last executing test programs:

3m36.647047547s ago: executing program 3 (id=1002):
mkdirat(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x1c0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000ff01000000000000002000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001}, 0x94)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x3, 0x2, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x7}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20009, 0xb, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6(0xa, 0x1, 0x84)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, 0x0})
io_setup(0x8f0, &(0x7f0000002400))
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000400)={0x5, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x18, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = syz_open_dev$usbmon(&(0x7f00000001c0), 0x7fffffff, 0x80)
ioctl$MON_IOCQ_URB_LEN(r0, 0x9201)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, 0x0, 0x40)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETSETELEM(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000000d0a010800000000000000000a000001e7dca49aae51b81b8193e69a3b9ee730d0180cc4a0fc8552752d7937f23409b47e10187582e126413c63545b50357ea877bade9a2dc64c8cc8edda65873ebc1c3dace7c17babde1e9a10bfcc7c"], 0x14}, 0x1, 0x0, 0x0, 0x4000805}, 0x8000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000980)={0x11, 0x0, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
bpf$OBJ_PIN_MAP(0x6, 0x0, 0x0)
r4 = add_key$keyring(&(0x7f0000000080), 0x0, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r4, &(0x7f0000000240)='asymmetric\x00', &(0x7f00000000c0)=@chain)
socket$netlink(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="74000000090601020000000000000000030000000900020073797a310000000005000100070000004c0007801800018014000240fe8000000000000000000000000000aa1800148014000240fc000000000000000000000000000000060004404e1f0000050007008400000006000540"], 0x74}, 0x1, 0x0, 0x0, 0x10040003}, 0x0)

3m36.485159568s ago: executing program 3 (id=1006):
bpf$PROG_LOAD(0x5, &(0x7f0000002900)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32], 0x0, 0x96, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x3, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
r1 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000540)='.pending_reads\x00', 0x1a10c1, 0x9c37611dc13d0db7)
fchown(r1, 0x0, 0xee01)

3m36.434112668s ago: executing program 3 (id=1008):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0xfffffffffffffffc}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
poll(0x0, 0x0, 0x9)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
r2 = socket(0x2, 0x3, 0xff)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fa540000850000008200000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x26, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r4}, 0x18)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000000200)=@filter={'filter\x00', 0xe, 0x4, 0x2d0, 0xffffffff, 0x0, 0x0, 0x98, 0xffffffff, 0xffffffff, 0x260, 0x260, 0x260, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@CLASSIFY={0x28, 'CLASSIFY\x00', 0x0, {0xb}}}, {{@ip={@private=0xa010100, @empty, 0xff, 0xff000000, 'wlan1\x00', 'ipvlan0\x00', {}, {}, 0x16, 0x1, 0x21}, 0x0, 0x70, 0xd0}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @multicast, 0x0, 0x9, [0x22, 0x30, 0xa, 0x2c, 0xd, 0x2d, 0x27, 0x32, 0x24, 0x3b, 0x3b, 0x2, 0x26, 0xb, 0x3, 0x30], 0x1, 0x80000000, 0xc000000000000000}}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x2, [0x5, 0x1, 0x1, 0x3, 0x5, 0x1], 0x3}, {0x4, [0x2, 0x4, 0x6, 0x4, 0x1, 0x6], 0x3, 0x6}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x330)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0900000004000000e27f000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f0000000500)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095", @ANYRES32], &(0x7f0000000200)='GPL\x00', 0x38e, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000}, 0x94)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2)

3m36.337544278s ago: executing program 3 (id=1011):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a000020095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r1, &(0x7f0000000080), &(0x7f0000000300)=""/180}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES64=r1, @ANYRES8=0x0], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r3}, 0x10)
sendfile(r4, r2, 0x0, 0x7)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000680)={[{@noblock_validity}, {}, {@sysvgroups}, {@resuid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@journal_dev={'journal_dev', 0x3d, 0x7f}}, {@resgid}, {@noauto_da_alloc}, {@noquota}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
r5 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
truncate(&(0x7f0000000900)='./file1\x00', 0x3000000)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r5, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x24, 0x2, 0x1, 0x3, 0x0, 0x0, {}, [@CTA_STATUS={0x8, 0x3, 0x1, 0x0, 0x2002}, @CTA_ZONE={0x6}]}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r7 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
process_vm_writev(r7, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0)
r8 = openat(0xffffffffffffff9c, &(0x7f00000003c0)='./file1\x00', 0x48042, 0x8c)
fallocate(r8, 0x10, 0x6, 0x105ff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='mm_page_free\x00', r0, 0x0, 0x1002}, 0x18)
r9 = socket(0x10, 0x400000000080803, 0x0)
ioctl$sock_SIOCETHTOOL(r9, 0x89f0, &(0x7f0000000040)={'bridge0\x00', &(0x7f00000001c0)=@ethtool_ringparam={0x4, 0x0, 0x1, 0xfffffffa, 0xc11, 0x6, 0x20000, 0x8000000, 0xf}})
r10 = socket(0x11, 0x3, 0x0)
openat$pidfd(0xffffffffffffff9c, &(0x7f0000000000), 0x24002, 0x0)
r11 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
r12 = bpf$MAP_CREATE(0x0, &(0x7f0000001d00)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1f, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r12], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, r11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
fcntl$setlease(r11, 0x400, 0x0)
ioctl$SG_GET_SCSI_ID(r11, 0x2276, &(0x7f00000001c0))
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000340)={'team_slave_1\x00', <r13=>0x0})
bind$packet(r10, &(0x7f0000000180)={0x11, 0x0, r13}, 0x14)

3m35.933848711s ago: executing program 3 (id=1016):
mkdirat(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x1c0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000ff01000000000000002000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001}, 0x94)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x3, 0x2, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x7}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20009, 0xb, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6(0xa, 0x1, 0x84)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, 0x0})
io_setup(0x8f0, &(0x7f0000002400))
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000400)={0x5, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x18, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = syz_open_dev$usbmon(&(0x7f00000001c0), 0x7fffffff, 0x80)
ioctl$MON_IOCQ_URB_LEN(r0, 0x9201)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, 0x0, 0x40)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETSETELEM(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000000d0a010800000000000000000a000001e7dca49aae51b81b8193e69a3b9ee730d0180cc4a0fc8552752d7937f23409b47e10187582e126413c63545b50357ea877bade9a2dc64c8cc8edda65873ebc1c3dace7c17babde1e9a10bfcc7c"], 0x14}, 0x1, 0x0, 0x0, 0x4000805}, 0x8000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000980)={0x11, 0x0, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
bpf$OBJ_PIN_MAP(0x6, 0x0, 0x0)
r4 = add_key$keyring(&(0x7f0000000080), 0x0, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r4, &(0x7f0000000240)='asymmetric\x00', &(0x7f00000000c0)=@chain)
socket$netlink(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="74000000090601020000000000000000030000000900020073797a310000000005000100070000004c0007801800018014000240fe8000000000000000000000000000aa1800148014000240fc000000000000000000000000000000060004404e1f0000050007008400000006000540"], 0x74}, 0x1, 0x0, 0x0, 0x10040003}, 0x0)

3m35.565923663s ago: executing program 3 (id=1020):
perf_event_open(&(0x7f0000000380)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x1e0411, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfefffffe, 0x1, @perf_bp={0x0, 0x1}, 0x6025, 0x4005, 0xb, 0x3, 0x80, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000080), 0x80, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
socket$kcm(0x2, 0xa, 0x2)
socket$inet(0x2b, 0x801, 0x0)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmmsg(r0, &(0x7f0000000440)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x1}], 0x1}}], 0x1, 0x0)

3m35.565728673s ago: executing program 32 (id=1020):
perf_event_open(&(0x7f0000000380)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x1e0411, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfefffffe, 0x1, @perf_bp={0x0, 0x1}, 0x6025, 0x4005, 0xb, 0x3, 0x80, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000080), 0x80, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
socket$kcm(0x2, 0xa, 0x2)
socket$inet(0x2b, 0x801, 0x0)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmmsg(r0, &(0x7f0000000440)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x1}], 0x1}}], 0x1, 0x0)

4.88305334s ago: executing program 5 (id=4703):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f00000004c0), 0x40082, 0x0)
ioctl$PPPIOCGIDLE(r0, 0x8010743f, &(0x7f0000000000))
r1 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x88002, 0x0)
pwritev(r1, &(0x7f00000000c0)=[{&(0x7f0000000140)="de", 0x1}], 0x1, 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000140))
pwritev(r0, &(0x7f0000000040)=[{&(0x7f00000000c0)="80fd02000040", 0xff1e}], 0x1, 0x0, 0x0)

4.782182691s ago: executing program 5 (id=4709):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4, 0x0, 0x7fff}, 0x18)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x30, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r9, {0x7, 0xfff1}, {0xffff, 0xfff1}, {0x2, 0x1}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x400dc}, 0x4020080)
sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=@newqdisc={0x24, 0x29, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r9, {0x7, 0xfff1}, {0xffff, 0xffff}, {0x2, 0x1}}}, 0x24}, 0x1, 0x0, 0x0, 0x400dc}, 0x4020080)

4.655143232s ago: executing program 5 (id=4713):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdir(&(0x7f0000000580)='./file0\x00', 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="070000000400000008020000d9"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7030000003e7400850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r2}, 0x18)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x2014800, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r0}, 0x18)
ioctl$SNDRV_TIMER_IOCTL_INFO(0xffffffffffffffff, 0x80e85411, 0x0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x4)
write(r3, &(0x7f0000000280)="e8bd8a4c56281ba2ba42cfa5b9fe5fc6dcde2ee431f5595ceadb9a2c95e57f15ee4a83f9e7d78ea996f78bd588bedcdbc730d6d15df6d2a26ca4e55e97ed0522a190ce241a37bad3317fba7e4be3dbbfec5e2f401b5658cc8fda", 0xffffffe5)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000100)=0x82)
ioctl$KDGKBMETA(r3, 0x4b62, &(0x7f0000000400))
setrlimit(0x4, &(0x7f0000000380)={0x7, 0xe69})
perf_event_open(&(0x7f0000000800)={0x5, 0x80, 0x0, 0x0, 0x0, 0xfd, 0x0, 0x7fff, 0x420, 0x3, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r4 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r4, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x20000}}, {{0xa, 0x0, 0x40000, @dev={0xfe, 0x80, '\x00', 0x26}}}}, 0x108)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
mkdirat$cgroup(r5, &(0x7f0000000080)='syz0\x00', 0x1ff)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="100000000400000008000000080000000000", @ANYBLOB="0000ffffffffe8fffffffffffffd2e"], 0x48)

3.697092688s ago: executing program 5 (id=4722):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
splice(r0, 0x0, r1, 0x0, 0x7, 0x9)
write$P9_RWRITE(r1, &(0x7f0000000040)={0xb}, 0x11000)
getpid()
bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000b00)=@base={0x6, 0x4, 0x70be, 0x5c, 0x180, 0xffffffffffffffff, 0x30, '\x00', 0x0, 0xffffffffffffffff, 0x180, 0x2}, 0x48)

3.003119342s ago: executing program 2 (id=4733):
bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b000000000000"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00'}, 0x18)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
fchdir(r1)
creat(&(0x7f0000000100)='./bus\x00', 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)
mount(&(0x7f0000000000), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000300)='trans=rdma,')
socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_open_dev$sg(&(0x7f0000000740), 0x0, 0x18b203)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000cc0)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000007d000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r3}, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r4, <r6=>0xffffffffffffffff}, &(0x7f0000000800), &(0x7f0000000840)=r5}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r6}, &(0x7f0000000080), &(0x7f00000002c0)}, 0x20)
r7 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r8=>0x0})
bind$can_j1939(r7, &(0x7f0000000340)={0x1d, r8, 0x0, {0x2, 0x0, 0x6}, 0xfe}, 0x18)
bind$can_j1939(r7, &(0x7f0000000180)={0x1d, r8, 0x0, {0x2, 0xff, 0x3}, 0x1}, 0x18)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000440)="4e19ca00089dce98000a694d558561e0f117322d839cf4bb695520b62757963f17df0c2a1484b20f2289021346edf6087202f2d972501700fe3127b9577aa03f247cb0717eb8767b3b9452019d081fed51f17f3d9d0198d76fbeca1e2daed76c2ef2def7e1e31b68c936ea1b116023602f73bc63e3d61c2b069f6075d4ca22e68b407d0d4d10764a0625057aa10aef3aea4b92cb2f6ff91022d4dc19e5672ee8a4b535203e4dd06d6bb4", 0xaa)
r9 = fcntl$dupfd(r2, 0x0, r2)
ioctl$SG_IO(r9, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x6, 0x0, @buffer={0x2, 0x41001, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x300, 0x0, 0x0, 0x0})

2.940725932s ago: executing program 2 (id=4734):
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
write$UHID_CREATE(r0, &(0x7f00000004c0)={0x0, {'syz0\x00', 'syz0\x00', 'syz0\x00', &(0x7f0000000040)=""/2, 0x2, 0x0, 0x3, 0x0, 0x3, 0x6}}, 0x120)
syz_open_procfs$pagemap(0x0, 0x0)
r1 = syz_io_uring_setup(0x1327, &(0x7f0000000300)={0x0, 0xc739, 0x10100, 0xfffffffe, 0x251}, &(0x7f0000000280)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r1, 0x2def, 0x4000, 0x0, 0x0, 0x0)
write$UHID_DESTROY(r0, &(0x7f0000000200), 0x4) (fail_nth: 2)

2.664092504s ago: executing program 2 (id=4735):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000e80)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'team0\x00', <r3=>0x0})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r2, 0x89f3, &(0x7f0000000200)={'syztnl1\x00', &(0x7f0000000100)={'syztnl2\x00', r3, 0x4, 0x8, 0x5, 0x1000, 0x41, @mcast1, @empty, 0x7, 0x20, 0x9, 0x4}})
r4 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', <r5=>0x0})
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@delneigh={0x1c, 0x1d, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r5, 0x0, 0x96, 0x4}}, 0x1c}, 0x1, 0x0, 0x0, 0x8801}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f0000000080), 0x1, 0x4cd, &(0x7f0000001180)="$eJzs3M9vFGUfAPDvbHdpgZfXioiCKAU0Nia2UFA4eMHExIMmRjzIsWkrQRYwtAchREpi8Ezi3Xg03jTxqkfjyT8ADx5MDAkxXABPa2Z3pt3ur+7CtqXs55Ns93lmnpnneWbmmX32eTobwMAaS/8kEf+LiFsR8VQtujLBWO3t/t2rMw/uXp2JxUrl1D9JNd29NJ7Jt9ueRcYLEYUvk4Yd1sxfvnJuulyeu5TFJxfOfzY5f/nK62fPT5+ZOzN3YerEiWNHjxx/c+qN3ivVIr+0Xvf2fnFx3553T998f6aYLx/J3uvr0Vaxt2KMdVj3Sm+7euztqAsnzcfp2roWhq6Vsss6fb91tXzw9EYXCFg3lUqlMtx+9WKl0fWmJcCmlcRGlwDYGPkHffr9N3+tU9fjsXDnZO0LUFrv+9mrtqYYhSxNqeH7bT+NRcTHi/9+k76i0zjEn2tUAABg4PxyMu8JNvb/CrG7Lt3/szmU0Yh4OiJ2RsQzEbErIp6NqKZ9LiKeb8wgiah0yH9XQ3w5/x+zWYTC7UeuZAdp/++tbG5rZf8v7/3F6FAW2xGRd5jnDmfHZDxKw5+cLc8dabP/LavkX9//S19p/nlfMCvH7WLDAN3s9ML0w9W22Z3rEXuLjfVPiumJy6dxkojYExF7e9jvaF347Gvf7VuKlFamW73+VZUWU3o9z8e1Uvk24tXa+V+MFed/Ocek8/zk5EiU5w5PplfB4ZZ5/Pb7jQ/a5b9q/X/6q3GTd47/fOpRq70kPf/b6q7/yOdvl+s/mkQkS/O18xGVod7yuPHHV9X9jh1qXvew1/+W5KNqOG9fn08vLFw6ErElea95+dTytnk8T5/Wf/xQ6/a/M9smPRIvRER6Eb8YES9FxP6s7Aci4mBEtKjakl/ffvnTduu6vP7XTFr/2Zb3vxXnf3m+vstAvnG6ZOjcgVsP2tw8ujv/x6qh8WxJ6/tfsuIW0W1JH+3oAQAAwOZQiOr//hcmlsKFwsREbQxoV2wrlC/OL+yPiAuztWcERqNUyEe6auPBpSQf/xyti081xI9m48ZfD22txidmLpZnN7ryMOC2V9t80tT+U3/3OM4LbEJ9mEcDNqnV2v/um+tUEGDd+fyHwVXX/hfbJFn0nzLwZPL5D4OrVfu/Ft93fHbBPQM2v4q2DANN+4fBVYwPl8LVx55bPm0LPIl8/sNA6vW5/t4CleHWq0aixS8GjKxNMba2yGtDAmnPqo87LEVEd4m3PkwWeRew/S88FHrb4XA0rxqKTlslPfyOQx5Ij8qqic/s7vvFn/8mSr8vmx+W22mpy9Pdp8CG3I4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD67r8AAAD//wtk1nU=")

2.611975894s ago: executing program 2 (id=4736):
r0 = socket(0x10, 0x2, 0x0)
fsopen(&(0x7f00000000c0)='cgroup\x00', 0x1)
ioctl$PTP_ENABLE_PPS(0xffffffffffffffff, 0x40043d04, 0x1)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0xc000002)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000280)={@mcast1, 0x800, 0x0, 0x1, 0x1}, 0x20)
setsockopt$inet6_int(r1, 0x29, 0x1000000000021, &(0x7f0000000040)=0x5, 0x4)
sendmsg$inet6(r1, &(0x7f00000000c0)={&(0x7f00000001c0)={0xa, 0x4e23, 0x80000, @private1={0xfc, 0x1, '\x00', 0x1}}, 0x1c, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="120000000000000029"], 0x18}, 0x40c0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r2, &(0x7f0000000340)={0xa, 0x5, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0xfffffffe}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, &(0x7f0000000480)=@gcm_256={{0x303}, "000200", "e123c5876ff425b1ebe250a8486be34705f4f827ae60ecb65e528248d5552bff", "7e25837b", "15d0db2c77179e1a"}, 0x38)
write$binfmt_script(r2, &(0x7f0000000500)={'#! ', './file0'}, 0xb)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c"], 0x48)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000040)={0x0, r0}, 0x8)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000080)=ANY=[@ANYBLOB="180100001700000000720000ff000000080000196d00000018110000", @ANYRES8=r3, @ANYRESOCT=0x0], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r2, 0x6, 0x23, &(0x7f0000000280)={&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffd87}, &(0x7f0000000240)=0x40)
writev(r2, &(0x7f00000002c0)=[{&(0x7f0000000380)="0083", 0x2}], 0x1)
close_range(r0, r2, 0x0)

2.563547845s ago: executing program 2 (id=4737):
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000003b40)=ANY=[@ANYRES32=0x0, @ANYRESDEC, @ANYRES16=0x0, @ANYBLOB="b022fd84099290ab8ebe39cfc17f80bc2926131e9437a1dea9ca1756900531c14b67f7a9edd0d80c7c73649053153a8d8db6d3c0d3b3fa951f57d14071b61a27d968a0ae7bd580d2d9fd9034451c3ecffae80b234e72fb11e3a60c1208bd5262c5009e3e45582ed4203850292ed682fc5e26f5c2af47718ee5b4f2ed68f0b21b813ec22c4c61d3f22f5a01ebea6c484d8ef4ca90180b4587e0bee2f782fef574aa1e0ebc5d9e42452910d03c12feff7848f72ac5430476b9dc2457a09efdc6f181c408abe7b30cccd2c8fb85389e1cacd4f4b29a3d4a55941bf1bb416203732d6712d5a89470876ae6daec66f3fe1b39982c2781b115e20af7ce0a0c7c77db1073adc6e11597bd9f540f90f60b92dc84a5c764379c0b9426ff4f547182502633aa754dcfc63e46c7cef8e3a0c29bf5184ac150e90d884c59cba3dae7c531fb114534292629d8532c0f67ee37f2c349ea8f28199aff2aa335df5db411287a73adfbfff212cf7b6d277a361c55af160d98b5c3db84da37d80e07269c33f60f111ec3c09d8843e1f5499e71de9b48882b9415d45b20393888ec49f307d535580947b5a5b40b465382aa4a579f317d91792f8ed70e9401863bc0a21d7e15f828ae8f13c673a30cba6f10f89c8a018cc8bbe7072ffe1c5d4ef11f0f82cf967faef8608f8b289245f87607917b0c2578dbbe5186ac78b8cd9a5aff567aebe8a73dd547fdc503885a2df4953f3497688b7b1ede6a2e529b25ecc246a7bcb00077059d7e0100aa20cb4d1dbac6eec0a9f803601c799eddb9b271f0530842291167abffb982fe47a496e884ee3c17850f970cb3ac3342b832b8b984e2eb4836afb7727f7310a347add2a1094cfff7b44516593bbf15f3a9e0e2a788e99bdec6706ae9a39b4f8983ae38d4cdf866d9670de91036ea86646f195ec4b4ce462ea624b8875825262a301f9235496b935506109287bbcf4754e3fa637428a2e39a80cd07ffafd756839abddc721421754fcae705ab432fcdd6f3c004dfad9e6bfa87746dd41649dcd2bf1728a3d6d2ddf27a52957422a27f9e478530873d9f1861b71f2378540648b171bcbd44533723ae1a89e56e2f570c0571eb3c66fac65e3abad003a828f2d21cc990e57b80dd3762fe1204eb320591d6a93f9052b80494b2f52ad89d6374cf33040e2484c3384946450bb65835d65bebb4a91c0f82e598e5aa7ff9ba79f27bbd46240287721d2759fa24cec97658d8f17b3f424293f7253b74dae4b966c8089c546936953d8ce63463c26f1e296f56e17e7f890b6001ed5d9f739036842e989b40c02d3fe5227b1fb08a98f1b1f0c336346698e70171e74e40c5304a356b29c947672f8a0535b7ce3a66b276d09ca3d9fff030e41598649a310875f5b5801c471182c1f617c907f06b5f36a1f9294b0f4a95d0fc98682b1e38f2f94fb08f20c5e5c7afaa9fbbd84734a98dd9b33188f6b79334b09ca8e2de56457242f904b114a2c313b193fe421d7fa97da5ab77f363e83b4698bf903022d13826ded79a905f07f97dc0fc4cc290b969ee37075a4a80a0d86d0696eeea2048ebd1a97f8319b3342e515ae5c9e25ee933d926ae0f31af55aeb07da6508756ac9549ba8bbc0095a17cb647df12f926e595a531d7208ef75cfd6239f65a0584121c75e00f7c77990b90e6350b1a84eba4430979bb726ab02050573af29156bed8e243527593dc0c6de41d0b6775818a96ee97d153826a217e8d7e88c6c44baa781a495afeba3882a06f5b1a87b1e8ee1edf404ac3ade6f5af1f6cd22c01506b5f84befb55c86f79b56e4d5754be8f564f57852f991c2275cbf55937666e022c2b2f0d020156152377859b345f74fe66791421e5571a7900df89c9bef5c3cb19113fae5d524ae2edea5ca91baf096c02e1e860c9b5a97882da598ef1e39fcb61d83f997675a772ac37c0fbe65a9d379b9204a915fdb6a7c7cdbd14c0893cd5e8cfd56f4021756d6c6a25b258a69922a41f3c7bc43b69f46293b381a27ae5a3cfcf2526f8eadcb540ec87d6009d6a2939882140f9a447c5be4328a0681aa3002f6a9dfd836b362fb1d423d7c9571aeb50e2a6acb9ab4e85574baf27b1028db0f6647aa7fe995c1fbf8ab422bb15acf9ae6de73972c9549cb601297bbb1c740e8761af16c4785c4827b5dc5e52f4a82000f6f87670ec19fea4e04e564fc83c0ccf1b7fa2bb9ac3e56addfa7f5f6d1d3d3c92dea5de9fa42f1414a769b0cdc40e306fee0ad66573628b83a07fe087fcb3377848e1a7869e592c83bb594284da28a4f5db381059d56e5d4989042dadbbe6000b66184ca8fe9d293f6c70988f3d7b8ee00546a21aaeca498ae06fa7becc5a55914c7a1ab714d955a8b0bd72e8d6bbf4dd451b525fcbc9fb5c10747dee3c755d39be5c2d52345c56185a8d6cee878b72255acabf7dbefafaed94838532fd01ea6244c4ac929de6846084a07d19de7098e62b613775abe326d402f707c4fbb3968b0aac7f1f27537cbdecee19151b310bcbe2c848ef41eea747e85f87d5a160b2cb6b28d137e30c69770c1651e44a66f8e3394bec03c8256b89fd59bec449c6a2bdb351f53d05e463f75b834624b8c7b557dc38a398d726d0846fc2f062b5b32d10af38ce844c6811aaef73ace1d86813bc37433670f6180f9bd112ae00133077fc7a0bd12d7b4b3a53a3c16a9cb0e8112f18691aa3bd2215afdaa1d00c8ea4f4a302ea9ebc94afaad2549f646a8ae66b953fa9cd649a02c4b152cc6c7b55d99ddc3d0fd1fcd84da355eb02581dba9e4d9dd235d2d4c4e094161440e70926221d76ce70c8762485c8b801550cc208e5d1bfd184e622ff0950a912dd47163c838fd562f09ca1690e76da55a471ec67cb83bbb103975bd4683f0393ec8b843f55ba2c0bdc6c90b50031cfe751792bd5d0cb50c8ee93086794e18c4ed66d6bd09b499f8ff2f63a8920701ab0af5b4b75402b1d65b1eb515dc46e181a1699f21e67349c904f02f8358e28faff2ade65703d14dc2774b02acc731eee0941675502d95e0c32a7304f6e9af85ef220daea0de24cf79e35a59412e62835d3032f88d9ed7befd4f708bfd2d236bd188b6f951bbe13e3add84f111e20324a523426611ec15fb376e7306cbec6867f0b945047a4facf78154e68a66a36972d5a18af1403baa9b4b51fddd072ee1f0087add02485b40323bd708b76406e10a927a913d91c5d771d3aeb3cfafb54b1016785c61ed13060d5f1b550676a656b874fd392ae61c5044218df55cbb72b819990ffdb130fb17a14f7cb5a2a8aafedc6526d83762dbf320f15758030eeecf5652dccf04cdc68827400c768a21daff47212b87357ff0bcb36cae4d113a5d9815b07332cb42329321664d93e43e6dcd6115987007fc623088004f8ac943736eb2a045a25b1bbfbbc97571eabf875d924f6b7b0e524b1afa0ff499473aa7976de83b91928e84f8e445728778fe0e5a356a57f09ed254848cec31b7c5c9c7a2fca21befe15ffc9317e96f7ad582684ce625791b99563781bf64983e77be4f1a5893beec4b560fc15e9c21dd0c29bf2879dfaa257ba5ec97957050d5b2c1f25eb4064488c139dbf88f3b7c70850d6fdbf0603cdd4011bf76e0d9ee5c2b128b50dba5689a8f04d4caf62d777eab31aab4b4195da780901352d284885bf417eb05367ee1b5f2f8c5cfe7f0394fb977f3a3f96084375e22ccf6c3ee4659d68d2b1948a4a1783a4db2282c67d39613fa67be4dd144793b76c09dd563ef3d169f34318acbd62d3b2d64f9173d16e9801132918c3390172c6f64d049b4c894d593419e5f4d5a513fc5a64ddcd05b034e6d16fe88ff89a520c464f842ad5a62a6fc46f0e9d56d05d6f5e625d25f537cca62910981dd463255318d8273db13d27fdc6c17c2c54776ba3a246c413957f297b8ecb1adb5c3f1d4d8e4d7705bdb9268f956d2845b68511edd51cdc5d05de5d6d4b3f573592986fed325f1f3c6a9ef7740f9d843e11981d1ca515c7e722ec4d691c5e4d3a146e39bcf407f66418f754bb2508cb4cc843aa9d8eb63850e5b9103682ecc1fc8f972f394be9d31cb9efd0f693d4ec41fe8d0993b45d2f422f9ab604d3371c1bda1daa3206a027c4de5c8f2cf6d1fc7e6d1423a6c71e84f24e0a4dfbf4a331deff2ae649df9681a08846efc9f0001e7ef106f1bfa25ee2799b13f1f076e30e58078d186afb65301497e982478babf143972cc7072f70829b8faee46e56a1451ff7ddd0dd35816bfa29eee361de60fbc3222e89d70f1495be94d0e82072a0e572e3055c905552e6c45d2af3d4f505a99d947667059c1c92ce2d3549077539c4cec4c07337361eeb9f78813bf9e77b0a79f391ae6eb663deb53317f61ef8ddffdbd0ca2d8095c10c106b0968325bc1e88829d92399b809f1b881e9b9f0aeada5c5ee20fd0866070e3d5d41e62f5b6d2d25441babcdf9d3dc8ae3c140a6f352daf00ed38e248b236acd27f24bdebae0f272a5820ef77fb603fe3cc910a9d842129259e61d25dcf546cd770e4cccab470b20fa5f5972a6dd15853483de6e032f9726c166e81e8e0f9db4df397cc4a10b6e58708a31f48d7d2bae4ef92828c37088068b2ae433110dc7c08e6017d8b26e4e0382ca8fa62dc6f53c4cc2f0f78af72335c494f57f2414afe247e2291c395895bb18f701b6f4331feb759110c543dd94a238e782ad552047677558a50e7683d71a9e222fd19a9343e1d64528640a8099dedd19e4c747dda18ff25b15bddf750a54533b6ecfc75ad4a2909485f7fd759d45c74727b2e7300eae71a8784f5dd7f25b4b000ed3254264131cbbae316fb3a3bfbeb309dd2d18104629db354f447791eb882bf0333a520b8dba745b673d071b07e1de3e02fe751a1cf5908435b1a38edbd60483abdb15452c868844ceb96c449ab72999a55c79f9ce7405797142ef7095b4caf99d7bbe51cd4e963e4ffbbd2648761abd3894b5420a0add261ff9c0eff61aafd1ac5195ff15cadb5b0c7ce34d4d2d68146f3dae677e833b8be0f8a876153bb65398def38e4bf539d3a00047b19c483062fc1c2547b7d4f7d99b7035212ccfffeeb21ed7bbd6165ac7fbafbca3cef86fff655305706dd0baa607c50543bb0d66f0f4dbdd9c365fdb7b875dc5e7ee59afccc321ad1e31cc84687afda71231bb2e4dc3ce79ff3ce4bbafed8821a5b71bbf3844f110e2dd9557b596ac792d97506d22c0410bce435e20fa2e2d435361b5b6ac85f44763769723a7b629258f45e10578f70bef2e9c05af8032e357697dfcd30de9b3e953a36d6cb7a03ce69288b663f692793904dd8fb4ab6dc31ddf7f6942ef84c1e68c78bf9974f830ee2fccca84113cee98b47ed41a87fe610c5348dc38d4ada19862772317a70754870347ad87dbbb4c52349b0261aa8e108fcf387b24d4e2a77ba76e8472fd74ab6fa021277a24ef7a48d395b0fd1f9c0cf83bac56b433ffbfe5984a362e337969febf259988162c2b4842bd2fc0b230fee93a085003e615088abfe41889f7b5e0f380ffe55b66c1f7419993c3dd4aac5891494a183ddca2e415e1749489c925715f3c44d94b90d2d735f2b923bdbbbf1646580ab135356a9ee29bc19e73ded9a33798a69d248574e0c9e9f40a1c1ba52bc66a578d08b75f271a9e9f447efede09d6b3b57e0aa6322c18fd6f5e1c9d2753e0a6513cc04124ab89802eb9c504f0e5550868ab597629d7cc7447ed1b01b2ff4cf511aa098710b208b5aa0f595039a2f0e7294c5fe3b0c3e6c40000000000000000000000000000000002588beb10115f4b22f4ac997c86c49201ee9dceb2142ae61555bbbc4ef8cdd468a8ffbe6cbfc8877dd87292c70e10669bc99d8d5710f7719cc2cffc86cd529b6da2511d07aef4a1d9533ab58a76f80ad7fe91a17397d3c83481", @ANYBLOB="fe2ecf20a9a17bd2ed7e803f830375c150a1f848f604c2c1f932d2b7163be4b2b9a5bd521d185cfbee555b27608594beba6325923aaf5db74cff01000053db92c6c5fcbba0abd975fc76bea49b00513afc856ed89d3fadeda307ca587354322803b0983cc65725ae7f45fb95e7cdb28c6b886959b7dde2c87c73f6008cf6eed7861f24b7423704b95f3d05b92d3d7ff9d392833ecd02443320b60131a350360fcc1d659e2a03cb469caf0498bacae0735a161345b3d71a55f14ef636b6f832c7a6071fce83904dfd871b6d8e03648dbaa3a039eb5673792cae80335732030f9aeabaf3bb3cc4ca5fe75271d69b2e78beb2b81fc3cf3a18a7ae93a3cdbe6599b99408275e2b4b4477c6fcf4806134e839e13533ec000000000000006a1c000000000000000000000000000000000000000000000000000069c3288311b7414705e975eb3f1b77a120", @ANYRES64], 0x8, 0x2eb, &(0x7f00000004c0)="$eJzs3E1PE10UwPHTF0pbAmXx5DGaGG50o5sJVNdKYyAxNpEgNb4kJgNMtenYkpkGU2NEV26NH8IFYcmORPkCbNzpxo07NiYuZGEc0+kMhTKAlNIi/H8JmcPce6b3zgzk3AnD+r23T4t5W8vrFQnHlYRERDZEBiUsvpC3DbtxTLZ6JZf7fnw+f+f+g1uZbHZsUqnxzNSVtFJqYOjDsxcJr9tKr6wNPlr/nv629v/a2fXfU08KtirYqlSuKF1Nl79W9GnTULMFu6gpNWEaum2oQsk2rHp7ud6eN8tzc1Wll2b7k3OWYdtKL1VV0aiqSllVrKqKPNYLJaVpmupPCvaTW5yc1DMtJs+0eTA4IpaV0SMiktjRklvsyoAAAEBXNdf/YVHtrP+XLqxW+u4uD3j1/0osqP6/+qV+rG31f1xEAut///MD63/9YPX/zorodDlU/Y/jYSi2Y1eoEdYarYye9H5+Xa8fLg27AfU/AAAAAAAAAAAAAAAAAAAAAAD/gg3HSTmOk/K3/leviMRFxP8+IDUiIte7MGS00SGuP06Axot70QER8818bj5X33odVkXEFEOGJSW/3PvBU4v9N49UzaB8NBe8/IX5XMRtyeSl4OaPSKpHmvMdZ/xmdmxE1W3P75Hk1vy0pOS/4Px0YH5MLl3ckq9JSj7NSFlMmXXH0ch/OaLUjdvZpvyE2w8AAAAAgJNAU5sC1++atlt7PX9zfd38fCDSWF8PB67Po3Iu2t25AwAAAABwWtjV50XdNA1rjyAh+/dpPYge0ZH9Gf5tlv+3DEc30z0C/8O3NcW9nW0/LaEDnJZdgrC0kjVUm4067Cz8x0a79ZGJ0c5fQTc48+79z/Yd8NpyfJ+Zth5E9r4Bejr2CwgAAABAxzSKfn/PaHcHBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAKdSJ/47W7TkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAx8WfAAAA//+SWQVN")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x84042, 0x1fb)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0xd, 0x10020, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0xf, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00'}, 0x10)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)=ANY=[], &(0x7f0000000000), 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x21)
pwrite64(r3, &(0x7f0000000140)='2', 0xfdef, 0xfecc)
write$P9_RUNLINKAT(r0, &(0x7f0000000000)={0xfffffffffffffecb, 0x4d, 0x1}, 0xffffffd7)

2.562648965s ago: executing program 2 (id=4738):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000100)=0x1800, 0x4)
r1 = getpid()
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RELOAD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r3, 0x1, 0x70bd27, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r1}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x30)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r4], 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x18)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000240)={{0x1, 0x1, 0x1018, 0xffffffffffffffff, {0x29}}, './file0\x00'})

619.534056ms ago: executing program 0 (id=4755):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0xc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x7fff}, 0x18)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000080)={'syztnl2\x00', &(0x7f00000005c0)={'syztnl1\x00', 0x0, 0x20, 0x7, 0x5, 0x40000007, {{0x28, 0x4, 0x1, 0x3d, 0xa0, 0x65, 0x0, 0x2, 0x2f, 0x0, @remote, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@cipso={0x86, 0x3a, 0xffffffffffffffff, [{0x2, 0x5, "a1b6d3"}, {0x7, 0xd, "5cd66fadeb1ec4ffd631e7"}, {0x0, 0xe, "d3b996f9bd4603fe9943ea38"}, {0x7, 0x12, "c8ba5484814e7d52719e4580f6d69872"}, {0x5, 0x2}]}, @timestamp_prespec={0x44, 0x2c, 0x6f, 0x3, 0x0, [{@rand_addr=0x64010100, 0x5}, {@dev={0xac, 0x14, 0x14, 0x3b}, 0x80000000}, {@empty, 0x5}, {@multicast2, 0x3}, {@private=0xa010100, 0x3}]}, @lsrr={0x83, 0xb, 0x84, [@rand_addr=0x64010101, @multicast2]}, @timestamp={0x44, 0x8, 0x58, 0x0, 0xc, [0x20000000]}, @generic={0x86, 0xb, "c6c0336d04bf0dd37f"}, @rr={0x7, 0x7, 0x9, [@initdev={0xac, 0x1e, 0x1, 0x0}]}]}}}}})

575.874126ms ago: executing program 4 (id=4759):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000001b00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="f1b2786229164607aadf769e0f6badbbc2b28b088448583cd667eeab98b35cb08703065f93b52495b6cc6f19a6b31e36a1fcb0c2268602c1a2b3f3020a50197d9a237d3e6caf1d315ccfa9b1f9172f974fa92586a2c95cc1cd019d8b420f60223eaee821653553beaa41d083baf23e764b82404cb9f3429694462608ab5c3d30df44b1ccc6af475c348102d24762d5151d9e80e06ae382722702b689357ca70bca236fafe2a5ac52023690d68e9d1b270d0ce77472caf180cd8936eacbe9a285ec9537f52fb4586c4c671c9c16715fa8d0532b89a9990df0e7f3f170db663dd0781efffe32e7ece396c4c3aef4e2f61fc89d29b2316394d9fd7473303c2e60b1344ac03d611b3b1ceec9ba56ad5260b47c94811e43ef71fd14ef144199537da99093130f1486f48073d215674d9b62408e544353c0d5c3f141b64faac0fe6351dfbdf63ca98ef97a97287c4e0e52277f53ad17ac3585def2eef214843a36c6b4ad14b7c8b630dd405d9a73743c41363e2ed763bd239ff23895b75092bcaeed7ef21feb547cb1fc101deb49db6538c2eeef8e549c911c5c15b5d06b3946e810f64e1ca1ba45c15b29bc5f4d8aa416784183d57b2a730a4f66975143486cdbc38f83243106bbcf98a09b22df59dbc20e0aa5061fe6ef5358643a282957cdd67ad8201eac41bfe31ad4b8581b3b4f5f893f1417a3268924eaa6a2e9fb44509dacc54919871c9990c4c966cfec22fd011248b8de756e82111f141c4f74895a7331bb8c23ce2686ceac4cb9a5f8a22847de1bb5233d28b8a1bfcb5fc425963c059568e8d4921b24c3b5ef7c5be83423a244d65db8b968ed5f56c7c2f34371b5222f1931cc0f41c37c8c89d1649124f0e8f18966381c3b110e6cb4a84b450c2799f2bd423437f6724734a80505d0f645dbe58f7ba3e111db7f739fc410ed532c7fb65c116dccc04bae4db9e45f826550767f5fa073a24483a182292a59eb90990439b6f06bf6e15fc6c9faa768d5fe3baa510f12c471eafafe662ce7c12b8ab519f3ed4f57d3e69537b08ce63cfa71b9a2ec9876a1fe1625415641d76ee251b7f66a536384c786cc3677eddc33c089e26bc4bad2318df9e68b1192529cb9b70b9f86feddefd3a422db7e6b7c38eb8bfaba1b010fb8ad77bf94be9340ab15d30866185639b521700fa484568f23721a7932255d061187c47eb89cb264f08b2562835478201ef61b84287b44907d4af0c416d7acadb2eb5230347aa178e6a52a786d91811d794731c2058edf87bdb393a78ad980128588f7cc3639765e54af91f5a92cc44d71df8ba0d4f90ac8415ffca553fe0a09291a024529a03cabf9e4bd9b172b2c74573c587461e2dfc39ece27d2cf43678e5329198051ff5eb1f7fb91ad2828432ffd19ed9cf70f8317319d90c37807e37ca3f36503f24c655d51754159ca983ab4175b43d7806b12a025f987673038ee28dfae3a911c9c0f3e207b2c65a6fb48de033849c87e2cacb531f5957a19aa2c05fdd5c3f87a40b893a58fb96174923c1fbbfa6d5bda6977ec5be6643392a62d6edddcab94fa4a273f8a67c3b725f86f768d2e2055428103825013892674cc0d57968c792da33d97930506a464f5d263cf7bd87120dc8134467188ce72568947a55aa200d381d0eea4ac53f0983cf3c255a4a0acbb8126b5d24789d333397f897d07d9ccebf69cbbfe0bb3151ed56c2fd6196add7ed2b272a03d1dd4a58da0916591934d67e0158a2b09aaf6c0c48d859cc54a9b61b5fa056482ee416d92b8a3e7100ff46d0f96d4940484c91079d4195048643f1350ab30c4e0b7c6b7d92a38ad565bdfe559a9966c8cb5928ba0e6285a1fc00d015a174477131eb6d6b6b50d0c50ee32482eaa136de0bcabae6d07fa83d9e46bfaa80726f58d16495b4d0c08de1ed21faeb11b40e6ceac9d5b9ee509b23563a8e20ce7275aff14492f7ce0caa0048714ac66d4d4a03c081e28ad73aafc2b3aae54ac0fbad07f90015e80f7e11c7df39806df70c1df5b4491348badc3fcc7cbb2a457d7601117c6cc22bd9afad3dc681e6558338aa65d6dec5788b2a0a873225df5663a2c3948fb772bf5811ae2c26c9b12f9732b5846679542370fbd0bacc25553f5c09c48de9c52809a449f0a24bc16d29a2b585a1413e3ea99570515c69cafc9671a5e15f3012a1c0e84de426a4ba969b48d5729a99d52dde2059f90eaafd040c8396c343ab38762cf08757c8339415f00b9c83b73a5cbdffff9e40b263e8b2a58b2c2440b718024b651839e773ee75d460e64786bcf7014f487c1203962a99f1ac4bc66df5614cd948c0ee86070f4c57f1b2547d62c79ef2bc4bfced84e4f92d812890696d18338d3d979a8d2ee33299464a25f6038f176f1bc179c16ea4e736f575d1dc5c07823dab91ba0d87360acef7f17eb78da7ef21a2c108701fdbd61e65bb5dab9e694612495093634ed4f0132fece323fec606dfe595195bb348d77932dba9ce114d9ebcc7eb418aead95d723e364489cce358e745c9943abd17797f850fda0e3e8471c6a23d50cef9287a56523186ac8081f00893e5bf7ac48ca7b1c272d94467d43df7e746a30233716b055536475df30744cef55a43ac61f9af65a061d4b2ab4125e97a3e0f51a1aab9ac02c46c7c9d481faf8cfa1cc02b652380877d2452f3187493f2d35177c18480348b030481b72e1b4b4bce62da96e714fdcc39339668d032fa539d10fbd0b967e3dec806ac3427ff03fcd5d528c3ee9db30ba5a3076aa943f83f99b356e3699ff8eb03d2bca621c1609e46b500481556c9316d91700c20afad2e5cd150e16a92436bbfbf1e3d80f41d4ce923471e341fb10eccf4ec2404be065df76ce88543a6de8550c15e1734964988f7b7be36052edaf84f57b0f68f1f3286e3076acc936cfcb82f75b0dd03fcfcf0acb492e4d88eee0925c606540341582a4201d64475ac3ef478073fbdcc07aee3c8017f2798a0b70f19b431231b10e908f5fc9f6dcf13422b260315e0d9facb59cb9a792cae412b41f423ac8f3f1907ed7110c17ab2006c560a17ce2810f6a4fdebd1fc64c59103cb5e56bfca3d4b1bd29386a66ebce7208a4ff07df326d02298a44f74d4836ef3100318bdc43663642c36bd491739b30e99532c5ffe6be88c7441ad49818d5b3c34b161c82de2fb0a217cdcbc1f946d588b95eb04379b235be91b4a6645ea98237bfc192c36611e31b4e766523a50cd560b34c2f87b4b73c9d7c7c8cb8d7c7aac44573d1d65996241eb42f54ef430c416cc66f6d568d5b0c2039f632736a2b1d2a815db142a1316365d84100367e4ebbecafc49b4dc6ae326fd339dc51f1bfeef0a9e46288d5c78cf9a3552ec58851aeefd53a371247c0256b2ad20a9a6d74ea851f524419a52a09d08aa9a83a1a704a35cd890b43e8f47bced9cebe54e1273c2ef2f4e8f925618ddfb90ee157dcfcae63a12bc49b70efc3066163ff8900e1287826f029bbf29004a60a7f5f12f8e3f71b77c7fa605e3d5f05e38f6d8be3aba4a7bcda61f78730feb5fc5b96ede01c1e63f494328e6493e46c89447639324823991cf3c53e46a9576e8fa071b2fbdde76eb72a84d4435750b178a003a30c803c90bbe3c3da1bf33a3638b2ebc251d6565a01713d34f26fa008890534d545b0a05846dd703060872df1ed4f04481d8e61d82673408952e30632f70db3e3777a5fa8bbfd87dc99a61312e5a2c2308c5ea843fcbfc5d5d13a601c741f398f17760033e4514aa0033be8949ca07fd4d13d3f6c7c7b60145975f9149cd3d7f6c20850dd912eef4b77fd761feff73306aea51784ae66f0c4baa050c95fd1015ae2e86da0ffe53ef64d7f8052662b5adb7b3503dad8584e375a9f45a15fb21229f70b98165db290ee51eebc3617efa719abea71054938bce306f17fdc731c22e347f158d4485f90d56315510da5f3aa6107a450c89923d2f7ab49d3e2b387eebae8ea0ee7a04306c83a7999141c4d31773f3c6ad1c281e3aa98a4bb7e500d4a03980599a1711ef31c64a212b7d554c62d1c1a3859b7f720eae29645bfa694b363f29fc5219ab936a69b35fe54a95c3158ef4ddb12f4eb843b93d6448f8e725a99f83623edb7ce961f6cf558144cc80e7c9c59e2c6a352a8d7fb105b228ace13eaffee68c0ca2dbd0146bddad2569c0956447df4ffa12d7cb5f9aa6d4959cc4824c69c95c06810eec58c4799f31f8e968aac90d743db37f786b673ebaa2570c5c84f65ba232d1d71f461646fd04a08ec2c9a414165a068f578e2ccbd9505d5448941e71863f93132e24594d039eb5474ffe0f554faff0dfb01c5261bb271a47dab432f1d77b8c3dec588b0efde611299e79edf0586af9aa36505997e7da38ad81422e3e427ac24786ada9759b8dae7fb2b1fb7688e36a3ad57b0480f9cfb4c8ef8763fb4544d7c3567933a04d5601747ae40d90e7d4c1f8d79fdece677f5acff3ed92cdd96f6b8c59f2fce0d7c427934ac704e91255ff402888e0cfee11a809e532d3cb129a41382095e290249718f17307961c78f340ab70fe44cf0d1e0097f81d1a425affc290a165c0dbd52eb1bfcd4836ee092802ee6bfffec630e12581dae00acc3bb9525d7fbc19f07874aa54596058fd2379f8e31cb695a790ba422feae34ea1ed29490b46d7658ebad8c38dcf22e586bc6c9e9f6ed83955e300bedaf56e74e9654df3e034881457982decb80f8e0470af6cf06fa3964ce524f90743c90f336f663394089f454c1cf956c4ba483fe94e82d6069087f5c5a74cdd4fdca421c788bb1edc679106d0156b590a6ae969dc7074d781f74e1b0671cb75c4ed22f984fc1aec053e8c8f2970003c427243f7b44fda018da625e43eb4c5e898d7dcdb20af002435211662ba1c3d436e0adbb6d66966820c5fd649fa4e8a8dd25f209d03f8262486ab15245e3a19a2e11626fceacb61a9a81659eeca09d4bc446b5f50aa65c9760164d52b55701afd620d4ba07e273670d3efdd30b1cc192565e8f45856d4f9c655c8f7789442dcfa7ad79432c28eac0001046ae18e3a24479d55ca28fc318d4d7b7af82341d897dbea1775be6bf91728bd6c4b9bb6cef9ff2a393d05e9b6b381340fb5b9dd39e9c587da0d6d1349c97cc2eb86bc01257d46bb0d4e66b17f7e25f934b4d132c93602248fcaa3871738bbee8c83e3788b4c75a0d51f2c6ba3ec01056e4fc91a0467ecaf636700f9ed6714963b8ed617114a48e9c3b47235f6baac591453df59da3274585b89d841a9826a6f1aac1af3b3dbf21c5d924fa22bbe3e5562c919ea37a49c024d433e3dfbcce82d5e4af3e2b5a96472e4f3b9bac43add25f21956cf91ddfc5f9f325439ccbbb8c639edc5eb4391c2f757402f6b80c187a90475cfc0e6633216d8f08a74cfc84a61d6c74c479160dd9272e4ae851d8e7e90a26a2bbd5358e6076a9e01070569802bd77ae6f972b9bd5dc507708aa7a279863d28558c3f43a44383a985f30d30ac7440c65b616df42bf572bd5c1f0073027809c2fc4acbfe40d47a3023ed7dec1cc5580cfe2725c9f4dd19fe3f8cfc552c9c2304983b10a9292da063239d1b10dc70a9048cbe4efd7f2068629a706020fb1d2580caf310780ef33203adb0b8dcc13cd10a197696b782410c7d5160fcc85ed200117c205f0cd65cf5b77eb026f33035a38ddf9bb5bd79893546d82a48d7c216a9ed7463f2f1ebd6b6dcb80994c5b8734bd6580b957a76d42c6a530349f0f0e9dc9ca7e22886ffcdd30e1688d212ddd77f4e600e5b6435914", @ANYRES16=r0], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="1802a21a564a98d47ec0"], 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000c80)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
syz_io_uring_setup(0x5c2, &(0x7f0000000140)={0x0, 0x1954, 0x0, 0x4, 0xd1}, &(0x7f0000000300), &(0x7f0000000580))
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000000c0))
open(&(0x7f0000000740)='./bus\x00', 0x163361, 0x501c998c4dfcafcd)

499.106747ms ago: executing program 0 (id=4761):
r0 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x2)
r2 = openat$cgroup_subtree(r1, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000300)=ANY=[@ANYBLOB='-cpu'], 0x5)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
write$cgroup_subtree(r2, 0x0, 0x0)

491.019027ms ago: executing program 4 (id=4762):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0xfffffffffffffdd0, 0x0, 0x41000}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4d, &(0x7f0000001100)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdir(&(0x7f0000000540)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r3=>0xffffffffffffffff}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000019c0)={0x1b, 0xc, &(0x7f0000001800)=ANY=[@ANYRES8=r1, @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095", @ANYRESOCT=r0, @ANYRESOCT=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="01000000ad1d92d56b5a1be10000000000040000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r4}, &(0x7f0000000000), &(0x7f0000000180)}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x61980, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = accept4$phonet_pipe(0xffffffffffffffff, &(0x7f00000003c0), &(0x7f0000000400)=0x10, 0xae22ffbefc4237eb)
ioctl$FS_IOC_GETFSMAP(r5, 0xc0c0583b, &(0x7f0000005700)=ANY=[@ANYBLOB="00000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000008000000000000000000000020000000000000003000000000000000000000000000000000000000000000000000000000000000100000009000000010000010000000001000000000000000500000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f2ffffff000000feffffffffffffff00"/317])
acct(0xffffffffffffffff)
recvmmsg(r6, &(0x7f0000005500)=[{{&(0x7f0000001540)=@l2tp6={0xa, 0x0, 0x0, @dev}, 0x80, &(0x7f0000000540)=[{&(0x7f00000004c0)=""/96, 0x60}, {&(0x7f0000000680)=""/87, 0x57}, {&(0x7f0000000d40)=""/174, 0xae}], 0x3, &(0x7f0000000e00)=""/158, 0x9e}, 0x7}, {{&(0x7f0000000ec0)=@nfc, 0x80, &(0x7f0000001280)=[{&(0x7f0000000f40)=""/81, 0x51}, {&(0x7f0000000fc0)=""/16, 0x10}, {&(0x7f0000001000)=""/74, 0x4a}, {&(0x7f0000005b80)=""/154, 0x9a}, {&(0x7f00000059c0)=""/176, 0xb0}, {&(0x7f0000001200)=""/24, 0x18}, {&(0x7f0000001240)}], 0x7, &(0x7f0000001300)=""/57, 0x39}, 0x1}, {{&(0x7f0000001340)=@can, 0x80, &(0x7f00000045c0)=[{&(0x7f00000013c0)=""/234, 0xea}, {&(0x7f0000005c40)=""/4096, 0x1000}, {&(0x7f0000001100)}, {&(0x7f0000002500)=""/4096, 0x1000}, {&(0x7f0000003500)=""/170, 0xaa}, {&(0x7f00000035c0)=""/4096, 0x1000}], 0x6, &(0x7f00000014c0)=""/92, 0x5c}, 0x800}, {{0x0, 0x0, &(0x7f0000004a00)=[{&(0x7f0000001080)=""/105, 0x69}, {&(0x7f0000004740)=""/151, 0x97}, {&(0x7f0000004800)=""/121, 0x79}, {&(0x7f0000004880)=""/92, 0x5c}, {&(0x7f0000004900)=""/252, 0xfc}], 0x5, &(0x7f00000046c0)=""/74, 0x4a}, 0xfffffffa}, {{&(0x7f0000004b00)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @private2}}}, 0x80, &(0x7f0000004c00)=[{&(0x7f0000004b80)=""/22, 0x16}, {&(0x7f0000004bc0)=""/35, 0x23}], 0x2}, 0x1}, {{0x0, 0x0, &(0x7f0000004e00)=[{&(0x7f0000004c40)=""/154, 0x9a}, {&(0x7f00000015c0)=""/193, 0xc1}], 0x2, &(0x7f0000004e40)=""/251, 0xfb}, 0x9}, {{&(0x7f0000004f40)=@isdn, 0x80, &(0x7f0000001180)=[{&(0x7f0000004fc0)=""/173, 0xad}, {&(0x7f00000016c0)=""/257, 0x101}, {&(0x7f0000005180)=""/156, 0x9c}, {&(0x7f0000005240)=""/107, 0x6b}, {&(0x7f00000052c0)=""/185, 0xb9}, {&(0x7f0000001140)=""/13, 0xd}, {&(0x7f0000005a80)=""/208, 0xd0}], 0x7, &(0x7f0000005400)=""/242, 0xf2}, 0x23}], 0x7, 0x100, &(0x7f00000056c0))
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r7)
sendmsg$NLBL_CIPSOV4_C_ADD(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB="50020000", @ANYRES16=r8, @ANYBLOB="0100000000000000000001000000080001000000000004000480080002000100000010000c7d0c000b8008000a00b4ed000004000880c8000c8024000900f36aad4208000a156878badf10076800d5441e0f080009002bd49f3b0c00008008000a00697100002c000b"], 0x250}}, 0x4c000)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r9 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000800000000000000100000094"], &(0x7f0000000180)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r11}, 0x10)
r12 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_MEDIA_SET(r10, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000240)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r12, @ANYBLOB="010828bd7000fedbdf250c0000001800058008ef0100756470000c0002800800040004000000"], 0x2c}, 0x1, 0x0, 0x0, 0x24008000}, 0x2400c000)
readv(r11, &(0x7f00000024c0)=[{&(0x7f0000005840)=""/72, 0x48}, {&(0x7f00000058c0)=""/145, 0x91}, {&(0x7f0000001240)=""/1, 0x1}], 0x3)
openat$cgroup_subtree(r9, &(0x7f0000000200), 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x759, &(0x7f0000001a80)={[{@noload}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x2}}, {@data_writeback}, {@nombcache}, {@grpquota, 0x0}, {@noauto_da_alloc}, {@noload}, {@norecovery}, {@discard}, {@noacl}, {@quota}, {@nodiscard}, {@min_batch_time={'min_batch_time', 0x3d, 0x5}}, {@orlov}, {@data_journal}, {@journal_dev={'journal_dev', 0x3d, 0x3}}, {@nodioread_nolock}], [{@uid_eq}, {@smackfshat={'smackfshat', 0x3d, 'ext4\x00'}}], 0x2c}, 0x0, 0x4f8, &(0x7f0000001bc0)="$eJzs3EtvVGUfAPD/mbaUvtC3fXm9cVFG0dhopLRcFy6AaMLGxERjcFnbQpAChtYESCPFGEhcaPgEXnYmfgJXujFqXGjcStwaE2K6AV2YY87MmTrt6fTGtGPp75fM8JzbPM//nPMwz2VOA9iwytlbErE1In6OiJ7q4uwdytV/7k5PDv8xPTmcRJq+8ntS2e/O9ORwbdfacVvyhb5SROm9JHYWs+0cv3zl7NDY2OjFfEX/RClPnRs6PXp69PzgkSMH9ncdPjR4sClxZmW6s+OdC7u2n3j95kvDJ2++8e3nWXnTfHt9HFW9lfdNS86hrbCmHOXZ57LOU0sv+rrQXZdO2rP3UusKw5Jld212uToq9b8n2ipLVT3x4rstLRywqtI0TTsLa2e+y6bSeklSPSBNr6XAfSCJVpcAaI3aF/2d6aynOjlc7Aff324fi0oPKIv7bv6qbmmv9GDLvdW+Uccq5f9ARJyc+vOj7BXzjkMAADTXl8cibhyvtjtqr+qWUjxUt99/87mh3oj4X0Rsi4j/5+2XByMq+z4cEY/UHdO9hFmA8pzlYvvnx648Ud9cbZqs/fd8Prc1u/03U/LetnypuxJ/R3LqzNjovvyc9EVHZ7Y8UPzomWG1r1746cNG+Zfr2n/ZK8u/1hbMy/Fb+5wBupGhiaF7jbvm9rXKib1ajD+J9qSWitgeETtW8PnZOTvzzGe7Gm2fFX8WZyH+Dxp/ePsKCjRH+knE09XrPxVz4o98/i+pzE+ee6t//PKV587Uz08OHD40eLB/c4yN7uuv3RVF3/1w/eU8WehGLHD9a1VjVSfSsuv/n3nv/5mZy94sNTNfO778PK7futGwT7PS+39T8molXZufvTQ0MXFxIGJTMlVcP/jPsZeGumbtn8Xft2f++r8t4q+P8+N2RkR2Ez8aEY9FxO687I9HxBMRsWeB+L85/uSbjbqQi8e/urL4R5Z1/Rsljn4fMf+mtrNff1HI+P1yIf6OaHT9D1RSffmakaGJzYvFtVBJ6xP3fAIBAABgHdgdEVsjKe3NB5q2Rqm0d2/ElpkRlPGJZ09dePv8SPUZgd7oKNVGunrqxkMH8rHhbDk7arBuOdu+vzJunKZp2pUtZ/33se7Whg4b3pYG9T/za/GRFuB+s6x5tEZPtAHr0tz6f2vJRzb/BxnA2mrC72iAdUr9h41ryfV/tZ6CA1pmvvp/NeJuC4oCrLH56v9rhTVH16QswNrS/4eNa+X1348BYL3z/Q8b0pIekl9BYtuJBfZJ2lcn08aJUiz8VwB6I2pram2ahT/wl1JEc0rY1tRIu2Zd09K8+2yOZuQVpUX3aV/GH2JY20Tp31GMaqIzIha5e2dutqu1xJXVLlilEnza2v+dAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7t3fAQAA///tUdPr")

429.568018ms ago: executing program 0 (id=4764):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a0000040900010073797a3100000000080005400000000209000200737997310000000008000a40fffffffc14000000110001"], 0x64}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000000)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWSET={0x14, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x3c}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETSET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000c80)={0x2c, 0xa, 0xa, 0x5, 0x0, 0x0, {0xa, 0x0, 0x9}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24048014}, 0x4000)

415.846338ms ago: executing program 5 (id=4765):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000003c0)='kmem_cache_free\x00', r0}, 0x18)
r1 = socket(0x10, 0x3, 0x0)
connect$netlink(r1, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
sendmsg$nl_route_sched(r1, &(0x7f0000000080)={&(0x7f00000005c0), 0xc, &(0x7f0000000240)={&(0x7f0000001540)=@newtaction={0x18, 0x32, 0x829, 0x0, 0x27dfdbfd, {}, [{0x4}]}, 0x18}}, 0x0)

395.114378ms ago: executing program 5 (id=4766):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @empty}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='netlink_extack\x00'}, 0x18)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$net_dm(&(0x7f0000000300), r2)
sendmsg$NET_DM_CMD_STOP(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x14, r3, 0x1, 0x70bd27, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x8c10}, 0x4014000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x10, 0x2, &(0x7f00000002c0)=ANY=[@ANYBLOB="911023000000000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r4 = socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x441e, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x9}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x2020005, 0x9, 0x0, 0x4, 0x0, 0x20000006}, 0x0, 0x1, r1, 0x2)
r5 = add_key$keyring(&(0x7f0000000200), &(0x7f0000000240)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$read(0xb, r5, &(0x7f0000000280)=""/38, 0x26)
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="4400000006bbf063f22ddab395fec6bb86ce02b0e6fa594cce2b88677cbac633e3bc4375777d100383b7fb48bc27eddac66a9f2d3311eff83eca797c13472e7f2934771608d42ead3a91a70cbd18541f1b8ab0caeb9c8a76900000000000", @ANYRES32=0x0, @ANYBLOB="00000000060000000a00030008bc872f00000000180012800e00010077697265677561726400000004000280"], 0x44}}, 0x0)
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000003c0)=0x2)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x441e, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x5}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x2020004, 0xb, 0x0, 0x0, 0x0, 0x20000009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x10)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000080900010073797a30000000005c000000030a03000000000000000000050000000900010073797a30000000000900030073797a300000000008000c4000000003280004800800024000000012080001"], 0xa4}}, 0x0)
readv(r6, &(0x7f0000000600)=[{&(0x7f00000002c0)=""/135, 0x87}], 0x1)
mremap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x2000, 0x3, &(0x7f0000ffa000/0x2000)=nil)
ioprio_set$uid(0x3, 0x0, 0x0)
r8 = syz_io_uring_setup(0x3471, &(0x7f00000003c0)={0x0, 0x79af, 0x3180, 0x0, 0x272}, &(0x7f0000000340)=<r9=>0x0, &(0x7f0000000040)=<r10=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r9, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r9, r10, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x8524a9af801bb0f, 0x0, r8, 0x0, 0x0, 0x4, 0x240940, 0x23456})
r11 = fspick(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x1)
fsconfig$FSCONFIG_SET_PATH_EMPTY(r11, 0x4, &(0x7f00000001c0)='\x00', &(0x7f0000000200)='./file0\x00', 0xffffffffffffffff)
io_uring_enter(r8, 0x627, 0xc1040000, 0x43, 0x0, 0x0)
r12 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_STATUS(r12, 0x84, 0xe, &(0x7f0000000080)={0x0, 0xff, 0x7, 0x100, 0x800, 0x3, 0xfffb, 0x9, {0x0, @in6={{0xa, 0x4e22, 0x5, @mcast1, 0x6}}, 0x7, 0x0, 0x39b4, 0x7dc, 0xb}}, &(0x7f0000000140)=0xb0)
syz_open_dev$vcsu(&(0x7f0000000240), 0x89, 0x1)

258.358538ms ago: executing program 0 (id=4767):
r0 = creat(&(0x7f0000000000)='./file0\x00', 0xe1)
r1 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000040), 0x101, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r0, 0xc018937a, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r2=>r1, {0x7fffffffffffffff}}, './file0\x00'})
fcntl$getown(r1, 0x9) (async)
ioctl$EXT4_IOC_GET_ES_CACHE(r2, 0xc020662a, &(0x7f00000000c0)={0x8, 0x5000000000000000, 0x4, 0x9, 0x4, 0x0, [{0xffffffffffffffff, 0x8, 0xc7b, '\x00', 0x81}, {0x0, 0x9, 0x6, '\x00', 0x80}, {0xfffffffffffffff8, 0x5, 0x7, '\x00', 0x883}, {0x0, 0x3, 0xf88c, '\x00', 0x1a01}]})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000300)={'ip6tnl0\x00', &(0x7f0000000280)={'ip6_vti0\x00', <r3=>0x0, 0x4, 0x5, 0x2, 0x6, 0x2, @private1, @empty, 0x7800, 0x8, 0x4, 0xe2f}})
sendto$packet(r2, &(0x7f00000001c0)="e772e0c4125a22a079990cc55093e0381920b1cfffd39469d3de211135f46894fdf30f0cbb17f34042cf0a5b327c2ccbc330e94232c096e717e1dd2569218c807f1c88ee88c63306c3bf0a21596e23c9f653aed6e91743e13a3f66b0e38ddaa83107e6abbd9cb7678b4dff1dcee23f9c6eddd12356dfcbe0dd47786a7d3c06779028cee3004b9cef33d42a1b6089954600023588612c76024f0376dfcf43125cddbe019a3cd788b454c6875a1055d593", 0xb0, 0x880, &(0x7f0000000340)={0x11, 0x11, r3, 0x1, 0x4, 0x6, @remote}, 0x14) (async)
ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r1, 0x8010671f, &(0x7f0000000400)={&(0x7f0000000380)=""/109, 0x6d})
setrlimit(0x1, &(0x7f0000000440)={0x7fffffffffffffff, 0x4}) (async)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f00000004c0)={'syztnl0\x00', &(0x7f0000000480)={'syztnl1\x00', r3, 0x78, 0x80, 0x101, 0xff, {{0x8, 0x4, 0x2, 0x5, 0x20, 0x65, 0x0, 0x9, 0x29, 0x0, @rand_addr=0x64010101, @empty, {[@rr={0x7, 0xb, 0xb0, [@initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x17}]}]}}}}}) (async)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000540), r0) (async)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000580)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_GET_MPP(r1, &(0x7f0000000640)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x34, r4, 0x300, 0x70bd2b, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MAC={0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x800}, 0x4810) (async)
ioctl$SIOCPNDELRESOURCE(r0, 0x89ef, &(0x7f0000000680)=0xdeb)
ioctl$PPPIOCGFLAGS1(r1, 0x8004745a, &(0x7f00000006c0)) (async)
r6 = open(&(0x7f0000000700)='./file0\x00', 0x400040, 0x168)
ioctl$ifreq_SIOCGIFINDEX_vcan(r6, 0x8933, &(0x7f0000000740)={'vxcan0\x00'})
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f00000007c0), r2)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000840)={&(0x7f0000000800)={0x24, r7, 0x300, 0x70bd29, 0x25dfdbfc, {}, [@ETHTOOL_A_LINKMODES_SPEED={0x8, 0x5, 0x4}, @ETHTOOL_A_LINKMODES_AUTONEG={0x5, 0x2, 0x8}]}, 0x24}}, 0x20040040) (async)
r8 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
setsockopt$WPAN_WANTACK(r8, 0x0, 0x0, &(0x7f00000008c0)=0x1, 0x4) (async)
r9 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000900), 0x100, 0x0)
ioctl$RNDADDTOENTCNT(r9, 0x40045201, &(0x7f0000000940)=0x8)
setsockopt$IP_VS_SO_SET_ZERO(r1, 0x0, 0x48f, &(0x7f0000000980)={0x2b, @private=0xa010100, 0x4e22, 0x1, 'ovf\x00', 0x10, 0xfffffff9, 0x4b}, 0x2c) (async)
setrlimit(0xf, &(0x7f00000009c0)={0x42, 0x400}) (async)
recvfrom$inet(r0, &(0x7f0000000a00)=""/241, 0xf1, 0x2, &(0x7f0000000b00)={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) (async)
getsockopt$inet_sctp_SCTP_INITMSG(r6, 0x84, 0x2, &(0x7f0000000b40), &(0x7f0000000b80)=0x8)
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r1, 0x80489439, &(0x7f0000000bc0)) (async)
r10 = syz_open_dev$evdev(&(0x7f0000000c40), 0x9, 0x88080)
ioctl$EVIOCGABS2F(r10, 0x8018456f, &(0x7f0000000c80)=""/98)

251.213089ms ago: executing program 1 (id=4768):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000a00)=ANY=[@ANYBLOB], 0xac}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
close(r1)

177.229169ms ago: executing program 0 (id=4769):
r0 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x2)
r2 = openat$cgroup_subtree(r1, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000300)=ANY=[@ANYBLOB='-cpu'], 0x5)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000080)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)
write$cgroup_subtree(r2, 0x0, 0x0)

176.739919ms ago: executing program 1 (id=4770):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000240)='kfree\x00', r1}, 0x18)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0xff, 0x0, 0x7fff0026}]})
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}, 0x0, 0x0, 0x16, 0x0, "0af5a212a1bd3bbda613efd9c8b4965dca66db42f66a86e5781cf86717055a7c1d1408407e5a774ef95f2fc1b947e00f000000123f2f1d34b0882e83d41b67cb9ff147c6d33a097d2269351b3ed300"}, 0xd8)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f00000012c0)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x34, 0x0, "0c9e089c1b4a04000bde79f04103c458187eb46c2d996aff287154e786455261c425a7519cc275d04e6205abd307a0c4fa3838bf399ad5bd35f21907c7988d1300"}, 0xd8)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000200)={@in6={{0xa, 0x0, 0x100000, @dev={0xfe, 0x80, '\x00', 0x3d}}}, 0x0, 0x0, 0x11, 0x0, "a1c1dd75a68473ba07d945c3b03e10950cd4b347113e55eb4285bf274bca67efbff2fdf98328de9434031348589bf28046d14810000000e3ffffff00"}, 0xd8)
close_range(r2, 0xffffffffffffffff, 0x0)

134.063779ms ago: executing program 0 (id=4771):
io_uring_setup(0x1d48, &(0x7f0000000340)={0x0, 0xb140, 0x1000, 0x6, 0x3a2})
r0 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r0, &(0x7f0000000000)=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x0, @empty}}, 0x24)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="040000000400000004000000"], 0x48)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000002000)={&(0x7f0000000040)=ANY=[], 0x38}, 0x1, 0x0, 0x0, 0x24001800}, 0x804)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8d}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
munmap(&(0x7f0000001000/0x2000)=nil, 0x2000)
r4 = syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r4)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
ptrace(0x10, r4)

123.72818ms ago: executing program 1 (id=4772):
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={0x0}}, 0x6048800)
r2 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000020000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000000)='kmem_cache_free\x00', r4}, 0x18)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000240)={'team0\x00', <r5=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000840)={0x58, r2, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [{{0x8, 0x1, r5}, {0x3c, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0xfffbfff9}}}]}}]}, 0x58}, 0x1, 0x1000000, 0x0, 0x24004000}, 0x24040840)

83.60677ms ago: executing program 1 (id=4773):
r0 = openat$cgroup_netprio_ifpriomap(0xffffffffffffffff, &(0x7f00000000c0), 0x2, 0x0)
ioctl$BTRFS_IOC_DEFRAG_RANGE(r0, 0x40309410, &(0x7f0000000100)={0x3, 0x5, 0x2, 0x7, 0x2, [0x10000008, 0x4, 0x7fffffff, 0xfffffff7]})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001340)={&(0x7f0000000340)='kfree\x00', r1, 0x0, 0x8}, 0x18)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, 0x0, 0x0)
socket(0x28, 0x80000, 0x3)
r2 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x800)
ioctl$SG_GET_VERSION_NUM(r2, 0x2284, &(0x7f0000000080))

74.57543ms ago: executing program 4 (id=4774):
r0 = syz_open_procfs(0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="190000000400000008000000"], 0x48)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f00000006c0)='fdinfo/3\x00')
pread64(r2, &(0x7f0000000140)=""/116, 0x74, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRESHEX=r0, @ANYRES32=r1, @ANYBLOB="0000000000c60000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
fcntl$dupfd(r4, 0x406, r2)
clock_settime(0x0, &(0x7f0000000040))

65.47977ms ago: executing program 1 (id=4775):
r0 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x2)
r2 = openat$cgroup_subtree(r1, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000300)=ANY=[@ANYBLOB='-cpu'], 0x5)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
write$cgroup_subtree(r2, 0x0, 0x0)

1.94124ms ago: executing program 1 (id=4776):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x4)
write(r0, &(0x7f0000000280)="e8bd8a4c56281ba2ba42cfa5b9fe5fc6dcde2ee431f5595ceadb9a2c95e57f15ee4a83f9e7d78ea996f78bd588bedcdbc730d6d15df6d2a26ca4e55e97ed0522a190ce241a37bad3317fba7e4be3dbbfec5e2f401b5658cc8fda", 0xffffffe5)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000100)=0x82)

1.55579ms ago: executing program 4 (id=4777):
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
r1 = syz_io_uring_setup(0x53f9, &(0x7f0000000100)={0x0, 0x2811, 0x4, 0x3, 0x112a}, &(0x7f0000000040)=<r2=>0x0, &(0x7f0000000340)=<r3=>0x0)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000000)=0x13)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000080)=0x8)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYRES32=r5], 0x7c}, 0x1, 0x0, 0x0, 0x4000044}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc680000000c0a010100000000000000000a0000070900020073797a31000000000900010073797a31000000003c0003803800008008000340000000022c0007800a0001006c696d69740000001c0002800c00024000000000000000050c0001"], 0xcc}, 0x1, 0x0, 0x0, 0x24000850}, 0x40)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="2100000000000000000000000200100000040000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="161c00000000000200000000007f"], 0x50)
ioctl$TCSETSW2(r4, 0x402c542c, &(0x7f00000000c0)={0xfffffff8, 0x8, 0xfffbfffd, 0x984, 0x79, "bea08812dd0909000400000000000000000200", 0x4, 0x200})
r6 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCXONC(r6, 0x540a, 0x0)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000180)=0x4)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r0, 0x8982, &(0x7f0000000000))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0x5, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x54, 0x2007, @fd_index=0xa, 0x2, &(0x7f00000002c0)=[{&(0x7f00000001c0)="002eeef1fd8fc222f804698da3", 0xd}, {&(0x7f0000000280)}], 0x2, 0x4, 0x1, {0x3}})
io_uring_enter(r1, 0x847ba, 0x0, 0xe, 0x0, 0x0)

746.74µs ago: executing program 4 (id=4778):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a0000040900010073797a3100000000080005400000000209000200737997310000000008000a40fffffffc14000000110001"], 0x64}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000000)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWSET={0x14, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x3c}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETSET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000c80)={0x2c, 0xa, 0xa, 0x5, 0x0, 0x0, {0xa, 0x0, 0x9}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24048014}, 0x4000)

0s ago: executing program 4 (id=4779):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x18)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x90)
syz_emit_ethernet(0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="0180c2000001a21428c6c08586dd61bcc1"], 0x0)

kernel console output (not intermixed with test programs):

k: 332 bytes leftover after parsing attributes in process `syz.5.4186'.
[  292.315862][T15120] netlink: 'syz.5.4186': attribute type 9 has an invalid length.
[  292.323657][T15120] netlink: 160 bytes leftover after parsing attributes in process `syz.5.4186'.
[  292.336494][T15120] netlink: 20 bytes leftover after parsing attributes in process `syz.5.4186'.
[  292.348578][T15120] loop5: detected capacity change from 0 to 512
[  292.355791][T15120] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  292.365865][T15120] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a856e11d, mo2=0002]
[  292.373849][T15120] System zones: 1-12
[  292.377842][T15120] EXT4-fs (loop5): orphan cleanup on readonly fs
[  292.384745][T15120] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.4186: bg 0: block 361: padding at end of block bitmap is not set
[  292.399307][T15120] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  292.408293][T15120] EXT4-fs error (device loop5): ext4_clear_blocks:876: inode #11: comm syz.5.4186: attempt to clear invalid blocks 33619980 len 1
[  292.421932][T15120] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.4186: invalid indirect mapped block 1811939328 (level 0)
[  292.436097][T15120] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.4186: invalid indirect mapped block 2 (level 2)
[  292.449666][T15120] EXT4-fs (loop5): 1 truncate cleaned up
[  292.455716][T15120] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: writeback.
[  292.478199][T14194] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  292.658635][T15132] SELinux: failed to load policy
[  292.672003][T15131] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  292.716764][T15131] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  292.736448][   T31] Bluetooth: hci0: Frame reassembly failed (-84)
[  292.769885][T15131] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  292.823007][T15131] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  292.882345][   T31] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  292.893638][   T31] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  292.904623][   T31] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  292.915877][   T31] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  292.978203][T15151] netlink: 332 bytes leftover after parsing attributes in process `syz.2.4198'.
[  292.987478][T15151] netlink: 'syz.2.4198': attribute type 9 has an invalid length.
[  292.995287][T15151] netlink: 152 bytes leftover after parsing attributes in process `syz.2.4198'.
[  293.008187][T15151] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4198'.
[  293.020468][T15151] loop2: detected capacity change from 0 to 512
[  293.027726][T15151] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  293.037968][T15151] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a856e11d, mo2=0002]
[  293.045997][T15151] System zones: 1-12
[  293.049939][T15151] EXT4-fs (loop2): orphan cleanup on readonly fs
[  293.056867][T15151] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.4198: bg 0: block 361: padding at end of block bitmap is not set
[  293.071639][T15151] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  293.080567][T15151] EXT4-fs error (device loop2): ext4_clear_blocks:876: inode #11: comm syz.2.4198: attempt to clear invalid blocks 33619980 len 1
[  293.094445][T15151] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.4198: invalid indirect mapped block 1811939328 (level 0)
[  293.108641][T15151] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.4198: invalid indirect mapped block 2 (level 2)
[  293.122168][T15151] EXT4-fs (loop2): 1 truncate cleaned up
[  293.128192][T15151] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: writeback.
[  293.151179][T12494] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  293.199610][T15156] syzkaller0: entered promiscuous mode
[  293.205200][T15156] syzkaller0: entered allmulticast mode
[  294.018930][T15171] SELinux: failed to load policy
[  294.027041][T15171] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  294.073604][T15171] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  294.116492][T15171] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  294.169891][T15171] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  294.229926][   T31] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  294.240492][   T31] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  294.251774][   T31] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  294.263373][   T31] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  294.320474][  T316] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  294.333072][  T316] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  294.345590][  T316] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  294.354238][  T316] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  294.632842][T15203] syzkaller0: entered promiscuous mode
[  294.638403][T15203] syzkaller0: entered allmulticast mode
[  294.687605][T15197] SELinux: failed to load policy
[  294.695848][T15197] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  294.747455][T15197] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  294.789960][T15197] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  294.843373][T15197] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  294.916335][ T3537] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  295.568463][T15214] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  295.634027][T15214] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  295.698203][T15214] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  295.751813][T15214] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  295.798789][  T316] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  295.810148][  T316] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  295.821707][  T316] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  295.833049][  T316] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  295.900001][  T316] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  295.912592][ T5756] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  295.923587][  T316] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  295.935223][  T316] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  295.988899][T15229] ip6gre1: entered promiscuous mode
[  295.994155][T15229] ip6gre1: entered allmulticast mode
[  296.031539][   T29] kauditd_printk_skb: 299 callbacks suppressed
[  296.031553][   T29] audit: type=1326 audit(1762740105.624:20856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15235 comm="syz.4.4235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e2160f6c9 code=0x7ffc0000
[  296.038175][T15236] FAULT_INJECTION: forcing a failure.
[  296.038175][T15236] name failslab, interval 1, probability 0, space 0, times 0
[  296.074384][T15236] CPU: 1 UID: 0 PID: 15236 Comm: syz.4.4235 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  296.074415][T15236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  296.074416][   T29] audit: type=1326 audit(1762740105.624:20857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15235 comm="syz.4.4235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e2160f6c9 code=0x7ffc0000
[  296.074463][T15236] Call Trace:
[  296.074470][T15236]  <TASK>
[  296.074477][T15236]  __dump_stack+0x1d/0x30
[  296.074497][T15236]  dump_stack_lvl+0xe8/0x140
[  296.074521][T15236]  dump_stack+0x15/0x1b
[  296.074541][T15236]  should_fail_ex+0x265/0x280
[  296.074596][T15236]  should_failslab+0x8c/0xb0
[  296.074639][T15236]  __kmalloc_node_track_caller_noprof+0xa5/0x580
[  296.074686][T15236]  ? sidtab_sid2str_get+0xa0/0x130
[  296.074853][T15236]  kmemdup_noprof+0x2b/0x70
[  296.074889][T15236]  sidtab_sid2str_get+0xa0/0x130
[  296.074930][T15236]  security_sid_to_context_core+0x1eb/0x2e0
[  296.075013][T15236]  security_sid_to_context+0x27/0x40
[  296.075051][T15236]  selinux_lsmprop_to_secctx+0x67/0xf0
[  296.075094][T15236]  security_lsmprop_to_secctx+0x1a3/0x1c0
[  296.075197][T15236]  audit_log_subj_ctx+0xa4/0x3e0
[  296.075227][T15236]  ? skb_put+0xa9/0xf0
[  296.075268][T15236]  audit_log_task_context+0x48/0x70
[  296.075350][T15236]  audit_log_task+0xf4/0x250
[  296.075398][T15236]  ? kstrtouint+0x76/0xc0
[  296.075506][T15236]  audit_seccomp+0x61/0x100
[  296.075547][T15236]  ? __seccomp_filter+0x82d/0x1250
[  296.075586][T15236]  __seccomp_filter+0x83e/0x1250
[  296.075624][T15236]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  296.075730][T15236]  ? vfs_write+0x7e8/0x960
[  296.075764][T15236]  ? __rcu_read_unlock+0x4f/0x70
[  296.075798][T15236]  ? __fget_files+0x184/0x1c0
[  296.075916][T15236]  __secure_computing+0x82/0x150
[  296.076030][T15236]  syscall_trace_enter+0xcf/0x1e0
[  296.076071][T15236]  do_syscall_64+0xac/0x200
[  296.076100][T15236]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  296.076179][T15236]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  296.076223][T15236]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  296.076252][T15236] RIP: 0033:0x7f0e2160f6c9
[  296.076272][T15236] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  296.076296][T15236] RSP: 002b:00007f0e2006f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000b3
[  296.076343][T15236] RAX: ffffffffffffffda RBX: 00007f0e21865fa0 RCX: 00007f0e2160f6c9
[  296.076360][T15236] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff80000102
[  296.076397][T15236] RBP: 00007f0e2006f090 R08: 0000000000000000 R09: 0000000000000000
[  296.076414][T15236] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  296.076431][T15236] R13: 00007f0e21866038 R14: 00007f0e21865fa0 R15: 00007ffd49acf718
[  296.076456][T15236]  </TASK>
[  296.076632][T15236] audit: error in audit_log_subj_ctx
[  296.084355][   T29] audit: type=1326 audit(1762740105.624:20858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15235 comm="syz.4.4235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0e2160df10 code=0x7ffc0000
[  296.366285][T15249] FAULT_INJECTION: forcing a failure.
[  296.366285][T15249] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  296.384134][   T29] audit: type=1326 audit(1762740105.624:20859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15235 comm="syz.4.4235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f0e2160e17f code=0x7ffc0000
[  296.384727][   T29] audit: type=1326 audit(1762740105.624:20860): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=15235 comm="syz.4.4235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=179 compat=0 ip=0x7f0e2160f6c9 code=0x7ffc0000
[  296.397204][T15249] CPU: 1 UID: 0 PID: 15249 Comm: syz.4.4241 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  296.397233][T15249] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  296.397250][T15249] Call Trace:
[  296.397257][T15249]  <TASK>
[  296.397268][T15249]  __dump_stack+0x1d/0x30
[  296.397372][T15249]  dump_stack_lvl+0xe8/0x140
[  296.397399][T15249]  dump_stack+0x15/0x1b
[  296.397463][T15249]  should_fail_ex+0x265/0x280
[  296.397489][T15249]  should_fail+0xb/0x20
[  296.397508][T15249]  should_fail_usercopy+0x1a/0x20
[  296.397576][T15249]  _copy_to_user+0x20/0xa0
[  296.397608][T15249]  simple_read_from_buffer+0xb5/0x130
[  296.397641][T15249]  proc_fail_nth_read+0x10e/0x150
[  296.397703][T15249]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  296.397730][T15249]  vfs_read+0x1a8/0x770
[  296.397814][T15249]  ? __rcu_read_unlock+0x4f/0x70
[  296.397847][T15249]  ? __fget_files+0x184/0x1c0
[  296.397884][T15249]  ksys_read+0xda/0x1a0
[  296.397985][T15249]  __x64_sys_read+0x40/0x50
[  296.398016][T15249]  x64_sys_call+0x27c0/0x3000
[  296.398045][T15249]  do_syscall_64+0xd2/0x200
[  296.398070][T15249]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  296.398138][T15249]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  296.398195][T15249]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  296.398221][T15249] RIP: 0033:0x7f0e2160e0dc
[  296.398241][T15249] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  296.398263][T15249] RSP: 002b:00007f0e2006f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  296.398363][T15249] RAX: ffffffffffffffda RBX: 00007f0e21865fa0 RCX: 00007f0e2160e0dc
[  296.398379][T15249] RDX: 000000000000000f RSI: 00007f0e2006f0a0 RDI: 0000000000000004
[  296.398395][T15249] RBP: 00007f0e2006f090 R08: 0000000000000000 R09: 0000000000000000
[  296.398452][T15249] R10: 0000200000000180 R11: 0000000000000246 R12: 0000000000000001
[  296.398468][T15249] R13: 00007f0e21866038 R14: 00007f0e21865fa0 R15: 00007ffd49acf718
[  296.398491][T15249]  </TASK>
[  296.639805][   T29] audit: type=1326 audit(1762740105.764:20861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15235 comm="syz.4.4235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f0e2160e0dc code=0x7ffc0000
[  296.663184][   T29] audit: type=1326 audit(1762740105.764:20862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15235 comm="syz.4.4235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f0e2160e17f code=0x7ffc0000
[  296.686577][   T29] audit: type=1326 audit(1762740105.764:20863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15235 comm="syz.4.4235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f0e2160e32a code=0x7ffc0000
[  296.710112][   T29] audit: type=1326 audit(1762740105.764:20864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15235 comm="syz.4.4235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e2160f6c9 code=0x7ffc0000
[  296.761626][T15256] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  296.770135][T15256] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  296.997738][T15265] loop4: detected capacity change from 0 to 1024
[  297.004642][T15265] ext4: Unknown parameter 'noacl'
[  297.232924][T15284] netlink: 'syz.2.4255': attribute type 6 has an invalid length.
[  297.367076][T15295] syzkaller0: entered promiscuous mode
[  297.372749][T15295] syzkaller0: entered allmulticast mode
[  297.431387][T15297] __nla_validate_parse: 4 callbacks suppressed
[  297.431437][T15297] netlink: 14212 bytes leftover after parsing attributes in process `syz.2.4259'.
[  297.777106][T15317] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  297.785589][T15317] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  297.935483][   T37] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  297.946702][   T37] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  297.957910][   T37] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  297.969523][   T37] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  298.105526][   T44] Bluetooth: hci0: sending frame failed (-49)
[  298.111781][ T3537] Bluetooth: hci0: Opcode 0x1003 failed: -49
[  298.182027][T15328] netlink: 14212 bytes leftover after parsing attributes in process `syz.4.4271'.
[  298.225555][T15337] loop1: detected capacity change from 0 to 1024
[  298.234711][T15337] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  298.252728][T15341] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  298.309412][   T37] nci: nci_add_new_protocol: the target found does not have the desired protocol
[  298.320054][T15341] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  298.370841][T15341] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  298.408208][T15352] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4279'.
[  298.417132][T15352] netlink: 160 bytes leftover after parsing attributes in process `syz.2.4279'.
[  298.426268][T15352] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4279'.
[  298.437149][T15341] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  298.554130][T15354] SELinux: failed to load policy
[  298.830553][T15362] loop0: detected capacity change from 0 to 128
[  298.838910][T15362] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  298.854112][T15362] ext4 filesystem being mounted at /429/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  298.987698][T10636] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  299.063215][T15367] syzkaller0: entered promiscuous mode
[  299.068795][T15367] syzkaller0: entered allmulticast mode
[  299.124576][T12964] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  299.179255][T15375] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  299.187812][T15375] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  299.222168][T15379] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4288'.
[  299.231654][T15379] veth1_macvtap: left promiscuous mode
[  299.786558][   T37] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  299.799577][ T5756] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  299.821508][ T5756] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  299.830160][ T5756] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  299.862408][T15487] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4292'.
[  299.876489][T15487] netlink: 204 bytes leftover after parsing attributes in process `syz.4.4292'.
[  299.893690][  T271] Bluetooth: hci0: Frame reassembly failed (-84)
[  299.931239][T15498] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4294'.
[  299.940633][T15498] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4294'.
[  300.103307][T15520] SELinux: failed to load policy
[  300.116008][T15512] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  300.167001][T15512] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  300.208263][T15538] loop2: detected capacity change from 0 to 1024
[  300.214996][T15538] EXT4-fs: Ignoring removed orlov option
[  300.223642][T15512] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  300.236142][T15538] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  300.294592][T15547] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  300.380952][T15547] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  300.393148][T15512] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  300.564046][T15547] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  300.660882][T15547] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  300.771017][ T5756] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  300.798218][ T5756] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  300.808915][ T5756] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  300.835595][ T5756] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  300.984940][T15555] syzkaller0: entered promiscuous mode
[  300.990540][T15555] syzkaller0: entered allmulticast mode
[  301.140703][T12494] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  301.410326][T15580] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  301.491668][T15580] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  301.544985][T15580] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  301.599258][T15580] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  301.657088][ T5756] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  301.668595][ T5756] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  301.680270][   T31] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  301.691658][   T31] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  301.726498][T15583] veth0: entered promiscuous mode
[  301.731739][T15583] macvtap1: entered promiscuous mode
[  301.737179][T15583] macvtap1: entered allmulticast mode
[  301.742580][T15583] veth0: entered allmulticast mode
[  301.750121][T15583] netlink: zone id is out of range
[  301.755270][T15583] netlink: zone id is out of range
[  301.760614][T15583] netlink: zone id is out of range
[  301.765725][T15583] netlink: zone id is out of range
[  301.770954][T15583] netlink: zone id is out of range
[  301.776122][T15583] netlink: zone id is out of range
[  301.781284][T15583] netlink: zone id is out of range
[  301.794037][T15583] netlink: set zone limit has 8 unknown bytes
[  302.000927][   T29] kauditd_printk_skb: 104 callbacks suppressed
[  302.000944][   T29] audit: type=1400 audit(1762740111.200:20969): avc:  denied  { bind } for  pid=15602 comm="syz.2.4323" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  302.026787][   T29] audit: type=1400 audit(1762740111.209:20970): avc:  denied  { connect } for  pid=15602 comm="syz.2.4323" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  302.099529][ T3537] Bluetooth: hci0: command 0x1003 tx timeout
[  302.100784][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  302.776398][   T29] audit: type=1400 audit(1762740111.929:20971): avc:  denied  { lock } for  pid=15607 comm="syz.1.4325" path=2F7365637265746D656D202864656C6574656429 dev="secretmem" ino=68073 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  302.780172][T15608] netlink: 'syz.1.4325': attribute type 10 has an invalid length.
[  302.810148][T15608] __nla_validate_parse: 5 callbacks suppressed
[  302.810166][T15608] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4325'.
[  302.828929][   T29] audit: type=1400 audit(1762740111.986:20972): avc:  denied  { bind } for  pid=15607 comm="syz.1.4325" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  302.869876][   T29] audit: type=1326 audit(1762740112.023:20973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15609 comm="syz.1.4326" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa4616ff6c9 code=0x0
[  302.908668][T15614] netlink: 44 bytes leftover after parsing attributes in process `syz.2.4327'.
[  302.948997][   T29] audit: type=1326 audit(1762740112.088:20974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15621 comm="syz.0.4330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1657ff6c9 code=0x7ffc0000
[  302.962232][ T1037] hid_parser_main: 156 callbacks suppressed
[  302.962254][ T1037] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  302.981720][   T29] audit: type=1326 audit(1762740112.107:20975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15621 comm="syz.0.4330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb1657ff6c9 code=0x7ffc0000
[  303.009552][   T29] audit: type=1326 audit(1762740112.107:20976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15621 comm="syz.0.4330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1657ff6c9 code=0x7ffc0000
[  303.033143][   T29] audit: type=1326 audit(1762740112.107:20977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15621 comm="syz.0.4330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fb1657ff6c9 code=0x7ffc0000
[  303.056687][   T29] audit: type=1326 audit(1762740112.107:20978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15621 comm="syz.0.4330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1657ff6c9 code=0x7ffc0000
[  303.057548][ T1037] hid-generic 0000:0000:0000.000D: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  303.113577][T15627] FAULT_INJECTION: forcing a failure.
[  303.113577][T15627] name failslab, interval 1, probability 0, space 0, times 0
[  303.126296][T15627] CPU: 0 UID: 0 PID: 15627 Comm: syz.2.4331 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  303.126357][T15627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  303.126371][T15627] Call Trace:
[  303.126377][T15627]  <TASK>
[  303.126384][T15627]  __dump_stack+0x1d/0x30
[  303.126473][T15627]  dump_stack_lvl+0xe8/0x140
[  303.126499][T15627]  dump_stack+0x15/0x1b
[  303.126516][T15627]  should_fail_ex+0x265/0x280
[  303.126537][T15627]  should_failslab+0x8c/0xb0
[  303.126573][T15627]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[  303.126659][T15627]  ? __alloc_skb+0x101/0x320
[  303.126687][T15627]  __alloc_skb+0x101/0x320
[  303.126769][T15627]  tipc_msg_create+0x47/0x230
[  303.126798][T15627]  ? bpf_trace_run2+0x124/0x1c0
[  303.126835][T15627]  tipc_group_proto_xmit+0xb7/0x2f0
[  303.126875][T15627]  tipc_group_cong+0x270/0x2a0
[  303.126950][T15627]  __tipc_sendmsg+0xa8e/0x1b10
[  303.126990][T15627]  ? avc_has_perm_noaudit+0x1b1/0x200
[  303.127009][T15627]  ? __rcu_read_unlock+0x4f/0x70
[  303.127067][T15627]  __tipc_sendstream+0xa1e/0xb20
[  303.127101][T15627]  ? selinux_socket_sendmsg+0x175/0x1b0
[  303.127130][T15627]  ? _raw_spin_unlock_bh+0x36/0x40
[  303.127167][T15627]  tipc_send_packet+0x65/0x80
[  303.127247][T15627]  ? __pfx_tipc_send_packet+0x10/0x10
[  303.127281][T15627]  __sock_sendmsg+0x145/0x180
[  303.127341][T15627]  ____sys_sendmsg+0x31e/0x4e0
[  303.127381][T15627]  ___sys_sendmsg+0x17b/0x1d0
[  303.127430][T15627]  __x64_sys_sendmsg+0xd4/0x160
[  303.127458][T15627]  x64_sys_call+0x191e/0x3000
[  303.127481][T15627]  do_syscall_64+0xd2/0x200
[  303.127500][T15627]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  303.127694][T15627]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  303.127736][T15627]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  303.127763][T15627] RIP: 0033:0x7ffa04a4f6c9
[  303.127845][T15627] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  303.127863][T15627] RSP: 002b:00007ffa034af038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  303.127886][T15627] RAX: ffffffffffffffda RBX: 00007ffa04ca5fa0 RCX: 00007ffa04a4f6c9
[  303.127902][T15627] RDX: 0000000020000090 RSI: 00002000000000c0 RDI: 0000000000000006
[  303.127917][T15627] RBP: 00007ffa034af090 R08: 0000000000000000 R09: 0000000000000000
[  303.127932][T15627] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  303.127948][T15627] R13: 00007ffa04ca6038 R14: 00007ffa04ca5fa0 R15: 00007fffb67abda8
[  303.127971][T15627]  </TASK>
[  303.402590][T15630] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4332'.
[  303.415501][T15630] loop2: detected capacity change from 0 to 512
[  303.435701][T15630] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  303.446260][T15630] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a856e11d, mo2=0002]
[  303.454416][T15630] System zones: 1-12
[  303.458641][T15630] EXT4-fs (loop2): orphan cleanup on readonly fs
[  303.465862][T15630] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.4332: bg 0: block 361: padding at end of block bitmap is not set
[  303.481543][T15630] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  303.490611][T15630] EXT4-fs error (device loop2): ext4_clear_blocks:876: inode #11: comm syz.2.4332: attempt to clear invalid blocks 33619980 len 1
[  303.504563][T15630] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.4332: invalid indirect mapped block 1811939328 (level 0)
[  303.518833][T15630] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.4332: invalid indirect mapped block 2 (level 2)
[  303.532305][T15630] EXT4-fs (loop2): 1 truncate cleaned up
[  303.538329][T15630] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: writeback.
[  303.557557][T15635] FAULT_INJECTION: forcing a failure.
[  303.557557][T15635] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  303.570696][T15635] CPU: 1 UID: 0 PID: 15635 Comm: syz.0.4334 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  303.570727][T15635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  303.570743][T15635] Call Trace:
[  303.570749][T15635]  <TASK>
[  303.570773][T15635]  __dump_stack+0x1d/0x30
[  303.570792][T15635]  dump_stack_lvl+0xe8/0x140
[  303.570809][T15635]  dump_stack+0x15/0x1b
[  303.570824][T15635]  should_fail_ex+0x265/0x280
[  303.570873][T15635]  should_fail+0xb/0x20
[  303.570886][T15635]  should_fail_usercopy+0x1a/0x20
[  303.570911][T15635]  _copy_to_user+0x20/0xa0
[  303.571055][T15635]  put_user_ifreq+0x58/0xa0
[  303.571073][T15635]  sock_ioctl+0x5cc/0x610
[  303.571093][T15635]  ? __pfx_sock_ioctl+0x10/0x10
[  303.571111][T15635]  __se_sys_ioctl+0xce/0x140
[  303.571129][T15635]  __x64_sys_ioctl+0x43/0x50
[  303.571261][T15635]  x64_sys_call+0x1816/0x3000
[  303.571280][T15635]  do_syscall_64+0xd2/0x200
[  303.571297][T15635]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  303.571321][T15635]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  303.571419][T15635]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  303.571437][T15635] RIP: 0033:0x7fb1657ff6c9
[  303.571449][T15635] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  303.571464][T15635] RSP: 002b:00007fb164267038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  303.571534][T15635] RAX: ffffffffffffffda RBX: 00007fb165a55fa0 RCX: 00007fb1657ff6c9
[  303.571545][T15635] RDX: 0000200000000300 RSI: 00000000000089f3 RDI: 0000000000000003
[  303.571561][T15635] RBP: 00007fb164267090 R08: 0000000000000000 R09: 0000000000000000
[  303.571578][T15635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  303.571588][T15635] R13: 00007fb165a56038 R14: 00007fb165a55fa0 R15: 00007ffd68171028
[  303.571604][T15635]  </TASK>
[  303.572087][T12494] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  303.655761][T15639] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4337'.
[  303.813413][T15649] syzkaller0: entered promiscuous mode
[  303.818974][T15649] syzkaller0: entered allmulticast mode
[  303.882797][  T271] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  303.896501][T15654] FAULT_INJECTION: forcing a failure.
[  303.896501][T15654] name failslab, interval 1, probability 0, space 0, times 0
[  303.897645][ T5756] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  303.909232][T15654] CPU: 1 UID: 0 PID: 15654 Comm: syz.0.4341 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  303.909263][T15654] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  303.909295][T15654] Call Trace:
[  303.909303][T15654]  <TASK>
[  303.909377][T15654]  __dump_stack+0x1d/0x30
[  303.909408][T15654]  dump_stack_lvl+0xe8/0x140
[  303.909435][T15654]  dump_stack+0x15/0x1b
[  303.909459][T15654]  should_fail_ex+0x265/0x280
[  303.909485][T15654]  should_failslab+0x8c/0xb0
[  303.909600][T15654]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[  303.909644][T15654]  ? __alloc_skb+0x101/0x320
[  303.909680][T15654]  ? avc_has_perm+0xf7/0x180
[  303.909725][T15654]  __alloc_skb+0x101/0x320
[  303.909763][T15654]  sock_wmalloc+0x7e/0xc0
[  303.909787][T15654]  pppol2tp_sendmsg+0xfb/0x440
[  303.909828][T15654]  ? __pfx_pppol2tp_sendmsg+0x10/0x10
[  303.909907][T15654]  __sock_sendmsg+0x145/0x180
[  303.909962][T15654]  ____sys_sendmsg+0x31e/0x4e0
[  303.910010][T15654]  ___sys_sendmsg+0x17b/0x1d0
[  303.910052][T15654]  __x64_sys_sendmsg+0xd4/0x160
[  303.910147][T15654]  x64_sys_call+0x191e/0x3000
[  303.910177][T15654]  do_syscall_64+0xd2/0x200
[  303.910206][T15654]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  303.910321][T15654]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  303.910365][T15654]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  303.910406][T15654] RIP: 0033:0x7fb1657ff6c9
[  303.910426][T15654] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  303.910451][T15654] RSP: 002b:00007fb164267038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  303.910476][T15654] RAX: ffffffffffffffda RBX: 00007fb165a55fa0 RCX: 00007fb1657ff6c9
[  303.910493][T15654] RDX: 0000000000004041 RSI: 0000200000000440 RDI: 0000000000000004
[  303.910584][T15654] RBP: 00007fb164267090 R08: 0000000000000000 R09: 0000000000000000
[  303.910601][T15654] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  303.910617][T15654] R13: 00007fb165a56038 R14: 00007fb165a55fa0 R15: 00007ffd68171028
[  303.910641][T15654]  </TASK>
[  304.001789][T15660] netlink: '': attribute type 6 has an invalid length.
[  304.008799][ T5756] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  304.144310][ T5756] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  304.158229][T15660] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5122 sclass=netlink_route_socket pid=15660 comm=
[  304.203128][T15669] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4348'.
[  304.213161][T15669] veth1_macvtap: left promiscuous mode
[  304.225903][T15663] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4345'.
[  304.241530][T15671] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4349'.
[  304.254220][T15673] loop2: detected capacity change from 0 to 2048
[  304.262216][T15663] loop1: detected capacity change from 0 to 512
[  304.269915][T15663] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  304.280651][T15663] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a856e11d, mo2=0002]
[  304.283976][T15673] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  304.288603][T15663] System zones: 1-12
[  304.304836][T15663] EXT4-fs (loop1): orphan cleanup on readonly fs
[  304.311529][T15663] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.4345: bg 0: block 361: padding at end of block bitmap is not set
[  304.328447][T12494] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  304.330129][T15663] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  304.347597][T15663] EXT4-fs error (device loop1): ext4_clear_blocks:876: inode #11: comm syz.1.4345: attempt to clear invalid blocks 33619980 len 1
[  304.366114][T15663] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.4345: invalid indirect mapped block 1811939328 (level 0)
[  304.372103][T15680] serio: Serial port ptm0
[  304.380629][T15663] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.4345: invalid indirect mapped block 2 (level 2)
[  304.398703][T15663] EXT4-fs (loop1): 1 truncate cleaned up
[  304.404906][T15663] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: writeback.
[  304.430735][T12964] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  304.454837][T15680] loop2: detected capacity change from 0 to 128
[  304.461587][T15680] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  304.473965][T15680] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  304.695837][T15695] SELinux: failed to load policy
[  304.710758][T15702] bond1: Removing last ns target with arp_interval on
[  304.719217][T15695] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  304.719829][T15702] ieee802154 phy0 wpan0: encryption failed: -22
[  304.739674][T15699] tipc: Started in network mode
[  304.744744][T15699] tipc: Node identity ce8f4197762d, cluster identity 4711
[  304.752021][T15699] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  304.762167][T15699] tipc: Disabling bearer <eth:syzkaller0>
[  304.769158][T15702] lo speed is unknown, defaulting to 1000
[  304.786257][T15695] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  304.833455][T15708] syzkaller0: entered promiscuous mode
[  304.839162][T15708] syzkaller0: entered allmulticast mode
[  304.863981][T15695] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  304.908850][T15710] netlink: 20 bytes leftover after parsing attributes in process `syz.5.4363'.
[  304.922915][T15695] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  304.933262][T15710] loop5: detected capacity change from 0 to 512
[  304.942959][T15710] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  304.953253][T15710] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a856e11d, mo2=0002]
[  304.996472][T15710] System zones: 1-12
[  305.000550][T15710] EXT4-fs (loop5): orphan cleanup on readonly fs
[  305.008857][T15710] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.4363: bg 0: block 361: padding at end of block bitmap is not set
[  305.025069][T15710] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  305.036212][T15710] EXT4-fs error (device loop5): ext4_clear_blocks:876: inode #11: comm syz.5.4363: attempt to clear invalid blocks 33619980 len 1
[  305.056724][T15710] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.4363: invalid indirect mapped block 1811939328 (level 0)
[  305.071698][T15710] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.4363: invalid indirect mapped block 2 (level 2)
[  305.087315][T15710] EXT4-fs (loop5): 1 truncate cleaned up
[  305.094798][T15710] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: writeback.
[  305.118539][T14194] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  306.078054][T15740] loop0: detected capacity change from 0 to 512
[  306.097982][T15740] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm +}[@: iget: bad i_size value: 38620345925642
[  306.119387][T15740] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm +}[@: couldn't read orphan inode 15 (err -117)
[  306.130992][T15744] loop5: detected capacity change from 0 to 128
[  306.138009][T15744] FAT-fs (loop5): bogus number of reserved sectors
[  306.144574][T15744] FAT-fs (loop5): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[  306.146186][T15740] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  306.153980][T15744] FAT-fs (loop5): Can't find a valid FAT filesystem
[  306.187863][T15740] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  306.256062][T15750] loop5: detected capacity change from 0 to 1024
[  306.263347][T15750] EXT4-fs: Ignoring removed orlov option
[  306.280421][T15750] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  306.350107][  T271] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  306.368330][  T271] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  306.381711][  T271] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  306.390675][  T271] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  307.263393][T14194] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  307.500344][   T29] kauditd_printk_skb: 478 callbacks suppressed
[  307.500363][   T29] audit: type=1326 audit(1762740116.354:21457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15816 comm="syz.1.4401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4616ff6c9 code=0x7ffc0000
[  307.530203][   T29] audit: type=1326 audit(1762740116.354:21458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15816 comm="syz.1.4401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4616ff6c9 code=0x7ffc0000
[  307.583269][   T29] audit: type=1326 audit(1762740116.354:21459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15816 comm="syz.1.4401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa4616ff6c9 code=0x7ffc0000
[  307.606932][   T29] audit: type=1326 audit(1762740116.354:21460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15816 comm="syz.1.4401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4616ff6c9 code=0x7ffc0000
[  307.630807][   T29] audit: type=1326 audit(1762740116.354:21461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15816 comm="syz.1.4401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4616ff6c9 code=0x7ffc0000
[  307.658483][   T29] audit: type=1326 audit(1762740116.476:21462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15816 comm="syz.1.4401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa4616ff6c9 code=0x7ffc0000
[  307.682164][   T29] audit: type=1326 audit(1762740116.476:21463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15816 comm="syz.1.4401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4616ff6c9 code=0x7ffc0000
[  307.705851][   T29] audit: type=1326 audit(1762740116.476:21464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15816 comm="syz.1.4401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4616ff6c9 code=0x7ffc0000
[  307.727434][T15817] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4401'.
[  307.729644][   T29] audit: type=1326 audit(1762740116.495:21465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15816 comm="syz.1.4401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa4616ff6c9 code=0x7ffc0000
[  307.762372][   T29] audit: type=1326 audit(1762740116.495:21466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15816 comm="syz.1.4401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4616ff6c9 code=0x7ffc0000
[  307.804662][T15817] loop1: detected capacity change from 0 to 512
[  307.811937][T15817] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  307.823257][T15817] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a856e11d, mo2=0002]
[  307.831480][T15817] System zones: 1-12
[  307.835547][T15817] EXT4-fs (loop1): orphan cleanup on readonly fs
[  307.870438][T15817] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.4401: bg 0: block 361: padding at end of block bitmap is not set
[  307.885258][T15817] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  307.894385][T15817] EXT4-fs error (device loop1): ext4_clear_blocks:876: inode #11: comm syz.1.4401: attempt to clear invalid blocks 33619980 len 1
[  307.908506][T15817] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.4401: invalid indirect mapped block 1811939328 (level 0)
[  307.936032][T15817] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.4401: invalid indirect mapped block 2 (level 2)
[  307.952166][T15817] EXT4-fs (loop1): 1 truncate cleaned up
[  307.965081][T15817] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: writeback.
[  307.965613][T15826] tipc: Enabling of bearer <eth:syzkall> rejected, failed to enable media
[  307.990347][T15826] syzkaller0: entered promiscuous mode
[  307.995842][T15826] syzkaller0: entered allmulticast mode
[  308.023784][T12964] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  308.075422][T15838] SELinux:  policydb version 1895656170 does not match my version range 15-35
[  308.084713][T15838] SELinux: failed to load policy
[  308.101733][T15842] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.103330][T15838] loop0: detected capacity change from 0 to 2048
[  308.121480][T15844] loop1: detected capacity change from 0 to 128
[  308.140673][T15838] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  308.150100][T15844] syz.1.4412: attempt to access beyond end of device
[  308.150100][T15844] loop1: rw=2049, sector=145, nr_sectors = 88 limit=128
[  308.169133][T15842] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.178668][T15844] syz.1.4412: attempt to access beyond end of device
[  308.178668][T15844] loop1: rw=2049, sector=241, nr_sectors = 32 limit=128
[  308.192734][T15844] syz.1.4412: attempt to access beyond end of device
[  308.192734][T15844] loop1: rw=2049, sector=281, nr_sectors = 8 limit=128
[  308.194328][T10636] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  308.206408][T15844] syz.1.4412: attempt to access beyond end of device
[  308.206408][T15844] loop1: rw=2049, sector=297, nr_sectors = 8 limit=128
[  308.228824][T15844] syz.1.4412: attempt to access beyond end of device
[  308.228824][T15844] loop1: rw=2049, sector=313, nr_sectors = 8 limit=128
[  308.243323][T15844] syz.1.4412: attempt to access beyond end of device
[  308.243323][T15844] loop1: rw=2049, sector=329, nr_sectors = 8 limit=128
[  308.247395][T15842] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.257822][T15844] syz.1.4412: attempt to access beyond end of device
[  308.257822][T15844] loop1: rw=2049, sector=345, nr_sectors = 8 limit=128
[  308.280232][T15844] syz.1.4412: attempt to access beyond end of device
[  308.280232][T15844] loop1: rw=2049, sector=361, nr_sectors = 8 limit=128
[  308.293801][T15844] syz.1.4412: attempt to access beyond end of device
[  308.293801][T15844] loop1: rw=2049, sector=377, nr_sectors = 8 limit=128
[  308.307555][T15844] syz.1.4412: attempt to access beyond end of device
[  308.307555][T15844] loop1: rw=2049, sector=393, nr_sectors = 8 limit=128
[  308.322352][T15842] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.420208][T15852] netlink: 14212 bytes leftover after parsing attributes in process `syz.1.4414'.
[  308.502458][T15858] loop1: detected capacity change from 0 to 512
[  308.509380][T15858] EXT4-fs: Ignoring removed oldalloc option
[  308.517852][T15858] EXT4-fs error (device loop1): ext4_xattr_inode_iget:437: comm syz.1.4416: Parent and EA inode have the same ino 15
[  308.530517][T15858] EXT4-fs error (device loop1): ext4_xattr_inode_iget:437: comm syz.1.4416: Parent and EA inode have the same ino 15
[  308.543404][T15858] EXT4-fs (loop1): 1 orphan inode deleted
[  308.549787][T15858] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  308.580151][T15856] loop0: detected capacity change from 0 to 32768
[  308.620318][T15856]  loop0: p1 p2 p3 < > p4 < p5 p6 >
[  308.625739][T15856] loop0: p1 start 460800 is beyond EOD, truncated
[  308.632222][T15856] loop0: p2 size 83886080 extends beyond EOD, truncated
[  308.640541][T15856] loop0: p5 start 460800 is beyond EOD, truncated
[  308.647013][T15856] loop0: p6 size 83886080 extends beyond EOD, truncated
[  308.676919][T15862] syz.4.4417 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  308.734438][T15864] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4419'.
[  308.748425][T15864] loop4: detected capacity change from 0 to 512
[  308.755887][T15864] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  308.766359][T15864] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a856e11d, mo2=0002]
[  308.774468][T15864] System zones: 1-12
[  308.778662][T15864] EXT4-fs (loop4): orphan cleanup on readonly fs
[  308.785564][T15864] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.4419: bg 0: block 361: padding at end of block bitmap is not set
[  308.800257][T15864] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  308.809467][T15864] EXT4-fs error (device loop4): ext4_clear_blocks:876: inode #11: comm syz.4.4419: attempt to clear invalid blocks 33619980 len 1
[  308.823880][T15864] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.4419: invalid indirect mapped block 1811939328 (level 0)
[  308.838209][T15864] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.4419: invalid indirect mapped block 2 (level 2)
[  308.853916][T15864] EXT4-fs (loop4): 1 truncate cleaned up
[  308.860422][T15864] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: writeback.
[  308.936123][T12345] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  308.970330][T15873] tipc: Enabling of bearer <eth:syzkall> rejected, failed to enable media
[  308.979783][T15873] syzkaller0: entered promiscuous mode
[  308.985402][T15873] syzkaller0: entered allmulticast mode
[  309.006755][T15875] loop5: detected capacity change from 0 to 512
[  309.016333][T15875] EXT4-fs error (device loop5): ext4_ext_check_inode:523: inode #2: comm syz.5.4422: pblk 0 bad header/extent: invalid eh_entries - magic f30a, entries 6, max 4(4), depth 0(0)
[  309.035552][T15875] EXT4-fs (loop5): get root inode failed
[  309.041255][T15875] EXT4-fs (loop5): mount failed
[  309.078652][T15880] loop4: detected capacity change from 0 to 256
[  309.260564][T15894] netlink: 14212 bytes leftover after parsing attributes in process `syz.4.4426'.
[  309.409729][T12964] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  309.552499][T15896] loop5: detected capacity change from 0 to 32768
[  309.554538][T15901] SELinux: failed to load policy
[  309.566123][T15898] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  309.593270][T15896]  loop5: p1 p2 p3 < > p4 < p5 p6 >
[  309.598790][T15896] loop5: p1 start 460800 is beyond EOD, truncated
[  309.605291][T15896] loop5: p2 size 83886080 extends beyond EOD, truncated
[  309.618956][T15898] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  309.634182][T15896] loop5: p5 start 460800 is beyond EOD, truncated
[  309.640707][T15896] loop5: p6 size 83886080 extends beyond EOD, truncated
[  309.723505][T15898] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  309.733652][T15913] loop5: detected capacity change from 0 to 2048
[  309.787430][T15898] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  309.837893][  T271] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  309.850376][  T271] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  309.862297][  T271] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  309.878926][  T271] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  309.900894][T15922] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4440'.
[  309.925585][   T31] Bluetooth: hci0: Frame reassembly failed (-84)
[  309.948134][T15927] netlink: 20 bytes leftover after parsing attributes in process `syz.5.4442'.
[  310.126229][T15934] infiniband syz0: set active
[  310.126267][T15934] infiniband syz0: added bond_slave_0
[  310.143276][T15934] RDS/IB: syz0: added
[  310.143296][T15934] smc: adding ib device syz0 with port count 1
[  310.143322][T15934] smc:    ib device syz0 port 1 has pnetid SYZ0 (user defined)
[  310.352080][T15936] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4445'.
[  310.567262][T15947] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4448'.
[  310.570649][T15947] loop4: detected capacity change from 0 to 512
[  310.598580][T15947] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  310.599180][T15947] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a856e11d, mo2=0002]
[  310.616748][T15947] System zones: 1-12
[  310.620872][T15947] EXT4-fs (loop4): orphan cleanup on readonly fs
[  310.621311][T15947] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.4448: bg 0: block 361: padding at end of block bitmap is not set
[  310.621437][T15947] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  310.621609][T15947] EXT4-fs error (device loop4): ext4_clear_blocks:876: inode #11: comm syz.4.4448: attempt to clear invalid blocks 33619980 len 1
[  310.621990][T15947] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.4448: invalid indirect mapped block 1811939328 (level 0)
[  310.678767][T15947] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.4448: invalid indirect mapped block 2 (level 2)
[  310.680333][T15947] EXT4-fs (loop4): 1 truncate cleaned up
[  310.699425][T15947] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: writeback.
[  310.726242][T12345] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  310.810456][   T37] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  310.810514][   T37] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  310.815612][ T5756] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  310.841298][  T271] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  310.871533][T15962] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4454'.
[  310.893017][T15965] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4455'.
[  310.895772][T15966] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  310.933667][T15965] loop1: detected capacity change from 0 to 2048
[  310.991653][T15979] loop4: detected capacity change from 0 to 128
[  311.000382][T15979] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  311.007490][T15965]  loop1: p2 p3 p7
[  311.013128][T15979] ext4 filesystem being mounted at /208 supports timestamps until 2038-01-19 (0x7fffffff)
[  311.059783][T15983] netlink: 104 bytes leftover after parsing attributes in process `syz.2.4453'.
[  311.081153][T12345] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  311.136267][T15987] loop4: detected capacity change from 0 to 512
[  311.143392][T15987] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  311.169171][T15987] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a856e11d, mo2=0002]
[  311.178568][T15987] System zones: 1-12
[  311.182631][T15987] EXT4-fs (loop4): orphan cleanup on readonly fs
[  311.203796][T15987] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.4461: bg 0: block 361: padding at end of block bitmap is not set
[  311.218790][T15987] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  311.227673][T15987] EXT4-fs error (device loop4): ext4_clear_blocks:876: inode #11: comm syz.4.4461: attempt to clear invalid blocks 33619980 len 1
[  311.241871][T15987] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.4461: invalid indirect mapped block 1811939328 (level 0)
[  311.256148][T15987] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.4461: invalid indirect mapped block 2 (level 2)
[  311.270698][T15987] EXT4-fs (loop4): 1 truncate cleaned up
[  311.278981][T15987] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: writeback.
[  311.292303][T15989] SELinux: failed to load policy
[  311.314461][T12345] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  311.334938][T15993] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  311.379427][T15993] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  311.433148][T15993] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  311.486105][T15993] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  311.928743][T16014] loop5: detected capacity change from 0 to 256
[  311.936233][T16014] vfat: Unknown parameter 'shortnamg'
[  311.947289][T16014] loop5: detected capacity change from 0 to 512
[  311.999960][T16014] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  312.012688][T16014] ext4 filesystem being mounted at /103/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  312.104711][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  312.136019][T14194] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  312.195241][T16022] loop5: detected capacity change from 0 to 512
[  312.202445][T16022] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  312.222378][T16022] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a856e11d, mo2=0002]
[  312.230332][T16022] System zones: 1-12
[  312.234597][T16022] EXT4-fs (loop5): orphan cleanup on readonly fs
[  312.242687][T16022] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.4473: bg 0: block 361: padding at end of block bitmap is not set
[  312.257937][T16022] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  312.267193][T16022] EXT4-fs error (device loop5): ext4_clear_blocks:876: inode #11: comm syz.5.4473: attempt to clear invalid blocks 33619980 len 1
[  312.283647][T16022] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.4473: invalid indirect mapped block 1811939328 (level 0)
[  312.297976][T16022] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.4473: invalid indirect mapped block 2 (level 2)
[  312.311867][T16022] EXT4-fs (loop5): 1 truncate cleaned up
[  312.318215][T16022] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: writeback.
[  312.347058][T14194] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  312.527884][T16032] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  313.299351][   T29] kauditd_printk_skb: 807 callbacks suppressed
[  313.299367][   T29] audit: type=1326 audit(1762740121.771:22274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16072 comm="syz.5.4492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cb693f6c9 code=0x7ffc0000
[  313.329188][   T29] audit: type=1326 audit(1762740121.771:22275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16072 comm="syz.5.4492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9cb693f6c9 code=0x7ffc0000
[  313.352874][   T29] audit: type=1326 audit(1762740121.771:22276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16072 comm="syz.5.4492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cb693f6c9 code=0x7ffc0000
[  313.376636][   T29] audit: type=1326 audit(1762740121.771:22277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16072 comm="syz.5.4492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9cb693f6c9 code=0x7ffc0000
[  313.400288][   T29] audit: type=1326 audit(1762740121.771:22278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16072 comm="syz.5.4492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cb693f6c9 code=0x7ffc0000
[  313.423909][   T29] audit: type=1326 audit(1762740121.771:22279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16072 comm="syz.5.4492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9cb693f6c9 code=0x7ffc0000
[  313.447477][   T29] audit: type=1326 audit(1762740121.771:22280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16072 comm="syz.5.4492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cb693f6c9 code=0x7ffc0000
[  313.471071][   T29] audit: type=1326 audit(1762740121.771:22281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16072 comm="syz.5.4492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9cb693f6c9 code=0x7ffc0000
[  313.494662][   T29] audit: type=1326 audit(1762740121.780:22282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16072 comm="syz.5.4492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cb693f6c9 code=0x7ffc0000
[  313.518337][   T29] audit: type=1326 audit(1762740121.780:22283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16072 comm="syz.5.4492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9cb693f6c9 code=0x7ffc0000
[  313.705375][T16078] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  313.725506][T16078] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  313.759718][T16082] tipc: Enabling of bearer <eth:syzkaller> rejected, failed to enable media
[  313.772542][T16082] syzkaller0: entered promiscuous mode
[  313.778038][T16082] syzkaller0: entered allmulticast mode
[  313.792613][T16084] __nla_validate_parse: 5 callbacks suppressed
[  313.792623][T16084] netlink: 20 bytes leftover after parsing attributes in process `syz.5.4497'.
[  313.811932][T16084] loop5: detected capacity change from 0 to 512
[  313.819219][T16084] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  313.829488][T16084] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a856e11d, mo2=0002]
[  313.837692][T16084] System zones: 1-12
[  313.841683][T16084] EXT4-fs (loop5): orphan cleanup on readonly fs
[  313.848607][T16084] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.4497: bg 0: block 361: padding at end of block bitmap is not set
[  313.863093][T16084] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  313.871961][T16084] EXT4-fs error (device loop5): ext4_clear_blocks:876: inode #11: comm syz.5.4497: attempt to clear invalid blocks 33619980 len 1
[  313.885886][  T271] nci: nci_add_new_protocol: the target found does not have the desired protocol
[  313.885910][T16084] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.4497: invalid indirect mapped block 1811939328 (level 0)
[  313.886079][T16084] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.4497: invalid indirect mapped block 2 (level 2)
[  313.922908][T16084] EXT4-fs (loop5): 1 truncate cleaned up
[  313.929020][T16084] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: writeback.
[  313.952037][T14194] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  314.279967][ T5756] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  314.291047][ T5756] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  314.302422][ T5756] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  314.314044][ T5756] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  314.337980][T16102] loop4: detected capacity change from 0 to 128
[  314.362402][T16102] bio_check_eod: 3 callbacks suppressed
[  314.362414][T16102] syz.4.4503: attempt to access beyond end of device
[  314.362414][T16102] loop4: rw=2049, sector=145, nr_sectors = 88 limit=128
[  314.381850][T16102] syz.4.4503: attempt to access beyond end of device
[  314.381850][T16102] loop4: rw=2049, sector=241, nr_sectors = 32 limit=128
[  314.395508][T16102] syz.4.4503: attempt to access beyond end of device
[  314.395508][T16102] loop4: rw=2049, sector=281, nr_sectors = 8 limit=128
[  314.409033][T16102] syz.4.4503: attempt to access beyond end of device
[  314.409033][T16102] loop4: rw=2049, sector=297, nr_sectors = 8 limit=128
[  314.422647][T16102] syz.4.4503: attempt to access beyond end of device
[  314.422647][T16102] loop4: rw=2049, sector=313, nr_sectors = 8 limit=128
[  314.436298][T16102] syz.4.4503: attempt to access beyond end of device
[  314.436298][T16102] loop4: rw=2049, sector=329, nr_sectors = 8 limit=128
[  314.449841][T16102] syz.4.4503: attempt to access beyond end of device
[  314.449841][T16102] loop4: rw=2049, sector=345, nr_sectors = 8 limit=128
[  314.463470][T16102] syz.4.4503: attempt to access beyond end of device
[  314.463470][T16102] loop4: rw=2049, sector=361, nr_sectors = 8 limit=128
[  314.476929][T16102] syz.4.4503: attempt to access beyond end of device
[  314.476929][T16102] loop4: rw=2049, sector=377, nr_sectors = 8 limit=128
[  314.490562][T16102] syz.4.4503: attempt to access beyond end of device
[  314.490562][T16102] loop4: rw=2049, sector=393, nr_sectors = 8 limit=128
[  314.725074][T16110] FAULT_INJECTION: forcing a failure.
[  314.725074][T16110] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  314.738514][T16110] CPU: 0 UID: 0 PID: 16110 Comm: syz.4.4506 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  314.738546][T16110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  314.738561][T16110] Call Trace:
[  314.738567][T16110]  <TASK>
[  314.738576][T16110]  __dump_stack+0x1d/0x30
[  314.738681][T16110]  dump_stack_lvl+0xe8/0x140
[  314.738701][T16110]  dump_stack+0x15/0x1b
[  314.738723][T16110]  should_fail_ex+0x265/0x280
[  314.738816][T16110]  should_fail_alloc_page+0xf2/0x100
[  314.738855][T16110]  __alloc_frozen_pages_noprof+0xff/0x360
[  314.738884][T16110]  alloc_pages_mpol+0xb3/0x260
[  314.738912][T16110]  alloc_pages_noprof+0x90/0x130
[  314.738939][T16110]  get_free_pages_noprof+0xc/0x40
[  314.739101][T16110]  selinux_genfs_get_sid+0x33/0x180
[  314.739150][T16110]  inode_doinit_with_dentry+0x5fe/0x7a0
[  314.739174][T16110]  selinux_d_instantiate+0x27/0x40
[  314.739251][T16110]  security_d_instantiate+0x7a/0xa0
[  314.739278][T16110]  d_splice_alias_ops+0x53/0x280
[  314.739307][T16110]  proc_lookup_de+0x20b/0x240
[  314.739332][T16110]  proc_tgid_net_lookup+0x43/0xd0
[  314.739401][T16110]  ? __pfx_proc_tgid_net_lookup+0x10/0x10
[  314.739464][T16110]  path_openat+0xcf3/0x2170
[  314.739527][T16110]  do_filp_open+0x109/0x230
[  314.739554][T16110]  ? __pfx_kfree_link+0x10/0x10
[  314.739591][T16110]  do_sys_openat2+0xa6/0x110
[  314.739648][T16110]  __x64_sys_openat+0xf2/0x120
[  314.739676][T16110]  x64_sys_call+0x2eab/0x3000
[  314.739703][T16110]  do_syscall_64+0xd2/0x200
[  314.739722][T16110]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  314.739753][T16110]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  314.739794][T16110]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  314.739863][T16110] RIP: 0033:0x7f0e2160df10
[  314.739879][T16110] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 69 95 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 bc 95 02 00 8b 44
[  314.739901][T16110] RSP: 002b:00007f0e2006ef10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  314.739918][T16110] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f0e2160df10
[  314.739930][T16110] RDX: 0000000000000000 RSI: 00007f0e2006efa0 RDI: 00000000ffffff9c
[  314.740007][T16110] RBP: 00007f0e2006efa0 R08: 0000000000000000 R09: 0000000000000000
[  314.740022][T16110] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[  314.740058][T16110] R13: 00007f0e21866038 R14: 00007f0e21865fa0 R15: 00007ffd49acf718
[  314.740081][T16110]  </TASK>
[  315.025278][T16116] netlink: 'syz.4.4508': attribute type 13 has an invalid length.
[  315.065552][T16116] bridge0: port 2(bridge_slave_1) entered disabled state
[  315.072801][T16116] bridge0: port 1(bridge_slave_0) entered disabled state
[  315.123595][T16116] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  315.134121][T16116] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  315.177203][ T5756] netdevsim netdevsim4 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  315.185780][   T44] Bluetooth: hci0: command 0x1003 tx timeout
[  315.185805][ T3537] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  315.200495][ T5756] netdevsim netdevsim4 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  315.208980][ T5756] netdevsim netdevsim4 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  315.217473][  T271] netdevsim netdevsim4 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  315.256080][T16124] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4510'.
[  315.271222][T16124] loop4: detected capacity change from 0 to 512
[  315.278419][T16124] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  315.288411][T16122] IPVS: set_ctl: invalid protocol: 44 10.1.1.0:20001
[  315.296379][T16124] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a856e11d, mo2=0002]
[  315.305001][T16124] System zones: 1-12
[  315.309008][T16124] EXT4-fs (loop4): orphan cleanup on readonly fs
[  315.316010][T16124] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.4510: bg 0: block 361: padding at end of block bitmap is not set
[  315.330670][T16124] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  315.339678][T16124] EXT4-fs error (device loop4): ext4_clear_blocks:876: inode #11: comm syz.4.4510: attempt to clear invalid blocks 33619980 len 1
[  315.353615][T16124] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.4510: invalid indirect mapped block 1811939328 (level 0)
[  315.368004][T16124] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.4510: invalid indirect mapped block 2 (level 2)
[  315.381974][T16124] EXT4-fs (loop4): 1 truncate cleaned up
[  315.388209][T16124] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: writeback.
[  315.412926][T12345] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  315.542102][T16131] netlink: 14212 bytes leftover after parsing attributes in process `syz.5.4513'.
[  315.618925][T16137] SELinux:  policydb version 280 does not match my version range 15-35
[  315.628121][T16137] SELinux: failed to load policy
[  315.661993][T16141] loop2: detected capacity change from 0 to 1024
[  315.675947][T16141] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  315.692178][T16144] lo speed is unknown, defaulting to 1000
[  315.699441][T16144] lo speed is unknown, defaulting to 1000
[  315.705566][T16144] lo speed is unknown, defaulting to 1000
[  315.743947][T16144] infiniband s
z1: set active
[  315.748800][T16144] infiniband s
z1: added lo
[  315.749320][   T31] nci: nci_add_new_protocol: the target found does not have the desired protocol
[  315.753474][   T23] lo speed is unknown, defaulting to 1000
[  315.805474][T16157] SELinux: failed to load policy
[  315.813129][T16144] RDS/IB: s
z1: added
[  315.817611][T16144] smc: adding ib device s
z1 with port count 1
[  315.823826][T16144] smc:    ib device s
z1 port 1 has no pnetid
[  315.830046][ T3615] lo speed is unknown, defaulting to 1000
[  315.836489][T16144] lo speed is unknown, defaulting to 1000
[  315.887405][T16144] lo speed is unknown, defaulting to 1000
[  315.923703][T16144] lo speed is unknown, defaulting to 1000
[  315.977127][T16144] lo speed is unknown, defaulting to 1000
[  316.009138][T16160] loop1: detected capacity change from 0 to 2048
[  316.015934][T16144] lo speed is unknown, defaulting to 1000
[  316.021928][T16160] EXT4-fs (loop1): cluster size (2048) smaller than block size (4096)
[  316.082307][T16144] lo speed is unknown, defaulting to 1000
[  316.123299][T16144] lo speed is unknown, defaulting to 1000
[  316.146107][T16162] SELinux: failed to load policy
[  316.177807][T16144] lo speed is unknown, defaulting to 1000
[  316.363088][T16169] netlink: 14212 bytes leftover after parsing attributes in process `syz.5.4525'.
[  316.495471][T16173] syzkaller0: entered promiscuous mode
[  316.501084][T16173] syzkaller0: entered allmulticast mode
[  316.563320][T16175] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  316.576479][T12494] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  316.643497][T16182] loop5: detected capacity change from 0 to 1024
[  316.650193][T16182] EXT4-fs: Ignoring removed orlov option
[  316.707177][T16182] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  316.720677][T16175] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  316.872675][T16175] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  317.597672][T16175] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  317.638568][T16196] netlink: 'syz.0.4532': attribute type 10 has an invalid length.
[  317.646737][T16196] batadv0: entered allmulticast mode
[  317.662441][T16196] 8021q: adding VLAN 0 to HW filter on device batadv0
[  317.675254][T16196] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  317.693670][  T271] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  317.706138][  T271] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  317.721437][  T271] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  317.738069][  T271] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  317.776040][T16202] loop1: detected capacity change from 0 to 1024
[  317.791912][T16202] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  317.805515][T14194] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  317.828653][T16207] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  317.861689][T16214] loop5: detected capacity change from 0 to 1024
[  317.869859][T16207] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  317.878559][T16214] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  317.901722][  T271] nci: nci_add_new_protocol: the target found does not have the desired protocol
[  317.931774][T16207] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  317.957756][T16225] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4541'.
[  317.966651][T16225] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4541'.
[  317.982785][T16225] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4541'.
[  317.995751][T16207] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  318.022737][T16228] loop2: detected capacity change from 0 to 1024
[  318.029456][T16228] EXT4-fs: Ignoring removed orlov option
[  318.039022][T16228] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  318.080448][ T5756] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  318.096751][ T5756] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  318.105188][ T5756] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  318.126671][   T37] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  318.657289][   T29] kauditd_printk_skb: 550 callbacks suppressed
[  318.657305][   T29] audit: type=1326 audit(1762740126.795:22834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16201 comm="syz.1.4535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4616ff6c9 code=0x7ffc0000
[  318.697889][   T29] audit: type=1326 audit(1762740126.795:22835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16201 comm="syz.1.4535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4616ff6c9 code=0x7ffc0000
[  318.699428][T12964] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  318.721527][   T29] audit: type=1326 audit(1762740126.795:22836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16213 comm="syz.5.4539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f9cb6941494 code=0x7ffc0000
[  318.721597][   T29] audit: type=1326 audit(1762740126.795:22837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16213 comm="syz.5.4539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cb693f6c9 code=0x7ffc0000
[  318.721626][   T29] audit: type=1326 audit(1762740126.795:22838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16213 comm="syz.5.4539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cb693f6c9 code=0x7ffc0000
[  318.803897][T14194] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  318.886537][T16241] netlink: 14212 bytes leftover after parsing attributes in process `syz.5.4544'.
[  318.947930][ T3537] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  318.963923][T12494] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  319.044454][T16254] sg_write: process 630 (syz.2.4550) changed security contexts after opening file descriptor, this is not allowed.
[  319.061147][T16245] SELinux: failed to load policy
[  319.069203][T16245] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  319.129194][T16245] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  319.172091][T16261] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4552'.
[  319.182942][T16245] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  319.246736][T16245] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  319.261064][   T29] audit: type=1326 audit(1762740127.356:22839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16265 comm="syz.0.4553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1657ff6c9 code=0x7ffc0000
[  319.285695][   T29] audit: type=1326 audit(1762740127.356:22840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16265 comm="syz.0.4553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1657ff6c9 code=0x7ffc0000
[  319.309437][   T29] audit: type=1326 audit(1762740127.356:22841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16265 comm="syz.0.4553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fb1657ff6c9 code=0x7ffc0000
[  319.333177][   T29] audit: type=1326 audit(1762740127.384:22842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16265 comm="syz.0.4553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1657ff6c9 code=0x7ffc0000
[  319.356958][   T29] audit: type=1326 audit(1762740127.384:22843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16265 comm="syz.0.4553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1657ff6c9 code=0x7ffc0000
[  319.629727][T16271] loop4: detected capacity change from 0 to 1024
[  319.638713][T16271] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  319.676567][T16277] netlink: 'syz.0.4556': attribute type 39 has an invalid length.
[  319.714546][  T271] nci: nci_add_new_protocol: the target found does not have the desired protocol
[  319.955814][T16282] loop2: detected capacity change from 0 to 1024
[  319.962632][T16282] EXT4-fs: Ignoring removed orlov option
[  319.985147][T16282] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  320.573706][T12345] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  320.967264][T12494] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  321.089648][T16309] netlink: 332 bytes leftover after parsing attributes in process `syz.2.4565'.
[  321.098844][T16309] netlink: 'syz.2.4565': attribute type 9 has an invalid length.
[  321.106648][T16309] netlink: 108 bytes leftover after parsing attributes in process `syz.2.4565'.
[  321.115712][T16309] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4565'.
[  321.128911][T16309] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4565'.
[  321.141426][T16309] loop2: detected capacity change from 0 to 512
[  321.148626][T16309] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  321.158876][T16309] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a856e11d, mo2=0002]
[  321.166853][T16309] System zones: 1-12
[  321.172820][T16309] EXT4-fs (loop2): orphan cleanup on readonly fs
[  321.179588][T16309] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.4565: bg 0: block 361: padding at end of block bitmap is not set
[  321.194246][T16309] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  321.203238][T16309] EXT4-fs error (device loop2): ext4_clear_blocks:876: inode #11: comm syz.2.4565: attempt to clear invalid blocks 33619980 len 1
[  321.217149][T16309] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.4565: invalid indirect mapped block 1811939328 (level 0)
[  321.231347][T16309] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.4565: invalid indirect mapped block 2 (level 2)
[  321.244859][T16309] EXT4-fs (loop2): 1 truncate cleaned up
[  321.250869][T16309] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: writeback.
[  321.273383][T12494] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  321.525730][T16314] lo speed is unknown, defaulting to 1000
[  321.579660][T16314] lo speed is unknown, defaulting to 1000
[  321.982576][T16320] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2562 sclass=netlink_route_socket pid=16320 comm=syz.4.4568
[  321.995402][T16320] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2580 sclass=netlink_route_socket pid=16320 comm=syz.4.4568
[  322.008228][T16320] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2582 sclass=netlink_route_socket pid=16320 comm=syz.4.4568
[  322.021019][T16320] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2578 sclass=netlink_route_socket pid=16320 comm=syz.4.4568
[  322.033847][T16320] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2569 sclass=netlink_route_socket pid=16320 comm=syz.4.4568
[  322.363156][T16328] loop5: detected capacity change from 0 to 128
[  322.429964][T16332] loop2: detected capacity change from 0 to 1024
[  322.439744][T16328] bio_check_eod: 3 callbacks suppressed
[  322.439758][T16328] syz.5.4571: attempt to access beyond end of device
[  322.439758][T16328] loop5: rw=2049, sector=145, nr_sectors = 8 limit=128
[  322.447482][T16332] EXT4-fs: Ignoring removed orlov option
[  322.459205][T16328] syz.5.4571: attempt to access beyond end of device
[  322.459205][T16328] loop5: rw=2049, sector=161, nr_sectors = 8 limit=128
[  322.474908][T16332] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  322.478293][T16328] syz.5.4571: attempt to access beyond end of device
[  322.478293][T16328] loop5: rw=2049, sector=177, nr_sectors = 8 limit=128
[  322.503674][T16328] syz.5.4571: attempt to access beyond end of device
[  322.503674][T16328] loop5: rw=2049, sector=193, nr_sectors = 8 limit=128
[  322.522247][T16330] netlink: 'syz.4.4572': attribute type 10 has an invalid length.
[  322.530163][T16330] batadv0: entered allmulticast mode
[  322.536233][T16330] 8021q: adding VLAN 0 to HW filter on device batadv0
[  322.543790][T16328] syz.5.4571: attempt to access beyond end of device
[  322.543790][T16328] loop5: rw=2049, sector=209, nr_sectors = 8 limit=128
[  322.558840][T16330] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  322.568572][T16330] netlink: 'syz.4.4572': attribute type 10 has an invalid length.
[  322.576408][T16330] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4572'.
[  322.585777][T16328] syz.5.4571: attempt to access beyond end of device
[  322.585777][T16328] loop5: rw=2049, sector=225, nr_sectors = 8 limit=128
[  322.599433][T16330] batadv0: entered promiscuous mode
[  322.604489][T16328] syz.5.4571: attempt to access beyond end of device
[  322.604489][T16328] loop5: rw=2049, sector=241, nr_sectors = 8 limit=128
[  322.618449][T16330] bond0: (slave batadv0): Releasing backup interface
[  322.618621][T16328] syz.5.4571: attempt to access beyond end of device
[  322.618621][T16328] loop5: rw=2049, sector=257, nr_sectors = 8 limit=128
[  322.638690][T16328] syz.5.4571: attempt to access beyond end of device
[  322.638690][T16328] loop5: rw=2049, sector=273, nr_sectors = 8 limit=128
[  322.639694][T16330] bridge0: port 3(batadv0) entered blocking state
[  322.652672][T16328] syz.5.4571: attempt to access beyond end of device
[  322.652672][T16328] loop5: rw=2049, sector=289, nr_sectors = 8 limit=128
[  322.658629][T16330] bridge0: port 3(batadv0) entered disabled state
[  323.113081][T16344] netlink: 332 bytes leftover after parsing attributes in process `syz.4.4576'.
[  323.122300][T16344] netlink: 'syz.4.4576': attribute type 9 has an invalid length.
[  323.130147][T16344] netlink: 108 bytes leftover after parsing attributes in process `syz.4.4576'.
[  323.139325][T16344] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4576'.
[  323.148474][   T31] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  323.157721][   T31] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  323.176168][   T37] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  323.184400][T16344] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4576'.
[  323.197671][T16344] loop4: detected capacity change from 0 to 512
[  323.200428][   T37] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  323.205283][T16344] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  323.222127][   T37] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  323.230420][   T37] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  323.233810][T16348] SELinux:  policydb magic number 0x224e0002 does not match expected magic number 0xf97cff8c
[  323.239120][T16344] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a856e11d, mo2=0002]
[  323.256956][T16344] System zones: 1-12
[  323.261001][T16344] EXT4-fs (loop4): orphan cleanup on readonly fs
[  323.269450][T16344] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.4576: bg 0: block 361: padding at end of block bitmap is not set
[  323.274983][T16348] SELinux: failed to load policy
[  323.289360][T16344] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  323.299266][T16344] EXT4-fs error (device loop4): ext4_clear_blocks:876: inode #11: comm syz.4.4576: attempt to clear invalid blocks 33619980 len 1
[  323.382856][T12494] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  323.403443][T16344] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.4576: invalid indirect mapped block 1811939328 (level 0)
[  323.418076][T16344] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.4576: invalid indirect mapped block 2 (level 2)
[  323.432522][T16344] EXT4-fs (loop4): 1 truncate cleaned up
[  323.446511][T16344] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: writeback.
[  323.464881][T16348] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  323.525009][T12345] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  323.613116][T16348] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  323.646299][T16350] loop1: detected capacity change from 0 to 32768
[  323.724709][T16350]  loop1: p1 p2 p3 < > p4 < p5 p6 >
[  323.729982][T16350] loop1: p1 start 460800 is beyond EOD, truncated
[  323.736573][T16350] loop1: p2 size 83886080 extends beyond EOD, truncated
[  323.741462][T16348] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  323.854053][T16350] loop1: p5 start 460800 is beyond EOD, truncated
[  323.860516][T16350] loop1: p6 size 83886080 extends beyond EOD, truncated
[  323.944905][T16348] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  324.075124][   T31] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  324.100133][   T31] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  324.111973][   T31] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  324.127482][   T31] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  324.213112][T16385] loop5: detected capacity change from 0 to 128
[  324.303204][T16386] SELinux: failed to load policy
[  324.308215][   T29] kauditd_printk_skb: 434 callbacks suppressed
[  324.308229][   T29] audit: type=1326 audit(1762740132.071:23278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16384 comm="syz.5.4591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cb693f6c9 code=0x7ffc0000
[  324.338139][   T29] audit: type=1326 audit(1762740132.071:23279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16384 comm="syz.5.4591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f9cb693f6c9 code=0x7ffc0000
[  324.373935][   T29] audit: type=1326 audit(1762740132.071:23280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16384 comm="syz.5.4591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cb693f6c9 code=0x7ffc0000
[  324.397622][   T29] audit: type=1326 audit(1762740132.071:23281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16384 comm="syz.5.4591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9cb693f6c9 code=0x7ffc0000
[  324.421307][   T29] audit: type=1326 audit(1762740132.071:23282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16384 comm="syz.5.4591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cb693f6c9 code=0x7ffc0000
[  324.444952][   T29] audit: type=1326 audit(1762740132.071:23283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16384 comm="syz.5.4591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9cb693f6c9 code=0x7ffc0000
[  324.468553][   T29] audit: type=1326 audit(1762740132.071:23284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16384 comm="syz.5.4591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cb693f6c9 code=0x7ffc0000
[  324.492210][   T29] audit: type=1326 audit(1762740132.071:23285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16384 comm="syz.5.4591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9cb693f6c9 code=0x7ffc0000
[  324.515866][   T29] audit: type=1326 audit(1762740132.080:23286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16384 comm="syz.5.4591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cb693f6c9 code=0x7ffc0000
[  324.539506][   T29] audit: type=1326 audit(1762740132.080:23287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16384 comm="syz.5.4591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9cb693f6c9 code=0x7ffc0000
[  324.566793][T16389] loop1: detected capacity change from 0 to 128
[  324.782696][T16400] loop5: detected capacity change from 0 to 512
[  325.055699][T16410] __nla_validate_parse: 2 callbacks suppressed
[  325.055720][T16410] netlink: 140 bytes leftover after parsing attributes in process `syz.4.4599'.
[  325.141659][T16410] netlink: 32 bytes leftover after parsing attributes in process `syz.4.4599'.
[  325.232025][T16417] netlink: 76 bytes leftover after parsing attributes in process `syz.1.4602'.
[  325.307898][T16417] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  325.322403][T16417] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  325.354298][T16400] EXT4-fs warning (device loop5): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  325.396416][T16400] EXT4-fs (loop5): mount failed
[  325.454062][T16426] loop4: detected capacity change from 0 to 1024
[  325.464952][T16426] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  325.513119][T12345] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  325.708450][T16438] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  325.726048][T16444] loop2: detected capacity change from 0 to 1024
[  325.732877][T16444] EXT4-fs: Ignoring removed orlov option
[  325.748694][T16446] netlink: 'syz.5.4611': attribute type 4 has an invalid length.
[  325.758531][T16444] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  325.777816][T16438] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  325.883661][T16441] loop4: detected capacity change from 0 to 8192
[  325.890683][T16438] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  325.937059][T16441]  loop4: p2 p3 p4
[  325.942269][T16441] loop4: p2 start 164919041 is beyond EOD, truncated
[  325.949114][T16441] loop4: p3 size 66846464 extends beyond EOD, truncated
[  326.152718][T16438] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  326.269882][T16441] loop4: p4 size 37048832 extends beyond EOD, truncated
[  326.277844][ T5756] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  326.315991][ T5756] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  326.329613][ T5756] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  326.338207][ T5756] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  326.342167][T16458] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4614'.
[  326.404348][T16463] netlink: 'syz.0.4616': attribute type 3 has an invalid length.
[  326.428659][T16463] netlink: 'syz.0.4616': attribute type 3 has an invalid length.
[  326.514674][T16463] RDS: rds_bind could not find a transport for ::ffff:172.20.20.187, load rds_tcp or rds_rdma?
[  326.560606][T16476] netlink: 76 bytes leftover after parsing attributes in process `syz.1.4622'.
[  326.594224][T16476] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  326.603207][T16476] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  326.663547][T12494] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  326.849374][T16486] netlink: 14212 bytes leftover after parsing attributes in process `syz.2.4625'.
[  326.946830][T16485] SELinux: failed to load policy
[  326.960747][T16494] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=18460 sclass=netlink_route_socket pid=16494 comm=syz.2.4627
[  326.975447][T16479] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  326.995346][T16496] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.028764][T16479] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.082730][T16496] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.114790][T16479] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.149304][T16501] loop5: detected capacity change from 0 to 8192
[  327.157815][T16496] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.210591][T16479] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.255199][T16496] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.362007][   T37] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  327.382150][   T37] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  327.455139][   T31] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  327.463555][   T31] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  327.473383][   T37] Bluetooth: hci0: Frame reassembly failed (-84)
[  327.517912][T16520] loop4: detected capacity change from 0 to 1024
[  327.524763][T16520] EXT4-fs: Ignoring removed nobh option
[  327.530532][T16520] EXT4-fs: Ignoring removed bh option
[  327.541288][T16520] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  327.623230][T12345] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  327.841216][T16555] netlink: 14212 bytes leftover after parsing attributes in process `syz.1.4652'.
[  327.921330][T16560] SELinux:  policydb magic number 0xfff70003 does not match expected magic number 0xf97cff8c
[  327.931913][T16560] SELinux: failed to load policy
[  328.353461][T16578] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4661'.
[  328.994625][T16585] loop4: detected capacity change from 0 to 1024
[  329.001415][T16585] EXT4-fs: Ignoring removed orlov option
[  329.009034][T16585] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  329.036533][T12345] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  329.346433][T16599] netlink: 14212 bytes leftover after parsing attributes in process `syz.1.4668'.
[  329.419864][T16613] loop4: detected capacity change from 0 to 128
[  329.432013][T16614] pimreg: entered allmulticast mode
[  329.454260][T16613] bio_check_eod: 326 callbacks suppressed
[  329.454277][T16613] syz.4.4674: attempt to access beyond end of device
[  329.454277][T16613] loop4: rw=2049, sector=145, nr_sectors = 88 limit=128
[  329.473989][T16613] syz.4.4674: attempt to access beyond end of device
[  329.473989][T16613] loop4: rw=2049, sector=241, nr_sectors = 32 limit=128
[  329.487915][T16613] syz.4.4674: attempt to access beyond end of device
[  329.487915][T16613] loop4: rw=2049, sector=281, nr_sectors = 8 limit=128
[  329.501681][ T3422] IPVS: starting estimator thread 0...
[  329.505714][T16613] syz.4.4674: attempt to access beyond end of device
[  329.505714][T16613] loop4: rw=2049, sector=297, nr_sectors = 8 limit=128
[  329.524273][T16613] syz.4.4674: attempt to access beyond end of device
[  329.524273][T16613] loop4: rw=2049, sector=313, nr_sectors = 8 limit=128
[  329.538251][T16613] syz.4.4674: attempt to access beyond end of device
[  329.538251][T16613] loop4: rw=2049, sector=329, nr_sectors = 8 limit=128
[  329.551947][T16613] syz.4.4674: attempt to access beyond end of device
[  329.551947][T16613] loop4: rw=2049, sector=345, nr_sectors = 8 limit=128
[  329.565568][T16613] syz.4.4674: attempt to access beyond end of device
[  329.565568][T16613] loop4: rw=2049, sector=361, nr_sectors = 8 limit=128
[  329.579424][T16613] syz.4.4674: attempt to access beyond end of device
[  329.579424][T16613] loop4: rw=2049, sector=377, nr_sectors = 8 limit=128
[  329.592937][T16613] syz.4.4674: attempt to access beyond end of device
[  329.592937][T16613] loop4: rw=2049, sector=393, nr_sectors = 8 limit=128
[  329.635110][ T3538] Bluetooth: hci0: command 0x1003 tx timeout
[  329.635153][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  329.641278][T16616] IPVS: using max 2352 ests per chain, 117600 per kthread
[  329.662284][   T29] kauditd_printk_skb: 375 callbacks suppressed
[  329.662299][   T29] audit: type=1326 audit(1762740137.086:23662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16623 comm="syz.4.4677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e2160f6c9 code=0x7ffc0000
[  329.692178][   T29] audit: type=1326 audit(1762740137.086:23663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16623 comm="syz.4.4677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e2160f6c9 code=0x7ffc0000
[  329.716161][   T29] audit: type=1326 audit(1762740137.114:23664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16623 comm="syz.4.4677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0e2160f6c9 code=0x7ffc0000
[  329.739972][   T29] audit: type=1326 audit(1762740137.114:23665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16623 comm="syz.4.4677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e2160f6c9 code=0x7ffc0000
[  329.740138][T16624] loop4: detected capacity change from 0 to 1024
[  329.763851][   T29] audit: type=1326 audit(1762740137.114:23666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16623 comm="syz.4.4677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e2160f6c9 code=0x7ffc0000
[  329.775650][T16624] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  329.793722][   T29] audit: type=1326 audit(1762740137.114:23667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16623 comm="syz.4.4677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0e2160f6c9 code=0x7ffc0000
[  329.829681][   T29] audit: type=1326 audit(1762740137.114:23668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16623 comm="syz.4.4677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e2160f6c9 code=0x7ffc0000
[  329.853291][   T29] audit: type=1326 audit(1762740137.114:23669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16623 comm="syz.4.4677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f0e2160f6c9 code=0x7ffc0000
[  329.877131][   T29] audit: type=1326 audit(1762740137.142:23670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16623 comm="syz.4.4677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f0e2160f703 code=0x7ffc0000
[  329.877242][T16612] pimreg: left allmulticast mode
[  329.900675][   T29] audit: type=1326 audit(1762740137.142:23671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16623 comm="syz.4.4677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f0e2160f703 code=0x7ffc0000
[  329.931284][T12345] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  329.977014][ T3537] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  329.988881][T16635] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4680'.
[  330.022127][T16639] IPv6: sit1: Disabled Multicast RS
[  330.028576][T16639] sit1: entered allmulticast mode
[  330.293403][T16662] FAULT_INJECTION: forcing a failure.
[  330.293403][T16662] name failslab, interval 1, probability 0, space 0, times 0
[  330.306175][T16662] CPU: 1 UID: 0 PID: 16662 Comm: syz.4.4693 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  330.306207][T16662] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  330.306223][T16662] Call Trace:
[  330.306231][T16662]  <TASK>
[  330.306239][T16662]  __dump_stack+0x1d/0x30
[  330.306284][T16662]  dump_stack_lvl+0xe8/0x140
[  330.306309][T16662]  dump_stack+0x15/0x1b
[  330.306331][T16662]  should_fail_ex+0x265/0x280
[  330.306423][T16662]  should_failslab+0x8c/0xb0
[  330.306449][T16662]  __kmalloc_noprof+0xa5/0x570
[  330.306488][T16662]  ? ethnl_default_notify+0x11c/0x6a0
[  330.306508][T16662]  ethnl_default_notify+0x11c/0x6a0
[  330.306542][T16662]  ? netif_set_real_num_tx_queues+0x391/0x4f0
[  330.306575][T16662]  ethnl_notify+0xc1/0x1c0
[  330.306605][T16662]  ethtool_notify+0x1d/0x30
[  330.306649][T16662]  ethtool_set_channels+0x3d5/0x3e0
[  330.306676][T16662]  dev_ethtool+0x1582/0x1670
[  330.306694][T16662]  ? full_name_hash+0x92/0xe0
[  330.306724][T16662]  dev_ioctl+0x2e0/0x960
[  330.306857][T16662]  sock_do_ioctl+0x197/0x220
[  330.306879][T16662]  sock_ioctl+0x41b/0x610
[  330.306898][T16662]  ? __pfx_sock_ioctl+0x10/0x10
[  330.306916][T16662]  __se_sys_ioctl+0xce/0x140
[  330.306934][T16662]  __x64_sys_ioctl+0x43/0x50
[  330.307021][T16662]  x64_sys_call+0x1816/0x3000
[  330.307040][T16662]  do_syscall_64+0xd2/0x200
[  330.307058][T16662]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  330.307102][T16662]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  330.307130][T16662]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  330.307147][T16662] RIP: 0033:0x7f0e2160f6c9
[  330.307159][T16662] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  330.307209][T16662] RSP: 002b:00007f0e2006f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  330.307225][T16662] RAX: ffffffffffffffda RBX: 00007f0e21865fa0 RCX: 00007f0e2160f6c9
[  330.307267][T16662] RDX: 0000200000000140 RSI: 0000000000008946 RDI: 0000000000000003
[  330.307278][T16662] RBP: 00007f0e2006f090 R08: 0000000000000000 R09: 0000000000000000
[  330.307288][T16662] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  330.307298][T16662] R13: 00007f0e21866038 R14: 00007f0e21865fa0 R15: 00007ffd49acf718
[  330.307314][T16662]  </TASK>
[  330.547359][T16666] __nla_validate_parse: 2 callbacks suppressed
[  330.547417][T16666] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4695'.
[  330.634945][   T31] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  330.655893][   T31] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  330.667934][   T31] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  330.676509][   T31] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  330.687933][T16677] loop5: detected capacity change from 0 to 128
[  330.698347][T16677] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  330.711119][T16677] ext4 filesystem being mounted at /155/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  330.749737][T16682] loop4: detected capacity change from 0 to 8192
[  330.759142][T14194] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  330.864434][T16693] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  330.930524][T16693] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  330.973971][T16706] loop4: detected capacity change from 0 to 512
[  330.982804][T16706] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  331.007368][T12345] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  331.018199][T16693] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  331.070105][T16693] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  331.285017][T16720] loop4: detected capacity change from 0 to 128
[  331.544848][T16736] IPv6: NLM_F_CREATE should be specified when creating new route
[  331.686374][   T37] Bluetooth: hci0: Frame reassembly failed (-84)
[  331.957204][T16787] netlink: 56 bytes leftover after parsing attributes in process `syz.2.4721'.
[  332.055915][T16811] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  332.106651][T16811] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  332.159433][T16811] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  332.212965][T16811] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  332.295166][   T37] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  332.310485][  T316] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  332.327527][  T316] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  332.342884][  T316] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  332.683453][ T3422] hid-generic 0000:0003:0000.000E: unknown main item tag 0x0
[  332.690897][ T3422] hid-generic 0000:0003:0000.000E: unknown main item tag 0x0
[  332.699012][ T3422] hid-generic 0000:0003:0000.000E: hidraw0: <UNKNOWN> HID v0.03 Device [syz0] on syz0
[  332.709277][T16893] FAULT_INJECTION: forcing a failure.
[  332.709277][T16893] name failslab, interval 1, probability 0, space 0, times 0
[  332.722029][T16893] CPU: 1 UID: 0 PID: 16893 Comm: syz.2.4734 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  332.722055][T16893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  332.722105][T16893] Call Trace:
[  332.722111][T16893]  <TASK>
[  332.722117][T16893]  __dump_stack+0x1d/0x30
[  332.722136][T16893]  dump_stack_lvl+0xe8/0x140
[  332.722153][T16893]  dump_stack+0x15/0x1b
[  332.722208][T16893]  should_fail_ex+0x265/0x280
[  332.722224][T16893]  ? kobject_uevent_env+0x1c0/0x570
[  332.722258][T16893]  should_failslab+0x8c/0xb0
[  332.722329][T16893]  __kmalloc_cache_noprof+0x4c/0x4a0
[  332.722357][T16893]  kobject_uevent_env+0x1c0/0x570
[  332.722382][T16893]  ? device_pm_check_callbacks+0x683/0x6a0
[  332.722407][T16893]  kobject_uevent+0x1d/0x30
[  332.722481][T16893]  device_del+0x710/0x790
[  332.722501][T16893]  device_destroy+0x66/0xa0
[  332.722519][T16893]  drop_ref+0xbf/0x1a0
[  332.722605][T16893]  hidraw_disconnect+0x39/0x50
[  332.722627][T16893]  hid_device_remove+0x158/0x210
[  332.722644][T16893]  ? __pfx_hid_device_remove+0x10/0x10
[  332.722661][T16893]  device_release_driver_internal+0x2be/0x4e0
[  332.722761][T16893]  device_release_driver+0x19/0x20
[  332.722779][T16893]  bus_remove_device+0x26d/0x290
[  332.722805][T16893]  device_del+0x36a/0x790
[  332.722824][T16893]  hid_destroy_device+0x54/0x120
[  332.722840][T16893]  uhid_dev_destroy+0x6a/0xb0
[  332.722893][T16893]  uhid_char_write+0x3aa/0x650
[  332.722975][T16893]  ? __pfx_uhid_char_write+0x10/0x10
[  332.722999][T16893]  vfs_write+0x269/0x960
[  332.723081][T16893]  ? __rcu_read_unlock+0x4f/0x70
[  332.723103][T16893]  ? __fget_files+0x184/0x1c0
[  332.723199][T16893]  ksys_write+0xda/0x1a0
[  332.723221][T16893]  __x64_sys_write+0x40/0x50
[  332.723242][T16893]  x64_sys_call+0x2802/0x3000
[  332.723267][T16893]  do_syscall_64+0xd2/0x200
[  332.723284][T16893]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  332.723307][T16893]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  332.723341][T16893]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  332.723403][T16893] RIP: 0033:0x7ffa04a4f6c9
[  332.723417][T16893] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  332.723432][T16893] RSP: 002b:00007ffa034af038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  332.723448][T16893] RAX: ffffffffffffffda RBX: 00007ffa04ca5fa0 RCX: 00007ffa04a4f6c9
[  332.723539][T16893] RDX: 0000000000000004 RSI: 0000200000000200 RDI: 0000000000000003
[  332.723549][T16893] RBP: 00007ffa034af090 R08: 0000000000000000 R09: 0000000000000000
[  332.723559][T16893] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  332.723570][T16893] R13: 00007ffa04ca6038 R14: 00007ffa04ca5fa0 R15: 00007fffb67abda8
[  332.723601][T16893]  </TASK>
[  333.022313][T16896] loop2: detected capacity change from 0 to 512
[  333.029969][T16896] EXT4-fs (loop2): failed to initialize system zone (-117)
[  333.037295][T16896] EXT4-fs (loop2): mount failed
[  333.073085][T16903] loop2: detected capacity change from 0 to 128
[  333.110504][T16905] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  333.164369][T16905] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  333.218055][T16905] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  333.227677][T16908] netlink: 332 bytes leftover after parsing attributes in process `syz.4.4739'.
[  333.237027][T16908] netlink: 'syz.4.4739': attribute type 9 has an invalid length.
[  333.244807][T16908] netlink: 108 bytes leftover after parsing attributes in process `syz.4.4739'.
[  333.253895][T16908] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4739'.
[  333.266249][T16908] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4739'.
[  333.278874][T16908] loop4: detected capacity change from 0 to 512
[  333.285893][T16908] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  333.295994][T16908] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a856e11d, mo2=0002]
[  333.304076][T16908] System zones: 1-12
[  333.305562][T16905] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  333.308205][T16908] EXT4-fs (loop4): orphan cleanup on readonly fs
[  333.324592][T16908] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.4739: bg 0: block 361: padding at end of block bitmap is not set
[  333.339206][T16908] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  333.348065][T16908] EXT4-fs error (device loop4): ext4_clear_blocks:876: inode #11: comm syz.4.4739: attempt to clear invalid blocks 33619980 len 1
[  333.361866][T16908] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.4739: invalid indirect mapped block 1811939328 (level 0)
[  333.376069][T16908] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.4739: invalid indirect mapped block 2 (level 2)
[  333.389643][T16908] EXT4-fs (loop4): 1 truncate cleaned up
[  333.395725][T16908] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: writeback.
[  333.418833][T12345] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  333.580623][T16931] FAULT_INJECTION: forcing a failure.
[  333.580623][T16931] name failslab, interval 1, probability 0, space 0, times 0
[  333.593417][T16931] CPU: 0 UID: 0 PID: 16931 Comm: syz.4.4748 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  333.593511][T16931] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  333.593522][T16931] Call Trace:
[  333.593528][T16931]  <TASK>
[  333.593535][T16931]  __dump_stack+0x1d/0x30
[  333.593555][T16931]  dump_stack_lvl+0xe8/0x140
[  333.593574][T16931]  dump_stack+0x15/0x1b
[  333.593589][T16931]  should_fail_ex+0x265/0x280
[  333.593631][T16931]  should_failslab+0x8c/0xb0
[  333.593657][T16931]  kmem_cache_alloc_noprof+0x50/0x480
[  333.593683][T16931]  ? skb_clone+0x151/0x1f0
[  333.593699][T16931]  ? tcf_skbmod_dump+0x3c9/0x3f0
[  333.593769][T16931]  skb_clone+0x151/0x1f0
[  333.593786][T16931]  netlink_trim+0x13b/0x200
[  333.593814][T16931]  netlink_broadcast_filtered+0x5c/0xd10
[  333.593845][T16931]  ? tcf_action_dump+0x156/0x1d0
[  333.593936][T16931]  nlmsg_notify+0xcf/0x170
[  333.593976][T16931]  rtnetlink_send+0x48/0x60
[  333.594052][T16931]  tc_ctl_action+0x72b/0x830
[  333.594091][T16931]  ? __pfx_tc_ctl_action+0x10/0x10
[  333.594130][T16931]  rtnetlink_rcv_msg+0x65a/0x6d0
[  333.594159][T16931]  ? avc_has_perm_noaudit+0x1b1/0x200
[  333.594233][T16931]  netlink_rcv_skb+0x123/0x220
[  333.594260][T16931]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  333.594285][T16931]  rtnetlink_rcv+0x1c/0x30
[  333.594302][T16931]  netlink_unicast+0x5c0/0x690
[  333.594364][T16931]  netlink_sendmsg+0x58b/0x6b0
[  333.594509][T16931]  ? __pfx_netlink_sendmsg+0x10/0x10
[  333.594536][T16931]  __sock_sendmsg+0x145/0x180
[  333.594568][T16931]  ____sys_sendmsg+0x31e/0x4e0
[  333.594602][T16931]  ___sys_sendmsg+0x17b/0x1d0
[  333.594705][T16931]  __x64_sys_sendmsg+0xd4/0x160
[  333.594736][T16931]  x64_sys_call+0x191e/0x3000
[  333.594766][T16931]  do_syscall_64+0xd2/0x200
[  333.594792][T16931]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  333.594893][T16931]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  333.594931][T16931]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  333.594958][T16931] RIP: 0033:0x7f0e2160f6c9
[  333.594977][T16931] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  333.594999][T16931] RSP: 002b:00007f0e2006f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  333.595073][T16931] RAX: ffffffffffffffda RBX: 00007f0e21865fa0 RCX: 00007f0e2160f6c9
[  333.595086][T16931] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000004
[  333.595099][T16931] RBP: 00007f0e2006f090 R08: 0000000000000000 R09: 0000000000000000
[  333.595111][T16931] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  333.595125][T16931] R13: 00007f0e21866038 R14: 00007f0e21865fa0 R15: 00007ffd49acf718
[  333.595210][T16931]  </TASK>
[  333.862258][ T3537] Bluetooth: hci0: command 0x1003 tx timeout
[  333.862407][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  334.509482][T16940] netlink: 332 bytes leftover after parsing attributes in process `syz.1.4751'.
[  334.518606][T16940] netlink: 'syz.1.4751': attribute type 9 has an invalid length.
[  334.526531][T16940] netlink: 108 bytes leftover after parsing attributes in process `syz.1.4751'.
[  334.535719][T16940] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4751'.
[  334.548932][T16940] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4751'.
[  334.621390][T16946] lo speed is unknown, defaulting to 1000
[  334.654722][T16946] lo speed is unknown, defaulting to 1000
[  334.765181][   T37] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  334.791342][   T37] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  334.809546][   T37] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  334.817755][   T37] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  334.842473][T16949] FAULT_INJECTION: forcing a failure.
[  334.842473][T16949] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  334.855669][T16949] CPU: 1 UID: 0 PID: 16949 Comm: syz.4.4756 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  334.855772][T16949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  334.855785][T16949] Call Trace:
[  334.855791][T16949]  <TASK>
[  334.855799][T16949]  __dump_stack+0x1d/0x30
[  334.855835][T16949]  dump_stack_lvl+0xe8/0x140
[  334.855860][T16949]  dump_stack+0x15/0x1b
[  334.855945][T16949]  should_fail_ex+0x265/0x280
[  334.855968][T16949]  should_fail+0xb/0x20
[  334.855987][T16949]  should_fail_usercopy+0x1a/0x20
[  334.856035][T16949]  _copy_from_user+0x1c/0xb0
[  334.856065][T16949]  get_user_ifreq+0x53/0x110
[  334.856090][T16949]  sock_ioctl+0x54e/0x610
[  334.856131][T16949]  ? __pfx_sock_ioctl+0x10/0x10
[  334.856156][T16949]  __se_sys_ioctl+0xce/0x140
[  334.856182][T16949]  __x64_sys_ioctl+0x43/0x50
[  334.856205][T16949]  x64_sys_call+0x1816/0x3000
[  334.856232][T16949]  do_syscall_64+0xd2/0x200
[  334.856311][T16949]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  334.856339][T16949]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  334.856428][T16949]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  334.856449][T16949] RIP: 0033:0x7f0e2160f6c9
[  334.856463][T16949] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  334.856529][T16949] RSP: 002b:00007f0e2006f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  334.856547][T16949] RAX: ffffffffffffffda RBX: 00007f0e21865fa0 RCX: 00007f0e2160f6c9
[  334.856559][T16949] RDX: 0000200000000080 RSI: 00000000000089f2 RDI: 0000000000000003
[  334.856571][T16949] RBP: 00007f0e2006f090 R08: 0000000000000000 R09: 0000000000000000
[  334.856605][T16949] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  334.856617][T16949] R13: 00007f0e21866038 R14: 00007f0e21865fa0 R15: 00007ffd49acf718
[  334.856638][T16949]  </TASK>
[  335.095285][   T29] kauditd_printk_skb: 436 callbacks suppressed
[  335.095301][   T29] audit: type=1326 audit(1762740142.165:24108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16958 comm="syz.4.4759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e2160f6c9 code=0x7ffc0000
[  335.125196][   T29] audit: type=1326 audit(1762740142.165:24109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16958 comm="syz.4.4759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e2160f6c9 code=0x7ffc0000
[  335.176093][   T29] audit: type=1326 audit(1762740142.222:24110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16958 comm="syz.4.4759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0e2160f6c9 code=0x7ffc0000
[  335.199753][   T29] audit: type=1326 audit(1762740142.222:24111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16958 comm="syz.4.4759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e2160f6c9 code=0x7ffc0000
[  335.215398][T16965] netlink: 'syz.4.4762': attribute type 9 has an invalid length.
[  335.223379][   T29] audit: type=1326 audit(1762740142.222:24112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16958 comm="syz.4.4759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e2160f6c9 code=0x7ffc0000
[  335.223406][   T29] audit: type=1326 audit(1762740142.222:24113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16958 comm="syz.4.4759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0e2160f6c9 code=0x7ffc0000
[  335.223431][   T29] audit: type=1326 audit(1762740142.222:24114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16958 comm="syz.4.4759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e2160f6c9 code=0x7ffc0000
[  335.301868][   T29] audit: type=1326 audit(1762740142.222:24115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16958 comm="syz.4.4759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e2160f6c9 code=0x7ffc0000
[  335.325471][   T29] audit: type=1326 audit(1762740142.222:24116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16958 comm="syz.4.4759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f0e2160f6c9 code=0x7ffc0000
[  335.349122][   T29] audit: type=1326 audit(1762740142.222:24117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16958 comm="syz.4.4759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f0e2160f703 code=0x7ffc0000
[  335.350069][T16977] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=47878 sclass=netlink_route_socket pid=16977 comm=syz.5.4766
[  335.385482][T16976] loop4: detected capacity change from 0 to 512
[  335.402057][T16976] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  335.418480][T16977] serio: Serial port ttyS3
[  335.418967][T16976] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a856e11d, mo2=0002]
[  335.431176][T16976] System zones: 1-12
[  335.435157][T16976] EXT4-fs (loop4): orphan cleanup on readonly fs
[  335.442172][T16976] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.4762: bg 0: block 361: padding at end of block bitmap is not set
[  335.461951][T16976] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  335.471357][T16976] EXT4-fs error (device loop4): ext4_clear_blocks:876: inode #11: comm syz.4.4762: attempt to clear invalid blocks 33619980 len 1
[  335.497885][T16976] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.4762: invalid indirect mapped block 1811939328 (level 0)
[  335.516790][T16976] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.4762: invalid indirect mapped block 2 (level 2)
[  335.545502][T16976] EXT4-fs (loop4): 1 truncate cleaned up
[  335.553322][T16976] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: writeback.
[  335.589495][T12345] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  335.675573][T17005] ==================================================================
[  335.683678][T17005] BUG: KCSAN: data-race in n_tty_receive_char / n_tty_write
[  335.691006][T17005] 
[  335.693336][T17005] write to 0xffffc90002eb9028 of 8 bytes by task 17012 on cpu 0:
[  335.701045][T17005]  n_tty_receive_char+0x437/0x6a0
[  335.706103][T17005]  n_tty_receive_buf_standard+0x473/0x2f10
[  335.711937][T17005]  n_tty_receive_buf_common+0x805/0xbe0
[  335.717497][T17005]  n_tty_receive_buf+0x30/0x40
[  335.722274][T17005]  tiocsti+0x170/0x1d0
[  335.726341][T17005]  tty_ioctl+0x4a4/0xb80
[  335.730584][T17005]  __se_sys_ioctl+0xce/0x140
[  335.735178][T17005]  __x64_sys_ioctl+0x43/0x50
[  335.739773][T17005]  x64_sys_call+0x1816/0x3000
[  335.744467][T17005]  do_syscall_64+0xd2/0x200
[  335.748977][T17005]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  335.754870][T17005] 
[  335.757188][T17005] read to 0xffffc90002eb9028 of 8 bytes by task 17005 on cpu 1:
[  335.764812][T17005]  n_tty_write+0x14f/0xb40
[  335.769250][T17005]  file_tty_write+0x378/0x690
[  335.773935][T17005]  tty_write+0x25/0x30
[  335.778004][T17005]  vfs_write+0x52a/0x960
[  335.782250][T17005]  ksys_write+0xda/0x1a0
[  335.786499][T17005]  __x64_sys_write+0x40/0x50
[  335.791092][T17005]  x64_sys_call+0x2802/0x3000
[  335.795773][T17005]  do_syscall_64+0xd2/0x200
[  335.800280][T17005]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  335.806174][T17005] 
[  335.808496][T17005] value changed: 0x0000000000000000 -> 0x0000000000000003
[  335.815595][T17005] 
[  335.817915][T17005] Reported by Kernel Concurrency Sanitizer on:
[  335.824068][T17005] CPU: 1 UID: 0 PID: 17005 Comm: syz.1.4776 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  335.833871][T17005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  335.844010][T17005] ==================================================================
[  337.005444][  T316] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  337.016520][  T316] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  337.027963][  T316] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  337.039050][  T316] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0