5AHvP8R+GV8/+f2jv8wD2nuM/DC/9HwAAAAAAAAAAAAAAAAAAAAAAAAAAdsXlS5eaU+PR2kqpWZ/OLy3OVv9zarpcmy3OLZaKperC9eJMtTpTKRdL1bnnbS+pVq9PxPzijfF6uVYfry0t/2uuujjf+U3RcmHXWwQAAAAAAAAAAAAAAAAAAAA/PaOtKUmLEYV2PU2LxYifRcTRJJKr1yrliYj4eUTcyxVGmvXJ/U4aAAAAAAAAAAAAAAAAAAAAXjG1peXZqUqlvPCChTQipiqVfI9F+SzUYBv8sr4j+fQr5LeyckSs7mwazS1u+VWF7A3cxbdleAq5AT+HQ1/Yx0EJAAAAAAAAAAAAAAAAAACG1OMv/Q76ih92NyEAAAAAAAAAAAAAAAAAAAAYSunXSUQ0pxNjfxjdvPRAsp5r/Y+I/9658saNqXp9YbI5/8HG/Pqb2fzT+5E/MKhOP00jotmPAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgMdqS8uzU5VKeWGbhZEB1tnvNgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABsx48BAAD//2/D08Y=")
r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42041, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r6, 0x40305829, &(0x7f0000000180)={0x17c04, 0xffffffffffffffff, 0x84, 0x75ea, 0x800004})
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r8 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000180)={0x1, 0x5, 0xfffffffb}, 0x10)
write(r8, &(0x7f0000000000)="240000001a005f0214f9f407000901000000000000000002000000000800040001000000", 0x24)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r1, @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sched_switch\x00', r9}, 0x18)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0x2008810, &(0x7f0000003f80)=ANY=[], 0x1, 0x301, &(0x7f00000007c0)="$eJzs3M9LG2kYwPEnP00iGg/LLruw+LJ72b0Mmt3zrmFRWBqoWFP6AwqjTtqQaSKZYEkptT31WvpH9CAevQmt/4CX3tpLL715KfRQD6VTMj9MzA9jYjRqvx+QeZz3eZL3zczheUOSvRvP7xdylpbTKxKMKQmIiOyLTEhQfAHvGHTiqDR6In+Ofnr767Wbt66kM5nZBaXm0ot/pZRS45OvHjyKe2nbI7I7cWfvY+rD7o+7P+99XbyXt1TeUsVSRelqqfS+oi+ZhlrJWwVNqXnT0C1D5YuWUXbHS+54ziytrlaVXlwZS6yWDctSerGqCkZVVUqqUq6q0F09X1SapqmxhKCb7MbCgp7us3h5wJPBKSmX03pIROItI9mNoUwIAAAMVXP/HxTV0v/7fUMf/f/mbzuV0etb417/vx1t1////c59rEP9f0xE2vb//vO37f/13vr/1o7oYgv2mH+i/h/nw2S05VSgHtYGy2k90Xh3PL29OeUE9P8AAAAAAAAAAAAAAAAAAAAAAFwE+7adtG076R/9v9pYTEQa/28SEpF/z37GGKRO13+k+/XHJVD/4l54XMR8tpZdy7pHL2FHREwxZEqS8sW5Hzy12P/mkaqZkNfmule/vpYNOSPpnOSd+mlJRqS53rbn/s/MTivX4fqIJBrrU5KUH9rXp9rWR+WP3xvqNUnKm2UpiSkrzjzq9Y+nlfrvaqapPu7kAQAAAABwGWjqQNv9u6Z1GnfrD/bXze8PhOr766m2+/Ow/BIe7toBAAAAAPheWNWHBd00jfIRQVy657hB5Bg5zUG4l+QeAn+Fx63yP8sw4GkcL/Cf/NBQzDs58Jcl0MPL0iEISj9Vk7XVqJOuwn/bqFOOzM+c/RV0gp9evPw8uAf8ZyvWZaX9B6Gjb4CI9/EvAAAAAJdIQGzbbfr9MzNH5AIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNNwFr+ONuw1AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOfFtwAAAP//oLIFIA==")
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x80)
syncfs(r6)
r10 = creat(&(0x7f0000000040)='./bus\x00', 0x4)
fcntl$setstatus(r10, 0x4, 0x6000)

3.47482188s ago: executing program 4 (id=760):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x840e, &(0x7f0000000240)={[{@max_dir_size_kb}, {@jqfmt_vfsold}, {@usrquota}, {@jqfmt_vfsold}, {@bsdgroups}, {@quota}]}, 0x1, 0x43a, &(0x7f0000001100)="$eJzs28tvG1UXAPAzfrRfX19CVR59AIGCqHgkTVpKF2xAILEACQkWZRmStCp1G9QEiVYRBITKCqFK7BFLJP4CVrBBwAqJLexRpQpl08LKaOyZxHYcNzFOnOLfT5r23plr3XM8c+07c+MABtZI+k8SsTcifouIoXq1ucFI/b/bSwtTfy0tTCVRrb7xZ1Jrd2tpYSpvmr9uT14pRRQ+SeJwm37nrly9MFmpzFzO6mPzF98dm7ty9ZnzFyfPzZybuTRx+vTJE+PPnZp4tid5pnndOvTB7JGDr7x1/bWpM9ff/umbJM+/JY8eGel08PFqtcfd9de+hnJS6mMgbEixPkyjXBv/Q1GMlZM3FC9/3NfggE1VrVar9619eLEK/Icl0e8IgP7Iv+jT+99826Kpx7Zw84X6DVCa9+1sqx8pRSFrU265v+2lkYg4s/j3l+kWm/McAgCgyXfp/OfpdvO/QjQ+F/p/toYyHBH3RMT+iDgVEQci4t6IWtv7I+KBDfbfukiyev5TuNFVYuuUzv+ez9a2mud/+ewvhotZbV8t/3Jy9nxl5nj2nhyL8s60Pt6hj+9f+vXztY41zv/SLe0/nwtmcdwo7Wx+zfTk/GRziN27+VHEoVK7/JPllYAkIg5GxKEu+zj/5NdH1jp25/w76ME6U/WriCfq538xWvLPJZ3XJ8f+F5WZ42P5VbHaz79ce32t/v9V/j2Qnv/dba//5fyHk8b12rmN93Ht90/XvKfp9vrfkbzZtO/9yfn5y+MRO5JX60E37p9oaTex0j7N/9jR9uN/f6y8E4cjIr2IH4yIhyLi4Sz2RyLi0Yg42iH/H1987J3u899caf7TGzr/K4Ud0bqnfaF44Ydvmzod3kj+6fk/WSsdy/Ysf/51sJ64uruaAQAA4O5TiIi9kRRGl8uFwuho/W/4D8TuQmV2bv6ps7PvXZqu/0ZgOMqF/EnXUMPz0PHstj6vT7TUT2TPjb8o7qrVR6dmK9P9Th4G3J4otR3/qT+K/Y4O2HR+rwWDy/iHwWX8w+Ay/mFwtRn/u/oRB7D12n3/f9iHOICt1zL+LfvBAHH/D4PL+IfBZfzDQJrbFXf+kbyCwqpCFLZFGOssfFbeFmHcRYV+fzIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0xj8BAAD//3g65pw=")
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={0x0, 0xffffffffffffffff, 0x0, 0x8001}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
unshare(0x20060400)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB], 0x48)
r1 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_CLEAR_HALT(r1, 0xc0105502, &(0x7f0000000300)={0x1, 0x1})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000007c0)={0xffffffffffffffff, &(0x7f0000000780)}, 0x20)
openat(0xffffffffffffff9c, &(0x7f0000000a00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x600000, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000007c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
close(r3)

2.546329102s ago: executing program 4 (id=768):
r0 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000340)={0x1, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x6}}, {{0xa, 0xfffe, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, 0x3}}}, 0x108)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000200)={0x7, {{0xa, 0x4200, 0x3, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x2, @loopback}}}, 0x108)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000200)={0x1, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0xa4ffffff, @rand_addr=' \x01\x00'}}}, 0x15a)
syz_extract_tcp_res$synack(&(0x7f0000000000), 0x1, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = gettid()
r4 = getpgid(0x0)
r5 = getpgrp(0xffffffffffffffff)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x80642, 0x150)
pwrite64(r6, &(0x7f0000000000)="3271e35589da60689e6bfaac894512c587eb726d00776ce477304f47c4fcb302ecb3e446d9d1c6eef16e5f718b24c754", 0xffffffffffffff51, 0xfecc)
syz_clone3(&(0x7f0000000440)={0x8000080, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000100), {0xd}, &(0x7f0000000380)=""/176, 0xb0, &(0x7f0000000140)=""/63, &(0x7f0000000300)=[0xffffffffffffffff, r3, 0x0, r4, 0x0, r5, 0x0], 0x7, {r6}}, 0x58)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000002c0)=@newlink={0x40, 0x10, 0x439, 0x70bd2a, 0xffffffea, {0x0, 0x0, 0xe403, 0x0, 0x3, 0x610c3}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_6RD_PREFIXLEN={0x6, 0xd, 0xffff}, @IFLA_IPTUN_LOCAL={0x8, 0x2, @initdev={0xac, 0x1e, 0x1, 0x0}}]}}}]}, 0x40}}, 0x4008040)

2.414329072s ago: executing program 1 (id=772):
unshare(0x28000600)
r0 = syz_clone(0x400c0000, 0x0, 0x0, 0x0, 0x0, 0x0)
unshare(0x4000200)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x40, 0x171)
fgetxattr(r3, &(0x7f00000003c0)=@known='security.selinux\x00', 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000640)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r6, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000180)=ANY=[], 0x20}, 0x1, 0x0, 0x0, 0x4040c01}, 0x8000)
move_pages(r0, 0x1, &(0x7f0000000000)=[&(0x7f0000ffb000/0x2000)=nil], &(0x7f0000000040)=[0xfffffff9, 0x0, 0x2, 0x7], &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x8)

2.405175303s ago: executing program 4 (id=773):
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6001, 0x1)
r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
r1 = dup2(r0, r0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000005000000000000000000181100005a9d990fec00e5d4ce51da1dd2dcc9c3f7911a6340cd51ba012bc550091faccb4e166d039e9aa6c2b570e542ceb26e1c6fdcda6fcb9a6f4a0a275d7e740b160dc6b918dc6e8569d353b5db8dfd154934aceaeaaf8ce9a37898c63d1741b8b0ca4818a7cdfe723a1170cab6432b1b6de935690d4df645e03c6b36c0bd5716b80e8c9cdef1147f1efe37d0851092bc9e303fbbeca7db", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r2}, &(0x7f00000008c0), &(0x7f0000000880)=r3}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x1e, 0x3, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}}, &(0x7f0000000000)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x24}, 0x94)
ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000240)={'\x00', 0x40, 0xa, 0x1, 0x40000000, 0x10})
ioctl$BLKTRACETEARDOWN(r1, 0x1276, 0x0)

2.342083688s ago: executing program 4 (id=774):
syz_open_procfs(0x0, &(0x7f0000000140)='net/tcp6\x00') (async)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_IPV6_PKTINFO(r1, 0x29, 0x32, 0x0, 0x0) (async)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
listen(r0, 0x0) (async)
preadv(r0, &(0x7f00000000c0)=[{&(0x7f0000000740)=""/4100, 0x1004}], 0x1, 0x145, 0x80000000)

2.31744616s ago: executing program 4 (id=775):
r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x3]}, 0x8, 0x800)
sendto$inet(r0, &(0x7f0000000040)="cea5a7d38a59cc9b9a46923bae20e5ec1049208a", 0x14, 0x40800, &(0x7f0000000080)={0x2, 0x4e24, @rand_addr=0x64010101}, 0x10) (async, rerun: 64)
r1 = ioctl$NS_GET_PARENT(r0, 0xb702, 0x0) (async, rerun: 64)
r2 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_ERR_FILTER(r2, 0x65, 0x2, &(0x7f00000000c0)=0x60f2, 0x4) (async, rerun: 32)
r3 = syz_clone(0x8000200, &(0x7f0000000100)="e51274ed72d081af2627c0af5fc1b0c11f494681d8ab76e209c4433f472f4a1b12eb7e07a4e3bc1370e795aa97346004336c69e1b99fd78b632e3c828c917124ca783289883cea286b0e72327a4fe43ec05c97a7f694172017eb1e1eb9574ab16acc61d3424c691602ea360d794f676d93c866ad738fa4529b36a23b823d8c8febd145ac7b6db3e6213c866443356bcceee2d8c2dcfb26693f7ac506a5b8cb7ba0392dbe008845ce6b0a60d2d1bd62c3daf0937455696da79f150c717e54bdb59b359de67bbd49d4260a5886ff0c7ef70f351f722cdbb8c841286aa49ec7b1dfd80ab3e0f43462", 0xe7, &(0x7f0000000200), &(0x7f0000000240), &(0x7f0000000280)="4b257d743f2fb9e59936175a0037bac88188466a001a90ef4076b506fa7966976b24d0caf2890f2cd7fd5ff8819703eaee343deae75c3bb886b1e4e669a7d68e1f828e4324f8adfc50ba1ff59e508f93173734edd39d3b027b0374b44447b9533528b718d356de9698aadadf0f39b4e37f4d01dfaa63f7c1b74cd4a0a67d1ba0bad631c8e13da08ab0457811359755209c889197aea2335408ee50b244541602c98c1d1218ab5adeba1aa8ed4f8d17b27ba9fa4485ed71b09d45dafb") (rerun: 32)
getpgrp(r3) (async)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000340)={{0x1, 0x1, 0x18, <r4=>r1}, './file0\x00'})
ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r4, 0x8008f511, &(0x7f0000000380)) (async)
r5 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000400), r0)
sendmsg$NL80211_CMD_SET_MCAST_RATE(r5, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x24, r6, 0x0, 0x70bd2b, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x14}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x78}]}, 0x24}, 0x1, 0x0, 0x0, 0x48000}, 0x48c1)
getgid() (async)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_DEL_PMK(r0, &(0x7f0000000600)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x40, r6, 0x2, 0x70bd26, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa}]}, 0x40}, 0x1, 0x0, 0x0, 0x8000}, 0x20000000) (async)
gettid()
ioctl$sock_SIOCSIFVLAN_DEL_VLAN_CMD(r2, 0x8983, &(0x7f0000000640)={0x1, 'wlan1\x00', {}, 0xd4}) (async)
sendmsg$nl_generic(r5, &(0x7f0000000940)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000900)={&(0x7f00000006c0)={0x23c, 0x20, 0x200, 0x70bd27, 0x25dfdbff, {0x2}, [@generic="a3e4fe8e31aad238abf876e2b81c82e78a5acf4f09f265c3ecaa3eed09accdf79ce3348af7aeddc2f3d7b3bb3b204932887559e5c81569bcdbc528f0b32a421a059ff95c4e5c3b0b6cb6b2ffca75f64efc9ded0cb3b354c78f8b8ba1d204b5aa48e4e42ad4983373ad58b6cb5e719c73ad22d5160773add96dc5337fd591db4c9d0b46ab8ad3d4e713ef6a7f9d4364aa4d10e119951fcb2409f3eb1f8e26ed17a661723d4259c0f9a04628ad88ad5ddd1f73ea34f46232b550a3329dec374323ed6df663ed0662d30e7deb23b31e8c5b7873268ecead2184641a1de5e2ec2e0b601f8d983ee022ff5c45b3cefa", @generic="6f09454ed9aa9d93a7725f4aeb330838c79b7b606cde592905adb9d63a03d19e684cde43131f1b83d6f1d3712d467abf992ea606124b253ead6f963496da434a9f4e9c375d036a86ac2627019f9df804455a6bcda028d634f84acf2ff57e919fb4509c386298255cbf7273a81873868c17a7ee14f6d666d1467c0cf2a05d96370d011e3144bb9b77b2122a686df0e4065c14972dca2819d61be3bb13eec88b22bffa4d24ef860a6b28e6de27adaa1897f3bbfde38e84a4a4cfb6918ebd7d24ac7e5cf6dcb7d06de29811a3638f33d9f76bcb7a4351de8f8233ca7e4a12a1692a", @generic="3f28a84254", @nested={0x27, 0x4b, 0x0, 0x1, [@generic="3a30628c9d3f9cfb6b730df05a3deeab3b30ae08142f0f9c44d8f195b62a0b", @nested={0x4, 0x56}]}, @generic="3a4a519eaeb2fcf7c31770286cd7cceacb1b2d418498ecc31a698b498787f725796a34cf9456aec3fe5679a4"]}, 0x23c}, 0x1, 0x0, 0x0, 0x20000800}, 0x24008890) (async)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r0, 0xc018937e, &(0x7f0000000980)={{0x1, 0x1, 0x18, <r8=>r4}, './file0\x00'})
inotify_add_watch(r8, &(0x7f00000009c0)='./file0\x00', 0x8000000c)
r9 = signalfd4(r5, &(0x7f0000000a00)={[0xc7]}, 0x8, 0x40000) (async)
sendmsg$NL80211_CMD_SET_PMK(r8, &(0x7f0000000bc0)={&(0x7f0000000a40)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000b80)={&(0x7f0000000a80)={0xc4, r6, 0x100, 0x70bd29, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x3, 0x60}}}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_PMK={0x14, 0xfe, "6c35d1f431c1b7bcfa21f8657fea1e6e"}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_PMK={0x14, 0xfe, "76a130477d62a9266d04bc3a0d756aea"}, @NL80211_ATTR_PMK={0x14, 0xfe, "e900102eb2a44ce2a802ca2aa986546a"}, @NL80211_ATTR_PMK={0x14, 0xfe, "cd44a4534f3e304960f58fb739fc0d62"}, @NL80211_ATTR_PMK={0x14, 0xfe, "7917ffb77049bb80d48062f5f1edfeb8"}, @NL80211_ATTR_PMKR0_NAME={0x14, 0x102, "59f43f8ced09432c9b47c113b801f0e2"}, @NL80211_ATTR_PMK={0x14, 0xfe, "4aa72ab575666d0280ba68c7e7839988"}]}, 0xc4}, 0x1, 0x0, 0x0, 0x4005}, 0x24000810) (async, rerun: 32)
unshare(0x12000000) (rerun: 32)
bpf$PROG_LOAD(0x5, &(0x7f0000000f40)={0x14, 0x1d, &(0x7f0000000c00)=@raw=[@call={0x85, 0x0, 0x0, 0x3d}, @tail_call={{0x18, 0x2, 0x1, 0x0, r8}}, @map_idx={0x18, 0x2, 0x5, 0x0, 0x7}, @printk={@lx, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x9}}, @cb_func={0x18, 0x8, 0x4, 0x0, 0xfffffffffffffffd}, @map_idx={0x18, 0x3, 0x5, 0x0, 0x7}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7fff}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}], &(0x7f0000000d00)='GPL\x00', 0x4, 0xf0, &(0x7f0000000d40)=""/240, 0x41100, 0x34, '\x00', 0x0, @lirc_mode2, r8, 0x8, &(0x7f0000000e40)={0x1, 0x3}, 0x8, 0x10, 0x0, 0x0, 0x0, r8, 0x8, &(0x7f0000000e80)=[r9], &(0x7f0000000ec0)=[{0x0, 0x4, 0x10, 0x5}, {0x1, 0x1, 0x2, 0x4}, {0x1, 0x2, 0xf, 0x5}, {0x3, 0x1, 0xc, 0x9}, {0x4, 0x1, 0x3, 0xb}, {0x3, 0x2, 0x1, 0x9}, {0x2, 0x4, 0x1, 0x5}, {0x5, 0x1, 0x6, 0x3}], 0x10, 0x80000000}, 0x94) (async)
r10 = socket$can_bcm(0x1d, 0x2, 0x2)
io_uring_register$IORING_REGISTER_FILES(r0, 0x2, &(0x7f0000001000)=[r2, r10], 0x2) (async)
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001080), r8)
sendmsg$NL80211_CMD_DEL_KEY(r0, &(0x7f00000011c0)={&(0x7f0000001040), 0xc, &(0x7f0000001180)={&(0x7f00000010c0)={0x94, r11, 0x500, 0x70bd25, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_KEY={0x80, 0x50, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPES={0x4}, @NL80211_KEY_DEFAULT_TYPES={0x2c, 0x8, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}]}, @NL80211_KEY_DATA_WEP40={0x9, 0x1, "b8bc3c500d"}, @NL80211_KEY_IDX={0x5, 0x2, 0x5}, @NL80211_KEY_DATA_WEP40={0x9, 0x1, "040318cc5e"}, @NL80211_KEY_MODE={0x5}, @NL80211_KEY_DEFAULT_MGMT={0x4}, @NL80211_KEY_DEFAULT={0x4}, @NL80211_KEY_DEFAULT_TYPES={0x1c, 0x8, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}]}]}]}, 0x94}, 0x1, 0x0, 0x0, 0x20000004}, 0x20044010) (async)
setsockopt$IP_VS_SO_SET_DELDEST(r0, 0x0, 0x488, &(0x7f0000001200)={{0x5d, @rand_addr=0x64010100, 0x4e24, 0x0, 'fo\x00', 0x50, 0x5, 0xe}, {@private=0xa010100, 0x4e23, 0x10000, 0x0, 0x1, 0x6}}, 0x44)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000001280)='./cgroup.cpu/syz1\x00', 0x200002, 0x0)

2.179939491s ago: executing program 2 (id=776):
unshare(0x62040200)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000680)='./file1\x00', 0x0, &(0x7f0000000640), 0x2, 0xbdf, &(0x7f0000000c00)="$eJzs3M1rXGsZAPDnnJlM0jY6qYhYN0ZEWhCnSSXFFsFWKm5cCLoVGtNJCZl+kERq0oAT/Qf8WgtuBLUoLuy6G0W3brTdKi6EIrHxwuVy71zOfCRzm5wkvZ3JSdvfD96c9z3vmXmeJ4eZc16YmQDeWJPZnzTiTERcTyKq3f1pRFTavbGIZue4rc31ubc21+eSaLW+9d8kkoh4trk+13uupLs91R2MRcTfvprEx360O+7y6tribKNRX+qOz6/cunt+eXXtCwu3Zm/Wb9ZvT1/80syFmYtTl2YGVuvb/7zy8P+f+fq/m+/85t0H//vZr5K4EuPduf46BmUyJrf/J/3KETE76GAFKXXr6a8zKR/woHTISQEAkCvtu4f7RFSjFDs3b9X4098LTQ4AAAAYiFYponVYZw99JAAAAHCsJIdf/wMAAACvpN7nAJ5trs/1WrGfSDhaT69GxESn/q1u68yUo9nejsVIRJx8lkT/11qTzsNe2mRE/OvJpd9nLYb0PeT9NDci4pN7nf+kXf9E+1vcu+tPI2JqAPEnnxu/SvVfGUD8ousH4M306GrnQpZ3/Yuc6195j2vXh1H09a93/7e16/4v3a6/lHP/981Dxrj/61/cy5vL6v/yw6/9rtey+Nn2pYp6AU83Ij5V3qv+nfOf5NR//ZAxqu/dq+fNFV1/65cRZ2Pv+nuS/X+f6Pz8QqM+1fm7Z4yNv878Ni9+0fVn5/9kTv2933/KO/93+5+o1Wr9ICfGd65d+8OunU92uvvXn/6nkny73at093x/dmVlaTqiknxj9/4L+9fbO6b3HFn95z67/+t/r/qz94Rm9/+QrQU2utts/MPnYn7lwf0/5uXTW/8Vef5v5Jz//vr/Ut59/n98yBif+/NPz+XN9a9/s5bF762FAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKAnjYjxSNLadj9Na7WIUxHx8TiZNu4sr3x+/s73bt/I5iImYiSdX2jUpyKi2hkn2Xi63d8ZX3hu/MWIOB0RP6+eaI9rc3caN4ouHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG2nImI8krQWEWlEbFXTtFbLOXj0iJMDAAAABmei6AQAAACAobP+BwAAgNef9T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABDdvrTjx4nEdG8fKLdMpXu3EihmQHDlhadAFCYUtEJAIUpF50AUJgXXOO7XYDXUHLA/FjuzOjAcwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg+Dp75tHjJCKal0+0W6bSnRspNDNg2NK+flJgHsDRK+03WT66PICj5yUOby5rfOCgtf/YzjHND86MDi0nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI6f8XZL0lpEVLr7arWIj0TERIwk8wuN+lREfDQi/lEdGc3G0wXnDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwOAtr64tzjYa9aWsk0a3s71nCJ1SN/IQQwynk3Tybh6XfF7vzuhPDjrmu/GSISpxLCo9pp0i35UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACjK8ura4myjUV9aPuwjSsNNCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACjM8ura4myjUV8aYqfoGgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKM77AQAA//8juQj0")
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
socket$kcm(0x2, 0xa, 0x2)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000400)=ANY=[@ANYBLOB="1800", @ANYRESDEC, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffff"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
process_madvise(0xffffffffffffffff, &(0x7f0000000440), 0x0, 0x0, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
munlockall()
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps_rollup\x00')
r2 = fsopen(&(0x7f00000001c0)='fuse\x00', 0x0)
sendmsg$nl_route(r1, &(0x7f0000000380)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)=@ipv6_newrule={0x60, 0x20, 0x800, 0x70bd26, 0x25dfdbfe, {0xa, 0x80, 0x0, 0xda, 0x6, 0x0, 0x0, 0x0, 0x4}, [@FRA_DST={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @multicast1}}, @FRA_SRC={0x14, 0x2, @private1={0xfc, 0x1, '\x00', 0x1}}, @FIB_RULE_POLICY=@FRA_IP_PROTO={0x5, 0x16, 0x88}, @FRA_DST={0x14, 0x1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x5)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
epoll_create1(0x80000)
r3 = socket$inet6(0xa, 0x3, 0x3c)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a09000000000000d1f9000200000009000200730500310000000008000440000000000900010073797a30000000000800034000000001"], 0x64}, 0x1, 0x0, 0x0, 0x40008004}, 0x0)
setsockopt$inet6_IPV6_RTHDR(r3, 0x29, 0x39, &(0x7f0000000f00)={0x0, 0x2, 0x2, 0x1, 0x0, [@mcast2]}, 0x18)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x10)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb4c, 0x9, 0x6, 0x0, 0x3}, 0x0)
ioprio_set$pid(0x2, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
socket$key(0xf, 0x3, 0x2)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="440000001a00010000000000fcdbdd250a000000", @ANYRES32, @ANYBLOB="00009900140003000700000003000000000000000000080014000100fe"], 0x44}}, 0xc884)
socket(0x10, 0x3, 0x0)

2.075171489s ago: executing program 1 (id=779):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x3, 0x7fff0006}]})
process_mrelease(0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x21, 0x2, 0x2)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.net/devices.allow\x00', 0x0, 0x48)
open_by_handle_at(r1, &(0x7f00000006c0)=@ceph_nfs_fh={0x8, 0xfe, {0x40}}, 0x755c00)
sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f0000000440)=@rxrpc=@in4={0x21, 0x1, 0x2, 0x10, {0x2, 0x4e24, @loopback}}, 0x80, 0x0, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000005040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319d7666d0998a61d7da0c86d70000001010"], 0x10b8}, 0x200008c0)
sendmsg$kcm(r0, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x4000, @broadcast}}, 0x80, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18}, 0x0)
sendmsg$kcm(r0, &(0x7f0000000080)={&(0x7f0000000140)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @broadcast}}, 0x80, 0x0, 0x0, &(0x7f0000000100)=[{0x18, 0x110, 0x1, "dc"}], 0x18}, 0x0)

1.993793505s ago: executing program 1 (id=781):
bpf$TOKEN_CREATE(0x24, &(0x7f0000000280), 0x8)
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000500)=ANY=[@ANYBLOB="9feb01001800000000000000e4000000e4000000030000000304000200000013040000001000000007000000090000000b0000000000000c020000000100000002000004040000001000000001000000020000001000000005000000ff0700000d000000050000130c0000000c000000010000000400000001000000ba0e00000a0000000b00000061bf00000300000010000000d00500000200000004000000dc3b00000100000009000000060000930f0000001000000001000000070000000100fb0000000000090000000f0000000400000005000000080000000100008007000000100000000900000000000000060000000100000003000000005f00"], &(0x7f00000000c0)=""/58, 0xff, 0x3a, 0x1, 0xf9a}, 0x28)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1c, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r1}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000600)={[{@init_itable_val={'init_itable', 0x3d, 0x200}}, {@jqfmt_vfsold}, {@journal_path={'journal_path', 0x3d, './file1'}}, {@user_xattr}, {@data_journal}, {@journal_ioprio}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
setxattr$system_posix_acl(0x0, &(0x7f0000002a40)='system.posix_acl_access\x00', &(0x7f0000001440)=ANY=[@ANYBLOB="02000000010000000000000004000500000000001000"], 0x24, 0x3)
pwrite64(r2, &(0x7f0000000180)="f7", 0x1, 0x200980)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f0000000b00)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='kmem_cache_free\x00', r5, 0x0, 0xfffffffffffffffc}, 0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
rmdir(0x0)
r6 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r7 = mq_open(&(0x7f0000000040)='!se\xf7ih,\x17i\xacP\xe6lNnuxselinux\x00', 0x6e93ebbbcc0884f2, 0x2, &(0x7f0000000300)={0x0, 0x1, 0x6})
mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r7, 0x0, 0x0, 0x200000000000000, 0x0)

1.243985784s ago: executing program 2 (id=788):
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0xcfdc}, 0x18) (async)
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0xcfdc}, 0x18)
memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0) (async)
memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
getsockopt$CAN_RAW_FILTER(r1, 0x65, 0x1, &(0x7f00000002c0)=[{}], &(0x7f0000000000)=0x8) (async)
getsockopt$CAN_RAW_FILTER(r1, 0x65, 0x1, &(0x7f00000002c0)=[{}], &(0x7f0000000000)=0x8)
socket$netlink(0x10, 0x3, 0x4) (async)
r2 = socket$netlink(0x10, 0x3, 0x4)
socket$nl_rdma(0x10, 0x3, 0x14) (async)
r3 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newtaction={0x18, 0x30, 0x20, 0x0, 0x0, {}, [{0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x20048005}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r5=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYRES32=r5, @ANYBLOB="000000000000000000000000000000000000000025f1d38a2667af7d65c6f284a2d99a6471c4497986ecf6ead1d1e6d1d8a105920464ab6e3b0c9e72579a83a5bd2592060000005fcfc3be6a656c9f03e3a71a8f649036ec2d415f9011ae5cd8c09da13c4bb0968a953d5962383e93086a772d585810c251794f3c08e600000000000000000000000000001f439613cbba3ef587aab7fbd14bf1b39d", @ANYRES32=r3, @ANYRES32=r0, @ANYRES32=<r6=>r2], 0x48)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="38000000031401002cbd7000fcdbdf250900020073797a32000000000800410073697700140033006c6f"], 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x810)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
fcntl$lock(r7, 0x6, &(0x7f0000000000)={0x0, 0x0, 0x8}) (async)
fcntl$lock(r7, 0x6, &(0x7f0000000000)={0x0, 0x0, 0x8})
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8], 0x0}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x5, 0xc, &(0x7f0000000080)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x18, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x16, 0x16, &(0x7f00000005c0)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000073d0301000000000095000000000000006926000000000000bf67000000000000150700000fff07003506000002000000170600000ee50000bf250000000000003d350000000000006507000002000000070700004c0001000f75000000000000bf54000000000000070400000400f9ff3d3501000000000095000000000000000500000000000000950007000000000001722fabb733a0c857c7c45402000000a2d23da04d1ffc187fa130c7267c2de00435fd233cc0f0d9b2c3127c46b0f408398d09ee4dc258d726eae098804de25df627a64ac7efde50fd7f1dd5b17ed764c33b06598bae66ea38541a7cd29032de94983dfab0e5043daf1b46bef5135c65377bdbe65d525743d8a4b6e6155cecc13a5ddfab726eca91bd5fecb254ab358488c400330171128be291297947d474c570a385a459db8e7ada8ee987cc0000f6aae6a2213f4bb7b72ee19baaa6496c921b500fab987b62bbfd769664875469f58151b5ba0e4b84ea6500aeae078084123b254aeed0055787c01db742ed418ff76ee08d6fe0cc780a1005da7b778501e12cd7a0bb3780196d1fb84e6c12dddc60addc75a1f880bd58e7d1056a4d177e0067aa7c5ec09e1b762390a4f38d15794e698611b97a1bc9bc62513ad5ba767998919ccb61028200000000"], &(0x7f00000000c0)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, &(0x7f0000000040), 0x1f1, 0x10, &(0x7f0000000000), 0x19f}, 0x48) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x16, 0x16, &(0x7f00000005c0)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000073d0301000000000095000000000000006926000000000000bf67000000000000150700000fff07003506000002000000170600000ee50000bf250000000000003d350000000000006507000002000000070700004c0001000f75000000000000bf54000000000000070400000400f9ff3d3501000000000095000000000000000500000000000000950007000000000001722fabb733a0c857c7c45402000000a2d23da04d1ffc187fa130c7267c2de00435fd233cc0f0d9b2c3127c46b0f408398d09ee4dc258d726eae098804de25df627a64ac7efde50fd7f1dd5b17ed764c33b06598bae66ea38541a7cd29032de94983dfab0e5043daf1b46bef5135c65377bdbe65d525743d8a4b6e6155cecc13a5ddfab726eca91bd5fecb254ab358488c400330171128be291297947d474c570a385a459db8e7ada8ee987cc0000f6aae6a2213f4bb7b72ee19baaa6496c921b500fab987b62bbfd769664875469f58151b5ba0e4b84ea6500aeae078084123b254aeed0055787c01db742ed418ff76ee08d6fe0cc780a1005da7b778501e12cd7a0bb3780196d1fb84e6c12dddc60addc75a1f880bd58e7d1056a4d177e0067aa7c5ec09e1b762390a4f38d15794e698611b97a1bc9bc62513ad5ba767998919ccb61028200000000"], &(0x7f00000000c0)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, &(0x7f0000000040), 0x1f1, 0x10, &(0x7f0000000000), 0x19f}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000380)='f2fs_bmap\x00', r9, 0x0, 0x1}, 0x18)
perf_event_open(&(0x7f0000000500)={0x4, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x410ba, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0x30, 0x80000001, 0x9, 0x4, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x4, r7, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2b, '\x00', r5, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
open$dir(0x0, 0x200a00, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x70, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r9, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB='\x00'/14], 0x50) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB='\x00'/14], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYRES16=r3, @ANYRESDEC=r6, @ANYBLOB="003927de0f00000000000000b702000000ddff008500000086"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94) (async)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYRES16=r3, @ANYRESDEC=r6, @ANYBLOB="003927de0f00000000000000b702000000ddff008500000086"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r11}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r11}, 0x10)
pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r10, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=[0x7], 0x0, 0x0, 0x1}}, 0x40)

1.062401567s ago: executing program 2 (id=791):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x2008042, &(0x7f00000000c0), 0x2, 0x571, &(0x7f0000000780)="$eJzs3c+PG1cdAPDvzP5yk7SbQA9QAQlQCCiKnXXaqOql5QJCVSVExQFxSJddZ7XEjkPsLd0lUrd/A0ggcYI/gQMSB6SeOHDjiMQBEOWAVCACJUgcBs3Yu+ts7MSNvXaz/nykybyZN+Pve/bOvOdnxy+AmXUuInYjYjEi3oyI5e7+pLvEq50lP+7undtr9+7cXksiy974Z1Lk5/ui55zcye5jliLim1+L+G7yYNzW9s711Xq9dqu7XWk3blZa2zsXNxurG7WN2o1q9crKlUsvXX6xOra6nm388oOvbr72rd/8+tPv/373yz/Mi3Wqm9dbj3HqVH1hP05uPiJeO4pgUzDXXS9OuRw8njQiPhYRnyuu/+WYK/46AYDjLMuWI1vu3QYAjru0GANL0nJEpGm3E1DujOE9GyfSerPVvnCtuXVjvTNWdjoW0mub9dqlM0t//H5x8EKSb68UeUV+sV09tH05Is5ExI+Xniq2y2vN+vp0ujwAMPNO9rb/EfGfpTQtl4c6tc+negDAE6M07QIAABOn/QeA2aP9B4DZM0T73/2wf/fIywIATIb3/wAwe7T/ADB7tP8AMFO+8frr+ZLd6/7+9fpb21vXm29dXK+1rpcbW2vlteatm+WNZnOj+M2exqMer95s3lx5IbberrRrrXaltb1ztdHcutG+Wvyu99XawkRqBQA8zJmz7/0hiYjdl58qluiZy0FbDcdbOsajgCfL3Cgn6yDAE81sXzC7hmrCi07C7468LMB09P0x71Lf5P1++iGC+J4RfKSc/+Tw4//meIbjxcg+zK7HG/9/ZezlACbvscf//zzecgCTl2XJ4Tn/F/ezAIBjaYSv8GXvjKsTAkzVoybzHsvn/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDMnIqI70WSlou5wNP837Rcjng6Ik7HQnJts167FBHPxNmIWFjKt1emXWgAYETp35Pu/F/nl58/dTh3MfnvUrGOiB/87I2fvL3abt9ayff/a3//0t70YdWD80aYVxAAGN5fhzmoaL+r3XXPG/m7d26v7S1HWMYHfPCV/clH1+7duV0snZz5yLIsiygVfYkT/05ivntOKSKei4i5McTffTciPtGv/kkxNnK6O/Npb/zoxn56ovHT++KnRV5nnT99Hx9DWWDWvJfff149fP3NFVfWueKI/td/qbhDja64/5Ui9u59B/e/veu9VJTmcPz8mj83bIwXfvv1B3Zmy528dyOem+8XP9mPnwyI//yQ8f/0qc/86JUBednPI85H//i9sSrtxs1Ka3vn4mZjdaO2UbtRrV5ZuXLppcsvVivFGHVlb6T6Qf94+cIzg8qW1//EgPidV/7kofov7p/7hSHr/4v/vfmdzx5sLh2O/6XP93/9ny3W/Z//vE384pDxV0/8auD03Xn89QH1f9Trf2HI+O//bWd9yEMBgAlobe9cX63Xa7dGSuTvQj/8WVmWvZOX4SHH5NnDPeBed3G06vwlisTB05JEEqM/P/cn8s7YMAcvjFyd+xJ7wyXjrk6fxPx+X3G8j/zth/+1DEosjhI0HXstHicRp7uJu5MKOpXbETBBBxf9tEsCAAAAAAAAAAAAAAAMMon/wzTtOgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB8/T8AAP//Z1e+LQ==")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
setsockopt$inet_msfilter(0xffffffffffffffff, 0x0, 0x29, &(0x7f0000000000)={@private=0xa010101, @multicast1, 0x0, 0x4, [@loopback, @loopback, @rand_addr=0x64010101, @broadcast]}, 0x20)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000740), 0x1, r0}, 0x38) (async)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000740), 0x1, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="1800"/14, @ANYBLOB], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='kfree\x00', r1, 0x0, 0x115}, 0x18) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='kfree\x00', r1, 0x0, 0x115}, 0x18)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000000300)=ANY=[@ANYBLOB="02000000010004000000000004000500a9930000100000000000000020"], 0x24, 0x0)

786.598549ms ago: executing program 1 (id=792):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)) (async)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=") (async)
r1 = open(&(0x7f0000000780)='./bus\x00', 0x14507e, 0x0) (async)
io_setup(0x7d, &(0x7f0000000600)=<r2=>0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000000001000001"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r4, 0x0, 0x5}, 0x18) (async)
io_submit(r2, 0x1, &(0x7f0000001d00)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000000)="96", 0x1, 0x0, 0x0, 0x0, r1}])
setsockopt$inet6_tcp_int(r0, 0x6, 0x1, &(0x7f0000000180)=0x5, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x2, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4) (async)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000000)={'\x00', 0x172c, 0x6, 0x1, 0x8, 0x5e}) (async)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x303}, "87ee8ac6c46dad33", "2607080d7f4fcf00fd4ef2dece6c7c58", '\x00', '#\x00'}, 0x28) (async)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000680)=@gcm_128={{0x303}, "000037d7009400", "c0b6c5b29ca2b838d41ac2fc7ddf972d", "e9be1eae", "bb10000000000001"}, 0x28)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
setxattr$system_posix_acl(0x0, &(0x7f0000002a40)='system.posix_acl_default\x00', 0x0, 0x24, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
sched_setscheduler(0x0, 0x1, 0x0)
getpid() (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
readv(r0, &(0x7f0000000e40), 0x0)

669.988738ms ago: executing program 2 (id=794):
r0 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000), 0x195902, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000040)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, <r1=>0x0})
ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(r0, 0x50009418, &(0x7f0000000240)={{}, r1, 0x10, @unused=[0x7, 0x3, 0xfff, 0x7fffffffffffffff], @subvolid})
getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000001240)={<r2=>0x0, 0x800}, &(0x7f0000001280)=0x8)
getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f00000012c0)={<r3=>r2, 0x7}, &(0x7f0000001300)=0x8)
r4 = socket$nl_route(0x10, 0x3, 0x0)
renameat2(r0, &(0x7f0000001340)='./file0\x00', r0, &(0x7f0000001380)='./file0\x00', 0x6)
r5 = syz_open_dev$usbmon(&(0x7f00000013c0), 0x4, 0x2c0000)
clock_gettime(0x0, &(0x7f0000001480)={<r6=>0x0, <r7=>0x0})
ppoll(&(0x7f0000001400)=[{r0, 0x1000}, {r0, 0x2040}, {r5, 0x20}, {r4, 0x1a8}, {r0, 0xc}, {r0, 0x2000}, {0xffffffffffffffff, 0x8008}, {r4, 0x4002}, {r4, 0xc410}, {r4, 0xcf}], 0xa, &(0x7f00000014c0)={r6, r7+60000000}, &(0x7f0000001500)={[0x3]}, 0x8)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f00000015c0)={{{@in6, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0, <r9=>0x0}}, {{@in6=@local}, 0x0, @in6=@private2}}, &(0x7f00000016c0)=0xe8)
newfstatat(0xffffffffffffff9c, &(0x7f0000002c40)='./file0\x00', &(0x7f0000002c80)={0x0, 0x0, 0x0, 0x0, <r10=>0x0}, 0x2000)
statx(r0, &(0x7f0000002d00)='./file0\x00', 0x0, 0x8, &(0x7f0000002d40)={0x0, 0x0, 0x0, 0x0, 0x0, <r11=>0x0})
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000002e40)={<r12=>0x0}, &(0x7f0000002e80)=0xc)
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000002ec0)={{{@in=@private, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r13=>0x0}}, {{@in6=@remote}, 0x0, @in6=@dev}}, &(0x7f0000002fc0)=0xe8)
sendmsg$netlink(r4, &(0x7f0000003080)={&(0x7f0000001540)=@proc={0x10, 0x0, 0x25dfdbfb, 0x40000}, 0xc, &(0x7f0000002c00)=[{&(0x7f0000001580)={0x20, 0x38, 0x800, 0x70bd29, 0x25dfdbfd, "", [@nested={0x10, 0xf3, 0x0, 0x1, [@nested={0x4, 0xb8}, @typed={0x8, 0xea, 0x0, 0x0, @u32=0xf8}]}]}, 0x20}, {&(0x7f0000001700)={0x14e0, 0x26, 0x10, 0x70bd27, 0x25dfdbfe, "", [@typed={0x8, 0x13a, 0x0, 0x0, @u32=0x4}, @generic="a7800fda121d34626fe3b2d5267697e7322389d5c43650a35af1039f64fff8a89530d99c2138d18d3e44e8a6477a21bcb9c9c36cee697f6820d6ea8c6e6b14eb9471561fcaf3a9948b65574ba5aaf4761cfb84f7a187e564fb69e72a2f2c6136326bd968eb9c68775b6490d102ad465f783dab6ebe74ca2c4abb2389821a3c0b22856529fc1558a47f0c58b964e34a2c7f62eeb84eacbb2eb2bf48125795fe51c6132dc2f25fad0e60a4b2afb65aebe468db7fe34a518405006db2d997f6ec044d8d8c0c90d85c8d4c0d1a3f82", @typed={0x8, 0x7d, 0x0, 0x0, @ipv4=@multicast2}, @generic="be99d4569ca18fc94d9e7f52371f3970e9fd7e2d6686a61ead131902bff6ff714e6e9f0940c47c834cf8a2720ce3e5ebf99e68603d5a3686923e5d38fec6e19be518337402ef67dddccd59b9ad467fd87f0103a8b47065d9de17fb35d0a31a91b5901acfd3e7e646609711971e14137d7672e2fbf4c48a5812a19b3a8085116380d0e943b951e43e0975740d7e52372a82cd6cf765084d45a7ecb3fcb120ccafef7500a6e030226bf2cc2950be6036c98811e1643f50eee03238cbb8ac7e4f0300bad3f1bde904b2f70eb50ed208d17d133b8399e76200f7c51fce", @nested={0x318, 0x108, 0x0, 0x1, [@generic="38d473c32f084a8ba6fc44fbddf291748a525c5fd6fe5fa912f3f8b07229e6eaa2d1ddddc5bde46686e8115a4f8d8dbbee2c2e7d1c62a2c2e28311c6b33a3f56e3686afe83542c63ebce6c1a2bfcfa6a3f2291e060818f5a3fc65d254ee2159e2170249820aaae7e68fe3c2fba6aa4caaec042a017816506c82629213c3081971ce3771cf328", @generic="63681cdca4275117726479e9884d86476640897c049e9d7547030b1d325b38da17b81b674327a9745a18cffe81f29c2a7b7502283fa56f7e7879f14099c613291031ba6fa49c10d471344927a9eca5349cfd76d6966fb9d3dbcc571e04c9f5adf430efed42e1a639dc73b178b93200a97471b504c1cbeb932e97299c8a37fd848e630b3b047e29fb0200be7f5392cca5e2076681421b8d89e3f7dc6b2fb8c38c5c20771361e135965dff8f9c0dcf3cfb853ad76d7c507f1a9c3b8f21ce12581ccd687aa2331d89a7676e6a6b352dc359d7d2baa8b7088b429cafdeed7bc011a103a0d3767b3958f0831858b2", @nested={0x4, 0x120}, @generic="137abf50f24e03465390a8e34f2eab35e53713f39a3f098b6ca8e159277349b9e5715dce734725b0c77de3b28a31", @typed={0x5, 0x86, 0x0, 0x0, @str='\x00'}, @generic="167d5a719d2d2429728d19838779ae49955b2b7ba443df05a156eafca8e609535e3a2662171697f23a60ee815a6f164ddc2f684ac59738e941d280eb1badeaf103afe4b5cd166cd7be520773d8472a4949683926728535443b5d6f70f52453bf1eb61c1bde874747b66f234dc6559ba35abb32b87d5f4edd611713d9434c6cd2986e8be2777e1e213a6e74169ee9d534f41ca55b5daecbc08a0dba565d1b2b9d73b6c1d4c09ed3afac3a2b92dd9ffb85dc4d25d30599b413fc5d65db2acd61dd15978f0d56", @typed={0xc, 0x129, 0x0, 0x0, @u64=0x9}, @nested={0x4, 0xd1}, @generic="3f56850e76a697a5dcc36795db9a46f2ec28b20d82d5155ff950aca1006c9fad807d373e8c3d4625af99d0c4b96e2b477b842298c74f605af3253567fe96a27286f618df0c60bca9c9a7026f0c5ff2dbabc16dc958a013f6d9fd64c95d7a337f376842617eb39f2d697bf545347de973f64b0e304218941763c285eb51396be20f7c6236a43fa5e8d76e44", @typed={0x8, 0x112, 0x0, 0x0, @uid=r9}]}, @generic="055a0744351271bf2b1a2ae9c1ba06c50936b5595dd9aaf0068267b7c80454f2c8c7b475d47b67b59410b1302511c774de92fc392a5dfeeae4d38b9290000620b6dd20bf5928cdfeefba2fa23a8faf3ae871e09a057fa09eb903b05de0304f4ead67060345b987c1b3fec9b6ad564b9199524030b9581ec933ee957594650e905aa003fed7332e7c39c98869eb57f844aa22d06b4c36a9950cc5ffa44bb54115d03cf1bb547dbdc04ef3e61e90d584c6810ad93848604c324e78b950ee39be6e4e6df2c359fa9367cd67e93c556c8a2230e749fe9a9bcec70e8b20a615aae1fbd3d4162aeb7cccb58e6d73684fce387ecca783653fe089e9116e7677e597910ea02edafaa0a8019470803c4bc3c1f276ea79324f6f7e5cdaf8518db01f05f563347a2bdaac1df7600d2161eeff0fbbc415158d0a1177d622e74d8e117e0373df87b7d548a5fcf56c76c74a0ab0b13a7494cd7b0a948d1ceaa34a18dd6efb1abdf43ecefbc6a3f3565f8dc34e3190dd897a4044a5feca96d4e68604636ac153a9f7757c0e92976db5584044be0d38cb6d967dbe9baa0710908f0e9c9d76f222df7ddcbae59fb5c2e9eb92d3764ae35a1dd938d2cc569a70aae9010069f3a6357d172eabd9a4e80dcdaf85b7458e345f6e081e32ac3285420eebefffb08cb5c77e47664e48953c0e55bd266a2d06d153aaa2d543238ade577876fc37cb0963c5117c3070e1e07360c15253d0f42a85c5fa8a95730f77891bf7df7fb17f6358d856386f658488da616b575b8832f0c4eeccd2795c5549278502bb5fd93deb1deee1ed0c3f21b6cb20fad2c8fa3c60ba23b69dd46d8d468a88c0dbab1e343ed49540ce9c11b11d064d4804ce34d99874c123f3aa982cd57094f9d9c7458b538582a6502fb61821667f2be598b62a753135313bf3afa66b90825289e4d3d4be1359824ab73c18c37705004bbeb1d72c262d0a515e77bf6540537bec9cefb4a69a320884df3b1786dd5c24a8b3b7aebf3f37cfcf585e6531c2b241bc44fa4bab9dc5b90f0b1c09df60017bd87459eb0884f971a018d19b7e3fd11a1bbdcab6e247e724e7949198a0479ea66b5d1ac8a18d29471b5668b9412da5ae390ba4be2ee9f313677c59cd090bf0e95fc8bb06ecee7a083d816eff1f57a170f778019ddcd1bfc1a0e8a348d216dd14702fc8280c249cba8971717f013fb43169483fe0d4f1c8c4e478cf0d35471ef94118f7e2f5314a80b900ec803079e1459a927e53df8dd8f69e1e854549ccd1a21b3ab5449b0f4a98bcde39c790f888677874a9352de811bde8113c55a360fdf819d4ee8486f988ee4fc6c2d1a6e062a94b639c1fd347e322491f5a3d625897b309afeb20448423ac48c9853ae21db243aaad17226f12e82e444c66f0fc9f780b8200030883770a5c36cea7c611f0f0918a7511cfde2a64774e5afd71504028bdadef3315993d65c05cba61e73311f188a76cc60e6ed70b4075c72f0da24ffb5434f05132f38e57fb3199298b524b1adcd95f7947bcb36cc26e8cca033c2eac5f9661a5076f2f7c6296e40b2d262a8e5411a7fad18bd23519ebfa5252f261010785393d6a6599ec525958874796513ffe78f2975b3bcd8782ef1e85745b91e539a022c46e18cd5aaa6ffb73cf6dcfcf8d01f478a16289f038a4fb00ef92b0f25b3073b00aef519eaf92559e82df2c21d8a438082d581c39568a6178dfd8f32967777f3c3493946ad7cce14c2fadf752707a4e3b3ea6c72b74dbfee1a6a0624998dc61d78c54a5442322f3f3d1817ef101ef55d5c11cdcf9541473e66b3e16f03c4f3b4c3ef60c35b5d5c51a63b2a4bc145a9da3daafcb46eaa098d2e7c490359a3b5f1a864da6a6db99d42d61d05591b7992f3bfccfb94866074ea308ec54c7f250324a81ccb6240dda402749420e49c81c6117884f575464f6287dac75c5d0fab12c6f9c5eb519516f54b4948097103a1229f76c5459ac54cfb3259053873b9ec733f98349b6d6c4045e1ea4ccfd01dcb1a1c0a040d78ffb93134345e54ae33fbcc91d84c5fe437aa9167a012f47e25ca4705385fbb81583276263d3cafe2562f19b1bfd5ea29cf35777e2a858b938c4f9f6d31bc16c8a08f5522695fc7f996eab3093d64df160e75314c6729e28cac20c8597057465632d345e4896317e770bd5ded95bbaa4ca491bd7458c4ba0c03b9feb5a1f85da2e7fd530037dbc4958c5c445bee85ed3778eb325d2b40577d4e04752818a9835d5eb27ffc42900486013b89c37bf73d9157f34ae15b5f8dde55167620229ac312d7268d8b1778a6bcbf6b74f76b1c6b418b01e570fb1be674e7766773ade736af68f189f6157e47bec442b635cebfaab55deeef93f77dc6d6414fe407bb637b5784550ce625ad3785c983e56a830cfbc3926e09e416a6f749ef5e7b79aa857fa172f74fc696c62304e6795e1dab91ee80b6fdbaea9fa2509fc9d5588f756cbe6258b12dceb3d393ef3d9e6bd65ebe91b16f90469219364cb0c9a6324d1f5603e2a05e2530458239183fa35bd8f87561314f582d2e028c252571b44dd0b3177f4fb55ab93b61d7f750837bbdc20eeb4f0b1fb60215fb1740fbad214ff8365b08947538d95cb72174e0fb0421fdfd630dd58f8de1ad046a8f24950688d5e539c6d2e2af21b1953cce919358db4a1f835e2e70338823b641b467f25935b29267c0c9eb848f03fd441f30189d681fd878519458f63450031ac7533867367602ba442125c2d92012bcca35fb54649c2486c5bc253857818a5681c4078fa56dff7872420304e5d4bb630406e50215753f95e714c87832991e904736b60918d4d2e12cb3cdb22003ffc8160a8c3d14e0c400da1ab2aea3081b73a3b1aa47aa75da6c37817a90c47af07de480bc86480a997f4a3b8d41c5d5533a005ee286a89428b406b963c57e6a6ab26e8b548b75fdb6ad414e753cc8d3b0fd7b839012e8ef7e25a3ef9a74d87b65b300d7d6503a8d5d15611719b6753076a9be1101c35da24533c930a8d5627b102c41ffd1f2e42e919f867b7490138a765f48c24b820e8d426d36361bc333bfff7ad730c436b524488f9f49b52dd1ba5444b15d449dc580c96bd5a046d8f286f01790d89ec22ab26d305bac1470a4247fa08b1f5c71748726f799ace2a2c37efa2103412f8c87107a5aca0d53f875d0e091d7eb7d4c75b35c66454006426e4807665f0b796c4ed7848da67aa2ad461781b69e574a6044d0444f586e6fbf94c8b553097d459fb23d72d63fd9ef7484db21f7b7d3df37fff2900920bd32dd085cab864ee6d8309454260734bdb71ea01e0cbb422850ad1aeb6a650faa0fa30b8cb754dca9120bf937ae1fe7138fd116f1b1b263ca7e08ad59d360f811654ee6cac2afc1fdc46d9c5617a6751898d5f374f74551c3b42fd3974610df4bc62ddb85527dafdc3e09441d68817855ec2dd92ec730667462143eeb7f512414728e7a98ebd935bc61768bb2f3c731652e3875f6f18f3c35df27a81ffc34134e4b463239613e421e7837cb841a851609d06ac689b0be88f5aa653f19784b24b581e30c63250fd1f088e56c5e3bae0a9e364aa26152deb99762bfe24191d8aedc3d7bcd68d44bfc99bbbf0c695719fb8da6c7411f1f471710fceafdb1b5f52842dec549404e35feacd5f4ad3f98771de935657626fce2bd04ffe115774552cb027fd722afe612c5de65759deeec448fb248a2ab27006b1686e0bc71d393e59151b4545c177f96432040b61336c92d9c85533b1439f4c30ea4747d01c50a1e6fd8de17306e2765c0a64f2a2d8a44975f54789f018c72cdf14fef26f8c2331c7102cac4994ee1c8184cd49c919bf0e0683dcaf7cef14299ea478fbf18c0f6bd07ea3a90a39623337f1e28b34649af72af87ee6ec0a888a9f09da076b50df150cb31dd141ac60487ff5d3c5f9987a91784d9d3639d60b7e66d168e5e7625ca115e416728d1a288f3a758599d625f81fd74c35ce1a04d195f6b591b20462360f0b6ee206a363b302288469d73fb680c7ff27c3b44a639d226217be95bb7f995ddb7143b93ad7d8d4bfe26613eb8aa04fbdd6dbfb5fea466847a104eaa45e22e44a2ef71dd7b607a19d85c16a2f9e4b9c3bf70c6493f7e0f277a225840b8a33fe9eacf525b97cfb043b9d6e518c127cc4edc16f77e253d19798e21536a1587ff44315ef7842bc8e15f77034be85e96d21a3000e3e1c65b015582865571e674fcf8f1dd7cb1b291a11487beb51c1520776bc590b03e15aadb84f7233dfc5a9c5a8ece75b5b9e4131638763e96f4942d9f69a6b75fa642d2066b0c51616b4b08d8dd3c07684dfc7939fd92ce9d0a1169ed0b767c79ed2fc321b539867ff1ad5e83953bc0098f1b017b5b7dd380d6b460b8870a9748f6e3f6e9c92832bbdc9d73a33125745f37b7cb39a416aa6155b9e397906bfd6ede05005c46d360d653705a72b3c81ad98d1ec2f0631e25cf4b13acfc29c249b6b2fc9aa7912ad5470454afe9d2068e461f898db40dc44016f570411a4dc31034c88284a27d48a9c7fa90168a97514bfe2a2e0b5fef47e396e14901cc7ef68a01a2ab3c23f7d667cfbdcbf28c736be4653ff935f14475d34c68a8bf92997e451890fbb764afc90c2bb6d12f4ee74493a7e09c4d109c2b465d5b869f23b9e33704c74666e1177865558fc6c74a107c717bf8f5349a1eb7d0fdf2f73bf9410af6ff374f4f032445228da5db1826e4e5b11d2d7352f6a0d36249c63b5cd1232d1a3eda37a3bb7be92e5a45e4a5b173b8e7bb63cce88ed91654824564468b380b08e7eca87fa1a6ca9508e77b73f4f5e1d32630808e04039f3cfe48a2f247f77724fc89ca28226bbc3956157e74ada307f2b3ecee2cbd3fd7c859427c612fdc4e41d2ec495ba3d589bdabceff061ec1620ea3d2460fd0a093b9d88094950257f500f1ecde849fd9ff869ddcc367467f6e78577d1325460c53ed0ab9a275c63be4223da4bdf85d6b66de13f50bd8a97d58d0a0a060bc0b1e86ae14fceead7e1b0e4c11dd2db5b6aecd7ea072e375e35518eabb308027b6581ac45db42698d17a2150533253f68a2ca50d52e477e434fb2e87b8b1c8e0539ad2fa3e92d65283ec8595ef22d85ed7fdd4115e945295db9f98e2d412ed4dec31aa7012ee63841f582b188dfe45c3538b3a87cfcd5e4d13c73f7356d455d26d446557af2a41687f7b725bb045f3a2433d8a0f2eab97269773b780a4178b4583904f4d100a7626fbb84a50f997e3d7f5d56283a4f6b62f925550ad898ab7830fba8feb0355b296a67acec0dca8e2a256b4017a0d58db1748da72de8e10afcee7bdffced1a189bf9118b9152b5407bab660d19af16f699c57dcca2a41b722620621bb8dc3844616267c8d9da93325032943b85ea8b5037934cf56fc663fd87d950e92546fe974bfe4e9df1a9d666cb41f8ccfea7219b6a30c4d6e86804c78453affffe165fb940a7db3303728b4692d902ca70ea11fb21549c8802d868b6fe8fb0344217ce533764fbed6adba2a89de6554a6f00fd9b5ad948bd9a7117322efd20b6c388ac709478e2ebe3eaa962368f6a266e30d7a32785d552c8f8933a8fa53169fc3d569f87849c49df65adbcb36b16cbea982f4b027aab49ff5b4b68062b11c39f4d9093d4157ad5e388a21fa6929da5f88c28ec9a78c885de4f16d36e6a5e5e10fb2b05b130ecfff6f585848d23aa3e755d440162762991b6d021970b4fa8e392add6dc08968a62e9d168b12c6378fef574cb29a54e7887b317ff"]}, 0x14e0}], 0x2, &(0x7f0000003000)=[@rights={{0x14, 0x1, 0x1, [r5]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, r10, r11}}}, @cred={{0x1c, 0x1, 0x2, {r12, r13, 0xee00}}}], 0x58, 0x1}, 0x1)
r14 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000030c0)={0x0, <r15=>0x0})
kcmp$KCMP_EPOLL_TFD(r15, r12, 0x7, r5, &(0x7f0000003140)={r0, r14})
r16 = socket$igmp(0x2, 0x3, 0x2)
sendmsg$inet(r16, &(0x7f00000034c0)={0x0, 0x0, &(0x7f0000003380)=[{&(0x7f0000003180)="366c1bae2e1d3e8587d8a9f5b4213920e6b3a0db0f769a92ab1535d905af77c2f91983c77faaa05743d141c9c99b7e4757370ff0901ef87447ad1d311c6251a0ce1de19204000aa8336f84afe61bcf65a9b1e6ad98ed4865c6c7951baa4acfc787eaab10d38f172f3ef2b499116a3aad84dc537f91", 0x75}, {&(0x7f0000003200)="07187124a7d743c58a4d39bae4f92de80519c93168efc1f5becab4d942d5b597cfe9126da6bff5a242ec0cb7ed47fc6c5cb3b30590b0a14723f78e58c349e4f7e7d41d3ff6290b3f3ca79a3c220a734b", 0x50}, {&(0x7f0000003280)="22a4f39211373fc107211d66fa2aecb9548b282c441fae75ed4f5103d01ddda223737fce0404d7176a6c5d92d8b4ab51149477faac4f9cb24dd6352cfa360a6b26b3e400d9d37a6e7d2458aef555a970b5455c04cccebd8fa97299d8836313c6623d7eae6c37c5422816f832546e42c57124056b57554c0baf4da3bbfe03dbf965b695aca3a3e153ed45f8352e11ad783fdbed526c0fecfade7b87f4422779abe277b567b006ee08efe851f8563db689bbddd4d7e66d3ed8268296ea3770b15c848d2360620fd153eb279a83c606e9beec34d0f150400032dd4bbe3278656640ad3e6e3080941118c09b191263da63ec1c75cd4a", 0xf4}], 0x3, &(0x7f00000033c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r8, @rand_addr=0x64010101, @dev={0xac, 0x14, 0x14, 0x39}}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r8, @rand_addr=0x64010100, @initdev={0xac, 0x1e, 0x1, 0x0}}}}, @ip_retopts={{0x28, 0x0, 0x7, {[@timestamp_prespec={0x44, 0xc, 0x6c, 0x3, 0xd, [{@multicast1, 0x6}]}, @noop, @lsrr={0x83, 0xb, 0x10, [@multicast1, @local]}]}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x80000000}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r8, @local, @multicast1}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x98}}, @ip_retopts={{0x20, 0x0, 0x7, {[@timestamp={0x44, 0x10, 0xc5, 0x0, 0x5, [0x3d0e1449, 0x2, 0x80000001]}]}}}], 0xd8}, 0x200060d0)
getpeername$packet(r0, &(0x7f0000003600)={0x11, 0x0, <r17=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000003640)=0x14)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000037c0)={0x18, 0x5, &(0x7f0000003500)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x5}, [@map_val={0x18, 0x5, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0x3}]}, &(0x7f0000003540)='syzkaller\x00', 0xabd, 0x7b, &(0x7f0000003580)=""/123, 0x40f00, 0x58, '\x00', r17, 0x0, r0, 0x8, &(0x7f0000003680)={0xa, 0x3}, 0x8, 0x10, &(0x7f00000036c0)={0x0, 0x7, 0xc708e1b, 0x401}, 0x10, 0x0, 0x0, 0x5, &(0x7f0000003700)=[r0, r5, r0, r0, r0, r0, r16, 0x1], &(0x7f0000003740)=[{0x3, 0x1, 0xa, 0x8}, {0x1, 0x5, 0xe, 0xa}, {0x0, 0x1, 0xe}, {0x3, 0x1, 0x5, 0xa}, {0x0, 0x4, 0xb, 0x6}], 0x10, 0x5}, 0x94)
recvfrom$l2tp(r0, &(0x7f0000003880)=""/4096, 0x1000, 0x40, &(0x7f0000004880)={0x2, 0x0, @remote}, 0x10)
r18 = openat$selinux_user(0xffffffffffffff9c, &(0x7f00000048c0), 0x2, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r0, 0xc018937c, &(0x7f0000004900)={{0x1, 0x1, 0x18, <r19=>r18, {0x1}}, './file0\x00'})
sendto$inet(0xffffffffffffffff, &(0x7f0000004940)="e3e7dcde93af29eaccfd66b0a0b9616f7f09cdf0425eac79121ab31a7593269e55e92ccede661008db2a88a0948ff54e075a3e6b5e2da8c69c70e719c188c45cfbc994e48232048832a236ee8db5653c8a5efd68dfc8601483909f7bab733e5c8337d2eacca81abe672ac8aa0bad881e278770cc4f6d17334e9224dd0074e0585cfc497285b4b07fac7817b7b4f42616e09cfa4dcf236c73283a83a837269dec266b69869dd93150cd34ba335c0cf603e3819516c25cde95096e140bb611fd8b051fce6499aa26283c2ce149312bbcc026124e57b3417e1a60dea0f0814654ed", 0xe0, 0x44800, 0x0, 0x0)
lsetxattr$security_ima(&(0x7f0000004a40)='./file0\x00', &(0x7f0000004a80), &(0x7f0000004ac0)=@md5={0x1, "030659b19a33cc0ac81c31496210eea3"}, 0x11, 0x2)
getsockopt$inet_sctp6_SCTP_CONTEXT(r19, 0x84, 0x11, &(0x7f0000004b00)={r3, 0x9}, &(0x7f0000004b40)=0x8)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000004ec0)={0x6, 0x1d, &(0x7f0000004b80)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xfffffff2, 0x0, 0x0, 0x0, 0x8000}, {{0x18, 0x1, 0x1, 0x0, r19}}, {}, [@jmp={0x5, 0x1, 0xa, 0x5, 0x8, 0x1, 0xfffffffffffffffc}, @initr0={0x18, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0xffff0001}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8}}, @cb_func={0x18, 0x9, 0x4, 0x0, 0xfffffffffffffffd}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000004c80)='syzkaller\x00', 0x1ff, 0xb6, &(0x7f0000004cc0)=""/182, 0x41100, 0x21, '\x00', r17, 0x25, r19, 0x8, &(0x7f0000004d80)={0x5, 0x3}, 0x8, 0x10, &(0x7f0000004dc0)={0x5, 0x8, 0x6706bcdb, 0x81}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000004e00)=[r19], &(0x7f0000004e40)=[{0x2, 0x3, 0x9, 0x5}, {0x4, 0x1, 0xb, 0x6}, {0x5, 0xf6, 0x0, 0x1}, {0x1, 0x4, 0xe, 0xc}, {0x4, 0x1, 0xd, 0x5}, {0x1, 0x4, 0x2, 0x8}, {0x1, 0x5, 0xd, 0x9}], 0x10, 0x9f}, 0x94)

669.427228ms ago: executing program 1 (id=795):
getsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000000), 0x10)
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)
ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r0, 0x8982, &(0x7f0000000040)={0x1, 'ip6erspan0\x00', {}, 0x40})
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000080)={<r1=>0x0, 0x7, 0x4}, &(0x7f00000000c0)=0x8)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000100)={r1, 0x5}, &(0x7f0000000140)=0x8)
r2 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r4 = open$dir(&(0x7f0000000180)='./file0\x00', 0x80200, 0x40)
ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(r4, 0xc080661a, &(0x7f00000001c0)={@id={0x2, 0x0, @d}})
fstat(r3, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
r6 = getgid()
chown(&(0x7f0000000240)='./file1\x00', r5, r6)
getsockopt$WPAN_SECURITY(r3, 0x0, 0x1, &(0x7f0000000300), &(0x7f0000000340)=0x4)
getpeername$unix(0xffffffffffffffff, &(0x7f0000000380)=@abs, &(0x7f0000000400)=0x6e)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000440)={{0x1, 0x1, 0x18, <r7=>r3, {0x7}}, './file1\x00'})
ioctl$SIOCPNENABLEPIPE(r7, 0x89ed, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000480)={'veth1_to_team\x00', <r8=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(r7, 0x8916, &(0x7f00000004c0)={@dev={0xfe, 0x80, '\x00', 0x11}, 0x4f, r8})
bpf$ENABLE_STATS(0x20, &(0x7f0000000500), 0x4)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000006c0)={0x5, <r9=>0x0}, 0x8)
r10 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)={0x2, 0x4, 0x8, 0x1, 0x80, r7, 0xa5d, '\x00', r8, r7, 0x0, 0x4, 0x3}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x5, 0xc, &(0x7f0000000540)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x2}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0xff}, @btf_id={0x18, 0x3, 0x3, 0x0, 0x5}, @generic={0x20, 0x1, 0x8, 0x5041, 0x2e}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r7}}]}, &(0x7f00000005c0)='GPL\x00', 0x7fd4, 0x98, &(0x7f0000000600)=""/152, 0x41000, 0x4, '\x00', r8, @fallback=0x1e, r7, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, r9, r7, 0x6, &(0x7f0000000780)=[r10, r7, r7], &(0x7f00000007c0)=[{0x5, 0x5, 0x0, 0xc}, {0x0, 0x4, 0x0, 0xc}, {0x1, 0x1, 0xf, 0x1}, {0x5, 0x1, 0x3, 0xa}, {0x3, 0x1, 0x3, 0x4}, {0x2, 0x4, 0x3, 0x8}], 0x10, 0xdd0}, 0x94)
socket$inet_sctp(0x2, 0x4, 0x84)
r11 = syz_open_dev$hidraw(&(0x7f0000000900), 0x57, 0x206500)
ioctl$HIDIOCSFEATURE(r11, 0xc0404806, &(0x7f0000000940)="16c1b801f91cd48c6d0fb8b1fd2927ea4b854f1a82db3a0e0037daa077d54cdb7988c6310326a9e0baa5be70419b9e485cd3ae382ace00a99b15f09ce81213c16d6173d64bd0e6cbadffffe484e63062bc0cab0b3a4a6fc01e70a6fae79a70421e1d9627137a400800f6676ee801dae6f169f3686df05e10a7de626016e7d2742b331b2a914976745ba3628320415bd70d922b61f5b57eced5437a874234a3e9cd2c2597f180c1a302e70d")
setsockopt$TIPC_DEST_DROPPABLE(r7, 0x10f, 0x81, &(0x7f0000000a00)=0xad, 0x4)
sendmsg$NFT_MSG_GETSET(r7, &(0x7f0000000b00)={&(0x7f0000000a40)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x20, 0xa, 0xa, 0x801, 0x0, 0x0, {0x1, 0x0, 0x1}, [@NFTA_SET_HANDLE={0xc, 0x10, 0x1, 0x0, 0x2}]}, 0x20}, 0x1, 0x0, 0x0, 0x4000000}, 0x4008000)
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x1000000, 0xd88f24c1d9251a51, r11, 0xf961b000)
connect$l2tp6(r7, &(0x7f0000000b40)={0xa, 0x0, 0x9, @private2={0xfc, 0x2, '\x00', 0x1}, 0x8, 0x1}, 0x20)

641.09885ms ago: executing program 3 (id=796):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
io_setup(0x8f0, &(0x7f0000002400)=<r1=>0x0)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6, 0x2b, 0x81}]}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000000000000000000004b84ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
io_submit(r1, 0x1, &(0x7f00000001c0)=[&(0x7f0000000100)={0x2000000000, 0x4, 0x0, 0x1, 0x0, r0, &(0x7f0000000040)='\x00\x00\x00\x00\x00\x00', 0x6, 0x0, 0x0, 0x2}])

617.242412ms ago: executing program 4 (id=797):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={{0x14}, [@NFT_MSG_NEWSET={0x5c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0x3}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xc}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x8}, @NFTA_SET_DATA_LEN={0x8, 0x7, 0x1, 0x0, 0x31}, @NFTA_SET_DATA_TYPE={0x8}, @NFTA_SET_OBJ_TYPE={0x8, 0xf, 0x1, 0x0, 0x4}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x84}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
open(&(0x7f0000000000)='./file0\x00', 0x148640, 0x78e22799f4a46f8e)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000340)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[], [], 0x6b}})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000006c0)={0x1, &(0x7f0000000500)=[{0x6, 0x43, 0x0, 0x7fff0000}]})
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0xa, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r6, 0x0, 0x4}, 0x18)
r7 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r7, &(0x7f0000000100)={0x28, 0x0, 0x7fffd8ee}, 0x10)
close_range(r4, 0xffffffffffffffff, 0x0)
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
r9 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
ioctl$F2FS_IOC_RESIZE_FS(r9, 0x4008f510, &(0x7f00000003c0)=0x200)
sendmmsg$inet(r8, &(0x7f0000000c40)=[{{&(0x7f0000000040)={0x2, 0x0, @multicast2}, 0x23, 0x0}}], 0x1e1730a30afb6559, 0x8014)
listen(r8, 0x2)
recvmmsg(r8, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}, 0x7f}], 0x1, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f00000001c0)=ANY=[@ANYRES64=r8, @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r10}, 0x10)
r11 = socket$kcm(0x29, 0x2, 0x0)
close(r11)
syz_open_dev$usbfs(&(0x7f0000000040), 0x73d3, 0x20040)

566.297796ms ago: executing program 2 (id=798):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'veth0_macvtap\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x200, {0x0, 0x0, 0x0, r2, {0xfff2, 0x9}, {0x10}, {0x9, 0xd}}}, 0x24}, 0x1, 0x0, 0x0, 0xc0}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0aeb842f838652d219b5a902000001", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=r2, @ANYRES32, @ANYBLOB="020000000400"/28], 0x50)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="6000000010000104bb00"/21, @ANYRES32=0x0, @ANYBLOB="0000000000000000400012800b000100677265746170000030000280050008007300000008000100", @ANYRES32=r2, @ANYBLOB="05001600010000000800040000000100040012000500160002000000"], 0x60}}, 0x4000000)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'veth0_macvtap\x00'}) (async)
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x200, {0x0, 0x0, 0x0, r2, {0xfff2, 0x9}, {0x10}, {0x9, 0xd}}}, 0x24}, 0x1, 0x0, 0x0, 0xc0}, 0x0) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0aeb842f838652d219b5a902000001", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=r2, @ANYRES32, @ANYBLOB="020000000400"/28], 0x50) (async)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="6000000010000104bb00"/21, @ANYRES32=0x0, @ANYBLOB="0000000000000000400012800b000100677265746170000030000280050008007300000008000100", @ANYRES32=r2, @ANYBLOB="05001600010000000800040000000100040012000500160002000000"], 0x60}}, 0x4000000) (async)

511.82022ms ago: executing program 3 (id=799):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000300)='GPL\x00', 0x2, 0x0, 0x0, 0x40e00, 0x0, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=@newqdisc={0x44, 0x24, 0x3fe3aa0262d8c583, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xf}, {0xffff, 0xffff}, {0xfff1, 0xc}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x14, 0x8002, [@TCA_FQ_PIE_BYTEMODE={0x6, 0xb, 0x1}, @TCA_FQ_PIE_DQ_RATE_ESTIMATOR={0x8}]}}, @TCA_INGRESS_BLOCK={0x0, 0xd, 0xfffff72f}]}, 0x44}, 0x1, 0x0, 0x0, 0x2}, 0x2000400c)
r3 = socket$inet(0x2, 0x3, 0xd)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x52, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000900)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021940000000c0a01030000000000000000070000000900020073797a31000000000900010073797a3000000000680003806400dec6080003400000000258000b80200001800a0001"], 0x118}}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x7, 0x0, 0x0, 0xfffffffb}]})
getsockopt$inet_mreqsrc(r3, 0x0, 0x53, &(0x7f0000000000)={@dev, @local, @broadcast}, &(0x7f0000000040)=0x28)

227.627053ms ago: executing program 2 (id=800):
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x0, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a8000000850000005000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x1f, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1f, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000004c0)='kmem_cache_free\x00', r1}, 0x18)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10)
bind$bt_hci(r2, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r3, 0x400455c8, 0x0)

178.267757ms ago: executing program 1 (id=801):
bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[], 0x48)
add_key$fscrypt_v1(&(0x7f0000002a00), &(0x7f0000000080)={'fscrypt:', @auto=[0x33, 0x34, 0x65, 0x60, 0x64, 0x33, 0x66, 0x32, 0x66, 0x38, 0x31, 0x64, 0x62, 0x36, 0x33, 0x63]}, &(0x7f00000007c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa00", 0x28}, 0x48, 0xffffffffffffffff)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x50) (async, rerun: 64)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000e40)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000040000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (rerun: 64)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={r1, 0xe0, &(0x7f0000000900)={0x0, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000040)=[0x0], ""/16, <r3=>0x0, 0x0, 0x0, 0x0, 0x4, 0x6, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r4=>0x0, 0x52, &(0x7f0000000180)=[{}, {}], 0x10, 0x10, &(0x7f00000001c0), &(0x7f0000000200), 0x8, 0x9e, 0x8, 0x8, &(0x7f0000000240)}}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x3, &(0x7f0000000580)=@framed={{0x18, 0x5, 0x0, 0x0, 0x8}}, 0x0, 0x0, 0x0, 0x0, 0x40e00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000840)=ANY=[@ANYRESDEC=r0, @ANYBLOB="eadefae6ef3176c125", @ANYRES16=r2, @ANYRES16=r2, @ANYRESHEX=r5, @ANYRESHEX=r0, @ANYRESDEC=r0, @ANYRESOCT=r3, @ANYBLOB="d08e5ddc37c162a1732d19a89e763d1f28a4046ff17615cf9639ff4f2e2baa88294924331e6d16f8ae80ca71218b494ec192d3d18a6559e1aaf317cce857add7a7c953b0d17148880508e1dd", @ANYRES8], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r6}, 0x10)
writev(0xffffffffffffffff, &(0x7f0000000080)=[{0x0}], 0x1)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'ip6_vti0\x00', <r8=>0x0})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
socket$kcm(0xa, 0x5, 0x0) (async)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10c002, 0xac5d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r9, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
unshare(0x64000600) (async)
r10 = gettid() (async, rerun: 64)
syz_clone(0x42164000, 0x0, 0x0, 0x0, 0x0, 0x0) (async, rerun: 64)
r11 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="3c00000010000304f9ffbffffedbdf2500007400", @ANYRES32=r8, @ANYBLOB="049c01000750050008001300", @ANYRES32=r10, @ANYBLOB="1400030076"], 0x3c}, 0x1, 0x0, 0x0, 0x4802}, 0x42850)

163.473297ms ago: executing program 3 (id=802):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
ioprio_set$uid(0x3, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x6a)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1)

145.584589ms ago: executing program 3 (id=803):
accept4$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0) (async)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f0000000600)=ANY=[@ANYBLOB="fc000000190001002dbd70000000000000000000000000000000000000000001fe8000000000000000000000000000bb00000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00010000000000000c00000000000000000000000000000000000000000000000200000000000000ffffffffffffffff000000000020000000000000000000000000000000000000000a000000000000feffffffff7f4000020000000000000800000000000000000100000000000000440005007f000001000000000000000000000000000100003c"], 0xfc}}, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000040)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, ' \x00', 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x5}}}}}}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a64000000060a030600000000000000000a0000090900010073797a31000000000900020073797a32000000003800048034000180090001007866726d000000002400028008000140000000000500030001000000080002400000000408000440"], 0x8c}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)
r2 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000001540)={0x18, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x9, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r3, 0x0, 0xfffffffffffffffc}, 0x18) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r3, 0x0, 0xfffffffffffffffc}, 0x18)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000000), 0x4) (async)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f0000000100)=0x1800, 0x4) (async)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f0000000100)=0x1800, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r2)
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f00000001c0)={'syz_tun\x00', &(0x7f0000000040)=@ethtool_link_settings={0x2, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x20, 0x8, [0x0, 0x0, 0x0, 0x100, 0x5, 0x0, 0x0, 0x2]}})
socket$inet6_icmp_raw(0xa, 0x3, 0x3a) (async)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'bridge0\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r5=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="280000007000010010ab4be68e8da23507000000", @ANYRES32=r5, @ANYBLOB="1000018004000480080001"], 0x28}}, 0x0)
r6 = syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581)
r7 = fcntl$dupfd(r6, 0x0, r6)
ioctl$USBDEVFS_SUBMITURB(r7, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x80, 0x0, 0x0, 0x0, 0x7995}, 0xfff7, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x7, 0x0, 0x1, 0x4b, '\x00', r5, r7, 0x2, 0x2, 0x5}, 0x50) (async)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x7, 0x0, 0x1, 0x4b, '\x00', r5, r7, 0x2, 0x2, 0x5}, 0x50)

2.48489ms ago: executing program 3 (id=804):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.time\x00', 0x26e1, 0x0)
close(r0) (async)
r1 = pidfd_getfd(r0, r0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x6, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="180200000400fff800000000000000008500000041000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0x915940ab3f6031c7, r1, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r0, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000001240)="b9ff03076804268c989e14f088a8", 0x0, 0x4068, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

0s ago: executing program 3 (id=805):
r0 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_START_AP(r1, 0x0, 0x0) (async)
r2 = socket(0x10, 0x3, 0x9)
sendmsg$NFT_BATCH(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="14000000f303010000000000000000000a00000a14"], 0x28}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0) (async)
capset(&(0x7f0000000300)={0x19980330}, &(0x7f00000002c0)={0xffffff7f, 0x400002, 0xffffeffe, 0x1, 0xebe, 0xcd}) (async, rerun: 64)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (rerun: 64)
bind$bt_sco(r3, &(0x7f0000000280)={0x1f, @none}, 0x8)
listen(r3, 0x7)
connect$bt_sco(r3, &(0x7f0000000000)={0x1f, @none}, 0x8)
io_setup(0x202, &(0x7f0000000200))
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc3}, 0x0, 0x0, 0xfffffffffffffffa) (async, rerun: 32)
r4 = socket$kcm(0x1e, 0x4, 0x0) (rerun: 32)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0x17, 0x6, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x19, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='block_bio_remap\x00', r6}, 0x10) (async)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) (async, rerun: 32)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000010000000a00000008"], 0x48) (rerun: 32)
r7 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]}) (async, rerun: 32)
shmctl$IPC_RMID(0x0, 0x13) (async, rerun: 32)
setsockopt$sock_attach_bpf(r4, 0x10f, 0x87, &(0x7f00000008c0), 0x43) (async)
r8 = socket$kcm(0x1e, 0x4, 0x0)
setsockopt$sock_attach_bpf(r8, 0x10f, 0x87, &(0x7f00000008c0), 0x43) (async, rerun: 32)
r9 = timerfd_create(0x0, 0x0) (rerun: 32)
timerfd_settime(r9, 0x3, &(0x7f0000000440)={{0x0, 0x989680}}, 0x0) (async)
read(r9, &(0x7f0000000240)=""/123, 0x7b)

kernel console output (not intermixed with test programs):

.871401][ T5165] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.416: invalid indirect mapped block 1811939328 (level 0)
[   72.889419][  T289] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   72.896605][ T5165] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.416: invalid indirect mapped block 2185560079 (level 1)
[   72.930726][ T5165] EXT4-fs (loop4): 1 truncate cleaned up
[   72.937074][ T5165] EXT4-fs mount: 22 callbacks suppressed
[   72.937171][ T5165] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none.
[   72.989773][ T3326] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[   73.074190][ T4941] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   73.085095][ T5046] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   73.196482][   T31] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   73.206538][ T5046] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   73.270932][ T5173] loop1: detected capacity change from 0 to 256
[   73.284251][ T5046] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   73.294403][ T5173] FAT-fs (loop1): bogus sectors per cluster 30
[   73.300662][ T5173] FAT-fs (loop1): Can't find a valid FAT filesystem
[   73.353282][ T5173] netlink: 72 bytes leftover after parsing attributes in process `wÞ£ÿ'.
[   73.413919][ T5180] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[   73.423587][ T5180] block device autoloading is deprecated and will be removed.
[   73.441849][ T5145] netlink: 4 bytes leftover after parsing attributes in process `syz.0.410'.
[   73.469045][ T5180] syzkaller0: entered promiscuous mode
[   73.474624][ T5180] syzkaller0: entered allmulticast mode
[   73.489213][ T5145] team0 (unregistering): Port device team_slave_0 removed
[   73.498688][ T5145] team0 (unregistering): Port device team_slave_1 removed
[   73.518687][ T5186] pim6reg: entered allmulticast mode
[   73.535283][ T5185] lo speed is unknown, defaulting to 1000
[   73.664261][ T5186] pim6reg: left allmulticast mode
[   73.678188][ T5193] loop4: detected capacity change from 0 to 164
[   73.688871][ T5193] ISOFS: unable to read i-node block
[   73.699437][ T5193] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[   73.734379][ T5192] loop1: detected capacity change from 0 to 512
[   73.765031][ T5186] netlink: 164 bytes leftover after parsing attributes in process `syz.0.410'.
[   73.818480][ T5197] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   73.826023][ T5197] batman_adv: batadv0: Removing interface: batadv_slave_0
[   73.844006][ T5197] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   73.851678][ T5197] batman_adv: batadv0: Removing interface: batadv_slave_1
[   73.863961][ T5192] EXT4-fs: inline encryption not supported
[   73.893012][ T5192] EXT4-fs (loop1): failed to initialize system zone (-117)
[   73.918042][ T5192] EXT4-fs (loop1): mount failed
[   73.945174][ T5192] loop1: detected capacity change from 0 to 512
[   73.958285][ T5192] ext4: Unknown parameter 'nouser_xattr'
[   74.028120][   T31] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[   74.040341][   T31] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[   74.084585][ T5212] loop4: detected capacity change from 0 to 512
[   74.092819][   T31] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[   74.101045][   T31] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[   74.188289][ T5212] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   74.197071][ T5212] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002]
[   74.247724][ T5212] System zones: 0-1, 15-15, 18-18, 34-34
[   74.258494][ T5212] EXT4-fs (loop4): orphan cleanup on readonly fs
[   74.265257][ T5212] EXT4-fs warning (device loop4): ext4_enable_quotas:7221: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[   74.269095][ T5229] ip6t_srh: unknown srh match flags  4000
[   74.279887][ T5212] EXT4-fs (loop4): Cannot turn on quotas: error -22
[   74.292900][ T5212] EXT4-fs (loop4): 1 truncate cleaned up
[   74.298872][ T5212] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   74.336145][ T3326] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.445416][ T5247] syzkaller1: entered promiscuous mode
[   74.450971][ T5247] syzkaller1: entered allmulticast mode
[   74.584772][ T5268] loop4: detected capacity change from 0 to 512
[   74.594564][ T5268] EXT4-fs: inline encryption not supported
[   74.601232][ T5237] netlink: 'syz.1.436': attribute type 30 has an invalid length.
[   74.611308][ T5268] EXT4-fs error (device loop4): ext4_orphan_get:1417: comm syz.4.440: bad orphan inode 15
[   74.624160][ T5268] ext4_test_bit(bit=14, block=5) = 0
[   74.631219][ T5268] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   74.651378][ T5268] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[   74.727392][ T5274] loop1: detected capacity change from 0 to 1024
[   74.744516][ T3326] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.756962][ T5274] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   74.780499][ T5279] netlink: 'syz.4.442': attribute type 21 has an invalid length.
[   74.803534][ T5279] loop4: detected capacity change from 0 to 512
[   74.810497][ T5279] ext4: Unknown parameter './file1'
[   74.825827][ T5279] loop4: detected capacity change from 0 to 512
[   74.832558][ T5279] ext4: Unknown parameter './file1'
[   74.852123][ T5279] ext4: Unknown parameter './file1'
[   74.865538][ T5279] ext4: Unknown parameter './file1'
[   74.879359][ T5279] ext4: Unknown parameter './file1'
[   74.891822][ T5279] ext4: Unknown parameter './file1'
[   74.905099][ T5279] ext4: Unknown parameter './file1'
[   74.917867][ T5279] ext4: Unknown parameter './file1'
[   74.930987][ T5279] ext4: Unknown parameter './file1'
[   74.944512][ T5279] ext4: Unknown parameter './file1'
[   74.956266][ T5279] ext4: Unknown parameter './file1'
[   74.969468][ T5279] ext4: Unknown parameter './file1'
[   74.981746][ T5279] ext4: Unknown parameter './file1'
[   74.994117][ T5279] ext4: Unknown parameter './file1'
[   75.007480][ T5279] ext4: Unknown parameter './file1'
[   75.020574][ T5279] ext4: Unknown parameter './file1'
[   75.034452][ T5279] ext4: Unknown parameter './file1'
[   75.046415][ T5279] ext4: Unknown parameter './file1'
[   75.059727][ T5279] ext4: Unknown parameter './file1'
[   75.072013][ T5279] ext4: Unknown parameter './file1'
[   75.084677][ T5279] ext4: Unknown parameter './file1'
[   75.097610][ T5279] ext4: Unknown parameter './file1'
[   75.110925][ T5279] ext4: Unknown parameter './file1'
[   75.124042][ T5279] ext4: Unknown parameter './file1'
[   75.136947][ T5279] ext4: Unknown parameter './file1'
[   75.149990][ T5279] ext4: Unknown parameter './file1'
[   75.203776][ T5279] ext4: Unknown parameter './file1'
[   75.252747][ T5279] ext4: Unknown parameter './file1'
[   75.281010][ T5279] ext4: Unknown parameter './file1'
[   75.294742][ T5279] ext4: Unknown parameter './file1'
[   75.303562][ T5279] ext4: Unknown parameter './file1'
[   75.317761][ T5279] ext4: Unknown parameter './file1'
[   75.336379][ T5279] ext4: Unknown parameter './file1'
[   75.349681][ T5279] ext4: Unknown parameter './file1'
[   75.365026][ T5279] ext4: Unknown parameter './file1'
[   75.379375][ T5279] ext4: Unknown parameter './file1'
[   75.388151][ T5279] ext4: Unknown parameter './file1'
[   75.396417][ T5279] ext4: Unknown parameter './file1'
[   75.410201][ T5279] ext4: Unknown parameter './file1'
[   75.423308][ T5279] ext4: Unknown parameter './file1'
[   75.432723][ T5279] ext4: Unknown parameter './file1'
[   75.441316][ T5279] ext4: Unknown parameter './file1'
[   75.454472][ T5279] ext4: Unknown parameter './file1'
[   75.499315][ T5279] ext4: Unknown parameter './file1'
[   75.521334][ T5279] ext4: Unknown parameter './file1'
[   75.553331][ T5284] team0: Port device team_slave_1 removed
[   75.640457][ T5295] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   75.653569][ T5295] EXT4-fs (loop4): 1 truncate cleaned up
[   75.659990][ T5295] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   75.796754][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.939360][ T5314] __nla_validate_parse: 14 callbacks suppressed
[   75.939377][ T5314] netlink: 24 bytes leftover after parsing attributes in process `syz.1.449'.
[   76.090762][   T12] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   76.107370][   T12] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   76.126157][   T12] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   76.210167][   T12] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   76.313286][ T5321] netlink: 'syz.2.454': attribute type 27 has an invalid length.
[   76.592801][ T3326] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.788406][ T5335] netlink: 'syz.1.458': attribute type 4 has an invalid length.
[   76.892451][ T5336] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   76.943339][ T5336] ext4 filesystem being mounted at /103/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   77.052125][ T5340] EXT4-fs (loop1): too many log groups per flexible block group
[   77.094259][ T5344] netlink: 132 bytes leftover after parsing attributes in process `syz.3.461'.
[   77.112865][ T5348] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.457: bg 0: block 345: padding at end of block bitmap is not set
[   77.127193][ T5340] EXT4-fs (loop1): failed to initialize mballoc (-12)
[   77.134259][ T5340] EXT4-fs (loop1): mount failed
[   77.171955][ T5348] EXT4-fs (loop4): Remounting filesystem read-only
[   77.178857][  T289] EXT4-fs warning (device loop4): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[   77.206955][ T5357] netlink: 8 bytes leftover after parsing attributes in process `syz.0.462'.
[   77.226539][ T5357] netlink: 8 bytes leftover after parsing attributes in process `syz.0.462'.
[   77.249376][ T5357] netlink: 8 bytes leftover after parsing attributes in process `syz.0.462'.
[   77.282445][   T29] kauditd_printk_skb: 295 callbacks suppressed
[   77.282462][   T29] audit: type=1326 audit(1765838625.986:3352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5354 comm="syz.3.464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa108e7f749 code=0x7ffc0000
[   77.286848][ T5357] netlink: 8 bytes leftover after parsing attributes in process `syz.0.462'.
[   77.290508][   T29] audit: type=1326 audit(1765838625.986:3353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5354 comm="syz.3.464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa108e7f749 code=0x7ffc0000
[   77.344107][   T29] audit: type=1326 audit(1765838625.986:3354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5354 comm="syz.3.464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=158 compat=0 ip=0x7fa108e7f749 code=0x7ffc0000
[   77.367505][   T29] audit: type=1326 audit(1765838625.986:3355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5354 comm="syz.3.464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa108e7f749 code=0x7ffc0000
[   77.391012][   T29] audit: type=1326 audit(1765838625.986:3356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5354 comm="syz.3.464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa108e7f749 code=0x7ffc0000
[   77.415257][ T3326] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.555198][ T5382] serio: Serial port ptm0
[   77.715161][ T5382] serio: Serial port ptm0
[   77.873431][ T5403] netlink: 96 bytes leftover after parsing attributes in process `syz.4.475'.
[   77.905326][ T5403] vlan1: entered allmulticast mode
[   77.910499][ T5403] gretap0: entered allmulticast mode
[   77.990926][   T29] audit: type=1326 audit(1765838626.676:3357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5411 comm="syz.3.477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa108e7f749 code=0x7ffc0000
[   78.014433][   T29] audit: type=1326 audit(1765838626.676:3358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5411 comm="syz.3.477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=111 compat=0 ip=0x7fa108e7f749 code=0x7ffc0000
[   78.037798][   T29] audit: type=1326 audit(1765838626.676:3359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5411 comm="syz.3.477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa108e7f749 code=0x7ffc0000
[   78.061135][   T29] audit: type=1326 audit(1765838626.676:3360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5411 comm="syz.3.477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=434 compat=0 ip=0x7fa108e7f749 code=0x7ffc0000
[   78.084489][   T29] audit: type=1326 audit(1765838626.676:3361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5411 comm="syz.3.477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa108e7f749 code=0x7ffc0000
[   78.130372][ T5420] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2816 sclass=netlink_route_socket pid=5420 comm=syz.3.478
[   78.147440][ T5387] cgroup: fork rejected by pids controller in /syz0
[   78.335732][ T5446] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[   78.435233][ T5460] netlink: 'syz.3.486': attribute type 5 has an invalid length.
[   78.443204][ T5460] netlink: 44 bytes leftover after parsing attributes in process `syz.3.486'.
[   78.532374][ T5469] netlink: 24 bytes leftover after parsing attributes in process `syz.3.490'.
[   78.596810][ T5469] netlink: 8 bytes leftover after parsing attributes in process `syz.3.490'.
[   79.513361][ T5499] netlink: 'syz.1.498': attribute type 5 has an invalid length.
[   79.575577][ T5506] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[   79.582138][ T5506] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   79.589694][ T5506] vhci_hcd vhci_hcd.0: Device attached
[   79.623889][ T5508] vhci_hcd: connection closed
[   79.624065][ T4368] vhci_hcd vhci_hcd.1: stop threads
[   79.634204][ T4368] vhci_hcd vhci_hcd.1: release socket
[   79.639590][ T4368] vhci_hcd vhci_hcd.1: disconnect device
[   80.153852][ T5520] set_capacity_and_notify: 46 callbacks suppressed
[   80.153872][ T5520] loop1: detected capacity change from 0 to 512
[   80.207696][ T5520] EXT4-fs: Ignoring removed mblk_io_submit option
[   80.231680][ T5520] EXT4-fs: Ignoring removed orlov option
[   80.241752][ T5520] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[   80.272004][ T5520] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2842e12c, mo2=0002]
[   80.280011][ T5520] System zones: 1-12
[   80.285208][ T5520] EXT4-fs (loop1): orphan cleanup on readonly fs
[   80.291983][ T5520] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.504: invalid indirect mapped block 12 (level 1)
[   80.305769][ T5520] EXT4-fs (loop1): Remounting filesystem read-only
[   80.313937][ T5520] EXT4-fs (loop1): 1 truncate cleaned up
[   80.322437][ T5520] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none.
[   80.351463][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[   80.524913][ T5541] loop1: detected capacity change from 0 to 512
[   80.627055][ T5547] netlink: 'syz.4.510': attribute type 5 has an invalid length.
[   80.693493][ T5549] loop4: detected capacity change from 0 to 512
[   80.718515][ T5551] netlink: 'syz.2.513': attribute type 21 has an invalid length.
[   80.734316][ T5551] lo: entered promiscuous mode
[   80.739154][ T5551] lo: entered allmulticast mode
[   80.747928][ T5549] EXT4-fs (loop4): orphan cleanup on readonly fs
[   80.766461][ T5549] EXT4-fs error (device loop4): ext4_orphan_get:1417: comm syz.4.511: bad orphan inode 13
[   80.788526][ T5554] loop1: detected capacity change from 0 to 512
[   80.792639][ T5551] tunl0: entered promiscuous mode
[   80.799910][ T5551] tunl0: entered allmulticast mode
[   80.805811][ T5549] ext4_test_bit(bit=12, block=18) = 1
[   80.811217][ T5549] is_bad_inode(inode)=0
[   80.815505][ T5549] NEXT_ORPHAN(inode)=2130706432
[   80.820490][ T5549] max_ino=32
[   80.823738][ T5549] i_nlink=1
[   80.827300][ T5554] EXT4-fs: inline encryption not supported
[   80.842241][ T5554] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.514: bg 0: block 5: invalid block bitmap
[   80.855049][ T5549] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   80.855126][ T5551] gre0: entered promiscuous mode
[   80.855142][ T5551] gre0: entered allmulticast mode
[   80.859295][ T5551] gretap0: entered promiscuous mode
[   80.882458][ T5549] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.883772][ T5551] gretap0: entered allmulticast mode
[   80.899180][ T5554] EXT4-fs error (device loop1): ext4_xattr_inode_iget:446: comm syz.1.514: error while reading EA inode 32 err=-116
[   80.915110][ T5549] /dev/rnullb0: Can't lookup blockdev
[   80.922164][ T5554] EXT4-fs (loop1): 1 orphan inode deleted
[   80.932351][ T5554] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   80.982639][ T5551] erspan0: entered promiscuous mode
[   80.987910][ T5551] erspan0: entered allmulticast mode
[   80.994612][ T5551] ip_vti0: entered promiscuous mode
[   80.999929][ T5551] ip_vti0: entered allmulticast mode
[   81.016037][ T5551] ip6_vti0: entered promiscuous mode
[   81.021381][ T5551] ip6_vti0: entered allmulticast mode
[   81.027850][ T5551] sit0: entered promiscuous mode
[   81.032859][ T5551] sit0: entered allmulticast mode
[   81.039287][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.039827][ T5551] ip6tnl0: entered promiscuous mode
[   81.053784][ T5551] ip6tnl0: entered allmulticast mode
[   81.060659][ T5551] ip6gre0: entered promiscuous mode
[   81.066144][ T5551] ip6gre0: entered allmulticast mode
[   81.073215][ T5551] syz_tun: entered promiscuous mode
[   81.078589][ T5551] syz_tun: entered allmulticast mode
[   81.085846][ T5551] ip6gretap0: entered promiscuous mode
[   81.091349][ T5551] ip6gretap0: entered allmulticast mode
[   81.098862][ T5551] bridge0: entered promiscuous mode
[   81.104201][ T5551] bridge0: entered allmulticast mode
[   81.113855][ T5551] vcan0: entered promiscuous mode
[   81.114129][ T5562] loop1: detected capacity change from 0 to 128
[   81.118969][ T5551] vcan0: entered allmulticast mode
[   81.132285][ T5551] bond0: entered promiscuous mode
[   81.137651][ T5551] bond0: entered allmulticast mode
[   81.144996][ T5551] dummy0: entered promiscuous mode
[   81.150443][ T5551] dummy0: entered allmulticast mode
[   81.156130][ T5551] nlmon0: entered promiscuous mode
[   81.161358][ T5551] nlmon0: entered allmulticast mode
[   81.170581][ T5551] caif0: entered promiscuous mode
[   81.176054][ T5551] caif0: entered allmulticast mode
[   81.181217][ T5551] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   81.222408][ T5564] __nla_validate_parse: 73 callbacks suppressed
[   81.222436][ T5564] netlink: 40 bytes leftover after parsing attributes in process `syz.4.517'.
[   81.272589][ T5570] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[   81.272619][ T5570] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   81.272730][ T5570] vhci_hcd vhci_hcd.0: Device attached
[   81.272997][ T5573] vhci_hcd: connection closed
[   81.273180][ T2477] vhci_hcd vhci_hcd.1: stop threads
[   81.273196][ T2477] vhci_hcd vhci_hcd.1: release socket
[   81.273248][ T2477] vhci_hcd vhci_hcd.1: disconnect device
[   81.293458][ T5565] xt_hashlimit: overflow, try lower: 17592186044416/11
[   81.396288][ T5572] loop2: detected capacity change from 0 to 512
[   81.412093][ T5578] netlink: 4 bytes leftover after parsing attributes in process `syz.4.520'.
[   81.455836][ T5572] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.518: bg 0: block 248: padding at end of block bitmap is not set
[   81.480640][ T5572] EXT4-fs error (device loop2): ext4_acquire_dquot:6986: comm syz.2.518: Failed to acquire dquot type 1
[   81.498524][ T5572] EXT4-fs (loop2): 1 truncate cleaned up
[   81.504691][ T5572] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   81.517452][ T5572] ext4 filesystem being mounted at /89/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   81.728504][ T5597] loop4: detected capacity change from 0 to 1024
[   81.744045][ T5597] journal_path: Non-blockdev passed as './file1'
[   81.750431][ T5597] EXT4-fs: error: could not find journal device path
[   81.809373][ T5597] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   81.873262][ T5597] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   81.923946][ T5597] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   82.003735][ T5597] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   82.099079][ T1087] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   82.110881][ T1087] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   82.127122][ T1087] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   82.159135][ T1087] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   82.167659][ T5572] syz.2.518 (5572) used greatest stack depth: 9088 bytes left
[   82.176238][ T3328] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.292741][ T5612] netlink: 20 bytes leftover after parsing attributes in process `syz.4.529'.
[   82.336490][ T5618] netlink: 'syz.2.531': attribute type 5 has an invalid length.
[   82.344214][ T5618] netlink: 44 bytes leftover after parsing attributes in process `syz.2.531'.
[   82.423140][   T29] kauditd_printk_skb: 398 callbacks suppressed
[   82.423159][   T29] audit: type=1400 audit(1765838631.126:3758): avc:  denied  { map } for  pid=5622 comm="syz.2.532" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   82.465470][ T5625] loop2: detected capacity change from 0 to 512
[   82.534686][ T5625] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #16: comm syz.2.532: corrupted inode contents
[   82.551864][ T5625] EXT4-fs (loop2): Remounting filesystem read-only
[   82.562628][ T5625] EXT4-fs (loop2): 1 truncate cleaned up
[   82.568834][ T5625] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   82.581712][ T5625] ext4 filesystem being mounted at /92/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   82.593061][ T1087] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   82.603722][ T1087] Quota error (device loop2): write_blk: dquota write failed
[   82.611101][ T1087] Quota error (device loop2): remove_free_dqentry: Can't write block (5) with free entries
[   82.621120][ T1087] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   82.631723][ T1087] Quota error (device loop2): write_blk: dquota write failed
[   82.639112][ T1087] Quota error (device loop2): free_dqentry: Can't move quota data block (5) to free list
[   82.662511][ T5625] syzkaller1: tun_chr_ioctl cmd 1074025677
[   82.668514][ T5625] syzkaller1: linktype set to 823
[   82.694528][ T5625] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   82.702026][ T5625] vhci_hcd vhci_hcd.2: invalid port number 96
[   82.708152][ T5625] vhci_hcd vhci_hcd.2: default hub control req: 0300 vfffa i0060 l0
[   82.787233][ T5635] lo speed is unknown, defaulting to 1000
[   82.794290][ T3328] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.796979][ T1087] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[   82.813451][ T1087] Quota error (device loop2): v2_write_file_info: Can't write info structure
[   82.862133][ T1087] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14
[   82.894624][   T29] audit: type=1400 audit(1765838631.596:3759): avc:  denied  { listen } for  pid=5638 comm="syz.3.537" laddr=::1 lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   82.998731][ T5634] lo speed is unknown, defaulting to 1000
[   83.015470][   T29] audit: type=1400 audit(1765838631.626:3760): avc:  denied  { append } for  pid=5640 comm="syz.2.536" name="001" dev="devtmpfs" ino=147 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   83.038485][   T29] audit: type=1326 audit(1765838631.636:3761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5640 comm="syz.2.536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f836742f749 code=0x7ffc0000
[   83.143819][ T5641] netlink: 224 bytes leftover after parsing attributes in process `syz.2.536'.
[   83.156204][ T5647] netlink: 80 bytes leftover after parsing attributes in process `syz.3.539'.
[   83.292697][ T5659] netlink: 'syz.1.542': attribute type 5 has an invalid length.
[   83.300399][ T5659] netlink: 44 bytes leftover after parsing attributes in process `syz.1.542'.
[   83.353940][ T5661] loop1: detected capacity change from 0 to 512
[   83.377907][ T5661] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   83.396501][ T5628] loop4: detected capacity change from 0 to 736
[   83.422349][ T5661] EXT4-fs (loop1): 1 truncate cleaned up
[   83.436921][ T5661] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   83.565355][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.644991][ T5667] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   83.684895][ T5667] EXT4-fs (loop1): 1 truncate cleaned up
[   83.691319][ T5667] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   83.725115][ T5410] syz.0.472 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[   83.735823][ T5410] CPU: 0 UID: 0 PID: 5410 Comm: syz.0.472 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   83.735879][ T5410] Tainted: [W]=WARN
[   83.735888][ T5410] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   83.735983][ T5410] Call Trace:
[   83.735992][ T5410]  <TASK>
[   83.736002][ T5410]  __dump_stack+0x1d/0x30
[   83.736026][ T5410]  dump_stack_lvl+0xe8/0x140
[   83.736132][ T5410]  dump_stack+0x15/0x1b
[   83.736158][ T5410]  dump_header+0x81/0x240
[   83.736196][ T5410]  oom_kill_process+0x295/0x350
[   83.736224][ T5410]  out_of_memory+0x97b/0xb80
[   83.736248][ T5410]  try_charge_memcg+0x610/0xa10
[   83.736281][ T5410]  charge_memcg+0x51/0xc0
[   83.736348][ T5410]  __mem_cgroup_charge+0x28/0xb0
[   83.736383][ T5410]  shmem_get_folio_gfp+0x470/0xd50
[   83.736420][ T5410]  shmem_write_begin+0xfc/0x1f0
[   83.736511][ T5410]  generic_perform_write+0x184/0x490
[   83.736553][ T5410]  shmem_file_write_iter+0xc5/0xf0
[   83.736592][ T5410]  __kernel_write_iter+0x2d6/0x540
[   83.736617][ T5410]  ? __pfx_shmem_file_write_iter+0x10/0x10
[   83.736693][ T5410]  dump_user_range+0x61e/0x8f0
[   83.736733][ T5410]  elf_core_dump+0x1de7/0x1f80
[   83.736769][ T5410]  ? 0xffffffffff600000
[   83.736871][ T5410]  coredump_write+0xacf/0xdf0
[   83.736923][ T5410]  vfs_coredump+0x24f7/0x2e60
[   83.736964][ T5410]  ? __memcg_slab_free_hook+0xbc/0x230
[   83.736999][ T5410]  ? kmem_cache_free+0xe3/0x3a0
[   83.737089][ T5410]  ? proc_coredump_connector+0x114/0x220
[   83.737117][ T5410]  get_signal+0xd84/0xf70
[   83.737264][ T5410]  arch_do_signal_or_restart+0x96/0x450
[   83.737310][ T5410]  irqentry_exit+0xfb/0x560
[   83.737342][ T5410]  asm_exc_page_fault+0x26/0x30
[   83.737364][ T5410] RIP: 0033:0x7f268b8ef751
[   83.737381][ T5410] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[   83.737526][ T5410] RSP: 002b:00000000fffffd10 EFLAGS: 00010217
[   83.737543][ T5410] RAX: 0000000000000000 RBX: 00007f268bb46180 RCX: 00007f268b8ef749
[   83.737558][ T5410] RDX: 0000000000000000 RSI: 00000000fffffd10 RDI: 0000000001000000
[   83.737573][ T5410] RBP: 00007f268b973f91 R08: 0000000000000000 R09: 0000000000000000
[   83.737589][ T5410] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[   83.737608][ T5410] R13: 00007f268bb46218 R14: 00007f268bb46180 R15: 00007ffd5d201c38
[   83.737635][ T5410]  </TASK>
[   83.737644][ T5410] memory: usage 307200kB, limit 307200kB, failcnt 20288
[   83.986575][ T5410] memory+swap: usage 432180kB, limit 9007199254740988kB, failcnt 0
[   83.994562][ T5410] kmem: usage 5676kB, limit 9007199254740988kB, failcnt 0
[   84.001850][ T5410] Memory cgroup stats for /syz0:
[   84.095424][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.125441][ T5410] cache 308617216
[   84.129367][ T5410] rss 118784
[   84.132743][ T5410] shmem 308613120
[   84.136480][ T5410] mapped_file 0
[   84.139958][ T5410] dirty 0
[   84.143730][ T5410] writeback 0
[   84.147059][ T5410] workingset_refault_anon 8
[   84.151674][ T5410] workingset_refault_file 67
[   84.156309][ T5410] swap 127979520
[   84.159864][ T5410] swapcached 16384
[   84.163622][ T5410] pgpgin 177035
[   84.167085][ T5410] pgpgout 101654
[   84.170660][ T5410] pgfault 64191
[   84.174805][ T5410] pgmajfault 8
[   84.178197][ T5410] inactive_anon 177098752
[   84.182559][ T5410] active_anon 131649536
[   84.186727][ T5410] inactive_file 4096
[   84.190619][ T5410] active_file 0
[   84.194122][ T5410] unevictable 0
[   84.197589][ T5410] hierarchical_memory_limit 314572800
[   84.203680][ T5410] hierarchical_memsw_limit 9223372036854771712
[   84.209833][ T5410] total_cache 308617216
[   84.214083][ T5410] total_rss 118784
[   84.217852][ T5410] total_shmem 308613120
[   84.222029][ T5410] total_mapped_file 0
[   84.226023][ T5410] total_dirty 0
[   84.229598][ T5410] total_writeback 0
[   84.234063][ T5410] total_workingset_refault_anon 8
[   84.239120][ T5410] total_workingset_refault_file 67
[   84.244274][ T5410] total_swap 127979520
[   84.248418][ T5410] total_swapcached 16384
[   84.252688][ T5410] total_pgpgin 177035
[   84.256678][ T5410] total_pgpgout 101654
[   84.260741][ T5410] total_pgfault 64191
[   84.265397][ T5410] total_pgmajfault 8
[   84.269345][ T5410] total_inactive_anon 177098752
[   84.274213][ T5410] total_active_anon 131649536
[   84.278909][ T5410] total_inactive_file 4096
[   84.283351][ T5410] total_active_file 0
[   84.287339][ T5410] total_unevictable 0
[   84.291327][ T5410] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.472,pid=5394,uid=0
[   84.306497][ T5410] Memory cgroup out of memory: Killed process 5394 (syz.0.472) total-vm:90260kB, anon-rss:1044kB, file-rss:52992kB, shmem-rss:0kB, UID:0 pgtables:176kB oom_score_adj:1000
[   84.352029][ T5677] vlan2: entered allmulticast mode
[   84.357293][ T5677] veth1: entered allmulticast mode
[   84.397170][ T5674] lo speed is unknown, defaulting to 1000
[   84.453226][ T5679] netlink: 16 bytes leftover after parsing attributes in process `syz.1.548'.
[   84.512289][ T5683] EXT4-fs: inline encryption not supported
[   84.530470][ T5683] EXT4-fs error (device loop2): ext4_orphan_get:1417: comm syz.2.549: bad orphan inode 15
[   84.551612][ T5683] ext4_test_bit(bit=14, block=5) = 0
[   84.568388][ T5683] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   84.692723][ T5683] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[   84.713886][ T5683] netlink: 4 bytes leftover after parsing attributes in process `syz.2.549'.
[   84.744179][ T5695] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=5123 sclass=netlink_xfrm_socket pid=5695 comm=syz.4.552
[   84.787730][ T5699] netlink: 'syz.1.553': attribute type 5 has an invalid length.
[   84.795468][ T5699] netlink: 44 bytes leftover after parsing attributes in process `syz.1.553'.
[   84.947451][ T5683] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000.
[   84.982457][ T3328] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.002664][ T5414] syz.0.472 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[   85.012569][ T5414] CPU: 0 UID: 0 PID: 5414 Comm: syz.0.472 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   85.012609][ T5414] Tainted: [W]=WARN
[   85.012621][ T5414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   85.012633][ T5414] Call Trace:
[   85.012640][ T5414]  <TASK>
[   85.012648][ T5414]  __dump_stack+0x1d/0x30
[   85.012712][ T5414]  dump_stack_lvl+0xe8/0x140
[   85.012742][ T5414]  dump_stack+0x15/0x1b
[   85.012768][ T5414]  dump_header+0x81/0x240
[   85.012793][ T5414]  oom_kill_process+0x295/0x350
[   85.012845][ T5414]  out_of_memory+0x97b/0xb80
[   85.012883][ T5414]  try_charge_memcg+0x610/0xa10
[   85.012921][ T5414]  charge_memcg+0x51/0xc0
[   85.013028][ T5414]  __mem_cgroup_charge+0x28/0xb0
[   85.013069][ T5414]  shmem_get_folio_gfp+0x470/0xd50
[   85.013183][ T5414]  shmem_write_begin+0xfc/0x1f0
[   85.013211][ T5414]  generic_perform_write+0x184/0x490
[   85.013256][ T5414]  shmem_file_write_iter+0xc5/0xf0
[   85.013306][ T5414]  __kernel_write_iter+0x2d6/0x540
[   85.013324][ T5414]  ? __pfx_shmem_file_write_iter+0x10/0x10
[   85.013364][ T5414]  dump_user_range+0x61e/0x8f0
[   85.013405][ T5414]  elf_core_dump+0x1de7/0x1f80
[   85.013465][ T5414]  ? 0xffffffffff600000
[   85.013506][ T5414]  coredump_write+0xacf/0xdf0
[   85.013619][ T5414]  vfs_coredump+0x24f7/0x2e60
[   85.013656][ T5414]  ? __memcg_slab_free_hook+0xbc/0x230
[   85.013742][ T5414]  ? kmem_cache_free+0xe3/0x3a0
[   85.013839][ T5414]  ? proc_coredump_connector+0x114/0x220
[   85.013982][ T5414]  get_signal+0xd84/0xf70
[   85.014017][ T5414]  arch_do_signal_or_restart+0x96/0x450
[   85.014098][ T5414]  irqentry_exit+0xfb/0x560
[   85.014134][ T5414]  asm_exc_page_fault+0x26/0x30
[   85.014160][ T5414] RIP: 0033:0x7f268b8ef751
[   85.014179][ T5414] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[   85.014230][ T5414] RSP: 002b:00000000fffffd10 EFLAGS: 00010217
[   85.014245][ T5414] RAX: 0000000000000000 RBX: 00007f268bb46180 RCX: 00007f268b8ef749
[   85.014256][ T5414] RDX: 0000000000000000 RSI: 00000000fffffd10 RDI: 0000000001000000
[   85.014268][ T5414] RBP: 00007f268b973f91 R08: 0000000000000000 R09: 0000000000000000
[   85.014288][ T5414] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[   85.014301][ T5414] R13: 00007f268bb46218 R14: 00007f268bb46180 R15: 00007ffd5d201c38
[   85.014328][ T5414]  </TASK>
[   85.014349][ T5414] memory: usage 306580kB, limit 307200kB, failcnt 20825
[   85.016652][ T5394] syz.0.472 (5394) used greatest stack depth: 8392 bytes left
[   85.025737][ T5414] memory+swap: usage 430816kB, limit 9007199254740988kB, failcnt 0
[   85.279800][ T5414] kmem: usage 5564kB, limit 9007199254740988kB, failcnt 0
[   85.286958][ T5414] Memory cgroup stats for /syz0:
[   85.616222][ T5724] lo speed is unknown, defaulting to 1000
[   85.631218][ T5726] set_capacity_and_notify: 2 callbacks suppressed
[   85.631234][ T5726] loop2: detected capacity change from 0 to 2048
[   85.656002][ T5414] cache 308723712
[   85.659682][ T5414] rss 118784
[   85.662155][ T5727] loop4: detected capacity change from 0 to 512
[   85.662948][ T5414] shmem 308625408
[   85.673559][ T5414] mapped_file 0
[   85.677035][ T5414] dirty 0
[   85.679991][ T5414] writeback 0
[   85.683339][ T5414] workingset_refault_anon 8
[   85.685432][ T5727] journal_path: Non-blockdev passed as './bus'
[   85.687915][ T5414] workingset_refault_file 977
[   85.687928][ T5414] swap 127979520
[   85.687935][ T5414] swapcached 16384
[   85.687942][ T5414] pgpgin 186072
[   85.694190][ T5727] EXT4-fs: error: could not find journal device path
[   85.698889][ T5414] pgpgout 110665
[   85.721101][ T5414] pgfault 64704
[   85.724783][ T5414] pgmajfault 14
[   85.728333][ T5414] inactive_anon 192671744
[   85.733489][ T5414] active_anon 116088832
[   85.737664][ T5414] inactive_file 12288
[   85.741683][ T5414] active_file 40960
[   85.745499][ T5414] unevictable 0
[   85.749022][ T5414] hierarchical_memory_limit 314572800
[   85.754436][ T5414] hierarchical_memsw_limit 9223372036854771712
[   85.760771][ T5414] total_cache 308723712
[   85.765683][ T5414] total_rss 118784
[   85.769425][ T5414] total_shmem 308625408
[   85.773892][ T5414] total_mapped_file 0
[   85.778078][ T5414] total_dirty 0
[   85.781617][ T5414] total_writeback 0
[   85.785461][ T5414] total_workingset_refault_anon 8
[   85.790485][ T5414] total_workingset_refault_file 977
[   85.796456][ T5414] total_swap 127979520
[   85.800539][ T5414] total_swapcached 16384
[   85.804855][ T5414] total_pgpgin 186072
[   85.808849][ T5414] total_pgpgout 110665
[   85.812959][ T5414] total_pgfault 64704
[   85.816967][ T5414] total_pgmajfault 14
[   85.820957][ T5414] total_inactive_anon 192671744
[   85.826520][ T5414] total_active_anon 116088832
[   85.831264][ T5414] total_inactive_file 12288
[   85.835811][ T5414] total_active_file 40960
[   85.840149][ T5414] total_unevictable 0
[   85.844183][ T5414] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.472,pid=5404,uid=0
[   85.859710][ T5414] Memory cgroup out of memory: Killed process 5404 (syz.0.472) total-vm:90260kB, anon-rss:1044kB, file-rss:53888kB, shmem-rss:0kB, UID:0 pgtables:192kB oom_score_adj:1000
[   85.927885][ T5730] netlink: 'syz.3.564': attribute type 5 has an invalid length.
[   85.943318][ T5433]  loop2: p1 < > p3 p4
[   85.952356][ T5433] loop2: p3 start 458752 is beyond EOD, truncated
[   85.958929][ T5433] loop2: p4 start 268435456 is beyond EOD, truncated
[   85.990964][ T5733] loop1: detected capacity change from 0 to 1024
[   86.006757][ T5733] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   86.025373][ T5726]  loop2: p1 < > p3 p4
[   86.037250][ T5726] loop2: p3 start 458752 is beyond EOD, truncated
[   86.043852][ T5726] loop2: p4 start 268435456 is beyond EOD, truncated
[   86.063552][ T5733] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   86.076154][ T5733] EXT4-fs (loop1): orphan cleanup on readonly fs
[   86.086317][ T5733] EXT4-fs error (device loop1): ext4_free_blocks:6728: comm syz.1.565: Freeing blocks not in datazone - block = 0, count = 4096
[   86.117823][ T5733] EXT4-fs (loop1): 1 orphan inode deleted
[   86.142161][ T3008]  loop2: p1 < > p3 p4
[   86.164628][ T3008] loop2: p3 start 458752 is beyond EOD, truncated
[   86.171139][ T3008] loop2: p4 start 268435456 is beyond EOD, truncated
[   86.182124][ T5733] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   86.281860][ T5733] EXT4-fs error (device loop1): ext4_lookup:1785: inode #15: comm syz.1.565: iget: bad i_size value: 1970324836974602
[   86.302524][ T5733] __nla_validate_parse: 4 callbacks suppressed
[   86.302541][ T5733] netlink: 12 bytes leftover after parsing attributes in process `syz.1.565'.
[   86.322733][ T5747] loop4: detected capacity change from 0 to 128
[   86.385997][ T5747] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[   86.403646][ T3310] udevd[3310]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[   86.405066][ T5747] ext4 filesystem being mounted at /132/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   86.463934][ T5756] netlink: 28 bytes leftover after parsing attributes in process `syz.2.572'.
[   86.482602][ T3310] udevd[3310]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[   86.514844][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.596811][ T5759] loop2: detected capacity change from 0 to 512
[   86.613462][ T5761] netlink: 16 bytes leftover after parsing attributes in process `syz.1.573'.
[   86.645755][ T5759] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   86.658543][ T5759] ext4 filesystem being mounted at /106/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   86.676701][ T5765] tipc: Started in network mode
[   86.681681][ T5765] tipc: Node identity 3a0000000000000002, cluster identity 4711
[   86.713859][ T5767] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'filter'
[   86.734259][ T5767] netlink: 14 bytes leftover after parsing attributes in process `syz.1.576'.
[   86.768123][ T3328] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.783049][ T5767] hsr_slave_0: left promiscuous mode
[   86.800338][ T5767] hsr_slave_1: left promiscuous mode
[   86.869663][ T5770] loop2: detected capacity change from 0 to 512
[   86.876528][ T5770] EXT4-fs: inline encryption not supported
[   86.900288][ T5770] EXT4-fs error (device loop2): ext4_orphan_get:1417: comm syz.2.577: bad orphan inode 15
[   86.910688][ T5770] ext4_test_bit(bit=14, block=5) = 0
[   86.917159][ T5770] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   86.949735][ T5770] netlink: 8 bytes leftover after parsing attributes in process `syz.2.577'.
[   86.993461][ T3328] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.183001][ T5792] netlink: 4 bytes leftover after parsing attributes in process `syz.3.582'.
[   87.192790][ T3326] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   87.216123][ T5796] loop2: detected capacity change from 0 to 512
[   87.236359][ T5798] capability: warning: `syz.4.584' uses deprecated v2 capabilities in a way that may be insecure
[   87.269648][ T5799] netlink: 4 bytes leftover after parsing attributes in process `syz.3.582'.
[   87.313501][ T5796] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   87.332727][ T5805] loop4: detected capacity change from 0 to 512
[   87.367402][ T5805] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   87.388637][ T5796] ext4 filesystem being mounted at /108/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   87.410539][ T5404] syz.0.472 (5404) used greatest stack depth: 8240 bytes left
[   87.441945][ T5805] ext4 filesystem being mounted at /134/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   87.454539][ T5796] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.501781][ T5805] EXT4-fs error (device loop4): ext4_xattr_block_get:597: inode #12: comm syz.4.585: corrupted xattr block 6: invalid header
[   87.522646][ T5809] syzkaller0: entered promiscuous mode
[   87.532821][ T5805] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=12
[   87.539808][ T5810] syzkaller0 (unregistering): left promiscuous mode
[   87.544346][ T5805] EXT4-fs error (device loop4): ext4_xattr_block_get:597: inode #12: comm syz.4.585: corrupted xattr block 6: invalid header
[   87.567514][ T5815] sd 0:0:1:0: device reset
[   87.575932][ T5805] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=12
[   87.593456][ T5805] EXT4-fs error (device loop4): ext4_xattr_block_get:597: inode #12: comm syz.4.585: corrupted xattr block 6: invalid header
[   87.607699][ T5805] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=12
[   87.616833][ T5805] EXT4-fs error (device loop4): ext4_xattr_block_get:597: inode #12: comm syz.4.585: corrupted xattr block 6: invalid header
[   87.641830][ T5805] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=12
[   87.656105][   T29] kauditd_printk_skb: 258 callbacks suppressed
[   87.656147][   T29] audit: type=1400 audit(1765838636.356:4020): avc:  denied  { add_name } for  pid=5804 comm="syz.4.585" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   87.656100][ T5805] EXT4-fs error (device loop4): ext4_xattr_block_get:597: inode #12: comm syz.4.585: corrupted xattr block 6: invalid header
[   87.706437][ T5805] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=12
[   87.720672][   T29] audit: type=1400 audit(1765838636.416:4021): avc:  denied  { create } for  pid=5804 comm="syz.4.585" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=sock_file permissive=1
[   87.721110][ T5805] EXT4-fs error (device loop4): ext4_xattr_block_get:597: inode #12: comm syz.4.585: corrupted xattr block 6: invalid header
[   87.867416][ T3326] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.982429][   T29] audit: type=1326 audit(1765838636.686:4022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5834 comm="syz.3.591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa108e7f749 code=0x7ffc0000
[   88.008005][   T29] audit: type=1326 audit(1765838636.716:4023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5834 comm="syz.3.591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa108e7f749 code=0x7ffc0000
[   88.031520][   T29] audit: type=1326 audit(1765838636.716:4024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5834 comm="syz.3.591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa108e7f749 code=0x7ffc0000
[   88.054932][   T29] audit: type=1326 audit(1765838636.716:4025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5834 comm="syz.3.591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa108e7f749 code=0x7ffc0000
[   88.078381][   T29] audit: type=1326 audit(1765838636.716:4026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5834 comm="syz.3.591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa108e7f749 code=0x7ffc0000
[   88.101847][   T29] audit: type=1326 audit(1765838636.716:4027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5834 comm="syz.3.591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa108e7f749 code=0x7ffc0000
[   88.121822][ T5829] loop4: detected capacity change from 0 to 8192
[   88.125716][   T29] audit: type=1326 audit(1765838636.716:4028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5834 comm="syz.3.591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fa108e7f749 code=0x7ffc0000
[   88.155211][   T29] audit: type=1326 audit(1765838636.716:4029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5834 comm="syz.3.591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa108e7f749 code=0x7ffc0000
[   88.288246][ T5843] lo speed is unknown, defaulting to 1000
[   88.458862][ T5846] loop2: detected capacity change from 0 to 512
[   88.473106][ T5854] pimreg: entered allmulticast mode
[   88.493748][ T5853] netlink: 3 bytes leftover after parsing attributes in process `syz.3.596'.
[   88.503801][ T5846] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   88.537639][ T5846] EXT4-fs (loop2): orphan cleanup on readonly fs
[   88.616698][ T5853] 0ªX¹¦À: renamed from caif0
[   88.685935][ T5846] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #16: comm syz.2.595: corrupted inode contents
[   88.699489][ T5846] EXT4-fs (loop2): Remounting filesystem read-only
[   88.706291][ T5846] EXT4-fs (loop2): 1 truncate cleaned up
[   88.712166][   T12] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   88.723349][   T12] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   88.743724][ T5853] 0ªX¹¦À: entered allmulticast mode
[   88.748982][ T5853] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[   88.785850][   T12] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[   88.814815][ T5846] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   89.136317][ T5848] pimreg: left allmulticast mode
[   89.175495][ T3328] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.215414][ T5870] futex_wake_op: syz.2.600 tries to shift op by 144; fix this program
[   89.265472][ T5849] syz.1.594 (5849) used greatest stack depth: 7968 bytes left
[   89.268556][ T5871] netlink: 36 bytes leftover after parsing attributes in process `syz.2.600'.
[   89.285862][ T5871] netlink: 28 bytes leftover after parsing attributes in process `syz.2.600'.
[   89.430885][ T5881] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5881 comm=syz.3.604
[   89.443766][ T5880] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5880 comm=syz.3.604
[   89.967960][ T5405] syz.0.472 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[   89.978470][ T5405] CPU: 0 UID: 0 PID: 5405 Comm: syz.0.472 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   89.978567][ T5405] Tainted: [W]=WARN
[   89.978582][ T5405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   89.978598][ T5405] Call Trace:
[   89.978606][ T5405]  <TASK>
[   89.978616][ T5405]  __dump_stack+0x1d/0x30
[   89.978646][ T5405]  dump_stack_lvl+0xe8/0x140
[   89.978749][ T5405]  dump_stack+0x15/0x1b
[   89.978767][ T5405]  dump_header+0x81/0x240
[   89.978848][ T5405]  oom_kill_process+0x295/0x350
[   89.978877][ T5405]  out_of_memory+0x97b/0xb80
[   89.978920][ T5405]  try_charge_memcg+0x610/0xa10
[   89.978949][ T5405]  charge_memcg+0x51/0xc0
[   89.979044][ T5405]  __mem_cgroup_charge+0x28/0xb0
[   89.979084][ T5405]  shmem_get_folio_gfp+0x470/0xd50
[   89.979129][ T5405]  shmem_write_begin+0xfc/0x1f0
[   89.979186][ T5405]  generic_perform_write+0x184/0x490
[   89.979240][ T5405]  shmem_file_write_iter+0xc5/0xf0
[   89.979278][ T5405]  __kernel_write_iter+0x2d6/0x540
[   89.979297][ T5405]  ? __pfx_shmem_file_write_iter+0x10/0x10
[   89.979358][ T5405]  dump_user_range+0x61e/0x8f0
[   89.979401][ T5405]  elf_core_dump+0x1de7/0x1f80
[   89.979440][ T5405]  ? 0xffffffffff600000
[   89.979480][ T5405]  coredump_write+0xacf/0xdf0
[   89.979578][ T5405]  vfs_coredump+0x24f7/0x2e60
[   89.979659][ T5405]  ? __memcg_slab_free_hook+0xbc/0x230
[   89.979808][ T5405]  ? kmem_cache_free+0xe3/0x3a0
[   89.979910][ T5405]  ? proc_coredump_connector+0x114/0x220
[   89.979985][ T5405]  get_signal+0xd84/0xf70
[   89.980038][ T5405]  arch_do_signal_or_restart+0x96/0x450
[   89.980079][ T5405]  irqentry_exit+0xfb/0x560
[   89.980188][ T5405]  asm_exc_page_fault+0x26/0x30
[   89.980223][ T5405] RIP: 0033:0x7f268b8ef751
[   89.980242][ T5405] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[   89.980266][ T5405] RSP: 002b:00000000fffffd10 EFLAGS: 00010217
[   89.980351][ T5405] RAX: 0000000000000000 RBX: 00007f268bb46180 RCX: 00007f268b8ef749
[   89.980364][ T5405] RDX: 0000000000000000 RSI: 00000000fffffd10 RDI: 0000000001000000
[   89.980376][ T5405] RBP: 00007f268b973f91 R08: 0000000000000000 R09: 0000000000000000
[   89.980387][ T5405] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[   89.980403][ T5405] R13: 00007f268bb46218 R14: 00007f268bb46180 R15: 00007ffd5d201c38
[   89.980430][ T5405]  </TASK>
[   89.980439][ T5405] memory: usage 307200kB, limit 307200kB, failcnt 23382
[   90.228272][ T5405] memory+swap: usage 432196kB, limit 9007199254740988kB, failcnt 0
[   90.236226][ T5405] kmem: usage 5372kB, limit 9007199254740988kB, failcnt 0
[   90.243433][ T5405] Memory cgroup stats for /syz0:
[   90.345687][ T5939] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[   90.384580][ T5939] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1137: updating to rev 1 because of new feature flag, running e2fsck is recommended
[   90.427874][ T5939] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.619: bg 0: block 248: padding at end of block bitmap is not set
[   90.443318][ T5405] cache 308965376
[   90.446989][ T5405] rss 49152
[   90.450149][ T5405] shmem 308940800
[   90.453844][ T5405] mapped_file 0
[   90.457308][ T5405] dirty 0
[   90.458217][ T5948] EXT4-fs (loop4): can't mount with journal_async_commit, fs mounted w/o journal
[   90.460336][ T5405] writeback 0
[   90.460346][ T5405] workingset_refault_anon 8
[   90.460356][ T5405] workingset_refault_file 2434
[   90.482074][ T5405] swap 127995904
[   90.485627][ T5405] swapcached 0
[   90.489018][ T5405] pgpgin 196380
[   90.492564][ T5405] pgpgout 120935
[   90.496160][ T5405] pgfault 65285
[   90.499628][ T5405] pgmajfault 29
[   90.503164][ T5405] inactive_anon 269586432
[   90.507528][ T5405] active_anon 39403520
[   90.511662][ T5405] inactive_file 28672
[   90.512655][ T5939] EXT4-fs error (device loop2): ext4_acquire_dquot:6986: comm syz.2.619: Failed to acquire dquot type 1
[   90.515644][ T5405] active_file 0
[   90.515654][ T5405] unevictable 0
[   90.515661][ T5405] hierarchical_memory_limit 314572800
[   90.515672][ T5405] hierarchical_memsw_limit 9223372036854771712
[   90.545320][ T5405] total_cache 308965376
[   90.549544][ T5405] total_rss 49152
[   90.553283][ T5405] total_shmem 308940800
[   90.557447][ T5405] total_mapped_file 0
[   90.561441][ T5405] total_dirty 0
[   90.562737][ T5939] EXT4-fs (loop2): 1 truncate cleaned up
[   90.564997][ T5405] total_writeback 0
[   90.574473][ T5405] total_workingset_refault_anon 8
[   90.579492][ T5405] total_workingset_refault_file 2434
[   90.584812][ T5405] total_swap 127995904
[   90.587055][ T5939] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback.
[   90.588969][ T5405] total_swapcached 0
[   90.605389][ T5405] total_pgpgin 196380
[   90.609390][ T5405] total_pgpgout 120935
[   90.613513][ T5405] total_pgfault 65285
[   90.617492][ T5405] total_pgmajfault 29
[   90.621514][ T5405] total_inactive_anon 269586432
[   90.626396][ T5405] total_active_anon 39403520
[   90.631027][ T5405] total_inactive_file 28672
[   90.635644][ T5405] total_active_file 0
[   90.639631][ T5405] total_unevictable 0
[   90.643825][ T5405] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.472,pid=5400,uid=0
[   90.658602][ T5405] Memory cgroup out of memory: Killed process 5400 (syz.0.472) total-vm:90260kB, anon-rss:1116kB, file-rss:53960kB, shmem-rss:0kB, UID:0 pgtables:192kB oom_score_adj:1000
[   90.800034][ T3328] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0008-000000000000.
[   90.858790][ T5963] set_capacity_and_notify: 2 callbacks suppressed
[   90.858806][ T5963] loop2: detected capacity change from 0 to 164
[   90.901091][ T5966] netdevsim netdevsim3 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   90.910957][ T5966] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.920145][ T5963] iso9660: Bad value for 'check'
[   90.925311][ T5968] loop1: detected capacity change from 0 to 512
[   90.932350][ T5968] EXT4-fs: inline encryption not supported
[   90.944663][ T5968] EXT4-fs error (device loop1): ext4_orphan_get:1417: comm syz.1.627: bad orphan inode 15
[   90.983284][ T5963] loop2: detected capacity change from 0 to 128
[   90.994360][ T5966] netdevsim netdevsim3 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   91.004216][ T5966] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.014875][ T5963] /dev/loop2: Can't open blockdev
[   91.021057][ T5968] ext4_test_bit(bit=14, block=5) = 0
[   91.047821][ T5968] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   91.062887][ T5966] netdevsim netdevsim3 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   91.072826][ T5966] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.119569][ T5968] FAULT_INJECTION: forcing a failure.
[   91.119569][ T5968] name failslab, interval 1, probability 0, space 0, times 0
[   91.132409][ T5968] CPU: 1 UID: 0 PID: 5968 Comm: syz.1.627 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   91.132446][ T5968] Tainted: [W]=WARN
[   91.132454][ T5968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   91.132508][ T5968] Call Trace:
[   91.132515][ T5968]  <TASK>
[   91.132523][ T5968]  __dump_stack+0x1d/0x30
[   91.132550][ T5968]  dump_stack_lvl+0xe8/0x140
[   91.132615][ T5968]  dump_stack+0x15/0x1b
[   91.132635][ T5968]  should_fail_ex+0x265/0x280
[   91.132658][ T5968]  should_failslab+0x8c/0xb0
[   91.132682][ T5968]  __kmalloc_cache_noprof+0x65/0x4c0
[   91.132755][ T5968]  ? __se_sys_mount+0xef/0x2e0
[   91.132778][ T5968]  ? memdup_user+0x99/0xd0
[   91.132801][ T5968]  __se_sys_mount+0xef/0x2e0
[   91.132906][ T5968]  __x64_sys_mount+0x67/0x80
[   91.132929][ T5968]  x64_sys_call+0x2cca/0x3000
[   91.132957][ T5968]  do_syscall_64+0xd8/0x2c0
[   91.133094][ T5968]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.133121][ T5968] RIP: 0033:0x7fd981a20eea
[   91.133153][ T5968] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   91.133174][ T5968] RSP: 002b:00007fd980486e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   91.133196][ T5968] RAX: ffffffffffffffda RBX: 00007fd980486ef0 RCX: 00007fd981a20eea
[   91.133289][ T5968] RDX: 0000200000000f40 RSI: 0000200000000f00 RDI: 0000000000000000
[   91.133304][ T5968] RBP: 0000200000000f40 R08: 00007fd980486ef0 R09: 0000000001aca421
[   91.133319][ T5968] R10: 0000000001aca421 R11: 0000000000000246 R12: 0000200000000f00
[   91.133334][ T5968] R13: 00007fd980486eb0 R14: 0000000000000000 R15: 00002000000008c0
[   91.133361][ T5968]  </TASK>
[   91.136539][ T5966] netdevsim netdevsim3 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   91.315093][ T5966] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.354073][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   91.418380][ T4941] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[   91.425711][ T5978] loop1: detected capacity change from 0 to 128
[   91.427478][ T4941] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   91.472991][ T4941] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[   91.481223][ T4941] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   91.525064][ T5979] bio_check_eod: 43 callbacks suppressed
[   91.525083][ T5979] syz.1.629: attempt to access beyond end of device
[   91.525083][ T5979] loop1: rw=2049, sector=145, nr_sectors = 8 limit=128
[   91.533005][ T4941] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[   91.553353][ T4941] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   91.553411][ T5979] syz.1.629: attempt to access beyond end of device
[   91.553411][ T5979] loop1: rw=2049, sector=161, nr_sectors = 8 limit=128
[   91.623188][ T4941] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[   91.631585][ T4941] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   91.635287][ T5979] syz.1.629: attempt to access beyond end of device
[   91.635287][ T5979] loop1: rw=2049, sector=177, nr_sectors = 8 limit=128
[   91.673190][ T5979] syz.1.629: attempt to access beyond end of device
[   91.673190][ T5979] loop1: rw=2049, sector=193, nr_sectors = 8 limit=128
[   91.705312][ T5979] syz.1.629: attempt to access beyond end of device
[   91.705312][ T5979] loop1: rw=2049, sector=209, nr_sectors = 8 limit=128
[   91.742004][ T5985] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd
[   91.783511][ T5985] netlink: 'syz.4.633': attribute type 6 has an invalid length.
[   91.784074][ T5979] syz.1.629: attempt to access beyond end of device
[   91.784074][ T5979] loop1: rw=2049, sector=225, nr_sectors = 8 limit=128
[   91.835833][ T6000] veth2: entered promiscuous mode
[   91.841040][ T6000] veth2: entered allmulticast mode
[   91.846462][ T5979] syz.1.629: attempt to access beyond end of device
[   91.846462][ T5979] loop1: rw=2049, sector=241, nr_sectors = 8 limit=128
[   91.846513][ T5979] syz.1.629: attempt to access beyond end of device
[   91.846513][ T5979] loop1: rw=2049, sector=257, nr_sectors = 8 limit=128
[   91.846599][ T5979] syz.1.629: attempt to access beyond end of device
[   91.846599][ T5979] loop1: rw=2049, sector=273, nr_sectors = 8 limit=128
[   91.846696][ T5979] syz.1.629: attempt to access beyond end of device
[   91.846696][ T5979] loop1: rw=2049, sector=289, nr_sectors = 8 limit=128
[   91.883790][ T5991] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   91.924785][ T5991] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   92.022251][ T3310] udevd[3310]: symlink '../../loop1' '/dev/disk/by-diskseq/359.tmp-b7:1' failed: Read-only file system
[   92.026194][ T6014] loop1: detected capacity change from 0 to 1024
[   92.050671][ T6014] EXT4-fs: Ignoring removed nomblk_io_submit option
[   92.055576][ T6012] __nla_validate_parse: 8 callbacks suppressed
[   92.055594][ T6012] netlink: 4 bytes leftover after parsing attributes in process `syz.3.639'.
[   92.096019][ T6016] netlink: 108 bytes leftover after parsing attributes in process `syz.4.641'.
[   92.107465][ T3310] udevd[3310]: symlink '../../loop1' '/dev/disk/by-diskseq/360.tmp-b7:1' failed: Read-only file system
[   92.120278][ T6014] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   92.130050][ T3310] udevd[3310]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system
[   92.160564][ T3310] udevd[3310]: symlink '../../loop1' '/dev/disk/by-diskseq/360.tmp-b7:1' failed: Read-only file system
[   92.178243][ T3310] udevd[3310]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system
[   92.643797][ T6026] loop2: detected capacity change from 0 to 512
[   92.663909][   T29] kauditd_printk_skb: 666 callbacks suppressed
[   92.663922][   T29] audit: type=1326 audit(1765838641.366:4688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6011 comm="syz.3.639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fa108eb2005 code=0x7ffc0000
[   92.759335][ T3310] udevd[3310]: symlink '../../loop2' '/dev/disk/by-diskseq/361.tmp-b7:2' failed: Read-only file system
[   92.842829][   T29] audit: type=1326 audit(1765838641.396:4689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6011 comm="syz.3.639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fa108eb2005 code=0x7ffc0000
[   92.867008][   T29] audit: type=1326 audit(1765838641.396:4690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6011 comm="syz.3.639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fa108eb2005 code=0x7ffc0000
[   92.890494][   T29] audit: type=1326 audit(1765838641.406:4691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6011 comm="syz.3.639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fa108eb2005 code=0x7ffc0000
[   92.893408][ T3310] udevd[3310]: symlink '../../loop2' '/dev/disk/by-label/syzkaller.tmp-b7:2' failed: Read-only file system
[   92.914696][   T29] audit: type=1326 audit(1765838641.406:4692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6011 comm="syz.3.639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fa108eb2005 code=0x7ffc0000
[   92.949487][   T29] audit: type=1326 audit(1765838641.406:4693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6011 comm="syz.3.639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fa108eb2005 code=0x7ffc0000
[   92.973551][   T29] audit: type=1326 audit(1765838641.406:4694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6011 comm="syz.3.639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fa108eb2005 code=0x7ffc0000
[   92.996973][   T29] audit: type=1326 audit(1765838641.406:4695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6011 comm="syz.3.639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fa108eb2005 code=0x7ffc0000
[   93.021220][   T29] audit: type=1326 audit(1765838641.406:4696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6011 comm="syz.3.639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fa108eb2005 code=0x7ffc0000
[   93.045491][   T29] audit: type=1326 audit(1765838641.416:4697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6011 comm="syz.3.639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fa108eb2005 code=0x7ffc0000
[   93.093076][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   93.161283][ T6026] EXT4-fs warning (device loop2): ext4_enable_quotas:7221: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   93.191800][ T6026] EXT4-fs (loop2): mount failed
[   93.225319][ T5433] udevd[5433]: symlink '../../loop2' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system
[   93.226418][ T5433] udevd[5433]: symlink '../../loop1' '/dev/disk/by-diskseq/360.tmp-b7:1' failed: Read-only file system
[   93.259928][ T5433] udevd[5433]: symlink '../../loop2' '/dev/disk/by-diskseq/361.tmp-b7:2' failed: Read-only file system
[   93.284597][ T6035] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[   93.284681][ T6035] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[   93.336732][ T6040] netlink: 24 bytes leftover after parsing attributes in process `syz.2.647'.
[   93.372303][ T6042] loop2: detected capacity change from 0 to 128
[   93.462766][ T1629] Bluetooth: hci0: Frame reassembly failed (-84)
[   93.480106][ T6050] netlink: 52 bytes leftover after parsing attributes in process `syz.1.651'.
[   93.491246][ T6050] netlink: 52 bytes leftover after parsing attributes in process `syz.1.651'.
[   93.501317][ T6050] netlink: 52 bytes leftover after parsing attributes in process `syz.1.651'.
[   93.510619][ T6050] netlink: 52 bytes leftover after parsing attributes in process `syz.1.651'.
[   93.523941][ T6050] netlink: 52 bytes leftover after parsing attributes in process `syz.1.651'.
[   93.533216][ T6050] netlink: 52 bytes leftover after parsing attributes in process `syz.1.651'.
[   93.542749][ T6050] netlink: 52 bytes leftover after parsing attributes in process `syz.1.651'.
[   93.746588][ T6062] lo speed is unknown, defaulting to 1000
[   93.804953][ T6066] loop2: detected capacity change from 0 to 512
[   93.834560][ T6066] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[   94.067481][ T6073] loop1: detected capacity change from 0 to 512
[   94.082568][ T6073] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   94.162711][ T6073] EXT4-fs (loop1): 1 truncate cleaned up
[   94.168990][ T6073] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   94.372710][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   94.486104][ T6082] netlink: 'syz.2.659': attribute type 1 has an invalid length.
[   94.659803][ T6091] loop2: detected capacity change from 0 to 512
[   94.714136][ T6091] ext4: Bad value for 'init_itable'
[   95.107341][ T6100] EXT4-fs: inline encryption not supported
[   95.128144][ T6100] EXT4-fs error (device loop2): ext4_orphan_get:1417: comm syz.2.663: bad orphan inode 15
[   95.162207][ T6100] ext4_test_bit(bit=14, block=5) = 0
[   95.168038][ T6100] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   95.201990][ T6100] FAULT_INJECTION: forcing a failure.
[   95.201990][ T6100] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   95.215122][ T6100] CPU: 1 UID: 0 PID: 6100 Comm: syz.2.663 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   95.215167][ T6100] Tainted: [W]=WARN
[   95.215176][ T6100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   95.215192][ T6100] Call Trace:
[   95.215197][ T6100]  <TASK>
[   95.215204][ T6100]  __dump_stack+0x1d/0x30
[   95.215227][ T6100]  dump_stack_lvl+0xe8/0x140
[   95.215271][ T6100]  dump_stack+0x15/0x1b
[   95.215301][ T6100]  should_fail_ex+0x265/0x280
[   95.215329][ T6100]  should_fail+0xb/0x20
[   95.215347][ T6100]  should_fail_usercopy+0x1a/0x20
[   95.215370][ T6100]  strncpy_from_user+0x27/0x260
[   95.215472][ T6100]  getname_flags+0xae/0x3b0
[   95.215496][ T6100]  user_path_at+0x28/0x130
[   95.215526][ T6100]  __se_sys_mount+0x25b/0x2e0
[   95.215558][ T6100]  __x64_sys_mount+0x67/0x80
[   95.215614][ T6100]  x64_sys_call+0x2cca/0x3000
[   95.215640][ T6100]  do_syscall_64+0xd8/0x2c0
[   95.215683][ T6100]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.215710][ T6100] RIP: 0033:0x7f8367430eea
[   95.215776][ T6100] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   95.215795][ T6100] RSP: 002b:00007f8365e96e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   95.215815][ T6100] RAX: ffffffffffffffda RBX: 00007f8365e96ef0 RCX: 00007f8367430eea
[   95.215827][ T6100] RDX: 0000200000000f40 RSI: 0000200000000f00 RDI: 0000000000000000
[   95.215840][ T6100] RBP: 0000200000000f40 R08: 00007f8365e96ef0 R09: 0000000001aca421
[   95.215851][ T6100] R10: 0000000001aca421 R11: 0000000000000246 R12: 0000200000000f00
[   95.215894][ T6100] R13: 00007f8365e96eb0 R14: 0000000000000000 R15: 00002000000008c0
[   95.215975][ T6100]  </TASK>
[   95.428063][ T6103] EXT4-fs: dax option not supported
[   95.470449][ T3328] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   95.480784][ T5399] syz.0.472 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[   95.490759][ T5399] CPU: 1 UID: 0 PID: 5399 Comm: syz.0.472 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   95.490805][ T5399] Tainted: [W]=WARN
[   95.490814][ T5399] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   95.490831][ T5399] Call Trace:
[   95.490838][ T5399]  <TASK>
[   95.490883][ T5399]  __dump_stack+0x1d/0x30
[   95.490922][ T5399]  dump_stack_lvl+0xe8/0x140
[   95.490952][ T5399]  dump_stack+0x15/0x1b
[   95.490978][ T5399]  dump_header+0x81/0x240
[   95.491001][ T5399]  oom_kill_process+0x295/0x350
[   95.491027][ T5399]  out_of_memory+0x97b/0xb80
[   95.491059][ T5399]  try_charge_memcg+0x610/0xa10
[   95.491097][ T5399]  charge_memcg+0x51/0xc0
[   95.491138][ T5399]  __mem_cgroup_charge+0x28/0xb0
[   95.491257][ T5399]  shmem_get_folio_gfp+0x470/0xd50
[   95.491328][ T5399]  shmem_write_begin+0xfc/0x1f0
[   95.491355][ T5399]  generic_perform_write+0x184/0x490
[   95.491400][ T5399]  shmem_file_write_iter+0xc5/0xf0
[   95.491479][ T5399]  __kernel_write_iter+0x2d6/0x540
[   95.491504][ T5399]  ? __pfx_shmem_file_write_iter+0x10/0x10
[   95.491556][ T5399]  dump_user_range+0x61e/0x8f0
[   95.491595][ T5399]  elf_core_dump+0x1de7/0x1f80
[   95.491656][ T5399]  ? 0xffffffffff600000
[   95.491768][ T5399]  coredump_write+0xacf/0xdf0
[   95.491804][ T5399]  vfs_coredump+0x24f7/0x2e60
[   95.491941][ T5399]  ? __memcg_slab_free_hook+0xbc/0x230
[   95.491976][ T5399]  ? kmem_cache_free+0xe3/0x3a0
[   95.492070][ T5399]  ? proc_coredump_connector+0x114/0x220
[   95.492121][ T5399]  get_signal+0xd84/0xf70
[   95.492162][ T5399]  arch_do_signal_or_restart+0x96/0x450
[   95.492201][ T5399]  irqentry_exit+0xfb/0x560
[   95.492297][ T5399]  asm_exc_page_fault+0x26/0x30
[   95.492323][ T5399] RIP: 0033:0x7f268b8ef751
[   95.492343][ T5399] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[   95.492423][ T5399] RSP: 002b:00000000fffffd10 EFLAGS: 00010217
[   95.492443][ T5399] RAX: 0000000000000000 RBX: 00007f268bb46180 RCX: 00007f268b8ef749
[   95.492460][ T5399] RDX: 0000000000000000 RSI: 00000000fffffd10 RDI: 0000000001000000
[   95.492476][ T5399] RBP: 00007f268b973f91 R08: 0000000000000000 R09: 0000000000000000
[   95.492492][ T5399] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[   95.492531][ T5399] R13: 00007f268bb46218 R14: 00007f268bb46180 R15: 00007ffd5d201c38
[   95.492552][ T5399]  </TASK>
[   95.727366][ T5399] memory: usage 307196kB, limit 307200kB, failcnt 24881
[   95.729396][   T44] Bluetooth: hci0: command 0x1003 tx timeout
[   95.734381][ T5399] memory+swap: usage 432140kB, limit 9007199254740988kB, failcnt 0
[   95.734399][ T5399] kmem: usage 5588kB, limit 9007199254740988kB, failcnt 0
[   95.734494][ T5399] Memory cgroup stats for /syz0:
[   95.740365][ T3529] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   95.828416][ T5399] cache 308559872
[   95.832307][ T5399] rss 262144
[   95.835580][ T5399] shmem 308543488
[   95.839217][ T5399] mapped_file 0
[   95.842792][ T5399] dirty 0
[   95.845737][ T5399] writeback 20480
[   95.849384][ T5399] workingset_refault_anon 39
[   95.854114][ T5399] workingset_refault_file 4042
[   95.858882][ T5399] swap 127942656
[   95.862467][ T5399] swapcached 53248
[   95.866189][ T5399] pgpgin 206882
[   95.869658][ T5399] pgpgout 131479
[   95.873251][ T5399] pgfault 65881
[   95.876772][ T5399] pgmajfault 71
[   95.880279][ T5399] inactive_anon 82481152
[   95.884580][ T5399] active_anon 226082816
[   95.888743][ T5399] inactive_file 0
[   95.892419][ T5399] active_file 24576
[   95.896231][ T5399] unevictable 0
[   95.899701][ T5399] hierarchical_memory_limit 314572800
[   95.905229][ T5399] hierarchical_memsw_limit 9223372036854771712
[   95.911386][ T5399] total_cache 308559872
[   95.915663][ T5399] total_rss 262144
[   95.919392][ T5399] total_shmem 308543488
[   95.923579][ T5399] total_mapped_file 0
[   95.927563][ T5399] total_dirty 0
[   95.931039][ T5399] total_writeback 20480
[   95.935257][ T5399] total_workingset_refault_anon 39
[   95.940375][ T5399] total_workingset_refault_file 4042
[   95.945697][ T5399] total_swap 127942656
[   95.949766][ T5399] total_swapcached 53248
[   95.954057][ T5399] total_pgpgin 206882
[   95.958042][ T5399] total_pgpgout 131479
[   95.962184][ T5399] total_pgfault 65881
[   95.966185][ T5399] total_pgmajfault 71
[   95.970169][ T5399] total_inactive_anon 82481152
[   95.974962][ T5399] total_active_anon 226082816
[   95.979639][ T5399] total_inactive_file 0
[   95.983857][ T5399] total_active_file 24576
[   95.988206][ T5399] total_unevictable 0
[   95.992246][ T5399] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.472,pid=5422,uid=0
[   95.996372][ T6119] set_capacity_and_notify: 4 callbacks suppressed
[   95.996392][ T6119] loop2: detected capacity change from 0 to 512
[   96.006806][ T5399] Memory cgroup out of memory: Killed process 5422 (syz.0.472) total-vm:90260kB, anon-rss:1172kB, file-rss:54320kB, shmem-rss:0kB, UID:0 pgtables:200kB oom_score_adj:1000
[   96.061415][ T3008] Alternate GPT is invalid, using primary GPT.
[   96.068673][ T3008]  loop4: p2 p3 p7
[   96.082512][ T6119] EXT4-fs warning (device loop2): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   96.094037][ T6119] EXT4-fs warning (device loop2): dx_probe:849: Enable large directory feature to access it
[   96.104275][ T6119] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.668: Corrupt directory, running e2fsck is recommended
[   96.130955][ T6108] Alternate GPT is invalid, using primary GPT.
[   96.137431][ T6108]  loop4: p2 p3 p7
[   96.159837][ T6119] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2
[   96.175790][ T3008] Alternate GPT is invalid, using primary GPT.
[   96.182895][ T3008]  loop4: p2 p3 p7
[   96.223514][ T6119] EXT4-fs error (device loop2): ext4_iget_extra_inode:5073: inode #15: comm syz.2.668: corrupted in-inode xattr: invalid ea_ino
[   96.273766][ T6130] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6130 comm=syz.3.671
[   96.286874][ T6130] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=6130 comm=syz.3.671
[   96.299762][ T6119] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.668: couldn't read orphan inode 15 (err -117)
[   96.344667][ T6119] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   96.408408][ T6136] lo speed is unknown, defaulting to 1000
[   96.416107][ T6138] loop1: detected capacity change from 0 to 2048
[   96.445330][ T6141] loop4: detected capacity change from 0 to 512
[   96.452891][ T6141] EXT4-fs: Ignoring removed nobh option
[   96.460244][ T6141] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -13
[   96.519388][ T6117] EXT4-fs warning (device loop2): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   96.530971][ T6117] EXT4-fs warning (device loop2): dx_probe:849: Enable large directory feature to access it
[   96.541151][ T6117] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.668: Corrupt directory, running e2fsck is recommended
[   96.557057][ T6141] EXT4-fs error (device loop4): ext4_clear_blocks:876: inode #13: comm syz.4.674: attempt to clear invalid blocks 1 len 1
[   96.583541][ T6138] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   96.596295][ T6141] EXT4-fs (loop4): Remounting filesystem read-only
[   96.603168][ T6117] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 3: comm syz.2.668: path /129/file0: bad entry in directory: directory entry overrun - offset=0, inode=4294967295, rec_len=65552, size=1024 fake=0
[   96.659433][ T6141] EXT4-fs (loop4): 1 truncate cleaned up
[   96.687137][ T6141] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   96.753223][ T3328] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.777945][ T3326] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.807772][  T289] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[   96.847308][  T289] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[   96.859606][  T289] EXT4-fs (loop1): This should not happen!! Data will be lost
[   96.859606][  T289] 
[   96.869327][  T289] EXT4-fs (loop1): Total free blocks count 0
[   96.875463][  T289] EXT4-fs (loop1): Free/Dirty block details
[   96.881363][  T289] EXT4-fs (loop1): free_blocks=2415919504
[   96.887257][  T289] EXT4-fs (loop1): dirty_blocks=32
[   96.892511][  T289] EXT4-fs (loop1): Block reservation details
[   96.898512][  T289] EXT4-fs (loop1): i_reserved_data_blocks=2
[   96.914911][ T6151] bond0 (unregistering): Released all slaves
[   96.924334][   T12] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 65537 with max blocks 1 with error 28
[   97.032149][ T6163] syzkaller0: entered promiscuous mode
[   97.037707][ T6163] syzkaller0: entered allmulticast mode
[   98.113421][   T29] kauditd_printk_skb: 239 callbacks suppressed
[   98.113442][   T29] audit: type=1326 audit(1765838645.876:4936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6173 comm="syz.4.682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f69690e65e7 code=0x7ffc0000
[   98.142937][   T29] audit: type=1326 audit(1765838645.876:4937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6173 comm="syz.4.682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f696908b829 code=0x7ffc0000
[   98.166331][   T29] audit: type=1326 audit(1765838645.876:4938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6173 comm="syz.4.682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69690ef749 code=0x7ffc0000
[   98.189779][   T29] audit: type=1326 audit(1765838645.876:4939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6173 comm="syz.4.682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f69690e65e7 code=0x7ffc0000
[   98.206163][ T6160] lo speed is unknown, defaulting to 1000
[   98.213093][   T29] audit: type=1326 audit(1765838645.876:4940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6173 comm="syz.4.682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f696908b829 code=0x7ffc0000
[   98.213249][   T29] audit: type=1326 audit(1765838645.876:4941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6173 comm="syz.4.682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f69690ef749 code=0x7ffc0000
[   98.213279][   T29] audit: type=1326 audit(1765838645.876:4942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6173 comm="syz.4.682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f69690e65e7 code=0x7ffc0000
[   98.213311][   T29] audit: type=1326 audit(1765838645.876:4943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6173 comm="syz.4.682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f696908b829 code=0x7ffc0000
[   98.213346][   T29] audit: type=1326 audit(1765838645.876:4944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6173 comm="syz.4.682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69690ef749 code=0x7ffc0000
[   98.213380][   T29] audit: type=1326 audit(1765838645.876:4945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6173 comm="syz.4.682" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f69690e65e7 code=0x7ffc0000
[   98.395268][ T6169] lo speed is unknown, defaulting to 1000
[   98.402483][ T6169] lo speed is unknown, defaulting to 1000
[   98.425132][ T6169] lo speed is unknown, defaulting to 1000
[   98.431456][ T6169] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   98.439143][ T6169] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[   98.449442][ T6169] lo speed is unknown, defaulting to 1000
[   98.451337][   T30] oom_reaper: reaped process 5422 (syz.0.472), now anon-rss:20kB, file-rss:37876kB, shmem-rss:0kB
[   98.455834][ T6169] lo speed is unknown, defaulting to 1000
[   98.472071][ T6169] lo speed is unknown, defaulting to 1000
[   98.478110][ T3310] printk: udevd: 115 output lines suppressed due to ratelimiting
[   98.478188][ T6169] lo speed is unknown, defaulting to 1000
[   98.518435][ T5427] syz.0.472 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[   98.528321][ T5427] CPU: 1 UID: 0 PID: 5427 Comm: syz.0.472 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   98.528355][ T5427] Tainted: [W]=WARN
[   98.528361][ T5427] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   98.528448][ T5427] Call Trace:
[   98.528454][ T5427]  <TASK>
[   98.528461][ T5427]  __dump_stack+0x1d/0x30
[   98.528540][ T5427]  dump_stack_lvl+0xe8/0x140
[   98.528594][ T5427]  dump_stack+0x15/0x1b
[   98.528624][ T5427]  dump_header+0x81/0x240
[   98.528710][ T5427]  oom_kill_process+0x295/0x350
[   98.528797][ T5427]  out_of_memory+0x97b/0xb80
[   98.528827][ T5427]  try_charge_memcg+0x610/0xa10
[   98.528857][ T5427]  charge_memcg+0x51/0xc0
[   98.529001][ T5427]  __mem_cgroup_charge+0x28/0xb0
[   98.529136][ T5427]  shmem_get_folio_gfp+0x470/0xd50
[   98.529217][ T5427]  shmem_write_begin+0xfc/0x1f0
[   98.529249][ T5427]  generic_perform_write+0x184/0x490
[   98.529325][ T5427]  shmem_file_write_iter+0xc5/0xf0
[   98.529357][ T5427]  __kernel_write_iter+0x2d6/0x540
[   98.529375][ T5427]  ? __pfx_shmem_file_write_iter+0x10/0x10
[   98.529429][ T5427]  dump_user_range+0x61e/0x8f0
[   98.529530][ T5427]  elf_core_dump+0x1de7/0x1f80
[   98.529570][ T5427]  ? 0xffffffffff600000
[   98.529650][ T5427]  coredump_write+0xacf/0xdf0
[   98.529693][ T5427]  vfs_coredump+0x24f7/0x2e60
[   98.529743][ T5427]  ? __memcg_slab_free_hook+0xbc/0x230
[   98.529783][ T5427]  ? kmem_cache_free+0xe3/0x3a0
[   98.529859][ T5427]  ? proc_coredump_connector+0x114/0x220
[   98.529891][ T5427]  get_signal+0xd84/0xf70
[   98.529933][ T5427]  arch_do_signal_or_restart+0x96/0x450
[   98.530044][ T5427]  irqentry_exit+0xfb/0x560
[   98.530072][ T5427]  asm_exc_page_fault+0x26/0x30
[   98.530134][ T5427] RIP: 0033:0x7f268b8ef751
[   98.530149][ T5427] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[   98.530166][ T5427] RSP: 002b:00000000fffffd10 EFLAGS: 00010217
[   98.530180][ T5427] RAX: 0000000000000000 RBX: 00007f268bb46180 RCX: 00007f268b8ef749
[   98.530195][ T5427] RDX: 0000000000000000 RSI: 00000000fffffd10 RDI: 0000000001000000
[   98.530211][ T5427] RBP: 00007f268b973f91 R08: 0000000000000000 R09: 0000000000000000
[   98.530225][ T5427] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[   98.530247][ T5427] R13: 00007f268bb46218 R14: 00007f268bb46180 R15: 00007ffd5d201c38
[   98.530267][ T5427]  </TASK>
[   98.530273][ T5427] memory: usage 307200kB, limit 307200kB, failcnt 25706
[   98.773662][ T5427] memory+swap: usage 432140kB, limit 9007199254740988kB, failcnt 0
[   98.781589][ T5427] kmem: usage 5556kB, limit 9007199254740988kB, failcnt 0
[   98.788912][ T5427] Memory cgroup stats for /syz0:
[   98.802145][ T6169] lo speed is unknown, defaulting to 1000
[   98.813343][ T6169] lo speed is unknown, defaulting to 1000
[   98.859589][ T6186] veth0: entered promiscuous mode
[   98.920789][ T6184] veth0: left promiscuous mode
[   98.974820][ T6181] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.009262][ T6183] loop4: detected capacity change from 0 to 512
[   99.031678][ T6183] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   99.098348][ T6195] loop1: detected capacity change from 0 to 1024
[   99.112521][ T6181] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.124072][ T5427] cache 307625984
[   99.127725][ T5427] rss 94208
[   99.130851][ T5427] shmem 307089408
[   99.132285][ T6183] EXT4-fs (loop4): 1 truncate cleaned up
[   99.134639][ T5427] mapped_file 131072
[   99.144170][ T5427] dirty 0
[   99.147117][ T5427] writeback 0
[   99.150175][ T6183] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   99.150421][ T5427] workingset_refault_anon 39
[   99.150452][ T5427] workingset_refault_file 4193
[   99.171969][ T5427] swap 127688704
[   99.172426][ T6195] EXT4-fs: Ignoring removed orlov option
[   99.175575][ T5427] swapcached 32768
[   99.175586][ T5427] pgpgin 207173
[   99.188444][ T5427] pgpgout 132041
[   99.192069][ T5427] pgfault 65908
[   99.195541][ T5427] pgmajfault 77
[   99.199062][ T5427] inactive_anon 83099648
[   99.203380][ T5427] active_anon 223477760
[   99.207573][ T5427] inactive_file 0
[   99.211295][ T5427] active_file 524288
[   99.215239][ T5427] unevictable 0
[   99.217379][ T6195] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   99.218705][ T5427] hierarchical_memory_limit 314572800
[   99.236132][ T5427] hierarchical_memsw_limit 9223372036854771712
[   99.242327][ T5427] total_cache 307625984
[   99.246486][ T5427] total_rss 94208
[   99.250134][ T5427] total_shmem 307089408
[   99.254369][ T5427] total_mapped_file 131072
[   99.258834][ T5427] total_dirty 0
[   99.262348][ T5427] total_writeback 0
[   99.266159][ T5427] total_workingset_refault_anon 39
[   99.271297][ T5427] total_workingset_refault_file 4193
[   99.276723][ T5427] total_swap 127688704
[   99.280894][ T5427] total_swapcached 32768
[   99.285212][ T5427] total_pgpgin 207173
[   99.289201][ T5427] total_pgpgout 132041
[   99.293410][ T5427] total_pgfault 65908
[   99.297455][ T5427] total_pgmajfault 77
[   99.301434][ T5427] total_inactive_anon 83099648
[   99.306239][ T5427] total_active_anon 223477760
[   99.310919][ T5427] total_inactive_file 0
[   99.315109][ T5427] total_active_file 524288
[   99.319565][ T5427] total_unevictable 0
[   99.323634][ T5427] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.472,pid=5399,uid=0
[   99.338181][ T5427] Memory cgroup out of memory: Killed process 5399 (syz.0.472) total-vm:90260kB, anon-rss:1172kB, file-rss:54192kB, shmem-rss:0kB, UID:0 pgtables:200kB oom_score_adj:1000
[   99.390626][ T6200] __nla_validate_parse: 61 callbacks suppressed
[   99.390681][ T6200] netlink: 4 bytes leftover after parsing attributes in process `syz.3.691'.
[   99.407654][ T6206] loop2: detected capacity change from 0 to 128
[   99.423798][ T6206] FAT-fs (loop2): error, clusters badly computed (2 != 0)
[   99.430961][ T6206] FAT-fs (loop2): Filesystem has been set read-only
[   99.451811][ T6206] FAT-fs (loop2): error, clusters badly computed (3 != 1)
[   99.460876][ T6207] netlink: 4 bytes leftover after parsing attributes in process `syz.1.690'.
[   99.481913][ T6207] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   99.489389][ T6207] batman_adv: batadv0: Removing interface: batadv_slave_0
[   99.528313][ T6214] loop2: detected capacity change from 0 to 512
[   99.555897][ T6207] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   99.563803][ T6207] batman_adv: batadv0: Removing interface: batadv_slave_1
[   99.584195][ T6214] netlink: 12 bytes leftover after parsing attributes in process `syz.2.694'.
[   99.814697][ T6181] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.854364][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.865737][ T6230] netlink: 'syz.2.695': attribute type 3 has an invalid length.
[   99.874314][ T6230] netlink: 'syz.2.695': attribute type 3 has an invalid length.
[   99.914950][ T6181] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.011804][ T2477] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  100.027375][ T1629] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  100.040825][ T1629] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  100.059321][ T1629] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  100.096534][ T6251] lo speed is unknown, defaulting to 1000
[  100.134418][ T6251] lo speed is unknown, defaulting to 1000
[  100.237926][ T3326] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.568839][ T6264] loop4: detected capacity change from 0 to 128
[  100.620122][ T6266] netlink: 'syz.3.702': attribute type 29 has an invalid length.
[  100.823199][ T6264] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  100.835650][ T6264] ext4 filesystem being mounted at /155/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  101.041976][ T6275] loop1: detected capacity change from 0 to 164
[  101.080745][ T6277] 9p: Bad value for 'rfdno'
[  101.094910][ T6263] lo speed is unknown, defaulting to 1000
[  101.130487][ T6263] lo speed is unknown, defaulting to 1000
[  101.204264][ T3326] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  101.468320][ T6275] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  101.494013][ T6303] loop2: detected capacity change from 0 to 1024
[  101.512159][ T6303] EXT4-fs: Ignoring removed mblk_io_submit option
[  101.518741][ T6303] EXT4-fs: inline encryption not supported
[  101.543921][ T6303] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  101.583106][ T6303] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[  101.592342][ T6303] EXT4-fs error (device loop2): ext4_map_blocks:783: inode #3: block 2: comm syz.2.711: lblock 2 mapped to illegal pblock 2 (length 1)
[  101.617482][ T6303] EXT4-fs error (device loop2): ext4_map_blocks:783: inode #3: block 48: comm syz.2.711: lblock 0 mapped to illegal pblock 48 (length 1)
[  101.692639][ T6262] netlink: 52 bytes leftover after parsing attributes in process `syz.1.703'.
[  101.715073][ T6303] EXT4-fs error (device loop2): ext4_acquire_dquot:6986: comm syz.2.711: Failed to acquire dquot type 0
[  101.730648][ T6315] lo speed is unknown, defaulting to 1000
[  101.740180][ T6303] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6298: Corrupt filesystem
[  101.801950][ T6303] EXT4-fs error (device loop2): ext4_evict_inode:253: inode #11: comm syz.2.711: mark_inode_dirty error
[  101.838261][ T6303] EXT4-fs warning (device loop2): ext4_evict_inode:256: couldn't mark inode dirty (err -117)
[  101.881804][ T6303] EXT4-fs (loop2): 1 orphan inode deleted
[  101.895777][ T6322] netlink: 'syz.4.717': attribute type 1 has an invalid length.
[  101.904477][   T31] EXT4-fs error (device loop2): ext4_map_blocks:783: inode #3: block 1: comm kworker/u8:1: lblock 1 mapped to illegal pblock 1 (length 1)
[  101.947948][   T31] EXT4-fs error (device loop2): ext4_release_dquot:7022: comm kworker/u8:1: Failed to release dquot type 0
[  101.961945][ T6315] lo speed is unknown, defaulting to 1000
[  101.977432][ T6303] EXT4-fs error (device loop2): __ext4_get_inode_loc:4830: comm syz.2.711: Invalid inode table block 1 in block_group 0
[  101.996734][ T6303] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6298: Corrupt filesystem
[  102.007195][ T6327] loop4: detected capacity change from 0 to 1024
[  102.017301][ T6303] EXT4-fs error (device loop2): ext4_quota_off:7270: inode #3: comm syz.2.711: mark_inode_dirty error
[  102.079236][ T6327] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 21 with max blocks 44 with error 28
[  102.091907][ T6327] EXT4-fs (loop4): This should not happen!! Data will be lost
[  102.091907][ T6327] 
[  102.101587][ T6327] EXT4-fs (loop4): Total free blocks count 0
[  102.107654][ T6327] EXT4-fs (loop4): Free/Dirty block details
[  102.113594][ T6327] EXT4-fs (loop4): free_blocks=0
[  102.118565][ T6327] EXT4-fs (loop4): dirty_blocks=0
[  102.123634][ T6327] EXT4-fs (loop4): Block reservation details
[  102.130091][ T6327] EXT4-fs (loop4): i_reserved_data_blocks=0
[  102.160497][ T6334] EXT4-fs error (device loop4): __ext4_new_inode:1073: comm syz.4.719: reserved inode found cleared - inode=2
[  102.194021][ T6303] loop2: detected capacity change from 0 to 2048
[  102.272510][ T6303] netlink: 'syz.2.711': attribute type 3 has an invalid length.
[  102.336515][ T6338] lo speed is unknown, defaulting to 1000
[  102.389946][ T5413] syz.0.472 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  102.400484][ T5413] CPU: 0 UID: 0 PID: 5413 Comm: syz.0.472 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  102.400577][ T5413] Tainted: [W]=WARN
[  102.400587][ T5413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  102.400604][ T5413] Call Trace:
[  102.400612][ T5413]  <TASK>
[  102.400638][ T5413]  __dump_stack+0x1d/0x30
[  102.400669][ T5413]  dump_stack_lvl+0xe8/0x140
[  102.400700][ T5413]  dump_stack+0x15/0x1b
[  102.400724][ T5413]  dump_header+0x81/0x240
[  102.400751][ T5413]  oom_kill_process+0x295/0x350
[  102.400797][ T5413]  out_of_memory+0x97b/0xb80
[  102.400825][ T5413]  try_charge_memcg+0x610/0xa10
[  102.400884][ T5413]  charge_memcg+0x51/0xc0
[  102.400924][ T5413]  __mem_cgroup_charge+0x28/0xb0
[  102.400959][ T5413]  shmem_get_folio_gfp+0x470/0xd50
[  102.401022][ T5413]  shmem_write_begin+0xfc/0x1f0
[  102.401058][ T5413]  generic_perform_write+0x184/0x490
[  102.401094][ T5413]  shmem_file_write_iter+0xc5/0xf0
[  102.401166][ T5413]  __kernel_write_iter+0x2d6/0x540
[  102.401185][ T5413]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  102.401228][ T5413]  dump_user_range+0x61e/0x8f0
[  102.401308][ T5413]  elf_core_dump+0x1de7/0x1f80
[  102.401342][ T5413]  ? 0xffffffffff600000
[  102.401399][ T5413]  coredump_write+0xacf/0xdf0
[  102.401488][ T5413]  vfs_coredump+0x24f7/0x2e60
[  102.401632][ T5413]  ? __memcg_slab_free_hook+0xbc/0x230
[  102.401689][ T5413]  ? kmem_cache_free+0xe3/0x3a0
[  102.401762][ T5413]  ? proc_coredump_connector+0x114/0x220
[  102.401892][ T5413]  get_signal+0xd84/0xf70
[  102.401958][ T5413]  arch_do_signal_or_restart+0x96/0x450
[  102.401996][ T5413]  irqentry_exit+0xfb/0x560
[  102.402025][ T5413]  asm_exc_page_fault+0x26/0x30
[  102.402044][ T5413] RIP: 0033:0x7f268b8ef751
[  102.402062][ T5413] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[  102.402088][ T5413] RSP: 002b:00000000fffffd10 EFLAGS: 00010217
[  102.402108][ T5413] RAX: 0000000000000000 RBX: 00007f268bb46180 RCX: 00007f268b8ef749
[  102.402125][ T5413] RDX: 0000000000000000 RSI: 00000000fffffd10 RDI: 0000000001000000
[  102.402141][ T5413] RBP: 00007f268b973f91 R08: 0000000000000000 R09: 0000000000000000
[  102.402221][ T5413] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  102.402237][ T5413] R13: 00007f268bb46218 R14: 00007f268bb46180 R15: 00007ffd5d201c38
[  102.402265][ T5413]  </TASK>
[  102.637581][ T5413] memory: usage 307076kB, limit 307200kB, failcnt 27729
[  102.644576][ T5413] memory+swap: usage 431976kB, limit 9007199254740988kB, failcnt 0
[  102.652500][ T5413] kmem: usage 4948kB, limit 9007199254740988kB, failcnt 0
[  102.659640][ T5413] Memory cgroup stats for /syz0:
[  102.670181][ T6338] lo speed is unknown, defaulting to 1000
[  102.683602][ T6349] ALSA: seq fatal error: cannot create timer (-19)
[  102.705876][ T5413] cache 309063680
[  102.709657][ T5413] rss 270336
[  102.712890][ T5413] shmem 308957184
[  102.716524][ T5413] mapped_file 8192
[  102.720249][ T5413] dirty 0
[  102.723947][ T5413] writeback 0
[  102.727244][ T5413] workingset_refault_anon 77
[  102.731917][ T5413] workingset_refault_file 6096
[  102.736711][ T5413] swap 127770624
[  102.740259][ T5413] swapcached 225280
[  102.744127][ T5413] pgpgin 229509
[  102.747636][ T5413] pgpgout 153946
[  102.751189][ T5413] pgfault 67125
[  102.755371][ T5413] pgmajfault 127
[  102.758923][ T5413] inactive_anon 307175424
[  102.763728][ T5413] active_anon 2215936
[  102.767719][ T5413] inactive_file 65536
[  102.771946][ T5413] active_file 16384
[  102.775770][ T5413] unevictable 0
[  102.779229][ T5413] hierarchical_memory_limit 314572800
[  102.785513][ T5413] hierarchical_memsw_limit 9223372036854771712
[  102.791740][ T5413] total_cache 309063680
[  102.795940][ T5413] total_rss 270336
[  102.799665][ T5413] total_shmem 308957184
[  102.803889][ T5413] total_mapped_file 8192
[  102.808136][ T5413] total_dirty 0
[  102.812278][ T5413] total_writeback 0
[  102.816143][ T5413] total_workingset_refault_anon 77
[  102.821262][ T5413] total_workingset_refault_file 6096
[  102.826571][ T5413] total_swap 127770624
[  102.830689][ T5413] total_swapcached 225280
[  102.835113][ T5413] total_pgpgin 229509
[  102.839094][ T5413] total_pgpgout 153946
[  102.843948][ T5413] total_pgfault 67125
[  102.847950][ T5413] total_pgmajfault 127
[  102.852126][ T5413] total_inactive_anon 307175424
[  102.857055][ T5413] total_active_anon 2215936
[  102.861586][ T5413] total_inactive_file 65536
[  102.866099][ T5413] total_active_file 16384
[  102.870434][ T5413] total_unevictable 0
[  102.875091][ T5413] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.472,pid=5414,uid=0
[  102.889787][ T5413] Memory cgroup out of memory: Killed process 5414 (syz.0.472) total-vm:90260kB, anon-rss:1300kB, file-rss:54172kB, shmem-rss:0kB, UID:0 pgtables:200kB oom_score_adj:1000
[  102.974797][ T6359] loop1: detected capacity change from 0 to 2048
[  103.043405][ T6359]  loop1: p1 p2 < > p3 < p5 p6 > p4
[  103.048683][ T6359] loop1: partition table partially beyond EOD, truncated
[  103.078599][ T6352] lo speed is unknown, defaulting to 1000
[  103.090790][ T6359] loop1: p1 size 917504 extends beyond EOD, truncated
[  103.109479][ T6359] loop1: p2 start 4278190080 is beyond EOD, truncated
[  103.135474][   T29] kauditd_printk_skb: 207 callbacks suppressed
[  103.135488][   T29] audit: type=1326 audit(1765838651.836:5150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6356 comm="syz.4.726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69690ef749 code=0x7ffc0000
[  103.165049][   T29] audit: type=1326 audit(1765838651.836:5151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6356 comm="syz.4.726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f69690ef749 code=0x7ffc0000
[  103.180154][ T6352] lo speed is unknown, defaulting to 1000
[  103.188313][   T29] audit: type=1326 audit(1765838651.836:5152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6356 comm="syz.4.726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69690ef749 code=0x7ffc0000
[  103.219042][ T6359] loop1: p4 size 8192 extends beyond EOD, truncated
[  103.222077][   T29] audit: type=1326 audit(1765838651.846:5153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6363 comm="syz.4.726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f6969122005 code=0x7ffc0000
[  103.228742][ T6359] loop1: p5 size 917504 extends beyond EOD, truncated
[  103.249121][   T29] audit: type=1326 audit(1765838651.896:5154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6356 comm="syz.4.726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f69690ef749 code=0x7ffc0000
[  103.279143][   T29] audit: type=1326 audit(1765838651.896:5155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6356 comm="syz.4.726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69690ef749 code=0x7ffc0000
[  103.288066][ T6359] loop1: p6 size 8192 extends beyond EOD, 
[  103.302638][   T29] audit: type=1326 audit(1765838651.896:5156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6356 comm="syz.4.726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7f69690ef749 code=0x7ffc0000
[  103.302677][   T29] audit: type=1326 audit(1765838651.896:5157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6356 comm="syz.4.726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69690ef749 code=0x7ffc0000
[  103.302757][   T29] audit: type=1326 audit(1765838651.896:5158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6356 comm="syz.4.726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69690ef749 code=0x7ffc0000
[  103.380339][ T6359] truncated
[  103.441078][   T29] audit: type=1326 audit(1765838652.036:5159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6363 comm="syz.4.726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f69690ef749 code=0x7ffc0000
[  103.462191][ T6371] lo speed is unknown, defaulting to 1000
[  103.554746][ T6384] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1539 sclass=netlink_route_socket pid=6384 comm=syz.1.731
[  103.569302][ T6384] loop1: detected capacity change from 0 to 164
[  103.577237][ T6384] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  103.586562][ T6384] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  103.595211][ T6384] Symlink component flag not implemented
[  103.600911][ T6384] Symlink component flag not implemented
[  103.628083][ T6388] loop1: detected capacity change from 0 to 128
[  103.642824][ T6371] lo speed is unknown, defaulting to 1000
[  103.699083][ T6393] loop1: detected capacity change from 0 to 1024
[  103.719867][ T6393] EXT4-fs: Ignoring removed mblk_io_submit option
[  103.727092][ T6395] ip6gretap0: entered promiscuous mode
[  103.775345][ T6393] EXT4-fs mount: 6 callbacks suppressed
[  103.775360][ T6393] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  103.867728][ T6408] loop2: detected capacity change from 0 to 1024
[  103.946923][ T6408] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  104.013336][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.034508][ T6408] ext4 filesystem being mounted at /144/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  104.117107][ T6408] netlink: 'syz.2.738': attribute type 4 has an invalid length.
[  104.124959][ T6408] netlink: 152 bytes leftover after parsing attributes in process `syz.2.738'.
[  104.138835][ T6425] loop1: detected capacity change from 0 to 1024
[  104.163094][ T6429] netlink: 4 bytes leftover after parsing attributes in process `syz.4.741'.
[  104.182698][ T6408] .`: renamed from bond0 (while UP)
[  104.191242][ T6425] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  104.214181][ T6421] SELinux:  policydb version 498626381 does not match my version range 15-35
[  104.223196][ T6431] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.738: bg 0: block 112: padding at end of block bitmap is not set
[  104.265167][ T6421] SELinux: failed to load policy
[  104.275516][ T6421] SELinux:  policydb magic number 0x340 does not match expected magic number 0xf97cff8c
[  104.305761][ T6425] EXT4-fs error (device loop1): ext4_xattr_inode_iget:441: comm syz.1.742: inode #1073671004: comm syz.1.742: iget: illegal inode #
[  104.325570][ T6426] netlink: 'syz.3.743': attribute type 12 has an invalid length.
[  104.331934][ T5388] syz.0.472 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  104.333918][ T6421] SELinux: failed to load policy
[  104.343942][ T5388] CPU: 0 UID: 0 PID: 5388 Comm: syz.0.472 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  104.344087][ T5388] Tainted: [W]=WARN
[  104.344096][ T5388] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  104.344113][ T5388] Call Trace:
[  104.344122][ T5388]  <TASK>
[  104.344133][ T5388]  __dump_stack+0x1d/0x30
[  104.344167][ T5388]  dump_stack_lvl+0xe8/0x140
[  104.344199][ T5388]  dump_stack+0x15/0x1b
[  104.344226][ T5388]  dump_header+0x81/0x240
[  104.344315][ T5388]  oom_kill_process+0x295/0x350
[  104.344355][ T5388]  out_of_memory+0x97b/0xb80
[  104.344391][ T5388]  try_charge_memcg+0x610/0xa10
[  104.344433][ T5388]  charge_memcg+0x51/0xc0
[  104.344516][ T5388]  __mem_cgroup_charge+0x28/0xb0
[  104.344600][ T5388]  shmem_get_folio_gfp+0x470/0xd50
[  104.344650][ T5388]  shmem_write_begin+0xfc/0x1f0
[  104.344692][ T5388]  generic_perform_write+0x184/0x490
[  104.344743][ T5388]  shmem_file_write_iter+0xc5/0xf0
[  104.344828][ T5388]  __kernel_write_iter+0x2d6/0x540
[  104.344855][ T5388]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  104.344973][ T5388]  dump_user_range+0x61e/0x8f0
[  104.345019][ T5388]  elf_core_dump+0x1de7/0x1f80
[  104.345115][ T5388]  ? 0xffffffffff600000
[  104.345161][ T5388]  coredump_write+0xacf/0xdf0
[  104.345210][ T5388]  vfs_coredump+0x24f7/0x2e60
[  104.345263][ T5388]  ? __memcg_slab_free_hook+0xbc/0x230
[  104.345322][ T5388]  ? kmem_cache_free+0xe3/0x3a0
[  104.345361][ T5388]  ? proc_coredump_connector+0x114/0x220
[  104.345396][ T5388]  get_signal+0xd84/0xf70
[  104.345522][ T5388]  arch_do_signal_or_restart+0x96/0x450
[  104.345567][ T5388]  irqentry_exit+0xfb/0x560
[  104.345608][ T5388]  asm_exc_page_fault+0x26/0x30
[  104.345637][ T5388] RIP: 0033:0x7f268b8ef751
[  104.345729][ T5388] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[  104.345754][ T5388] RSP: 002b:00000000fffffd10 EFLAGS: 00010217
[  104.345814][ T5388] RAX: 0000000000000000 RBX: 00007f268bb46180 RCX: 00007f268b8ef749
[  104.345832][ T5388] RDX: 0000000000000000 RSI: 00000000fffffd10 RDI: 0000000001000000
[  104.345849][ T5388] RBP: 00007f268b973f91 R08: 0000000000000000 R09: 0000000000000000
[  104.345869][ T5388] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  104.345886][ T5388] R13: 00007f268bb46218 R14: 00007f268bb46180 R15: 00007ffd5d201c38
[  104.345915][ T5388]  </TASK>
[  104.345924][ T5388] memory: usage 307200kB, limit 307200kB, failcnt 28804
[  104.422784][ T6425] EXT4-fs error (device loop1): ext4_xattr_inode_iget:446: comm syz.1.742: error while reading EA inode 1073671004 err=-117
[  104.427222][ T5388] memory+swap: usage 432036kB, limit 9007199254740988kB, failcnt 0
[  104.427242][ T5388] kmem: usage 4748kB, limit 9007199254740988kB, failcnt 0
[  104.427258][ T5388] Memory cgroup stats for /syz0:
[  104.627880][ T5388] cache 309415936
[  104.631458][ T3328] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  104.632890][ T5388] rss 266240
[  104.632900][ T5388] shmem 309415936
[  104.632908][ T5388] mapped_file 0
[  104.632916][ T5388] dirty 0
[  104.632924][ T5388] writeback 0
[  104.663273][ T5388] workingset_refault_anon 79
[  104.667913][ T5388] workingset_refault_file 6268
[  104.672760][ T5388] swap 127922176
[  104.676322][ T5388] swapcached 73728
[  104.680283][ T5388] pgpgin 233069
[  104.684714][ T5388] pgpgout 157457
[  104.688274][ T5388] pgfault 67174
[  104.692065][ T5388] pgmajfault 141
[  104.695620][ T5388] inactive_anon 254795776
[  104.699976][ T5388] active_anon 54378496
[  104.704077][ T5388] inactive_file 0
[  104.707715][ T5388] active_file 8192
[  104.711439][ T5388] unevictable 0
[  104.715511][ T5388] hierarchical_memory_limit 314572800
[  104.720885][ T5388] hierarchical_memsw_limit 9223372036854771712
[  104.727137][ T5388] total_cache 309415936
[  104.731306][ T5388] total_rss 266240
[  104.735092][ T5388] total_shmem 309415936
[  104.739289][ T5388] total_mapped_file 0
[  104.744050][ T5388] total_dirty 0
[  104.747518][ T5388] total_writeback 0
[  104.751391][ T5388] total_workingset_refault_anon 79
[  104.756543][ T5388] total_workingset_refault_file 6268
[  104.761867][ T5388] total_swap 127922176
[  104.765942][ T5388] total_swapcached 73728
[  104.770250][ T5388] total_pgpgin 233069
[  104.774887][ T5388] total_pgpgout 157457
[  104.779001][ T5388] total_pgfault 67174
[  104.783040][ T5388] total_pgmajfault 141
[  104.787127][ T5388] total_inactive_anon 254795776
[  104.792013][ T5388] total_active_anon 54378496
[  104.796612][ T5388] total_inactive_file 0
[  104.800793][ T5388] total_active_file 8192
[  104.805716][ T5388] total_unevictable 0
[  104.809710][ T5388] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.472,pid=5410,uid=0
[  104.818060][ T6440] veth0_vlan: left promiscuous mode
[  104.824406][ T5388] Memory cgroup out of memory: Killed process 5410 (syz.0.472) total-vm:90260kB, anon-rss:1172kB, file-rss:54232kB, shmem-rss:0kB, UID:0 pgtables:200kB oom_score_adj:1000
[  104.860403][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.874475][ T6444] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  104.885783][ T6444] EXT4-fs error (device loop4): ext4_get_branch:178: inode #11: block 4294967295: comm syz.4.746: invalid block
[  104.910791][ T6449] SET target dimension over the limit!
[  104.919760][ T6444] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.746: invalid indirect mapped block 4294967295 (level 1)
[  104.945348][ T6451] SET target dimension over the limit!
[  105.009302][ T6444] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.746: invalid indirect mapped block 4294967295 (level 1)
[  105.031797][ T6455] netlink: 12 bytes leftover after parsing attributes in process `syz.2.749'.
[  105.062592][ T6444] EXT4-fs (loop4): 2 truncates cleaned up
[  105.071239][ T6464] netlink: 168 bytes leftover after parsing attributes in process `syz.3.751'.
[  105.112141][ T6444] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  105.147843][ T6475] EXT4-fs error (device loop2): ext4_xattr_inode_iget:446: comm syz.2.752: error while reading EA inode 32 err=-116
[  105.174583][ T6474] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  105.187846][ T6475] EXT4-fs (loop2): Remounting filesystem read-only
[  105.197724][ T6475] EXT4-fs warning (device loop2): ext4_evict_inode:256: couldn't mark inode dirty (err -30)
[  105.218255][ T6475] EXT4-fs (loop2): 1 orphan inode deleted
[  105.224690][ T6475] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  105.262877][ T6444] EXT4-fs error (device loop4): ext4_inlinedir_to_tree:1324: inode #12: block 7: comm syz.4.746: path /171/file0/file0: bad entry in directory: directory entry overrun - offset=196864, inode=4278190093, rec_len=196860, size=60 fake=0
[  105.306579][ T3328] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.699395][ T6495] netlink: 260 bytes leftover after parsing attributes in process `syz.2.757'.
[  105.999856][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.031690][ T5946] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm ext4lazyinit: bg 0: block 5: invalid block bitmap
[  106.044305][ T6494] lo speed is unknown, defaulting to 1000
[  106.104573][ T3326] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.159639][ T5398] syz.0.472 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  106.170265][ T5398] CPU: 0 UID: 0 PID: 5398 Comm: syz.0.472 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  106.170299][ T5398] Tainted: [W]=WARN
[  106.170308][ T5398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  106.170325][ T5398] Call Trace:
[  106.170386][ T5398]  <TASK>
[  106.170393][ T5398]  __dump_stack+0x1d/0x30
[  106.170424][ T5398]  dump_stack_lvl+0xe8/0x140
[  106.170454][ T5398]  dump_stack+0x15/0x1b
[  106.170508][ T5398]  dump_header+0x81/0x240
[  106.170535][ T5398]  oom_kill_process+0x295/0x350
[  106.170566][ T5398]  out_of_memory+0x97b/0xb80
[  106.170689][ T5398]  try_charge_memcg+0x610/0xa10
[  106.170724][ T5398]  charge_memcg+0x51/0xc0
[  106.170765][ T5398]  __mem_cgroup_charge+0x28/0xb0
[  106.170805][ T5398]  shmem_get_folio_gfp+0x470/0xd50
[  106.170928][ T5398]  shmem_write_begin+0xfc/0x1f0
[  106.171043][ T5398]  generic_perform_write+0x184/0x490
[  106.171113][ T5398]  shmem_file_write_iter+0xc5/0xf0
[  106.171156][ T5398]  __kernel_write_iter+0x2d6/0x540
[  106.171262][ T5398]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  106.171310][ T5398]  dump_user_range+0x61e/0x8f0
[  106.171354][ T5398]  elf_core_dump+0x1de7/0x1f80
[  106.171467][ T5398]  ? 0xffffffffff600000
[  106.171509][ T5398]  coredump_write+0xacf/0xdf0
[  106.171569][ T5398]  vfs_coredump+0x24f7/0x2e60
[  106.171617][ T5398]  ? __memcg_slab_free_hook+0xbc/0x230
[  106.171766][ T5398]  ? kmem_cache_free+0xe3/0x3a0
[  106.171796][ T5398]  ? proc_coredump_connector+0x114/0x220
[  106.171829][ T5398]  get_signal+0xd84/0xf70
[  106.171875][ T5398]  arch_do_signal_or_restart+0x96/0x450
[  106.171959][ T5398]  irqentry_exit+0xfb/0x560
[  106.172041][ T5398]  asm_exc_page_fault+0x26/0x30
[  106.172066][ T5398] RIP: 0033:0x7f268b8ef751
[  106.172085][ T5398] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[  106.172108][ T5398] RSP: 002b:00000000fffffd10 EFLAGS: 00010217
[  106.172129][ T5398] RAX: 0000000000000000 RBX: 00007f268bb46180 RCX: 00007f268b8ef749
[  106.172212][ T5398] RDX: 0000000000000000 RSI: 00000000fffffd10 RDI: 0000000001000000
[  106.172229][ T5398] RBP: 00007f268b973f91 R08: 0000000000000000 R09: 0000000000000000
[  106.172244][ T5398] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  106.172260][ T5398] R13: 00007f268bb46218 R14: 00007f268bb46180 R15: 00007ffd5d201c38
[  106.172287][ T5398]  </TASK>
[  106.407829][ T5398] memory: usage 307200kB, limit 307200kB, failcnt 30163
[  106.414889][ T5398] memory+swap: usage 431920kB, limit 9007199254740988kB, failcnt 0
[  106.422813][ T5398] kmem: usage 4496kB, limit 9007199254740988kB, failcnt 0
[  106.429940][ T5398] Memory cgroup stats for /syz0:
[  106.461322][ T6494] lo speed is unknown, defaulting to 1000
[  106.535351][ T6511] set_capacity_and_notify: 3 callbacks suppressed
[  106.535371][ T6511] loop4: detected capacity change from 0 to 512
[  106.582890][ T6511] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  106.615341][ T6511] EXT4-fs (loop4): 1 truncate cleaned up
[  106.637152][ T5398] cache 309252096
[  106.640870][ T5398] rss 327680
[  106.644171][ T5398] shmem 309252096
[  106.647850][ T5398] mapped_file 0
[  106.651364][ T5398] dirty 0
[  106.654353][ T5398] writeback 0
[  106.657723][ T5398] workingset_refault_anon 98
[  106.662432][ T5398] workingset_refault_file 6725
[  106.666149][ T6520] SELinux: failed to load policy
[  106.667201][ T5398] swap 127913984
[  106.667212][ T5398] swapcached 81920
[  106.677932][ T6511] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  106.679478][ T5398] pgpgin 242639
[  106.679489][ T5398] pgpgout 167051
[  106.679501][ T5398] pgfault 67429
[  106.679508][ T5398] pgmajfault 162
[  106.679514][ T5398] inactive_anon 200450048
[  106.679523][ T5398] active_anon 108552192
[  106.714840][ T5398] inactive_file 0
[  106.718561][ T5398] active_file 8192
[  106.722464][ T5398] unevictable 0
[  106.725926][ T5398] hierarchical_memory_limit 314572800
[  106.731299][ T5398] hierarchical_memsw_limit 9223372036854771712
[  106.737530][ T5398] total_cache 309252096
[  106.741726][ T5398] total_rss 327680
[  106.745455][ T5398] total_shmem 309252096
[  106.749617][ T5398] total_mapped_file 0
[  106.753649][ T5398] total_dirty 0
[  106.757120][ T5398] total_writeback 0
[  106.761158][ T5398] total_workingset_refault_anon 98
[  106.766385][ T5398] total_workingset_refault_file 6725
[  106.771831][ T5398] total_swap 127913984
[  106.775992][ T5398] total_swapcached 81920
[  106.780240][ T5398] total_pgpgin 242639
[  106.784320][ T5398] total_pgpgout 167051
[  106.788408][ T5398] total_pgfault 67429
[  106.792431][ T5398] total_pgmajfault 162
[  106.796496][ T5398] total_inactive_anon 200450048
[  106.801347][ T5398] total_active_anon 108552192
[  106.806076][ T5398] total_inactive_file 0
[  106.810230][ T5398] total_active_file 8192
[  106.814609][ T5398] total_unevictable 0
[  106.818604][ T5398] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.472,pid=5398,uid=0
[  106.833182][ T5398] Memory cgroup out of memory: Killed process 5398 (syz.0.472) total-vm:90260kB, anon-rss:1172kB, file-rss:54256kB, shmem-rss:0kB, UID:0 pgtables:200kB oom_score_adj:1000
[  106.852225][ T6511] usb usb8: usbfs: process 6511 (syz.4.760) did not claim interface 0 before use
[  106.863676][ T6522] loop1: detected capacity change from 0 to 128
[  106.889348][ T6524] netlink: 'syz.2.767': attribute type 1 has an invalid length.
[  106.889898][ T6525] netlink: 4 bytes leftover after parsing attributes in process `syz.2.767'.
[  106.919832][ T6524] 8021q: adding VLAN 0 to HW filter on device bond0
[  106.937394][ T6525] bond0 (unregistering): Released all slaves
[  106.987728][ T3326] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.186367][ T6540] lo speed is unknown, defaulting to 1000
[  107.273304][ T6540] lo speed is unknown, defaulting to 1000
[  107.286097][ T6542] infiniband syb2: RDMA CMA: cma_listen_on_dev, error -98
[  107.388019][ T6564] lo speed is unknown, defaulting to 1000
[  107.510325][ T6571] loop2: detected capacity change from 0 to 4096
[  107.546789][ T6564] lo speed is unknown, defaulting to 1000
[  107.606446][ T6571] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  107.706884][ T6586] loop1: detected capacity change from 0 to 512
[  107.772022][ T6586] journal_path: Lookup failure for './file1'
[  107.778058][ T6586] EXT4-fs: error: could not find journal device path
[  107.787641][ T6594] netlink: 131740 bytes leftover after parsing attributes in process `syz.3.783'.
[  107.801598][ T6594] netlink: zone id is out of range
[  107.806734][ T6594] netlink: zone id is out of range
[  107.831648][ T6594] netlink: zone id is out of range
[  107.836848][ T6594] netlink: zone id is out of range
[  107.842322][ T6594] netlink: zone id is out of range
[  107.847470][ T6594] netlink: zone id is out of range
[  107.872050][ T6594] netlink: zone id is out of range
[  107.882309][ T6594] netlink: zone id is out of range
[  107.887451][ T6594] netlink: zone id is out of range
[  107.921701][ T6594] netlink: zone id is out of range
[  108.024566][ T6564] netlink: 4 bytes leftover after parsing attributes in process `syz.2.776'.
[  108.172693][ T6581] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 363: padding at end of block bitmap is not set
[  108.335375][ T3328] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.486320][ T6635] loop2: detected capacity change from 0 to 512
[  108.490822][ T6633] lo speed is unknown, defaulting to 1000
[  108.517337][ T6635] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  108.541676][ T6635] ext4 filesystem being mounted at /156/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  108.575823][ T6633] lo speed is unknown, defaulting to 1000
[  108.662479][ T6635] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #2: comm syz.2.791: corrupted inode contents
[  108.731903][ T6635] EXT4-fs error (device loop2): ext4_dirty_inode:6502: inode #2: comm syz.2.791: mark_inode_dirty error
[  108.800433][ T6635] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #2: comm syz.2.791: corrupted inode contents
[  108.867477][ T3328] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.906139][   T29] kauditd_printk_skb: 248 callbacks suppressed
[  108.906165][   T29] audit: type=1400 audit(1765838657.606:5408): avc:  denied  { ioctl } for  pid=6653 comm="syz.1.795" path="socket:[16162]" dev="sockfs" ino=16162 ioctlcmd=0x8982 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  108.977882][ T6661] netlink: 4 bytes leftover after parsing attributes in process `syz.2.798'.
[  109.003873][   T29] audit: type=1400 audit(1765838657.656:5409): avc:  denied  { getopt } for  pid=6653 comm="syz.1.795" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  109.126207][ T6667] netlink: 64 bytes leftover after parsing attributes in process `syz.2.798'.
[  109.155366][ T6668] netlink: 16 bytes leftover after parsing attributes in process `syz.3.799'.
[  109.165318][ T6668] netlink: 16 bytes leftover after parsing attributes in process `syz.3.799'.
[  109.275162][ T6666] netlink: 'syz.3.799': attribute type 11 has an invalid length.
[  109.387962][   T31] Bluetooth: hci0: Frame reassembly failed (-84)
[  109.417958][   T31] Bluetooth: hci0: Frame reassembly failed (-84)
[  109.430458][   T29] audit: type=1326 audit(1765838658.126:5410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6675 comm="syz.1.801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd981a1f749 code=0x7ffc0000
[  109.453962][   T29] audit: type=1326 audit(1765838658.126:5411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6675 comm="syz.1.801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd981a1f749 code=0x7ffc0000
[  109.477387][   T29] audit: type=1326 audit(1765838658.126:5412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6675 comm="syz.1.801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fd981a1f749 code=0x7ffc0000
[  109.535351][ T6678] lo speed is unknown, defaulting to 1000
[  109.591857][   T29] audit: type=1326 audit(1765838658.126:5413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6675 comm="syz.1.801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd981a1f749 code=0x7ffc0000
[  109.615645][ T6693] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=6693 comm=syz.3.805
[  109.632448][ T6694] ==================================================================
[  109.639267][ T6678] lo speed is unknown, defaulting to 1000
[  109.640550][ T6694] BUG: KCSAN: data-race in copy_creds / prepare_creds
[  109.653011][ T6694] 
[  109.655430][ T6694] write to 0xffff888101942ca8 of 4 bytes by task 6692 on cpu 0:
[  109.663068][ T6694]  copy_creds+0x78/0x340
[  109.667323][ T6694]  copy_process+0x638/0x1ef0
[  109.671931][ T6694]  kernel_clone+0x16c/0x5c0
[  109.676484][ T6694]  __se_sys_clone3+0x1c2/0x200
[  109.681273][ T6694]  __x64_sys_clone3+0x31/0x40
[  109.685979][ T6694]  x64_sys_call+0x2c0f/0x3000
[  109.690679][ T6694]  do_syscall_64+0xd8/0x2c0
[  109.695218][ T6694]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.701129][ T6694] 
[  109.703458][ T6694] read to 0xffff888101942c00 of 184 bytes by task 6694 on cpu 1:
[  109.711180][ T6694]  prepare_creds+0x6e/0x550
[  109.715798][ T6694]  __se_sys_capset+0x2a3/0x450
[  109.720573][ T6694]  __x64_sys_capset+0x31/0x40
[  109.725256][ T6694]  x64_sys_call+0x2868/0x3000
[  109.729942][ T6694]  do_syscall_64+0xd8/0x2c0
[  109.734463][ T6694]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.740364][ T6694] 
[  109.742690][ T6694] Reported by Kernel Concurrency Sanitizer on:
[  109.748837][ T6694] CPU: 1 UID: 0 PID: 6694 Comm: syz.3.805 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  109.760048][ T6694] Tainted: [W]=WARN
[  109.763847][ T6694] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  109.773989][ T6694] ==================================================================
[  109.785755][   T29] audit: type=1400 audit(1765838658.326:5414): avc:  denied  { nlmsg_write } for  pid=6692 comm="syz.3.805" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1
[  109.918065][ T6697] 9p: Bad value for 'rfdno'
[  111.412203][   T44] Bluetooth: hci0: command 0x1003 tx timeout
[  111.418299][ T3529] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  111.454556][ T5397] syz.0.472 (5397) used greatest stack depth: 7416 bytes left
[  111.487100][ T5401] syz.0.472 (5401) used greatest stack depth: 7320 bytes left
[  112.644576][ T5427] syz.0.472 (5427) used greatest stack depth: 6536 bytes left
[  113.117257][ T6597] syz.4.775 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  113.127165][ T6597] CPU: 1 UID: 0 PID: 6597 Comm: syz.4.775 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  113.127256][ T6597] Tainted: [W]=WARN
[  113.127264][ T6597] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  113.127276][ T6597] Call Trace:
[  113.127284][ T6597]  <TASK>
[  113.127292][ T6597]  __dump_stack+0x1d/0x30
[  113.127322][ T6597]  dump_stack_lvl+0xe8/0x140
[  113.127351][ T6597]  dump_stack+0x15/0x1b
[  113.127427][ T6597]  dump_header+0x81/0x240
[  113.127453][ T6597]  oom_kill_process+0x295/0x350
[  113.127484][ T6597]  out_of_memory+0x97b/0xb80
[  113.127509][ T6597]  try_charge_memcg+0x610/0xa10
[  113.127584][ T6597]  charge_memcg+0x51/0xc0
[  113.127681][ T6597]  __mem_cgroup_charge+0x28/0xb0
[  113.127718][ T6597]  shmem_get_folio_gfp+0x470/0xd50
[  113.127768][ T6597]  shmem_write_begin+0xfc/0x1f0
[  113.127882][ T6597]  generic_perform_write+0x184/0x490
[  113.127915][ T6597]  shmem_file_write_iter+0xc5/0xf0
[  113.127946][ T6597]  __kernel_write_iter+0x2d6/0x540
[  113.127971][ T6597]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  113.128011][ T6597]  dump_user_range+0x61e/0x8f0
[  113.128066][ T6597]  elf_core_dump+0x1de7/0x1f80
[  113.128104][ T6597]  ? 0xffffffffff600000
[  113.128136][ T6597]  coredump_write+0xacf/0xdf0
[  113.128191][ T6597]  vfs_coredump+0x24f7/0x2e60
[  113.128262][ T6597]  ? __memcg_slab_free_hook+0xbc/0x230
[  113.128376][ T6597]  ? kmem_cache_free+0xe3/0x3a0
[  113.128409][ T6597]  ? proc_coredump_connector+0x114/0x220
[  113.128433][ T6597]  get_signal+0xd84/0xf70
[  113.128545][ T6597]  arch_do_signal_or_restart+0x96/0x450
[  113.128580][ T6597]  irqentry_exit+0xfb/0x560
[  113.128624][ T6597]  ? force_sig+0x68/0x90
[  113.128651][ T6597]  exc_general_protection+0x15b/0x1e0
[  113.128680][ T6597]  asm_exc_general_protection+0x26/0x30
[  113.128703][ T6597] RIP: 0033:0x7f69690ef751
[  113.128717][ T6597] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[  113.128791][ T6597] RSP: 002b:00002000000001e0 EFLAGS: 00010217
[  113.128809][ T6597] RAX: 0000000000000000 RBX: 00007f6969346090 RCX: 00007f69690ef749
[  113.128824][ T6597] RDX: 0000200000000200 RSI: 00002000000001e0 RDI: 0000000008000200
[  113.128838][ T6597] RBP: 00007f6969173f91 R08: 0000200000000280 R09: 0000200000000280
[  113.128851][ T6597] R10: 0000200000000240 R11: 0000000000000206 R12: 0000000000000000
[  113.128866][ T6597] R13: 00007f6969346128 R14: 00007f6969346090 R15: 00007ffcfa4ff788
[  113.128887][ T6597]  </TASK>
[  113.128894][ T6597] memory: usage 307200kB, limit 307200kB, failcnt 22022
[  113.381673][ T6597] memory+swap: usage 432156kB, limit 9007199254740988kB, failcnt 0
[  113.389613][ T6597] kmem: usage 5388kB, limit 9007199254740988kB, failcnt 0
[  113.396817][ T6597] Memory cgroup stats for /syz4:
[  113.397141][ T6597] cache 308973568
[  113.406274][ T6597] rss 69632
[  113.409472][ T6597] shmem 308973568
[  113.413168][ T6597] mapped_file 0
[  113.416628][ T6597] dirty 0
[  113.419628][ T6597] writeback 0
[  113.422923][ T6597] workingset_refault_anon 1
[  113.427420][ T6597] workingset_refault_file 0
[  113.432501][ T6597] swap 127954944
[  113.436044][ T6597] swapcached 12288
[  113.439751][ T6597] pgpgin 187752
[  113.443255][ T6597] pgpgout 112299
[  113.446802][ T6597] pgfault 80339
[  113.450261][ T6597] pgmajfault 5
[  113.453734][ T6597] inactive_anon 136814592
[  113.458069][ T6597] active_anon 172240896
[  113.462866][ T6597] inactive_file 0
[  113.466501][ T6597] active_file 0
[  113.469966][ T6597] unevictable 0
[  113.473452][ T6597] hierarchical_memory_limit 314572800
[  113.478820][ T6597] hierarchical_memsw_limit 9223372036854771712
[  113.484980][ T6597] total_cache 308973568
[  113.489131][ T6597] total_rss 69632
[  113.493346][ T6597] total_shmem 308973568
[  113.497497][ T6597] total_mapped_file 0
[  113.501466][ T6597] total_dirty 0
[  113.505048][ T6597] total_writeback 0
[  113.508863][ T6597] total_workingset_refault_anon 1
[  113.513905][ T6597] total_workingset_refault_file 0
[  113.518980][ T6597] total_swap 127954944
[  113.523636][ T6597] total_swapcached 12288
[  113.527909][ T6597] total_pgpgin 187752
[  113.531960][ T6597] total_pgpgout 112299
[  113.536130][ T6597] total_pgfault 80339
[  113.540098][ T6597] total_pgmajfault 5
[  113.544008][ T6597] total_inactive_anon 136814592
[  113.548854][ T6597] total_active_anon 172240896
[  113.554210][ T6597] total_inactive_file 0
[  113.558366][ T6597] total_active_file 0
[  113.562419][ T6597] total_unevictable 0
[  113.566400][ T6597] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.775,pid=6600,uid=0
[  113.580904][ T6597] Memory cgroup out of memory: Killed process 6600 (syz.4.775) total-vm:90260kB, anon-rss:1172kB, file-rss:49024kB, shmem-rss:0kB, UID:0 pgtables:168kB oom_score_adj:1000
[  113.883295][ T6568] syz.4.775 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  113.893128][ T6568] CPU: 0 UID: 0 PID: 6568 Comm: syz.4.775 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  113.893175][ T6568] Tainted: [W]=WARN
[  113.893183][ T6568] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  113.893199][ T6568] Call Trace:
[  113.893208][ T6568]  <TASK>
[  113.893218][ T6568]  __dump_stack+0x1d/0x30
[  113.893248][ T6568]  dump_stack_lvl+0xe8/0x140
[  113.893275][ T6568]  dump_stack+0x15/0x1b
[  113.893294][ T6568]  dump_header+0x81/0x240
[  113.893341][ T6568]  oom_kill_process+0x295/0x350
[  113.893370][ T6568]  out_of_memory+0x97b/0xb80
[  113.893399][ T6568]  try_charge_memcg+0x610/0xa10
[  113.893426][ T6568]  charge_memcg+0x51/0xc0
[  113.893509][ T6568]  __mem_cgroup_charge+0x28/0xb0
[  113.893546][ T6568]  shmem_get_folio_gfp+0x470/0xd50
[  113.893584][ T6568]  shmem_write_begin+0xfc/0x1f0
[  113.893639][ T6568]  generic_perform_write+0x184/0x490
[  113.893673][ T6568]  ? __mark_inode_dirty+0x1af/0x750
[  113.893720][ T6568]  shmem_file_write_iter+0xc5/0xf0
[  113.893751][ T6568]  __kernel_write_iter+0x2d6/0x540
[  113.893773][ T6568]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  113.893863][ T6568]  dump_user_range+0x61e/0x8f0
[  113.893901][ T6568]  elf_core_dump+0x1de7/0x1f80
[  113.893969][ T6568]  ? 0xffffffffff600000
[  113.894003][ T6568]  coredump_write+0xacf/0xdf0
[  113.894036][ T6568]  vfs_coredump+0x24f7/0x2e60
[  113.894127][ T6568]  ? __memcg_slab_free_hook+0xbc/0x230
[  113.894233][ T6568]  ? kmem_cache_free+0xe3/0x3a0
[  113.894260][ T6568]  ? proc_coredump_connector+0x114/0x220
[  113.894349][ T6568]  get_signal+0xd84/0xf70
[  113.894493][ T6568]  arch_do_signal_or_restart+0x96/0x450
[  113.894528][ T6568]  irqentry_exit+0xfb/0x560
[  113.894560][ T6568]  ? force_sig+0x68/0x90
[  113.894590][ T6568]  exc_general_protection+0x15b/0x1e0
[  113.894634][ T6568]  asm_exc_general_protection+0x26/0x30
[  113.894654][ T6568] RIP: 0033:0x7f69690ef751
[  113.894668][ T6568] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[  113.894741][ T6568] RSP: 002b:00002000000001e0 EFLAGS: 00010217
[  113.894756][ T6568] RAX: 0000000000000000 RBX: 00007f6969346090 RCX: 00007f69690ef749
[  113.894768][ T6568] RDX: 0000200000000200 RSI: 00002000000001e0 RDI: 0000000008000200
[  113.894783][ T6568] RBP: 00007f6969173f91 R08: 0000200000000280 R09: 0000200000000280
[  113.894798][ T6568] R10: 0000200000000240 R11: 0000000000000206 R12: 0000000000000000
[  113.894887][ T6568] R13: 00007f6969346128 R14: 00007f6969346090 R15: 00007ffcfa4ff788
[  113.894939][ T6568]  </TASK>
[  113.894945][ T6568] memory: usage 306900kB, limit 307200kB, failcnt 23340
[  114.158584][ T6568] memory+swap: usage 432040kB, limit 9007199254740988kB, failcnt 0
[  114.167200][ T6568] kmem: usage 5416kB, limit 9007199254740988kB, failcnt 0
[  114.174348][ T6568] Memory cgroup stats for /syz4:
[  114.174615][ T6568] cache 308948992
[  114.183221][ T6568] rss 69632
[  114.186345][ T6568] shmem 308948992
[  114.189980][ T6568] mapped_file 0
[  114.194150][ T6568] dirty 0
[  114.197101][ T6568] writeback 0
[  114.200405][ T6568] workingset_refault_anon 1
[  114.204950][ T6568] workingset_refault_file 0
[  114.209464][ T6568] swap 127963136
[  114.213049][ T6568] swapcached 4096
[  114.216743][ T6568] pgpgin 190541
[  114.220217][ T6568] pgpgout 115096
[  114.224445][ T6568] pgfault 80512
[  114.228019][ T6568] pgmajfault 5
[  114.231398][ T6568] inactive_anon 164098048
[  114.235793][ T6568] active_anon 144924672
[  114.239960][ T6568] inactive_file 0
[  114.243657][ T6568] active_file 0
[  114.247194][ T6568] unevictable 0
[  114.250662][ T6568] hierarchical_memory_limit 314572800
[  114.256750][ T6568] hierarchical_memsw_limit 9223372036854771712
[  114.262952][ T6568] total_cache 308948992
[  114.267176][ T6568] total_rss 69632
[  114.270819][ T6568] total_shmem 308948992
[  114.275063][ T6568] total_mapped_file 0
[  114.279130][ T6568] total_dirty 0
[  114.283262][ T6568] total_writeback 0
[  114.287122][ T6568] total_workingset_refault_anon 1
[  114.292314][ T6568] total_workingset_refault_file 0
[  114.297441][ T6568] total_swap 127963136
[  114.301614][ T6568] total_swapcached 4096
[  114.305852][ T6568] total_pgpgin 190541
[  114.309925][ T6568] total_pgpgout 115096
[  114.314701][ T6568] total_pgfault 80512
[  114.318702][ T6568] total_pgmajfault 5
[  114.322627][ T6568] total_inactive_anon 164098048
[  114.327534][ T6568] total_active_anon 144924672
[  114.332247][ T6568] total_inactive_file 0
[  114.336431][ T6568] total_active_file 0
[  114.340427][ T6568] total_unevictable 0
[  114.345126][ T6568] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.775,pid=6579,uid=0
[  114.359663][ T6568] Memory cgroup out of memory: Killed process 6579 (syz.4.775) total-vm:90260kB, anon-rss:1172kB, file-rss:50048kB, shmem-rss:0kB, UID:0 pgtables:168kB oom_score_adj:1000
[  114.619225][ T6591] syz.4.775 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  114.629737][ T6591] CPU: 0 UID: 0 PID: 6591 Comm: syz.4.775 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  114.629777][ T6591] Tainted: [W]=WARN
[  114.629785][ T6591] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  114.629802][ T6591] Call Trace:
[  114.629811][ T6591]  <TASK>
[  114.629821][ T6591]  __dump_stack+0x1d/0x30
[  114.629895][ T6591]  dump_stack_lvl+0xe8/0x140
[  114.629919][ T6591]  dump_stack+0x15/0x1b
[  114.629938][ T6591]  dump_header+0x81/0x240
[  114.629961][ T6591]  oom_kill_process+0x295/0x350
[  114.629991][ T6591]  out_of_memory+0x97b/0xb80
[  114.630140][ T6591]  try_charge_memcg+0x610/0xa10
[  114.630170][ T6591]  charge_memcg+0x51/0xc0
[  114.630319][ T6591]  __mem_cgroup_charge+0x28/0xb0
[  114.630349][ T6591]  shmem_get_folio_gfp+0x470/0xd50
[  114.630409][ T6591]  shmem_write_begin+0xfc/0x1f0
[  114.630541][ T6591]  generic_perform_write+0x184/0x490
[  114.630584][ T6591]  shmem_file_write_iter+0xc5/0xf0
[  114.630710][ T6591]  __kernel_write_iter+0x2d6/0x540
[  114.630729][ T6591]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  114.630796][ T6591]  dump_user_range+0x61e/0x8f0
[  114.630836][ T6591]  elf_core_dump+0x1de7/0x1f80
[  114.630869][ T6591]  ? 0xffffffffff600000
[  114.630941][ T6591]  coredump_write+0xacf/0xdf0
[  114.630973][ T6591]  vfs_coredump+0x24f7/0x2e60
[  114.631014][ T6591]  ? __memcg_slab_free_hook+0xbc/0x230
[  114.631071][ T6591]  ? kmem_cache_free+0xe3/0x3a0
[  114.631095][ T6591]  ? proc_coredump_connector+0x114/0x220
[  114.631127][ T6591]  get_signal+0xd84/0xf70
[  114.631166][ T6591]  arch_do_signal_or_restart+0x96/0x450
[  114.631212][ T6591]  irqentry_exit+0xfb/0x560
[  114.631288][ T6591]  ? force_sig+0x68/0x90
[  114.631320][ T6591]  exc_general_protection+0x15b/0x1e0
[  114.631353][ T6591]  asm_exc_general_protection+0x26/0x30
[  114.631376][ T6591] RIP: 0033:0x7f69690ef751
[  114.631393][ T6591] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[  114.631467][ T6591] RSP: 002b:00002000000001e0 EFLAGS: 00010217
[  114.631487][ T6591] RAX: 0000000000000000 RBX: 00007f6969346090 RCX: 00007f69690ef749
[  114.631504][ T6591] RDX: 0000200000000200 RSI: 00002000000001e0 RDI: 0000000008000200
[  114.631525][ T6591] RBP: 00007f6969173f91 R08: 0000200000000280 R09: 0000200000000280
[  114.631541][ T6591] R10: 0000200000000240 R11: 0000000000000206 R12: 0000000000000000
[  114.631557][ T6591] R13: 00007f6969346128 R14: 00007f6969346090 R15: 00007ffcfa4ff788
[  114.631625][ T6591]  </TASK>
[  114.876935][ T6591] memory: usage 305812kB, limit 307200kB, failcnt 28242
[  114.883988][ T6591] memory+swap: usage 430048kB, limit 9007199254740988kB, failcnt 0
[  114.892040][ T6591] kmem: usage 5228kB, limit 9007199254740988kB, failcnt 0
[  114.899153][ T6591] Memory cgroup stats for /syz4:
[  115.003773][ T6591] cache 309223424
[  115.013049][ T6591] rss 61440
[  115.016171][ T6591] shmem 309223424
[  115.019815][ T6591] mapped_file 0
[  115.023302][ T6591] dirty 0
[  115.026254][ T6591] writeback 102400
[  115.029985][ T6591] workingset_refault_anon 1
[  115.034501][ T6591] workingset_refault_file 0
[  115.039026][ T6591] swap 127860736
[  115.043324][ T6591] swapcached 106496
[  115.047139][ T6591] pgpgin 195471
[  115.050648][ T6591] pgpgout 119935
[  115.054263][ T6591] pgfault 80821
[  115.057723][ T6591] pgmajfault 5
[  115.061095][ T6591] inactive_anon 154259456
[  115.065443][ T6591] active_anon 153759744
[  115.069600][ T6591] inactive_file 0
[  115.073858][ T6591] active_file 0
[  115.077380][ T6591] unevictable 0
[  115.080835][ T6591] hierarchical_memory_limit 314572800
[  115.086226][ T6591] hierarchical_memsw_limit 9223372036854771712
[  115.092518][ T6591] total_cache 309223424
[  115.096678][ T6591] total_rss 61440
[  115.100313][ T6591] total_shmem 309223424
[  115.105123][ T6591] total_mapped_file 0
[  115.109144][ T6591] total_dirty 0
[  115.112637][ T6591] total_writeback 102400
[  115.116889][ T6591] total_workingset_refault_anon 1
[  115.122024][ T6591] total_workingset_refault_file 0
[  115.127129][ T6591] total_swap 127860736
[  115.131305][ T6591] total_swapcached 106496
[  115.136372][ T6591] total_pgpgin 195471
[  115.140369][ T6591] total_pgpgout 119935
[  115.144462][ T6591] total_pgfault 80821
[  115.148454][ T6591] total_pgmajfault 5
[  115.152385][ T6591] total_inactive_anon 154259456
[  115.157297][ T6591] total_active_anon 153759744
[  115.162748][ T6591] total_inactive_file 0
[  115.166953][ T6591] total_active_file 0
[  115.170938][ T6591] total_unevictable 0
[  115.175097][ T6591] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.775,pid=6559,uid=0
[  115.189649][ T6591] Memory cgroup out of memory: Killed process 6559 (syz.4.775) total-vm:90128kB, anon-rss:1156kB, file-rss:49664kB, shmem-rss:0kB, UID:0 pgtables:168kB oom_score_adj:1000
[  116.066352][ T6554] syz.4.775 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  116.076195][ T6554] CPU: 1 UID: 0 PID: 6554 Comm: syz.4.775 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  116.076241][ T6554] Tainted: [W]=WARN
[  116.076247][ T6554] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  116.076264][ T6554] Call Trace:
[  116.076272][ T6554]  <TASK>
[  116.076281][ T6554]  __dump_stack+0x1d/0x30
[  116.076317][ T6554]  dump_stack_lvl+0xe8/0x140
[  116.076346][ T6554]  dump_stack+0x15/0x1b
[  116.076423][ T6554]  dump_header+0x81/0x240
[  116.076449][ T6554]  oom_kill_process+0x295/0x350
[  116.076475][ T6554]  out_of_memory+0x97b/0xb80
[  116.076506][ T6554]  try_charge_memcg+0x610/0xa10
[  116.076563][ T6554]  charge_memcg+0x51/0xc0
[  116.076602][ T6554]  __mem_cgroup_charge+0x28/0xb0
[  116.076635][ T6554]  shmem_get_folio_gfp+0x470/0xd50
[  116.076668][ T6554]  shmem_write_begin+0xfc/0x1f0
[  116.076747][ T6554]  generic_perform_write+0x184/0x490
[  116.076811][ T6554]  shmem_file_write_iter+0xc5/0xf0
[  116.076991][ T6554]  __kernel_write_iter+0x2d6/0x540
[  116.077015][ T6554]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  116.077058][ T6554]  dump_user_range+0x61e/0x8f0
[  116.077097][ T6554]  elf_core_dump+0x1de7/0x1f80
[  116.077140][ T6554]  ? 0xffffffffff600000
[  116.077204][ T6554]  coredump_write+0xacf/0xdf0
[  116.077238][ T6554]  vfs_coredump+0x24f7/0x2e60
[  116.077270][ T6554]  ? __memcg_slab_free_hook+0xbc/0x230
[  116.077312][ T6554]  ? kmem_cache_free+0xe3/0x3a0
[  116.077347][ T6554]  ? proc_coredump_connector+0x114/0x220
[  116.077377][ T6554]  get_signal+0xd84/0xf70
[  116.077412][ T6554]  arch_do_signal_or_restart+0x96/0x450
[  116.077449][ T6554]  irqentry_exit+0xfb/0x560
[  116.077600][ T6554]  ? force_sig+0x68/0x90
[  116.077622][ T6554]  exc_general_protection+0x15b/0x1e0
[  116.077724][ T6554]  asm_exc_general_protection+0x26/0x30
[  116.077750][ T6554] RIP: 0033:0x7f69690ef751
[  116.077864][ T6554] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[  116.077888][ T6554] RSP: 002b:00002000000001e0 EFLAGS: 00010217
[  116.077908][ T6554] RAX: 0000000000000000 RBX: 00007f6969346090 RCX: 00007f69690ef749
[  116.077925][ T6554] RDX: 0000200000000200 RSI: 00002000000001e0 RDI: 0000000008000200
[  116.077944][ T6554] RBP: 00007f6969173f91 R08: 0000200000000280 R09: 0000200000000280
[  116.077959][ T6554] R10: 0000200000000240 R11: 0000000000000206 R12: 0000000000000000
[  116.077971][ T6554] R13: 00007f6969346128 R14: 00007f6969346090 R15: 00007ffcfa4ff788
[  116.077989][ T6554]  </TASK>
[  116.077995][ T6554] memory: usage 307200kB, limit 307200kB, failcnt 30950
[  116.332497][ T6554] memory+swap: usage 432116kB, limit 9007199254740988kB, failcnt 0
[  116.340445][ T6554] kmem: usage 4972kB, limit 9007199254740988kB, failcnt 0
[  116.347585][ T6554] Memory cgroup stats for /syz4:
[  116.369487][ T6554] cache 309420032
[  116.378186][ T6554] rss 61440
[  116.381313][ T6554] shmem 309415936
[  116.385343][ T6554] mapped_file 0
[  116.388865][ T6554] dirty 0
[  116.391865][ T6554] writeback 0
[  116.395186][ T6554] workingset_refault_anon 1
[  116.399965][ T6554] workingset_refault_file 692
[  116.404709][ T6554] swap 127967232
[  116.408255][ T6554] swapcached 0
[  116.411661][ T6554] pgpgin 210370
[  116.415123][ T6554] pgpgout 134813
[  116.418709][ T6554] pgfault 81721
[  116.422207][ T6554] pgmajfault 14
[  116.425671][ T6554] inactive_anon 158273536
[  116.430002][ T6554] active_anon 150679552
[  116.434264][ T6554] inactive_file 0
[  116.437907][ T6554] active_file 4096
[  116.441823][ T6554] unevictable 0
[  116.445300][ T6554] hierarchical_memory_limit 314572800
[  116.450682][ T6554] hierarchical_memsw_limit 9223372036854771712
[  116.456884][ T6554] total_cache 309420032
[  116.461121][ T6554] total_rss 61440
[  116.464906][ T6554] total_shmem 309415936
[  116.469116][ T6554] total_mapped_file 0
[  116.473188][ T6554] total_dirty 0
[  116.476664][ T6554] total_writeback 0
[  116.480481][ T6554] total_workingset_refault_anon 1
[  116.485552][ T6554] total_workingset_refault_file 692
[  116.490816][ T6554] total_swap 127967232
[  116.494953][ T6554] total_swapcached 0
[  116.498895][ T6554] total_pgpgin 210370
[  116.502912][ T6554] total_pgpgout 134813
[  116.506982][ T6554] total_pgfault 81721
[  116.510980][ T6554] total_pgmajfault 14
[  116.515106][ T6554] total_inactive_anon 158273536
[  116.519983][ T6554] total_active_anon 150679552
[  116.524809][ T6554] total_inactive_file 0
[  116.528967][ T6554] total_active_file 4096
[  116.533333][ T6554] total_unevictable 0
[  116.537474][ T6554] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.775,pid=6572,uid=0
[  116.551977][ T6554] Memory cgroup out of memory: Killed process 6572 (syz.4.775) total-vm:90260kB, anon-rss:1172kB, file-rss:53940kB, shmem-rss:0kB, UID:0 pgtables:184kB oom_score_adj:1000
[  116.753734][ T6597] syz.4.775 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  116.763537][ T6597] CPU: 0 UID: 0 PID: 6597 Comm: syz.4.775 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  116.763595][ T6597] Tainted: [W]=WARN
[  116.763604][ T6597] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  116.763621][ T6597] Call Trace:
[  116.763630][ T6597]  <TASK>
[  116.763639][ T6597]  __dump_stack+0x1d/0x30
[  116.763733][ T6597]  dump_stack_lvl+0xe8/0x140
[  116.763758][ T6597]  dump_stack+0x15/0x1b
[  116.763833][ T6597]  dump_header+0x81/0x240
[  116.763861][ T6597]  oom_kill_process+0x295/0x350
[  116.763886][ T6597]  out_of_memory+0x97b/0xb80
[  116.763973][ T6597]  try_charge_memcg+0x610/0xa10
[  116.764000][ T6597]  charge_memcg+0x51/0xc0
[  116.764050][ T6597]  __mem_cgroup_charge+0x28/0xb0
[  116.764085][ T6597]  shmem_get_folio_gfp+0x470/0xd50
[  116.764120][ T6597]  shmem_write_begin+0xfc/0x1f0
[  116.764214][ T6597]  generic_perform_write+0x184/0x490
[  116.764255][ T6597]  shmem_file_write_iter+0xc5/0xf0
[  116.764288][ T6597]  __kernel_write_iter+0x2d6/0x540
[  116.764306][ T6597]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  116.764389][ T6597]  dump_user_range+0x61e/0x8f0
[  116.764445][ T6597]  elf_core_dump+0x1de7/0x1f80
[  116.764536][ T6597]  ? 0xffffffffff600000
[  116.764562][ T6597]  coredump_write+0xacf/0xdf0
[  116.764601][ T6597]  vfs_coredump+0x24f7/0x2e60
[  116.764756][ T6597]  ? __memcg_slab_free_hook+0xbc/0x230
[  116.764794][ T6597]  ? kmem_cache_free+0xe3/0x3a0
[  116.764870][ T6597]  ? proc_coredump_connector+0x114/0x220
[  116.764901][ T6597]  get_signal+0xd84/0xf70
[  116.764932][ T6597]  arch_do_signal_or_restart+0x96/0x450
[  116.765002][ T6597]  irqentry_exit+0xfb/0x560
[  116.765042][ T6597]  ? force_sig+0x68/0x90
[  116.765070][ T6597]  exc_general_protection+0x15b/0x1e0
[  116.765100][ T6597]  asm_exc_general_protection+0x26/0x30
[  116.765134][ T6597] RIP: 0033:0x7f69690ef751
[  116.765149][ T6597] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[  116.765169][ T6597] RSP: 002b:00002000000001e0 EFLAGS: 00010217
[  116.765184][ T6597] RAX: 0000000000000000 RBX: 00007f6969346090 RCX: 00007f69690ef749
[  116.765195][ T6597] RDX: 0000200000000200 RSI: 00002000000001e0 RDI: 0000000008000200
[  116.765206][ T6597] RBP: 00007f6969173f91 R08: 0000200000000280 R09: 0000200000000280
[  116.765296][ T6597] R10: 0000200000000240 R11: 0000000000000206 R12: 0000000000000000
[  116.765307][ T6597] R13: 00007f6969346128 R14: 00007f6969346090 R15: 00007ffcfa4ff788
[  116.765324][ T6597]  </TASK>
[  116.765401][ T6597] memory: usage 307200kB, limit 307200kB, failcnt 31516
[  117.024581][ T6597] memory+swap: usage 427004kB, limit 9007199254740988kB, failcnt 0
[  117.032588][ T6597] kmem: usage 4984kB, limit 9007199254740988kB, failcnt 0
[  117.039733][ T6597] Memory cgroup stats for /syz4:
[  117.043539][ T6597] cache 304074752
[  117.052853][ T6597] rss 61440
[  117.056049][ T6597] shmem 304070656
[  117.059684][ T6597] mapped_file 0
[  117.063171][ T6597] dirty 0
[  117.066144][ T6597] writeback 0
[  117.069432][ T6597] workingset_refault_anon 1
[  117.074045][ T6597] workingset_refault_file 692
[  117.078720][ T6597] swap 127967232
[  117.082937][ T6597] swapcached 0
[  117.086418][ T6597] pgpgin 212076
[  117.089961][ T6597] pgpgout 137824
[  117.093539][ T6597] pgfault 81828
[  117.097066][ T6597] pgmajfault 14
[  117.100572][ T6597] inactive_anon 123277312
[  117.104928][ T6597] active_anon 179965952
[  117.109096][ T6597] inactive_file 0
[  117.113408][ T6597] active_file 4096
[  117.117132][ T6597] unevictable 0
[  117.120619][ T6597] hierarchical_memory_limit 314572800
[  117.126024][ T6597] hierarchical_memsw_limit 9223372036854771712
[  117.132205][ T6597] total_cache 304074752
[  117.136374][ T6597] total_rss 61440
[  117.140108][ T6597] total_shmem 304070656
[  117.144999][ T6597] total_mapped_file 0
[  117.149003][ T6597] total_dirty 0
[  117.152492][ T6597] total_writeback 0
[  117.156356][ T6597] total_workingset_refault_anon 1
[  117.161394][ T6597] total_workingset_refault_file 692
[  117.166623][ T6597] total_swap 127967232
[  117.170696][ T6597] total_swapcached 0
[  117.175356][ T6597] total_pgpgin 212076
[  117.179340][ T6597] total_pgpgout 137824
[  117.183451][ T6597] total_pgfault 81828
[  117.187427][ T6597] total_pgmajfault 14
[  117.191405][ T6597] total_inactive_anon 123277312
[  117.196284][ T6597] total_active_anon 179965952
[  117.200996][ T6597] total_inactive_file 0
[  117.205808][ T6597] total_active_file 4096
[  117.210144][ T6597] total_unevictable 0
[  117.214163][ T6597] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.775,pid=6562,uid=0
[  117.228772][ T6597] Memory cgroup out of memory: Killed process 6562 (syz.4.775) total-vm:90260kB, anon-rss:1172kB, file-rss:53888kB, shmem-rss:0kB, UID:0 pgtables:184kB oom_score_adj:1000
[  118.168758][ T6556] syz.4.775 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  118.179265][ T6556] CPU: 0 UID: 0 PID: 6556 Comm: syz.4.775 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  118.179344][ T6556] Tainted: [W]=WARN
[  118.179366][ T6556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  118.179382][ T6556] Call Trace:
[  118.179388][ T6556]  <TASK>
[  118.179396][ T6556]  __dump_stack+0x1d/0x30
[  118.179419][ T6556]  dump_stack_lvl+0xe8/0x140
[  118.179456][ T6556]  dump_stack+0x15/0x1b
[  118.179496][ T6556]  dump_header+0x81/0x240
[  118.179518][ T6556]  oom_kill_process+0x295/0x350
[  118.179565][ T6556]  out_of_memory+0x97b/0xb80
[  118.179588][ T6556]  try_charge_memcg+0x610/0xa10
[  118.179621][ T6556]  charge_memcg+0x51/0xc0
[  118.179660][ T6556]  __mem_cgroup_charge+0x28/0xb0
[  118.179696][ T6556]  shmem_get_folio_gfp+0x470/0xd50
[  118.179808][ T6556]  shmem_write_begin+0xfc/0x1f0
[  118.179836][ T6556]  generic_perform_write+0x184/0x490
[  118.179877][ T6556]  shmem_file_write_iter+0xc5/0xf0
[  118.180023][ T6556]  __kernel_write_iter+0x2d6/0x540
[  118.180047][ T6556]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  118.180086][ T6556]  dump_user_range+0x61e/0x8f0
[  118.180123][ T6556]  elf_core_dump+0x1de7/0x1f80
[  118.180206][ T6556]  ? 0xffffffffff600000
[  118.180234][ T6556]  coredump_write+0xacf/0xdf0
[  118.180267][ T6556]  vfs_coredump+0x24f7/0x2e60
[  118.180309][ T6556]  ? __memcg_slab_free_hook+0xbc/0x230
[  118.180341][ T6556]  ? kmem_cache_free+0xe3/0x3a0
[  118.180377][ T6556]  ? proc_coredump_connector+0x114/0x220
[  118.180402][ T6556]  get_signal+0xd84/0xf70
[  118.180576][ T6556]  arch_do_signal_or_restart+0x96/0x450
[  118.180606][ T6556]  irqentry_exit+0xfb/0x560
[  118.180632][ T6556]  ? force_sig+0x68/0x90
[  118.180718][ T6556]  exc_general_protection+0x15b/0x1e0
[  118.180744][ T6556]  asm_exc_general_protection+0x26/0x30
[  118.180764][ T6556] RIP: 0033:0x7f69690ef751
[  118.180782][ T6556] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[  118.180800][ T6556] RSP: 002b:00002000000001e0 EFLAGS: 00010217
[  118.180884][ T6556] RAX: 0000000000000000 RBX: 00007f6969346090 RCX: 00007f69690ef749
[  118.180896][ T6556] RDX: 0000200000000200 RSI: 00002000000001e0 RDI: 0000000008000200
[  118.180908][ T6556] RBP: 00007f6969173f91 R08: 0000200000000280 R09: 0000200000000280
[  118.180920][ T6556] R10: 0000200000000240 R11: 0000000000000206 R12: 0000000000000000
[  118.180932][ T6556] R13: 00007f6969346128 R14: 00007f6969346090 R15: 00007ffcfa4ff788
[  118.180950][ T6556]  </TASK>
[  118.180958][ T6556] memory: usage 307200kB, limit 307200kB, failcnt 34553
[  118.438333][ T6556] memory+swap: usage 432168kB, limit 9007199254740988kB, failcnt 0
[  118.446863][ T6556] kmem: usage 4736kB, limit 9007199254740988kB, failcnt 0
[  118.454019][ T6556] Memory cgroup stats for /syz4:
[  118.454373][ T6556] cache 309661696
[  118.463048][ T6556] rss 61440
[  118.466162][ T6556] shmem 309649408
[  118.469798][ T6556] mapped_file 0
[  118.473284][ T6556] dirty 0
[  118.476261][ T6556] writeback 0
[  118.479538][ T6556] workingset_refault_anon 1
[  118.484154][ T6556] workingset_refault_file 4793
[  118.488924][ T6556] swap 127967232
[  118.492527][ T6556] swapcached 0
[  118.496002][ T6556] pgpgin 231333
[  118.499565][ T6556] pgpgout 155717
[  118.503140][ T6556] pgfault 82858
[  118.506683][ T6556] pgmajfault 63
[  118.510149][ T6556] inactive_anon 38240256
[  118.514436][ T6556] active_anon 271470592
[  118.518593][ T6556] inactive_file 0
[  118.522245][ T6556] active_file 12288
[  118.526069][ T6556] unevictable 0
[  118.529515][ T6556] hierarchical_memory_limit 314572800
[  118.535073][ T6556] hierarchical_memsw_limit 9223372036854771712
[  118.541229][ T6556] total_cache 309661696
[  118.545435][ T6556] total_rss 61440
[  118.549076][ T6556] total_shmem 309649408
[  118.553307][ T6556] total_mapped_file 0
[  118.557346][ T6556] total_dirty 0
[  118.560846][ T6556] total_writeback 0
[  118.564703][ T6556] total_workingset_refault_anon 1
[  118.569802][ T6556] total_workingset_refault_file 4793
[  118.575176][ T6556] total_swap 127967232
[  118.579256][ T6556] total_swapcached 0
[  118.583177][ T6556] total_pgpgin 231333
[  118.587190][ T6556] total_pgpgout 155717
[  118.591293][ T6556] total_pgfault 82858
[  118.595302][ T6556] total_pgmajfault 63
[  118.599287][ T6556] total_inactive_anon 38240256
[  118.604083][ T6556] total_active_anon 271470592
[  118.608765][ T6556] total_inactive_file 0
[  118.612971][ T6556] total_active_file 12288
[  118.617338][ T6556] total_unevictable 0
[  118.621307][ T6556] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.775,pid=6607,uid=0
[  118.635983][ T6556] Memory cgroup out of memory: Killed process 6607 (syz.4.775) total-vm:90260kB, anon-rss:1172kB, file-rss:54020kB, shmem-rss:0kB, UID:0 pgtables:188kB oom_score_adj:1000
[  119.353263][ T6556] syz.4.775 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  119.363083][ T6556] CPU: 1 UID: 0 PID: 6556 Comm: syz.4.775 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  119.363124][ T6556] Tainted: [W]=WARN
[  119.363131][ T6556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  119.363180][ T6556] Call Trace:
[  119.363187][ T6556]  <TASK>
[  119.363196][ T6556]  __dump_stack+0x1d/0x30
[  119.363226][ T6556]  dump_stack_lvl+0xe8/0x140
[  119.363254][ T6556]  dump_stack+0x15/0x1b
[  119.363285][ T6556]  dump_header+0x81/0x240
[  119.363371][ T6556]  oom_kill_process+0x295/0x350
[  119.363466][ T6556]  out_of_memory+0x97b/0xb80
[  119.363566][ T6556]  try_charge_memcg+0x610/0xa10
[  119.363594][ T6556]  charge_memcg+0x51/0xc0
[  119.363632][ T6556]  __mem_cgroup_charge+0x28/0xb0
[  119.363722][ T6556]  shmem_get_folio_gfp+0x470/0xd50
[  119.363800][ T6556]  shmem_write_begin+0xfc/0x1f0
[  119.363882][ T6556]  generic_perform_write+0x184/0x490
[  119.363969][ T6556]  shmem_file_write_iter+0xc5/0xf0
[  119.364018][ T6556]  __kernel_write_iter+0x2d6/0x540
[  119.364043][ T6556]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  119.364073][ T6556]  dump_user_range+0x61e/0x8f0
[  119.364143][ T6556]  elf_core_dump+0x1de7/0x1f80
[  119.364181][ T6556]  ? 0xffffffffff600000
[  119.364207][ T6556]  coredump_write+0xacf/0xdf0
[  119.364245][ T6556]  vfs_coredump+0x24f7/0x2e60
[  119.364288][ T6556]  ? __memcg_slab_free_hook+0xbc/0x230
[  119.364328][ T6556]  ? kmem_cache_free+0xe3/0x3a0
[  119.364454][ T6556]  ? proc_coredump_connector+0x114/0x220
[  119.364484][ T6556]  get_signal+0xd84/0xf70
[  119.364526][ T6556]  arch_do_signal_or_restart+0x96/0x450
[  119.364563][ T6556]  irqentry_exit+0xfb/0x560
[  119.364616][ T6556]  ? force_sig+0x68/0x90
[  119.364645][ T6556]  exc_general_protection+0x15b/0x1e0
[  119.364740][ T6556]  asm_exc_general_protection+0x26/0x30
[  119.364767][ T6556] RIP: 0033:0x7f69690ef751
[  119.364785][ T6556] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[  119.364808][ T6556] RSP: 002b:00002000000001e0 EFLAGS: 00010217
[  119.364832][ T6556] RAX: 0000000000000000 RBX: 00007f6969346090 RCX: 00007f69690ef749
[  119.364904][ T6556] RDX: 0000200000000200 RSI: 00002000000001e0 RDI: 0000000008000200
[  119.364918][ T6556] RBP: 00007f6969173f91 R08: 0000200000000280 R09: 0000200000000280
[  119.364933][ T6556] R10: 0000200000000240 R11: 0000000000000206 R12: 0000000000000000
[  119.364959][ T6556] R13: 00007f6969346128 R14: 00007f6969346090 R15: 00007ffcfa4ff788
[  119.364979][ T6556]  </TASK>
[  119.364985][ T6556] memory: usage 307200kB, limit 307200kB, failcnt 35352
[  119.618229][ T6556] memory+swap: usage 432108kB, limit 9007199254740988kB, failcnt 0
[  119.626207][ T6556] kmem: usage 4600kB, limit 9007199254740988kB, failcnt 0
[  119.633364][ T6556] Memory cgroup stats for /syz4:
[  119.633593][ T6556] cache 309678080
[  119.642771][ T6556] rss 172032
[  119.646062][ T6556] shmem 309665792
[  119.649701][ T6556] mapped_file 0