last executing test programs:

3.002803991s ago: executing program 2 (id=2012):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = socket$kcm(0x2, 0x200000000000001, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x5452, &(0x7f00000006c0))
sendmsg$inet(r2, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @local}, 0x10, 0x0}, 0x3004c080)
socket$tipc(0x1e, 0x5, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x4, 0xc, &(0x7f0000000440)=ANY=[@ANYRESDEC, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0xffffefc0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffa, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000013c0)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000540)='inet_sock_set_state\x00', r4}, 0x10)
r5 = socket$inet(0x2, 0x1, 0x0)
setsockopt$sock_int(r5, 0x1, 0x2, &(0x7f0000000040)=0x7f, 0x4)
bind$inet(r5, &(0x7f0000e15000)={0x2, 0x4e20, @multicast2}, 0x10)
r6 = socket$inet(0x2, 0x1, 0x0)
setsockopt$sock_int(r6, 0x1, 0x2, &(0x7f0000000040)=0x7f, 0x4)
bind$inet(r6, &(0x7f0000e15000)={0x2, 0x4e20, @multicast2}, 0x10)
listen(r6, 0x0)
listen(r5, 0x0)

3.002606541s ago: executing program 2 (id=2013):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r2, 0x0, 0x0}, 0x20)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0xfffffffffffffdd0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x2c, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
sendmsg$DEVLINK_CMD_RATE_DEL(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="0100cd7881a9b45dea5e54"], 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x0)

2.985310541s ago: executing program 2 (id=2014):
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x18, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="b4000000000000407910000000000000670000c200000000950005000000000071a13928b72c696950a4edd77f9876d874394900f3bde847f8c78119dfbc27abc969c82ce6f6f0b2e10179582eed3525598659f1307bc7dea42e897c2305fd2a9989f18e0b716808f6491a914b82ce112e8a52578b3a8078cfd0b7d34cd51a741cdf"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x101842, 0x0)
ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000040))
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000002340)=ANY=[@ANYRESHEX=r1], &(0x7f0000000100)='GPL\x00', 0xfffffffe, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffec3, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000700)=ANY=[@ANYRES64=0x0, @ANYRES32=r2, @ANYBLOB="2f0000000020000004000000", @ANYRES32, @ANYBLOB="a1e058a57e9c4434da75ccd25c855db3", @ANYBLOB="ffe0f36cf5bf245b8b728108b0c571d6c5ad25c8cc79282847a4a41d07a172a5f8cf7bb20b6379df274b010cc3f7960be02262771b05144116ec1f2f1056780d883af78cea755dd7c920986f3a5ad91c199deff917f1d38624d35906daea53fd5371811b0c3c608717815958fbe0ff68da04d1a39542fc0ad5602fff9608e2cec0a0104b6fe6533be05c4a3d54eeeb22fddfb4d9c78ffc5ae1b6dd78dfa2c53cd334f47278b84b14d4b24a76586fcf0a4b", @ANYRESHEX=r0, @ANYRESDEC=r1, @ANYRES8=r1, @ANYRESDEC=r0, @ANYRES64, @ANYRES64=r1, @ANYRESDEC=r2], 0x20)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000180)=ANY=[], 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0)
write$char_usb(r3, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r4, 0x8923, &(0x7f0000000000)={'vlan0\x00', @local})
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='blkio.throttle.io_serviced\x00', 0x275a, 0x0)
r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYBLOB="9feb010018000000000000004c0000004c0000000700000006000000080000060400000004000000020000000f000000040000000c000000000000000f000000da0000000f000000000800000d000000080000000a000000050000000e000000030000000061612e002e0002730862360acee24a3d2cd00b0ee34691aea976b241d051f7ff01b0d78cd74cef56422e4ff1b018d6b3eefe7ebb3760a5cf467e0e9aa0b5fb6dfe82ab105d45a78d88138845dc911349da8eafba622893fd27b371adfc4dd9340d971d0f65aa75631caa74415aea96543a622c48f3633c8fa5ba23221ea35d35aeac93c2304d79a572431775fd99f56621776079625311578a9bc89abc843a83"], &(0x7f0000000340)=""/44, 0x6b, 0x2c, 0x1, 0xbd, 0x0, @void, @value}, 0x28)
r7 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000600), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r7, 0xc08c5332, &(0x7f00000003c0)={0x9c9, 0x0, 0x0, 'queue1\x00', 0x200000})
r8 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000380), 0x101040)
r9 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0x101001)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r9, 0xc08c5332, &(0x7f0000000540)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_TIMER_IOCTL_SELECT(r8, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}})
ioctl$AUTOFS_IOC_PROTOVER(r6, 0x80049363, &(0x7f00000003c0))
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x1, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4050000000100006b10af000000000006000000000000009500360000000000"], &(0x7f0000000200)='syzkaller\x00', 0x9, 0x10c, &(0x7f0000000080)=""/193, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1, 0x10, &(0x7f0000000000)={0x0, 0xc}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x94)
write$cgroup_subtree(r5, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x4010, r5, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)

2.901430863s ago: executing program 2 (id=2015):
bpf$PROG_LOAD(0x5, &(0x7f0000000e00)={0x12, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000000)=ANY=[], 0x1, 0x357, &(0x7f0000000180)="$eJzs3c9rI2UYwPEnaTa/lm1yEEVB+qAXvQxt9KwG2QUx4NLdiLuCMLudaMiYlJlQiYitJ6/izX9AcNljbwX1H+jFW7148dZLQdAi4shMZtr8mCRNmpLWfj9Q8kze95mZNzOE5w3M28MPvvm0UXONmtmWZFYlISJyLFKUpEQS4WsyiNPSa0devfnHwYv3Hjx8t1yp3F5XvVO+/1pJVZdXfvzsi1zYbS8j+8WPDo9Kv+8/u//84b/3P6m7Wne12WqrqY9av7XNR7alG3W3YajetS3TtbTedC2n297qttfs1uZmR83mxq38pmO5rprNjjasjrZb2nY6an5s1ptqGIbeysv1kh3Y9hKTc6pP1tfN8owHfDxjHubtb8/zxjQ7TtlcEjFyQy3VJxd6XgAA4FIaqP+/i2qEoiRPCspE31xguP6P4qD+96vO0/r/6Us/t2++v7sc1v976bj6//Vfu/l99b9/9LnX/z8MbA9XRFfe9jSdz1X/43JYSQ+91T/18+v/fDh/D3z14dPVIKD+BwAAAAAAAAAAAAAAAAAAAADgKjj2vILneYXoNfo7fYQg3I62xj1ojCtn1PXPhCsKnNwP+F+69+ChZIMH91LLIvbXW9Wtavc1bI86rkpB/gnuh1B3wYmdoFF9RfnJ3g7zt7eqS0FLWUTFFkvWpCDFvvwgvvNO5faadvXnJ1J5P78m9SC/JAV5Jj6/FJufllde7sk3pCC/PJaW2LIRfo9F+V+uqb79XmUgPxf0i/PmxV8WAAAAAADmylDNhtPn2Pm7YajGtftzeemdnw//PnAyv16NnZ+nCi+kFjt2AAAAAACuCzf9ecO0bctxOyODnEzqkwn3Nn4/8UFqms5+cBAEN8b1WeoZ4Vn3nA7/g8YUJy/TjdS07T8zEvthRku49jVlz/GpmnY0/jN0zk57CRw3Of3YLcdd8c9HZxpOTxD9bDSqj9yddc+jgmjl3Emdn/v2+79mO0QiXLW3t+mN3eyEkQZBYuCdnQk37ZHnTTyfGxf5nQMAAABgMaKiP+dG77y12BMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAamusyaSOCRY8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuCz+CwAA//+9m/li")
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x7, 0x590, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x5, 0xa5d4}, 0x4c58, 0x5, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
mknod$loop(&(0x7f00000002c0)='./file0\x00', 0x100000000000600d, 0x0)
creat(&(0x7f0000000300)='./file0\x00', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r1, 0x6, 0x0, 0x0, 0x0)
openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000100), 0x2, 0x0)
socket$packet(0x11, 0x2, 0x300)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000500)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r3, 0x0, 0x2}, 0x18)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x6}, {}, {0xe}}, [@TCA_RATE={0x6, 0x5, {0x3, 0xe0}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x24040844}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000002ec0)={0x7, 0x9, &(0x7f0000000600)=ANY=[@ANYBLOB, @ANYBLOB="000000000000f600b703000000000000850000000c000000b7000000000000000845e60100010000850000003c0000"], &(0x7f0000001d40)='syzkaller\x00', 0x547e, 0x1000, &(0x7f0000001d80)=""/4096, 0x41100, 0x45, '\x00', 0x0, @fallback=0x1e, r0, 0x8, &(0x7f0000002d80)={0x4, 0x3}, 0x8, 0x10, &(0x7f0000002dc0)={0x0, 0x4, 0x8, 0xf07}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, &(0x7f0000000540)=[r0, r0, r2, r0], 0x0, 0x10, 0x3, @void, @value}, 0x94)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fc00000}]})

2.673677135s ago: executing program 2 (id=2019):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x6, 0x0, 0xffffffffffffffff, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r1, &(0x7f0000000480)={@void, @void, @llc={@snap={0x0, 0x1, "8d", "b42663", 0x88f8, "c94bfa20d4312e799b6a6fa70617c6df57015473101311c06906e8b77f2376b27d3cec1a351dda0998c3e206cd8cd8f2a54bf7615ebebad4446c13ce6ae149ffc7ee1a0c3fc8d57cb2d1049ab426e36e1c6b2d9a7ced6e7c5f72056d7315b9509b81cfe65c83457716df772390bb0301759fc51daa0e5bb01da382ebf9e7c8cfc17cafee4bf16b8e1fb246398963ba4f3423236a1520300e6ef2d8fc3c4a07f1d8e1256255df6dc706a6e2cb1981f07bd264752b22c868ee456584de432a0a4d94970a575130bd67710c70e41eff3d5c5a6e8fec52f2"}}}, 0xde)

2.076243393s ago: executing program 0 (id=2029):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[], 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0, 0x0, 0x80000}, 0x18)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX])

2.017259914s ago: executing program 0 (id=2030):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000510700140000000000000001b7080000000000007b8af8ff00000000b7080000fcffffff7b8af0ff0000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="200000001000010700000000000000000a0000000c0002006e6c3830323131"], 0x20}, 0x1, 0x0, 0x0, 0x20000000}, 0x40050)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r3, 0xffffffffffffffff, 0x100000000000000)

1.949533705s ago: executing program 0 (id=2033):
pipe2(&(0x7f0000001cc0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@dfltgid}]}})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000300)={r0, 0x0, 0xcc, 0x57, &(0x7f00000000c0)="8e4c79385d153d04fdf62f0b1f2b6edc6bb96a05fe8d255c994d504131adcada54c1570e83dd4d80742e86f5c1f4f9501af2f7f02e018e4245d81ccb436f79c6fda03a00e8ec0f98d449be5a870e2ffc1142faca24c1ca3b0a7760742d81e79e7750b5bb6055a47c5e7186d2c3c28b53ab9dfb66507d04f3812420fa96526c02518247b1928380f11495755b36b90f3c2dbfa1415daa904dee8edea9d9b5a4cd074ef0dabf7ccd486029509ab7cac8ea5152b7c6e07ca0592499dc971335c646e89cb41b99b7144b1a8b17aa", &(0x7f00000001c0)=""/87, 0x8, 0x0, 0x92, 0x2c, &(0x7f0000000240)="65269cd97e16113f1b43e053b67d2916b4bd6eaa6cca9d57ffbf0ab89c8707f2b57726351b44c1fc859ab404480d46309a7c1a1768c087dad9034053af971156e4a0be743ae84351c0b0355ffb3f97310dbd05356a9c6eb9942e6773232f49c7edd343cf8bbac2c473089bc738f9daf2835494ca4f4759df972b12e676e31995bdc15be8853d26b396b4f254d61594dcf6f2", &(0x7f0000000040)="11bbb1ce53ca3b16b38bdfdedbf3561410595d7e0c14b441f76a130b3d7d64263650654d2e13745f7be027f8", 0x3ce23fc1109fd6a8}, 0x50)

1.701142788s ago: executing program 0 (id=2035):
syz_io_uring_setup(0x4000e45, &(0x7f0000000700)={0x0, 0x5f39, 0x2400, 0x3, 0x2b2}, 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='pids.current\x00', 0x275a, 0x0)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000140))
r1 = perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0xf8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x64008, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x719, 0x0, @perf_config_ext={0x7ff, 0x7}, 0x9e8a, 0x5, 0x6, 0x9, 0x5, 0x1}, 0x0, 0x0, r0, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
close(r1)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
unshare(0x22020600)
r4 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r4, 0x2)
r5 = socket$inet6(0x10, 0x3, 0x0)
sendto$inet6(r5, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r6, 0x84, 0x1d, &(0x7f0000000140)={0x1, [<r7=>0x0]}, &(0x7f0000000240)=0x8)
unshare(0x8040480)
pwritev2(0xffffffffffffffff, 0x0, 0x0, 0xc, 0x0, 0x13)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r5, 0x84, 0x6d, &(0x7f0000000380)={r7, 0xce, "1276362d49da5460dec3d2b649fc0c1da107526e0caf5dcbf4055bf89293216be217bc5c7f914445a9ca00e7b4eab76f8df14f474798c2f7852183a6aca16571003a1f401fb237422fb94fa87e65d3e9dd36da19674416016f8dae25d18aae164683b2ef7d3377a9d6f8f4c46d0993ab364c5d9ffe966e94622cb4887d39e12e3acc9b9793fd45436a07ec2c583e82013c2853beff4b32565bccbc51add3c64f8a1044875bc7d678083ff133f37a3d46204dd950b7de0b10614183eb19a4da55e34f26abaf71b4f666e5eee256f1"}, &(0x7f0000000240)=0xd6)
r8 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000480)={r7, 0x8, 0x20}, &(0x7f00000004c0)=0xc)
flock(r8, 0x1)
open(&(0x7f0000000300)='.\x00', 0x54200, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0xe, 0x6, 0xb, 0xfffffff8}]})
flock(r4, 0x1)
flock(r4, 0x1)
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r2}, 0x10)

1.437259832s ago: executing program 3 (id=2042):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=@base={0x1, 0x4, 0x17fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000001000/0x4000)=nil)
brk(0x400000ffc000)

853.650709ms ago: executing program 0 (id=2047):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = socket$kcm(0x2, 0x200000000000001, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x5452, &(0x7f00000006c0))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x4, 0xc, &(0x7f0000000440)=ANY=[@ANYRESDEC, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0xffffefc0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffa, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000013c0)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000540)='inet_sock_set_state\x00', r4}, 0x10)
r5 = socket$inet(0x2, 0x1, 0x0)
setsockopt$sock_int(r5, 0x1, 0x2, &(0x7f0000000040)=0x7f, 0x4)
bind$inet(r5, &(0x7f0000e15000)={0x2, 0x4e20, @multicast2}, 0x10)
r6 = socket$inet(0x2, 0x1, 0x0)
setsockopt$sock_int(r6, 0x1, 0x2, &(0x7f0000000040)=0x7f, 0x4)
bind$inet(r6, &(0x7f0000e15000)={0x2, 0x4e20, @multicast2}, 0x10)
listen(r6, 0x0)
listen(r5, 0x0)

793.10438ms ago: executing program 0 (id=2048):
timer_create(0xfffffffd, 0x0, &(0x7f00000011c0))
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x3804402, &(0x7f0000000240)={[{@user_xattr}, {@abort}, {@resuid}, {@user_xattr}, {@discard}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x7b1}}, {@nolazytime}, {@noinit_itable}, {@nomblk_io_submit}, {@nodelalloc}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x40000}}]}, 0x1, 0x55f, &(0x7f0000000c80)="$eJzs3d9rW+UbAPDnpO1+77sOxvgqIoVdOJlL19YfE7yYl6LDgd7PkmRlNFlGk461Dtwu3I03MgQRB+K1eu/l8B/wrxjoYMgoingTOelJl7VJm3XZmpnPB077vuec9D1Pznnevm9OQgIYWhPpj1zECxHxZRJxqG3baGQbJ1b3W3lwrZAuSTQaH/2RRJKta+2fZL/3Z5X/R8Qvn0ecyG1st7a0PD9bLpcWsvpkvXJ5sra0fPJiZXauNFe6ND0zc/qNmem333qzb7G+eu6vbz68897pL46tfP3TvcO3kjgTB7Jt7XE8gevtlYmYyJ6TsTizbsepPjQ2SJKdPgC2ZSTL87FI+4BDMZJlPfDf91lENIAhlch/GFKtcUBrbt+nefBz4/67qxOgjfGPrr42Enuac6N9K8kjM6N0vjveh/bTNn7+/fatdIn+vQ4BsKXrNyLi1Ojoxv4vyfq/7TvVwz7r29D/wbNzJx3/vNZp/JNbG/9Eh/HP/g65ux1b53/uXh+a6Sod/73Tcfy7dtNqfCSrHWyO+caSCxfLpbRv+19EHI+x3Wl9s/s5p1fuNrptax//pUvafmssmB3HvdHdjz6mOFuffZKY292/EfFix/Fvsnb+kw7nP30+zvXYxtHS7Ze7bds6/qer8X3EKx3P/8M7Wsnm9ycnm9fDZOuq2OjPm0d/7db+Tsefnv99q/H/nU0J18c/nrTfr609fhvf7fmn1G3bdq//XcnHzfKubN3V2Xp9YSpiV/LBxvXTDx/bqrf2T+M/fmzz/q/T9b83Ij7pMf6bR358afvxP11p/MXNr/915//xC3ff//Tbbu33dv5fb5aOZ2t66f96PcAnee4AAAAAAABg0OQi4kAkufxaOZfL51ff33Ek9uXK1Vr9xIXq4qViND8rOx5judad7kNt74eYyt4P26pPr6vPRMThiPhqZG+zni9Uy8WdDh4AAAAAAAAAAAAAAAAAAAAGxP4un/9P/Tay00cHPHW+8huG15b5349vegIGkv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX507ezZdGisPrhXSevHK0uJ89crJYqk2n68sFvKF6sLl/Fy1Olcu5QvVylZ/r1ytXp6ajsWrk/VSrT5ZW1o+X6kuXqqfv1j54WBEaeyZRAUAAAAAAAAAAAAAAAAAAADPl9rS8vxsuVxaUGgWdsdAHMZzVBgdjMNQ6HNhp3smAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHjo3wAAAP//waw5Ug==")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r1, 0x0)
syz_clone(0x68008500, 0x0, 0xfffffffffffffe89, 0x0, 0x0, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000003c0)=ANY=[@ANYBLOB='\x00\x00'])
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kmem_cache_free\x00', r3, 0x0, 0xf7}, 0x18)
listen(r0, 0x0)
r4 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r4, &(0x7f0000002300)={&(0x7f0000000040)=@name={0x1e, 0x2, 0x1, {{0x0, 0x200000}, 0x4}}, 0x10, 0x0}, 0x0)
sendmsg$tipc(r0, &(0x7f00000002c0)={&(0x7f0000000080)=@id={0x1e, 0x3, 0x2, {0x4e23}}, 0x10, 0x0}, 0x24004084)
accept4(r0, 0x0, 0x0, 0x0)
timer_create(0xfffffffd, 0x0, &(0x7f0000000040)=<r5=>0x0)
timer_settime(r5, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
timer_delete(r5)

789.35692ms ago: executing program 1 (id=2049):
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=@newqdisc={0x5c, 0x24, 0xf0b, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x0, 0xc}, {0xffff, 0xffff}, {0xd, 0xc}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x7f, 0x4}}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x5, 0x5, 0x12, 0x400, 0x1, 0x200}}, {0x4}}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x44004}, 0x0)

761.82573ms ago: executing program 1 (id=2050):
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x7fef, 0x82, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7b, 0x1, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x2e, 0xfbfffc00, 0x3, 0x2, 0x0, 0xe, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="5c00000002060104000000000000000000000000050004000000090005000100060000000d000300686173683a6d6163000000000500050000000000140007800800124020050000050015000c00"], 0x5c}}, 0x0)

717.086201ms ago: executing program 3 (id=2051):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[], 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0, 0x0, 0x80000}, 0x18)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX])

636.860472ms ago: executing program 1 (id=2052):
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x18, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="b4000000000000407910000000000000670000c200000000950005000000000071a13928b72c696950a4edd77f9876d874394900f3bde847f8c78119dfbc27abc969c82ce6f6f0b2e10179582eed3525598659f1307bc7dea42e897c2305fd2a9989f18e0b716808f6491a914b82ce112e8a52578b3a8078cfd0b7d34cd51a741cdf"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x101842, 0x0)
ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000040))
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000002340)=ANY=[@ANYRESHEX=r1], &(0x7f0000000100)='GPL\x00', 0xfffffffe, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffec3, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000700)=ANY=[@ANYRES64=0x0, @ANYRES32=r3, @ANYBLOB="2f0000000020000004000000", @ANYRES32, @ANYBLOB="a1e058a57e9c4434da75ccd25c855db3", @ANYBLOB="ffe0f36cf5bf245b8b728108b0c571d6c5ad25c8cc79282847a4a41d07a172a5f8cf7bb20b6379df274b010cc3f7960be02262771b05144116ec1f2f1056780d883af78cea755dd7c920986f3a5ad91c199deff917f1d38624d35906daea53fd5371811b0c3c608717815958fbe0ff68da04d1a39542fc0ad5602fff9608e2cec0a0104b6fe6533be05c4a3d54eeeb22fddfb4d9c78ffc5ae1b6dd78dfa2c53cd334f47278b84b14d4b24a76586fcf0a4b", @ANYRESHEX=r0, @ANYRESDEC=r1, @ANYRES8=r1, @ANYRESDEC=r0, @ANYRES64, @ANYRES64=r1, @ANYRESDEC=r3], 0x20)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000180)=ANY=[], 0x10)
sendmsg$TIPC_NL_BEARER_ENABLE(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000300)=ANY=[@ANYBLOB='_\x00\x00\x00', @ANYRES16, @ANYBLOB="0100000000000000000003000000200001800400028008000300fdffffff0e0001006574683a766c616e30"], 0x68}}, 0x0)
r4 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0)
write$char_usb(r4, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r5, 0x8923, &(0x7f0000000000)={'vlan0\x00', @local})
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='blkio.throttle.io_serviced\x00', 0x275a, 0x0)
r7 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYBLOB="9feb010018000000000000004c0000004c0000000700000006000000080000060400000004000000020000000f000000040000000c000000000000000f000000da0000000f000000000800000d000000080000000a000000050000000e000000030000000061612e002e0002730862360acee24a3d2cd00b0ee34691aea976b241d051f7ff01b0d78cd74cef56422e4ff1b018d6b3eefe7ebb3760a5cf467e0e9aa0b5fb6dfe82ab105d45a78d88138845dc911349da8eafba622893fd27b371adfc4dd9340d971d0f65aa75631caa74415aea96543a622c48f3633c8fa5ba23221ea35d35aeac93c2304d79a572431775fd99f56621776079625311578a9bc89abc843a83"], &(0x7f0000000340)=""/44, 0x6b, 0x2c, 0x1, 0xbd, 0x0, @void, @value}, 0x28)
r8 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000600), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r8, 0xc08c5332, &(0x7f00000003c0)={0x9c9, 0x0, 0x0, 'queue1\x00', 0x200000})
r9 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000380), 0x101040)
r10 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0x101001)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r10, 0xc08c5332, &(0x7f0000000540)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_TIMER_IOCTL_SELECT(r9, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}})
ioctl$AUTOFS_IOC_PROTOVER(r7, 0x80049363, &(0x7f00000003c0))
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x1, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4050000000100006b10af000000000006000000000000009500360000000000"], &(0x7f0000000200)='syzkaller\x00', 0x9, 0x10c, &(0x7f0000000080)=""/193, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1, 0x10, &(0x7f0000000000)={0x0, 0xc}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x94)
write$cgroup_subtree(r6, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x4010, r6, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)

541.462903ms ago: executing program 3 (id=2053):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f00000001c0)=0x20000, 0x4)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000100)={&(0x7f0000000000)=""/5, 0x204000, 0x1000}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r3}, 0x38)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r4, 0x0, 0x3}, 0x18)
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000040)=0x4000, 0x4)
bind$xdp(r0, &(0x7f00000002c0)={0x2c, 0x4, r2}, 0x10)

527.343214ms ago: executing program 1 (id=2054):
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x18, 0xc, &(0x7f0000000680)=ANY=[@ANYBLOB="180000000300000000000000a138000095"], 0x0, 0x1, 0x0, 0x0, 0x41100, 0x14, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffff8, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
socket$kcm(0x10, 0x2, 0x0)
socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0))
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000004c0))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0))
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x57, 0x1, 0x0, 0x0, 0x0, 0x210e, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x32, 0x1400, 0x3, 0x2, 0x0, 0xfffa, 0x0, 0x0, 0x0, 0x7fffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socket$kcm(0x10, 0x2, 0x0)
socket$kcm(0x2, 0x3, 0x2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100))
socket$kcm(0xa, 0x2, 0x0)
socket$kcm(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
socket$kcm(0x25, 0x1, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000180))
socket$kcm(0x10, 0x2, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
socket$kcm(0x10, 0x400000002, 0x0)
socketpair(0x1, 0x1, 0x1, &(0x7f0000000000))
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x10, 0x4, 0x8, 0x8, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x14, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000018110000", @ANYRES32=r0], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000200)="1c0000001d008103e00f80ecdb4cb9f207", 0x11}], 0x1, 0x0, 0x0, 0x5865}, 0x0)
r1 = socket$kcm(0x10, 0x400000002, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000200)=ANY=[], 0xfe33)

492.123394ms ago: executing program 3 (id=2055):
r0 = socket$l2tp6(0xa, 0x2, 0x73)
setsockopt$inet6_opts(r0, 0x29, 0x39, 0x0, 0x18)

461.145964ms ago: executing program 1 (id=2056):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10)
sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000002fc0)=@newtfilter={0xe84, 0x2c, 0xd27, 0x70bd25, 0x8000, {0x0, 0x0, 0x0, r2, {0x0, 0x7}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_fw={{0x7}, {0xe58, 0x2, [@TCA_FW_ACT={0xe54, 0x4, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{0x4, 0x1ff, 0x20000000, 0xc, 0x6}, 0x7f, 0x5}, [{0x2a9, 0x6, 0x8, 0x4, 0x5}, {0x4a7, 0x1ff, 0x4, 0x1, 0x7, 0xdd}, {0x9, 0x7, 0x3ff, 0x97, 0xfffffffd, 0x4}, {0x8, 0x0, 0x6, 0x2, 0x7fff, 0x3}, {0x4f9a, 0x5, 0x1, 0x1, 0x2, 0x8}, {0x0, 0x5, 0x1437, 0xfff, 0xee57, 0x9}, {0x77d, 0x8, 0x9, 0x6, 0x8, 0x1}, {0x5, 0x6, 0x0, 0x2, 0x1, 0x7fff}, {0x0, 0x3, 0x4235da1, 0x9, 0x7ec9, 0x8}, {0x10000, 0x2, 0x0, 0x1, 0x3, 0x9}, {0xd, 0xffff0001, 0x0, 0x6, 0x81, 0x4}, {0xfffffffc, 0x4, 0xffff, 0x2, 0xffffffff, 0xfffffffa}, {0x5, 0xd29, 0x101, 0x3, 0x7, 0xc}, {0x0, 0xfffffff7, 0x1, 0x72b2, 0xc874, 0x3}, {0x3, 0xf, 0x5, 0x1, 0x1ff, 0x6}, {0x9b9b, 0xffff, 0x6, 0xb, 0xb3d, 0x812}, {0x5, 0x7, 0x2, 0x5, 0x5, 0x4}, {0x6, 0x0, 0x9, 0x2, 0x82, 0x2}, {0xfffffff7, 0x6, 0x2, 0x9, 0xff}, {0x4, 0x1, 0x371, 0x8, 0x0, 0xeac}, {0x9, 0x2, 0x4, 0x8, 0x113, 0x8d3f}, {0x7, 0xffffffff, 0x8, 0x92a4, 0x9, 0x10}, {0x1a4a13f0, 0x9, 0xe, 0x3, 0xad47, 0xf83b}, {0x1ff, 0x5, 0x7, 0xfff, 0x9}, {0x100, 0x4, 0x200, 0x9, 0x1, 0x9df}, {0x9, 0x1, 0x65, 0x9, 0x7}, {0x401, 0x10001, 0x9, 0x200, 0x9, 0x1}, {0x6, 0x10, 0xf, 0x2, 0x6, 0x3}, {0xf23, 0x3ff, 0x0, 0x9, 0x7}, {0x80000000, 0x6, 0x0, 0x6, 0x6, 0xd}, {0x0, 0x8, 0xd, 0x8000, 0x3, 0x2}, {0x800, 0x9, 0x6, 0x3, 0x7, 0x8}, {0x7, 0x8, 0x7358, 0x7, 0x8, 0xffffffff}, {0x4d9, 0x45db8bad, 0xb3dd, 0x1, 0xbc, 0x7ff}, {0x7, 0x7, 0x3, 0x3, 0x3, 0x7a}, {0x5a1b, 0x1, 0x1, 0x7ff, 0x3, 0x4}, {0x3, 0x7, 0x4, 0x4, 0xffff, 0x8}, {0xffffffa5, 0x7, 0x0, 0x10, 0x3, 0x5}, {0x8219, 0xffffffff, 0x2, 0x6, 0x3, 0x2}, {0x62, 0xf4, 0x6, 0x4, 0x4, 0x67}, {0x5, 0x4, 0x53, 0x8, 0xc0000000, 0x7}, {0x2, 0x5, 0x2, 0xffff, 0x2, 0x2}, {0x80000001, 0x94c, 0x6, 0xfffffe00, 0x5, 0x7b27}, {0x2, 0x6, 0x1000, 0x9, 0x9}, {0xa, 0x0, 0x9, 0x4, 0xe, 0x9}, {0xdf, 0x7fff, 0x8000, 0x81, 0xff, 0xfffffff8}, {0x2, 0x10000, 0x9, 0x2, 0x2}, {0x2, 0x6, 0x9, 0x1, 0x2, 0x40}, {0xfffffe00, 0x3, 0x74d2, 0x3, 0x80000001, 0x6}, {0x2, 0x8, 0xfffffff7, 0x1, 0x6, 0xa}, {0x8, 0x9, 0x8e, 0x33, 0x10001, 0x22cb}, {0x2, 0x31f5, 0x7, 0x5, 0x7fffffff, 0x1}, {0x9, 0x10001, 0x4, 0x7, 0x7, 0x9}, {0xb, 0x1ff, 0xb, 0x3, 0x5, 0x80000001}, {0x7, 0x80, 0x69b, 0x3, 0x8, 0x339}, {0xee, 0x80000000, 0xfba6, 0x101, 0x5, 0xb}, {0x3, 0x458, 0x6, 0xf, 0x7, 0x8000}, {0x9, 0xfffffffa, 0x1000, 0x8, 0xb, 0xce5a}, {0x400, 0xffff, 0x3, 0xbcbb, 0x7, 0xb}, {0x0, 0xe000, 0x8, 0x8, 0x2, 0x1}, {0x1, 0x0, 0x3, 0x9, 0x0, 0x401}, {0xd, 0x1, 0x2, 0xf, 0x81, 0x5}, {0x6, 0xfff, 0x5, 0x5, 0x3, 0x3649}, {0x7, 0x2, 0x80000000, 0x9, 0x1630, 0x9e73}, {0xb, 0x1b6, 0xc4, 0x7, 0x4, 0xca}, {0x4000004, 0x5, 0x401, 0x4, 0xfffffff8, 0x40}, {0x8, 0x4594, 0x8, 0x4, 0x0, 0xffff}, {0x100, 0xfffffffb, 0x6, 0x0, 0x9, 0x6}, {0x3, 0xf7b, 0x3, 0x8, 0x6, 0x3}, {0x1, 0x5, 0x3, 0xab9, 0x7, 0x9}, {0xffffffff, 0x0, 0xfc, 0x7, 0x6, 0xc}, {0xf, 0x1, 0xa000000, 0x1, 0x101, 0x1f3}, {0x7ff, 0x9, 0xfffff001, 0x8001, 0x2, 0x2}, {0x4, 0xd9, 0x6, 0x1, 0x9, 0xfffffff7}, {0x3, 0x3, 0x7, 0x69a0, 0x10, 0x5}, {0x8f000000, 0x100, 0xffffffff, 0x963, 0x2, 0xc}, {0x6, 0x50, 0x6, 0xa, 0x0, 0x3}, {0x649, 0x2, 0x80000001, 0x8, 0x0, 0x1}, {0x8, 0xfff, 0x6, 0x80000001, 0x7fffffff, 0x3}, {0xa3, 0x81, 0x9fcb, 0x1, 0x8, 0x7fff}, {0x0, 0x2, 0x750c, 0x0, 0x1, 0xfffffffc}, {0x7ff, 0x7, 0x10000, 0x9, 0x0, 0x88}, {0x5, 0x10001, 0x7fff, 0x81, 0xfffffff4, 0x7}, {0xfce, 0x80000001, 0x5, 0x4, 0x1ff}, {0x3, 0x0, 0x3ff, 0x7fffffff, 0x9, 0x7}, {0xdac, 0x0, 0x4, 0x80000001, 0x3, 0x8}, {0x7, 0xffffffff, 0x6, 0x8, 0xfffffffa, 0xa}, {0x2, 0x4, 0x4, 0x401, 0xe32}, {0x5, 0x7, 0x6, 0x8, 0x2, 0x2}, {0x10001, 0x100, 0x3, 0x4, 0x9, 0xfffffffa}, {0x2, 0x0, 0x3, 0x6, 0x8, 0x3}, {0x0, 0x0, 0x3, 0x8, 0x1, 0x3}, {0x3, 0x3, 0xffffffff, 0x3, 0x800, 0xde}, {0x5, 0x66, 0x41d0, 0x8001, 0x1, 0x3}, {0x5, 0x7, 0xfffffffc, 0x4, 0x3, 0x92c}, {0x4, 0xffff, 0x0, 0x101, 0x4, 0x1}, {0x9, 0xf667, 0x5, 0x3, 0x5, 0x4}, {0x1731, 0xa, 0x9960, 0x9, 0x1, 0x7}, {0xd, 0xfffffffa, 0x1, 0x3, 0x40, 0x2}, {0x1, 0x4, 0x80000000, 0x80000001, 0x2, 0x6}, {0x7, 0x2, 0xffffff3a, 0x4cf, 0x800, 0x6}, {0x8000, 0x6, 0x1, 0x0, 0x100, 0x80000000}, {0x3b, 0x5562334a, 0x2, 0x2, 0x6, 0x81}, {0x4, 0x96, 0x81, 0x0, 0x101, 0x7}, {0x4, 0xff, 0x9, 0x0, 0x81, 0x29}, {0xa, 0x5, 0x0, 0x9, 0xffffffff, 0xfb4}, {0x80000000, 0x2, 0xffff, 0x39b4, 0x1, 0x6}, {0x61, 0x2d, 0x6, 0x1fe4c5d2, 0x1, 0x3}, {0x1, 0xe2, 0x7ff, 0x7ff, 0x7f, 0x29d0}, {0x0, 0x4, 0xc, 0xd594, 0x9, 0x7}, {0x6, 0x0, 0x7, 0x9, 0x7, 0x9}, {0x80e9, 0x7, 0x9, 0x1, 0x1, 0x18000}, {0x400, 0x9, 0x0, 0x6c}, {0x2, 0x1, 0x6, 0x3, 0xfffff71b, 0xce}, {0x1, 0xff, 0xb, 0x4, 0x7fc, 0x1}, {0x6, 0x2, 0x8, 0xfff, 0x4, 0x7fff}, {0x0, 0x0, 0x7f, 0x401, 0x7, 0x7fff}, {0x7, 0xb, 0x10000, 0x1, 0x8000, 0xfffff830}, {0x2, 0x4, 0x2, 0x1, 0x6, 0x2b4}, {0x3cd2dbce, 0x929a, 0x9dc, 0x0, 0x8, 0xfffffffc}, {0x6, 0x0, 0xe71, 0xc5c3, 0x3, 0x1}, {0x7, 0x2, 0x197a, 0x7, 0x1, 0x8}, {0xff, 0x2c, 0xfffffc01, 0x1, 0x3, 0x100}, {0x7, 0x7, 0x10001, 0xce7, 0xec, 0x1000}, {0xffffffff, 0x6, 0xffffffff, 0x9, 0x2, 0x6}, {0x2, 0x9, 0xbf1d, 0x9, 0x80, 0x5}, {0x1c91, 0x5f27, 0x1, 0x0, 0x6, 0x6}, {0x37, 0x622, 0x2, 0x1, 0x7, 0x2}], [{0x5}, {0xccffbfc290ab3baa}, {}, {0x2}, {0x2}, {0x0, 0x1}, {0x3}, {0x4, 0x1}, {0x0, 0x1}, {0x1}, {0x1}, {0x2}, {0x3}, {0x0, 0x1}, {0x5, 0x1}, {0x2}, {0x2, 0x1}, {0x1}, {0x1}, {0x1, 0x1}, {0x0, 0x1}, {0x1, 0x1}, {}, {0x2, 0x1}, {0x2}, {0x2}, {0x2, 0x1}, {0x2, 0x1}, {0x2, 0x1}, {}, {0x3}, {0x3, 0x1}, {0x5, 0x1}, {0x3, 0x1}, {0x1, 0x1}, {}, {0x5, 0x1}, {0x3}, {0x2}, {0x4}, {0x5}, {0x5, 0x1}, {0x2}, {0x1, 0x1}, {0x4}, {0x4, 0x1}, {0x4, 0x1}, {0x2}, {0x4, 0x1}, {0x2}, {0x1}, {0x3, 0x1}, {0x0, 0x1}, {0x4, 0x1}, {0x4, 0x1}, {}, {0x3, 0x1}, {0x4, 0x1}, {0x4, 0x1}, {0xed3229170eca159, 0x1}, {0x2, 0x1}, {0x1}, {0x3}, {0x3, 0x1}, {}, {0x2, 0x1}, {0x1, 0x1}, {0x0, 0x1}, {0x1, 0x1}, {0x4}, {0x3}, {0x4}, {0x3, 0x1}, {0x1}, {0x3, 0x1}, {0x1, 0x1}, {0x2}, {0x5, 0x1}, {0x4}, {0x5, 0x1}, {0x2, 0x1}, {0x0, 0x1}, {0x3, 0x1}, {0x4}, {0x0, 0x1}, {0x5, 0x1}, {0x5, 0x1}, {0x5, 0x1}, {0x5}, {0x5}, {0x4, 0x1}, {0x4, 0x1}, {0x4}, {0x5}, {0x54e1b160e6ec45e8, 0x1}, {0x1, 0x1}, {0x2}, {0x3, 0x1}, {0x3, 0x1}, {0x0, 0x1}, {}, {0x4, 0x1}, {0x4}, {0x5}, {0x0, 0x1}, {0x3}, {0x0, 0x1}, {0x2}, {}, {0x2, 0x1}, {0x5, 0x1}, {0x4}, {0x2}, {0x9baeccaf277094c4, 0x1}, {}, {0x2, 0x1}, {}, {}, {0x8f9fc2e2ef57f2f0}, {0x3, 0x1}, {0x2, 0x1}, {0x2}, {0x3}, {0x3}, {0x2, 0x1}, {0x2, 0x1}, {0x1}, {0x1, 0x1}], 0x1}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}]}, 0xe84}, 0x1, 0x0, 0x0, 0x81}, 0x800)

460.733464ms ago: executing program 2 (id=2057):
syz_io_uring_setup(0x4000e45, &(0x7f0000000700)={0x0, 0x5f39, 0x2400, 0x3, 0x2b2}, 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='pids.current\x00', 0x275a, 0x0)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000140))
r1 = perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0xf8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x64008, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x719, 0x0, @perf_config_ext={0x7ff, 0x7}, 0x9e8a, 0x5, 0x6, 0x9, 0x5, 0x1}, 0x0, 0x0, r0, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
close(r1)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
unshare(0x22020600)
r4 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r4, 0x2)
r5 = socket$inet6(0x10, 0x3, 0x0)
sendto$inet6(r5, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0)
r6 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000140)={0x1, [<r7=>0x0]}, &(0x7f0000000240)=0x8)
setsockopt$inet_sctp_SCTP_ASSOCINFO(r6, 0x84, 0x1, &(0x7f0000000080)={r7, 0x0, 0x8000, 0x8, 0x1, 0x1}, 0x14)
unshare(0x8040480)
pwritev2(0xffffffffffffffff, 0x0, 0x0, 0xc, 0x0, 0x13)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r5, 0x84, 0x6d, &(0x7f0000000380)={r7, 0xce, "1276362d49da5460dec3d2b649fc0c1da107526e0caf5dcbf4055bf89293216be217bc5c7f914445a9ca00e7b4eab76f8df14f474798c2f7852183a6aca16571003a1f401fb237422fb94fa87e65d3e9dd36da19674416016f8dae25d18aae164683b2ef7d3377a9d6f8f4c46d0993ab364c5d9ffe966e94622cb4887d39e12e3acc9b9793fd45436a07ec2c583e82013c2853beff4b32565bccbc51add3c64f8a1044875bc7d678083ff133f37a3d46204dd950b7de0b10614183eb19a4da55e34f26abaf71b4f666e5eee256f1"}, &(0x7f0000000240)=0xd6)
r8 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000480)={r7, 0x8, 0x20}, &(0x7f00000004c0)=0xc)
flock(r8, 0x1)
open(&(0x7f0000000300)='.\x00', 0x54200, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0xe, 0x6, 0xb, 0xfffffff8}]})
flock(r4, 0x1)
flock(r4, 0x1)
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r2}, 0x10)

460.555754ms ago: executing program 3 (id=2058):
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
write$P9_RLERRORu(0xffffffffffffffff, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX])

396.482826ms ago: executing program 4 (id=2059):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x42000, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYRES8], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x18)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
ioctl$FICLONE(0xffffffffffffffff, 0x40049409, r1)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f00000001c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000380)={'wg0\x00', <r3=>0x0})
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000340)={'vcan0\x00', <r5=>0x0})
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=@newqdisc={0x48, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x18, 0x2, [@TCA_CAKE_BASE_RATE64={0xc, 0x2, 0xb2ed}, @TCA_CAKE_DIFFSERV_MODE={0x8, 0x3, 0x3}]}}]}, 0x48}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'batadv_slave_0\x00', <r7=>0x0})
sendmsg$ETHTOOL_MSG_PAUSE_GET(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000400)={&(0x7f0000000780)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="080029bd7000ffdbdf25150000003400018008000100", @ANYRES32=r3, @ANYBLOB="0800030001000000080003000300000008000100", @ANYRES32=r5, @ANYBLOB="080001005b89dd0f7fa68871aafd488a192881429db116d0a47128501615bcb1161b15a87ebebd4cce10c3e3954ff0d5fa613555fe095f65f9d63395c68947d37c2d5d331c200d3d4bd7e4fbf4c0b452fa716bbbf157405da6e6b29cd1b1cbdb59262b3fcbea0370fe3a3a251e42f1a061db98277d6a2585a9a6c267de851cff19e7b7b80fd015e4739dc300201afa61f2d3a4d6f84834a834fbadc1436f000000000000005fa9a9869dee24e2bb8b637c82fe7a1de1b7da5105d245bda08c3ea3eb694af51cb1", @ANYRES32=r7, @ANYBLOB="0800030000000000"], 0x48}, 0x1, 0x0, 0x0, 0x8000}, 0x20000004)
sendmsg$NL80211_CMD_PEER_MEASUREMENT_START(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={0x0, 0xa3}, 0x1, 0x0, 0x0, 0x8050}, 0x40000)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_netdev_private(r8, 0x8946, &(0x7f0000000140)="a6cc04e2d8f1c38afbf14b29b86e3a")
getpid()
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYRES32=r0], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r10, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000600)={0x30, r11, 0x1, 0x0, 0x0, {{}, {}, {0x14, 0x19, {0x3, 0x1, 0x1}}}}, 0x30}}, 0x0)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r12}, 0x10)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xc, 0x0, 0x0)
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sync()

395.896826ms ago: executing program 3 (id=2060):
r0 = syz_io_uring_setup(0x3b52, 0x0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r1}, &(0x7f0000000040), &(0x7f0000000280)='%pS    \x00'}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r0, 0x10007b0f, 0x96f0, 0x20, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)

293.067797ms ago: executing program 1 (id=2061):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
write$UHID_INPUT(r1, &(0x7f0000000040)={0xf, {"a2e3ad214fc752f90b5e094f4bf70e0dd038e7ff7fc6e5539b1b4d078b089b3b0838721a0890e0878f0e1ac6e7049b3d6c959b4c9a240d9b67f3988f7ef319520100ffe8d178708c523c921b1b5b31320d075d0736cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f0000000c558cdc0a3621c56cea8d20fa911afe40db6ebe8cac64289fd3da232f1b5dbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000e0a37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146680400416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d483d4675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb53682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516ab68032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d95f2e8c77d95a3d3a6df40babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e08d4db9d76864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f39a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60559516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251aec29b32f8210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ac015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67784f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a700d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x40, 0x7ffc1ffb}]})
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x8000, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, @perf_config_ext={0xf60, 0x4}, 0x1100, 0x5, 0x3a65, 0x5, 0x0, 0x5, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = socket(0x21, 0x2, 0x10000000000002)
recvmmsg(r4, 0x0, 0x0, 0x20, 0x0)

201.101828ms ago: executing program 4 (id=2062):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x0, 0x0}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
socket$nl_route(0x10, 0x3, 0x0)
sendmmsg$inet(r0, &(0x7f0000000cc0), 0x0, 0xc0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r5, &(0x7f0000000300)={0x0, 0xffffffffffffff20, &(0x7f00000002c0)={&(0x7f0000001740)={0x2c, r4, 0x701, 0x0, 0x0, {{}, {@void, @void, @void}}, [@NL80211_ATTR_VENDOR_ID={0x8}, @NL80211_ATTR_VENDOR_SUBCMD={0x8}]}, 0x2c}}, 0x0)
sendmsg$IPCTNL_MSG_CT_GET(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=ANY=[@ANYRES16=r2, @ANYRES64=r4], 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)

183.060318ms ago: executing program 4 (id=2063):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[], 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0, 0x0, 0x80000}, 0x18)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, 0x0)

139.049159ms ago: executing program 4 (id=2064):
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x18, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="b4000000000000407910000000000000670000c200000000950005000000000071a13928b72c696950a4edd77f9876d874394900f3bde847f8c78119dfbc27abc969c82ce6f6f0b2e10179582eed3525598659f1307bc7dea42e897c2305fd2a9989f18e0b716808f6491a914b82ce112e8a52578b3a8078cfd0b7d34cd51a741cdf"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x101842, 0x0)
ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000040))
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000002340)=ANY=[@ANYRESHEX=r1], &(0x7f0000000100)='GPL\x00', 0xfffffffe, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffec3, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000700)=ANY=[@ANYRES64=0x0, @ANYRES32=r3, @ANYBLOB="2f0000000020000004000000", @ANYRES32, @ANYBLOB="a1e058a57e9c4434da75ccd25c855db3", @ANYBLOB="ffe0f36cf5bf245b8b728108b0c571d6c5ad25c8cc79282847a4a41d07a172a5f8cf7bb20b6379df274b010cc3f7960be02262771b05144116ec1f2f1056780d883af78cea755dd7c920986f3a5ad91c199deff917f1d38624d35906daea53fd5371811b0c3c608717815958fbe0ff68da04d1a39542fc0ad5602fff9608e2cec0a0104b6fe6533be05c4a3d54eeeb22fddfb4d9c78ffc5ae1b6dd78dfa2c53cd334f47278b84b14d4b24a76586fcf0a4b", @ANYRESHEX=r0, @ANYRESDEC=r1, @ANYRES8=r1, @ANYRESDEC=r0, @ANYRES64, @ANYRES64=r1, @ANYRESDEC=r3], 0x20)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000180)=ANY=[], 0x10)
sendmsg$TIPC_NL_BEARER_ENABLE(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000300)=ANY=[@ANYBLOB='_\x00\x00\x00', @ANYRES16, @ANYBLOB="0100000000000000000003000000200001800400028008000300fdffffff0e0001006574683a766c616e30"], 0x68}}, 0x0)
r4 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0)
write$char_usb(r4, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r5, 0x8923, &(0x7f0000000000)={'vlan0\x00', @local})
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='blkio.throttle.io_serviced\x00', 0x275a, 0x0)
r7 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYBLOB="9feb010018000000000000004c0000004c0000000700000006000000080000060400000004000000020000000f000000040000000c000000000000000f000000da0000000f000000000800000d000000080000000a000000050000000e000000030000000061612e002e0002730862360acee24a3d2cd00b0ee34691aea976b241d051f7ff01b0d78cd74cef56422e4ff1b018d6b3eefe7ebb3760a5cf467e0e9aa0b5fb6dfe82ab105d45a78d88138845dc911349da8eafba622893fd27b371adfc4dd9340d971d0f65aa75631caa74415aea96543a622c48f3633c8fa5ba23221ea35d35aeac93c2304d79a572431775fd99f56621776079625311578a9bc89abc843a83"], &(0x7f0000000340)=""/44, 0x6b, 0x2c, 0x1, 0xbd, 0x0, @void, @value}, 0x28)
r8 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000600), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r8, 0xc08c5332, &(0x7f00000003c0)={0x9c9, 0x0, 0x0, 'queue1\x00', 0x200000})
r9 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000380), 0x101040)
r10 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0x101001)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r10, 0xc08c5332, &(0x7f0000000540)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_TIMER_IOCTL_SELECT(r9, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}})
ioctl$AUTOFS_IOC_PROTOVER(r7, 0x80049363, &(0x7f00000003c0))
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x1, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4050000000100006b10af000000000006000000000000009500360000000000"], &(0x7f0000000200)='syzkaller\x00', 0x9, 0x10c, &(0x7f0000000080)=""/193, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1, 0x10, &(0x7f0000000000)={0x0, 0xc}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x94)
write$cgroup_subtree(r6, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x4010, r6, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)

33.64221ms ago: executing program 4 (id=2065):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f00000001c0)=0x20000, 0x4)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000100)={&(0x7f0000000000)=""/5, 0x204000, 0x1000}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r3}, 0x38)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r4, 0x0, 0x3}, 0x18)
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000040)=0x4000, 0x4)
bind$xdp(r0, &(0x7f00000002c0)={0x2c, 0x4, r2}, 0x10)

0s ago: executing program 4 (id=2066):
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x18, 0xc, &(0x7f0000000680)=ANY=[@ANYBLOB="180000000300000000000000a138000095"], 0x0, 0x1, 0x0, 0x0, 0x41100, 0x14, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffff8, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
socket$kcm(0x10, 0x2, 0x0)
socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0))
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000004c0))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0))
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x57, 0x1, 0x0, 0x0, 0x0, 0x210e, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x407fff, 0xaea}, 0x14105, 0x32, 0x1400, 0x3, 0x2, 0x0, 0xfffa, 0x0, 0x0, 0x0, 0x7fffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socket$kcm(0x10, 0x2, 0x0)
socket$kcm(0x2, 0x3, 0x2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100))
socket$kcm(0xa, 0x2, 0x0)
socket$kcm(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
socket$kcm(0x25, 0x1, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000180))
socket$kcm(0x10, 0x2, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
socket$kcm(0x10, 0x400000002, 0x0)
socketpair(0x1, 0x1, 0x1, &(0x7f0000000000))
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x10, 0x4, 0x8, 0x8, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x14, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000018110000", @ANYRES32=r0], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000200)="1c0000001d008103e00f80ecdb4cb9f207", 0x11}], 0x1, 0x0, 0x0, 0x5865}, 0x0)
r1 = socket$kcm(0x10, 0x400000002, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000200)=ANY=[], 0xfe33)

kernel console output (not intermixed with test programs):

7] netlink: 8 bytes leftover after parsing attributes in process `syz.1.974'.
[   86.582278][ T8407] netlink: 4 bytes leftover after parsing attributes in process `syz.1.974'.
[   86.632101][ T8416] netlink: 'syz.1.977': attribute type 1 has an invalid length.
[   86.639910][ T8416] netlink: 152 bytes leftover after parsing attributes in process `syz.1.977'.
[   86.649742][ T8416] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[   86.674201][ T8419] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4)
[   86.680736][ T8419] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   86.688509][ T8419] vhci_hcd vhci_hcd.0: Device attached
[   86.698163][ T8419] loop2: detected capacity change from 0 to 512
[   86.712342][   T29] kauditd_printk_skb: 169 callbacks suppressed
[   86.712357][   T29] audit: type=1400 audit(1748486219.498:5529): avc:  denied  { write } for  pid=8423 comm="syz.1.979" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   86.739253][ T8419] EXT4-fs (loop2): 1 orphan inode deleted
[   86.746147][ T8419] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   86.759698][ T5804] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14
[   86.767096][ T8419] ext4 filesystem being mounted at /206/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   86.769449][ T5804] EXT4-fs error (device loop2): ext4_release_dquot:6971: comm kworker/u8:9: Failed to release dquot type 1
[   86.770310][   T29] audit: type=1400 audit(1748486219.498:5530): avc:  denied  { name_connect } for  pid=8423 comm="syz.1.979" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1
[   86.811512][   T29] audit: type=1400 audit(1748486219.579:5531): avc:  denied  { remount } for  pid=8418 comm="syz.2.978" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   86.812674][ T8419] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[   86.850132][ T8425] loop1: detected capacity change from 0 to 1024
[   86.852519][ T8419] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[   86.857581][ T8425] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   86.877004][ T8425] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   86.885209][ T8425] EXT4-fs (loop1): orphan cleanup on readonly fs
[   86.886037][ T8419] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[   86.892113][ T8425] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5899: Corrupt filesystem
[   86.915120][ T8425] EXT4-fs error (device loop1): ext4_dirty_inode:6103: inode #3: comm syz.1.979: mark_inode_dirty error
[   86.935499][ T8434] x_tables: ip6_tables: tcpmss match: only valid for protocol 6
[   86.937152][ T8420] vhci_hcd: connection closed
[   86.943555][ T8425] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.979: Invalid block bitmap block 3 in block_group 0
[   86.944552][   T41] vhci_hcd: stop threads
[   86.950395][ T8425] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.979: Invalid block bitmap block 3 in block_group 0
[   86.961640][   T41] vhci_hcd: release socket
[   86.966697][ T8425] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.979: Invalid block bitmap block 3 in block_group 0
[   86.979144][   T41] vhci_hcd: disconnect device
[   86.985388][ T8425] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5899: Corrupt filesystem
[   87.011856][ T8425] EXT4-fs error (device loop1): ext4_dirty_inode:6103: inode #3: comm syz.1.979: mark_inode_dirty error
[   87.023519][ T8425] Quota error (device loop1): write_blk: dquota write failed
[   87.031013][ T8425] EXT4-fs error (device loop1): ext4_map_blocks:675: inode #3: block 1: comm syz.1.979: lblock 6 mapped to illegal pblock 1 (length 1)
[   87.045371][ T8425] Quota error (device loop1): write_blk: dquota write failed
[   87.052834][ T8425] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[   87.062908][ T8425] EXT4-fs error (device loop1): ext4_map_blocks:675: inode #3: block 48: comm syz.1.979: lblock 0 mapped to illegal pblock 48 (length 1)
[   87.086636][ T8425] Quota error (device loop1): v2_write_file_info: Can't write info structure
[   87.095524][ T8425] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.979: Failed to acquire dquot type 0
[   87.135480][ T8425] EXT4-fs error (device loop1): ext4_map_blocks:675: inode #3: block 49: comm syz.1.979: lblock 1 mapped to illegal pblock 49 (length 1)
[   87.150905][ T8425] Quota error (device loop1): do_insert_tree: Can't read tree quota block 1
[   87.159664][ T8425] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[   87.169639][ T8425] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.979: Failed to acquire dquot type 0
[   87.181733][ T8425] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5899: Corrupt filesystem
[   87.191434][ T8425] EXT4-fs error (device loop1): ext4_evict_inode:259: inode #15: comm syz.1.979: mark_inode_dirty error
[   87.204613][ T8425] EXT4-fs warning (device loop1): ext4_evict_inode:262: couldn't mark inode dirty (err -117)
[   87.214989][ T8425] EXT4-fs (loop1): 1 orphan inode deleted
[   87.223448][ T8425] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   87.292209][ T3325] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.325967][ T3598] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   87.335794][ T3598] hid-generic 0000:0000:0000.0006: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   87.393646][ T8461] loop1: detected capacity change from 0 to 8192
[   87.400373][ T8470] FAULT_INJECTION: forcing a failure.
[   87.400373][ T8470] name failslab, interval 1, probability 0, space 0, times 0
[   87.413043][ T8470] CPU: 0 UID: 0 PID: 8470 Comm: syz.4.986 Not tainted 6.15.0-syzkaller-03645-g3d413f0cfd7e #0 PREEMPT(voluntary) 
[   87.413073][ T8470] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   87.413086][ T8470] Call Trace:
[   87.413094][ T8470]  <TASK>
[   87.413101][ T8470]  __dump_stack+0x1d/0x30
[   87.413125][ T8470]  dump_stack_lvl+0xe8/0x140
[   87.413147][ T8470]  dump_stack+0x15/0x1b
[   87.413163][ T8470]  should_fail_ex+0x265/0x280
[   87.413194][ T8470]  should_failslab+0x8c/0xb0
[   87.413215][ T8470]  kmem_cache_alloc_noprof+0x50/0x310
[   87.413241][ T8470]  ? vm_area_alloc+0x2c/0xb0
[   87.413266][ T8470]  vm_area_alloc+0x2c/0xb0
[   87.413289][ T8470]  mmap_region+0x81f/0x1470
[   87.413337][ T8470]  do_mmap+0x9d0/0xc10
[   87.413373][ T8470]  vm_mmap_pgoff+0x17a/0x2e0
[   87.413405][ T8470]  ksys_mmap_pgoff+0x2d0/0x310
[   87.413437][ T8470]  x64_sys_call+0x1602/0x2fb0
[   87.413459][ T8470]  do_syscall_64+0xd2/0x200
[   87.413486][ T8470]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   87.413516][ T8470]  ? clear_bhb_loop+0x40/0x90
[   87.413539][ T8470]  ? clear_bhb_loop+0x40/0x90
[   87.413562][ T8470]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.413585][ T8470] RIP: 0033:0x7f90239de969
[   87.413601][ T8470] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   87.413621][ T8470] RSP: 002b:00007f9022026038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[   87.413643][ T8470] RAX: ffffffffffffffda RBX: 00007f9023c06080 RCX: 00007f90239de969
[   87.413657][ T8470] RDX: 0000000000000000 RSI: 0000000000c00000 RDI: 0000200000400000
[   87.413670][ T8470] RBP: 00007f9022026090 R08: ffffffffffffffff R09: 0000000000000000
[   87.413683][ T8470] R10: 0000000000050032 R11: 0000000000000246 R12: 0000000000000002
[   87.413696][ T8470] R13: 0000000000000000 R14: 00007f9023c06080 R15: 00007fff300748f8
[   87.413714][ T8470]  </TASK>
[   87.628937][ T8461] netlink: 40 bytes leftover after parsing attributes in process `syz.1.987'.
[   87.639971][ T8470] loop4: detected capacity change from 0 to 1024
[   87.648119][ T3323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.672043][ T8478] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=8478 comm=syz.0.990
[   87.684751][ T8470] EXT4-fs: Ignoring removed i_version option
[   87.706107][ T8470] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   87.715241][ T8470] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   87.725963][ T8470] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   87.734130][ T8470] EXT4-fs (loop4): orphan cleanup on readonly fs
[   87.741440][ T8470] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5899: Corrupt filesystem
[   87.752012][ T8470] EXT4-fs (loop4): Remounting filesystem read-only
[   87.753147][ T8488] netlink: 'syz.2.989': attribute type 1 has an invalid length.
[   87.759482][ T8470] EXT4-fs (loop4): 1 orphan inode deleted
[   87.766247][ T8488] netlink: 152 bytes leftover after parsing attributes in process `syz.2.989'.
[   87.773145][ T8470] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   87.782059][ T8488] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[   87.875329][ T8498] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[   88.183012][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.206947][ T8514] netlink: 'syz.3.998': attribute type 13 has an invalid length.
[   88.312306][ T8538] netlink: 'syz.3.1002': attribute type 1 has an invalid length.
[   88.320207][ T8538] netlink: 152 bytes leftover after parsing attributes in process `syz.3.1002'.
[   88.329287][ T8538] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[   88.487418][ T8556] lo speed is unknown, defaulting to 1000
[   88.534023][ T8566] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.563981][ T8570] vhci_hcd: invalid port number 96
[   88.569221][ T8570] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[   88.569740][ T8556] lo speed is unknown, defaulting to 1000
[   88.620958][ T8566] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.668787][ T8566] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.741278][ T8566] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.826613][ T8630] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=8630 comm=syz.3.1020
[   88.848559][ T8566] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   88.860505][ T8566] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   88.872384][ T8566] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   88.884116][ T8566] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   89.111959][ T8663] loop1: detected capacity change from 0 to 512
[   89.124602][ T8663] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   89.138059][ T8663] ext4 filesystem being mounted at /212/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   89.150155][ T8669] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   89.160386][ T8669] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   89.170937][ T3325] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.263338][ T8683] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1030'.
[   89.344595][ T3492] printk: udevd: 1 output lines suppressed due to ratelimiting
[   89.591204][ T8714] netlink: 'syz.1.1040': attribute type 1 has an invalid length.
[   89.599619][ T8714] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[   89.667412][ T8720] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   89.676429][ T8720] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   89.687268][ T8720] loop3: detected capacity change from 0 to 256
[   89.694265][ T8720] vfat: Unknown parameter 'ÿÿÿÿÿÿ0xffffffffffffffff'
[   90.290067][ T8751] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=8751 comm=syz.3.1053
[   90.895024][ T8778] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   90.904652][ T8778] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   91.040599][ T8775] Set syz1 is full, maxelem 65536 reached
[   91.245753][ T8796] __nla_validate_parse: 2 callbacks suppressed
[   91.245770][ T8796] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1068'.
[   91.468611][ T8805] rdma_rxe: rxe_newlink: failed to add veth0_to_bond
[   91.539459][ T8812] netlink: 43 bytes leftover after parsing attributes in process `syz.0.1075'.
[   91.548604][ T8812] tipc: Enabling of bearer <eth:vlan0> rejected, failed to enable media
[   92.129680][   T29] kauditd_printk_skb: 461 callbacks suppressed
[   92.129694][   T29] audit: type=1326 audit(1748486224.929:5989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8871 comm="syz.1.1099" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd4b26de969 code=0x0
[   92.453193][   T29] audit: type=1400 audit(1748486225.260:5990): avc:  denied  { bind } for  pid=8899 comm="syz.3.1108" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[   92.487840][   T29] audit: type=1326 audit(1748486225.290:5991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8901 comm="syz.3.1109" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe42dcee969 code=0x0
[   92.539733][ T8903] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1109'.
[   92.768168][   T29] audit: type=1326 audit(1748486225.570:5992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8911 comm="syz.2.1113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a79fbe969 code=0x7ffc0000
[   92.791829][   T29] audit: type=1326 audit(1748486225.570:5993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8911 comm="syz.2.1113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a79fbe969 code=0x7ffc0000
[   92.815313][   T29] audit: type=1326 audit(1748486225.570:5994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8911 comm="syz.2.1113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f1a79fbe969 code=0x7ffc0000
[   92.838791][   T29] audit: type=1326 audit(1748486225.570:5995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8911 comm="syz.2.1113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a79fbe969 code=0x7ffc0000
[   92.862418][   T29] audit: type=1326 audit(1748486225.570:5996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8911 comm="syz.2.1113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a79fbe969 code=0x7ffc0000
[   92.885921][   T29] audit: type=1326 audit(1748486225.570:5997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8911 comm="syz.2.1113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1a79fbe969 code=0x7ffc0000
[   92.909238][   T29] audit: type=1326 audit(1748486225.570:5998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8911 comm="syz.2.1113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a79fbe969 code=0x7ffc0000
[   93.087512][ T8929] netlink: 'syz.2.1120': attribute type 1 has an invalid length.
[   93.095308][ T8929] netlink: 152 bytes leftover after parsing attributes in process `syz.2.1120'.
[   93.105860][ T8929] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[   93.437670][ T8958] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[   93.444300][ T8958] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   93.451793][ T8958] vhci_hcd vhci_hcd.0: Device attached
[   93.459450][ T8958] vhci_hcd vhci_hcd.0: pdev(3) rhport(1) sockfd(10)
[   93.466121][ T8958] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   93.473610][ T8958] vhci_hcd vhci_hcd.0: Device attached
[   93.481818][ T8958] vhci_hcd vhci_hcd.0: pdev(3) rhport(2) sockfd(12)
[   93.488427][ T8958] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   93.496091][ T8958] vhci_hcd vhci_hcd.0: Device attached
[   93.503967][ T8969] vhci_hcd: connection closed
[   93.503993][ T8965] vhci_hcd: connection closed
[   93.504042][ T8961] vhci_hcd: connection closed
[   93.508960][ T5837] vhci_hcd: stop threads
[   93.515438][ T8968] netlink: 'syz.0.1136': attribute type 1 has an invalid length.
[   93.518112][ T5837] vhci_hcd: release socket
[   93.518124][ T5837] vhci_hcd: disconnect device
[   93.518592][ T5837] vhci_hcd: stop threads
[   93.522383][ T8968] netlink: 152 bytes leftover after parsing attributes in process `syz.0.1136'.
[   93.530099][ T5837] vhci_hcd: release socket
[   93.530109][ T5837] vhci_hcd: disconnect device
[   93.530959][ T5837] vhci_hcd: stop threads
[   93.535626][ T8968] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[   93.539240][ T5837] vhci_hcd: release socket
[   93.539249][ T5837] vhci_hcd: disconnect device
[   93.726968][ T8972] 9pnet_fd: Insufficient options for proto=fd
[   93.909362][ T8992] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=8992 comm=syz.1.1144
[   94.000432][ T9002] netlink: 'syz.4.1148': attribute type 1 has an invalid length.
[   94.008261][ T9002] netlink: 152 bytes leftover after parsing attributes in process `syz.4.1148'.
[   94.017603][ T9002] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[   94.178878][ T9010] 9pnet_fd: Insufficient options for proto=fd
[   94.182060][ T9014] loop3: detected capacity change from 0 to 256
[   94.582031][ T9027] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1155'.
[   94.593827][ T9029] ªªªªªª: renamed from vlan0
[   94.660365][ T9038] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   94.701900][ T9038] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   94.794240][ T9040] 9pnet_fd: Insufficient options for proto=fd
[   94.826738][ T9050] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1164'.
[   94.957332][ T9072] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   94.966346][ T9072] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   94.977462][ T9072] loop2: detected capacity change from 0 to 256
[   94.984338][ T9072] vfat: Unknown parameter 'ÿÿÿÿÿÿ0xffffffffffffffff'
[   95.005811][ T9081] netlink: 43 bytes leftover after parsing attributes in process `syz.3.1169'.
[   95.015179][ T9081] tipc: Started in network mode
[   95.020145][ T9081] tipc: Node identity aaaaaaaaaa32, cluster identity 4711
[   95.027473][ T9081] tipc: Enabled bearer <eth:vlan0>, priority 10
[   95.034709][ T9081] ªªªªªª: renamed from vlan0
[   95.040733][ T9081] tipc: Disabling bearer <eth:vlan0>
[   95.250785][ T9091] netlink: 43 bytes leftover after parsing attributes in process `syz.0.1171'.
[   95.259884][ T9091] tipc: Enabling of bearer <eth:vlan0> rejected, failed to enable media
[   95.349777][ T9101] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=9101 comm=syz.0.1173
[   95.645243][ T9123] lo speed is unknown, defaulting to 1000
[   95.719976][ T9123] lo speed is unknown, defaulting to 1000
[   95.893940][ T9172] netlink: 'syz.1.1190': attribute type 1 has an invalid length.
[   95.909936][ T9172] 8021q: adding VLAN 0 to HW filter on device bond2
[   95.950732][ T9172] bond2: (slave veth5): Enslaving as an active interface with a down link
[   95.970587][ T9224] netlink: 'syz.3.1192': attribute type 1 has an invalid length.
[   95.978584][ T9224] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[   96.506092][ T9267] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=9267 comm=syz.2.1208
[   96.883403][ T9287] loop4: detected capacity change from 0 to 8192
[   97.012995][ T9300] FAULT_INJECTION: forcing a failure.
[   97.012995][ T9300] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   97.026249][ T9300] CPU: 0 UID: 0 PID: 9300 Comm: syz.4.1221 Not tainted 6.15.0-syzkaller-03645-g3d413f0cfd7e #0 PREEMPT(voluntary) 
[   97.026290][ T9300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   97.026301][ T9300] Call Trace:
[   97.026308][ T9300]  <TASK>
[   97.026316][ T9300]  __dump_stack+0x1d/0x30
[   97.026341][ T9300]  dump_stack_lvl+0xe8/0x140
[   97.026364][ T9300]  dump_stack+0x15/0x1b
[   97.026381][ T9300]  should_fail_ex+0x265/0x280
[   97.026451][ T9300]  should_fail+0xb/0x20
[   97.026515][ T9300]  should_fail_usercopy+0x1a/0x20
[   97.026542][ T9300]  _copy_from_iter+0xcf/0xe40
[   97.026648][ T9300]  ? __build_skb_around+0x1a0/0x200
[   97.026677][ T9300]  ? __alloc_skb+0x223/0x320
[   97.026698][ T9300]  netlink_sendmsg+0x471/0x6b0
[   97.026793][ T9300]  ? __pfx_netlink_sendmsg+0x10/0x10
[   97.026853][ T9300]  __sock_sendmsg+0x145/0x180
[   97.026905][ T9300]  ____sys_sendmsg+0x31e/0x4e0
[   97.026936][ T9300]  ___sys_sendmsg+0x17b/0x1d0
[   97.026980][ T9300]  __x64_sys_sendmsg+0xd4/0x160
[   97.027073][ T9300]  x64_sys_call+0x2999/0x2fb0
[   97.027091][ T9300]  do_syscall_64+0xd2/0x200
[   97.027123][ T9300]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   97.027212][ T9300]  ? clear_bhb_loop+0x40/0x90
[   97.027230][ T9300]  ? clear_bhb_loop+0x40/0x90
[   97.027253][ T9300]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.027303][ T9300] RIP: 0033:0x7f90239de969
[   97.027316][ T9300] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   97.027331][ T9300] RSP: 002b:00007f9022047038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   97.027378][ T9300] RAX: ffffffffffffffda RBX: 00007f9023c05fa0 RCX: 00007f90239de969
[   97.027416][ T9300] RDX: 0000000000000000 RSI: 0000200000000540 RDI: 0000000000000006
[   97.027481][ T9300] RBP: 00007f9022047090 R08: 0000000000000000 R09: 0000000000000000
[   97.027494][ T9300] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   97.027508][ T9300] R13: 0000000000000000 R14: 00007f9023c05fa0 R15: 00007fff300748f8
[   97.027561][ T9300]  </TASK>
[   97.265628][   T29] kauditd_printk_skb: 184 callbacks suppressed
[   97.265643][   T29] audit: type=1326 audit(1748486230.070:6183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9305 comm="syz.1.1223" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd4b26de969 code=0x0
[   97.346988][ T9313] __nla_validate_parse: 3 callbacks suppressed
[   97.347057][ T9313] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1223'.
[   97.368399][ T9312] loop3: detected capacity change from 0 to 2048
[   97.382080][ T9317] x_tables: duplicate underflow at hook 1
[   97.393789][ T9312] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   97.407900][ T9320] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1229'.
[   97.434569][   T29] audit: type=1400 audit(1748486230.220:6184): avc:  denied  { read write } for  pid=9311 comm="syz.3.1226" name="file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   97.457342][   T29] audit: type=1400 audit(1748486230.230:6185): avc:  denied  { open } for  pid=9311 comm="syz.3.1226" path="/222/file1/file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   97.480653][   T29] audit: type=1400 audit(1748486230.240:6186): avc:  denied  { read } for  pid=9319 comm="syz.2.1229" name="usbmon7" dev="devtmpfs" ino=163 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   97.504111][   T29] audit: type=1400 audit(1748486230.240:6187): avc:  denied  { open } for  pid=9319 comm="syz.2.1229" path="/dev/usbmon7" dev="devtmpfs" ino=163 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   97.527858][   T29] audit: type=1400 audit(1748486230.240:6188): avc:  denied  { ioctl } for  pid=9319 comm="syz.2.1229" path="/dev/usbmon7" dev="devtmpfs" ino=163 ioctlcmd=0x9207 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   97.557924][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.653700][ T9354] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=9354 comm=syz.3.1239
[   97.800422][ T9378] IPVS: Error connecting to the multicast addr
[   98.010589][   T29] audit: type=1326 audit(1748486230.810:6189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9394 comm="syz.0.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f00cee969 code=0x7ffc0000
[   98.034991][   T29] audit: type=1326 audit(1748486230.810:6190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9394 comm="syz.0.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f00cee969 code=0x7ffc0000
[   98.058545][   T29] audit: type=1326 audit(1748486230.810:6191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9394 comm="syz.0.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4f00cee969 code=0x7ffc0000
[   98.082062][   T29] audit: type=1326 audit(1748486230.810:6192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9394 comm="syz.0.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f00cee969 code=0x7ffc0000
[   98.123424][ T9399] FAULT_INJECTION: forcing a failure.
[   98.123424][ T9399] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   98.136512][ T9399] CPU: 1 UID: 0 PID: 9399 Comm: syz.1.1256 Not tainted 6.15.0-syzkaller-03645-g3d413f0cfd7e #0 PREEMPT(voluntary) 
[   98.136548][ T9399] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   98.136563][ T9399] Call Trace:
[   98.136570][ T9399]  <TASK>
[   98.136578][ T9399]  __dump_stack+0x1d/0x30
[   98.136620][ T9399]  dump_stack_lvl+0xe8/0x140
[   98.136637][ T9399]  dump_stack+0x15/0x1b
[   98.136658][ T9399]  should_fail_ex+0x265/0x280
[   98.136691][ T9399]  should_fail+0xb/0x20
[   98.136764][ T9399]  should_fail_usercopy+0x1a/0x20
[   98.136798][ T9399]  strncpy_from_user+0x25/0x230
[   98.136858][ T9399]  path_getxattrat+0xab/0x2a0
[   98.136898][ T9399]  __x64_sys_fgetxattr+0x59/0x70
[   98.136960][ T9399]  x64_sys_call+0x2a12/0x2fb0
[   98.137067][ T9399]  do_syscall_64+0xd2/0x200
[   98.137093][ T9399]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   98.137128][ T9399]  ? clear_bhb_loop+0x40/0x90
[   98.137153][ T9399]  ? clear_bhb_loop+0x40/0x90
[   98.137178][ T9399]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.137222][ T9399] RIP: 0033:0x7fd4b26de969
[   98.137234][ T9399] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   98.137250][ T9399] RSP: 002b:00007fd4b0d47038 EFLAGS: 00000246 ORIG_RAX: 00000000000000c1
[   98.137307][ T9399] RAX: ffffffffffffffda RBX: 00007fd4b2905fa0 RCX: 00007fd4b26de969
[   98.137362][ T9399] RDX: 0000000000000000 RSI: 0000200000000980 RDI: 0000000000000005
[   98.137439][ T9399] RBP: 00007fd4b0d47090 R08: 0000000000000000 R09: 0000000000000000
[   98.137449][ T9399] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   98.137459][ T9399] R13: 0000000000000000 R14: 00007fd4b2905fa0 R15: 00007fffffeb3e68
[   98.137476][ T9399]  </TASK>
[   98.369439][ T9402] loop1: detected capacity change from 0 to 8192
[   98.521409][ T9422] openvswitch: netlink: Message has 6 unknown bytes.
[   98.521922][ T9421] netlink: 43 bytes leftover after parsing attributes in process `syz.0.1264'.
[   98.545091][ T9421] tipc: Enabling of bearer <eth:vlan0> rejected, failed to enable media
[   98.649374][ T9434] loop1: detected capacity change from 0 to 512
[   98.680630][ T9445] loop3: detected capacity change from 0 to 8192
[   98.751388][ T9464] netlink: 'syz.4.1274': attribute type 10 has an invalid length.
[   98.759313][ T9464] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1274'.
[   98.796113][ T9469] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   98.801470][ T9464] dummy0: entered promiscuous mode
[   98.810293][ T9474] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=9474 comm=syz.2.1276
[   98.824147][ T9464] bridge0: port 3(dummy0) entered blocking state
[   98.825066][ T9469] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   98.830610][ T9464] bridge0: port 3(dummy0) entered disabled state
[   98.848617][ T9464] dummy0: entered allmulticast mode
[   98.883810][ T9481] ref_ctr_offset mismatch. inode: 0x4d6 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0xa
[   98.898575][ T9469] loop1: detected capacity change from 0 to 256
[   98.905680][ T9469] vfat: Unknown parameter 'ÿÿÿÿÿÿ0xffffffffffffffff'
[   98.910269][ T9486] loop4: detected capacity change from 0 to 1024
[   98.929352][ T9486] EXT4-fs: Ignoring removed nobh option
[   98.934974][ T9486] EXT4-fs: Ignoring removed bh option
[   98.937042][ T9481] lo speed is unknown, defaulting to 1000
[   98.953299][ T9486] EXT4-fs error (device loop4): ext4_orphan_get:1417: comm syz.4.1280: bad orphan inode 32767
[   98.966519][ T9486] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   98.992608][ T9486] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 18: block 241:freeing already freed block (bit 15); block bitmap corrupt.
[   98.994584][ T9481] lo speed is unknown, defaulting to 1000
[   99.041245][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.257422][ T9563] loop3: detected capacity change from 0 to 512
[   99.314350][ T9575] loop3: detected capacity change from 0 to 8192
[   99.449451][ T9605] netlink: 'syz.1.1287': attribute type 10 has an invalid length.
[   99.458087][ T9605] veth0_vlan: entered allmulticast mode
[   99.538777][ T9605] veth0_vlan: left promiscuous mode
[   99.545526][ T9605] veth0_vlan: entered promiscuous mode
[   99.553965][ T9605] team0: Device veth0_vlan failed to register rx_handler
[   99.556537][ T9616] loop3: detected capacity change from 0 to 128
[   99.579669][ T9616] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   99.591959][ T9616] ext4 filesystem being mounted at /237/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   99.616006][ T3316] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   99.665760][ T9628] x_tables: duplicate underflow at hook 1
[   99.687663][ T9628] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1292'.
[   99.747328][ T9640] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   99.757136][ T9633] loop2: detected capacity change from 0 to 8192
[   99.757749][ T9640] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   99.790809][ T9640] loop1: detected capacity change from 0 to 256
[   99.804594][ T9640] vfat: Unknown parameter 'ÿÿÿÿÿÿ0xffffffffffffffff'
[   99.859852][ T9658] loop2: detected capacity change from 0 to 512
[   99.872914][ T9658] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   99.887406][ T9658] ext4 filesystem being mounted at /262/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  100.062639][ T3323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.084949][ T9673] netlink: 'syz.2.1304': attribute type 10 has an invalid length.
[  100.095116][ T9673] team0: Device veth0_vlan failed to register rx_handler
[  100.178606][ T9681] serio: Serial port ptm0
[  100.284490][ T9686] loop2: detected capacity change from 0 to 8192
[  100.414065][ T9699] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1313'.
[  100.681318][ T9718] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1314'.
[  100.790922][ T9734] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1322'.
[  100.816760][ T9736] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  100.826697][ T9736] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  100.837230][ T9736] loop4: detected capacity change from 0 to 256
[  100.844918][ T9736] vfat: Unknown parameter 'ÿÿÿÿÿÿ0xffffffffffffffff'
[  100.890491][    T9] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  100.898713][    T9] hid-generic 0000:0000:0000.0007: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  101.226094][ T1065] IPVS: starting estimator thread 0...
[  101.266564][ T9776] TCP: TCP_TX_DELAY enabled
[  101.341122][ T9770] IPVS: using max 2400 ests per chain, 120000 per kthread
[  101.513345][ T9799] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1342'.
[  101.618625][ T9801] loop4: detected capacity change from 0 to 1024
[  101.625699][ T9801] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  101.636604][ T9801] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  101.647750][ T9801] JBD2: no valid journal superblock found
[  101.653514][ T9801] EXT4-fs (loop4): Could not load journal inode
[  101.714928][ T9816] program syz.2.1346 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  101.753396][ T9819] loop4: detected capacity change from 0 to 2048
[  101.769218][ T9816] lo speed is unknown, defaulting to 1000
[  101.772841][ T9819] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  101.807784][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.814170][ T9816] lo speed is unknown, defaulting to 1000
[  101.835049][ T9842] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  101.843964][ T9842] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  101.854300][ T9842] loop4: detected capacity change from 0 to 256
[  101.861828][ T9842] vfat: Unknown parameter 'ÿÿÿÿÿÿ0xffffffffffffffff'
[  102.099925][ T9888] netlink: 'syz.1.1352': attribute type 10 has an invalid length.
[  102.109246][ T9888] veth0_vlan: left promiscuous mode
[  102.116139][ T9888] veth0_vlan: entered promiscuous mode
[  102.124128][ T9888] team0: Device veth0_vlan failed to register rx_handler
[  102.196219][ T9896] netlink: 43 bytes leftover after parsing attributes in process `syz.1.1354'.
[  102.210758][ T9896] tipc: Started in network mode
[  102.215752][ T9896] tipc: Node identity 002050ff, cluster identity 4711
[  102.222794][ T9896] tipc: Enabled bearer <eth:vlan0>, priority 10
[  102.243147][ T9896] ªªªªªª: renamed from vlan0
[  102.260754][ T9896] tipc: Disabling bearer <eth:vlan0>
[  102.344077][   T29] kauditd_printk_skb: 429 callbacks suppressed
[  102.344090][   T29] audit: type=1326 audit(1748486235.150:6622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9893 comm="syz.2.1353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a79fbe969 code=0x7ffc0000
[  102.377070][   T29] audit: type=1326 audit(1748486235.180:6623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9893 comm="syz.2.1353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f1a79fbe969 code=0x7ffc0000
[  102.400675][   T29] audit: type=1326 audit(1748486235.180:6624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9893 comm="syz.2.1353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a79fbe969 code=0x7ffc0000
[  102.424259][   T29] audit: type=1326 audit(1748486235.180:6625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9893 comm="syz.2.1353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1a79fbe969 code=0x7ffc0000
[  102.447592][   T29] audit: type=1326 audit(1748486235.180:6626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9893 comm="syz.2.1353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a79fbe969 code=0x7ffc0000
[  102.470988][   T29] audit: type=1326 audit(1748486235.180:6627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9893 comm="syz.2.1353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7f1a79fbe969 code=0x7ffc0000
[  102.494384][   T29] audit: type=1326 audit(1748486235.180:6628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9893 comm="syz.2.1353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a79fbe969 code=0x7ffc0000
[  102.517991][   T29] audit: type=1326 audit(1748486235.180:6629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9893 comm="syz.2.1353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a79fbe969 code=0x7ffc0000
[  102.586992][ T3383] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  102.602578][ T3383] hid-generic 0000:0000:0000.0008: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  102.691425][ T9927] dccp_invalid_packet: P.type (CLOSE) not Data || [Data]Ack, while P.X == 0
[  102.776953][ T9942] netlink: 'syz.2.1364': attribute type 10 has an invalid length.
[  102.796151][ T9942] team0: Device veth0_vlan failed to register rx_handler
[  102.802689][ T9948] netlink: 43 bytes leftover after parsing attributes in process `syz.3.1366'.
[  102.815542][ T9948] tipc: Enabling of bearer <eth:vlan0> rejected, failed to enable media
[  102.824498][ T9938] netlink: 43 bytes leftover after parsing attributes in process `syz.4.1365'.
[  102.834173][ T9938] tipc: Enabling of bearer <eth:vlan0> rejected, failed to enable media
[  102.935774][   T29] audit: type=1326 audit(1748486235.720:6630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9961 comm="syz.2.1367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a79fbe969 code=0x7ffc0000
[  102.961788][   T29] audit: type=1326 audit(1748486235.720:6631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9961 comm="syz.2.1367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a79fbe969 code=0x7ffc0000
[  103.005732][ T9970] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  103.014567][ T9970] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  103.025333][ T9970] loop4: detected capacity change from 0 to 256
[  103.032211][ T9970] vfat: Unknown parameter 'ÿÿÿÿÿÿ0xffffffffffffffff'
[  103.567000][ T9986] SET target dimension over the limit!
[  103.602769][ T9990] lo speed is unknown, defaulting to 1000
[  103.635908][ T9990] lo speed is unknown, defaulting to 1000
[  103.697459][T10019] netlink: 'syz.4.1378': attribute type 10 has an invalid length.
[  103.706032][T10019] veth0_vlan: entered allmulticast mode
[  103.713034][T10019] veth0_vlan: left promiscuous mode
[  103.718967][T10019] veth0_vlan: entered promiscuous mode
[  103.734531][T10019] team0: Device veth0_vlan failed to register rx_handler
[  103.767766][T10022] netlink: 43 bytes leftover after parsing attributes in process `syz.2.1379'.
[  103.779083][T10027] FAULT_INJECTION: forcing a failure.
[  103.779083][T10027] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  103.792315][T10027] CPU: 1 UID: 0 PID: 10027 Comm: syz.4.1380 Not tainted 6.15.0-syzkaller-03645-g3d413f0cfd7e #0 PREEMPT(voluntary) 
[  103.792344][T10027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  103.792357][T10027] Call Trace:
[  103.792481][T10027]  <TASK>
[  103.792487][T10027]  __dump_stack+0x1d/0x30
[  103.792507][T10027]  dump_stack_lvl+0xe8/0x140
[  103.792530][T10027]  dump_stack+0x15/0x1b
[  103.792549][T10027]  should_fail_ex+0x265/0x280
[  103.792582][T10027]  should_fail+0xb/0x20
[  103.792648][T10027]  should_fail_usercopy+0x1a/0x20
[  103.792673][T10027]  _copy_from_user+0x1c/0xb0
[  103.792692][T10027]  ___sys_sendmsg+0xc1/0x1d0
[  103.792777][T10027]  __x64_sys_sendmsg+0xd4/0x160
[  103.792831][T10027]  x64_sys_call+0x2999/0x2fb0
[  103.792852][T10027]  do_syscall_64+0xd2/0x200
[  103.792936][T10027]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  103.792965][T10027]  ? clear_bhb_loop+0x40/0x90
[  103.792981][T10027]  ? clear_bhb_loop+0x40/0x90
[  103.793006][T10027]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.793022][T10027] RIP: 0033:0x7f90239de969
[  103.793094][T10027] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  103.793108][T10027] RSP: 002b:00007f9022047038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  103.793122][T10027] RAX: ffffffffffffffda RBX: 00007f9023c05fa0 RCX: 00007f90239de969
[  103.793182][T10027] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  103.793233][T10027] RBP: 00007f9022047090 R08: 0000000000000000 R09: 0000000000000000
[  103.793242][T10027] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  103.793251][T10027] R13: 0000000000000000 R14: 00007f9023c05fa0 R15: 00007fff300748f8
[  103.793267][T10027]  </TASK>
[  103.796340][T10022] tipc: Enabling of bearer <eth:vlan0> rejected, failed to enable media
[  103.844121][ T1065] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  103.957568][T10043] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  103.990469][ T1065] hid-generic 0000:0000:0000.0009: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  104.007244][T10043] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  104.115662][T10068] lo speed is unknown, defaulting to 1000
[  104.147642][T10068] lo speed is unknown, defaulting to 1000
[  104.222796][T10099] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=10099 comm=syz.3.1393
[  104.542107][T10076] Set syz1 is full, maxelem 65536 reached
[  104.578092][T10105] netlink: 324 bytes leftover after parsing attributes in process `syz.0.1395'.
[  104.590840][T10103] loop1: detected capacity change from 0 to 256
[  104.610971][T10110] netlink: 43 bytes leftover after parsing attributes in process `syz.2.1397'.
[  104.620632][T10110] tipc: Enabling of bearer <eth:vlan0> rejected, failed to enable media
[  104.664169][T10127] siw: device registration error -23
[  104.735075][T10142] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  104.743802][T10142] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  104.754502][T10142] loop1: detected capacity change from 0 to 256
[  104.762650][T10142] vfat: Unknown parameter 'ÿÿÿÿÿÿ0xffffffffffffffff'
[  104.790482][T10152] loop4: detected capacity change from 0 to 2048
[  104.802459][T10152] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  104.827945][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.858174][T10161] lo speed is unknown, defaulting to 1000
[  104.888823][T10161] lo speed is unknown, defaulting to 1000
[  105.090711][T10192] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1411'.
[  105.258375][T10218] FAULT_INJECTION: forcing a failure.
[  105.258375][T10218] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  105.271485][T10218] CPU: 1 UID: 0 PID: 10218 Comm: syz.3.1413 Not tainted 6.15.0-syzkaller-03645-g3d413f0cfd7e #0 PREEMPT(voluntary) 
[  105.271517][T10218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  105.271534][T10218] Call Trace:
[  105.271539][T10218]  <TASK>
[  105.271606][T10218]  __dump_stack+0x1d/0x30
[  105.271653][T10218]  dump_stack_lvl+0xe8/0x140
[  105.271766][T10218]  dump_stack+0x15/0x1b
[  105.271780][T10218]  should_fail_ex+0x265/0x280
[  105.271805][T10218]  should_fail+0xb/0x20
[  105.271825][T10218]  should_fail_usercopy+0x1a/0x20
[  105.271849][T10218]  _copy_from_user+0x1c/0xb0
[  105.271920][T10218]  vcs_write+0x354/0xbc0
[  105.271941][T10218]  ? __import_iovec+0x428/0x540
[  105.271956][T10218]  ? avc_policy_seqno+0x15/0x30
[  105.272048][T10218]  vfs_writev+0x3ee/0x870
[  105.272065][T10218]  ? __pfx_vcs_write+0x10/0x10
[  105.272093][T10218]  do_writev+0xe7/0x210
[  105.272155][T10218]  __x64_sys_writev+0x45/0x50
[  105.272180][T10218]  x64_sys_call+0x2006/0x2fb0
[  105.272288][T10218]  do_syscall_64+0xd2/0x200
[  105.272406][T10218]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  105.272430][T10218]  ? clear_bhb_loop+0x40/0x90
[  105.272448][T10218]  ? clear_bhb_loop+0x40/0x90
[  105.272466][T10218]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.272563][T10218] RIP: 0033:0x7fe42dcee969
[  105.272582][T10218] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  105.272597][T10218] RSP: 002b:00007fe42c357038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  105.272691][T10218] RAX: ffffffffffffffda RBX: 00007fe42df15fa0 RCX: 00007fe42dcee969
[  105.272701][T10218] RDX: 0000000000000001 RSI: 00002000000003c0 RDI: 0000000000000003
[  105.272710][T10218] RBP: 00007fe42c357090 R08: 0000000000000000 R09: 0000000000000000
[  105.272719][T10218] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  105.272728][T10218] R13: 0000000000000000 R14: 00007fe42df15fa0 R15: 00007ffd5d29b928
[  105.272796][T10218]  </TASK>
[  105.511428][T10240] loop1: detected capacity change from 0 to 2048
[  105.522921][T10240] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  105.559514][ T3325] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.605417][T10252] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=10252 comm=syz.0.1421
[  105.670932][T10258] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1422'.
[  105.716345][   T10] hid-generic FFFC:0003:0002.000A: unknown main item tag 0x0
[  105.723929][   T10] hid-generic FFFC:0003:0002.000A: unknown main item tag 0x0
[  105.731551][   T10] hid-generic FFFC:0003:0002.000A: unknown main item tag 0x0
[  105.738982][   T10] hid-generic FFFC:0003:0002.000A: unknown main item tag 0x0
[  105.746531][   T10] hid-generic FFFC:0003:0002.000A: unknown main item tag 0x0
[  105.753952][   T10] hid-generic FFFC:0003:0002.000A: unknown main item tag 0x0
[  105.762205][   T10] hid-generic FFFC:0003:0002.000A: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  105.785649][T10262] loop1: detected capacity change from 0 to 2048
[  105.871473][T10274] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  105.880239][T10274] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  105.892838][T10274] loop1: detected capacity change from 0 to 256
[  105.899699][T10274] vfat: Unknown parameter 'ÿÿÿÿÿÿ0xffffffffffffffff'
[  106.198108][T10291] loop4: detected capacity change from 0 to 2048
[  106.212968][T10291] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  106.242015][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.318694][T10304] lo speed is unknown, defaulting to 1000
[  106.351951][T10304] lo speed is unknown, defaulting to 1000
[  106.514841][T10340] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1437'.
[  106.652392][T10356] netlink: 43 bytes leftover after parsing attributes in process `syz.0.1442'.
[  106.661567][T10356] tipc: Enabling of bearer <eth:vlan0> rejected, failed to enable media
[  106.745260][T10364] lo speed is unknown, defaulting to 1000
[  106.782898][T10364] lo speed is unknown, defaulting to 1000
[  106.940777][T10389] loop1: detected capacity change from 0 to 256
[  106.966151][T10394] netlink: 'syz.1.1445': attribute type 1 has an invalid length.
[  106.974004][T10394] netlink: 152 bytes leftover after parsing attributes in process `syz.1.1445'.
[  106.983546][T10394] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  107.077570][T10396] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=10396 comm=syz.1.1446
[  107.322886][T10401] FAULT_INJECTION: forcing a failure.
[  107.322886][T10401] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  107.336093][T10401] CPU: 0 UID: 0 PID: 10401 Comm: syz.3.1448 Not tainted 6.15.0-syzkaller-03645-g3d413f0cfd7e #0 PREEMPT(voluntary) 
[  107.336125][T10401] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  107.336138][T10401] Call Trace:
[  107.336145][T10401]  <TASK>
[  107.336151][T10401]  __dump_stack+0x1d/0x30
[  107.336172][T10401]  dump_stack_lvl+0xe8/0x140
[  107.336258][T10401]  dump_stack+0x15/0x1b
[  107.336273][T10401]  should_fail_ex+0x265/0x280
[  107.336309][T10401]  should_fail+0xb/0x20
[  107.336357][T10401]  should_fail_usercopy+0x1a/0x20
[  107.336384][T10401]  strncpy_from_user+0x25/0x230
[  107.336441][T10401]  ? kmem_cache_alloc_noprof+0x186/0x310
[  107.336462][T10401]  ? getname_flags+0x80/0x3b0
[  107.336480][T10401]  getname_flags+0xae/0x3b0
[  107.336502][T10401]  user_path_at+0x28/0x130
[  107.336524][T10401]  do_utimes+0xd9/0x210
[  107.336553][T10401]  __x64_sys_utimes+0xc6/0x180
[  107.336633][T10401]  ? syscall_trace_enter+0x102/0x1e0
[  107.336655][T10401]  x64_sys_call+0x2d6c/0x2fb0
[  107.336675][T10401]  do_syscall_64+0xd2/0x200
[  107.336733][T10401]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  107.336756][T10401]  ? clear_bhb_loop+0x40/0x90
[  107.336774][T10401]  ? clear_bhb_loop+0x40/0x90
[  107.336793][T10401]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.336890][T10401] RIP: 0033:0x7fe42dcee969
[  107.336915][T10401] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  107.336931][T10401] RSP: 002b:00007fe42c357038 EFLAGS: 00000246 ORIG_RAX: 00000000000000eb
[  107.336947][T10401] RAX: ffffffffffffffda RBX: 00007fe42df15fa0 RCX: 00007fe42dcee969
[  107.336958][T10401] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  107.336968][T10401] RBP: 00007fe42c357090 R08: 0000000000000000 R09: 0000000000000000
[  107.336979][T10401] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  107.336989][T10401] R13: 0000000000000000 R14: 00007fe42df15fa0 R15: 00007ffd5d29b928
[  107.337070][T10401]  </TASK>
[  107.367738][   T29] kauditd_printk_skb: 444 callbacks suppressed
[  107.367754][   T29] audit: type=1326 audit(1748486240.138:7076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10400 comm="syz.3.1448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7fe42dced37c code=0x7ffc0000
[  107.378854][T10399] loop2: detected capacity change from 0 to 512
[  107.382952][   T29] audit: type=1326 audit(1748486240.168:7077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10400 comm="syz.3.1448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fe42dced41f code=0x7ffc0000
[  107.601382][   T29] audit: type=1326 audit(1748486240.168:7078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10400 comm="syz.3.1448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fe42dced5ca code=0x7ffc0000
[  107.624687][   T29] audit: type=1326 audit(1748486240.168:7079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10400 comm="syz.3.1448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe42dcee969 code=0x7ffc0000
[  107.648270][   T29] audit: type=1326 audit(1748486240.168:7080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10400 comm="syz.3.1448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe42dcee969 code=0x7ffc0000
[  107.681932][   T29] audit: type=1326 audit(1748486240.488:7081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10416 comm="syz.0.1453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f00cee969 code=0x7ffc0000
[  107.705639][   T29] audit: type=1326 audit(1748486240.488:7082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10416 comm="syz.0.1453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f4f00cee969 code=0x7ffc0000
[  107.729163][   T29] audit: type=1326 audit(1748486240.488:7083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10416 comm="syz.0.1453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f00cee969 code=0x7ffc0000
[  107.752687][   T29] audit: type=1326 audit(1748486240.488:7084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10416 comm="syz.0.1453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f00cee969 code=0x7ffc0000
[  107.776210][   T29] audit: type=1326 audit(1748486240.488:7085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10416 comm="syz.0.1453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f4f00cee969 code=0x7ffc0000
[  107.815180][T10420] netlink: 'syz.3.1454': attribute type 1 has an invalid length.
[  107.823051][T10420] netlink: 152 bytes leftover after parsing attributes in process `syz.3.1454'.
[  107.832110][T10420] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  107.888273][T10425] netlink: 43 bytes leftover after parsing attributes in process `syz.4.1456'.
[  107.971698][T10425] tipc: Enabling of bearer <eth:vlan0> rejected, failed to enable media
[  108.023148][T10432] lo speed is unknown, defaulting to 1000
[  108.128907][T10450] netlink: 43 bytes leftover after parsing attributes in process `syz.4.1462'.
[  108.130646][T10432] lo speed is unknown, defaulting to 1000
[  108.147208][T10450] tipc: Enabling of bearer <eth:vlan0> rejected, failed to enable media
[  108.269837][T10478] netlink: 'syz.1.1465': attribute type 13 has an invalid length.
[  108.587631][T10495] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=10495 comm=syz.0.1469
[  108.642543][T10478] bridge0: port 3(dummy0) entered disabled state
[  108.649003][T10478] bridge0: port 2(bridge_slave_1) entered disabled state
[  108.656145][T10478] bridge0: port 1(bridge_slave_0) entered disabled state
[  108.794965][T10478] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  108.806239][T10478] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  108.821522][T10478] hsr0: left promiscuous mode
[  108.846344][T10478] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  108.855402][T10478] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  108.864433][T10478] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  108.873412][T10478] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  108.888297][T10478] netdevsim netdevsim1 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  108.897269][T10478] netdevsim netdevsim1 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  108.906255][T10478] netdevsim netdevsim1 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  108.915187][T10478] netdevsim netdevsim1 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  108.990327][T10483] netlink: 'syz.2.1467': attribute type 1 has an invalid length.
[  108.998164][T10483] netlink: 152 bytes leftover after parsing attributes in process `syz.2.1467'.
[  109.022433][T10483] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  109.159156][T10515] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  109.166886][T10514] tipc: Resetting bearer <eth:syzkaller0>
[  109.198499][T10514] tipc: Disabling bearer <eth:syzkaller0>
[  109.233217][T10531] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1477'.
[  109.242250][T10531] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1477'.
[  109.242421][T10523] loop3: detected capacity change from 0 to 8192
[  109.350938][T10545] netlink: 43 bytes leftover after parsing attributes in process `syz.4.1480'.
[  109.390034][T10545] tipc: Enabling of bearer <eth:vlan0> rejected, failed to enable media
[  109.586863][T10587] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=10587 comm=syz.4.1494
[  109.602608][T10581] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1492'.
[  109.687098][T10600] lo speed is unknown, defaulting to 1000
[  109.736186][T10611] netlink: 43 bytes leftover after parsing attributes in process `syz.3.1501'.
[  109.746445][T10611] tipc: Enabling of bearer <eth:vlan0> rejected, failed to enable media
[  109.775116][T10600] lo speed is unknown, defaulting to 1000
[  109.929669][T10651] loop3: detected capacity change from 0 to 8192
[  109.970324][T10671] SELinux: syz.3.1517 (10671) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  109.988432][T10664] loop2: detected capacity change from 0 to 512
[  110.197748][T10710] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=10710 comm=syz.2.1528
[  110.227712][T10712] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=10712 comm=syz.3.1529
[  110.446062][T10718] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1531'.
[  110.871920][T10758] loop1: detected capacity change from 0 to 1024
[  110.878879][T10758] EXT4-fs: inline encryption not supported
[  110.884953][T10758] EXT4-fs: Ignoring removed bh option
[  110.892914][T10758] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  110.925326][ T3325] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.937767][ T3383] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  110.951222][ T3383] hid-generic 0000:0000:0000.000B: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  111.016538][T10787] FAULT_INJECTION: forcing a failure.
[  111.016538][T10787] name failslab, interval 1, probability 0, space 0, times 0
[  111.029234][T10787] CPU: 1 UID: 0 PID: 10787 Comm: syz.4.1548 Not tainted 6.15.0-syzkaller-03645-g3d413f0cfd7e #0 PREEMPT(voluntary) 
[  111.029350][T10787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  111.029365][T10787] Call Trace:
[  111.029373][T10787]  <TASK>
[  111.029444][T10787]  __dump_stack+0x1d/0x30
[  111.029462][T10787]  dump_stack_lvl+0xe8/0x140
[  111.029478][T10787]  dump_stack+0x15/0x1b
[  111.029560][T10787]  should_fail_ex+0x265/0x280
[  111.029582][T10787]  ? alloc_fs_context+0x44/0x4e0
[  111.029703][T10787]  should_failslab+0x8c/0xb0
[  111.029718][T10787]  __kmalloc_cache_noprof+0x4c/0x320
[  111.029841][T10787]  alloc_fs_context+0x44/0x4e0
[  111.029865][T10787]  fs_context_for_mount+0x22/0x30
[  111.029888][T10787]  do_new_mount+0xe9/0x680
[  111.029986][T10787]  path_mount+0x4a4/0xb20
[  111.030010][T10787]  ? user_path_at+0x109/0x130
[  111.030099][T10787]  __se_sys_mount+0x28f/0x2e0
[  111.030123][T10787]  ? fput+0x8f/0xc0
[  111.030141][T10787]  __x64_sys_mount+0x67/0x80
[  111.030166][T10787]  x64_sys_call+0xd36/0x2fb0
[  111.030183][T10787]  do_syscall_64+0xd2/0x200
[  111.030282][T10787]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  111.030320][T10787]  ? clear_bhb_loop+0x40/0x90
[  111.030336][T10787]  ? clear_bhb_loop+0x40/0x90
[  111.030354][T10787]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.030370][T10787] RIP: 0033:0x7f90239de969
[  111.030421][T10787] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  111.030435][T10787] RSP: 002b:00007f9022047038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  111.030448][T10787] RAX: ffffffffffffffda RBX: 00007f9023c05fa0 RCX: 00007f90239de969
[  111.030458][T10787] RDX: 00002000000002c0 RSI: 0000200000000080 RDI: 0000000000000000
[  111.030469][T10787] RBP: 00007f9022047090 R08: 0000200000000240 R09: 0000000000000000
[  111.030484][T10787] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  111.030498][T10787] R13: 0000000000000000 R14: 00007f9023c05fa0 R15: 00007fff300748f8
[  111.030521][T10787]  </TASK>
[  111.395219][T10819] loop3: detected capacity change from 0 to 512
[  111.449298][T10832] FAULT_INJECTION: forcing a failure.
[  111.449298][T10832] name failslab, interval 1, probability 0, space 0, times 0
[  111.462034][T10832] CPU: 1 UID: 0 PID: 10832 Comm: syz.2.1560 Not tainted 6.15.0-syzkaller-03645-g3d413f0cfd7e #0 PREEMPT(voluntary) 
[  111.462113][T10832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  111.462123][T10832] Call Trace:
[  111.462128][T10832]  <TASK>
[  111.462173][T10832]  __dump_stack+0x1d/0x30
[  111.462192][T10832]  dump_stack_lvl+0xe8/0x140
[  111.462214][T10832]  dump_stack+0x15/0x1b
[  111.462234][T10832]  should_fail_ex+0x265/0x280
[  111.462341][T10832]  ? audit_log_d_path+0x8d/0x150
[  111.462373][T10832]  should_failslab+0x8c/0xb0
[  111.462431][T10832]  __kmalloc_cache_noprof+0x4c/0x320
[  111.462463][T10832]  audit_log_d_path+0x8d/0x150
[  111.462510][T10832]  audit_log_d_path_exe+0x42/0x70
[  111.462547][T10832]  audit_log_task+0x1e9/0x250
[  111.462658][T10832]  ? mod_objcg_state+0x40e/0x530
[  111.462697][T10832]  audit_seccomp+0x61/0x100
[  111.462727][T10832]  ? __seccomp_filter+0x68c/0x10d0
[  111.462798][T10832]  __seccomp_filter+0x69d/0x10d0
[  111.462830][T10832]  ? commit_creds+0x70f/0x780
[  111.462863][T10832]  __secure_computing+0x82/0x150
[  111.462908][T10832]  syscall_trace_enter+0xcf/0x1e0
[  111.463038][T10832]  do_syscall_64+0xac/0x200
[  111.463090][T10832]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  111.463119][T10832]  ? clear_bhb_loop+0x40/0x90
[  111.463144][T10832]  ? clear_bhb_loop+0x40/0x90
[  111.463226][T10832]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.463250][T10832] RIP: 0033:0x7f1a79fbd37c
[  111.463345][T10832] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  111.463366][T10832] RSP: 002b:00007f1a78627030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  111.463386][T10832] RAX: ffffffffffffffda RBX: 00007f1a7a1e5fa0 RCX: 00007f1a79fbd37c
[  111.463397][T10832] RDX: 000000000000000f RSI: 00007f1a786270a0 RDI: 0000000000000006
[  111.463407][T10832] RBP: 00007f1a78627090 R08: 0000000000000000 R09: 0000000000000000
[  111.463416][T10832] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  111.463426][T10832] R13: 0000000000000000 R14: 00007f1a7a1e5fa0 R15: 00007ffd33573f48
[  111.463448][T10832]  </TASK>
[  111.784697][T10859] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4)
[  111.791325][T10859] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  111.799096][T10859] vhci_hcd vhci_hcd.0: Device attached
[  111.811302][T10860] vhci_hcd: connection closed
[  111.811756][ T1404] vhci_hcd: stop threads
[  111.820689][ T1404] vhci_hcd: release socket
[  111.825283][ T1404] vhci_hcd: disconnect device
[  111.886787][T10878] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4)
[  111.893456][T10878] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  111.901257][T10878] vhci_hcd vhci_hcd.0: Device attached
[  111.910766][T10878] loop2: detected capacity change from 0 to 512
[  111.923657][T10878] EXT4-fs (loop2): 1 orphan inode deleted
[  111.931641][T10878] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  111.944365][ T1404] EXT4-fs error (device loop2): ext4_release_dquot:6971: comm kworker/u8:6: Failed to release dquot type 1
[  111.944491][T10878] ext4 filesystem being mounted at /323/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  111.956710][T10866] loop1: detected capacity change from 0 to 512
[  111.980121][T10878] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  111.989501][T10878] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[  112.001466][T10878] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  112.001621][T10890] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4)
[  112.016333][T10890] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  112.016378][T10879] vhci_hcd: connection closed
[  112.024084][T10890] vhci_hcd vhci_hcd.0: Device attached
[  112.034457][ T1404] vhci_hcd: stop threads
[  112.038745][ T1404] vhci_hcd: release socket
[  112.043262][ T1404] vhci_hcd: disconnect device
[  112.048324][T10890] loop1: detected capacity change from 0 to 512
[  112.063415][T10890] EXT4-fs (loop1): 1 orphan inode deleted
[  112.069454][T10890] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  112.082027][ T1404] EXT4-fs error (device loop1): ext4_release_dquot:6971: comm kworker/u8:6: Failed to release dquot type 1
[  112.082141][T10890] ext4 filesystem being mounted at /315/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  112.115144][T10890] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  112.124500][T10890] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[  112.142582][T10890] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  112.156216][T10892] vhci_hcd: connection closed
[  112.156339][ T5804] vhci_hcd: stop threads
[  112.165289][ T5804] vhci_hcd: release socket
[  112.169770][ T5804] vhci_hcd: disconnect device
[  112.180278][T10503] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  112.188244][T10503] hid-generic 0000:0000:0000.000C: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  112.341172][T10915] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=10915 comm=syz.0.1578
[  112.531144][ T3323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.666015][ T3325] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.706193][T10926] loop1: detected capacity change from 0 to 8192
[  112.793977][T10937] loop1: detected capacity change from 0 to 512
[  113.051689][T10949] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(4)
[  113.058216][T10949] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  113.066046][T10949] vhci_hcd vhci_hcd.0: Device attached
[  113.073795][T10949] loop4: detected capacity change from 0 to 512
[  113.093305][T10949] EXT4-fs (loop4): 1 orphan inode deleted
[  113.099589][T10949] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  113.112176][ T5804] __quota_error: 206 callbacks suppressed
[  113.112190][ T5804] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  113.112543][T10949] ext4 filesystem being mounted at /289/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  113.117946][ T5804] EXT4-fs error (device loop4): ext4_release_dquot:6971: comm kworker/u8:9: Failed to release dquot type 1
[  113.150513][T10949] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  113.159934][T10949] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[  113.181934][T10949] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  113.193666][T10957] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  113.194040][T10950] vhci_hcd: connection closed
[  113.202188][T10957] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  113.203516][ T5804] vhci_hcd: stop threads
[  113.219166][ T5804] vhci_hcd: release socket
[  113.223655][ T5804] vhci_hcd: disconnect device
[  113.227797][   T29] audit: type=1326 audit(1748486246.008:7290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10956 comm="syz.0.1589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f00cee969 code=0x7ffc0000
[  113.251911][   T29] audit: type=1326 audit(1748486246.008:7291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10956 comm="syz.0.1589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f00cee969 code=0x7ffc0000
[  113.275386][   T29] audit: type=1326 audit(1748486246.008:7292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10956 comm="syz.0.1589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=237 compat=0 ip=0x7f4f00cee969 code=0x7ffc0000
[  113.298965][   T29] audit: type=1326 audit(1748486246.008:7293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10956 comm="syz.0.1589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f00cee969 code=0x7ffc0000
[  113.322521][   T29] audit: type=1326 audit(1748486246.008:7294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10956 comm="syz.0.1589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f00cee969 code=0x7ffc0000
[  113.346070][   T29] audit: type=1326 audit(1748486246.008:7295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10956 comm="syz.0.1589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f4f00cee969 code=0x7ffc0000
[  113.369574][   T29] audit: type=1326 audit(1748486246.008:7296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10956 comm="syz.0.1589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f4f00cee9a3 code=0x7ffc0000
[  113.392992][   T29] audit: type=1326 audit(1748486246.008:7297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10956 comm="syz.0.1589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f4f00ced41f code=0x7ffc0000
[  113.416346][   T29] audit: type=1326 audit(1748486246.008:7298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10956 comm="syz.0.1589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f4f00cee9f7 code=0x7ffc0000
[  113.443832][T10965] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=10965 comm=syz.3.1592
[  113.450228][T10967] loop2: detected capacity change from 0 to 2048
[  113.474817][T10967] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  113.503341][ T3323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.563934][T10976] loop2: detected capacity change from 0 to 512
[  113.582447][T10976] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.1595: Failed to acquire dquot type 1
[  113.594389][T10976] EXT4-fs (loop2): 1 truncate cleaned up
[  113.600351][T10976] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  113.612931][T10976] ext4 filesystem being mounted at /327/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  113.632870][ T3323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.741351][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.840335][T11002] loop4: detected capacity change from 0 to 2048
[  113.874718][T11002] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  113.906719][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.023706][T11022] lo speed is unknown, defaulting to 1000
[  114.054692][T11022] lo speed is unknown, defaulting to 1000
[  114.099354][T11050] A link change request failed with some changes committed already. Interface ip6gretap0 may have been left with an inconsistent configuration, please check.
[  114.206186][T11058] loop2: detected capacity change from 0 to 8192
[  114.242395][T11062] loop3: detected capacity change from 0 to 2048
[  114.253126][T11062] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  114.286787][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.394710][T11081] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4)
[  114.401375][T11081] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  114.409199][T11081] vhci_hcd vhci_hcd.0: Device attached
[  114.415377][T11081] loop2: detected capacity change from 0 to 512
[  114.434117][T11081] EXT4-fs (loop2): 1 orphan inode deleted
[  114.443670][T11081] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  114.456256][ T5804] EXT4-fs error (device loop2): ext4_release_dquot:6971: comm kworker/u8:9: Failed to release dquot type 1
[  114.456312][T11081] ext4 filesystem being mounted at /338/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  114.493391][T11081] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  114.503766][T11081] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[  114.526510][T11081] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  114.542451][T11082] vhci_hcd: connection closed
[  114.542627][ T5831] vhci_hcd: stop threads
[  114.550798][T11090] ip6gre1: entered allmulticast mode
[  114.551842][ T5831] vhci_hcd: release socket
[  114.551858][ T5831] vhci_hcd: disconnect device
[  114.646069][T11103] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=11103 comm=syz.3.1627
[  115.055185][ T3323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.104128][T11137] loop2: detected capacity change from 0 to 2048
[  115.122551][T11137] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  115.149133][ T3323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.193306][T11147] loop2: detected capacity change from 0 to 8192
[  115.203765][T11147] __nla_validate_parse: 1 callbacks suppressed
[  115.203776][T11147] netlink: 802 bytes leftover after parsing attributes in process `syz.2.1642'.
[  115.475767][T11172] loop2: detected capacity change from 0 to 2048
[  115.493506][T11172] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  115.526866][ T3323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.719752][T11223] FAULT_INJECTION: forcing a failure.
[  115.719752][T11223] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  115.732998][T11223] CPU: 0 UID: 0 PID: 11223 Comm: syz.3.1661 Not tainted 6.15.0-syzkaller-03645-g3d413f0cfd7e #0 PREEMPT(voluntary) 
[  115.733072][T11223] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  115.733087][T11223] Call Trace:
[  115.733094][T11223]  <TASK>
[  115.733103][T11223]  __dump_stack+0x1d/0x30
[  115.733196][T11223]  dump_stack_lvl+0xe8/0x140
[  115.733220][T11223]  dump_stack+0x15/0x1b
[  115.733241][T11223]  should_fail_ex+0x265/0x280
[  115.733271][T11223]  should_fail+0xb/0x20
[  115.733293][T11223]  should_fail_usercopy+0x1a/0x20
[  115.733348][T11223]  _copy_to_user+0x20/0xa0
[  115.733372][T11223]  snd_seq_ioctl+0x223/0x2e0
[  115.733420][T11223]  ? __pfx_snd_seq_ioctl+0x10/0x10
[  115.733510][T11223]  __se_sys_ioctl+0xcb/0x140
[  115.733576][T11223]  __x64_sys_ioctl+0x43/0x50
[  115.733598][T11223]  x64_sys_call+0x19a8/0x2fb0
[  115.733618][T11223]  do_syscall_64+0xd2/0x200
[  115.733778][T11223]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  115.733811][T11223]  ? clear_bhb_loop+0x40/0x90
[  115.733836][T11223]  ? clear_bhb_loop+0x40/0x90
[  115.733861][T11223]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.733961][T11223] RIP: 0033:0x7fe42dcee969
[  115.733977][T11223] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  115.733999][T11223] RSP: 002b:00007fe42c357038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  115.734060][T11223] RAX: ffffffffffffffda RBX: 00007fe42df15fa0 RCX: 00007fe42dcee969
[  115.734099][T11223] RDX: 0000200000000140 RSI: 0000000080045301 RDI: 0000000000000003
[  115.734113][T11223] RBP: 00007fe42c357090 R08: 0000000000000000 R09: 0000000000000000
[  115.734197][T11223] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  115.734208][T11223] R13: 0000000000000000 R14: 00007fe42df15fa0 R15: 00007ffd5d29b928
[  115.734225][T11223]  </TASK>
[  115.937633][T11227] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=11227 comm=syz.3.1663
[  116.093030][T11255] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1669'.
[  116.157650][T11264] lo speed is unknown, defaulting to 1000
[  116.198320][T11264] lo speed is unknown, defaulting to 1000
[  116.527844][T11327] lo speed is unknown, defaulting to 1000
[  116.563158][T11327] lo speed is unknown, defaulting to 1000
[  116.625226][T11356] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  116.639861][T11356] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  116.739531][T11364] loop4: detected capacity change from 0 to 512
[  116.754901][T11364] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.1690: Failed to acquire dquot type 1
[  116.767082][T11364] EXT4-fs (loop4): 1 truncate cleaned up
[  116.782489][T11364] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  116.795541][T11364] ext4 filesystem being mounted at /310/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  116.835903][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.860556][T11392] netlink: 43 bytes leftover after parsing attributes in process `syz.4.1697'.
[  116.869691][T11392] tipc: Enabling of bearer <eth:vlan0> rejected, failed to enable media
[  116.882267][T11386] loop2: detected capacity change from 0 to 512
[  116.904294][T11386] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.1695: Failed to acquire dquot type 1
[  116.916858][T11386] EXT4-fs (loop2): 1 truncate cleaned up
[  116.925619][T11386] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  116.939522][T11386] ext4 filesystem being mounted at /372/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  116.970970][ T3323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.088570][T11438] lo speed is unknown, defaulting to 1000
[  117.104929][T11434] loop1: detected capacity change from 0 to 512
[  117.124431][T11438] lo speed is unknown, defaulting to 1000
[  117.133140][T11434] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.1711: Failed to acquire dquot type 1
[  117.147366][T11434] EXT4-fs (loop1): 1 truncate cleaned up
[  117.157572][T11434] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  117.172634][T11434] ext4 filesystem being mounted at /338/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  117.225846][T11469] netlink: 43 bytes leftover after parsing attributes in process `syz.0.1714'.
[  117.253971][T11469] tipc: Enabling of bearer <eth:vlan0> rejected, failed to enable media
[  117.270640][ T3325] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.334342][T11478] loop4: detected capacity change from 0 to 512
[  117.362435][T11486] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[  117.370690][T11486] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[  117.382956][T11478] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  117.409333][T11478] EXT4-fs (loop4): 1 truncate cleaned up
[  117.422648][T11478] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  117.444764][T11478] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.825233][T11541] netlink: 43 bytes leftover after parsing attributes in process `syz.0.1733'.
[  117.834579][T11541] tipc: Enabling of bearer <eth:vlan0> rejected, failed to enable media
[  118.213021][T11594] netlink: 'syz.0.1747': attribute type 27 has an invalid length.
[  118.240090][T11594] bridge0: port 2(bridge_slave_1) entered disabled state
[  118.247336][T11594] bridge0: port 1(bridge_slave_0) entered disabled state
[  118.273326][T11594] wg2: left promiscuous mode
[  118.278046][T11594] wg2: left allmulticast mode
[  118.300679][T11594] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  118.313397][T11594] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  118.349371][T11601] loop2: detected capacity change from 0 to 512
[  118.357144][T11594] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  118.366345][T11594] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  118.375267][T11594] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  118.384400][T11594] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  118.393398][T11601] __quota_error: 222 callbacks suppressed
[  118.393412][T11601] Quota error (device loop2): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  118.409403][T11601] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  118.419432][T11601] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.1749: Failed to acquire dquot type 1
[  118.431546][T11601] EXT4-fs (loop2): 1 truncate cleaned up
[  118.437868][T11601] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  118.450567][T11601] ext4 filesystem being mounted at /381/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  118.464384][ T3383] lo speed is unknown, defaulting to 1000
[  118.470166][ T3383] syz2: Port: 1 Link DOWN
[  118.475459][ T3323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.497515][T11596] 8021q: adding VLAN 0 to HW filter on device bond0
[  118.505729][T11596] 8021q: adding VLAN 0 to HW filter on device team0
[  118.514935][T11596] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  118.532745][   T36] lo speed is unknown, defaulting to 1000
[  118.538505][   T36] syz2: Port: 1 Link ACTIVE
[  118.609897][T11629] lo speed is unknown, defaulting to 1000
[  118.641505][T11629] lo speed is unknown, defaulting to 1000
[  118.884784][T11672] loop2: detected capacity change from 0 to 512
[  118.902657][T11672] Quota error (device loop2): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  118.912824][T11672] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  118.922937][T11672] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.1762: Failed to acquire dquot type 1
[  118.934661][T11672] EXT4-fs (loop2): 1 truncate cleaned up
[  118.940687][T11672] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  118.953660][T11672] ext4 filesystem being mounted at /389/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  118.984678][ T3323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  119.023705][T11680] FAULT_INJECTION: forcing a failure.
[  119.023705][T11680] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  119.037081][T11680] CPU: 0 UID: 0 PID: 11680 Comm: syz.3.1764 Not tainted 6.15.0-syzkaller-03645-g3d413f0cfd7e #0 PREEMPT(voluntary) 
[  119.037109][T11680] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  119.037121][T11680] Call Trace:
[  119.037126][T11680]  <TASK>
[  119.037132][T11680]  __dump_stack+0x1d/0x30
[  119.037151][T11680]  dump_stack_lvl+0xe8/0x140
[  119.037187][T11680]  dump_stack+0x15/0x1b
[  119.037247][T11680]  should_fail_ex+0x265/0x280
[  119.037279][T11680]  should_fail_alloc_page+0xf2/0x100
[  119.037304][T11680]  __alloc_frozen_pages_noprof+0xff/0x360
[  119.037405][T11680]  alloc_pages_mpol+0xb3/0x250
[  119.037453][T11680]  alloc_pages_noprof+0x90/0x130
[  119.037541][T11680]  __pmd_alloc+0x47/0x460
[  119.037594][T11680]  handle_mm_fault+0x19ae/0x2c00
[  119.037629][T11680]  ? __rcu_read_unlock+0x4f/0x70
[  119.037719][T11680]  do_user_addr_fault+0x3fe/0x1090
[  119.037762][T11680]  exc_page_fault+0x62/0xa0
[  119.037801][T11680]  asm_exc_page_fault+0x26/0x30
[  119.037822][T11680] RIP: 0010:rep_movs_alternative+0x4a/0x90
[  119.037847][T11680] Code: eb 01 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 e9 8f eb 01 00 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[  119.037933][T11680] RSP: 0018:ffffc9001138bc98 EFLAGS: 00050206
[  119.037950][T11680] RAX: ffff888109b9ab18 RBX: ffff88811931a800 RCX: 0000000000000800
[  119.037963][T11680] RDX: 0000000000000001 RSI: 0000200000000240 RDI: ffff88811931a800
[  119.037978][T11680] RBP: 0000200000000240 R08: 000000000000059c R09: 0000000000000000
[  119.037992][T11680] R10: 000188811931a800 R11: 000188811931afff R12: 0000200000000a40
[  119.038062][T11680] R13: ffffc9001138be08 R14: 0000000000000800 R15: 00007ffffffff000
[  119.038090][T11680]  _copy_from_iter+0x141/0xe40
[  119.038132][T11680]  ? file_tty_write+0x1dc/0x670
[  119.038165][T11680]  ? __traceiter_kfree+0x2b/0x50
[  119.038218][T11680]  ? file_tty_write+0x1dc/0x670
[  119.038248][T11680]  ? kfree+0x27b/0x320
[  119.038277][T11680]  file_tty_write+0x32f/0x670
[  119.038312][T11680]  ? __pfx_tty_write+0x10/0x10
[  119.038378][T11680]  tty_write+0x25/0x30
[  119.038408][T11680]  vfs_write+0x4a0/0x8e0
[  119.038455][T11680]  ksys_write+0xda/0x1a0
[  119.038536][T11680]  __x64_sys_write+0x40/0x50
[  119.038621][T11680]  x64_sys_call+0x2cdd/0x2fb0
[  119.038650][T11680]  do_syscall_64+0xd2/0x200
[  119.038724][T11680]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  119.038758][T11680]  ? clear_bhb_loop+0x40/0x90
[  119.038843][T11680]  ? clear_bhb_loop+0x40/0x90
[  119.038871][T11680]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  119.038897][T11680] RIP: 0033:0x7fe42dcee969
[  119.038915][T11680] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  119.038939][T11680] RSP: 002b:00007fe42c357038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  119.038962][T11680] RAX: ffffffffffffffda RBX: 00007fe42df15fa0 RCX: 00007fe42dcee969
[  119.038978][T11680] RDX: 00000000fffffecc RSI: 0000200000000240 RDI: 0000000000000003
[  119.038994][T11680] RBP: 00007fe42c357090 R08: 0000000000000000 R09: 0000000000000000
[  119.039009][T11680] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  119.039024][T11680] R13: 0000000000000000 R14: 00007fe42df15fa0 R15: 00007ffd5d29b928
[  119.039050][T11680]  </TASK>
[  119.064554][T11698] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1768'.
[  119.139841][T11704] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  119.146872][T11701] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4)
[  119.167963][T11704] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  119.169359][T11701] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  119.404286][T11701] vhci_hcd vhci_hcd.0: Device attached
[  119.405264][   T29] audit: type=1326 audit(1748486251.998:7512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11703 comm="syz.0.1771" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f4f00cee969 code=0x0
[  119.432739][T11715] loop3: detected capacity change from 0 to 512
[  119.466357][T11715] EXT4-fs (loop3): 1 orphan inode deleted
[  119.473924][T11715] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  119.486723][ T5804] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  119.496524][ T5804] EXT4-fs error (device loop3): ext4_release_dquot:6971: comm kworker/u8:9: Failed to release dquot type 1
[  119.496771][T11715] ext4 filesystem being mounted at /321/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  119.519450][T11731] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4)
[  119.526034][T11731] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  119.533743][T11731] vhci_hcd vhci_hcd.0: Device attached
[  119.557063][T11731] loop1: detected capacity change from 0 to 512
[  119.567383][T11701] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  119.576896][T11701] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  119.586675][T11740] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4)
[  119.593260][T11740] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  119.600995][T11740] vhci_hcd vhci_hcd.0: Device attached
[  119.607961][   T29] audit: type=1400 audit(1748486252.398:7513): avc:  denied  { setopt } for  pid=11743 comm="syz.4.1776" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  119.619157][T11740] loop2: detected capacity change from 0 to 512
[  119.627691][   T29] audit: type=1400 audit(1748486252.398:7514): avc:  denied  { create } for  pid=11743 comm="syz.4.1776" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  119.655642][T11731] EXT4-fs (loop1): 1 orphan inode deleted
[  119.662029][T11731] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  119.678512][ T1404] Quota error (device loop1): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  119.684283][T11701] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  119.688302][ T1404] EXT4-fs error (device loop1): ext4_release_dquot:6971: comm kworker/u8:6: Failed to release dquot type 1
[  119.697690][T11731] ext4 filesystem being mounted at /344/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  119.708036][   T36] usb 8-1: SetAddress Request (2) to port 0
[  119.723048][T11706] vhci_hcd: connection closed
[  119.725095][   T36] usb 8-1: new SuperSpeed USB device number 2 using vhci_hcd
[  119.727856][T11740] EXT4-fs (loop2): 1 orphan inode deleted
[  119.730347][ T5831] vhci_hcd: stop threads
[  119.738730][T11740] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  119.742980][ T5831] vhci_hcd: release socket
[  119.742993][ T5831] vhci_hcd: disconnect device
[  119.747380][T11740] ext4 filesystem being mounted at /391/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  119.760381][   T36] usb 8-1: enqueue for inactive port 0
[  119.785066][ T1404] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  119.794885][ T1404] EXT4-fs error (device loop2): ext4_release_dquot:6971: comm kworker/u8:6: Failed to release dquot type 1
[  119.806798][   T36] usb 8-1: enqueue for inactive port 0
[  119.807695][T11740] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  119.812300][   T36] usb 8-1: enqueue for inactive port 0
[  119.813304][T11731] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  119.834780][T11740] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[  119.845656][T11731] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[  119.855426][T11740] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  119.861528][T11731] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  119.863954][ T3598] usb 4-1: SetAddress Request (2) to port 0
[  119.879742][ T3598] usb 4-1: new SuperSpeed USB device number 2 using vhci_hcd
[  119.892952][T11734] vhci_hcd: connection closed
[  119.893297][ T5831] vhci_hcd: stop threads
[  119.902365][ T5831] vhci_hcd: release socket
[  119.906866][ T5831] vhci_hcd: disconnect device
[  119.919390][T11742] vhci_hcd: connection closed
[  119.919984][ T5831] vhci_hcd: stop threads
[  119.929033][ T5831] vhci_hcd: release socket
[  119.931074][   T36] usb 8-1: new SuperSpeed USB device number 2 using vhci_hcd
[  119.933488][ T5831] vhci_hcd: disconnect device
[  119.945778][T11761] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1777'.
[  119.955613][   T36] usb 8-1: enqueue for inactive port 0
[  119.961109][T11761] hsr_slave_0 (unregistering): left promiscuous mode
[  119.961258][   T36] usb 8-1: enqueue for inactive port 0
[  119.973457][   T36] usb 8-1: enqueue for inactive port 0
[  120.030516][T11768] xt_hashlimit: max too large, truncated to 1048576
[  120.030524][T11769] xt_hashlimit: max too large, truncated to 1048576
[  120.032461][T11769] openvswitch: netlink: Message has 6 unknown bytes.
[  120.123514][T11778] lo speed is unknown, defaulting to 1000
[  120.152667][T11778] lo speed is unknown, defaulting to 1000
[  120.210879][T11804] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1782'.
[  120.242747][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  120.330042][T11812] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1784'.
[  120.404859][ T3325] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  120.433224][ T3323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  120.504641][T11841] lo speed is unknown, defaulting to 1000
[  120.536116][T11841] lo speed is unknown, defaulting to 1000
[  120.590887][T11867] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1790'.
[  120.657713][T11877] lo speed is unknown, defaulting to 1000
[  120.698255][T11877] lo speed is unknown, defaulting to 1000
[  121.031762][   T36] usb usb8-port1: attempt power cycle
[  121.332225][T11918] lo speed is unknown, defaulting to 1000
[  121.367372][T11918] lo speed is unknown, defaulting to 1000
[  121.501306][T11953] netlink: 43 bytes leftover after parsing attributes in process `syz.1.1804'.
[  121.510566][T11953] tipc: Enabling of bearer <eth:vlan0> rejected, failed to enable media
[  121.965375][T11978] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1811'.
[  122.019180][T11983] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1811'.
[  122.028410][T11983] netlink: 'syz.1.1811': attribute type 30 has an invalid length.
[  122.043999][T11980] lo speed is unknown, defaulting to 1000
[  122.063848][T11983] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  122.072695][T11983] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  122.081402][T11983] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  122.090159][T11983] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  122.122131][T11983] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1811'.
[  122.131116][T11983] netlink: 'syz.1.1811': attribute type 30 has an invalid length.
[  122.196769][T11996] netlink: 43 bytes leftover after parsing attributes in process `syz.2.1815'.
[  122.206280][T11996] tipc: Enabling of bearer <eth:vlan0> rejected, failed to enable media
[  122.214852][T11998] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4)
[  122.221434][T11998] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  122.229301][T11998] vhci_hcd vhci_hcd.0: Device attached
[  122.237082][T11980] lo speed is unknown, defaulting to 1000
[  122.338744][T12001] vhci_hcd: connection closed
[  122.338909][ T5837] vhci_hcd: stop threads
[  122.348201][ T5837] vhci_hcd: release socket
[  122.352739][ T5837] vhci_hcd: disconnect device
[  122.479344][T12044] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1822'.
[  122.512909][T12048] FAULT_INJECTION: forcing a failure.
[  122.512909][T12048] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  122.526008][T12048] CPU: 0 UID: 0 PID: 12048 Comm: syz.4.1823 Not tainted 6.15.0-syzkaller-03645-g3d413f0cfd7e #0 PREEMPT(voluntary) 
[  122.526032][T12048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  122.526045][T12048] Call Trace:
[  122.526052][T12048]  <TASK>
[  122.526059][T12048]  __dump_stack+0x1d/0x30
[  122.526163][T12048]  dump_stack_lvl+0xe8/0x140
[  122.526182][T12048]  dump_stack+0x15/0x1b
[  122.526196][T12048]  should_fail_ex+0x265/0x280
[  122.526226][T12048]  should_fail+0xb/0x20
[  122.526286][T12048]  should_fail_usercopy+0x1a/0x20
[  122.526316][T12048]  strncpy_from_user+0x25/0x230
[  122.526410][T12048]  strncpy_from_user_nofault+0x68/0xf0
[  122.526443][T12048]  bpf_probe_read_user_str+0x2a/0x70
[  122.526608][T12048]  bpf_prog_02a70dbeb5f742df+0x43/0x49
[  122.526627][T12048]  bpf_trace_run2+0x104/0x1c0
[  122.526655][T12048]  ? __se_sys_memfd_create+0x577/0x590
[  122.526690][T12048]  ? __se_sys_memfd_create+0x577/0x590
[  122.526789][T12048]  __traceiter_kfree+0x2b/0x50
[  122.526817][T12048]  ? __se_sys_memfd_create+0x577/0x590
[  122.526903][T12048]  kfree+0x27b/0x320
[  122.526928][T12048]  __se_sys_memfd_create+0x577/0x590
[  122.526960][T12048]  __x64_sys_memfd_create+0x31/0x40
[  122.526984][T12048]  x64_sys_call+0x122f/0x2fb0
[  122.527077][T12048]  do_syscall_64+0xd2/0x200
[  122.527133][T12048]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  122.527156][T12048]  ? clear_bhb_loop+0x40/0x90
[  122.527174][T12048]  ? clear_bhb_loop+0x40/0x90
[  122.527243][T12048]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.527266][T12048] RIP: 0033:0x7f90239de969
[  122.527278][T12048] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  122.527295][T12048] RSP: 002b:00007f9022046e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  122.527315][T12048] RAX: ffffffffffffffda RBX: 0000000000000363 RCX: 00007f90239de969
[  122.527329][T12048] RDX: 00007f9022046ef0 RSI: 0000000000000000 RDI: 00007f9023a61444
[  122.527343][T12048] RBP: 0000200000000280 R08: 00007f9022046bb7 R09: 00007f9022046e40
[  122.527387][T12048] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000080
[  122.527400][T12048] R13: 00007f9022046ef0 R14: 00007f9022046eb0 R15: 0000200000000180
[  122.527445][T12048]  </TASK>
[  122.786960][T12048] loop4: detected capacity change from 0 to 256
[  122.794064][T12048] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  122.812799][T12048] FAT-fs (loop4): Directory bread(block 64) failed
[  122.819498][T12048] FAT-fs (loop4): Directory bread(block 65) failed
[  122.826632][T12048] FAT-fs (loop4): Directory bread(block 66) failed
[  122.839715][T12048] FAT-fs (loop4): Directory bread(block 67) failed
[  122.846913][T12048] FAT-fs (loop4): Directory bread(block 68) failed
[  122.857744][T12048] FAT-fs (loop4): Directory bread(block 69) failed
[  122.904785][T12048] FAT-fs (loop4): Directory bread(block 70) failed
[  122.914888][T12048] FAT-fs (loop4): Directory bread(block 71) failed
[  122.922041][T12048] FAT-fs (loop4): Directory bread(block 72) failed
[  122.939087][T12048] FAT-fs (loop4): Directory bread(block 73) failed
[  122.993120][T12059] netlink: 43 bytes leftover after parsing attributes in process `syz.2.1827'.
[  123.020166][T12059] tipc: Enabling of bearer <eth:vlan0> rejected, failed to enable media
[  123.055356][   T36] usb usb8-port1: unable to enumerate USB device
[  123.204943][T11988] Set syz1 is full, maxelem 65536 reached
[  123.209083][T12084] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1834'.
[  123.258539][T12093] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  123.267773][T12093] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  123.278668][T12093] loop2: detected capacity change from 0 to 256
[  123.286368][T12093] vfat: Unknown parameter 'ÿÿÿÿÿÿ0xffffffffffffffff'
[  123.296186][T12100] loop4: detected capacity change from 0 to 128
[  123.304983][T12100] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  123.317898][T12100] ext4 filesystem being mounted at /352/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  123.331115][T12100] EXT4-fs (loop4): shut down requested (1)
[  123.355384][T12106] loop3: detected capacity change from 0 to 128
[  123.364211][T12106] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  123.377139][T12106] ext4 filesystem being mounted at /327/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  123.653772][T12112] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4)
[  123.660309][T12112] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  123.668189][T12112] vhci_hcd vhci_hcd.0: Device attached
[  123.679837][T12112] loop1: detected capacity change from 0 to 512
[  123.695487][T12112] EXT4-fs (loop1): 1 orphan inode deleted
[  123.702094][T12112] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  123.715386][ T5837] __quota_error: 77 callbacks suppressed
[  123.715396][ T5837] Quota error (device loop1): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  123.730909][ T5837] EXT4-fs error (device loop1): ext4_release_dquot:6971: comm kworker/u8:28: Failed to release dquot type 1
[  123.742717][T12112] ext4 filesystem being mounted at /360/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  123.757103][T12112] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  123.766616][T12112] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[  123.782158][T12112] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  123.800962][T12113] vhci_hcd: connection reset by peer
[  123.806949][ T5804] vhci_hcd: stop threads
[  123.811282][ T5804] vhci_hcd: release socket
[  123.815719][ T5804] vhci_hcd: disconnect device
[  123.860358][T12122] tipc: Enabling of bearer <eth:vlan0> rejected, failed to enable media
[  123.983038][T12133] FAULT_INJECTION: forcing a failure.
[  123.983038][T12133] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  123.996187][T12133] CPU: 1 UID: 0 PID: 12133 Comm: syz.2.1842 Not tainted 6.15.0-syzkaller-03645-g3d413f0cfd7e #0 PREEMPT(voluntary) 
[  123.996256][T12133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  123.996270][T12133] Call Trace:
[  123.996277][T12133]  <TASK>
[  123.996285][T12133]  __dump_stack+0x1d/0x30
[  123.996304][T12133]  dump_stack_lvl+0xe8/0x140
[  123.996321][T12133]  dump_stack+0x15/0x1b
[  123.996396][T12133]  should_fail_ex+0x265/0x280
[  123.996441][T12133]  should_fail+0xb/0x20
[  123.996469][T12133]  should_fail_usercopy+0x1a/0x20
[  123.996503][T12133]  strncpy_from_user+0x25/0x230
[  123.996526][T12133]  strncpy_from_user_nofault+0x68/0xf0
[  123.996565][T12133]  bpf_probe_read_user_str+0x2a/0x70
[  123.996612][T12133]  bpf_prog_02a70dbeb5f742df+0x43/0x49
[  123.996631][T12133]  bpf_trace_run2+0x104/0x1c0
[  123.996654][T12133]  ? ida_alloc_range+0x63e/0x6c0
[  123.996750][T12133]  ? ida_alloc_range+0x63e/0x6c0
[  123.996776][T12133]  __traceiter_kfree+0x2b/0x50
[  123.996826][T12133]  ? ida_alloc_range+0x63e/0x6c0
[  123.996924][T12133]  kfree+0x27b/0x320
[  123.996949][T12133]  ida_alloc_range+0x63e/0x6c0
[  123.996991][T12133]  proc_register+0x35/0x350
[  123.997082][T12133]  proc_create_data+0x1ad/0x1e0
[  123.997108][T12133]  recent_mt_check+0x779/0x8f0
[  123.997140][T12133]  recent_mt_check_v0+0x67/0x90
[  123.997177][T12133]  xt_check_match+0x2ad/0x4f0
[  123.997200][T12133]  ? strnlen+0x28/0x50
[  123.997273][T12133]  ? strcmp+0x22/0x50
[  123.997334][T12133]  ? xt_find_match+0x1d1/0x210
[  123.997371][T12133]  translate_table+0xb4b/0x1070
[  123.997473][T12133]  ? _copy_from_user+0x89/0xb0
[  123.997491][T12133]  do_ip6t_set_ctl+0x678/0x840
[  123.997546][T12133]  ? kstrtoull+0x111/0x140
[  123.997568][T12133]  ? __rcu_read_unlock+0x4f/0x70
[  123.997592][T12133]  nf_setsockopt+0x196/0x1b0
[  123.997669][T12133]  ipv6_setsockopt+0x11a/0x130
[  123.997728][T12133]  tcp_setsockopt+0x98/0xb0
[  123.997781][T12133]  sock_common_setsockopt+0x66/0x80
[  123.997800][T12133]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  123.997850][T12133]  __sys_setsockopt+0x181/0x200
[  123.997877][T12133]  __x64_sys_setsockopt+0x64/0x80
[  123.997899][T12133]  x64_sys_call+0x2bd5/0x2fb0
[  123.997927][T12133]  do_syscall_64+0xd2/0x200
[  123.997958][T12133]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  123.997985][T12133]  ? clear_bhb_loop+0x40/0x90
[  123.998087][T12133]  ? clear_bhb_loop+0x40/0x90
[  123.998119][T12133]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.998205][T12133] RIP: 0033:0x7f1a79fbe969
[  123.998224][T12133] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  123.998247][T12133] RSP: 002b:00007f1a78627038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  123.998267][T12133] RAX: ffffffffffffffda RBX: 00007f1a7a1e5fa0 RCX: 00007f1a79fbe969
[  123.998279][T12133] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000005
[  123.998340][T12133] RBP: 00007f1a78627090 R08: 0000000000000520 R09: 0000000000000000
[  123.998501][T12133] R10: 0000200000000c80 R11: 0000000000000246 R12: 0000000000000002
[  123.998517][T12133] R13: 0000000000000000 R14: 00007f1a7a1e5fa0 R15: 00007ffd33573f48
[  123.998544][T12133]  </TASK>
[  124.345572][ T3325] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  124.359295][ T3316] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  124.451648][T12149] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  124.490472][T12149] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  124.501335][   T29] audit: type=1400 audit(1748486257.278:7592): avc:  denied  { mounton } for  pid=12127 comm="syz.0.1841" path="/proc/944/task" dev="proc" ino=23107 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  124.534984][T12149] loop3: detected capacity change from 0 to 256
[  124.541870][   T29] audit: type=1326 audit(1748486257.338:7593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12148 comm="syz.3.1848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe42dcee969 code=0x7ffc0000
[  124.565427][   T29] audit: type=1326 audit(1748486257.338:7594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12148 comm="syz.3.1848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe42dcee969 code=0x7ffc0000
[  124.588935][   T29] audit: type=1326 audit(1748486257.338:7595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12148 comm="syz.3.1848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=237 compat=0 ip=0x7fe42dcee969 code=0x7ffc0000
[  124.612486][   T29] audit: type=1326 audit(1748486257.338:7596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12148 comm="syz.3.1848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe42dcee969 code=0x7ffc0000
[  124.636117][   T29] audit: type=1326 audit(1748486257.338:7597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12148 comm="syz.3.1848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe42dcee969 code=0x7ffc0000
[  124.659707][   T29] audit: type=1326 audit(1748486257.338:7598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12148 comm="syz.3.1848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fe42dcee969 code=0x7ffc0000
[  124.683364][   T29] audit: type=1326 audit(1748486257.338:7599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12148 comm="syz.3.1848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fe42dcee9a3 code=0x7ffc0000
[  124.706711][   T29] audit: type=1326 audit(1748486257.338:7600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12148 comm="syz.3.1848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fe42dced41f code=0x7ffc0000
[  124.722574][T12149] vfat: Unknown parameter 'ÿÿÿÿÿÿ0xffffffffffffffff'
[  124.744864][T12161] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  124.795721][T12161] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  124.845212][T12155] lo speed is unknown, defaulting to 1000
[  124.871403][T12161] loop2: detected capacity change from 0 to 256
[  124.879470][T12155] lo speed is unknown, defaulting to 1000
[  124.886204][T12161] vfat: Unknown parameter 'ÿÿÿÿÿÿ0xffffffffffffffff'
[  124.921740][ T3598] usb 4-1: device descriptor read/8, error -110
[  125.038938][ T3598] usb 4-1: new SuperSpeed USB device number 2 using vhci_hcd
[  125.107672][ T3598] usb 4-1: enqueue for inactive port 0
[  125.114280][ T3322] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  125.122116][ T3598] usb 4-1: enqueue for inactive port 0
[  125.128750][ T3598] usb 4-1: enqueue for inactive port 0
[  125.341772][T12201] loop3: detected capacity change from 0 to 128
[  125.414664][T12201] batadv_slave_0: left promiscuous mode
[  125.423309][T12201] ip6gre1: left allmulticast mode
[  125.477283][T12207] loop2: detected capacity change from 0 to 2048
[  125.495858][T12207] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  125.530988][ T3323] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  125.557399][T12219] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4)
[  125.563922][T12219] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  125.571694][T12219] vhci_hcd vhci_hcd.0: Device attached
[  125.580207][T12219] loop2: detected capacity change from 0 to 512
[  125.595712][T12219] EXT4-fs (loop2): 1 orphan inode deleted
[  125.606675][T12219] ext4 filesystem being mounted at /417/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  125.617219][ T5831] EXT4-fs error (device loop2): ext4_release_dquot:6971: comm kworker/u8:25: Failed to release dquot type 1
[  125.635183][T12219] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  125.644715][T12219] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[  125.664347][T12219] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  125.694067][T12220] vhci_hcd: connection closed
[  125.694239][ T5837] vhci_hcd: stop threads
[  125.703231][ T5837] vhci_hcd: release socket
[  125.707923][ T5837] vhci_hcd: disconnect device
[  125.887579][T12253] loop3: detected capacity change from 0 to 2048
[  126.161434][ T3598] usb usb4-port1: attempt power cycle
[  126.346266][T12294] lo speed is unknown, defaulting to 1000
[  126.435628][T12294] lo speed is unknown, defaulting to 1000
[  126.504955][T12340] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4)
[  126.511588][T12340] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  126.519332][T12340] vhci_hcd vhci_hcd.0: Device attached
[  126.544780][T12340] loop2: detected capacity change from 0 to 512
[  126.563219][T12340] EXT4-fs (loop2): 1 orphan inode deleted
[  126.577518][T12340] ext4 filesystem being mounted at /420/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  126.611634][ T5837] EXT4-fs error (device loop2): ext4_release_dquot:6971: comm kworker/u8:28: Failed to release dquot type 1
[  126.633269][T12340] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  126.642879][T12340] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[  126.671743][T12340] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  126.684347][T12341] vhci_hcd: connection closed
[  126.685056][ T5893] vhci_hcd: stop threads
[  126.694108][ T5893] vhci_hcd: release socket
[  126.698672][ T5893] vhci_hcd: disconnect device
[  126.734858][T12360] lo speed is unknown, defaulting to 1000
[  126.766398][T12360] lo speed is unknown, defaulting to 1000
[  127.123437][T12384] __nla_validate_parse: 1 callbacks suppressed
[  127.123453][T12384] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1887'.
[  127.538705][T12428] netlink: 43 bytes leftover after parsing attributes in process `syz.3.1898'.
[  127.547772][T12428] tipc: Enabling of bearer <eth:vlan0> rejected, failed to enable media
[  127.557606][T12432] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1899'.
[  127.722905][T12448] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=12448 comm=syz.1.1904
[  127.783271][T12457] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1905'.
[  127.904271][T12464] lo speed is unknown, defaulting to 1000
[  127.990970][T12464] lo speed is unknown, defaulting to 1000
[  127.999018][ T3598] usb usb4-port1: unable to enumerate USB device
[  128.071826][T12493] netlink: 43 bytes leftover after parsing attributes in process `syz.0.1912'.
[  128.083554][T12493] tipc: Enabling of bearer <eth:vlan0> rejected, failed to enable media
[  128.217577][T12510] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  128.227202][T12510] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  128.312322][T12525] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=12525 comm=syz.2.1920
[  128.518268][T12534] loop3: detected capacity change from 0 to 2048
[  128.532937][T12534] EXT4-fs mount: 6 callbacks suppressed
[  128.532950][T12534] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  128.563104][ T3316] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.584166][T12542] netlink: 43 bytes leftover after parsing attributes in process `syz.4.1925'.
[  128.593514][T12542] tipc: Enabling of bearer <eth:vlan0> rejected, failed to enable media
[  128.618115][T12550] lo speed is unknown, defaulting to 1000
[  128.663176][T12550] lo speed is unknown, defaulting to 1000
[  128.755501][   T29] kauditd_printk_skb: 201 callbacks suppressed
[  128.755513][   T29] audit: type=1326 audit(1748486261.558:7800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12556 comm="syz.1.1927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4b26de969 code=0x7ffc0000
[  128.789485][   T29] audit: type=1326 audit(1748486261.568:7801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12556 comm="syz.1.1927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4b26de969 code=0x7ffc0000
[  128.813058][   T29] audit: type=1326 audit(1748486261.568:7802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12556 comm="syz.1.1927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fd4b26de969 code=0x7ffc0000
[  128.836930][   T29] audit: type=1326 audit(1748486261.588:7803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12556 comm="syz.1.1927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4b26de969 code=0x7ffc0000
[  128.860445][   T29] audit: type=1326 audit(1748486261.588:7804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12556 comm="syz.1.1927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4b26de969 code=0x7ffc0000
[  128.884330][   T29] audit: type=1326 audit(1748486261.588:7805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12556 comm="syz.1.1927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd4b26de969 code=0x7ffc0000
[  128.907837][   T29] audit: type=1326 audit(1748486261.588:7806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12556 comm="syz.1.1927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4b26de969 code=0x7ffc0000
[  128.931463][   T29] audit: type=1326 audit(1748486261.588:7807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12556 comm="syz.1.1927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4b26de969 code=0x7ffc0000
[  128.955012][   T29] audit: type=1326 audit(1748486261.588:7808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12556 comm="syz.1.1927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7fd4b26de969 code=0x7ffc0000
[  128.978595][   T29] audit: type=1326 audit(1748486261.588:7809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12556 comm="syz.1.1927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4b26de969 code=0x7ffc0000
[  129.120022][T12606] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1935'.
[  129.140982][T12608] netlink: 43 bytes leftover after parsing attributes in process `syz.4.1938'.
[  129.150066][T12608] tipc: Enabling of bearer <eth:vlan0> rejected, failed to enable media
[  129.432163][T12632] netlink: 52 bytes leftover after parsing attributes in process `syz.4.1942'.
[  129.492921][T12646] loop4: detected capacity change from 0 to 2048
[  129.502724][T12646] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  129.535156][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.608953][T12659] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=12659 comm=syz.4.1950
[  129.699758][T12665] netlink: 43 bytes leftover after parsing attributes in process `syz.3.1952'.
[  129.709036][T12665] tipc: Enabling of bearer <eth:vlan0> rejected, failed to enable media
[  129.914451][T12675] loop1: detected capacity change from 0 to 128
[  129.933419][T12675] veth0_vlan: left allmulticast mode
[  129.940189][T12675] wireguard0: left promiscuous mode
[  129.947439][T12675] netdevsim netdevsim1 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  129.956440][T12675] netdevsim netdevsim1 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  129.965395][T12675] netdevsim netdevsim1 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  129.974268][T12675] netdevsim netdevsim1 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  130.048039][ T3393] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  130.057952][ T3393] hid-generic 0000:0000:0000.000D: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  130.943022][T12738] tipc: Enabling of bearer <eth:vlan0> rejected, failed to enable media
[  131.154734][T12771] loop3: detected capacity change from 0 to 512
[  131.169567][T12793] loop1: detected capacity change from 0 to 1024
[  131.176493][T12793] EXT4-fs: Ignoring removed nomblk_io_submit option
[  131.193498][T12793] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  131.219978][T12793] lo speed is unknown, defaulting to 1000
[  131.252955][T12793] lo speed is unknown, defaulting to 1000
[  131.658848][T12886] loop2: detected capacity change from 0 to 128
[  131.681548][T12889] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=12889 comm=syz.0.2009
[  131.866608][T12910] loop2: detected capacity change from 0 to 128
[  131.903152][T12910] bridge0: port 2(bridge_slave_1) entered disabled state
[  131.910367][T12910] bridge0: port 1(bridge_slave_0) entered disabled state
[  131.953667][T12910] veth0_vlan: left allmulticast mode
[  131.959090][T12910] ªªªªªª: left promiscuous mode
[  131.974258][T12910] netdevsim netdevsim2 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  131.982854][T12910] netdevsim netdevsim2 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  131.991306][T12910] netdevsim netdevsim2 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  131.999690][T12910] netdevsim netdevsim2 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  132.023861][ T3325] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.058339][T12918] tipc: Enabling of bearer <eth:vlan0> rejected, failed to enable media
[  132.172952][T12944] loop1: detected capacity change from 0 to 128
[  132.394876][T12954] lo speed is unknown, defaulting to 1000
[  132.460891][T12954] lo speed is unknown, defaulting to 1000
[  132.568966][T12986] __nla_validate_parse: 6 callbacks suppressed
[  132.568983][T12986] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2026'.
[  132.862122][T12998] lo speed is unknown, defaulting to 1000
[  132.907140][T12998] lo speed is unknown, defaulting to 1000
[  132.976206][T13029] loop4: detected capacity change from 0 to 128
[  133.118228][T13041] netlink: 96 bytes leftover after parsing attributes in process `syz.0.2035'.
[  133.149837][T13043] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  133.159135][T13043] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  133.185966][T13043] loop1: detected capacity change from 0 to 256
[  133.200889][T13043] vfat: Unknown parameter 'ÿÿÿÿÿÿ0xffffffffffffffff'
[  133.210402][T13054] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2039'.
[  133.612977][T13075] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  133.624091][T13075] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  133.673303][T13075] loop4: detected capacity change from 0 to 512
[  133.685330][T13075] journal_path: Non-blockdev passed as './bus'
[  133.691701][T13075] EXT4-fs: error: could not find journal device path
[  133.782695][   T29] kauditd_printk_skb: 248 callbacks suppressed
[  133.782710][   T29] audit: type=1400 audit(1748486266.588:8058): avc:  denied  { create } for  pid=13081 comm="syz.1.2046" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  133.809553][   T29] audit: type=1326 audit(1748486266.598:8059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13074 comm="syz.4.2045" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90239de969 code=0x7ffc0000
[  133.833243][   T29] audit: type=1326 audit(1748486266.598:8060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13074 comm="syz.4.2045" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90239de969 code=0x7ffc0000
[  133.856769][   T29] audit: type=1400 audit(1748486266.608:8061): avc:  denied  { connect } for  pid=13081 comm="syz.1.2046" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  133.937711][   T29] audit: type=1400 audit(1748486266.738:8062): avc:  denied  { execute } for  pid=13092 comm="syz.0.2048" path="/431/file1" dev="tmpfs" ino=2313 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  133.952986][T13093] lo speed is unknown, defaulting to 1000
[  134.009425][T13093] lo speed is unknown, defaulting to 1000
[  134.019474][T13101] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2050'.
[  134.316142][T13146] 9pnet_fd: Insufficient options for proto=fd
[  134.319900][   T29] audit: type=1326 audit(1748486267.118:8063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13139 comm="syz.2.2057" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f1a79fbe969 code=0x0
[  134.365664][T13150] netlink: 96 bytes leftover after parsing attributes in process `syz.2.2057'.
[  134.381100][   T29] audit: type=1400 audit(1748486267.158:8064): avc:  denied  { read } for  pid=13147 comm="syz.4.2059" name="loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  134.405524][   T29] audit: type=1400 audit(1748486267.158:8065): avc:  denied  { open } for  pid=13147 comm="syz.4.2059" path="/dev/loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  134.431742][   T29] audit: type=1326 audit(1748486267.188:8066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13152 comm="syz.3.2060" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe42dcee969 code=0x0
[  134.527642][T13159] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2062'.
[  134.634558][   T29] audit: type=1326 audit(1748486267.438:8067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13156 comm="syz.1.2061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4b26de969 code=0x7ffc0000
[  134.775011][ T3317] ==================================================================
[  134.783138][ T3317] BUG: KCSAN: data-race in generic_fillattr / inode_add_bytes
[  134.790598][ T3317] 
[  134.792914][ T3317] read-write to 0xffff88812049db30 of 8 bytes by task 13120 on cpu 0:
[  134.801075][ T3317]  inode_add_bytes+0x47/0xe0
[  134.805670][ T3317]  __dquot_alloc_space+0x180/0x8a0
[  134.810795][ T3317]  shmem_inode_acct_blocks+0x129/0x240
[  134.816254][ T3317]  shmem_get_folio_gfp+0x5a7/0xd60
[  134.821365][ T3317]  shmem_write_begin+0xa8/0x190
[  134.826218][ T3317]  generic_perform_write+0x184/0x490
[  134.831498][ T3317]  shmem_file_write_iter+0xc5/0xf0
[  134.836605][ T3317]  __kernel_write_iter+0x256/0x4c0
[  134.841720][ T3317]  dump_user_range+0x407/0x8c0
[  134.846487][ T3317]  elf_core_dump+0x1dc2/0x1f80
[  134.851244][ T3317]  do_coredump+0x1dfa/0x27b0
[  134.855833][ T3317]  get_signal+0xd85/0xf70
[  134.860185][ T3317]  arch_do_signal_or_restart+0x96/0x480
[  134.865730][ T3317]  irqentry_exit_to_user_mode+0x5e/0xa0
[  134.871275][ T3317]  irqentry_exit+0x12/0x50
[  134.875687][ T3317]  asm_exc_page_fault+0x26/0x30
[  134.880531][ T3317] 
[  134.882846][ T3317] read to 0xffff88812049db30 of 8 bytes by task 3317 on cpu 1:
[  134.890381][ T3317]  generic_fillattr+0x27d/0x340
[  134.895226][ T3317]  shmem_getattr+0x181/0x200
[  134.899810][ T3317]  vfs_getattr_nosec+0x143/0x1e0
[  134.904741][ T3317]  vfs_statx+0x113/0x390
[  134.908987][ T3317]  vfs_fstatat+0x115/0x170
[  134.913406][ T3317]  __se_sys_newfstatat+0x55/0x260
[  134.918428][ T3317]  __x64_sys_newfstatat+0x55/0x70
[  134.923455][ T3317]  x64_sys_call+0x2c22/0x2fb0
[  134.928135][ T3317]  do_syscall_64+0xd2/0x200
[  134.932650][ T3317]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  134.938539][ T3317] 
[  134.940857][ T3317] value changed: 0x000000000001f3f8 -> 0x000000000001f418
[  134.947954][ T3317] 
[  134.950267][ T3317] Reported by Kernel Concurrency Sanitizer on:
[  134.956408][ T3317] CPU: 1 UID: 0 PID: 3317 Comm: syz-executor Not tainted 6.15.0-syzkaller-03645-g3d413f0cfd7e #0 PREEMPT(voluntary) 
[  134.968640][ T3317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  134.978712][ T3317] ==================================================================
[  144.121091][ T3393] page_pool_release_retry() stalled pool shutdown: id 30, 2 inflight 60 sec