last executing test programs:

4.107624734s ago: executing program 2 (id=5241):
r0 = syz_clone(0x8d002240, 0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x41, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext={0x3, 0x800000000001}, 0x1180, 0x5dd8, 0x0, 0x8, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
getpgrp(0x0)
ptrace(0x10, r0)
r3 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f00000002c0)={0x8400001e}, 0x10)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="300000001a00011100ffffffffffffff81"], 0x30}}, 0x0)
r4 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
lseek(r4, 0xa, 0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = syz_io_uring_setup(0x1104, &(0x7f0000000300)={0x0, 0x0, 0x80, 0x0, 0x21e}, &(0x7f00000001c0)=<r6=>0x0, &(0x7f0000000040)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f0000000380)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x200, 0x0, 0x1})
io_uring_enter(r5, 0x47fa, 0x0, 0x0, 0x0, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x40, &(0x7f0000000400)=@raw={'raw\x00', 0x41, 0x3, 0x348, 0x0, 0x19, 0x0, 0x0, 0x0, 0x2e8, 0x1f0, 0x1f0, 0x2e8, 0x1f0, 0x3, 0x0, {[{{@ip={@private, @dev, 0x0, 0x0, 'wlan1\x00', 'wg1\x00'}, 0x0, 0x1c0, 0x1e0, 0x0, {0x0, 0xffffffffa0028000}, [@common=@inet=@hashlimit2={{0x150}, {'veth1\x00', {0x0, 0x8, 0x0, 0x0, 0x0, 0x687c, 0x1}}}]}, @unspec=@TRACE={0x20}}, {{@ip={@empty, @empty, 0x0, 0x0, 'veth0_vlan\x00', 'netpci0\x00'}, 0x0, 0x70, 0xd0}, @common=@SET={0x60}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x3a8)

3.018790769s ago: executing program 2 (id=5252):
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = memfd_create(&(0x7f0000000ec0)='\x103q}2[\xe0\x9a\xee\xaf\x03\x97\x9et\v\"|Ma\x86\xe7\xc0\x14\x9f\xb9h\xb1\x96\xe7=I\x860S6\xb5\xa8\xc2\x95Je%\xfeG\'e\xe5\x8f\xf8\xd2\x1c\xc0\xfb\x1c\xa6\xab\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94k\xcd\t\x00\x90k\xd6\x05\xb6\x03\x00\x00\x00A\xc5\x9c_\xd4\x18,\f\xd4s\xb2\x99/\xc0\x9a\xf2Oc\xc0c\x03gB!\xb0\xb8n\x01\x9bT\x95\x10\x86\xe8$\x7f\r[\xf9\x0e1v\xb1\n\x88\v\x95uy\xb5:`\x8b\nC\x18A;\xaa%\xaf\xc7\xa3\xac\xa2D\xb5\xe2\xe1\xdc(\xfd\x05\x9fB\x84O\xfe@\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x1a\xa0\x17\xe3\xac\xe9\xc9\xa7\x8a\x1b\x03\"&\xac\xcap>\xccZ\x01\xbc\x18\xc1\xb9\xe9\v\x8b\x9c\xb4Q\xd4\x96EV<>\x99\xca\xb3\xe0\xc4tL\xed\xf5W\xbd#\xcf\x8a\x84\xed\x9f/\xd4\xbb\xea;-Dp\xf8\xd0F\x90\xf8\x92Ip6\xf4\x16\xe8\x14\xe0\x92!\x92-F\xe2\x14D\x91\xa8b\x04\xdd\x1d\a\xdc\xe0\x18\x85{\x80Q\xf6k\x96\xfaQ\x9fW\vO\xf0\xe4O\\\xceS\xf2\xde\x049d\x06#\x88\xc3\xdf\x85O\x1c\xc3\xad?r\xd7\x0e\x00\xd7\x83\xb0\x88\x9c\xf6Y-F\x98\xdd\x9c~\xfd\x95\xc3\xb6lC\xaa\"Y\xa2K\xecz\x84:*\xf5Y\xd1\x9b1\x91\x9b\x15\xd4\xec\x02o\x01&\xaa\x90w\xc4\xc7yn\xb5\x1ag\xab&?\xbe\xcb\xe8v\xa8\xe0\xa4\x81sW\xacf\x149\xd2}\xefCGa\x9a$4\x8c\xa5!p\x83\x05\x96%\x02%\xabj\n\b\xc8NC\x91}&y\xd3\xe1\xeep\'\xc5\xab\x19GsX5\x8c\n\x9fh\xee;4\xb1%V\xe0\xa9\x8e\xf30:\xd8\x18N~G\x139\xcas\xf4D\xd4\xd0s\r3\xcb\x9a&\xdf+(\xc9S\x9eL5\x84\xb1\x90pN\xe7/\r\b\x9a\xf13Q\xf9\xdf\x7fX\xa0\xafK\xefh\xbfOv\x9bh\xb3\xc0\xf5\x80\xba\"@\'\x02\xafi\xeaE\xa6a6F\xde\xd4\xfa\x84\xe4+A\xb7\xa2\x8f\xc9\xee|xxn\xefw\x93]%\xd0\x19\x132\x86\xabn\xfe\x91\xb6Cl\xcf\x04\x1cq\xc1\x1d~\x8d\x01\x83\x93_\x83\x8a`v\xb0K,|S\xe4\xba\xb1\f\xc8`\xa6s\xad\x11\xd4wG\x80u\x87u\xff\x87\xee', 0x2)
ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0x940a, 0x1000007})
fcntl$addseals(r2, 0x409, 0xb)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f00000004c0)={{{@in6=@private1={0xfc, 0x1, '\x00', 0x1}, @in=@rand_addr=0xffffffff, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x10000, 0x0, 0x671, 0x2, 0x6}, {0x800, 0x0, 0x4, 0xffffffff80000000}, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3}, {{@in6=@private0={0xfc, 0x0, '\x00', 0x1}, 0x0, 0x2b}, 0x0, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x3, 0x0, 0x0, 0x0, 0x3}}, 0xe8)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000410"], 0x50)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r4, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
perf_event_open(&(0x7f0000000800)={0x2, 0x80, 0xa4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffdffffffffff, 0xffffffffffffffff, 0x0)
tee(0xffffffffffffffff, 0xffffffffffffffff, 0xfffffffffffffc01, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r5}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
syz_open_procfs(0x0, &(0x7f0000000280)='ns\x00')
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)

2.623646554s ago: executing program 1 (id=5261):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
rt_sigprocmask(0x0, &(0x7f0000000100)={[0xfffffffffffe]}, 0x0, 0x8)
r2 = gettid()
rt_sigtimedwait(&(0x7f0000000240)={[0xffffffffffffffff]}, 0x0, 0x0, 0x8)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
tkill(r2, 0x12)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)=@delchain={0x1c8, 0x65, 0x2, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0x1}, {0x0, 0xb}}, [@TCA_CHAIN={0x8, 0xb, 0x6}, @TCA_CHAIN={0x8, 0xb, 0x6}, @TCA_CHAIN={0x8, 0xb, 0x20000000}, @TCA_RATE={0x6, 0x5, {0x6, 0x2}}, @filter_kind_options=@f_route={{0xa}, {0x178, 0x2, [@TCA_ROUTE4_TO={0x8, 0x2, 0xca}, @TCA_ROUTE4_ACT={0x16c, 0x6, [@m_mirred={0x5c, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0x2d, 0x6, "b9e6cb743efb5818279b291a7d56a99d728d0d3c5750442cdd89714a7135052ff6aa167b6d47ccb820"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_mirred={0x10c, 0x9, 0x0, 0x0, {{0xb}, {0x84, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x7, 0x5, 0x10000000, 0xae, 0x2}, 0x3}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x9, 0x3, 0x10000000, 0x8, 0x8}, 0x4}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x1336e5ff, 0x9, 0x6, 0x0, 0x1}, 0x7}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x5, 0x4, 0x20000000, 0x8}, 0x2}}]}, {0x5d, 0x6, "216194e50e7faa7649d1c06839be3b59a7f1bb6c7fbd0e7344b4e9b561d4b406f4a7a0c7e6ebe935ccd4c10fd3ff9357cc52da0d5a0f390e738e2309dae089a4a01ae1f8d77e0d976b93b2929ebf4d7c028b6d90a88896647b"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2}}}}]}]}}]}, 0x1c8}, 0x1, 0x0, 0x0, 0x81}, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendto(r3, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r3, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(r5, 0x84, 0x7d, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
r6 = syz_io_uring_setup(0x762f, &(0x7f0000000140)={0x0, 0x114dd, 0x10, 0xffffffff, 0x320}, &(0x7f00000004c0)=<r7=>0x0, &(0x7f0000000200)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r10, 0x0, 0x8000000000}, 0x18)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_LINKAT={0x27, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000380)='./file0/../file0\x00', 0xffffffffffffffff, 0x1000, 0x1})
io_uring_enter(r6, 0x3516, 0xaddf, 0x2, 0x0, 0x1517f)
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_SCAN(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r11, @ANYBLOB="0107000000000000000020000000040003"], 0x1c}, 0x1, 0x0, 0x0, 0x8041}, 0x0)
sendmsg$NL80211_CMD_SET_STATION(r3, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="40000108", @ANYRES16=r11, @ANYBLOB="00032dbd7000fedbdf25120000001c00118004000600040006000400040004000100040005000400030005007400020000000800a40002000000"], 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x40000)

2.519785806s ago: executing program 2 (id=5265):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2, 0x4}, 0x1c)
connect$pppl2tp(r0, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r3, 0x8, 0x0, 0x1003, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, 0x32)
writev(r0, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x180204}], 0x1) (fail_nth: 6)

2.503082606s ago: executing program 1 (id=5266):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000038290000b7030000ddffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='sched_switch\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000002380)=ANY=[@ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000080)={r1, &(0x7f0000000080), 0x0}, 0x20)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)

2.200313639s ago: executing program 2 (id=5268):
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f00000001c0)='w\xde\xa3\x05\xff\a\x00\x00\x00\x00\x00\x00\x8f\xc0\x9b\x86\xef\\\xc0\x89\av\x9f\xd6\xd1\x98<\xc8\x18E/\x8c\x1a\xe3\xbd')
r1 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r1, &(0x7f00000001c0)={&(0x7f0000000040)={0x2, 0xffff, @multicast2}, 0x24, &(0x7f00000000c0)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f0000000180)="2d0000008058", 0x5a}], 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000007000000890b040a0101027f00000100000000001c000000000000000000000008"], 0x40}, 0x20000004)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'geneve1\x00', <r2=>0x0})
r3 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_ALLOC_STREAMS(r3, 0x8008551c, &(0x7f0000000000)={0x1e3e, 0x1, [{0xd, 0x1}]})
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYRES16=r3, @ANYBLOB="000000000000000014011a80400002803c000180080021000000000008001800000000000800030000000000080009000000000008000c000000000008001c000000000008001f00000000006c000a8014000700fc01000000000000000000000000000014000700fe80000000000000000000000000000014000700200100000000000000000000000000010500080002000000050008", @ANYRES32=r2, @ANYRES64=r3], 0x134}}, 0x0)
r4 = socket(0x1e, 0x80004, 0x0)
r5 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r5, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x7, 0x0, 0x1000004}, 0x10)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10)
sendmmsg(r4, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x3514}], 0x1}}], 0x400000000000181, 0x9200000000000000)
r6 = dup3(r5, r4, 0x0)
recvmmsg(r6, &(0x7f0000004580)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000600)=""/179, 0x3514}], 0x1}, 0xffffffff}], 0x1, 0x40000001, 0x0)
recvmsg$kcm(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000140)=""/54, 0x36}], 0x1, &(0x7f0000000280)=""/66, 0x42}, 0x0)
unshare(0x40000)

2.115044671s ago: executing program 2 (id=5273):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000a40)={[{@stripe={'stripe', 0x3d, 0x3}}, {@noauto_da_alloc}, {@jqfmt_vfsold}, {@data_err_ignore}, {@noauto_da_alloc}, {@delalloc}, {@resuid}, {@oldalloc}, {@jqfmt_vfsv1}]}, 0xfc, 0x550, &(0x7f0000000b00)="$eJzs3d9rW1UcAPDvTdv91nUwhvoghT04mUvX1h8TfJiPosOBvs/Q3pXRZBlNOtY6cHtwL77IEEQciH+A7z4O/wH/ioEOhoyiD75EbnrTZWvSZm22Zubzgduec89Nzz0593t6bk5CAhhaE9mPQsSrEfFtEnG4rWw08sKJteNWH16fzbYkGo3P/koiyfe1jk/y3wfzzCsR8dvXEScLG+utLa8slMrldDHPT9YrVyZryyunLlVK8+l8enl6ZubMOzPT77/3bt/a+ub5f3749O5HZ745vvr9L/eP3E7ibBzKy9rbsQM32jMTMZE/J2Nx9okDp/pQ2SBJdvsE2JaRPM7HIhsDDsdIHvXA/99XEdEAhlQi/mFIteYBrXv7Pt0HvzAefLh2A7Sx/aNrr43Evua90YHV5LE7o+x+d7wP9Wd1/PrnndvZFv17HQJgSzduRsTp0dGN41+Sj3/bd7qHY56sw/gHz8/dbP7zVqf5T2F9/hMd5j8HO8Tudmwd/4X7faimq2z+90HH+e/6otX4SJ57qTnnG0suXiqn2dj2ckSciLG9WX6z9Zwzq/ca3cra53/ZltXfmgvm53F/dO/jj5kr1Us7aXO7BzcjXus4/03W+z/p0P/Z83G+xzqOpXde71a2dfufrcbPEW907P9HK1rJ5uuTk83rYbJ1VWz0961jv3erf7fbn/X/gc3bP560r9fWnr6On/b9m3Yr2+71vyf5vJnek++7VqrXF6ci9iSfbNw//eixrXzr+Kz9J45vPv51uv73R8QXPbb/1tFbXQ8dhP6fe6r+f/rEvY+//LFb/b31/9vN1Il8Ty/jX68nuJPnDgAAAAAAAAZNISIORVIorqcLhWJx7f0dR+NAoVyt1U9erC5dnovmZ2XHY6zQWuk+3PZ+iKn8/bCt/PQT+ZmIOBIR343sb+aLs9Xy3G43HgAAAAAAAAAAAAAAAAAAAAbEwYh9nT7/n/ljZLfPDnjmfOU3DK/u8Z+X9OObnoCB5P8/DC/xD8NL/MPwEv8wvMQ/DC/xD8NL/MPwEv8AAAAAAAAAAAAAAAAAAAAAAAAAAADQV+fPncu2xurD67NZfu7q8tJC9eqpubS2UKwszRZnq4tXivPV6nw5Lc5WK1v9vXK1emVqOpauTdbTWn2ytrxyoVJduly/cKlSmk8vpGPPpVUAAAAAAAAAAAAAAAAAAADwYqktryyUyuV0UUJiW4nRwTgNiT4ndntkAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBH/gsAAP//sQI4ww==")
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x800000000003}, 0x1100, 0x5dd8, 0x0, 0x5, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000040)='kmem_cache_free\x00', r2, 0x0, 0x40}, 0x18)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f00000002c0)=[{0x6}]}, 0x10)
write$binfmt_misc(r3, &(0x7f0000001280), 0x6)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000340)=@broute={'broute\x00', 0x20, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000080], 0x0, 0x0, &(0x7f0000000080)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f00000001c0)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300", 0xffffffff}, 0x48, 0xffffffffffffffff)
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)

1.978706463s ago: executing program 2 (id=5276):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
recvmsg(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000004c0)=""/249, 0xf9}], 0x1}, 0x0)
r3 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0x75, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x9c}, [@initr0]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
syz_usb_connect$hid(0x0, 0x36, &(0x7f00000006c0)=ANY=[@ANYRES8=r3], 0x0)
syz_usb_connect(0x2, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x9b, &(0x7f0000000000)=ANY=[@ANYBLOB="9b03abe98397850d9289638d7120310994176d76ee8005e3bf5de76d569d98cc3ce7d4419c84da5f7e420900d136a14f65099da81db6c35a3e0c7fb9fe03b0fa265df2be125facefe74e0e21bb6a1889f400fb206292c4d96927f019fba2ad2987739c5e0d"]}]})
pipe(&(0x7f00000000c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a010100000100000000000200fffc0900010073797a30000000000800024000000001cc000000030a01020000000000000000020000000900010073797a3000000000aa000300"], 0x1e4}}, 0x0)
write$binfmt_misc(r5, &(0x7f0000000000), 0xfffffecc)
syz_usb_connect$hid(0x0, 0x3f, &(0x7f0000000180)={{0x12, 0x1, 0x310, 0x0, 0x0, 0x0, 0xff, 0x56a, 0x84, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0xa1, 0x30, 0x0, [{{0x9, 0x4, 0x0, 0xf0, 0x1, 0x3, 0x1, 0x0, 0x8, {0x9, 0x21, 0x3, 0x4, 0x1, {0x22, 0x186}}, {{{0x9, 0x5, 0x81, 0x3, 0x20, 0x3, 0x8, 0x3}}, [{{0x9, 0x5, 0x2, 0x3, 0x200, 0x8, 0xe1, 0x7}}]}}}]}}]}}, &(0x7f00000005c0)={0xa, &(0x7f00000001c0)={0xa, 0x6, 0x250, 0x16, 0x9, 0x5e, 0x8, 0x3}, 0x49, &(0x7f00000003c0)={0x5, 0xf, 0x49, 0x6, [@ss_container_id={0x14, 0x10, 0x4, 0x9, "42fda3a163280293377702cd97fd1b2c"}, @ssp_cap={0x14, 0x10, 0xa, 0xff, 0x2, 0x1, 0xff00, 0x200, [0x0, 0xc000]}, @ext_cap={0x7, 0x10, 0x2, 0x10, 0xe, 0x3, 0x5}, @ext_cap={0x7, 0x10, 0x2, 0xc, 0x1, 0x2, 0x1}, @ptm_cap={0x3}, @wireless={0xb, 0x10, 0x1, 0xc, 0xd2, 0x9, 0x4, 0x0, 0x4}]}, 0x2, [{0x5b, &(0x7f0000000440)=ANY=[@ANYBLOB="5b035180c07bc417c229ae6c2371f54f57d6fad34562e4abda939ad41b8523b3085f2055978188dfb8140f619d708e7b188836511398648f6441beee5a26c5beaac59891202192104aa7d7f723229cc63bd5411ba3408c25ab4cc0"]}, {0x4, &(0x7f00000002c0)=@lang_id={0x4, 0x3, 0x402}}]})
r7 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_opts(r7, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000680)={0x2, &(0x7f0000000640)=[{0x95, 0xd7}, {0xa, 0xd, 0x1, 0x80}]})
syz_usb_connect$hid(0x1, 0x3f, &(0x7f0000000700)={{0x12, 0x1, 0x250, 0x0, 0x0, 0x0, 0x10, 0x256c, 0x6e, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0x6, 0x0, 0xe, [{{0x9, 0x4, 0x0, 0x8, 0x2, 0x3, 0x1, 0x0, 0x8, {0x9, 0x21, 0x1, 0x6, 0x1, {0x22, 0xd46}}, {{{0x9, 0x5, 0x81, 0x3, 0x40, 0x40, 0x2, 0x8}}, [{{0x9, 0x5, 0x2, 0x3, 0x400, 0x3, 0x9, 0x6}}]}}}]}}]}}, &(0x7f0000000a40)={0xa, &(0x7f0000000740)={0xa, 0x6, 0x300, 0xb, 0x7, 0x6, 0x8, 0xf6}, 0xd4, &(0x7f0000000780)={0x5, 0xf, 0xd4, 0x4, [@wireless={0xb, 0x10, 0x1, 0x8, 0xa, 0x9, 0x9, 0x0, 0x9}, @ptm_cap={0x3}, @generic={0x9d, 0x10, 0x2, "8470973bb87af5907176e65a23f267afb804db9534704e23329b1bcd344d6ab62a05b2d4310c6b851ab4c1fa4471d247dd4e27f77e6c0c286ab3418b8f44c79aa57c4a7104658faa69a2deb4f61aa921f3d292f036ee2ef5651f3808aa6f68061793986a8345220bc66548d8673ff6f347940de2d2bbd99d228e4fff28b47a7659060a786611990c33abe2865169e58a3e47ce8eca6c62c6c9a1"}, @ssp_cap={0x24, 0x10, 0xa, 0x8, 0x6, 0x0, 0xf780, 0x2, [0x30, 0xff00ee, 0x5da89b1791a4e6f6, 0x0, 0x0, 0xff]}]}, 0x2, [{0x96, &(0x7f0000000880)=@string={0x96, 0x3, "a9168fd75f26cfaa1ce3fb15f9e8a24c53727d86a7fec7238c58866b3b0e49e80b6838ecb746f188ed1b6021ea06bfc8f72e493357c88f61fd206ddf8fca852c575c9e7ad4a6ee4b229884fa476b4b96da4e2f7362970d71c4059cb7bda20ea01b0e6f9302709dbea4e50b49ea2feed860a980edec569d92d91e4287b0a7b85d006857fb8dc2dd5a74cbef2e14df2d857bde41f6"}}, {0xe5, &(0x7f0000000940)=@string={0xe5, 0x3, "d9a528b5fe2d7e427c3c7949e83d7a23a26bd8c2f91d4fd4e152660806926221783f0432bdb1065103c585f22570073cb08332c998231ae21d155fd37600183f64b500f79b2ffd4577a8f7cecc0cbe6fc01eeba557008d59cae1c18b16e0a061cb2789562033dfd5e6a64c055b514f21da74876dd6d8ceed21ad5c10cd70ca2348a48f1e1434e53eb5215ca1c0731571c97921d122fc3efff530af1040517e5e941f57aab18c48277b9e205ead2c5988b40e83412138c67a131884bd58168586db137a8ab8e231f1fd4096221a9be806f876ebdbef3d296d505cd94a2c755093d5f276"}}]})
setsockopt$SO_BINDTODEVICE(r7, 0x1, 0x19, &(0x7f00000000c0)='ip6_vti0\x00', 0x10)
connect$inet(r7, &(0x7f0000000080)={0x2, 0x4e20, @private=0xa010100}, 0x10)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1c}}, 0x0)
sendmmsg$inet(r7, &(0x7f0000000f40)=[{{&(0x7f0000000040)={0x2, 0x0, @broadcast}, 0x10, 0x0}}], 0x68000, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x10000000, {0x0, 0x0, 0x0, 0x0, {0xc}, {}, {0xe}}, [@TCA_INGRESS_BLOCK={0x8}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x24000000}, 0x0)
splice(r4, 0x0, r6, 0x0, 0x7fff, 0x0)
close(r1)
sendmsg$tipc(r2, &(0x7f0000000240)={0x0, 0x810100, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1, 0x0, 0x0, 0x3}, 0x0)

1.685609777s ago: executing program 3 (id=5280):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
rt_sigprocmask(0x0, &(0x7f0000000100)={[0xfffffffffffe]}, 0x0, 0x8)
r2 = gettid()
rt_sigtimedwait(&(0x7f0000000240)={[0xffffffffffffffff]}, 0x0, 0x0, 0x8)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
tkill(r2, 0x12)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)=@delchain={0x1c8, 0x65, 0x2, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0x1}, {0x0, 0xb}}, [@TCA_CHAIN={0x8, 0xb, 0x6}, @TCA_CHAIN={0x8, 0xb, 0x6}, @TCA_CHAIN={0x8, 0xb, 0x20000000}, @TCA_RATE={0x6, 0x5, {0x6, 0x2}}, @filter_kind_options=@f_route={{0xa}, {0x178, 0x2, [@TCA_ROUTE4_IIF={0x8}, @TCA_ROUTE4_ACT={0x16c, 0x6, [@m_mirred={0x5c, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0x2d, 0x6, "b9e6cb743efb5818279b291a7d56a99d728d0d3c5750442cdd89714a7135052ff6aa167b6d47ccb820"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_mirred={0x10c, 0x9, 0x0, 0x0, {{0xb}, {0x84, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x7, 0x5, 0x10000000, 0xae, 0x2}, 0x3}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x9, 0x3, 0x10000000, 0x8, 0x8}, 0x4}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x1336e5ff, 0x9, 0x6, 0x0, 0x1}, 0x7}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x5, 0x4, 0x20000000, 0x8}, 0x2}}]}, {0x5d, 0x6, "216194e50e7faa7649d1c06839be3b59a7f1bb6c7fbd0e7344b4e9b561d4b406f4a7a0c7e6ebe935ccd4c10fd3ff9357cc52da0d5a0f390e738e2309dae089a4a01ae1f8d77e0d976b93b2929ebf4d7c028b6d90a88896647b"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2}}}}]}]}}]}, 0x1c8}, 0x1, 0x0, 0x0, 0x81}, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendto(r3, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r3, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(r5, 0x84, 0x7d, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
r6 = syz_io_uring_setup(0x762f, &(0x7f0000000140)={0x0, 0x114dd, 0x10, 0xffffffff, 0x320}, &(0x7f00000004c0)=<r7=>0x0, &(0x7f0000000200)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r10, 0x0, 0x8000000000}, 0x18)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_LINKAT={0x27, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000380)='./file0/../file0\x00', 0xffffffffffffffff, 0x1000, 0x1})
io_uring_enter(r6, 0x3516, 0xaddf, 0x2, 0x0, 0x1517f)
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_SCAN(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r11, @ANYBLOB="0107000000000000000020000000040003"], 0x1c}, 0x1, 0x0, 0x0, 0x8041}, 0x0)
sendmsg$NL80211_CMD_SET_STATION(r3, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="40000108", @ANYRES16=r11, @ANYBLOB="00032dbd7000fedbdf25120000001c00118004000600040006000400040004000100040005000400030005007400020000000800a40002000000"], 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x40000)

1.535409859s ago: executing program 3 (id=5286):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmmsg$inet(r0, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000011c0)="93bffce623851797a8dc79018d7716840ffc6906bb2b0eb2fe32d2f0048678cdebef833c35ea0d601c54e9c93ee3568b89a3427c84262ff67b679ccac305b5cea1dcd151d76b0e36198041bdc61529260e6c4046d55927c96dcce1609b9c4f8424b9da760270a470f95b99ebb60000000000000000000000008000"/135, 0x87}, {&(0x7f0000000500)="029993440c7a1d95d3bb8cf353fd63c588ffa39f0ff0fced20927ea4b2a247d082247558bef6b2b2cd6a0dffece1b36526e9388c344fb7ac429e434ccb0330483c0604aaf296d8218e240055cb92f17b1b47fd7b1b178ca0d1c470154ed985a179f87c9bc40206c86df9abc5", 0x6c}, {&(0x7f00000002c0)="ec75d081fcb7e79634ec1a1abfdebb6a38b0c57cc77b83d2eea81aad8f73b36abc2019cb08fcaaec9647a07d0a0984e7e2523aaded5e09aa1e36fcc90c269ad6d38d57619127cee4253655c33b71054226c3b00b9e", 0x55}, {0x0}], 0x4}}, {{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)="4893142fd806a900cc45c060d35616783f533260de91b4f23b2329e2b635934cf5fc5a41144907866ea6553dfa6a4db6664a22c294363ade8988244e709e085c13c57f65533eafc0ce8c07fe8cb50d8eb508000000b6c540f034db1d345ab888dc9fbc88ee6c3151b60d6b873ed4a69345445726d2430a8646a75c0b4b2e843ce37deb22ab2209bdcc3a3acd3f5516cf2f4ea1ec84fcc626cfe2e6c093bca58962ee63fa095b9120716f956e75409278b05f0edfb5578fb9c4e5b6cef6882bf2dc27911266013af4cd441550d9af51834e98021568d069007af240f4a2da20b1ba299b6954bf2a83151498c642e70ea29ebe8b21053babececa8313db5128c9f3800ffa17dfa5b749618d4cfaf7dffba5b", 0x111}, {&(0x7f0000000b00)="1d8e27c7c5bec28fa98d068e9163c131a80066648230c22d61c521a50928771ddb6ecbbfb6cabee386c2e0874e2babead3fbd310b31298c5540e20f85e41f75de09ac70656dc537e93cc36a7b15b4aed825b3311a0079d952e5b5ba0b6170cc523f264cfc3e54b", 0x67}, {&(0x7f0000000d80)="be4ab2b4450ad99980ac3a7a2951202b84a393dd59ae8edd7d51ac1d92d83f", 0x1f}], 0x3}}], 0x2, 0xc0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f0000000580)="17", 0x1, 0x10008095, 0x0, 0x0)

1.42505708s ago: executing program 4 (id=5288):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000a40)={[{@stripe={'stripe', 0x3d, 0x3}}, {@noauto_da_alloc}, {@jqfmt_vfsold}, {@data_err_ignore}, {@noauto_da_alloc}, {@delalloc}, {@resuid}, {@oldalloc}, {@jqfmt_vfsv1}]}, 0xfc, 0x550, &(0x7f0000000b00)="$eJzs3d9rW1UcAPDvTdv91nUwhvoghT04mUvX1h8TfJiPosOBvs/Q3pXRZBlNOtY6cHtwL77IEEQciH+A7z4O/wH/ioEOhoyiD75EbnrTZWvSZm22Zubzgduec89Nzz0593t6bk5CAhhaE9mPQsSrEfFtEnG4rWw08sKJteNWH16fzbYkGo3P/koiyfe1jk/y3wfzzCsR8dvXEScLG+utLa8slMrldDHPT9YrVyZryyunLlVK8+l8enl6ZubMOzPT77/3bt/a+ub5f3749O5HZ745vvr9L/eP3E7ibBzKy9rbsQM32jMTMZE/J2Nx9okDp/pQ2SBJdvsE2JaRPM7HIhsDDsdIHvXA/99XEdEAhlQi/mFIteYBrXv7Pt0HvzAefLh2A7Sx/aNrr43Evua90YHV5LE7o+x+d7wP9Wd1/PrnndvZFv17HQJgSzduRsTp0dGN41+Sj3/bd7qHY56sw/gHz8/dbP7zVqf5T2F9/hMd5j8HO8Tudmwd/4X7faimq2z+90HH+e/6otX4SJ57qTnnG0suXiqn2dj2ckSciLG9WX6z9Zwzq/ca3cra53/ZltXfmgvm53F/dO/jj5kr1Us7aXO7BzcjXus4/03W+z/p0P/Z83G+xzqOpXde71a2dfufrcbPEW907P9HK1rJ5uuTk83rYbJ1VWz0961jv3erf7fbn/X/gc3bP560r9fWnr6On/b9m3Yr2+71vyf5vJnek++7VqrXF6ci9iSfbNw//eixrXzr+Kz9J45vPv51uv73R8QXPbb/1tFbXQ8dhP6fe6r+f/rEvY+//LFb/b31/9vN1Il8Ty/jX68nuJPnDgAAAAAAAAZNISIORVIorqcLhWJx7f0dR+NAoVyt1U9erC5dnovmZ2XHY6zQWuk+3PZ+iKn8/bCt/PQT+ZmIOBIR343sb+aLs9Xy3G43HgAAAAAAAAAAAAAAAAAAAAbEwYh9nT7/n/ljZLfPDnjmfOU3DK/u8Z+X9OObnoCB5P8/DC/xD8NL/MPwEv8wvMQ/DC/xD8NL/MPwEv8AAAAAAAAAAAAAAAAAAAAAAAAAAADQV+fPncu2xurD67NZfu7q8tJC9eqpubS2UKwszRZnq4tXivPV6nw5Lc5WK1v9vXK1emVqOpauTdbTWn2ytrxyoVJduly/cKlSmk8vpGPPpVUAAAAAAAAAAAAAAAAAAADwYqktryyUyuV0UUJiW4nRwTgNiT4ndntkAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBH/gsAAP//sQI4ww==")
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x800000000003}, 0x1100, 0x5dd8, 0x0, 0x5, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
socket$inet_sctp(0x2, 0x1, 0x84)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0x40}, 0x18)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f00000002c0)=[{0x6}]}, 0x10)
write$binfmt_misc(r2, &(0x7f0000001280), 0x6)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f00000001c0)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300", 0xffffffff}, 0x48, 0xffffffffffffffff)
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)

1.382261681s ago: executing program 3 (id=5290):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d78, @void, @value}, 0x94)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = syz_io_uring_setup(0x5169, &(0x7f0000000200)={0x0, 0x0, 0x8000}, &(0x7f0000000100), &(0x7f0000000000))
syz_io_uring_setup(0x32a8, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0xfffffffc}, &(0x7f0000000040), &(0x7f00000005c0))
io_uring_enter(r1, 0x79dc, 0x0, 0x0, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b00000007000000010001000800000001"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000b00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="8a52cfb1af0665cb239786a60b0bc3e037dfb01e265dbf8278c6613817324c525d5783ac47448c153131e309792d834137fd2b88de2a2cdd5748e9772128a0e7b460ea70e00a4590c7c90828c549d42da28a6f160aeaf0923327201168f7cd80007ee85c03d21b93c22f911e06c30003a0554399340cb31ea4b8540e832dab36203586ef8b0310c937cc5af52711f0813031331b24166f342e1192ee95baa15eea69b3ea562f877291b6cfc801c59d8b08da15a328e862be1b640afd9bb62335cf2862a7ec43bdd997fbacf6d6d8781f694c6405d4b7d56f33cd6f", @ANYRESDEC=0x0, @ANYRES32=r0, @ANYRES32=r2, @ANYRES16=0x0], 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000022020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x18)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(0xffffffffffffffff, r5, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f00000006c0)='jbd2_end_commit\x00', r4, 0x0, 0x4}, 0x18)
r6 = signalfd(r2, 0x0, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYRESOCT=0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r8 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000900)={0x3, 0xc, &(0x7f0000000d00)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, r6, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x20000000000001e4, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000e5507074255f7856702500000000002020207b1af8ff00000000bfa10000309b0000000000000000000000850000007200000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000340)='kmem_cache_free\x00', r9}, 0x18)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000))
r10 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r10, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
r11 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r11, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000005c0)={{r11}, &(0x7f0000000540), &(0x7f0000000580)='%pS    \x00'}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000740)=ANY=[@ANYRES64=r0, @ANYBLOB="1bdec87ca7c138c9fb032620a61b14447df2f48745bb66ec5bf921a256bab230c75e8066afb080170cd9b41263e8014a5c3b763f3e5901e443d611955bcc543b0813a73efd72605df579f6cb8408bbaaa1"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r8, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)

1.339457732s ago: executing program 4 (id=5292):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000240)=0x100000001, 0x59)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0xffff, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000040), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f00000000c0)=@gcm_256={{0x304}, "0002002000", "07f217bd74511e465bbbd5de01000000f9044677d4d588363d63af84db44be59", "00f8ff00", "8ce63ecbc640735f"}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xb, &(0x7f00000009c0)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x9, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x402, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000001c0)='kfree\x00', r1}, 0x18)
sendto$inet6(r0, &(0x7f0000000100)='S', 0x1, 0x8000, 0x0, 0x0)
close(r0)

1.325850952s ago: executing program 1 (id=5293):
r0 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040), 0x4)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000140), 0x8)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="1b0000000000000000000000fdff030000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRESOCT=r0, @ANYRES64, @ANYBLOB="8c306ba2000000000000000000000000000000000000001300000000"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0xf, &(0x7f0000001100)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000002000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x3, &(0x7f0000006680))
rmdir(&(0x7f0000000080)='./cgroup/../file0\x00')
fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x1, @ANYBLOB="000000000000000000000000000000000000000063b3a3e6d38af9a90f9b614ac524a4fd2eac7133222dce753637905026f7477fface586f87559367a34febbd0becf9855941da77e82ac973bcacd23b1eed406479453cb4ca20bde0f8e128150af8b1cd921198e242f0e7c33db66bcb83357804c773ef1164ede2864f0f71b9aabd9eb619ad682a5cb770ee1ea82344ca6b0f6f4dd0b87adfd88e25e7561625e6ab6b6e2ef5415592f0eef116429c8ba3c53b690d76ca823f583787af89d68511ebbcd0148c3a162850d487942b7529603395d5217a2cd6e2728a2f", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="300000006800e97800000001000000000a0000000000000014000600899f90e874c2fe8800"/48], 0x30}}, 0x4000000)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x22000406, &(0x7f0000000900)={[{@dioread_lock}, {@noblock_validity}, {@grpquota}, {@init_itable}, {@auto_da_alloc}, {@grpjquota, 0x2e}, {@nouid32}, {@errors_remount}, {@jqfmt_vfsv1}, {@grpid}], [], 0x2c}, 0x84, 0x4be, &(0x7f0000000980)="$eJzs3MtvG0UYAPBvN4++m7SURx9Q8xIRhaRJC/TAARBIvSAhwaEcQxqq0rRFTZBoVdEUoXJE8A8ARyQkTlw4gYQQcAJxhTtCqlAvLRyQ0dq7jV0/4jgvqH8/yc7M7oxnv90de7yTdQA9q5Q9JRFbI+LXiBiqZusLlKp/bly7OPXXtYtTSZTLL/+ZVMpdv3Zxqiha1NuSZ0bSiPS9JPY2aXf2/IVTkzMz0+fy/Njc6TfHZs9fePzk6ckT0yemz0wcOXL40PhTT0480VEclxZZn8V1fc87Z/ftPvrqhy9OleO1Hz7Ptndrvr42jqrhjtptpxSlKOcWlg5Wnh9e9qv/t2yrSSf967ghLElfRGSHa6DS/4eiLxYO3lC88O7NzLeNdT9aq40EVkX22bSjYWlf9U9/XgC4TSW6OPSo4hM/+/5bPNZ0ALLOrj6bPU9X4r+RP6pr+iPNvssOV7+x97Wof1f7ly8PLdL+1og4Nv/3x9kjml6HAABYWV9n45/Hmo3/0rqxzfZ8DmU4Ig5ExM6IuCMidkXEnfk46O6IuGeJ7ZduyTeOf37e1FVgHdocEU/nc1v14780L5HczG2rxD+QvH5yZvpgvk9GYmBDlh9v08Y3z//yQat1pZrxX/bI2i/Ggvl2/NG/ob7O8cm5yWWEXOfq5Yg9/c3iT27OBGR7YHdE7Oni9bN9dvLRz/Zl6e1bGtcvHn8bKzDPVP404pHq8Z+PW+IvJNWWWs1Pjm2MmemDY8VZ0ejHn668VJsfqEnXxb+xs5g2dhtsE9nx39z0/M/jL7pBMV87u/Q2rvz2fsvvNI3HP4lj87Ul8vO/5l0gO/8Hk1cq6cF82duTc3PnxiMG8wV1yycW6hb5onwW/8iDzfv/zoh/Psnr7Y2I7CS+NyLui4j9+bbfHxEPLHJEvn/uoTfa76Euz/+43FmxNrL4j7c7/hHDSe18fReJvlPffdWq/c7e/w5XUiP5kk7e/zrdwOXsOwAAAPi/SCtz0Ek6WqRrLk7tis3pzNnZuQOleOvM8epc9XAMpMWVrqGa66Hj+bXhIj9xS/5QROyo/KfRpkp+dOrszLb1DByo3KtT1/8jTUdHq+t+b/VPL8DtY0nzaLV3B37x5cpvDLCm3K8JvUv/h96l/0Pv0v+hdzXr/5cibqzDpgBrzOc/9C79H3qX/g+9S/+HntR4S3zxQwvd3Om/kNh5dFnVVz1RHlqVV55feq2+VYo0an+0o2UiiYjumoi0fZnBDlpft0S6aJlnFtstA8v6TYwssT9PbIiITmtdWrO9WrxDJMm6vTkBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACsgH8DAAD//0qp3GU=")
setsockopt$inet6_MCAST_MSFILTER(0xffffffffffffffff, 0x29, 0x30, &(0x7f00000003c0)=ANY=[@ANYBLOB="ff000000000000000a004e200000000520010000000000000000000000000001e60200"/144], 0x90)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r5 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x40000)
readv(r5, &(0x7f0000000080)=[{&(0x7f0000000380)=""/79, 0x4f}], 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x4, 0xf, &(0x7f0000000680)=ANY=[@ANYBLOB="1828dc9c3264100db61eb109b708000000000000000000000000a2334bfe009591001811", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bf0900000000000035090100000000009500000000000000de9800000000000056080000000000008500000005000000b7000000000000009500000000000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x38, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
getdents64(0xffffffffffffffff, &(0x7f0000000500)=""/45, 0x2d)

1.318195001s ago: executing program 4 (id=5294):
r0 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040), 0x4)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000140), 0x8)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="1b0000000000000000000000fdff030000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRESOCT=r0, @ANYRES64, @ANYBLOB="8c306ba2000000000000000000000000000000000000001300000000"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0xf, &(0x7f0000001100)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000002000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x3, &(0x7f0000006680))
rmdir(&(0x7f0000000080)='./cgroup/../file0\x00')
fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x1, @ANYBLOB="000000000000000000000000000000000000000063b3a3e6d38af9a90f9b614ac524a4fd2eac7133222dce753637905026f7477fface586f87559367a34febbd0becf9855941da77e82ac973bcacd23b1eed406479453cb4ca20bde0f8e128150af8b1cd921198e242f0e7c33db66bcb83357804c773ef1164ede2864f0f71b9aabd9eb619ad682a5cb770ee1ea82344ca6b0f6f4dd0b87adfd88e25e7561625e6ab6b6e2ef5415592f0eef116429c8ba3c53b690d76ca823f583787af89d68511ebbcd0148c3a162850d487942b7529603395d5217a2cd6e2728a2f", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="300000006800e97800000001000000000a0000000000000014000600899f90e874c2fe8800"/48], 0x30}}, 0x4000000)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x22000406, &(0x7f0000000900)={[{@dioread_lock}, {@noblock_validity}, {@grpquota}, {@init_itable}, {@auto_da_alloc}, {@grpjquota, 0x2e}, {@nouid32}, {@errors_remount}, {@jqfmt_vfsv1}, {@grpid}], [], 0x2c}, 0x84, 0x4be, &(0x7f0000000980)="$eJzs3MtvG0UYAPBvN4++m7SURx9Q8xIRhaRJC/TAARBIvSAhwaEcQxqq0rRFTZBoVdEUoXJE8A8ARyQkTlw4gYQQcAJxhTtCqlAvLRyQ0dq7jV0/4jgvqH8/yc7M7oxnv90de7yTdQA9q5Q9JRFbI+LXiBiqZusLlKp/bly7OPXXtYtTSZTLL/+ZVMpdv3Zxqiha1NuSZ0bSiPS9JPY2aXf2/IVTkzMz0+fy/Njc6TfHZs9fePzk6ckT0yemz0wcOXL40PhTT0480VEclxZZn8V1fc87Z/ftPvrqhy9OleO1Hz7Ptndrvr42jqrhjtptpxSlKOcWlg5Wnh9e9qv/t2yrSSf967ghLElfRGSHa6DS/4eiLxYO3lC88O7NzLeNdT9aq40EVkX22bSjYWlf9U9/XgC4TSW6OPSo4hM/+/5bPNZ0ALLOrj6bPU9X4r+RP6pr+iPNvssOV7+x97Wof1f7ly8PLdL+1og4Nv/3x9kjml6HAABYWV9n45/Hmo3/0rqxzfZ8DmU4Ig5ExM6IuCMidkXEnfk46O6IuGeJ7ZduyTeOf37e1FVgHdocEU/nc1v14780L5HczG2rxD+QvH5yZvpgvk9GYmBDlh9v08Y3z//yQat1pZrxX/bI2i/Ggvl2/NG/ob7O8cm5yWWEXOfq5Yg9/c3iT27OBGR7YHdE7Oni9bN9dvLRz/Zl6e1bGtcvHn8bKzDPVP404pHq8Z+PW+IvJNWWWs1Pjm2MmemDY8VZ0ejHn668VJsfqEnXxb+xs5g2dhtsE9nx39z0/M/jL7pBMV87u/Q2rvz2fsvvNI3HP4lj87Ul8vO/5l0gO/8Hk1cq6cF82duTc3PnxiMG8wV1yycW6hb5onwW/8iDzfv/zoh/Psnr7Y2I7CS+NyLui4j9+bbfHxEPLHJEvn/uoTfa76Euz/+43FmxNrL4j7c7/hHDSe18fReJvlPffdWq/c7e/w5XUiP5kk7e/zrdwOXsOwAAAPi/SCtz0Ek6WqRrLk7tis3pzNnZuQOleOvM8epc9XAMpMWVrqGa66Hj+bXhIj9xS/5QROyo/KfRpkp+dOrszLb1DByo3KtT1/8jTUdHq+t+b/VPL8DtY0nzaLV3B37x5cpvDLCm3K8JvUv/h96l/0Pv0v+hdzXr/5cibqzDpgBrzOc/9C79H3qX/g+9S/+HntR4S3zxQwvd3Om/kNh5dFnVVz1RHlqVV55feq2+VYo0an+0o2UiiYjumoi0fZnBDlpft0S6aJlnFtstA8v6TYwssT9PbIiITmtdWrO9WrxDJMm6vTkBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACsgH8DAAD//0qp3GU=")
setsockopt$inet6_MCAST_MSFILTER(0xffffffffffffffff, 0x29, 0x30, &(0x7f00000003c0)=ANY=[@ANYBLOB="ff000000000000000a004e200000000520010000000000000000000000000001e60200"/144], 0x90)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r5 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x40000)
readv(r5, &(0x7f0000000080)=[{&(0x7f0000000380)=""/79, 0x4f}], 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x4, 0xf, &(0x7f0000000680)=ANY=[@ANYBLOB="1828dc9c3264100db61eb109b708000000000000000000000000a2334bfe009591001811", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bf0900000000000035090100000000009500000000000000de9800000000000056080000000000008500000005000000b7000000000000009500000000000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x38, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
getdents64(0xffffffffffffffff, &(0x7f0000000500)=""/45, 0x2d)

1.024506146s ago: executing program 3 (id=5296):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x41, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x800000000003}, 0x1100, 0x5dd8, 0x0, 0x3, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, &(0x7f0000000040)})
rt_sigsuspend(&(0x7f0000000340)={[0x6]}, 0x8)

1.010485336s ago: executing program 0 (id=5298):
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prctl$PR_SET_NAME(0xf, &(0x7f00000001c0)='w\xde\xa3\x05\xff\a\x00\x00\x00\x00\x00\x00\x8f\xc0\x9b\x86\xef\\\xc0\x89\av\x9f\xd6\xd1\x98<\xc8\x18E/\x8c\x1a\xe3\xbd')
r1 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r1, &(0x7f00000001c0)={&(0x7f0000000040)={0x2, 0xffff, @multicast2}, 0x24, &(0x7f00000000c0)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f0000000180)="2d0000008058", 0x5a}], 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000007000000890b040a0101027f00000100000000001c000000000000000000000008"], 0x40}, 0x20000004)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'geneve1\x00', <r2=>0x0})
r3 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_ALLOC_STREAMS(r3, 0x8008551c, &(0x7f0000000000)={0x1e3e, 0x1, [{0xd, 0x1}]})
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYRES16=r3, @ANYBLOB="000000000000000014011a80400002803c000180080021000000000008001800000000000800030000000000080009000000000008000c000000000008001c000000000008001f00000000006c000a8014000700fc01000000000000000000000000000014000700fe80000000000000000000000000000014000700200100000000000000000000000000010500080002000000050008", @ANYRES32=r2, @ANYRES64=r3], 0x134}}, 0x0)
r4 = socket(0x1e, 0x80004, 0x0)
r5 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r5, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x7, 0x0, 0x1000004}, 0x10)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10)
sendmmsg(r4, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x3514}], 0x1}}], 0x400000000000181, 0x9200000000000000)
r6 = dup3(r5, r4, 0x0)
recvmmsg(r6, &(0x7f0000004580)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000600)=""/179, 0x3514}], 0x1}, 0xffffffff}], 0x1, 0x40000001, 0x0)
recvmsg$kcm(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000140)=""/54, 0x36}], 0x1, &(0x7f0000000280)=""/66, 0x42}, 0x0)
unshare(0x40000)

932.810187ms ago: executing program 0 (id=5299):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70200001400ffd9b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b702"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
sendfile(r2, 0xffffffffffffffff, 0x0, 0x20000023896)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
r4 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
write$RDMA_USER_CM_CMD_CREATE_ID(r4, 0x0, 0x0)
timer_settime(0x0, 0x1, &(0x7f0000000300)={{0x0, 0x989680}}, 0x0)
syz_genetlink_get_family_id$mptcp(0x0, r4)
sched_setscheduler(r3, 0x2, &(0x7f0000000180)=0x4)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r6 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x80082, 0x0)
syz_open_dev$usbmon(&(0x7f0000000280), 0x0, 0x0)
syz_io_uring_setup(0x884, &(0x7f0000000140)={0x0, 0x2273, 0x800, 0x400002, 0x1db, 0x0, r4}, &(0x7f0000001680)=<r7=>0x0, &(0x7f0000000000)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000400)=0xfffffffc, 0x0, 0x4)
r9 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_UNLINKAT={0x24, 0x2, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000001640)='./file0\x00', 0x0, 0x200, 0x1, {0x0, r9}})
r10 = syz_usb_connect$printer(0x3, 0x36, &(0x7f0000000340)={{0x12, 0x1, 0x250, 0x0, 0x0, 0x0, 0x20, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x1, 0xb0, 0xf, [{{0x9, 0x4, 0x0, 0xfb, 0x2, 0x7, 0x1, 0x1, 0x8f, "", {{{0x9, 0x5, 0x1, 0x2, 0x20, 0x1, 0x6, 0x4}}, [{{0x9, 0x5, 0x82, 0x2, 0x20, 0x5, 0x3, 0xfe}}]}}}]}}]}}, &(0x7f0000001140)={0xa, &(0x7f0000001480)={0xa, 0x6, 0x250, 0x4, 0x0, 0x7, 0xff, 0x10}, 0x3b, &(0x7f0000000840)=ANY=[@ANYBLOB="050f3b00060a10030003009c0a29000a1065875784140ef00b129854ed77b80300020006f9020103100903100b10100000000400c0c00000"], 0x4, [{0x0, 0x0}, {0xf7, &(0x7f0000001880)=ANY=[]}, {0xfd, &(0x7f0000001040)=ANY=[]}, {0x0, 0x0}]})
syz_usb_control_io$printer(r10, &(0x7f0000001300)={0x14, &(0x7f00000011c0)=ANY=[@ANYBLOB="00215400000054220636ff2854a8f44c1278347ba53202276fdd27fe2c77210eb1f3a6f6840d79eb4c74bb65"], &(0x7f0000001240)=ANY=[@ANYBLOB="ed029b0000009b033b0738f96848e4ad812b257a9f0cb5109e7f5993fc159da85ea08b23cf354bff1e04fe94267d46ba7e097fff46765f3b8d4f8e9b0d7b1de012f43de44633113cfca6debfcc86e82eaede609487a7ff259bd86138452132cf15878627d6723da916b95a22a2a81cfef0288267fcda90dc66c61bfdfefc364e16b04ccde062d3006b2f7c8b762ce997b45beebaea85"]}, &(0x7f0000001600)={0x34, &(0x7f0000001340)=ANY=[], 0x0, &(0x7f00000016c0)={0x0, 0x8, 0x1, 0x7}, &(0x7f00000014c0)={0x20, 0x0, 0x2}, &(0x7f0000001580)={0x20, 0x1, 0x1, 0x10}, &(0x7f00000015c0)={0x20, 0x0, 0x1, 0x8}})
io_uring_enter(0xffffffffffffffff, 0x47f4, 0x3, 0x0, 0x0, 0x0)
write$vga_arbiter(r6, &(0x7f0000000040)=@other={'lock', ' ', 'io+mem'}, 0xc)
write$vga_arbiter(r6, &(0x7f0000000080)=@other={'decodes', ' ', 'none'}, 0xd)
close_range(r5, 0xffffffffffffffff, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)

455.209914ms ago: executing program 1 (id=5300):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmmsg$inet(r0, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000011c0)="93bffce623851797a8dc79018d7716840ffc6906bb2b0eb2fe32d2f0048678cdebef833c35ea0d601c54e9c93ee3568b89a3427c84262ff67b679ccac305b5cea1dcd151d76b0e36198041bdc61529260e6c4046d55927c96dcce1609b9c4f8424b9da760270a470f95b99ebb60000000000000000000000008000"/135, 0x87}, {&(0x7f0000000500)="029993440c7a1d95d3bb8cf353fd63c588ffa39f0ff0fced20927ea4b2a247d082247558bef6b2b2cd6a0dffece1b36526e9388c344fb7ac429e434ccb0330483c0604aaf296d8218e240055cb92f17b1b47fd7b1b178ca0d1c470154ed985a179f87c9bc40206c86df9abc5", 0x6c}, {&(0x7f00000002c0)="ec75d081fcb7e79634ec1a1abfdebb6a38b0c57cc77b83d2eea81aad8f73b36abc2019cb08fcaaec9647a07d0a0984e7e2523aaded5e09aa1e36fcc90c269ad6d38d57619127cee4253655c33b71054226c3b00b9e", 0x55}, {0x0}], 0x4}}, {{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)="4893142fd806a900cc45c060d35616783f533260de91b4f23b2329e2b635934cf5fc5a41144907866ea6553dfa6a4db6664a22c294363ade8988244e709e085c13c57f65533eafc0ce8c07fe8cb50d8eb508000000b6c540f034db1d345ab888dc9fbc88ee6c3151b60d6b873ed4a69345445726d2430a8646a75c0b4b2e843ce37deb22ab2209bdcc3a3acd3f5516cf2f4ea1ec84fcc626cfe2e6c093bca58962ee63fa095b9120716f956e75409278b05f0edfb5578fb9c4e5b6cef6882bf2dc27911266013af4cd441550d9af51834e98021568d069007af240f4a2da20b1ba299b6954bf2a83151498c642e70ea29ebe8b21053babececa8313db5128c9f3800ffa17dfa5b749618d4cfaf7dffba5b", 0x111}, {&(0x7f0000000b00)="1d8e27c7c5bec28fa98d068e9163c131a80066648230c22d61c521a50928771ddb6ecbbfb6cabee386c2e0874e2babead3fbd310b31298c5540e20f85e41f75de09ac70656dc537e93cc36a7b15b4aed825b3311a0079d952e5b5ba0b6170cc523f264cfc3e54b", 0x67}, {&(0x7f0000000d80)="be4ab2b4450ad99980ac3a7a2951202b84a393dd59ae8edd7d51ac1d92d83f", 0x1f}], 0x3}}], 0x2, 0xc0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f0000000580)="17", 0x1, 0x10008095, 0x0, 0x0)

454.643774ms ago: executing program 1 (id=5301):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r4}, &(0x7f0000000240), &(0x7f0000000280)=r5}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x1}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000680)=@newtfilter={0x8c, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0xb, 0x6}, {}, {0x7}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x655c, 0x2, 0x1ffffffe, 0x9, 0x800}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x3}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x8, 0x7}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x10}, 0x0)

453.989634ms ago: executing program 4 (id=5302):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x9, 0x4, 0xdd, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
syz_clone(0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0)

404.732084ms ago: executing program 1 (id=5303):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000038290000b7030000ddffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='sched_switch\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000002380)=ANY=[@ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000080)={r1, &(0x7f0000000080), 0x0}, 0x20)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)

373.914815ms ago: executing program 0 (id=5304):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000240)=0x100000001, 0x59)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0xffff, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000040), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f00000000c0)=@gcm_256={{0x304}, "0002002000", "07f217bd74511e465bbbd5de01000000f9044677d4d588363d63af84db44be59", "00f8ff00", "8ce63ecbc640735f"}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xb, &(0x7f00000009c0)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x9, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x402, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000001c0)='kfree\x00', r1}, 0x18)
sendto$inet6(r0, &(0x7f0000000100)='S', 0x1, 0x8000, 0x0, 0x0)
close(r0)

325.476296ms ago: executing program 0 (id=5305):
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000040)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0x7)
setuid(r1)
r2 = socket$kcm(0x10, 0x2, 0x4)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000c500000001"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x29, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
r7 = openat$selinux_user(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
write$selinux_user(r7, &(0x7f0000000280)={'system_u:object_r:device_t:s0', 0x20, 'staff_u\x00'}, 0x26)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r4}, 0x10)
rt_sigtimedwait(&(0x7f0000000000)={[0x5]}, 0x0, 0xffffffffffffffff, 0x8)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0xd, 0x2}, 0x8012, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r8 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'lo\x00', <r9=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f00000004c0)=@newqdisc={0x54, 0x24, 0xd0f, 0x3, 0x0, {0x60, 0x0, 0x0, r9, {0x0, 0x2}, {0xffff, 0xffff}, {0x4}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x24, 0x2, {{0x3, 0x3, 0x1, 0x3, 0x400, 0x8}, [@TCA_NETEM_DELAY_DIST={0x8, 0x2, "cd52dbb8"}]}}}]}, 0x54}, 0x1, 0x0, 0x0, 0x40001d4}, 0x8840)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
sendmsg$nl_route(r3, 0x0, 0x810)
socket$unix(0x1, 0x5, 0x0)
syz_init_net_socket$llc(0x1a, 0x1, 0x0)
r10 = epoll_create1(0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
epoll_wait(r10, &(0x7f0000000000)=[{}], 0x1, 0x101)
sendmsg$kcm(r2, &(0x7f0000000180)={0x0, 0xffffffffffffff94, &(0x7f0000001540)=[{&(0x7f00000000c0)="48000000140081fb7059ae08060c040002ff0f03f1cd823010a7ce9000000000000ec000006fabca3b4e7d06a6bd7c00000000030000068a562ad6e74703c48f93bc2a0200000046", 0x48}], 0x1}, 0x4000000)

305.134376ms ago: executing program 4 (id=5306):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x9, 0x4, 0xdd, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6)
syz_clone(0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0)

82.351689ms ago: executing program 3 (id=5307):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmmsg$inet(r0, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000011c0)="93bffce623851797a8dc79018d7716840ffc6906bb2b0eb2fe32d2f0048678cdebef833c35ea0d601c54e9c93ee3568b89a3427c84262ff67b679ccac305b5cea1dcd151d76b0e36198041bdc61529260e6c4046d55927c96dcce1609b9c4f8424b9da760270a470f95b99ebb60000000000000000000000008000"/135, 0x87}, {&(0x7f0000000500)="029993440c7a1d95d3bb8cf353fd63c588ffa39f0ff0fced20927ea4b2a247d082247558bef6b2b2cd6a0dffece1b36526e9388c344fb7ac429e434ccb0330483c0604aaf296d8218e240055cb92f17b1b47fd7b1b178ca0d1c470154ed985a179f87c9bc40206c86df9abc5", 0x6c}, {&(0x7f00000002c0)="ec75d081fcb7e79634ec1a1abfdebb6a38b0c57cc77b83d2eea81aad8f73b36abc2019cb08fcaaec9647a07d0a0984e7e2523aaded5e09aa1e36fcc90c269ad6d38d57619127cee4253655c33b71054226c3b00b9e", 0x55}, {0x0}], 0x4}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000480)="acc841985992b79554acfc02163bb0fb2bb293e68cfac948040070bde5700d368744361ae9fce3", 0x27}, {&(0x7f0000000a00)="b1f56ee29c433328d3b2a83bd97e37007087acae7568edff43ed556d76770122635aea1dc48755381c71590cd542e796cc2669e2af0c2a03760c5cdfc691b3da35ad6a8d2ef9c2baa53a8dec36a2e434d46e643a1277b1dd932f3ef2cf46c257d6a19523b8b789ef34b46e461725b5e437323385b88c368f8bb5b933aa9169f5f7b51dd5319b8016623d1863d7058169", 0x90}, {&(0x7f0000001280)="5be3b011e12323e4ab88c0472f0700000000000000e71ba6231f303d2db97401439932cfd4855c4cc243dae723781d8a9a16be3135c5f82691837c90ab19545f7a1dcf1449fd59eecae5f5d6d34b2b297bbbc2580600000000000000d6e36e737691a1c6bd2a64b2a85cbaaf646e72f8fe08c33a33b275787892f61fbb621794716f96031931b55af30fa01d72aa5a53ee4c07ab7c96a4a9ed93f4d20269982ab6feb22d8e77afb7b861622ab963b07f0026fd6424082bcd0864a854e542aacc3201fff776fe1c000000000000000000000000000000002da46e8a95bcead77a244256266fe952d151a841aaa0c9c727bf08c37869c70d6aed073d6bb9fb037a079b697f3ba963ba49b6aecdc3e839ae25d497b0e60408b8e0a9931aeb1be35eea2a22fa50d66a634804121bde6a4a2d7a23c08d8237aac90c577c24f4ec2949d9202659fe626262e0764eed651fe91d276cd8915e994a1b41314ff21f5a4fd8a7e55c65b2eebabf0db0268c53503bb309959c1c0b222c6fb8310e8f25e7c26e24baedcc72d41798c95c01626c311e9f1262dfa4dedd161672c578a7af36c8a95437f295e14a1e0c7245cb53f83cc7b4b9294bb13473331502b7735a955080f7c2f879d3fe0de99505840905376e957c012fc4e4e0ea1c8db07ac01ae1e0e5c38a0963194a217c01000000000000000000000000000000e60d773ae0ca3f5f1d6f0e9ee473a6e69499870b99156a2aaf4750c7a95c527a04ac99abc514ae3d2bde1be97d5fe17fe8d9c5dddd594f9be5a893341718124e51e01208ff2adcd254edb5c221f5df3586dc2c3498713fde06e8ebccfd0c9baf2e1de8b6eb5c096faf", 0x260}, {&(0x7f0000000740)="bd2f6aa36cea0e4bccda9ad762e998d923018ec9f30d63c7059c3c786069915581888508ff589f82857ff546b23b88d6bd61f1efc982005bf6c9abc4fe2cafe05b000005b69346a4d09afd7b0b8bd5f8c25f0eab84d8ad1b6576552ee2acbdd9f261b7349aeede1c42e31b1082d0c37b959d16afb96240a5d057cab448c3c069f6a67cdfa8afc8bd11acfc7a82e59dc5ffc88775bf6c979408e16539ac6e6086da296964d83ba527dcb6e7de403ef2a089ba3a5e094333a951cb48b7080046a40a3aacc5e1c0683121dbceeef071b04ef265498d8b735db3f095f107011dfeb60202000000000000000000000000000012860ebb38390a3a3fb0e3cc97ad370888d0b16af536d023fa1b2a6136ddda5ab08ed946e6d84abe8d66065f8ee297b51aead0b4ef8e828fe2f18e630553048e1137904c493cc2c64f5ce803a92b18b07b716771d7f4f0947ae56485898c1cc63eef9ee6a09a519c37b10c8c76b56d1d9c89ea9542e183cb4cae8c3977e724fe3d9ffa9874e3275b131c891e0d342cc28c63db55df4df82de50756e01e278a447345f76d4f5ed9f6dc4b72bf8b3cd5ebcb73846ece1185795838f8bc7d9f4e5b3f34d903d3a9182fb5a380a61c18dcfe86158eca5ee70383507f3380c5f9850de86d530a11c2f20dcbb165ec5fac86c0117a80bb40ec7c1e79df793d62efcc5b348f195273da", 0x1f6}], 0x4}}, {{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)="4893142fd806a900cc45c060d35616783f533260de91b4f23b2329e2b635934cf5fc5a41144907866ea6553dfa6a4db6664a22c294363ade8988244e709e085c13c57f65533eafc0ce8c07fe8cb50d8eb508000000b6c540f034db1d345ab888dc9fbc88ee6c3151b60d6b873ed4a69345445726d2430a8646a75c0b4b2e843ce37deb22ab2209bdcc3a3acd3f5516cf2f4ea1ec84fcc626cfe2e6c093bca58962ee63fa095b9120716f956e75409278b05f0edfb5578fb9c4e5b6cef6882bf2dc27911266013af4cd441550d9af51834e98021568d069007af240f4a2da20b1ba299b6954bf2a83151498c642e70ea29ebe8b21053babececa8313db5128c9f3800ffa17dfa5b749618d4cfaf7dffba5be3", 0x112}, {&(0x7f0000000b00)="1d8e27c7c5bec28fa98d068e9163c131a80066648230c22d61c521a50928771ddb6ecbbfb6cabee386c2e0874e2babead3fbd310b31298c5540e20f85e41f75de09ac70656dc537e93cc36a7b15b4aed825b3311a0079d952e5b5ba0b6170cc523f264cfc3e54b54b976", 0x6a}, {&(0x7f0000000d80)}], 0x3}}], 0x3, 0xc0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f0000000580)="17", 0x1, 0x10008095, 0x0, 0x0)

81.715269ms ago: executing program 3 (id=5308):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x1b, 0x2000000000000019, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x120000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000100)={r1}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0x3, &(0x7f0000000600)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc)=<r4=>0x0)
timer_settime(r4, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2f00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000006000000850000000700000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff4, 0x0, @perf_bp={0x0}, 0x4008, 0x1000, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
write$binfmt_script(r5, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r5, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000000c0)='kmem_cache_free\x00', r2, 0x0, 0x8}, 0x18)
r6 = socket$inet6(0xa, 0x2, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000080"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
close(r7)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
r10 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd8073a46b08b94214d816f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb4147000001000000008f2b9000f22425e4097ed62cbc891061017cfa6f6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe68db8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3542646bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r11 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r11, r10, 0x26, 0x0, 0x0, @void, @value}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r11}, &(0x7f0000000000), &(0x7f0000000080)=r7}, 0x20)
sendmsg$inet(r9, &(0x7f0000000500)={0x0, 0x4000000, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x20000281}], 0x1}, 0x0)
close(r8)
recvmmsg(r6, &(0x7f0000003a80)=[{{0x0, 0x0, 0x0}, 0x6}], 0x1, 0x0, 0x0)
bind$inet6(r6, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)

66.831659ms ago: executing program 4 (id=5309):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x1b, 0x2000000000000019, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x120000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000100)={r1}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0x3, &(0x7f0000000600)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc)=<r4=>0x0)
timer_settime(r4, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2f00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000006000000850000000700000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff4, 0x0, @perf_bp={0x0}, 0x4008, 0x1000, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
write$binfmt_script(r5, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r5, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000000c0)='kmem_cache_free\x00', r2, 0x0, 0x8}, 0x18)
r6 = socket$inet6(0xa, 0x2, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000080"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
close(r7)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
r10 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd8073a46b08b94214d816f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb4147000001000000008f2b9000f22425e4097ed62cbc891061017cfa6f6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe68db8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3542646bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r11 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r11, r10, 0x26, 0x0, 0x0, @void, @value}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r11}, &(0x7f0000000000), &(0x7f0000000080)=r7}, 0x20)
sendmsg$inet(r9, &(0x7f0000000500)={0x0, 0x4000000, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x20000281}], 0x1}, 0x0)
close(r8)
recvmmsg(r6, &(0x7f0000003a80)=[{{0x0, 0x0, 0x0}, 0x6}], 0x1, 0x0, 0x0)
bind$inet6(r6, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)

50.587569ms ago: executing program 0 (id=5310):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0, 0x0, 0x7}, 0x18)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x68, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x0, 0x6}, 0x0, 0x0, 0x800000, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xd, &(0x7f0000000340)=ANY=[@ANYBLOB="18020000040000000000000000000000850000004100000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000180000850000008200000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
time(0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r3}, 0x10)
socket$rds(0x15, 0x5, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4050}, 0x26004090)
r4 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r4, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40)
setsockopt$inet_msfilter(r4, 0x0, 0x29, &(0x7f0000000040)=ANY=[@ANYBLOB="e00000027f0000010000000003"], 0x1c)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r6, 0x0, 0x2a, &(0x7f00000008c0)={0x1, {{0x2, 0x0, @multicast2}}}, 0x88)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000280)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)

0s ago: executing program 0 (id=5311):
r0 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040), 0x4)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000140), 0x8)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="1b0000000000000000000000fdff030000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRESOCT=r0, @ANYRES64, @ANYBLOB="8c306ba2000000000000000000000000000000000000001300000000"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0xf, &(0x7f0000001100)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000002000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x3, &(0x7f0000006680))
rmdir(&(0x7f0000000080)='./cgroup/../file0\x00')
fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x1, @ANYBLOB="000000000000000000000000000000000000000063b3a3e6d38af9a90f9b614ac524a4fd2eac7133222dce753637905026f7477fface586f87559367a34febbd0becf9855941da77e82ac973bcacd23b1eed406479453cb4ca20bde0f8e128150af8b1cd921198e242f0e7c33db66bcb83357804c773ef1164ede2864f0f71b9aabd9eb619ad682a5cb770ee1ea82344ca6b0f6f4dd0b87adfd88e25e7561625e6ab6b6e2ef5415592f0eef116429c8ba3c53b690d76ca823f583787af89d68511ebbcd0148c3a162850d487942b7529603395d5217a2cd6e2728a2f", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="300000006800e97800000001000000000a0000000000000014000600899f90e874c2fe8800"/48], 0x30}}, 0x4000000)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x22000406, &(0x7f0000000900)={[{@dioread_lock}, {@noblock_validity}, {@grpquota}, {@init_itable}, {@auto_da_alloc}, {@grpjquota, 0x2e}, {@nouid32}, {@errors_remount}, {@jqfmt_vfsv1}, {@grpid}], [], 0x2c}, 0x84, 0x4be, &(0x7f0000000980)="$eJzs3MtvG0UYAPBvN4++m7SURx9Q8xIRhaRJC/TAARBIvSAhwaEcQxqq0rRFTZBoVdEUoXJE8A8ARyQkTlw4gYQQcAJxhTtCqlAvLRyQ0dq7jV0/4jgvqH8/yc7M7oxnv90de7yTdQA9q5Q9JRFbI+LXiBiqZusLlKp/bly7OPXXtYtTSZTLL/+ZVMpdv3Zxqiha1NuSZ0bSiPS9JPY2aXf2/IVTkzMz0+fy/Njc6TfHZs9fePzk6ckT0yemz0wcOXL40PhTT0480VEclxZZn8V1fc87Z/ftPvrqhy9OleO1Hz7Ptndrvr42jqrhjtptpxSlKOcWlg5Wnh9e9qv/t2yrSSf967ghLElfRGSHa6DS/4eiLxYO3lC88O7NzLeNdT9aq40EVkX22bSjYWlf9U9/XgC4TSW6OPSo4hM/+/5bPNZ0ALLOrj6bPU9X4r+RP6pr+iPNvssOV7+x97Wof1f7ly8PLdL+1og4Nv/3x9kjml6HAABYWV9n45/Hmo3/0rqxzfZ8DmU4Ig5ExM6IuCMidkXEnfk46O6IuGeJ7ZduyTeOf37e1FVgHdocEU/nc1v14780L5HczG2rxD+QvH5yZvpgvk9GYmBDlh9v08Y3z//yQat1pZrxX/bI2i/Ggvl2/NG/ob7O8cm5yWWEXOfq5Yg9/c3iT27OBGR7YHdE7Oni9bN9dvLRz/Zl6e1bGtcvHn8bKzDPVP404pHq8Z+PW+IvJNWWWs1Pjm2MmemDY8VZ0ejHn668VJsfqEnXxb+xs5g2dhtsE9nx39z0/M/jL7pBMV87u/Q2rvz2fsvvNI3HP4lj87Ul8vO/5l0gO/8Hk1cq6cF82duTc3PnxiMG8wV1yycW6hb5onwW/8iDzfv/zoh/Psnr7Y2I7CS+NyLui4j9+bbfHxEPLHJEvn/uoTfa76Euz/+43FmxNrL4j7c7/hHDSe18fReJvlPffdWq/c7e/w5XUiP5kk7e/zrdwOXsOwAAAPi/SCtz0Ek6WqRrLk7tis3pzNnZuQOleOvM8epc9XAMpMWVrqGa66Hj+bXhIj9xS/5QROyo/KfRpkp+dOrszLb1DByo3KtT1/8jTUdHq+t+b/VPL8DtY0nzaLV3B37x5cpvDLCm3K8JvUv/h96l/0Pv0v+hdzXr/5cibqzDpgBrzOc/9C79H3qX/g+9S/+HntR4S3zxQwvd3Om/kNh5dFnVVz1RHlqVV55feq2+VYo0an+0o2UiiYjumoi0fZnBDlpft0S6aJlnFtstA8v6TYwssT9PbIiITmtdWrO9WrxDJMm6vTkBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACsgH8DAAD//0qp3GU=")
setsockopt$inet6_MCAST_MSFILTER(0xffffffffffffffff, 0x29, 0x30, &(0x7f00000003c0)=ANY=[@ANYBLOB="ff000000000000000a004e200000000520010000000000000000000000000001e60200"/144], 0x90)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r5 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x40000)
readv(r5, &(0x7f0000000080)=[{&(0x7f0000000380)=""/79, 0x4f}], 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x4, 0xf, &(0x7f0000000680)=ANY=[@ANYBLOB="1828dc9c3264100db61eb109b708000000000000000000000000a2334bfe009591001811", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bf0900000000000035090100000000009500000000000000de9800000000000056080000000000008500000005000000b7000000000000009500000000000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x38, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
getdents64(0xffffffffffffffff, &(0x7f0000000500)=""/45, 0x2d)

kernel console output (not intermixed with test programs):

2f0
[  195.170827][T15914]  tipc_group_update_rcv_win+0x49b/0x730
[  195.170854][T15914]  tipc_recvmsg+0x6be/0x9d0
[  195.170880][T15914]  ? __pfx_tipc_recvmsg+0x10/0x10
[  195.170904][T15914]  sock_recvmsg+0x136/0x170
[  195.170993][T15914]  ____sys_recvmsg+0xf5/0x280
[  195.171045][T15914]  ___sys_recvmsg+0x11f/0x370
[  195.171081][T15914]  __x64_sys_recvmsg+0xd1/0x160
[  195.171102][T15914]  x64_sys_call+0xf19/0x2fb0
[  195.171159][T15914]  do_syscall_64+0xd0/0x1a0
[  195.171174][T15914]  ? clear_bhb_loop+0x25/0x80
[  195.171191][T15914]  ? clear_bhb_loop+0x25/0x80
[  195.171207][T15914]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  195.171224][T15914] RIP: 0033:0x7f68f72fe969
[  195.171312][T15914] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  195.171326][T15914] RSP: 002b:00007f68f5967038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  195.171343][T15914] RAX: ffffffffffffffda RBX: 00007f68f7525fa0 RCX: 00007f68f72fe969
[  195.171354][T15914] RDX: 0000000000000080 RSI: 00002000000000c0 RDI: 0000000000000004
[  195.171400][T15914] RBP: 00007f68f5967090 R08: 0000000000000000 R09: 0000000000000000
[  195.171410][T15914] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  195.171420][T15914] R13: 0000000000000000 R14: 00007f68f7525fa0 R15: 00007ffed94eee08
[  195.171437][T15914]  </TASK>
[  195.339451][T15931] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4559'.
[  195.401055][T15933] loop2: detected capacity change from 0 to 1024
[  195.401394][T15933] EXT4-fs: Ignoring removed i_version option
[  195.405376][T15933] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  195.405460][T15933] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  195.406133][T15933] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  195.406180][T15933] EXT4-fs (loop2): orphan cleanup on readonly fs
[  195.407550][T15933] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5899: Corrupt filesystem
[  195.407672][T15933] EXT4-fs (loop2): Remounting filesystem read-only
[  195.407815][T15933] EXT4-fs (loop2): 1 orphan inode deleted
[  195.416936][T15935] loop3: detected capacity change from 0 to 512
[  195.520646][T15935] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  195.558455][T15935] EXT4-fs (loop3): 1 truncate cleaned up
[  195.672253][T15954] loop3: detected capacity change from 0 to 4096
[  195.707678][T15942] SELinux: ebitmap: truncated map
[  195.713193][T15942] SELinux: failed to load policy
[  195.782487][T15962] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  195.806656][T15966] loop4: detected capacity change from 0 to 2048
[  195.839232][T15962] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  195.898794][T15962] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  195.960902][T15962] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  196.015029][T15962] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  196.038548][T15962] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  196.055616][T15962] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  196.080315][T15962] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  196.115009][T15988] loop4: detected capacity change from 0 to 4096
[  196.264644][T16002] FAULT_INJECTION: forcing a failure.
[  196.264644][T16002] name failslab, interval 1, probability 0, space 0, times 0
[  196.277837][T16002] CPU: 1 UID: 0 PID: 16002 Comm: syz.0.4584 Not tainted 6.15.0-rc5-syzkaller-00022-g01f95500a162 #0 PREEMPT(voluntary) 
[  196.277864][T16002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  196.277874][T16002] Call Trace:
[  196.277881][T16002]  <TASK>
[  196.277889][T16002]  __dump_stack+0x1d/0x30
[  196.277910][T16002]  dump_stack_lvl+0xe8/0x140
[  196.277963][T16002]  dump_stack+0x15/0x1b
[  196.277976][T16002]  should_fail_ex+0x265/0x280
[  196.278043][T16002]  ? sctp_add_bind_addr+0x71/0x1e0
[  196.278060][T16002]  should_failslab+0x8c/0xb0
[  196.278085][T16002]  __kmalloc_cache_noprof+0x4c/0x320
[  196.278155][T16002]  sctp_add_bind_addr+0x71/0x1e0
[  196.278179][T16002]  sctp_do_bind+0x427/0x4b0
[  196.278207][T16002]  sctp_inet_listen+0x41c/0x570
[  196.278259][T16002]  __x64_sys_listen+0x10d/0x170
[  196.278282][T16002]  x64_sys_call+0x2b93/0x2fb0
[  196.278298][T16002]  do_syscall_64+0xd0/0x1a0
[  196.278319][T16002]  ? clear_bhb_loop+0x25/0x80
[  196.278340][T16002]  ? clear_bhb_loop+0x25/0x80
[  196.278405][T16002]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.278421][T16002] RIP: 0033:0x7fa51f63e969
[  196.278434][T16002] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  196.278501][T16002] RSP: 002b:00007fa51dca7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000032
[  196.278518][T16002] RAX: ffffffffffffffda RBX: 00007fa51f865fa0 RCX: 00007fa51f63e969
[  196.278528][T16002] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000004
[  196.278538][T16002] RBP: 00007fa51dca7090 R08: 0000000000000000 R09: 0000000000000000
[  196.278547][T16002] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  196.278557][T16002] R13: 0000000000000000 R14: 00007fa51f865fa0 R15: 00007ffc02ad5ef8
[  196.278600][T16002]  </TASK>
[  196.484592][T16005] loop3: detected capacity change from 0 to 2048
[  196.563217][T16014] FAULT_INJECTION: forcing a failure.
[  196.563217][T16014] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  196.576418][T16014] CPU: 0 UID: 0 PID: 16014 Comm: syz.0.4587 Not tainted 6.15.0-rc5-syzkaller-00022-g01f95500a162 #0 PREEMPT(voluntary) 
[  196.576443][T16014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  196.576503][T16014] Call Trace:
[  196.576510][T16014]  <TASK>
[  196.576527][T16014]  __dump_stack+0x1d/0x30
[  196.576549][T16014]  dump_stack_lvl+0xe8/0x140
[  196.576567][T16014]  dump_stack+0x15/0x1b
[  196.576582][T16014]  should_fail_ex+0x265/0x280
[  196.576612][T16014]  should_fail+0xb/0x20
[  196.576698][T16014]  should_fail_usercopy+0x1a/0x20
[  196.576714][T16014]  _copy_to_user+0x20/0xa0
[  196.576735][T16014]  simple_read_from_buffer+0xb5/0x130
[  196.576759][T16014]  proc_fail_nth_read+0x100/0x140
[  196.576802][T16014]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  196.576825][T16014]  vfs_read+0x19d/0x6f0
[  196.576843][T16014]  ? __rcu_read_unlock+0x4f/0x70
[  196.576860][T16014]  ? __fget_files+0x184/0x1c0
[  196.577005][T16014]  ksys_read+0xda/0x1a0
[  196.577107][T16014]  __x64_sys_read+0x40/0x50
[  196.577125][T16014]  x64_sys_call+0x2d77/0x2fb0
[  196.577142][T16014]  do_syscall_64+0xd0/0x1a0
[  196.577226][T16014]  ? clear_bhb_loop+0x25/0x80
[  196.577247][T16014]  ? clear_bhb_loop+0x25/0x80
[  196.577304][T16014]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.577320][T16014] RIP: 0033:0x7fa51f63d37c
[  196.577333][T16014] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  196.577346][T16014] RSP: 002b:00007fa51dca7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  196.577364][T16014] RAX: ffffffffffffffda RBX: 00007fa51f865fa0 RCX: 00007fa51f63d37c
[  196.577377][T16014] RDX: 000000000000000f RSI: 00007fa51dca70a0 RDI: 0000000000000004
[  196.577402][T16014] RBP: 00007fa51dca7090 R08: 0000000000000000 R09: 0000000000000000
[  196.577480][T16014] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  196.577490][T16014] R13: 0000000000000000 R14: 00007fa51f865fa0 R15: 00007ffc02ad5ef8
[  196.577506][T16014]  </TASK>
[  196.776689][T16013] FAULT_INJECTION: forcing a failure.
[  196.776689][T16013] name failslab, interval 1, probability 0, space 0, times 0
[  196.789444][T16013] CPU: 1 UID: 0 PID: 16013 Comm: syz.1.4588 Not tainted 6.15.0-rc5-syzkaller-00022-g01f95500a162 #0 PREEMPT(voluntary) 
[  196.789471][T16013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  196.789481][T16013] Call Trace:
[  196.789485][T16013]  <TASK>
[  196.789491][T16013]  __dump_stack+0x1d/0x30
[  196.789609][T16013]  dump_stack_lvl+0xe8/0x140
[  196.789629][T16013]  dump_stack+0x15/0x1b
[  196.789643][T16013]  should_fail_ex+0x265/0x280
[  196.789720][T16013]  should_failslab+0x8c/0xb0
[  196.789747][T16013]  __kmalloc_noprof+0xa5/0x3e0
[  196.789764][T16013]  ? hashtab_init+0x9b/0xe0
[  196.789851][T16013]  hashtab_init+0x9b/0xe0
[  196.789873][T16013]  symtab_init+0x2c/0x40
[  196.789892][T16013]  common_read+0x10b/0x300
[  196.789908][T16013]  ? hashtab_init+0xbc/0xe0
[  196.789965][T16013]  ? __pfx_common_read+0x10/0x10
[  196.789980][T16013]  policydb_read+0x64f/0x1330
[  196.790023][T16013]  security_load_policy+0xba/0x890
[  196.790054][T16013]  ? rep_movs_alternative+0x4a/0x90
[  196.790111][T16013]  sel_write_load+0x1d4/0x380
[  196.790139][T16013]  ? __pfx_sel_write_load+0x10/0x10
[  196.790169][T16013]  vfs_write+0x266/0x8d0
[  196.790188][T16013]  ? __rcu_read_unlock+0x4f/0x70
[  196.790277][T16013]  ? __fget_files+0x184/0x1c0
[  196.790305][T16013]  ksys_write+0xda/0x1a0
[  196.790402][T16013]  __x64_sys_write+0x40/0x50
[  196.790421][T16013]  x64_sys_call+0x2cdd/0x2fb0
[  196.790438][T16013]  do_syscall_64+0xd0/0x1a0
[  196.790455][T16013]  ? clear_bhb_loop+0x25/0x80
[  196.790507][T16013]  ? clear_bhb_loop+0x25/0x80
[  196.790533][T16013]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.790551][T16013] RIP: 0033:0x7fdc8d03e969
[  196.790565][T16013] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  196.790581][T16013] RSP: 002b:00007fdc8b6a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  196.790608][T16013] RAX: ffffffffffffffda RBX: 00007fdc8d265fa0 RCX: 00007fdc8d03e969
[  196.790619][T16013] RDX: 0000000000002000 RSI: 0000200000000000 RDI: 0000000000000006
[  196.790630][T16013] RBP: 00007fdc8b6a7090 R08: 0000000000000000 R09: 0000000000000000
[  196.790640][T16013] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  196.790651][T16013] R13: 0000000000000000 R14: 00007fdc8d265fa0 R15: 00007ffd0051d308
[  196.790667][T16013]  </TASK>
[  196.801391][T16013] SELinux: failed to load policy
[  196.856299][T16017] validate_nla: 4 callbacks suppressed
[  196.856314][T16017] netlink: 'syz.2.4589': attribute type 2 has an invalid length.
[  197.046911][T16017] netlink: 'syz.2.4589': attribute type 9 has an invalid length.
[  197.046925][T16017] __nla_validate_parse: 1 callbacks suppressed
[  197.046935][T16017] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.4589'.
[  197.166025][T16031] netlink: 'syz.1.4593': attribute type 3 has an invalid length.
[  197.204163][T16031] siw: device registration error -23
[  197.223731][T16027] netlink: 'syz.3.4591': attribute type 3 has an invalid length.
[  197.330987][T16062] netlink: 'syz.3.4605': attribute type 2 has an invalid length.
[  197.338775][T16062] netlink: 'syz.3.4605': attribute type 9 has an invalid length.
[  197.346586][T16062] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.4605'.
[  197.418254][T16055] netlink: 'syz.4.4603': attribute type 3 has an invalid length.
[  197.461903][T16064] loop1: detected capacity change from 0 to 512
[  197.481628][T16064] ext4 filesystem being mounted at /248/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  197.616086][T16070] netlink: 'syz.0.4608': attribute type 32 has an invalid length.
[  197.623971][T16070] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4608'.
[  197.634008][T16070] (unnamed net_device) (uninitialized): option coupled_control: invalid value (17)
[  197.644052][T16091] loop3: detected capacity change from 0 to 2048
[  197.653958][T16088] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  197.709821][T16088] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  197.760510][T16088] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  197.812264][T16096] FAULT_INJECTION: forcing a failure.
[  197.812264][T16096] name failslab, interval 1, probability 0, space 0, times 0
[  197.825155][T16096] CPU: 0 UID: 0 PID: 16096 Comm: syz.3.4616 Not tainted 6.15.0-rc5-syzkaller-00022-g01f95500a162 #0 PREEMPT(voluntary) 
[  197.825176][T16096] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  197.825183][T16096] Call Trace:
[  197.825186][T16096]  <TASK>
[  197.825191][T16096]  __dump_stack+0x1d/0x30
[  197.825275][T16096]  dump_stack_lvl+0xe8/0x140
[  197.825285][T16096]  dump_stack+0x15/0x1b
[  197.825294][T16096]  should_fail_ex+0x265/0x280
[  197.825379][T16096]  should_failslab+0x8c/0xb0
[  197.825395][T16096]  kmem_cache_alloc_noprof+0x50/0x310
[  197.825431][T16096]  ? security_inode_alloc+0x37/0x100
[  197.825443][T16096]  security_inode_alloc+0x37/0x100
[  197.825457][T16096]  inode_init_always_gfp+0x4b7/0x500
[  197.825560][T16096]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  197.825576][T16096]  alloc_inode+0x58/0x170
[  197.825651][T16096]  new_inode+0x1d/0xe0
[  197.825664][T16096]  shmem_get_inode+0x244/0x750
[  197.825678][T16096]  ? __se_sys_memfd_create+0x1cc/0x590
[  197.825691][T16096]  __shmem_file_setup+0x122/0x1f0
[  197.825732][T16096]  shmem_file_setup+0x3b/0x50
[  197.825744][T16096]  __se_sys_memfd_create+0x2c3/0x590
[  197.825757][T16096]  __x64_sys_memfd_create+0x31/0x40
[  197.825828][T16096]  x64_sys_call+0x122f/0x2fb0
[  197.825839][T16096]  do_syscall_64+0xd0/0x1a0
[  197.825891][T16096]  ? clear_bhb_loop+0x25/0x80
[  197.825903][T16096]  ? clear_bhb_loop+0x25/0x80
[  197.825913][T16096]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  197.825925][T16096] RIP: 0033:0x7f69685fe969
[  197.826004][T16096] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  197.826082][T16096] RSP: 002b:00007f6966c66e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  197.826093][T16096] RAX: ffffffffffffffda RBX: 00000000000004cd RCX: 00007f69685fe969
[  197.826100][T16096] RDX: 00007f6966c66ef0 RSI: 0000000000000000 RDI: 00007f6968681444
[  197.826107][T16096] RBP: 0000200000000c80 R08: 00007f6966c66bb7 R09: 00007f6966c66e40
[  197.826293][T16096] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000000
[  197.826300][T16096] R13: 00007f6966c66ef0 R14: 00007f6966c66eb0 R15: 0000200000000080
[  197.826310][T16096]  </TASK>
[  198.045681][T16088] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  198.098510][T16100] netlink: 'syz.2.4618': attribute type 2 has an invalid length.
[  198.106337][T16100] netlink: 'syz.2.4618': attribute type 9 has an invalid length.
[  198.114139][T16100] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.4618'.
[  198.153990][T16088] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  198.168111][T16088] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  198.182266][T16088] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  198.193314][T16088] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  198.213977][   T29] kauditd_printk_skb: 326 callbacks suppressed
[  198.213991][   T29] audit: type=1400 audit(1746533870.567:55548): avc:  denied  { map } for  pid=16105 comm="syz.0.4621" path="socket:[49092]" dev="sockfs" ino=49092 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  198.214693][T16106] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4621'.
[  198.220249][   T29] audit: type=1400 audit(1746533870.567:55549): avc:  denied  { read accept } for  pid=16105 comm="syz.0.4621" path="socket:[49092]" dev="sockfs" ino=49092 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  198.313148][T16113] loop2: detected capacity change from 0 to 2048
[  198.376902][T16121] loop4: detected capacity change from 0 to 512
[  198.388542][T16121] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  198.405745][T16121] EXT4-fs (loop4): warning: maximal mount count reached, running e2fsck is recommended
[  198.416812][T16121] EXT4-fs error (device loop4): ext4_orphan_get:1391: comm syz.4.4625: inode #15: comm syz.4.4625: iget: illegal inode #
[  198.429697][T16121] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.4625: couldn't read orphan inode 15 (err -117)
[  198.499495][T16128] bridge: RTM_NEWNEIGH with invalid ether address
[  198.517157][T16130] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.4629'.
[  198.556780][T16134] lo speed is unknown, defaulting to 1000
[  198.700191][   T29] audit: type=1326 audit(1746533871.057:55550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16137 comm="syz.0.4632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa51f63e969 code=0x7ffc0000
[  198.728759][   T29] audit: type=1326 audit(1746533871.057:55551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16137 comm="syz.0.4632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa51f63e969 code=0x7ffc0000
[  198.752481][   T29] audit: type=1326 audit(1746533871.087:55552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16137 comm="syz.0.4632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7fa51f63e969 code=0x7ffc0000
[  198.776128][   T29] audit: type=1326 audit(1746533871.087:55553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16137 comm="syz.0.4632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa51f63e969 code=0x7ffc0000
[  198.785886][T16141] loop3: detected capacity change from 0 to 512
[  198.799743][   T29] audit: type=1326 audit(1746533871.087:55554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16137 comm="syz.0.4632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa51f63e969 code=0x7ffc0000
[  198.801113][   T29] audit: type=1326 audit(1746533871.087:55555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16137 comm="syz.0.4632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fa51f63e969 code=0x7ffc0000
[  198.806601][T16141] EXT4-fs: Ignoring removed oldalloc option
[  198.829587][   T29] audit: type=1326 audit(1746533871.087:55556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16137 comm="syz.0.4632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa51f63e969 code=0x7ffc0000
[  198.853135][T16141] EXT4-fs: Ignoring removed mblk_io_submit option
[  198.859092][   T29] audit: type=1326 audit(1746533871.087:55557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16137 comm="syz.0.4632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa51f63e969 code=0x7ffc0000
[  198.932363][T16141] EXT4-fs (loop3): orphan cleanup on readonly fs
[  198.966300][T16141] EXT4-fs error (device loop3): ext4_acquire_dquot:6935: comm syz.3.4633: Failed to acquire dquot type 1
[  198.982833][T16141] EXT4-fs (loop3): 1 truncate cleaned up
[  199.013978][T16145] lo speed is unknown, defaulting to 1000
[  199.043293][T16152] netlink: 36 bytes leftover after parsing attributes in process `syz.3.4637'.
[  199.095176][T16154] program syz.3.4638 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  199.104817][T16154] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  199.135547][T16158] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4640'.
[  199.256921][T16180] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  199.265902][T16180] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  199.284303][T16182] loop2: detected capacity change from 0 to 2048
[  199.326295][T16192] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  199.346084][T16192] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  199.364803][T16192] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  199.382006][T16192] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  199.534372][T16206] program syz.2.4656 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  199.543814][T16206] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  199.607397][T16211] lo speed is unknown, defaulting to 1000
[  200.107575][T16237] lo speed is unknown, defaulting to 1000
[  200.201443][T16246] loop3: detected capacity change from 0 to 512
[  200.208959][T16246] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  200.220409][T16246] EXT4-fs (loop3): 1 truncate cleaned up
[  200.299574][T16251] loop3: detected capacity change from 0 to 512
[  200.306369][T16251] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  200.318125][T16251] EXT4-fs (loop3): 1 truncate cleaned up
[  201.288544][T16271] loop3: detected capacity change from 0 to 512
[  201.303352][T16271] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  201.322440][T16271] EXT4-fs (loop3): 1 truncate cleaned up
[  201.339129][T16277] program syz.2.4683 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  201.348626][T16277] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  201.365488][T16277] lo speed is unknown, defaulting to 1000
[  201.458338][T16283] loop2: detected capacity change from 0 to 512
[  201.465457][T16283] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  201.475069][T16283] EXT4-fs (loop2): warning: maximal mount count reached, running e2fsck is recommended
[  201.485648][T16283] EXT4-fs error (device loop2): ext4_orphan_get:1391: comm syz.2.4685: inode #15: comm syz.2.4685: iget: illegal inode #
[  201.498607][T16283] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.4685: couldn't read orphan inode 15 (err -117)
[  202.328771][T16315] validate_nla: 5 callbacks suppressed
[  202.328785][T16315] netlink: 'syz.3.4698': attribute type 3 has an invalid length.
[  202.408376][T16320] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4700'.
[  202.417517][T16320] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4700'.
[  202.426918][T16320] FAULT_INJECTION: forcing a failure.
[  202.426918][T16320] name failslab, interval 1, probability 0, space 0, times 0
[  202.439624][T16320] CPU: 0 UID: 0 PID: 16320 Comm: syz.3.4700 Not tainted 6.15.0-rc5-syzkaller-00022-g01f95500a162 #0 PREEMPT(voluntary) 
[  202.439649][T16320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  202.439661][T16320] Call Trace:
[  202.439668][T16320]  <TASK>
[  202.439711][T16320]  __dump_stack+0x1d/0x30
[  202.439733][T16320]  dump_stack_lvl+0xe8/0x140
[  202.439749][T16320]  dump_stack+0x15/0x1b
[  202.439758][T16320]  should_fail_ex+0x265/0x280
[  202.439777][T16320]  ? __add_metainfo+0x5a/0x220
[  202.439864][T16320]  should_failslab+0x8c/0xb0
[  202.439927][T16320]  __kmalloc_cache_noprof+0x4c/0x320
[  202.439939][T16320]  __add_metainfo+0x5a/0x220
[  202.439953][T16320]  use_all_metadata+0x91/0x140
[  202.439967][T16320]  tcf_ife_init+0x6f5/0x880
[  202.440054][T16320]  tcf_action_init_1+0x367/0x4a0
[  202.440070][T16320]  tcf_action_init+0x1be/0x5f0
[  202.440180][T16320]  tc_ctl_action+0x291/0x830
[  202.440204][T16320]  ? __pfx_tc_ctl_action+0x10/0x10
[  202.440249][T16320]  rtnetlink_rcv_msg+0x657/0x6d0
[  202.440264][T16320]  netlink_rcv_skb+0x120/0x220
[  202.440319][T16320]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  202.440347][T16320]  rtnetlink_rcv+0x1c/0x30
[  202.440365][T16320]  netlink_unicast+0x59e/0x670
[  202.440393][T16320]  netlink_sendmsg+0x58b/0x6b0
[  202.440464][T16320]  ? __pfx_netlink_sendmsg+0x10/0x10
[  202.440522][T16320]  __sock_sendmsg+0x142/0x180
[  202.440536][T16320]  ____sys_sendmsg+0x31e/0x4e0
[  202.440547][T16320]  ___sys_sendmsg+0x17b/0x1d0
[  202.440611][T16320]  __x64_sys_sendmsg+0xd4/0x160
[  202.440624][T16320]  x64_sys_call+0x2999/0x2fb0
[  202.440643][T16320]  do_syscall_64+0xd0/0x1a0
[  202.440668][T16320]  ? clear_bhb_loop+0x25/0x80
[  202.440680][T16320]  ? clear_bhb_loop+0x25/0x80
[  202.440690][T16320]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.440701][T16320] RIP: 0033:0x7f69685fe969
[  202.440754][T16320] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  202.440763][T16320] RSP: 002b:00007f6966c67038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  202.440774][T16320] RAX: ffffffffffffffda RBX: 00007f6968825fa0 RCX: 00007f69685fe969
[  202.440781][T16320] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  202.440853][T16320] RBP: 00007f6966c67090 R08: 0000000000000000 R09: 0000000000000000
[  202.440859][T16320] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  202.440866][T16320] R13: 0000000000000000 R14: 00007f6968825fa0 R15: 00007ffdda1f9158
[  202.440876][T16320]  </TASK>
[  202.748802][T16324] netlink: 'syz.4.4701': attribute type 4 has an invalid length.
[  202.809267][T16334] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4706'.
[  203.618751][   T29] kauditd_printk_skb: 364 callbacks suppressed
[  203.618767][   T29] audit: type=1326 audit(1746533875.977:55920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16342 comm="syz.2.4710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4f174e969 code=0x7ffc0000
[  203.650444][   T29] audit: type=1326 audit(1746533875.977:55921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16342 comm="syz.2.4710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4f174e969 code=0x7ffc0000
[  203.674219][   T29] audit: type=1326 audit(1746533876.017:55922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16342 comm="syz.2.4710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7fe4f174e969 code=0x7ffc0000
[  203.697723][   T29] audit: type=1326 audit(1746533876.017:55923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16342 comm="syz.2.4710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4f174e969 code=0x7ffc0000
[  203.721361][   T29] audit: type=1326 audit(1746533876.017:55924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16342 comm="syz.2.4710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4f174e969 code=0x7ffc0000
[  203.745529][   T29] audit: type=1326 audit(1746533876.017:55925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16342 comm="syz.2.4710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fe4f174e969 code=0x7ffc0000
[  203.769338][   T29] audit: type=1326 audit(1746533876.017:55926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16342 comm="syz.2.4710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4f174e969 code=0x7ffc0000
[  203.792976][   T29] audit: type=1326 audit(1746533876.017:55927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16342 comm="syz.2.4710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=128 compat=0 ip=0x7fe4f174e969 code=0x7ffc0000
[  203.803023][T16343] netlink: 'syz.2.4710': attribute type 3 has an invalid length.
[  203.818976][   T29] audit: type=1326 audit(1746533876.107:55928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16342 comm="syz.2.4710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4f174e969 code=0x7ffc0000
[  203.848373][   T29] audit: type=1326 audit(1746533876.107:55929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16342 comm="syz.2.4710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe4f174e969 code=0x7ffc0000
[  203.975828][T16363] program syz.2.4716 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  203.985288][T16363] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  203.997321][T16361] loop1: detected capacity change from 0 to 1024
[  204.003930][T16361] EXT4-fs: quotafile must be on filesystem root
[  204.046017][T16363] lo speed is unknown, defaulting to 1000
[  204.088852][T16369] netlink: 'syz.1.4718': attribute type 2 has an invalid length.
[  204.096692][T16369] netlink: 'syz.1.4718': attribute type 9 has an invalid length.
[  204.104415][T16369] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.4718'.
[  204.662497][T16387] netlink: 'syz.4.4724': attribute type 3 has an invalid length.
[  204.687327][T16392] blktrace: Concurrent blktraces are not allowed on loop8
[  204.799772][T16398] loop4: detected capacity change from 0 to 512
[  204.811838][T16398] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  204.824520][T16398] EXT4-fs (loop4): 1 truncate cleaned up
[  204.935519][T16407] netlink: 'syz.4.4731': attribute type 4 has an invalid length.
[  205.057168][T16418] FAULT_INJECTION: forcing a failure.
[  205.057168][T16418] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  205.070361][T16418] CPU: 1 UID: 0 PID: 16418 Comm: syz.2.4737 Not tainted 6.15.0-rc5-syzkaller-00022-g01f95500a162 #0 PREEMPT(voluntary) 
[  205.070445][T16418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  205.070535][T16418] Call Trace:
[  205.070542][T16418]  <TASK>
[  205.070549][T16418]  __dump_stack+0x1d/0x30
[  205.070571][T16418]  dump_stack_lvl+0xe8/0x140
[  205.070625][T16418]  dump_stack+0x15/0x1b
[  205.070641][T16418]  should_fail_ex+0x265/0x280
[  205.070672][T16418]  should_fail+0xb/0x20
[  205.070820][T16418]  should_fail_usercopy+0x1a/0x20
[  205.070838][T16418]  _copy_to_user+0x20/0xa0
[  205.070860][T16418]  simple_read_from_buffer+0xb5/0x130
[  205.070937][T16418]  proc_fail_nth_read+0x100/0x140
[  205.070961][T16418]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  205.070983][T16418]  vfs_read+0x19d/0x6f0
[  205.071064][T16418]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  205.071089][T16418]  ? __rcu_read_unlock+0x4f/0x70
[  205.071110][T16418]  ? __fget_files+0x184/0x1c0
[  205.071138][T16418]  ksys_read+0xda/0x1a0
[  205.071179][T16418]  __x64_sys_read+0x40/0x50
[  205.071241][T16418]  x64_sys_call+0x2d77/0x2fb0
[  205.071291][T16418]  do_syscall_64+0xd0/0x1a0
[  205.071318][T16418]  ? clear_bhb_loop+0x25/0x80
[  205.071406][T16418]  ? clear_bhb_loop+0x25/0x80
[  205.071432][T16418]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  205.071449][T16418] RIP: 0033:0x7fe4f174d37c
[  205.071564][T16418] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  205.071581][T16418] RSP: 002b:00007fe4efdb7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  205.071596][T16418] RAX: ffffffffffffffda RBX: 00007fe4f1975fa0 RCX: 00007fe4f174d37c
[  205.071607][T16418] RDX: 000000000000000f RSI: 00007fe4efdb70a0 RDI: 0000000000000005
[  205.071618][T16418] RBP: 00007fe4efdb7090 R08: 0000000000000000 R09: 0000000000000000
[  205.071628][T16418] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000001
[  205.071681][T16418] R13: 0000000000000000 R14: 00007fe4f1975fa0 R15: 00007ffedd14e798
[  205.071700][T16418]  </TASK>
[  205.349721][T16421] netlink: 'syz.1.4738': attribute type 3 has an invalid length.
[  205.362964][ T3380] hid-generic 0003:FFFFFFFF:0004.0007: item fetching failed at offset 0/1
[  205.372563][ T3380] hid-generic 0003:FFFFFFFF:0004.0007: probe with driver hid-generic failed with error -22
[  205.400389][T16432] loop2: detected capacity change from 0 to 512
[  205.407597][T16432] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  205.418831][T16432] EXT4-fs (loop2): 1 truncate cleaned up
[  205.501787][T16438] program syz.2.4743 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  205.511382][T16438] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  205.530093][T16438] lo speed is unknown, defaulting to 1000
[  205.630208][T16441] netlink: 'syz.2.4744': attribute type 4 has an invalid length.
[  205.700985][T16445] loop2: detected capacity change from 0 to 512
[  205.712487][T16445] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  205.717868][T16443] siw: device registration error -23
[  205.740985][T16445] EXT4-fs (loop2): 1 truncate cleaned up
[  205.752838][T16449] 8021q: VLANs not supported on gre0
[  205.843267][T16458] netlink: 'syz.2.4750': attribute type 2 has an invalid length.
[  205.851094][T16458] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.4750'.
[  205.892961][T16462] loop4: detected capacity change from 0 to 512
[  205.902517][T16462] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  205.913369][T16462] EXT4-fs (loop4): 1 truncate cleaned up
[  205.949529][T16467] loop2: detected capacity change from 0 to 512
[  205.965700][T16467] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  205.977417][T16467] EXT4-fs (loop2): warning: maximal mount count reached, running e2fsck is recommended
[  205.994100][T16467] EXT4-fs error (device loop2): ext4_orphan_get:1391: comm syz.2.4754: inode #15: comm syz.2.4754: iget: illegal inode #
[  206.008260][T16467] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.4754: couldn't read orphan inode 15 (err -117)
[  206.197063][T16477] siw: device registration error -23
[  206.243953][T16484] loop1: detected capacity change from 0 to 512
[  206.255016][T16484] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  206.278397][T16484] EXT4-fs (loop1): 1 truncate cleaned up
[  206.714486][T16499] netlink: 72 bytes leftover after parsing attributes in process `syz.0.4765'.
[  206.775007][T16506] FAULT_INJECTION: forcing a failure.
[  206.775007][T16506] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  206.788276][T16506] CPU: 0 UID: 0 PID: 16506 Comm: syz.0.4768 Not tainted 6.15.0-rc5-syzkaller-00022-g01f95500a162 #0 PREEMPT(voluntary) 
[  206.788360][T16506] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  206.788370][T16506] Call Trace:
[  206.788376][T16506]  <TASK>
[  206.788383][T16506]  __dump_stack+0x1d/0x30
[  206.788405][T16506]  dump_stack_lvl+0xe8/0x140
[  206.788490][T16506]  dump_stack+0x15/0x1b
[  206.788504][T16506]  should_fail_ex+0x265/0x280
[  206.788540][T16506]  should_fail+0xb/0x20
[  206.788566][T16506]  should_fail_usercopy+0x1a/0x20
[  206.788584][T16506]  _copy_from_iter+0xcf/0xdd0
[  206.788604][T16506]  ? _copy_from_iter+0x16d/0xdd0
[  206.788653][T16506]  copy_page_from_iter+0x15a/0x290
[  206.788670][T16506]  skb_copy_datagram_from_iter+0x232/0x490
[  206.788733][T16506]  tun_get_user+0x10b6/0x24d0
[  206.788759][T16506]  ? ref_tracker_alloc+0x1f2/0x2f0
[  206.788785][T16506]  ? avc_policy_seqno+0x15/0x30
[  206.788811][T16506]  tun_chr_write_iter+0x15e/0x210
[  206.788843][T16506]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  206.788911][T16506]  vfs_write+0x49d/0x8d0
[  206.789037][T16506]  ksys_write+0xda/0x1a0
[  206.789095][T16506]  __x64_sys_write+0x40/0x50
[  206.789117][T16506]  x64_sys_call+0x2cdd/0x2fb0
[  206.789193][T16506]  do_syscall_64+0xd0/0x1a0
[  206.789215][T16506]  ? clear_bhb_loop+0x25/0x80
[  206.789236][T16506]  ? clear_bhb_loop+0x25/0x80
[  206.789334][T16506]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  206.789351][T16506] RIP: 0033:0x7fa51f63e969
[  206.789365][T16506] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  206.789378][T16506] RSP: 002b:00007fa51dca7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  206.789388][T16506] RAX: ffffffffffffffda RBX: 00007fa51f865fa0 RCX: 00007fa51f63e969
[  206.789472][T16506] RDX: 0000000000000ffe RSI: 0000200000000240 RDI: 0000000000000003
[  206.789479][T16506] RBP: 00007fa51dca7090 R08: 0000000000000000 R09: 0000000000000000
[  206.789485][T16506] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  206.789492][T16506] R13: 0000000000000000 R14: 00007fa51f865fa0 R15: 00007ffc02ad5ef8
[  206.789549][T16506]  </TASK>
[  207.270283][T16531] loop1: detected capacity change from 0 to 512
[  207.282823][T16531] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  207.292901][T16531] EXT4-fs (loop1): warning: maximal mount count reached, running e2fsck is recommended
[  207.303298][T16531] EXT4-fs error (device loop1): ext4_orphan_get:1391: comm syz.1.4777: inode #15: comm syz.1.4777: iget: illegal inode #
[  207.316507][T16531] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.4777: couldn't read orphan inode 15 (err -117)
[  207.540350][T16537] validate_nla: 3 callbacks suppressed
[  207.540412][T16537] netlink: 'syz.3.4779': attribute type 4 has an invalid length.
[  208.047939][T16551] loop4: detected capacity change from 0 to 512
[  208.058347][T16553] FAULT_INJECTION: forcing a failure.
[  208.058347][T16553] name failslab, interval 1, probability 0, space 0, times 0
[  208.071074][T16553] CPU: 1 UID: 0 PID: 16553 Comm: syz.0.4784 Not tainted 6.15.0-rc5-syzkaller-00022-g01f95500a162 #0 PREEMPT(voluntary) 
[  208.071101][T16553] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  208.071112][T16553] Call Trace:
[  208.071183][T16553]  <TASK>
[  208.071190][T16553]  __dump_stack+0x1d/0x30
[  208.071209][T16553]  dump_stack_lvl+0xe8/0x140
[  208.071228][T16553]  dump_stack+0x15/0x1b
[  208.071244][T16553]  should_fail_ex+0x265/0x280
[  208.071275][T16553]  ? snd_seq_fifo_new+0x31/0x110
[  208.071381][T16553]  should_failslab+0x8c/0xb0
[  208.071408][T16553]  __kmalloc_cache_noprof+0x4c/0x320
[  208.071428][T16553]  ? snd_seq_pool_new+0xb8/0xe0
[  208.071466][T16553]  snd_seq_fifo_new+0x31/0x110
[  208.071494][T16553]  snd_seq_open+0x163/0x320
[  208.071517][T16553]  ? __pfx_snd_seq_open+0x10/0x10
[  208.071597][T16553]  snd_open+0x237/0x2a0
[  208.071623][T16553]  chrdev_open+0x2e8/0x3a0
[  208.071649][T16553]  do_dentry_open+0x646/0xa20
[  208.071688][T16553]  ? __pfx_chrdev_open+0x10/0x10
[  208.071712][T16553]  vfs_open+0x37/0x1e0
[  208.071782][T16553]  path_openat+0x1c5e/0x2170
[  208.071809][T16553]  ? __mod_memcg_lruvec_state+0x13e/0x290
[  208.071840][T16553]  do_filp_open+0x109/0x230
[  208.071876][T16553]  io_openat2+0x272/0x390
[  208.071922][T16553]  io_openat+0x1b/0x30
[  208.071944][T16553]  io_issue_sqe+0x1a8/0xb70
[  208.071969][T16553]  io_submit_sqes+0x64c/0x1000
[  208.072067][T16553]  __se_sys_io_uring_enter+0x1c1/0x1b70
[  208.072095][T16553]  ? __rcu_read_unlock+0x4f/0x70
[  208.072164][T16553]  ? get_pid_task+0x96/0xd0
[  208.072214][T16553]  ? proc_fail_nth_write+0x12d/0x160
[  208.072239][T16553]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  208.072263][T16553]  ? vfs_write+0x75e/0x8d0
[  208.072313][T16553]  ? __rcu_read_unlock+0x4f/0x70
[  208.072333][T16553]  ? __fget_files+0x184/0x1c0
[  208.072357][T16553]  ? fput+0x8f/0xc0
[  208.072399][T16553]  __x64_sys_io_uring_enter+0x78/0x90
[  208.072428][T16553]  x64_sys_call+0x28c8/0x2fb0
[  208.072448][T16553]  do_syscall_64+0xd0/0x1a0
[  208.072469][T16553]  ? clear_bhb_loop+0x25/0x80
[  208.072489][T16553]  ? clear_bhb_loop+0x25/0x80
[  208.072565][T16553]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  208.072637][T16553] RIP: 0033:0x7fa51f63e969
[  208.072652][T16553] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  208.072668][T16553] RSP: 002b:00007fa51dca7038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  208.072687][T16553] RAX: ffffffffffffffda RBX: 00007fa51f865fa0 RCX: 00007fa51f63e969
[  208.072699][T16553] RDX: 0000000000000000 RSI: 00000000000047f6 RDI: 0000000000000006
[  208.072711][T16553] RBP: 00007fa51dca7090 R08: 0000000000000000 R09: 0000000000000000
[  208.072722][T16553] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  208.072734][T16553] R13: 0000000000000000 R14: 00007fa51f865fa0 R15: 00007ffc02ad5ef8
[  208.072770][T16553]  </TASK>
[  208.076678][T16545] netlink: 'syz.2.4782': attribute type 3 has an invalid length.
[  208.118269][T16551] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  208.229536][T16555] netlink: 'syz.0.4787': attribute type 2 has an invalid length.
[  208.388670][T16555] netlink: 'syz.0.4787': attribute type 9 has an invalid length.
[  208.388682][T16555] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.4787'.
[  208.397971][T16551] EXT4-fs (loop4): 1 truncate cleaned up
[  208.418067][T16559] program syz.1.4786 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  208.428186][T16559] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  208.451236][T16559] lo speed is unknown, defaulting to 1000
[  208.554569][T16570] dvmrp5: entered allmulticast mode
[  208.567812][T16570] dvmrp5: left allmulticast mode
[  208.618473][T16576] netlink: 'syz.0.4795': attribute type 4 has an invalid length.
[  208.627640][   T29] kauditd_printk_skb: 516 callbacks suppressed
[  208.627653][   T29] audit: type=1326 audit(1746533880.988:56444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16574 comm="syz.0.4795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa51f63e969 code=0x7ffc0000
[  208.658173][   T29] audit: type=1326 audit(1746533880.988:56445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16574 comm="syz.0.4795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa51f63e969 code=0x7ffc0000
[  208.689633][T16581] loop1: detected capacity change from 0 to 512
[  208.698916][T16581] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  208.716410][T16581] EXT4-fs (loop1): 1 truncate cleaned up
[  208.764892][T16578] siw: device registration error -23
[  208.789768][T16591] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4800'.
[  208.979743][T16603] netlink: 'syz.4.4804': attribute type 3 has an invalid length.
[  208.989009][T16603] siw: device registration error -23
[  209.076857][   T29] audit: type=1326 audit(1746533881.438:56446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16612 comm="syz.4.4807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68f72fe969 code=0x7ffc0000
[  209.100595][   T29] audit: type=1326 audit(1746533881.458:56447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16614 comm="syz.0.4808" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa51f63e969 code=0x7ffc0000
[  209.124422][   T29] audit: type=1326 audit(1746533881.458:56448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16612 comm="syz.4.4807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f68f72fe969 code=0x7ffc0000
[  209.147982][   T29] audit: type=1326 audit(1746533881.458:56449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16612 comm="syz.4.4807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68f72fe969 code=0x7ffc0000
[  209.171653][   T29] audit: type=1326 audit(1746533881.458:56450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16612 comm="syz.4.4807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f68f72fe969 code=0x7ffc0000
[  209.195234][   T29] audit: type=1326 audit(1746533881.458:56451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16612 comm="syz.4.4807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68f72fe969 code=0x7ffc0000
[  209.218863][   T29] audit: type=1326 audit(1746533881.458:56452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16612 comm="syz.4.4807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68f72fe969 code=0x7ffc0000
[  209.231759][T16613] netlink: 'syz.4.4807': attribute type 3 has an invalid length.
[  209.242461][   T29] audit: type=1326 audit(1746533881.458:56453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16612 comm="syz.4.4807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=128 compat=0 ip=0x7f68f72fe969 code=0x7ffc0000
[  209.276051][T16617] netlink: 'syz.0.4808': attribute type 4 has an invalid length.
[  209.315410][T16621] netlink: 'syz.4.4809': attribute type 4 has an invalid length.
[  209.384644][T16630] loop4: detected capacity change from 0 to 2048
[  209.434665][T16630]  loop4: p1 < > p4
[  209.441007][T16630] loop4: p4 size 8388608 extends beyond EOD, truncated
[  209.454579][ T3005]  loop4: p1 < > p4
[  209.459246][ T3005] loop4: p4 size 8388608 extends beyond EOD, truncated
[  209.502711][ T3297] udevd[3297]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  209.502835][T13357] udevd[13357]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[  209.616680][T16645] netlink: 'syz.0.4820': attribute type 3 has an invalid length.
[  209.683055][T16655] loop1: detected capacity change from 0 to 512
[  209.701925][T16655] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  209.729697][T16655] EXT4-fs (loop1): 1 truncate cleaned up
[  209.808083][T16664] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  209.817830][T16664] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  209.857914][T16669] loop1: detected capacity change from 0 to 512
[  209.864996][T16669] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  209.874767][T16669] EXT4-fs (loop1): warning: maximal mount count reached, running e2fsck is recommended
[  209.885207][T16669] EXT4-fs error (device loop1): ext4_orphan_get:1391: comm syz.1.4829: inode #15: comm syz.1.4829: iget: illegal inode #
[  209.898150][T16669] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.4829: couldn't read orphan inode 15 (err -117)
[  210.126501][T16683] siw: device registration error -23
[  210.303521][T16691] loop2: detected capacity change from 0 to 512
[  210.310499][T16691] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  210.321482][T16691] EXT4-fs (loop2): 1 truncate cleaned up
[  210.341926][T16694] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4839'.
[  210.364368][T16696] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4840'.
[  210.499034][T16712] loop3: detected capacity change from 0 to 512
[  210.506395][T16712] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  210.528935][T16712] EXT4-fs (loop3): warning: maximal mount count reached, running e2fsck is recommended
[  210.543890][T16712] EXT4-fs error (device loop3): ext4_orphan_get:1391: comm syz.3.4847: inode #15: comm syz.3.4847: iget: illegal inode #
[  210.559838][T16719] loop2: detected capacity change from 0 to 1024
[  210.566627][T16712] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.4847: couldn't read orphan inode 15 (err -117)
[  210.576003][T16719] EXT4-fs: Ignoring removed oldalloc option
[  210.587392][T16719] EXT4-fs (loop2): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  210.658561][T16733] loop4: detected capacity change from 0 to 512
[  210.676639][T16733] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  210.712694][T16733] EXT4-fs (loop4): 1 truncate cleaned up
[  210.716415][T16736] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4855'.
[  210.788502][T16747] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.4860'.
[  210.890877][T16757] loop4: detected capacity change from 0 to 512
[  210.901089][T16757] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  210.911906][T16757] EXT4-fs (loop4): warning: maximal mount count reached, running e2fsck is recommended
[  210.924834][T16757] EXT4-fs error (device loop4): ext4_orphan_get:1391: comm syz.4.4863: inode #15: comm syz.4.4863: iget: illegal inode #
[  210.937887][T16757] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.4863: couldn't read orphan inode 15 (err -117)
[  211.091094][T16765] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4866'.
[  211.214482][T16772] loop1: detected capacity change from 0 to 2048
[  211.238338][T16772] ext4 filesystem being mounted at /287/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  211.837141][T16794] FAULT_INJECTION: forcing a failure.
[  211.837141][T16794] name failslab, interval 1, probability 0, space 0, times 0
[  211.849875][T16794] CPU: 1 UID: 0 PID: 16794 Comm: syz.3.4876 Not tainted 6.15.0-rc5-syzkaller-00022-g01f95500a162 #0 PREEMPT(voluntary) 
[  211.849903][T16794] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  211.849916][T16794] Call Trace:
[  211.849922][T16794]  <TASK>
[  211.849929][T16794]  __dump_stack+0x1d/0x30
[  211.849947][T16794]  dump_stack_lvl+0xe8/0x140
[  211.850014][T16794]  dump_stack+0x15/0x1b
[  211.850027][T16794]  should_fail_ex+0x265/0x280
[  211.850057][T16794]  should_failslab+0x8c/0xb0
[  211.850087][T16794]  kmem_cache_alloc_noprof+0x50/0x310
[  211.850117][T16794]  ? skb_clone+0x151/0x1f0
[  211.850133][T16794]  skb_clone+0x151/0x1f0
[  211.850148][T16794]  __netlink_deliver_tap+0x2c9/0x500
[  211.850181][T16794]  netlink_unicast+0x64c/0x670
[  211.850237][T16794]  netlink_sendmsg+0x58b/0x6b0
[  211.850309][T16794]  ? __pfx_netlink_sendmsg+0x10/0x10
[  211.850367][T16794]  __sock_sendmsg+0x142/0x180
[  211.850389][T16794]  ____sys_sendmsg+0x31e/0x4e0
[  211.850408][T16794]  ___sys_sendmsg+0x17b/0x1d0
[  211.850447][T16794]  __x64_sys_sendmsg+0xd4/0x160
[  211.850523][T16794]  x64_sys_call+0x2999/0x2fb0
[  211.850540][T16794]  do_syscall_64+0xd0/0x1a0
[  211.850582][T16794]  ? clear_bhb_loop+0x25/0x80
[  211.850603][T16794]  ? clear_bhb_loop+0x25/0x80
[  211.850624][T16794]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  211.850693][T16794] RIP: 0033:0x7f69685fe969
[  211.850708][T16794] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  211.850725][T16794] RSP: 002b:00007f6966c67038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  211.850741][T16794] RAX: ffffffffffffffda RBX: 00007f6968825fa0 RCX: 00007f69685fe969
[  211.850804][T16794] RDX: 0000000000048000 RSI: 0000200000000300 RDI: 0000000000000005
[  211.850816][T16794] RBP: 00007f6966c67090 R08: 0000000000000000 R09: 0000000000000000
[  211.850828][T16794] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  211.850840][T16794] R13: 0000000000000000 R14: 00007f6968825fa0 R15: 00007ffdda1f9158
[  211.850858][T16794]  </TASK>
[  212.127827][T16772] syz.1.4869 (16772) used greatest stack depth: 6016 bytes left
[  212.141810][T16798] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4878'.
[  212.195186][T16807] loop4: detected capacity change from 0 to 1024
[  212.205524][T16807] EXT4-fs: Ignoring removed orlov option
[  212.205548][T16810] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.4882'.
[  212.211255][T16807] EXT4-fs: Ignoring removed bh option
[  212.280941][T16815] loop2: detected capacity change from 0 to 512
[  212.289504][T16815] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  212.300936][T16815] EXT4-fs (loop2): 1 truncate cleaned up
[  212.316677][T16807] 9pnet_fd: Insufficient options for proto=fd
[  212.453046][T16831] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1537 sclass=netlink_route_socket pid=16831 comm=syz.0.4889
[  212.532780][T16840] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4892'.
[  212.633360][T16844] validate_nla: 13 callbacks suppressed
[  212.633422][T16844] netlink: 'syz.0.4894': attribute type 3 has an invalid length.
[  212.683064][T16849] netlink: 'syz.4.4896': attribute type 4 has an invalid length.
[  212.792318][T16859] netlink: 'syz.0.4900': attribute type 3 has an invalid length.
[  212.806025][T16867] loop4: detected capacity change from 0 to 512
[  212.806651][T16859] siw: device registration error -23
[  212.818023][T16867] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  212.830713][T16867] EXT4-fs (loop4): 1 truncate cleaned up
[  212.917985][T16876] SELinux: syz.4.4906 (16876) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  213.003707][T16878] netlink: 'syz.0.4907': attribute type 3 has an invalid length.
[  213.061721][T16886] netlink: 'syz.1.4910': attribute type 4 has an invalid length.
[  213.218784][T16898] loop4: detected capacity change from 0 to 512
[  213.229655][T16898] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  213.263092][T16904] loop2: detected capacity change from 0 to 512
[  213.269509][T16898] EXT4-fs (loop4): 1 truncate cleaned up
[  213.277133][T16894] netlink: 'syz.1.4915': attribute type 3 has an invalid length.
[  213.287758][T16894] siw: device registration error -23
[  213.300589][T16904] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  213.314880][T16904] EXT4-fs (loop2): 1 truncate cleaned up
[  213.377646][T16916] netlink: 'syz.4.4922': attribute type 4 has an invalid length.
[  213.424404][T16924] SELinux: syz.3.4926 (16924) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  213.441110][T16909] netlink: 'syz.1.4919': attribute type 3 has an invalid length.
[  213.475403][T16928] program syz.4.4927 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  213.485165][T16928] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  213.507498][T16928] lo speed is unknown, defaulting to 1000
[  213.576310][T16935] netlink: 'syz.0.4930': attribute type 3 has an invalid length.
[  213.586365][T16935] siw: device registration error -23
[  213.636730][T16944] loop4: detected capacity change from 0 to 512
[  213.643607][T16944] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  213.655774][T16944] EXT4-fs (loop4): 1 truncate cleaned up
[  213.709669][   T29] kauditd_printk_skb: 1006 callbacks suppressed
[  213.709695][   T29] audit: type=1326 audit(1746533886.069:57460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16923 comm="syz.3.4926" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69685fe969 code=0x7ffc0000
[  213.740354][   T29] audit: type=1326 audit(1746533886.069:57461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16923 comm="syz.3.4926" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69685fe969 code=0x7ffc0000
[  213.800069][   T29] audit: type=1326 audit(1746533886.159:57462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16949 comm="syz.4.4934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68f72fe969 code=0x7ffc0000
[  213.823788][   T29] audit: type=1326 audit(1746533886.159:57463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16949 comm="syz.4.4934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68f72fe969 code=0x7ffc0000
[  213.850254][   T29] audit: type=1326 audit(1746533886.189:57464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16949 comm="syz.4.4934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7f68f72fe969 code=0x7ffc0000
[  213.928815][   T29] audit: type=1326 audit(1746533886.289:57465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16955 comm="syz.3.4937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69685fe969 code=0x7ffc0000
[  213.953023][   T29] audit: type=1326 audit(1746533886.289:57466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16955 comm="syz.3.4937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69685fe969 code=0x7ffc0000
[  213.976697][   T29] audit: type=1326 audit(1746533886.289:57467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16955 comm="syz.3.4937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f69685fe969 code=0x7ffc0000
[  214.000360][   T29] audit: type=1326 audit(1746533886.289:57468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16955 comm="syz.3.4937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69685fe969 code=0x7ffc0000
[  214.023990][   T29] audit: type=1326 audit(1746533886.289:57469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16955 comm="syz.3.4937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f69685fe969 code=0x7ffc0000
[  214.056911][T16956] netlink: 'syz.3.4937': attribute type 4 has an invalid length.
[  214.238172][T16965] loop3: detected capacity change from 0 to 512
[  214.245224][T16965] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  214.255336][T16965] EXT4-fs (loop3): warning: maximal mount count reached, running e2fsck is recommended
[  214.265777][T16965] EXT4-fs error (device loop3): ext4_orphan_get:1391: comm syz.3.4941: inode #15: comm syz.3.4941: iget: illegal inode #
[  214.279287][T16965] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.4941: couldn't read orphan inode 15 (err -117)
[  214.656725][T17000] siw: device registration error -23
[  214.680892][T17009] FAULT_INJECTION: forcing a failure.
[  214.680892][T17009] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  214.691915][T17004] loop1: detected capacity change from 0 to 8192
[  214.694027][T17009] CPU: 0 UID: 0 PID: 17009 Comm: syz.0.4960 Not tainted 6.15.0-rc5-syzkaller-00022-g01f95500a162 #0 PREEMPT(voluntary) 
[  214.694131][T17009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  214.694146][T17009] Call Trace:
[  214.694162][T17009]  <TASK>
[  214.694170][T17009]  __dump_stack+0x1d/0x30
[  214.694190][T17009]  dump_stack_lvl+0xe8/0x140
[  214.694309][T17009]  dump_stack+0x15/0x1b
[  214.694325][T17009]  should_fail_ex+0x265/0x280
[  214.694353][T17009]  should_fail+0xb/0x20
[  214.694377][T17009]  should_fail_usercopy+0x1a/0x20
[  214.694395][T17009]  _copy_from_user+0x1c/0xb0
[  214.694441][T17009]  kstrtouint_from_user+0x69/0xf0
[  214.694469][T17009]  ? avc_policy_seqno+0x15/0x30
[  214.694565][T17009]  proc_fail_nth_write+0x50/0x160
[  214.694612][T17009]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  214.694708][T17009]  vfs_write+0x266/0x8d0
[  214.694733][T17009]  ? vfs_read+0x47f/0x6f0
[  214.694832][T17009]  ? __rcu_read_unlock+0x4f/0x70
[  214.694852][T17009]  ? __fget_files+0x184/0x1c0
[  214.694926][T17009]  ksys_write+0xda/0x1a0
[  214.694951][T17009]  __x64_sys_write+0x40/0x50
[  214.694974][T17009]  x64_sys_call+0x2cdd/0x2fb0
[  214.694993][T17009]  do_syscall_64+0xd0/0x1a0
[  214.695013][T17009]  ? clear_bhb_loop+0x25/0x80
[  214.695040][T17009]  ? clear_bhb_loop+0x25/0x80
[  214.695060][T17009]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.695079][T17009] RIP: 0033:0x7fa51f63d41f
[  214.695094][T17009] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  214.695109][T17009] RSP: 002b:00007fa51dca7030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  214.695204][T17009] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fa51f63d41f
[  214.695217][T17009] RDX: 0000000000000001 RSI: 00007fa51dca70a0 RDI: 0000000000000005
[  214.695228][T17009] RBP: 00007fa51dca7090 R08: 0000000000000000 R09: 0000000000000000
[  214.695239][T17009] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  214.695251][T17009] R13: 0000000000000000 R14: 00007fa51f865fa0 R15: 00007ffc02ad5ef8
[  214.695269][T17009]  </TASK>
[  214.911044][T17017] __nla_validate_parse: 1 callbacks suppressed
[  214.911067][T17017] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4962'.
[  214.927273][T17004] FAT-fs (loop1): Directory bread(block 22913) failed
[  214.934072][T17004] FAT-fs (loop1): Directory bread(block 22914) failed
[  214.941027][T17004] FAT-fs (loop1): Directory bread(block 22915) failed
[  214.948050][T17004] FAT-fs (loop1): Directory bread(block 22916) failed
[  214.955165][T17004] FAT-fs (loop1): Directory bread(block 22917) failed
[  214.962157][T17004] FAT-fs (loop1): Directory bread(block 22918) failed
[  214.969467][T17004] FAT-fs (loop1): Directory bread(block 22919) failed
[  214.976433][T17004] FAT-fs (loop1): Directory bread(block 22920) failed
[  214.983448][T17004] FAT-fs (loop1): Directory bread(block 22921) failed
[  214.990502][T17004] FAT-fs (loop1): Directory bread(block 22922) failed
[  215.257012][T17047] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4975'.
[  215.587597][T17071] netlink: 44 bytes leftover after parsing attributes in process `syz.0.4984'.
[  215.686263][T17077] SELinux: syz.3.4987 (17077) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  215.781137][T17084] program syz.0.4990 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  215.790566][T17084] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  215.808776][T17084] lo speed is unknown, defaulting to 1000
[  216.034476][T17101] xt_connbytes: Forcing CT accounting to be enabled
[  216.052027][T17101] Cannot find set identified by id 0 to match
[  216.077204][T17101] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4996'.
[  216.108289][T17101] hsr_slave_1 (unregistering): left promiscuous mode
[  216.198387][T17110] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4999'.
[  216.336244][T17118] program syz.3.5002 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  216.346353][T17118] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  216.373697][T17118] lo speed is unknown, defaulting to 1000
[  216.475830][T17127] SELinux: syz.3.5006 (17127) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  216.793738][T17140] loop1: detected capacity change from 0 to 512
[  216.801323][T17140] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  216.817803][T17140] EXT4-fs (loop1): 1 truncate cleaned up
[  216.828073][T17140] EXT4-fs mount: 84 callbacks suppressed
[  216.828088][T17140] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  216.839812][T17146] loop3: detected capacity change from 0 to 512
[  216.853283][T17146] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  216.864379][T17146] EXT4-fs (loop3): warning: maximal mount count reached, running e2fsck is recommended
[  216.876123][T17146] EXT4-fs error (device loop3): ext4_orphan_get:1391: comm syz.3.5014: inode #15: comm syz.3.5014: iget: illegal inode #
[  216.889366][T17146] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.5014: couldn't read orphan inode 15 (err -117)
[  216.901976][T17146] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  216.933490][T17150] program syz.4.5016 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  216.943937][T12002] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  216.944560][T17150] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  216.962100][T11808] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  216.992319][T17150] lo speed is unknown, defaulting to 1000
[  217.122358][T17154] loop3: detected capacity change from 0 to 1024
[  217.138005][T17154] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  217.149005][T17154] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  217.162032][T17154] JBD2: no valid journal superblock found
[  217.167869][T17154] EXT4-fs (loop3): Could not load journal inode
[  217.308906][T17164] siw: device registration error -23
[  217.418394][T17182] loop2: detected capacity change from 0 to 512
[  217.427428][T17182] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  217.484778][T17182] EXT4-fs (loop2): 1 truncate cleaned up
[  217.495298][T17182] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  217.521431][T17188] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  217.531122][T17188] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  217.553510][T17190] program syz.4.5029 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  217.563022][T17190] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  217.573299][T11450] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  217.591077][T17193] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  217.599877][T17193] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  217.615255][T17190] lo speed is unknown, defaulting to 1000
[  217.623070][T17193] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  217.639518][T17193] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  217.718164][T17199] lo: left promiscuous mode
[  217.722709][T17199] lo: left allmulticast mode
[  217.901992][T17199] bridge0: port 2(bridge_slave_1) entered disabled state
[  217.909242][T17199] bridge0: port 1(bridge_slave_0) entered disabled state
[  218.079333][T17199] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  218.122238][T17199] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  218.188751][T17199] netdevsim netdevsim3 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  218.197211][T17199] netdevsim netdevsim3 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  218.205613][T17199] netdevsim netdevsim3 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  218.213996][T17199] netdevsim netdevsim3 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  218.257981][ T3381] syz1: Port: 1 Link DOWN
[  218.414641][T17240] loop4: detected capacity change from 0 to 2048
[  218.426753][T17240] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  218.440444][T17240] ext4 filesystem being mounted at /443/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  218.573535][T17250] ucma_write: process 860 (syz.0.5044) changed security contexts after opening file descriptor, this is not allowed.
[  218.832938][   T29] kauditd_printk_skb: 839 callbacks suppressed
[  218.832953][   T29] audit: type=1326 audit(1746533891.189:58309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17258 comm="syz.0.5047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa51f63e969 code=0x7ffc0000
[  218.867225][   T29] audit: type=1326 audit(1746533891.229:58310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17258 comm="syz.0.5047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=210 compat=0 ip=0x7fa51f63e969 code=0x7ffc0000
[  218.890918][   T29] audit: type=1326 audit(1746533891.229:58311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17258 comm="syz.0.5047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa51f63e969 code=0x7ffc0000
[  218.914595][   T29] audit: type=1326 audit(1746533891.229:58312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17258 comm="syz.0.5047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fa51f63e969 code=0x7ffc0000
[  218.938000][   T29] audit: type=1326 audit(1746533891.229:58313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17258 comm="syz.0.5047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa51f63e969 code=0x7ffc0000
[  218.961625][   T29] audit: type=1326 audit(1746533891.229:58314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17258 comm="syz.0.5047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa51f63e969 code=0x7ffc0000
[  218.985250][   T29] audit: type=1326 audit(1746533891.229:58315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17258 comm="syz.0.5047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa51f63e969 code=0x7ffc0000
[  219.008930][   T29] audit: type=1326 audit(1746533891.229:58316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17258 comm="syz.0.5047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa51f63e969 code=0x7ffc0000
[  219.032537][   T29] audit: type=1326 audit(1746533891.229:58317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17258 comm="syz.0.5047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa51f63e969 code=0x7ffc0000
[  219.056237][   T29] audit: type=1326 audit(1746533891.229:58318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17258 comm="syz.0.5047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=152 compat=0 ip=0x7fa51f63e969 code=0x7ffc0000
[  219.163660][T17263] program syz.1.5049 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  219.173453][T17263] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  219.195552][T17263] lo speed is unknown, defaulting to 1000
[  219.432154][T17278] validate_nla: 16 callbacks suppressed
[  219.432167][T17278] netlink: 'syz.1.5053': attribute type 4 has an invalid length.
[  219.496422][T17280] loop1: detected capacity change from 0 to 512
[  219.510843][T17280] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  219.535229][T17280] EXT4-fs (loop1): 1 truncate cleaned up
[  219.547884][T17280] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  219.640406][T12002] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  219.665742][T10995] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  219.686309][T17284] loop1: detected capacity change from 0 to 512
[  219.698239][T17284] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  219.714028][T17284] EXT4-fs (loop1): 1 truncate cleaned up
[  219.723503][T17284] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  219.817555][T17293] netlink: 'syz.4.5058': attribute type 3 has an invalid length.
[  219.827331][T17293] siw: device registration error -23
[  219.848298][T12002] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  219.873223][T17300] loop4: detected capacity change from 0 to 128
[  219.893607][T17300] FAT-fs (loop4): Invalid FSINFO signature: 0x00615252, 0x61417272 (sector = 1)
[  219.919356][T17308] loop2: detected capacity change from 0 to 512
[  219.939358][T17308] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  219.967950][T17308] EXT4-fs (loop2): warning: maximal mount count reached, running e2fsck is recommended
[  220.017996][T17308] EXT4-fs error (device loop2): ext4_orphan_get:1391: comm syz.2.5064: inode #15: comm syz.2.5064: iget: illegal inode #
[  220.030918][T17308] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.5064: couldn't read orphan inode 15 (err -117)
[  220.043507][T17308] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  220.062472][T17300] syz.4.5061: attempt to access beyond end of device
[  220.062472][T17300] loop4: rw=2049, sector=217, nr_sectors = 88 limit=128
[  220.081689][T11450] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  220.094571][T17300] syz.4.5061: attempt to access beyond end of device
[  220.094571][T17300] loop4: rw=2049, sector=313, nr_sectors = 8 limit=128
[  220.132787][T17300] syz.4.5061: attempt to access beyond end of device
[  220.132787][T17300] loop4: rw=2049, sector=329, nr_sectors = 4 limit=128
[  220.138820][T17314] loop2: detected capacity change from 0 to 2048
[  220.168338][T17314] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  220.199510][T14869] FAT-fs (loop4): Invalid FSINFO signature: 0x00615252, 0x61417272 (sector = 1)
[  220.217194][T17314] ext4 filesystem being mounted at /386/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  220.235007][T17312] netlink: 'syz.0.5067': attribute type 3 has an invalid length.
[  220.316382][T17333] program syz.1.5074 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  220.328340][T17333] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  220.354661][T17336] sd 0:0:1:0: device reset
[  220.370438][T17333] lo speed is unknown, defaulting to 1000
[  220.552007][T17348] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5080'.
[  220.630232][T17348] loop3: detected capacity change from 0 to 512
[  220.660859][T17348] EXT4-fs warning (device loop3): dx_probe:863: inode #2: comm syz.3.5080: dx entry: limit 1024 != root limit 124
[  220.672933][T17348] EXT4-fs warning (device loop3): dx_probe:936: inode #2: comm syz.3.5080: Corrupt directory, running e2fsck is recommended
[  220.688736][T17357] loop4: detected capacity change from 0 to 1024
[  220.703839][T17357] EXT4-fs: Ignoring removed oldalloc option
[  220.731651][T17357] EXT4-fs (loop4): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  220.790122][T17348] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117
[  220.803781][T17348] EXT4-fs error (device loop3): ext4_iget_extra_inode:4693: inode #15: comm syz.3.5080: corrupted in-inode xattr: invalid ea_ino
[  220.836260][T17357] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  220.859771][T17348] EXT4-fs (loop3): Remounting filesystem read-only
[  220.895425][T17348] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  220.920303][T10995] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.014419][T17374] EXT4-fs warning (device loop3): dx_probe:863: inode #2: comm syz.3.5080: dx entry: limit 1024 != root limit 124
[  221.026541][T17374] EXT4-fs warning (device loop3): dx_probe:936: inode #2: comm syz.3.5080: Corrupt directory, running e2fsck is recommended
[  221.048370][T17373] netlink: 'syz.4.5089': attribute type 4 has an invalid length.
[  221.062127][T11808] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.114355][T17382] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  221.122886][T17382] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  221.148179][T17378] netlink: 'syz.3.5091': attribute type 3 has an invalid length.
[  221.157305][T17378] siw: device registration error -23
[  221.196991][T17385] loop4: detected capacity change from 0 to 512
[  221.205340][T17385] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  221.220275][T17388] program syz.3.5093 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  221.230310][T17389] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  221.230972][T17385] EXT4-fs (loop4): warning: maximal mount count reached, running e2fsck is recommended
[  221.238833][T17389] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  221.256677][T17385] EXT4-fs error (device loop4): ext4_orphan_get:1391: comm syz.4.5094: inode #15: comm syz.4.5094: iget: illegal inode #
[  221.273441][T17388] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  221.277686][T17314] syz.2.5066 (17314) used greatest stack depth: 5992 bytes left
[  221.282399][T17385] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.5094: couldn't read orphan inode 15 (err -117)
[  221.302573][T11450] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.313341][T17385] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  221.317108][T17389] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  221.334409][T17389] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  221.343257][T17388] lo speed is unknown, defaulting to 1000
[  221.372706][T10995] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.400302][T17390] lo: left promiscuous mode
[  221.404882][T17390] lo: left allmulticast mode
[  221.451833][T17390] bridge0: port 2(bridge_slave_1) entered disabled state
[  221.459220][T17390] bridge0: port 1(bridge_slave_0) entered disabled state
[  221.532496][T17390] macsec0: left promiscuous mode
[  221.540054][T17390] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  221.548999][T17390] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  221.557966][T17390] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  221.566863][T17390] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  221.601834][T17401] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5098'.
[  221.674641][T17413] loop2: detected capacity change from 0 to 512
[  221.683109][T17413] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  221.710002][T17413] EXT4-fs (loop2): 1 truncate cleaned up
[  221.722286][T17413] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  221.742394][T17419] loop3: detected capacity change from 0 to 512
[  221.759395][T17419] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  221.773873][T17419] EXT4-fs (loop3): 1 truncate cleaned up
[  221.779922][T17419] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  221.834979][T11450] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.890731][T11808] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.901020][T17432] loop4: detected capacity change from 0 to 512
[  221.914269][T17432] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  221.946986][T17432] EXT4-fs (loop4): warning: maximal mount count reached, running e2fsck is recommended
[  221.956920][T17437] loop3: detected capacity change from 0 to 512
[  221.968782][T17432] EXT4-fs error (device loop4): ext4_orphan_get:1391: comm syz.4.5106: inode #15: comm syz.4.5106: iget: illegal inode #
[  221.983300][T17432] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.5106: couldn't read orphan inode 15 (err -117)
[  221.996713][T17437] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  221.999008][T17432] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  222.036391][T17437] EXT4-fs (loop3): warning: maximal mount count reached, running e2fsck is recommended
[  222.048674][T17437] EXT4-fs error (device loop3): ext4_orphan_get:1391: comm syz.3.5107: inode #15: comm syz.3.5107: iget: illegal inode #
[  222.061751][T17437] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.5107: couldn't read orphan inode 15 (err -117)
[  222.075437][T17437] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  222.096564][T10995] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.138715][T11808] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.383333][T17461] netlink: 'syz.1.5118': attribute type 4 has an invalid length.
[  222.441236][T17466] loop1: detected capacity change from 0 to 1024
[  222.448260][T17466] EXT4-fs: Ignoring removed oldalloc option
[  222.454740][T17466] EXT4-fs (loop1): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  222.478001][T17466] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  222.520689][T12002] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.662482][T17486] sd 0:0:1:0: device reset
[  222.749418][T17490] loop4: detected capacity change from 0 to 512
[  222.778829][T17490] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  222.791682][T17490] ext4 filesystem being mounted at /469/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  222.828460][T10995] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.849696][T17495] netlink: 'syz.2.5131': attribute type 4 has an invalid length.
[  222.926798][T17499] netlink: 'syz.4.5133': attribute type 3 has an invalid length.
[  222.951215][T17509] loop4: detected capacity change from 0 to 1024
[  222.967982][T17509] EXT4-fs: Ignoring removed oldalloc option
[  222.974164][T17509] EXT4-fs (loop4): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  222.995071][T17509] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  223.041661][T10995] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.154749][T17522] loop1: detected capacity change from 0 to 512
[  223.161550][T17522] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  223.184174][T17522] EXT4-fs (loop1): 1 truncate cleaned up
[  223.190139][T17522] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  223.268364][T12002] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.297867][T17528] sd 0:0:1:0: device reset
[  223.392187][T17526] netlink: 'syz.4.5143': attribute type 3 has an invalid length.
[  223.404404][T17526] siw: device registration error -23
[  223.440232][T17538] FAULT_INJECTION: forcing a failure.
[  223.440232][T17538] name failslab, interval 1, probability 0, space 0, times 0
[  223.452984][T17538] CPU: 1 UID: 0 PID: 17538 Comm: syz.4.5146 Not tainted 6.15.0-rc5-syzkaller-00022-g01f95500a162 #0 PREEMPT(voluntary) 
[  223.453078][T17538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  223.453090][T17538] Call Trace:
[  223.453096][T17538]  <TASK>
[  223.453104][T17538]  __dump_stack+0x1d/0x30
[  223.453125][T17538]  dump_stack_lvl+0xe8/0x140
[  223.453144][T17538]  dump_stack+0x15/0x1b
[  223.453226][T17538]  should_fail_ex+0x265/0x280
[  223.453256][T17538]  should_failslab+0x8c/0xb0
[  223.453306][T17538]  kmem_cache_alloc_noprof+0x50/0x310
[  223.453335][T17538]  ? getname_kernel+0x3c/0x1f0
[  223.453364][T17538]  getname_kernel+0x3c/0x1f0
[  223.453469][T17538]  kern_path+0x23/0x130
[  223.453499][T17538]  create_local_trace_uprobe+0x53/0x2c0
[  223.453543][T17538]  perf_uprobe_init+0xc0/0x150
[  223.453570][T17538]  perf_uprobe_event_init+0xea/0x150
[  223.453600][T17538]  perf_try_init_event+0xd0/0x540
[  223.453677][T17538]  ? perf_event_alloc+0xab1/0x15c0
[  223.453696][T17538]  perf_event_alloc+0xabc/0x15c0
[  223.453767][T17538]  __se_sys_perf_event_open+0x5a8/0x1170
[  223.453790][T17538]  ? __rcu_read_unlock+0x4f/0x70
[  223.453816][T17538]  __x64_sys_perf_event_open+0x67/0x80
[  223.453838][T17538]  x64_sys_call+0x27ec/0x2fb0
[  223.453928][T17538]  do_syscall_64+0xd0/0x1a0
[  223.453946][T17538]  ? clear_bhb_loop+0x25/0x80
[  223.453963][T17538]  ? clear_bhb_loop+0x25/0x80
[  223.453979][T17538]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.454055][T17538] RIP: 0033:0x7f68f72fe969
[  223.454111][T17538] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  223.454129][T17538] RSP: 002b:00007f68f5967038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[  223.454145][T17538] RAX: ffffffffffffffda RBX: 00007f68f7525fa0 RCX: 00007f68f72fe969
[  223.454156][T17538] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000
[  223.454166][T17538] RBP: 00007f68f5967090 R08: 0000000000000000 R09: 0000000000000000
[  223.454177][T17538] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[  223.454258][T17538] R13: 0000000000000000 R14: 00007f68f7525fa0 R15: 00007ffed94eee08
[  223.454276][T17538]  </TASK>
[  223.706355][T17543] loop4: detected capacity change from 0 to 1024
[  223.715035][T17543] EXT4-fs: Ignoring removed oldalloc option
[  223.725362][T17543] EXT4-fs (loop4): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  223.745405][T17543] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  223.773910][T17540] netlink: 'syz.1.5147': attribute type 3 has an invalid length.
[  223.787517][T17548] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=21800 sclass=netlink_tcpdiag_socket pid=17548 comm=syz.2.5149
[  223.803469][T17548] loop2: detected capacity change from 0 to 512
[  223.826905][T10995] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.119976][   T29] kauditd_printk_skb: 406 callbacks suppressed
[  224.120009][   T29] audit: type=1400 audit(1746533896.480:58725): avc:  denied  { read } for  pid=17566 comm="syz.0.5157" name="event2" dev="devtmpfs" ino=249 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  224.171600][   T29] audit: type=1400 audit(1746533896.480:58726): avc:  denied  { open } for  pid=17566 comm="syz.0.5157" path="/dev/input/event2" dev="devtmpfs" ino=249 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  224.218871][   T29] audit: type=1400 audit(1746533896.580:58727): avc:  denied  { create } for  pid=17568 comm="syz.3.5158" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  224.243497][T17571] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5159'.
[  224.278640][   T29] audit: type=1326 audit(1746533896.610:58728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17570 comm="syz.0.5159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa51f63e969 code=0x7ffc0000
[  224.302314][   T29] audit: type=1326 audit(1746533896.610:58729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17570 comm="syz.0.5159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa51f63e969 code=0x7ffc0000
[  224.325934][   T29] audit: type=1326 audit(1746533896.610:58730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17570 comm="syz.0.5159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fa51f63e969 code=0x7ffc0000
[  224.349545][   T29] audit: type=1326 audit(1746533896.610:58731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17570 comm="syz.0.5159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa51f63e969 code=0x7ffc0000
[  224.373147][   T29] audit: type=1326 audit(1746533896.610:58732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17570 comm="syz.0.5159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa51f63e969 code=0x7ffc0000
[  224.396783][   T29] audit: type=1326 audit(1746533896.610:58733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17570 comm="syz.0.5159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa51f63e969 code=0x7ffc0000
[  224.420457][   T29] audit: type=1326 audit(1746533896.610:58734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17570 comm="syz.0.5159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa51f63e969 code=0x7ffc0000
[  224.613504][T17590] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  224.623354][T17590] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  224.683159][T17591] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  224.692070][T17591] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  224.701210][T17591] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  224.710114][T17591] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  224.807985][T17593] validate_nla: 1 callbacks suppressed
[  224.808123][T17593] netlink: 'syz.2.5167': attribute type 3 has an invalid length.
[  224.826903][T17597] netlink: 'syz.4.5168': attribute type 4 has an invalid length.
[  224.877700][T17603] sg_write: data in/out 14306405/1 bytes for SCSI command 0x0-- guessing data in;
[  224.877700][T17603]    program syz.4.5170 not setting count and/or reply_len properly
[  224.899778][T17599] SELinux:  policydb magic number 0x625f726e does not match expected magic number 0xf97cff8c
[  224.910274][T17599] SELinux: failed to load policy
[  225.079170][T17607] netlink: 'syz.4.5172': attribute type 3 has an invalid length.
[  225.146216][T17613] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5174'.
[  225.168434][T17618] loop3: detected capacity change from 0 to 512
[  225.204185][T17618] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  225.219622][T17618] EXT4-fs (loop3): 1 truncate cleaned up
[  225.226209][T17618] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  225.306330][T11808] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  225.347792][T17628] netlink: 'syz.1.5180': attribute type 4 has an invalid length.
[  225.365066][T17634] loop2: detected capacity change from 0 to 512
[  225.385794][T17634] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  225.423813][T17634] EXT4-fs (loop2): warning: maximal mount count reached, running e2fsck is recommended
[  225.445943][T17634] EXT4-fs error (device loop2): ext4_orphan_get:1391: comm syz.2.5182: inode #15: comm syz.2.5182: iget: illegal inode #
[  225.446847][T17636] netlink: 'syz.3.5183': attribute type 3 has an invalid length.
[  225.458842][T17634] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.5182: couldn't read orphan inode 15 (err -117)
[  225.479036][T17634] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  225.510534][T11450] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  225.558200][T17651] loop3: detected capacity change from 0 to 512
[  225.591982][T17651] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  225.606069][T17657] loop2: detected capacity change from 0 to 1024
[  225.612984][T17657] EXT4-fs: Ignoring removed oldalloc option
[  225.625628][T17651] EXT4-fs (loop3): 1 truncate cleaned up
[  225.631629][T17651] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  225.677848][T17657] EXT4-fs (loop2): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  225.716848][T17657] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  225.767601][T11808] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  225.876983][T11450] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  225.999486][T17670] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5195'.
[  226.421130][T17655] syz.4.5191 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  226.435304][T17655] CPU: 0 UID: 0 PID: 17655 Comm: syz.4.5191 Not tainted 6.15.0-rc5-syzkaller-00022-g01f95500a162 #0 PREEMPT(voluntary) 
[  226.435329][T17655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  226.435341][T17655] Call Trace:
[  226.435347][T17655]  <TASK>
[  226.435366][T17655]  __dump_stack+0x1d/0x30
[  226.435387][T17655]  dump_stack_lvl+0xe8/0x140
[  226.435403][T17655]  dump_stack+0x15/0x1b
[  226.435416][T17655]  dump_header+0x81/0x220
[  226.435447][T17655]  oom_kill_process+0x334/0x3f0
[  226.435556][T17655]  out_of_memory+0x979/0xb80
[  226.435577][T17655]  ? css_next_descendant_pre+0x138/0x160
[  226.435646][T17655]  mem_cgroup_out_of_memory+0x13d/0x190
[  226.435699][T17655]  try_charge_memcg+0x5e2/0x870
[  226.435723][T17655]  obj_cgroup_charge_pages+0xb7/0x1a0
[  226.435741][T17655]  __memcg_kmem_charge_page+0x9f/0x170
[  226.435762][T17655]  __alloc_frozen_pages_noprof+0x188/0x360
[  226.435792][T17655]  alloc_pages_mpol+0xb3/0x250
[  226.435888][T17655]  alloc_pages_noprof+0x90/0x130
[  226.435909][T17655]  __vmalloc_node_range_noprof+0x6a4/0xdf0
[  226.435945][T17655]  __kvmalloc_node_noprof+0x2f3/0x4d0
[  226.435963][T17655]  ? ip_set_alloc+0x1f/0x30
[  226.435997][T17655]  ? ip_set_alloc+0x1f/0x30
[  226.436017][T17655]  ip_set_alloc+0x1f/0x30
[  226.436039][T17655]  hash_netiface_create+0x282/0x740
[  226.436075][T17655]  ? __pfx_hash_netiface_create+0x10/0x10
[  226.436098][T17655]  ip_set_create+0x3c9/0x960
[  226.436128][T17655]  ? __nla_parse+0x40/0x60
[  226.436147][T17655]  nfnetlink_rcv_msg+0x4c3/0x590
[  226.436259][T17655]  netlink_rcv_skb+0x120/0x220
[  226.436287][T17655]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  226.436312][T17655]  nfnetlink_rcv+0x16b/0x1690
[  226.436331][T17655]  ? __kfree_skb+0x109/0x150
[  226.436435][T17655]  ? nlmon_xmit+0x4f/0x60
[  226.436454][T17655]  ? consume_skb+0x49/0x150
[  226.436481][T17655]  ? nlmon_xmit+0x4f/0x60
[  226.436500][T17655]  ? dev_hard_start_xmit+0x39e/0x3d0
[  226.436591][T17655]  ? __dev_queue_xmit+0x11c0/0x1fb0
[  226.436609][T17655]  ? __dev_queue_xmit+0x182/0x1fb0
[  226.436629][T17655]  ? __list_del_entry_valid_or_report+0x65/0x130
[  226.436695][T17655]  ? ref_tracker_free+0x37d/0x3e0
[  226.436810][T17655]  ? __netlink_deliver_tap+0x4dc/0x500
[  226.436839][T17655]  netlink_unicast+0x59e/0x670
[  226.436899][T17655]  netlink_sendmsg+0x58b/0x6b0
[  226.436942][T17655]  ? __pfx_netlink_sendmsg+0x10/0x10
[  226.436997][T17655]  __sock_sendmsg+0x142/0x180
[  226.437024][T17655]  ____sys_sendmsg+0x31e/0x4e0
[  226.437047][T17655]  ___sys_sendmsg+0x17b/0x1d0
[  226.437149][T17655]  __x64_sys_sendmsg+0xd4/0x160
[  226.437169][T17655]  x64_sys_call+0x2999/0x2fb0
[  226.437244][T17655]  do_syscall_64+0xd0/0x1a0
[  226.437264][T17655]  ? clear_bhb_loop+0x25/0x80
[  226.437284][T17655]  ? clear_bhb_loop+0x25/0x80
[  226.437303][T17655]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.437323][T17655] RIP: 0033:0x7f68f72fe969
[  226.437340][T17655] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  226.437393][T17655] RSP: 002b:00007f68f5967038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  226.437413][T17655] RAX: ffffffffffffffda RBX: 00007f68f7525fa0 RCX: 00007f68f72fe969
[  226.437427][T17655] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000003
[  226.437441][T17655] RBP: 00007f68f7380ab1 R08: 0000000000000000 R09: 0000000000000000
[  226.437454][T17655] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  226.437550][T17655] R13: 0000000000000000 R14: 00007f68f7525fa0 R15: 00007ffed94eee08
[  226.437624][T17655]  </TASK>
[  226.437631][T17655] memory: usage 307200kB, limit 307200kB, failcnt 734
[  226.774142][T17680] loop2: detected capacity change from 0 to 512
[  226.781404][T17655] memory+swap: usage 308904kB, limit 9007199254740988kB, failcnt 0
[  226.781419][T17655] kmem: usage 306792kB, limit 9007199254740988kB, failcnt 0
[  226.781430][T17655] Memory cgroup stats for /syz4:
[  226.815603][T17680] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  226.822903][T17655] cache 0
[  226.831436][T17680] EXT4-fs (loop2): warning: maximal mount count reached, running e2fsck is recommended
[  226.832619][T17655] rss 0
[  226.843741][T17680] EXT4-fs error (device loop2): ext4_orphan_get:1391: comm syz.2.5198: inode #15: comm syz.2.5198: iget: illegal inode #
[  226.845156][T17655] shmem 0
[  226.858762][T17680] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.5198: couldn't read orphan inode 15 (err -117)
[  226.860451][T17655] mapped_file 0
[  226.875030][T17680] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  226.875720][T17655] dirty 0
[  226.890748][T17655] writeback 0
[  226.894054][T17655] workingset_refault_anon 145
[  226.898728][T17655] workingset_refault_file 334
[  226.903427][T17655] swap 1744896
[  226.906789][T17655] swapcached 4096
[  226.910411][T17655] pgpgin 261720
[  226.913888][T17655] pgpgout 261618
[  226.917615][T17655] pgfault 283350
[  226.921245][T17655] pgmajfault 141
[  226.924868][T17655] inactive_anon 4096
[  226.929213][T17655] active_anon 0
[  226.932652][T17655] inactive_file 0
[  226.936339][T17655] active_file 413696
[  226.940281][T17655] unevictable 0
[  226.943806][T17655] hierarchical_memory_limit 314572800
[  226.949176][T17655] hierarchical_memsw_limit 9223372036854771712
[  226.955339][T17655] total_cache 0
[  226.958797][T17655] total_rss 0
[  226.962119][T17655] total_shmem 0
[  226.965571][T17655] total_mapped_file 0
[  226.969646][T17655] total_dirty 0
[  226.973101][T17655] total_writeback 0
[  226.976940][T17655] total_workingset_refault_anon 145
[  226.982135][T17655] total_workingset_refault_file 334
[  226.987375][T17655] total_swap 1744896
[  226.991264][T17655] total_swapcached 4096
[  226.995472][T17655] total_pgpgin 261723
[  226.999463][T17655] total_pgpgout 261621
[  227.003573][T17655] total_pgfault 283404
[  227.007688][T17655] total_pgmajfault 141
[  227.011755][T17655] total_inactive_anon 4096
[  227.016173][T17655] total_active_anon 0
[  227.020196][T17655] total_inactive_file 0
[  227.024486][T17655] total_active_file 413696
[  227.028929][T17655] total_unevictable 0
[  227.032908][T17655] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.5191,pid=17654,uid=0
[  227.047600][T17655] Memory cgroup out of memory: Killed process 17654 (syz.4.5191) total-vm:93616kB, anon-rss:936kB, file-rss:22308kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  227.154956][T11450] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  227.197681][T17692] program syz.1.5202 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  227.217874][T17695] loop3: detected capacity change from 0 to 1024
[  227.228171][T17695] EXT4-fs: Ignoring removed oldalloc option
[  227.235474][T17695] EXT4-fs (loop3): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  227.254303][T17692] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  227.275146][T17695] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  227.301382][T17692] lo speed is unknown, defaulting to 1000
[  227.316350][T17702] loop2: detected capacity change from 0 to 512
[  227.322903][T17702] EXT4-fs: Ignoring removed nobh option
[  227.412718][T11808] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  227.422167][T17702] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.5205: invalid indirect mapped block 256 (level 2)
[  227.455050][T17702] EXT4-fs (loop2): 2 truncates cleaned up
[  227.482704][T17702] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  227.498643][T17705] netlink: 20 bytes leftover after parsing attributes in process `syz.3.5206'.
[  227.579491][T11450] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  227.641880][T17714] netlink: 'syz.2.5208': attribute type 4 has an invalid length.
[  227.659266][T17712] netlink: 'syz.0.5209': attribute type 3 has an invalid length.
[  227.749131][T17721] loop4: detected capacity change from 0 to 512
[  227.757322][T17721] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  227.787480][T17724] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=17724 comm=syz.3.5213
[  227.801490][T17721] EXT4-fs (loop4): warning: maximal mount count reached, running e2fsck is recommended
[  227.818359][T17721] EXT4-fs error (device loop4): ext4_orphan_get:1391: comm syz.4.5210: inode #15: comm syz.4.5210: iget: illegal inode #
[  227.835763][T17721] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.5210: couldn't read orphan inode 15 (err -117)
[  227.862935][T17721] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  227.923432][T10995] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  227.927742][T17732] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5215'.
[  227.968249][T17734] loop4: detected capacity change from 0 to 1024
[  227.979098][T17732] loop3: detected capacity change from 0 to 512
[  227.985639][T17734] EXT4-fs: Ignoring removed oldalloc option
[  228.001963][T17734] EXT4-fs (loop4): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  228.024713][T17734] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  228.038370][T17732] EXT4-fs warning (device loop3): dx_probe:863: inode #2: comm syz.3.5215: dx entry: limit 1024 != root limit 124
[  228.050410][T17732] EXT4-fs warning (device loop3): dx_probe:936: inode #2: comm syz.3.5215: Corrupt directory, running e2fsck is recommended
[  228.065617][T17732] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117
[  228.074034][T17732] EXT4-fs error (device loop3): ext4_iget_extra_inode:4693: inode #15: comm syz.3.5215: corrupted in-inode xattr: invalid ea_ino
[  228.088550][T17732] EXT4-fs (loop3): Remounting filesystem read-only
[  228.095574][T17732] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  228.166945][T10995] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  228.179872][T17739] EXT4-fs warning (device loop3): dx_probe:863: inode #2: comm syz.3.5215: dx entry: limit 1024 != root limit 124
[  228.192006][T17739] EXT4-fs warning (device loop3): dx_probe:936: inode #2: comm syz.3.5215: Corrupt directory, running e2fsck is recommended
[  228.270980][T17747] loop1: detected capacity change from 0 to 2048
[  228.323924][T17747] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  228.329648][T17743] netlink: 'syz.4.5217': attribute type 3 has an invalid length.
[  228.338860][T17747] ext4 filesystem being mounted at /351/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  228.351039][T17743] siw: device registration error -23
[  228.383417][T12002] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  228.397557][T17756] netlink: 'syz.4.5222': attribute type 29 has an invalid length.
[  228.406189][T17756] netlink: 'syz.4.5222': attribute type 29 has an invalid length.
[  228.416072][T17756] netlink: 500 bytes leftover after parsing attributes in process `syz.4.5222'.
[  228.421191][T17758] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5223'.
[  228.516525][T17209] IPVS: starting estimator thread 0...
[  228.524839][T17769] netlink: 132 bytes leftover after parsing attributes in process `syz.0.5226'.
[  228.603121][T17770] IPVS: using max 2928 ests per chain, 146400 per kthread
[  228.769467][T11808] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  228.895144][T17785] siw: device registration error -23
[  228.947256][T17793] loop3: detected capacity change from 0 to 512
[  228.995454][T17793] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  229.046125][T17793] EXT4-fs (loop3): warning: maximal mount count reached, running e2fsck is recommended
[  229.065317][T17800] loop1: detected capacity change from 0 to 1024
[  229.072014][T17800] EXT4-fs: Ignoring removed oldalloc option
[  229.084863][T17793] EXT4-fs error (device loop3): ext4_orphan_get:1391: comm syz.3.5235: inode #15: comm syz.3.5235: iget: illegal inode #
[  229.100174][T17800] EXT4-fs (loop1): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  229.105555][T17802] loop4: detected capacity change from 0 to 1024
[  229.118031][T17802] EXT4-fs: Ignoring removed oldalloc option
[  229.129286][T17802] EXT4-fs (loop4): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  229.136250][T17793] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.5235: couldn't read orphan inode 15 (err -117)
[  229.153415][   T29] kauditd_printk_skb: 589 callbacks suppressed
[  229.153429][   T29] audit: type=1326 audit(1746533901.521:59324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17803 comm="syz.0.5240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa51f63e969 code=0x7ffc0000
[  229.156660][T17793] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  229.159689][   T29] audit: type=1326 audit(1746533901.521:59325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17803 comm="syz.0.5240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa51f63e969 code=0x7ffc0000
[  229.219135][   T29] audit: type=1326 audit(1746533901.521:59326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17803 comm="syz.0.5240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=210 compat=0 ip=0x7fa51f63e969 code=0x7ffc0000
[  229.242819][   T29] audit: type=1326 audit(1746533901.521:59327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17803 comm="syz.0.5240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa51f63e969 code=0x7ffc0000
[  229.266406][   T29] audit: type=1326 audit(1746533901.521:59328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17803 comm="syz.0.5240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fa51f63e969 code=0x7ffc0000
[  229.289932][   T29] audit: type=1326 audit(1746533901.521:59329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17803 comm="syz.0.5240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa51f63e969 code=0x7ffc0000
[  229.313514][   T29] audit: type=1326 audit(1746533901.521:59330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17803 comm="syz.0.5240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa51f63e969 code=0x7ffc0000
[  229.337214][   T29] audit: type=1326 audit(1746533901.521:59331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17803 comm="syz.0.5240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa51f63e969 code=0x7ffc0000
[  229.350744][T17800] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  229.360832][   T29] audit: type=1326 audit(1746533901.521:59332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17803 comm="syz.0.5240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa51f63e969 code=0x7ffc0000
[  229.396477][   T29] audit: type=1326 audit(1746533901.521:59333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17803 comm="syz.0.5240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa51f63e969 code=0x7ffc0000
[  229.425288][T17809] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5241'.
[  229.587462][T17825] FAULT_INJECTION: forcing a failure.
[  229.587462][T17825] name failslab, interval 1, probability 0, space 0, times 0
[  229.600237][T17825] CPU: 1 UID: 0 PID: 17825 Comm: syz.3.5247 Not tainted 6.15.0-rc5-syzkaller-00022-g01f95500a162 #0 PREEMPT(voluntary) 
[  229.600267][T17825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  229.600279][T17825] Call Trace:
[  229.600360][T17825]  <TASK>
[  229.600369][T17825]  __dump_stack+0x1d/0x30
[  229.600389][T17825]  dump_stack_lvl+0xe8/0x140
[  229.600408][T17825]  dump_stack+0x15/0x1b
[  229.600425][T17825]  should_fail_ex+0x265/0x280
[  229.600452][T17825]  ? ip_setup_cork+0x17c/0x470
[  229.600519][T17825]  should_failslab+0x8c/0xb0
[  229.600545][T17825]  __kmalloc_cache_noprof+0x4c/0x320
[  229.600565][T17825]  ip_setup_cork+0x17c/0x470
[  229.600622][T17825]  ip_append_data+0xf8/0x130
[  229.600640][T17825]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  229.600672][T17825]  udp_sendmsg+0x282/0x13a0
[  229.600721][T17825]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  229.600749][T17825]  ? __rcu_read_unlock+0x4f/0x70
[  229.600767][T17825]  ? __pfx_ip4_datagram_release_cb+0x10/0x10
[  229.600798][T17825]  ? __pfx_udp_sendmsg+0x10/0x10
[  229.600903][T17825]  inet_sendmsg+0xac/0xd0
[  229.600928][T17825]  __sock_sendmsg+0x102/0x180
[  229.600953][T17825]  ____sys_sendmsg+0x345/0x4e0
[  229.600974][T17825]  ___sys_sendmsg+0x17b/0x1d0
[  229.601004][T17825]  __sys_sendmmsg+0x178/0x300
[  229.601035][T17825]  __x64_sys_sendmmsg+0x57/0x70
[  229.601189][T17825]  x64_sys_call+0x2f2f/0x2fb0
[  229.601247][T17825]  do_syscall_64+0xd0/0x1a0
[  229.601342][T17825]  ? clear_bhb_loop+0x25/0x80
[  229.601368][T17825]  ? clear_bhb_loop+0x25/0x80
[  229.601388][T17825]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  229.601407][T17825] RIP: 0033:0x7f69685fe969
[  229.601423][T17825] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  229.601511][T17825] RSP: 002b:00007f6966c67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  229.601528][T17825] RAX: ffffffffffffffda RBX: 00007f6968825fa0 RCX: 00007f69685fe969
[  229.601540][T17825] RDX: 0000000000000001 RSI: 0000200000000780 RDI: 0000000000000004
[  229.601552][T17825] RBP: 00007f6966c67090 R08: 0000000000000000 R09: 0000000000000000
[  229.601563][T17825] R10: 0000000004008804 R11: 0000000000000246 R12: 0000000000000001
[  229.601588][T17825] R13: 0000000000000000 R14: 00007f6968825fa0 R15: 00007ffdda1f9158
[  229.601605][T17825]  </TASK>
[  230.080312][T17833] validate_nla: 3 callbacks suppressed
[  230.080325][T17833] netlink: 'syz.3.5248': attribute type 3 has an invalid length.
[  230.108341][T17834] loop4: detected capacity change from 0 to 2048
[  230.163595][ T3297]  loop4: p1 < > p4
[  230.170569][ T3297] loop4: p4 size 8388608 extends beyond EOD, truncated
[  230.194400][T17834]  loop4: p1 < > p4
[  230.198755][T17834] loop4: p4 size 8388608 extends beyond EOD, truncated
[  230.256414][T17838] loop1: detected capacity change from 0 to 1024
[  230.263167][T17838] EXT4-fs: Ignoring removed oldalloc option
[  230.269669][T17838] EXT4-fs (loop1): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  230.295465][T17842] netlink: 'syz.3.5250': attribute type 4 has an invalid length.
[  230.450857][T17850] loop3: detected capacity change from 0 to 1024
[  230.476964][T17850] EXT4-fs: Ignoring removed oldalloc option
[  230.505778][T17850] EXT4-fs (loop3): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  230.582643][T17861] loop3: detected capacity change from 0 to 512
[  230.627142][T17861] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  230.641879][T17861] EXT4-fs (loop3): warning: maximal mount count reached, running e2fsck is recommended
[  230.673461][T17861] EXT4-fs error (device loop3): ext4_orphan_get:1391: comm syz.3.5258: inode #15: comm syz.3.5258: iget: illegal inode #
[  230.722060][T17861] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.5258: couldn't read orphan inode 15 (err -117)
[  230.793826][T17872] netlink: 20 bytes leftover after parsing attributes in process `syz.3.5262'.
[  230.842540][T17870] netlink: 'syz.1.5261': attribute type 3 has an invalid length.
[  230.866377][T17878] netlink: 'syz.4.5264': attribute type 4 has an invalid length.
[  230.906087][T17881] FAULT_INJECTION: forcing a failure.
[  230.906087][T17881] name failslab, interval 1, probability 0, space 0, times 0
[  230.918776][T17881] CPU: 1 UID: 0 PID: 17881 Comm: syz.2.5265 Not tainted 6.15.0-rc5-syzkaller-00022-g01f95500a162 #0 PREEMPT(voluntary) 
[  230.918799][T17881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  230.918832][T17881] Call Trace:
[  230.918900][T17881]  <TASK>
[  230.918908][T17881]  __dump_stack+0x1d/0x30
[  230.918926][T17881]  dump_stack_lvl+0xe8/0x140
[  230.918940][T17881]  dump_stack+0x15/0x1b
[  230.918953][T17881]  should_fail_ex+0x265/0x280
[  230.918978][T17881]  should_failslab+0x8c/0xb0
[  230.919036][T17881]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  230.919054][T17881]  ? sidtab_sid2str_get+0xa0/0x130
[  230.919077][T17881]  kmemdup_noprof+0x2b/0x70
[  230.919092][T17881]  sidtab_sid2str_get+0xa0/0x130
[  230.919122][T17881]  security_sid_to_context_core+0x1eb/0x2e0
[  230.919208][T17881]  security_sid_to_context+0x27/0x40
[  230.919250][T17881]  avc_audit_post_callback+0x9d/0x520
[  230.919276][T17881]  ? __pfx_avc_audit_post_callback+0x10/0x10
[  230.919328][T17881]  common_lsm_audit+0x1b8/0x230
[  230.919412][T17881]  ? __pfx_avc_audit_post_callback+0x10/0x10
[  230.919445][T17881]  slow_avc_audit+0x104/0x140
[  230.919470][T17881]  avc_has_perm+0x128/0x150
[  230.919496][T17881]  file_has_perm+0x324/0x370
[  230.919611][T17881]  selinux_file_permission+0x31f/0x360
[  230.919635][T17881]  security_file_permission+0x3e/0x80
[  230.919656][T17881]  vfs_writev+0x198/0x870
[  230.919764][T17881]  do_writev+0xe7/0x210
[  230.919841][T17881]  __x64_sys_writev+0x45/0x50
[  230.919861][T17881]  x64_sys_call+0x2006/0x2fb0
[  230.919922][T17881]  do_syscall_64+0xd0/0x1a0
[  230.919940][T17881]  ? clear_bhb_loop+0x25/0x80
[  230.919957][T17881]  ? clear_bhb_loop+0x25/0x80
[  230.919972][T17881]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  230.920143][T17881] RIP: 0033:0x7fe4f174e969
[  230.920231][T17881] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  230.920244][T17881] RSP: 002b:00007fe4efdb7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  230.920259][T17881] RAX: ffffffffffffffda RBX: 00007fe4f1975fa0 RCX: 00007fe4f174e969
[  230.920269][T17881] RDX: 0000000000000001 RSI: 0000200000000180 RDI: 0000000000000003
[  230.920277][T17881] RBP: 00007fe4efdb7090 R08: 0000000000000000 R09: 0000000000000000
[  230.920333][T17881] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  230.920342][T17881] R13: 0000000000000000 R14: 00007fe4f1975fa0 R15: 00007ffedd14e798
[  230.920355][T17881]  </TASK>
[  231.276090][T17897] loop2: detected capacity change from 0 to 1024
[  231.283159][T17897] EXT4-fs: Ignoring removed oldalloc option
[  231.290178][T17897] EXT4-fs (loop2): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  231.364224][T17905] netlink: 'syz.0.5274': attribute type 3 has an invalid length.
[  231.375444][T17905] siw: device registration error -23
[  231.439773][T17917] FAULT_INJECTION: forcing a failure.
[  231.439773][T17917] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  231.452909][T17917] CPU: 0 UID: 0 PID: 17917 Comm: syz.0.5278 Not tainted 6.15.0-rc5-syzkaller-00022-g01f95500a162 #0 PREEMPT(voluntary) 
[  231.452935][T17917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  231.452953][T17917] Call Trace:
[  231.452959][T17917]  <TASK>
[  231.452967][T17917]  __dump_stack+0x1d/0x30
[  231.452986][T17917]  dump_stack_lvl+0xe8/0x140
[  231.453005][T17917]  dump_stack+0x15/0x1b
[  231.453080][T17917]  should_fail_ex+0x265/0x280
[  231.453106][T17917]  should_fail+0xb/0x20
[  231.453133][T17917]  should_fail_usercopy+0x1a/0x20
[  231.453150][T17917]  _copy_to_user+0x20/0xa0
[  231.453171][T17917]  simple_read_from_buffer+0xb5/0x130
[  231.453207][T17917]  proc_fail_nth_read+0x100/0x140
[  231.453266][T17917]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  231.453288][T17917]  vfs_read+0x19d/0x6f0
[  231.453310][T17917]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  231.453332][T17917]  ? __rcu_read_unlock+0x4f/0x70
[  231.453353][T17917]  ? __fget_files+0x184/0x1c0
[  231.453503][T17917]  ksys_read+0xda/0x1a0
[  231.453523][T17917]  __x64_sys_read+0x40/0x50
[  231.453545][T17917]  x64_sys_call+0x2d77/0x2fb0
[  231.453565][T17917]  do_syscall_64+0xd0/0x1a0
[  231.453586][T17917]  ? clear_bhb_loop+0x25/0x80
[  231.453651][T17917]  ? clear_bhb_loop+0x25/0x80
[  231.453668][T17917]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  231.453686][T17917] RIP: 0033:0x7fa51f63d37c
[  231.453702][T17917] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  231.453769][T17917] RSP: 002b:00007fa51dca7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  231.453787][T17917] RAX: ffffffffffffffda RBX: 00007fa51f865fa0 RCX: 00007fa51f63d37c
[  231.453798][T17917] RDX: 000000000000000f RSI: 00007fa51dca70a0 RDI: 0000000000000008
[  231.453808][T17917] RBP: 00007fa51dca7090 R08: 0000000000000000 R09: 0000000000000000
[  231.453820][T17917] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000001
[  231.453859][T17917] R13: 0000000000000000 R14: 00007fa51f865fa0 R15: 00007ffc02ad5ef8
[  231.453885][T17917]  </TASK>
[  231.677814][T17918] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  231.710653][T17918] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  231.787713][T17922] netlink: 'syz.3.5280': attribute type 3 has an invalid length.
[  231.797042][T17934] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  231.821533][T17934] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  231.854483][T17934] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  231.864138][T17934] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  231.918502][T17944] loop4: detected capacity change from 0 to 1024
[  231.930302][T17945] lo: left promiscuous mode
[  231.934888][T17945] lo: left allmulticast mode
[  231.935251][T17944] EXT4-fs: Ignoring removed oldalloc option
[  231.987774][T17944] EXT4-fs (loop4): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  232.064914][T17958] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5293'.
[  232.078108][T17961] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5294'.
[  232.088367][T17945] bridge0: port 2(bridge_slave_1) entered disabled state
[  232.095637][T17945] bridge0: port 1(bridge_slave_0) entered disabled state
[  232.105682][T17961] loop4: detected capacity change from 0 to 512
[  232.105746][T17958] loop1: detected capacity change from 0 to 512
[  232.123425][T17961] EXT4-fs warning (device loop4): dx_probe:863: inode #2: comm syz.4.5294: dx entry: limit 1024 != root limit 124
[  232.135523][T17961] EXT4-fs warning (device loop4): dx_probe:936: inode #2: comm syz.4.5294: Corrupt directory, running e2fsck is recommended
[  232.149287][T17961] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117
[  232.157843][T17961] EXT4-fs error (device loop4): ext4_iget_extra_inode:4693: inode #15: comm syz.4.5294: corrupted in-inode xattr: invalid ea_ino
[  232.171869][T17958] EXT4-fs warning (device loop1): dx_probe:863: inode #2: comm syz.1.5293: dx entry: limit 1024 != root limit 124
[  232.173136][T17961] EXT4-fs (loop4): Remounting filesystem read-only
[  232.183935][T17958] EXT4-fs warning (device loop1): dx_probe:936: inode #2: comm syz.1.5293: Corrupt directory, running e2fsck is recommended
[  232.205386][T17958] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117
[  232.215088][T17958] EXT4-fs error (device loop1): ext4_iget_extra_inode:4693: inode #15: comm syz.1.5293: corrupted in-inode xattr: invalid ea_ino
[  232.228811][T17958] EXT4-fs (loop1): Remounting filesystem read-only
[  232.230183][T17945] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  232.244612][T17945] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  232.262018][T17945] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  232.271055][T17945] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  232.280143][T17945] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  232.289312][T17945] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  232.456886][T17977] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  232.465418][T17977] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  232.473909][T17977] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem
[  232.940501][T17983] program syz.4.5302 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  232.950003][T17983] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  232.969653][T17983] lo speed is unknown, defaulting to 1000
[  233.084830][T17992] program syz.4.5306 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  233.094858][T17992] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  233.120266][T17992] lo speed is unknown, defaulting to 1000
[  233.344735][T18001] netlink: 'syz.0.5310': attribute type 4 has an invalid length.
[  233.388337][T18005] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5311'.
[  233.830135][T17985] syz.1.5303 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  233.844315][T17985] CPU: 0 UID: 0 PID: 17985 Comm: syz.1.5303 Not tainted 6.15.0-rc5-syzkaller-00022-g01f95500a162 #0 PREEMPT(voluntary) 
[  233.844365][T17985] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  233.844377][T17985] Call Trace:
[  233.844409][T17985]  <TASK>
[  233.844418][T17985]  __dump_stack+0x1d/0x30
[  233.844437][T17985]  dump_stack_lvl+0xe8/0x140
[  233.844453][T17985]  dump_stack+0x15/0x1b
[  233.844467][T17985]  dump_header+0x81/0x220
[  233.844574][T17985]  oom_kill_process+0x334/0x3f0
[  233.844601][T17985]  out_of_memory+0x979/0xb80
[  233.844641][T17985]  ? css_next_descendant_pre+0x138/0x160
[  233.844670][T17985]  mem_cgroup_out_of_memory+0x13d/0x190
[  233.844773][T17985]  try_charge_memcg+0x5e2/0x870
[  233.844802][T17985]  obj_cgroup_charge_pages+0xb7/0x1a0
[  233.844826][T17985]  __memcg_kmem_charge_page+0x9f/0x170
[  233.844848][T17985]  __alloc_frozen_pages_noprof+0x188/0x360
[  233.844943][T17985]  alloc_pages_mpol+0xb3/0x250
[  233.844966][T17985]  alloc_pages_noprof+0x90/0x130
[  233.844987][T17985]  __vmalloc_node_range_noprof+0x6a4/0xdf0
[  233.845025][T17985]  __kvmalloc_node_noprof+0x2f3/0x4d0
[  233.845193][T17985]  ? ip_set_alloc+0x1f/0x30
[  233.845216][T17985]  ? ip_set_alloc+0x1f/0x30
[  233.845243][T17985]  ip_set_alloc+0x1f/0x30
[  233.845266][T17985]  hash_netiface_create+0x282/0x740
[  233.845372][T17985]  ? __pfx_hash_netiface_create+0x10/0x10
[  233.845396][T17985]  ip_set_create+0x3c9/0x960
[  233.845520][T17985]  ? __nla_parse+0x40/0x60
[  233.845538][T17985]  nfnetlink_rcv_msg+0x4c3/0x590
[  233.845576][T17985]  netlink_rcv_skb+0x120/0x220
[  233.845686][T17985]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  233.845715][T17985]  nfnetlink_rcv+0x16b/0x1690
[  233.845735][T17985]  ? __kfree_skb+0x109/0x150
[  233.845835][T17985]  ? nlmon_xmit+0x4f/0x60
[  233.845853][T17985]  ? consume_skb+0x49/0x150
[  233.845900][T17985]  ? nlmon_xmit+0x4f/0x60
[  233.845919][T17985]  ? dev_hard_start_xmit+0x39e/0x3d0
[  233.845977][T17985]  ? __dev_queue_xmit+0x11c0/0x1fb0
[  233.845991][T17985]  ? __dev_queue_xmit+0x182/0x1fb0
[  233.846054][T17985]  ? ref_tracker_free+0x37d/0x3e0
[  233.846133][T17985]  ? __netlink_deliver_tap+0x4dc/0x500
[  233.846169][T17985]  netlink_unicast+0x59e/0x670
[  233.846199][T17985]  netlink_sendmsg+0x58b/0x6b0
[  233.846279][T17985]  ? __pfx_netlink_sendmsg+0x10/0x10
[  233.846317][T17985]  __sock_sendmsg+0x142/0x180
[  233.846391][T17985]  ____sys_sendmsg+0x31e/0x4e0
[  233.846411][T17985]  ___sys_sendmsg+0x17b/0x1d0
[  233.846438][T17985]  __x64_sys_sendmsg+0xd4/0x160
[  233.846457][T17985]  x64_sys_call+0x2999/0x2fb0
[  233.846477][T17985]  do_syscall_64+0xd0/0x1a0
[  233.846499][T17985]  ? clear_bhb_loop+0x25/0x80
[  233.846543][T17985]  ? clear_bhb_loop+0x25/0x80
[  233.846642][T17985]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.846660][T17985] RIP: 0033:0x7fdc8d03e969
[  233.846674][T17985] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  233.846691][T17985] RSP: 002b:00007fdc8b6a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  233.846762][T17985] RAX: ffffffffffffffda RBX: 00007fdc8d265fa0 RCX: 00007fdc8d03e969
[  233.846773][T17985] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000003
[  233.846784][T17985] RBP: 00007fdc8d0c0ab1 R08: 0000000000000000 R09: 0000000000000000
[  233.846797][T17985] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  233.846810][T17985] R13: 0000000000000000 R14: 00007fdc8d265fa0 R15: 00007ffd0051d308
[  233.846855][T17985]  </TASK>
[  233.846860][T17985] memory: usage 307200kB, limit 307200kB, failcnt 249
[  233.859453][T17984] ==================================================================
[  233.869482][T17985] memory+swap: usage 308496kB, limit 9007199254740988kB, failcnt 0
[  233.872748][T17984] BUG: KCSAN: data-race in mem_cgroup_flush_stats_ratelimited / tick_do_update_jiffies64
[  233.875681][T17985] kmem: usage 306856kB, limit 9007199254740988kB, failcnt 0
[  233.879994][T17984] 
[  233.879998][T17984] read-write to 0xffffffff868099c0 of 8 bytes by interrupt on cpu 0:
[  233.884584][T17985] Memory cgroup stats for 
[  233.888684][T17984]  tick_do_update_jiffies64+0x113/0x1c0
[  233.893082][T17985] /syz1
[  233.897843][T17984]  tick_nohz_handler+0x7f/0x2d0
[  233.897863][T17984]  __hrtimer_run_queues+0x20c/0x5a0
[  233.897879][T17984]  hrtimer_interrupt+0x21a/0x460
[  233.897893][T17984]  __sysvec_apic_timer_interrupt+0x5c/0x1d0
[  233.897913][T17984]  sysvec_apic_timer_interrupt+0x6f/0x80
[  233.897936][T17984]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  233.902552][T17985] :
[  233.908119][T17984]  console_flush_all+0x55b/0x730
[  233.937146][T17985] cache 0
[  233.939789][T17984]  console_unlock+0xa1/0x330
[  233.944732][T17985] rss 0
[  233.950481][T17984]  vprintk_emit+0x388/0x650
[  233.955844][T17985] shmem 0
[  233.960301][T17984]  vprintk_default+0x26/0x30
[  233.964801][T17985] mapped_file 0
[  233.969091][T17984]  vprintk+0x1d/0x30
[  233.974280][T17985] dirty 0
[  233.979950][T17984]  _printk+0x79/0xa0
[  233.984533][T17985] writeback 0
[  233.988902][T17984]  mem_cgroup_print_oom_meminfo+0x84/0x250
[  233.993830][T17985] workingset_refault_anon 139
[  233.998554][T17984]  dump_header+0xa0/0x220
[  234.004009][T17985] workingset_refault_file 432
[  234.008632][T17984]  oom_kill_process+0x334/0x3f0
[  234.013214][T17985] swap 1327104
[  234.017586][T17984]  out_of_memory+0x979/0xb80
[  234.022064][T17985] swapcached 0
[  234.026370][T17984]  mem_cgroup_out_of_memory+0x13d/0x190
[  234.031645][T17985] pgpgin 297208
[  234.031653][T17985] pgpgout 297122
[  234.036814][T17984]  try_charge_memcg+0x5e2/0x870
[  234.036837][T17984]  obj_cgroup_charge_pages+0xb7/0x1a0
[  234.041959][T17985] pgfault 271819
[  234.041967][T17985] pgmajfault 86
[  234.046979][T17984]  __memcg_kmem_charge_page+0x9f/0x170
[  234.046998][T17984]  __alloc_frozen_pages_noprof+0x188/0x360
[  234.052488][T17985] inactive_anon 0
[  234.057192][T17984]  alloc_pages_mpol+0xb3/0x250
[  234.061935][T17985] active_anon 0
[  234.067194][T17984]  alloc_pages_noprof+0x90/0x130
[  234.067212][T17984]  __vmalloc_node_range_noprof+0x6a4/0xdf0
[  234.067231][T17984]  __kvmalloc_node_noprof+0x2f3/0x4d0
[  234.067247][T17984]  ip_set_alloc+0x1f/0x30
[  234.071902][T17985] inactive_file 352256
[  234.076634][T17984]  hash_netiface_create+0x282/0x740
[  234.076658][T17984]  ip_set_create+0x3c9/0x960
[  234.076677][T17984]  nfnetlink_rcv_msg+0x4c3/0x590
[  234.076694][T17984]  netlink_rcv_skb+0x120/0x220
[  234.081341][T17985] active_file 0
[  234.081349][T17985] unevictable 0
[  234.086167][T17984]  nfnetlink_rcv+0x16b/0x1690
[  234.086185][T17984]  netlink_unicast+0x59e/0x670
[  234.086207][T17984]  netlink_sendmsg+0x58b/0x6b0
[  234.086229][T17984]  __sock_sendmsg+0x142/0x180
[  234.086247][T17984]  ____sys_sendmsg+0x31e/0x4e0
[  234.086259][T17984]  ___sys_sendmsg+0x17b/0x1d0
[  234.090907][T17985] hierarchical_memory_limit 314572800
[  234.095384][T17984]  __x64_sys_sendmsg+0xd4/0x160
[  234.095401][T17984]  x64_sys_call+0x2999/0x2fb0
[  234.100051][T17985] hierarchical_memsw_limit 9223372036854771712
[  234.104700][T17984]  do_syscall_64+0xd0/0x1a0
[  234.104720][T17984]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.110594][T17985] total_cache 0
[  234.110602][T17985] total_rss 0
[  234.114993][T17984] 
[  234.115000][T17984] read to 0xffffffff868099c0 of 8 bytes by task 17984 on cpu 1:
[  234.115015][T17984]  mem_cgroup_flush_stats_ratelimited+0x29/0x70
[  234.115041][T17984]  count_shadow_nodes+0x6a/0x230
[  234.115062][T17984]  do_shrink_slab+0x60/0x680
[  234.134670][T17985] total_shmem 0
[  234.143026][T17984]  shrink_slab+0x448/0x760
[  234.143046][T17984]  shrink_node+0x6c3/0x2110
[  234.150996][T17985] total_mapped_file 0
[  234.158946][T17984]  do_try_to_free_pages+0x3f6/0xcd0
[  234.158972][T17984]  try_to_free_mem_cgroup_pages+0x1ab/0x410
[  234.167013][T17985] total_dirty 0
[  234.174944][T17984]  try_charge_memcg+0x3ab/0x870
[  234.174968][T17984]  charge_memcg+0x51/0xc0
[  234.182958][T17985] total_writeback 0
[  234.185922][T17984]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  234.192707][T17985] total_workingset_refault_anon 139
[  234.200704][T17984]  __read_swap_cache_async+0x1df/0x350
[  234.200724][T17984]  swap_cluster_readahead+0x277/0x3e0
[  234.200740][T17984]  swapin_readahead+0xde/0x6f0
[  234.200756][T17984]  do_swap_page+0x301/0x2460
[  234.208653][T17985] total_workingset_refault_file 432
[  234.218405][T17984]  handle_mm_fault+0xb60/0x2ae0
[  234.218429][T17984]  do_user_addr_fault+0x636/0x1090
[  234.218452][T17984]  exc_page_fault+0x54/0xc0
[  234.225724][T17985] total_swap 1327104
[  234.228015][T17984]  asm_exc_page_fault+0x26/0x30
[  234.236069][T17985] total_swapcached 0
[  234.240441][T17984] 
[  234.240446][T17984] value changed: 0x00000000ffffe5fb -> 0x00000000ffffe5fc
[  234.245987][T17985] total_pgpgin 297208
[  234.248701][T17984] 
[  234.248705][T17984] Reported by Kernel Concurrency Sanitizer on:
[  234.253559][T17985] total_pgpgout 297122
[  234.258712][T17984] CPU: 1 UID: 0 PID: 17984 Comm: syz.1.5303 Not tainted 6.15.0-rc5-syzkaller-00022-g01f95500a162 #0 PREEMPT(voluntary) 
[  234.263642][T17985] total_pgfault 271819
[  234.269492][T17984] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  234.275138][T17985] total_pgmajfault 86
[  234.281055][T17984] ==================================================================
[  234.733533][T17985] total_inactive_anon 0
[  234.737747][T17985] total_active_anon 0
[  234.741704][T17985] total_inactive_file 352256
[  234.746289][T17985] total_active_file 0
[  234.750248][T17985] total_unevictable 0
[  234.754313][T17985] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.5303,pid=17984,uid=0
[  234.768958][T17985] Memory cgroup out of memory: Killed process 17984 (syz.1.5303) total-vm:93616kB, anon-rss:936kB, file-rss:22312kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000