last executing test programs:

4.838269299s ago: executing program 2 (id=2447):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="190000000400"], 0x48)
capset(&(0x7f0000000340)={0x19980330}, &(0x7f0000002100)={0x1, 0x4, 0x0, 0xfffffffe, 0x7, 0x179})
r1 = syz_open_dev$loop(&(0x7f0000000000), 0x9, 0x4002)
ioctl$IOC_PR_RELEASE(r1, 0x401070ca, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/14, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000000200)='GPL\x00', 0x6, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000001c0), 0x321fc1, 0x0)
ioctl$TCSBRKP(r2, 0x5425, 0x6)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0xc044)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="4000000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="81ffffff00000000180012800e0001007769726567756172640000000400028008000a00bc"], 0x40}}, 0x0)
r6 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$selinux_load(r6, &(0x7f0000000280)=ANY=[@ANYBLOB="8cff7cf9080000005345204c696e757813"], 0x65)
ioctl$TCSBRKP(r2, 0x5425, 0x80000000)
r7 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(r7, 0xc08c5334, &(0x7f0000000500)={0x8b, 0xfff, 0x1, 'queue1\x00', 0x80000001})

4.679274321s ago: executing program 2 (id=2449):
socket$rds(0x15, 0x5, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r2}, 0x9)
add_key(&(0x7f0000000280)='rxrpc\x00', 0x0, &(0x7f0000000100)="01000000020000000000006bb55a2a630b00c145f94cd977", 0x18, 0xffffffffffffffff)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000180)={0x58, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0x125}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x12, 0x3, 'hash:net,port\x00'}]}, 0x58}}, 0x24008890)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000040)={&(0x7f0000000340)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x2}}, [@NFT_MSG_NEWOBJ={0x5c, 0x12, 0xa, 0x401, 0x0, 0x0, {0x7, 0x0, 0x1}, @NFT_OBJECT_QUOTA=@NFTA_OBJ_DATA={0x48, 0x4, 0x0, 0x1, [@NFTA_QUOTA_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_QUOTA_CONSUMED={0xc}, @NFTA_QUOTA_FLAGS={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_QUOTA_FLAGS={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_QUOTA_CONSUMED={0xc, 0x4, 0x1, 0x0, 0x5}, @NFTA_QUOTA_FLAGS={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_QUOTA_CONSUMED={0xc, 0x4, 0x1, 0x0, 0x400}]}}, @NFT_MSG_DELFLOWTABLE={0x38, 0x18, 0xa, 0x301, 0x0, 0x0, {0x2, 0x0, 0x9}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x1}]}], {0x14}}, 0xbc}, 0x1, 0x0, 0x0, 0x40008d4}, 0x4000000)
sendmsg$TIPC_NL_BEARER_ENABLE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)={0x6c, r3, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x58, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e24, 0x44, @dev={0xfe, 0x80, '\x00', 0x16}, 0xff8}}, {0x20, 0x2, @in6={0xa, 0x0, 0xfffffffc, @mcast2}}}}]}]}, 0x6c}}, 0x0)

4.585868503s ago: executing program 2 (id=2452):
syz_emit_ethernet(0x1e2, &(0x7f0000000440)={@random="61fe71b72b5f", @link_local={0x17, 0x80, 0xc2, 0x2, 0x9}, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "d23396", 0x1ac, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, [{0x3, 0xa, "a78ce5400659808000000003f7ffffffffffffffffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34466d42c60a5c15b37adac15084dbaf736b41e5af1802"}, {0x3, 0x1, "000000000000000026000400"}, {0x3, 0x18, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d036397a0acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978"}, {0x18, 0xe, "06aa85616177c61bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0822a18b79f7c5eba31fb68b2d734a6671e27182aee4df24a4a5c"}]}}}}}}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'bridge_slave_0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), r0)
sendmsg$ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="00022bbd7000fedbdf2511000000440001800800030000000000140002007465616d5f736c6176655f300000000008000300030000001400020076657468305f746f5f6261746164760008000100", @ANYRES32=r1, @ANYBLOB="a9ad880b361fbc14af50350111ed49257e78c792280b705d69620e1e59490279f6c4785f2c51a338a2f237df5a6340e03b44080e21083d176f68f342fa852000ee0bd43339f98e03eaa02b22e816659a9ae2744ea4"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x80)
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x4}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
nanosleep(&(0x7f0000000040), 0x0)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet_icmp(0x2, 0x2, 0x1)
sched_setaffinity(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="0000000004000000000000003516cecedf4d5a1501e95eb3855c08610f8be42a4470d4", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4)
syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x800)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000a80)={{}, &(0x7f0000000a00), &(0x7f0000000a40)}, 0x20)
setsockopt$MRT_INIT(0xffffffffffffffff, 0x0, 0xc8, &(0x7f0000000000), 0x4)

2.018625722s ago: executing program 0 (id=2482):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
r2 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000fee000)=0x3fa, 0x4)
bind$inet6(r2, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @empty, 0x1}, 0x1c)
listen(r2, 0x50)
r3 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$sock_int(r3, 0x1, 0xf, &(0x7f0000fee000)=0x3fa, 0x4)
bind$inet6(r3, &(0x7f0000000140)={0xa, 0x4e60, 0x2, @dev={0xfe, 0x80, '\x00', 0x37}}, 0x1c)
listen(r3, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x51, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='timer_start\x00', r4}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000cc0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x4}}], 0x18}}], 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCBRDELBR(r5, 0x89a2, &(0x7f0000000200)='bridge0\x00')

1.988922893s ago: executing program 4 (id=2483):
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0xffffffffffffffff}, 0x13)
r0 = socket$inet6(0xa, 0x6, 0x0)
r1 = gettid()
r2 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
read$ptp(r2, 0x0, 0x0)
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)=<r3=>0x0)
timer_settime(r3, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000280)={0x2, 0x4, @multicast1}, 0x10)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
epoll_create1(0x80000)

1.961161063s ago: executing program 0 (id=2485):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
capset(&(0x7f0000000340)={0x19980330}, &(0x7f0000002100)={0x1, 0x4, 0x0, 0xfffffffe, 0x7, 0x179})
r1 = syz_open_dev$loop(&(0x7f0000000000), 0x9, 0x4002)
ioctl$IOC_PR_RELEASE(r1, 0x401070ca, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='GPL\x00', 0x6, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000fdffff"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$ttyS3(0xffffffffffffff9c, &(0x7f00000001c0), 0x321fc1, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="4000000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="81ffffff00000000180012800e0001007769726567756172640000000400028008000a00bc"], 0x40}}, 0x0)

1.719440567s ago: executing program 0 (id=2490):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff"], 0x48)
r0 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000640)={'wg0\x00', <r1=>0x0})
sendmsg$MPTCP_PM_CMD_SUBFLOW_DESTROY(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000b00)=ANY=[@ANYBLOB="0401", @ANYRES16=r0, @ANYBLOB="00012dbd7000fcdbdf250b000000480001800800060000000000060005004e2100000500020006000000060005004e20000008000600030000001400040000000000000000000000ffffac141421080003000a0101010500050002000000080002000300000050000180140004002001000000000000000000000000000008000700f5978284c1777ea73c05133251c0ee92e3341b4541ea1c5211ce1470ed1030b96a98c134c3ec6399f2873028087668ef1efea3cd33", @ANYRES32, @ANYBLOB="080003000000000014000400fe8000000000000000000000000000271400040020010000000000000000000000000001080004000600000040000180050002000300000014000400fe80000000000000000000000000002a08000700", @ANYRES32=r1, @ANYBLOB='\b\x00\a\x00', @ANYRES32=0x0, @ANYBLOB="0800060011000000060001000a000000"], 0x104}, 0x1, 0x0, 0x0, 0x40006}, 0x40)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000004c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000480)={&(0x7f0000000300)=@newqdisc={0x44, 0x24, 0x4, 0x70bd2c, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0xfff1, 0x2}, {0x7, 0xfff2}, {0x7, 0x9}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0x46}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x2}, @qdisc_kind_options=@q_atm={0x8}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x5}]}, 0x44}, 0x1, 0x0, 0x0, 0x44}, 0x40)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x8, 0xfffffffffffffec8, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x40)
mount$9p_rdma(&(0x7f0000000000), &(0x7f0000000080)='./file3\x00', &(0x7f0000000200), 0x800000, &(0x7f0000000600)=ANY=[@ANYBLOB='trans=rdma'])
socket$nl_netfilter(0x10, 0x3, 0xc)

1.702328708s ago: executing program 3 (id=2491):
syz_emit_ethernet(0x21a, &(0x7f0000000440)={@random="61fe71b72b5f", @link_local={0x17, 0x80, 0xc2, 0x2, 0x9}, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "d23396", 0x1e4, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, [{0x3, 0x2, "a78ce5400659808000000003f7ffffffffffffff"}, {0x3, 0x1, "000000000000000026000400"}, {0x3, 0x18, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d036397a0acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978"}, {0x18, 0x1d, "06aa85616177c61bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0822a18b79f7c5eba31fb68b2d734a6671e27182aee4df24a4a5c6186c0d3baa75af390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a000023f5acaa556b9f30dcab2b90aa235a670670ffc5dc49dfb58d89310000000000"}]}}}}}}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'bridge_slave_0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), r0)
sendmsg$ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="00022bbd7000fedbdf2511000000440001800800030000000000140002007465616d5f736c6176655f300000000008000300030000001400020076657468305f746f5f6261746164760008000100", @ANYRES32=r1, @ANYBLOB="a9ad880b361fbc14af50350111ed49257e78c792280b705d69620e1e59490279f6c4785f2c51a338a2f237df5a6340e03b44080e21083d176f68f342fa852000ee0bd43339f98e03eaa02b22e816659a9ae2744ea4"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x80)
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="0000000004000000000000003516cecedf4d5a1501e95eb3855c08610f8be42a4470d4", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4)
r3 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x800)
ioctl$SG_GET_VERSION_NUM(r3, 0x2284, &(0x7f0000000080))

1.622903579s ago: executing program 1 (id=2493):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f62726964676500140001007767320000"], 0xa8}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x18)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000740)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000060a0b040000000000000000020000002c0004802800018011000100666c6f775f6f66666c6f616400000000100002800900010073797a30000000000900010073797a30000000000900020073797a32000000007c010000020a01"], 0x250}, 0x1, 0x0, 0x0, 0x2000094}, 0x4000800)

1.57538091s ago: executing program 1 (id=2494):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
prctl$PR_SET_NAME(0xf, &(0x7f0000000040)='-,^!!\x00')
r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
recvmsg(r1, &(0x7f0000000540)={&(0x7f0000000180)=@x25, 0x80, &(0x7f0000000400)=[{&(0x7f0000000300)=""/222, 0xde}], 0x1, &(0x7f0000000440)=""/233, 0xe9}, 0x40010000)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r3 = mq_open(&(0x7f0000000a00)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xd3\xa7\xd8J\xfd\x94#KT\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\x88N\xb8\xde\xeb)\xcd\xc56m\n\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88|0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc\x02\xea\x91\xe8\xd8\x01YZy\xe6!\x89\x9c\xd1\xa6\x167\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1[\x84\x10aF\x9b\xda\xeb\xc4*\x02q\xb2\x92\x00\x8cv\xac AN\xb9\xaa\x81W\x97Te\x81\x98L\xfe\x97+u\xd3^\xb1\xf0\xe0\x1f\xbd\a\xbb\xe5\x18\x9ds\x12ha\x00\xeb\x84\x99\xc6\x0f\xf1\xd5LD\xa87\xa0DQ\x8a2\x16!8,\xbc%$\xf1\xf2\xd6\x9cy\xecK\xda\xc5\xdc\xfa\xdd\xf6\b\xc6\xb4\x14\x16\x9c\x7f\x92\x85\xb0\xa2%:\xf0\xf4\x150\x0f\xb4\xa6d\xb4\xe4L\x19W\xd5\x90\xf7l\x1b\xfe\xde\vh\x97=m\x82.\xac\vh\xfe\x84Q}\x838/\x83\xebP\xbe\xd6+:\xceE\\\x95\xd4\xac\x92\x87\xd7\x98\x97\xe3\xec\xad\xd5\xac\x80C\x84R\x88r^g\xbaQ(\x9a>\xe2\xba\xa8=\x17\f04\x8f\x1f\xf2\x88*@v\xe7\xd1\xee\xb3\xc2\x8dT\xda\x81g\xd9\x1a:hzW6s)x\x06\xae\x11\xf2\x1e\xcd\v\xe5L\x19\x96s\xbc\x9e\xf4\x10$\r\xa4\xd8\xa2\xa2\xfcM\xc5R3~$\xc0\xa5n\x9a W\xb1e\xcc<$\xf5#G\xce\xaf\x88U\xfa\x80\xf24\xf6\xb5\xef\xe2z\xcf\x9eN\x92\xac\x81{\xe6\xbd\xd7\x16\xe6F\xe2\x9e\x91%\x94\v\xb9\xdc\xd6\x87\x8f\xcd\xc1\xb05\x81\x81\xf8\xe9X\xe8Kt9@\xf4\xe1\xa6=\xc9\xe1:p4\nP[f\x1d\xfd\xfa\x839\x8d\x0e\xd1\xf9\xa0\xd2^E\xe5\xedo.\xaa\xf2\xb4\xcdn\x14\f\xcd\x83_yk\xda\xc5\x89\xf0Z\xea\x1d\xbd\xc00\v\xa3\xb3\xbe\xe6\x8b\x18/\xa8\xaaY\xf2\x89\x0f\x9enOOr\x00\xb2\x01\x1f:Z\xb8\xee;\xe3;\x8aPV\xce\xee\xf8[\x16\n\xe6:z\xb8\x1dvk\a{\xc1\x14\xd9+\xdb\t\x11\x90y\xe8\\\xe6\xfc\xca\xb4\xcbC\xd6\xd0\xbeC\xce\xc0L\xdb\xcd\xb3\x907c\xb4\xa6\xce\xdb[\xce\x122N\xa3\xc7Q<\x1a\xa5\xb3)\xc5\x98\x84\x8a\x82\x19\xb0\t\xac\x10\\\x8c\xbe\xcb\raIYe[\xa8\xc4\xac\x0e\xbb\x0f\b^\xdag\xe2\xa9\"\xf5h\'\xcf\xd9\x1b\xef\xe3\xe7y\x82\x1e\xca\x7f\x02 \xcf\x9e\xe0\xd9TM\xb9\n\xa9\xad3\x91\xa5\xe6!\xcd\xa2\xa4\x14\x12\xf9\xbf\xa8b\xcec:\xd7\'\f\f\x957\xc9}\r\xa6\xaa\x0f\xca\x96\xeb\x00\x00\x00\x00\x00', 0x42, 0x1f0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080200000e"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x20, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="180068d2558e4cdfffffffff0f991e3051e7de00", @ANYRES32=r0, @ANYRES16=r2], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x4a, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xa9)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r4}, 0x18)
r5 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r5, 0x8946, 0x0)
mq_timedsend(r3, 0x0, 0x0, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_clone(0x42164000, 0x0, 0x0, 0x0, 0x0, 0x0)

1.525642731s ago: executing program 2 (id=2495):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
r2 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000fee000)=0x3fa, 0x4)
bind$inet6(r2, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @empty, 0x1}, 0x1c)
listen(r2, 0x50)
r3 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$sock_int(r3, 0x1, 0xf, &(0x7f0000fee000)=0x3fa, 0x4)
bind$inet6(r3, &(0x7f0000000140)={0xa, 0x4e60, 0x2, @dev={0xfe, 0x80, '\x00', 0x37}}, 0x1c)
listen(r3, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x51, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='timer_start\x00', r4}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000cc0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x4}}], 0x18}}], 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCBRDELBR(r5, 0x89a2, &(0x7f0000000200)='bridge0\x00')

1.501787852s ago: executing program 2 (id=2496):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[], &(0x7f0000000100)='GPL\x00'}, 0x94)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
prctl$PR_SET_NAME(0xf, 0x0)
r0 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
recvmsg(r0, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x40010000)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = mq_open(0x0, 0x42, 0x1f0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00'}, 0x18)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
mq_timedsend(r2, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r2, 0x0, 0x0, 0x6, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r4, 0x0, 0x401}, 0x18)
syz_clone(0x42164000, 0x0, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r2, 0x0, 0x0, 0x0, 0x0)
r5 = dup(r1)
bind$rds(r5, &(0x7f0000000580)={0x2, 0x4e23, @empty}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
write$UHID_INPUT(r5, &(0x7f0000001040)={0xf, {"a2e3ad21ed0d09f91b3d090987f70e06d038e7ff7fc6e5539b0d440e8b089b3f380068090890e0878f0e1ac6e7049b334d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b5b070d074a0936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)

1.163099638s ago: executing program 3 (id=2497):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='GPL\x00', 0x6, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r1}, &(0x7f0000000000), &(0x7f00000005c0)=r2}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r0, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000280)=[0x1], 0x0, 0x0, 0x1, 0x1}}, 0x3c)

1.145177289s ago: executing program 3 (id=2498):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00')
writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000040)="dc", 0x1}], 0x8)
socket$l2tp(0x2, 0x2, 0x73)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000180)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSARP(r4, 0x8953, &(0x7f0000000180)={{0x2, 0x0, @empty}, {}, 0x68, {0x2, 0x0, @empty}})
recvmsg(r2, &(0x7f0000000100)={&(0x7f0000000300)=@hci, 0x2, &(0x7f00000000c0)=[{&(0x7f0000000400)=""/248, 0x1e09aa98}], 0x1}, 0x1f20)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000001100)=[{&(0x7f0000000440)="2e0000002e00810804fb7fec598f866b0a9a5972130000005e140608000000007a0000a71802dd", 0x27}, {&(0x7f0000001440)="f6e14ee68a9418", 0x7}], 0x2}, 0x0)
sendmsg$tipc(r3, &(0x7f0000000240)={0x0, 0x810100, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1, 0x0, 0x0, 0x3}, 0x40000000)

1.131532509s ago: executing program 4 (id=2499):
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/kcm\x00')
read$snapshot(r0, &(0x7f0000000100)=""/36, 0x24)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000940)='GPL\x00', 0x1, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000c80)={'lo\x00'})
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800019f000000000000000002000000000000000800010001000000040004"], 0x24}, 0x1, 0x0, 0x0, 0x4005}, 0x0)

1.1118681s ago: executing program 4 (id=2500):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r0, 0x0, 0x840)
r1 = creat(&(0x7f0000000240)='./file0\x00', 0x103)
dup2(r1, r1)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x4, &(0x7f0000006680))
r2 = gettid()
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="070000000400000008020000d900000000000000", @ANYRES32, @ANYBLOB="000000009cb9ecb38e156102989411c3910000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000400000000000000010000008e", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000001b000000b7000000000000009500000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r4}, 0x18)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0300000004000000040000000100000000000000", @ANYRES32=0x0, @ANYRES32=<r6=>0xffffffffffffffff, @ANYBLOB="19"], 0x48)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x2000400, &(0x7f0000000080), 0xbe, 0x7c0, &(0x7f0000000f80)="$eJzs3c9rG9kdAPDvyJZ/Ja1dKLTpyVBoDSFynbpJCz2k9FAKDQTacxMjKya1bAVLDrExJKEUeim0pYfC7iXn/ZG97XV/XHf/iz0sCdldx6yXPSxaRh7Zciw5dtaSDPl8YDzvvZnxe1+/mfGT3iAF8MqaTH/kIs5FxL+TiPGsPImIfCM1GHFlZ7/tzY1iuiRRr//586Sxz9bmRjFajkmdyTI/jogP/hFxPpcWjOyrt7q2vjhXLpdWsvx0ben2dHVt/cKtpbmF0kJp+dLM7OzFy7+6fOnkYv3y4/WzT/7zh5+/feXrv//o0b8+TOJKnM22tcZxUiZjMvub5NM/4T6/P+nK+izpdwN4KemlObBzlce5GI+BRqqD0V62DADolnsRUd8zVAcAXgFJ9LsFAEBvNd8H2NrcKDaX/r4j0VtPf7czNbmVzW1u78Y/mM3ZjTTmQce2kn0zI0lETJxA/ZMR8fq7f30zXaJL85AA7dx/EBE3JiYP3v+TA88sHNcvDttYH26sJp8rdv+D3nkvHf/8ut34L7c7/ok245/hNtfuy3jx9Z97fALVdJSO/37b8mzbdkv8mYmBLPe9xpgvn9y8VS6l97bvR8RU5IfT/Exj1/ZPQU09++ZZp/pbx39f/Pdvb6T1p+u9PXKPB4f3HzM/V5v7rnE3PX0Q8ZPBdvEnu/2fdBj/XjtiHX/8zT9f67QtjT+Nt7kcjL+76g8jfta2//f6Mjn0+cTpxukw3Twp2njnk/+Pdap/r/+HG+u0/uZrgV5I+3/s8PgnktbnNavHr+Ojh+Pvd9rWev63j7/9+T+U/KWRHsrK7s7VaiszEUPJnw6WX9w79m4+S2T7p/FP/bT99d/p/M9lz8be2M0dbvDJZ29lv6pt/A33O8XfXWn888fq/0MS9eyY5zY92l4c6FT/0fp/tpGaykqOcv97QUubiRd3HgAAAAAAAAAAAAAAAAAAAAAAAACcgFxEnI0kV9hN53KFws53eP8wxnLlSrV2/mZldXk+Gt+VPRH5XPOjLsdbPg91Jvs8/Gb+4nP5X0bEDyLif8OjjXyhWCnP9zt4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMic2f/9//fSVaGws+3T4X63DgDompF+NwAA6Dn//wHg1XO8//+jXWsHANA7x379X0+60xAAoGdGIn+0HW90uyUAQK+Y/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDLrl29mi71rzY3iml+/s7a6mLlzoX5UnWxsLRaLBQrK7cLC5XKQrlUKFaWOv6i+zurcqVyezaWV+9O10rV2nR1bf36UmV1uXb91tLcQul6Kd+zyAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg6Kpr64tz5XJpReLQxOjpaMapSQzGqWjGiSXqAzvXw+loz2A0S4b61ozWu8Ron+5OAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKfftwEAAP//uwceNw==")
mkdir(&(0x7f0000000000)='./control\x00', 0x81)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f0000000a00)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000040000850000007200000095", @ANYBLOB="2ecbb6d0e629feb8740e6f3e793baf4ce177d6e081443c86f577f4c18cd64e641c2694d88aba1d1829d501d6e5055e9b59f2f155946fd183decbe629e284bdfe04d88bed950fae69d0f0e0bf74d2dbb709f191f009a88b6381d84f28ada16ca4a3b4c31112b9b8544591d0e4", @ANYRES8, @ANYRESHEX, @ANYRESHEX=r6, @ANYRESHEX, @ANYRESDEC=r5, @ANYBLOB="8e4fbeb1b1a97c10c376633b6eea8c1a62f584668ea3dc69c079", @ANYBLOB, @ANYRESOCT=r1], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000004c0)='kmem_cache_free\x00', r9}, 0x18)
r10 = open(&(0x7f0000022ff6)='./control\x00', 0x0, 0x0)
mkdirat(r10, &(0x7f0000000400)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x8)
ioctl$int_in(r7, 0x5452, &(0x7f0000b28000)=0x3)
fcntl$setsig(r7, 0xa, 0x12)
poll(&(0x7f0000b2c000)=[{r8}], 0x2c, 0xffffffffffbffff8)
dup2(r7, r8)
fcntl$setown(r7, 0x8, r2)
tkill(r2, 0x13)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0xe, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200b30000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x41, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)

823.035675ms ago: executing program 0 (id=2501):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
capset(&(0x7f0000000340)={0x19980330}, &(0x7f0000002100)={0x1, 0x4, 0x0, 0xfffffffe, 0x7, 0x179})
r1 = syz_open_dev$loop(&(0x7f0000000000), 0x9, 0x4002)
ioctl$IOC_PR_RELEASE(r1, 0x401070ca, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='GPL\x00', 0x6, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000fdffff"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$ttyS3(0xffffffffffffff9c, &(0x7f00000001c0), 0x321fc1, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="4000000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="81ffffff00000000180012800e0001007769726567756172640000000400028008000a00bc"], 0x40}}, 0x0)

813.315775ms ago: executing program 4 (id=2502):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = socket$inet6(0x10, 0x3, 0x0)
sendto$inet6(r1, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff3b, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='kfree\x00'}, 0x18)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000840), 0x81, r2}, 0x38)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000d80)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000580)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x2a, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000040)=0x3)
writev(r4, &(0x7f0000000080)=[{&(0x7f0000000600)="cb", 0x1}], 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r5)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01002dbd7000fedbdf2531000000180001801400020064756d6d7930"], 0x2c}, 0x1, 0x0, 0x0, 0x2004c890}, 0x2000c800)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x111}}, 0x20)
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000640)='./bus\x00', 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="009f587a31d53b5cb6077bd11087bb6e13aac56feecaaae0b009cee43814e80646ff2772abedb27f35c706ba7c624afb75f473956061ae41834d27270063fa18a3515f9ac6cd6f15a042b1edcd60bdeb55446beed1014aa13d43d399fb4f716b8a24502a8e3e697642b172841c89aecefe0cfb3c32d7c28955601f41fb90d51951d91a35a5abeb4ffceef5cf6e190ec9eb6f91a0d06882039b54dd4485b823414e06691b0244ca11ac0baeaeec1a96861d358464329c64b77e6ff2e2d8a6bb29268be3e7c46750210270d79e1054add6c2ef3f0373", @ANYRES32, @ANYRESOCT], 0x1, 0x1282, &(0x7f0000002880)="$eJzs3U1rY1UcB+B/pmmbduyLOo52QDzoRhHitAtXborMgFhQqh1QQbhjUy1Nm9KEQkScunIl+DFEXboTxC/QjRvXgiDSjctZiFfSpE7TpB2nNq0Mz7PJ5ZzzO+fce8qFW+7h7r3y5fraSr28kjXiUqEQxc3hKN5NkeJSDEXbTrxw6+dfnn7rnXdfn19YuLGY0s35t2dfTilNPvPDe598++yPjcu3vpv8fjR2p9/f+2Pu192ruzN7f30Tq/W0Wk8btUbK0u1arZHdrlbS8mp9rZzSm9VKVq+kUmeMe/Ur1drmZjNlG8sT45tblXo9ZRvNtFZppkYhNbaaKfswW91I5XI5TYwH/8XS13fzPI/I8+EYiTzP87EYj8vxSEzEZEzFdDwaj8XjcSWeiKvxZDwVM/utDvIjFzt9AAAAAAAAAAAAAAAAAAAAeEjcZ/9/oXf//+hFTxkAAAAAAAAAAAAAAAAAAAAeOkf3/xcjHuD7/wAAAAAAAAAAAAAAAAAAAMBZuM/3/4/s/3/R/n8AAAAAAAAAAAAAAAAAAAAYhFL7ZzGlUsT659tL20vt33b5/EqsRjUqcT2m4s/Y3/3f1j6++drCjetp33S8tH6nk7+zvTTUnZ8dnorpQt/8bDufuvOjMX44PxdTcaX/+HN986V4/rlW/rN2vhxT8dMHUYtqLEcUOme/n/90NqVX31gY685fa7U71tCAlwUAAADOUjn9o/f5fafTqG99u6rzfJ46LQsn/H/gyPN5Ma4VL+qsOVBvfryWVauVrVMejBzfz0h3yVin5anHKkRE1hWfHP9tsdXlaSd/ZgdD5zro8Mltjq7FTOnEDi8dWsEo/g8u5hkc/P7VoZJSDGqs4dafc0/VwQXNqq3757/rMHbyfKCXZaRf1ehJqePvGYUB3o84X/cW/aJnAgAAAAAAAAAAwIPo+/bfWET0vA/4UU/Jwevh3fHeno8f/YtzOEMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+ZgeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwVQAAAP//kh3BBA==")
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0)
ioctl$EXT4_IOC_GROUP_ADD(r8, 0xc0185879, 0x0)
r9 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0)
writev(r9, &(0x7f0000000000)=[{&(0x7f0000000080), 0x62}, {&(0x7f0000000100)="06010000246837f73199aee6fdb9291b3091ec1a06000000975ad8ec030f5919f397867997f9c0efa9c9092a31cdbb98ea272787afda0af59a320709c3a59ef05c6f40ceafec53f48d6186e7d8409e35306221caf67b370d875eff3191932728e5ab6c9a3acf6ccee3e352c898f5744abaedfb53f92c37acb126bd143f3e9cdfcf25a8d6129fcc3a141c3f5ab6db772f87c787817a9b699dd60732d952716b103bc1e91ac5b1ed92f35389580994bb0df9bce07e7a80921888f984139f488d256a67fec0cbb5c4e93d5c151d97f676ab93b1efbd46f600dc964231e3257bf358448fddf894c0cdfa9115adbe5b19bc912fcbc8aac7719b649b1ff1267491da", 0x682c}, {&(0x7f0000001480)="d1ffacd516de50ac9d15bc75316da4defa1e72f65a65cdd26dcc389aacf7856da9aecf3765d4c032e1960faf25bad906b7d3440b6e71a82f1d8f8b8db35b6091f3af94c6b46b9ab10fe3923f268771078d2668be7bd3eb941d4bb5baa8547e36283a065ce5766cbff3a8fc37fc4507643d3786bbf231d3ed88cb8b01eab14e4372cf4f89bd1b853caa5d9f07f523b9dfa8cc09053ff36fde08e96fb6b3acc196b1bd1e2d3a6c65f585df7e2b8b17439a7ab29a7dfe642c2f0ac7a81eca8073b559663f2daf7a0832b2b09557794a21bf114831f8e6db3922d0cd169e5a8b4adc95d7322ee75944de15f57780b88fef7f3d9b256705ccfa2125b43ce8e3aacaead963cdd7f792f14c9b24493f9f830f6de8da93bbd4357095631adec14224dd9bb049e826f3a49624393e6a031103faff0902ba88ae30af4a61caa77ff956214196fcf3c5536d823284306f367afcb46fb43231911cc53091671e7d853ebf015241b18e9fb6ac6d9a7a1b05dfd6d9e56a51567cd8837dd045abf6b85550f0dd8dded43147ab9bfadc18b9984699d5d875cb21a95a7f584d8c466d033df75193f9ae58b85cfacc54f6c6e12a0debe40ee361a839563bc2cb64271672a55370c2b035b482074ce2487ef8a3bc1c68856e6e09539276d961a0c647f1ee3237496fc99623e8fd33faf7797d86a88dcee152d15e10739bcbbd6077b76867e291f350d999024c12faf81f83792f48f7f6dd66aa6854e460ef7f8c755f3a6dd76509ea0d2db39057a5129185b2fb11546cd5d6cc59f640e9028ae6c7075fba5e5b5593d7f79ec387833f465d09bde464112821eaec5e6e8f2aee8d7358f9c14afe2018856f610848706c71cda62493aef2e39efb71b4a8e804847eda66b2b5b1d75b478f19208ee1ac43afb2dbbba5dd0f29f6946022e09fb853cb176ca3474ba2fa67cb245fe85ec61a095d6fd9ac2ac5685920201617342fe56072427b9bd3626a1a371e67041fcda781be0c234d6feb5ad500e8bc7074381fd0d04983a4a6cdb6c8e03d59dc50925e9e4b24e6f8e455f02818959f2927f0a2d9ff62ec3c5c399077048f7d3dad0830b2e6563693f2f9d48eca8c34804a7626282a4a214d13786993c011a88194dbf7b23e25f592e62186c9fb565fac7632de356153c89a6be0b6b26ba48c2427424769fcbd7ee072ed4bd4d0731d06c8537d616b1145a6c70edb13fb4dba3565221b3a2897a23861cd0e8e0060021cdd7de002d5e785e5d6d3d07f4e445ada9c8d9ba8b819d0b5c7b5d15a5192d3a83c125c8e117c823a9e33316b8c9154e7330d3a865048dbd9c14757691bfe56f10423f6ab717bec5eebeac6ba9ad1aeb6cde09d7fda8e475a71ac48d46b8d9a40879c9dec2db5c4799e5fc8e8b3d419031c1033fce88ae2c93d7ca62c9302e6b45ca8dfebe5b92724f035e8e9d7704efb23f445999fe08cfa28404874d8acc8d37870d394d9fcc8dbe763bc85c37f0f3bcc2cbea420cd073db598e7d89c14a31e5bf57cbefa301427c93091505f1f3e5cdf712958b2e8fc56684d3388107c1728f0e5a3be2164246071653e256ed3bf3000c17301da9a5a3d9ca475867c4f311a24e5ae909a62047a9e6bb71cbcb4f159c2ef0f66b4d0f9da51aba99cd9448443dd277362af18d32f111c48a952ef555b2c7c58b997ce61e74cc7551b57eaffe411219baddf490926d8e260dcd87c069e617195c352950f9b51ce88c12c4f7997ba515f77e68d44f831cdf4d7ee8b1b7cedcb4c4fc7e85ba288c8555d49d5b4b9bb70dc4b688bd12e6b38e37150f3ea457a76b23d5abe6551ea598e090aed87822b0954b8db1a7c605c925b7f9240b0e7a020f292a1fd4a37c74139bc6e7ff08373ebfc8feea371ae0b6c61c715f6f1f4b0b994c7e2e129f87db959aae6ff48664d824b29ba9f255890f9c537178db9c5302097891557f8175a46f308b1a2530aa726ea9d4cfce76db50637369724d0c5f51c97edb58ff5eb9b2434b3721b61688ba12471b97c6a65ba085e15406568ac852590701f2ef8451c5cf1191d70f51eaea9ddc4cbdd7428f627db5069111f65062d5cc34581826af3e670613dda99e31c42736aabd87be56e214ed606862a152455f91891b7430bae03284569c234588f495a5ecc4a23fad6ba34e2ee9ebde8c7f5f62c9344659375c2a1fe6fa6e4ef68712223b9471c513bb11429dbb8a45463c8882f462275ee0da567c60c2d8038843e0c20486676e9978f2aec9187820c94a6e7e519d06daf2ab198f5cafcab4d9c90a479800906192d66a3301a34fa6c5a931cea0a479a4d98d86d9de3e061323504b57186dd33df7a16ccb688c0de203666cb0a6b543a9d069dded44a3b432cbb71da921dcab6be1c2d7494d3b07841d9b4f9d659b5d3d3b2ed916f91588d589128e4b2d4448e6aab5a8160eddca0f6e022abb85e251a11cd6bae57a09b2c434ab5bdf6264afb20d5ab022d152e345bd32ba9283aa5b3cd9118bd271a8ac9083c98b8a83064e65428f7ad7b35bf1d60d4e703f22d2d316fc12bd68bcced82cf0962a3d5769c6a3d75d59f7a7b76454661fd3574b8c8e26d20c372407854505ea6c2406fbd8a1ba7bb017c565228aa6d03d18ed309a308ffb1ecec73c246413e7c70f25070eafed9e70d22e9e8b44125c44eceff37e65bf073bc6fad1ea2b72675af4bf70586a8f7e0f35700de94c802522897576ed115fa21b3d23a367844520b33f5b9aedc0245096765f4cb3b2ff4e54f39bd7346c2347875d75a931b17c6c424ddb4767e0e63cc7725a8fc4b1dbe7929b2f909cc5be8b09e63330341e6471dcac0f8b44693d01805a1467b71612260e2a273861b3697440a5f75497796bffcf79d62a4a50a6ed5ef2efe8c83374f2ecd08d8d628aa03b01a11caeb2bdecc0ab2abcecfa15627979d7c3f9dec5389fc6625e957f8075e23e636dd5514596189d568e14d33ae518e6e9978c6a36a74b49fdbd1260095c9abe447e618878039b75e305b1d2c9ddeb9e5cedb11802e0833739d8595d57d749c890c9290cca4aa96e6718747543796a187e54a66c2f71beefddf911a7a74b59c48ba642d5ecd4d415f48dfbde5baac8a4ba063c1b985d9f9f3180e8a1c8b2cf6a25c2ff17688cc858ac8b9c67960f09a1ca5f28f8e877159e00fe7fb10cca73b391508895e7e52c22f9b38d73dabd6ff7c55ebf4e1611daee8d52b4ceee49a6df7daeb81bf9d1c943a74c03d3dda52c5b99f3225c1b87074f5cef6187878bc5b665ec0561adcc9781280dd1c6592555d327afea78b21beeeb66a0af3eab3249245f41cdbca309d3fba5d4b345319dd0a26134c0c896f2c8d32fda28600013f6a4c95b4038faba70d6c480b360c55bdc0595f7ca636e85521ba505d894f9c5f0a90719bc9944f386ad7491422ff12f34a3c048708d51305a8cc5b2a502ac1575a14c75e9fb7219ede2f6d9c1b362230b6189e0d8cd8ccd11fd0325182c6e46c9977bf63aa02f7024aeb4389f989f5733a198b45e4329c4c1a538a009f216ad3ac09cac39547b4fd21a5d7146ea307ad9b9339f39d5161d17b59860a0aed38cd89d1b68c6438346d51a3a283074e34ee01d2eca527b1b3836ccdf7e807007152c79d14324e3d887c9551a9447527db4434810f5b0b73d855f32a0c89aa784e43f4c1657d408dd33f88aeae1e5186bbcc2a348b708e3cec9080e12ee3676beb5ee86a9b5cc4a3496c242b95a248906ed62f984b22373bdfd97515441f34e01006d8d1244aa88403f207cd8820ffe07634fc86d00f871c1e4c9e8fc1a00d295e36d98119599b62379cda10ada85efe7b50c5f38d8d010a2cd53db900939db1ffce14feffb7940d12842f4f2b507e1fa49e526752d1e3d80a0c2a75e870d85f77fd91fc46ac1b1288dd33338cdad154d6b80b5a925431868d62a3fb0036f28fe259a3f555f767526a9ea230c33843efc49ac3182a357845ea122d606ab22c9f937b2b905e02dd1cb07d380e3486be6167f00b6e6d90a3c1d6aee15da439a55542ce177e498998ba8ac69a848e63e4c7564e4dc04aad595fa1ab81275edafa0d352029c304200d2f2c5881cbf5a26b2141bdb117879cc11e7c13bd62f221ae1ac04dca3d8d58a13c130557ecf5f36184c7366d3852d0cbd6ca42f2a971d87c0bb204097af1a3abdab7b95d07fcdbf5f42607695dedcd26e30b8fc5cfd7b333a95f3ee69d5ba7911dadb1394285c437a0f26fc027737ba5ee7d63333f80acb59f1a7faf2ec3031c6533107502bffc92d8726a48ce00cdb5f1258d85ff8eb72bfb162e122022f1f3e8a72b41d2689d5228b1130fbc946384401f3bbe726314bb09d430333ad78de07b3cec5c18a4f4abb69507b6451ca4e610b8fc988c983426e0cc3b9d15393026eb75d3d08634b8a7495cef69aab83d27ea1b5b41f40b996dd10023d81f77d61192930ffc25cae1e149412322fcb0aa47bee3afc44ec3dda96c9294854e2cbaebfea6f9a90f0b3797d5f505824b4de964151569f881f87f9dd9d30a2a2f9ed01059a909cba157902903c77f2f3d056231e7c7483a3f35e04360e084f0d3f94a92c92c77b3f06479fbc417366d7fe87ddfcdfd86274f87a5f817b0f947924cbe2329f16f6b00c8a0ab96164f7b35fed38a388380af05c3600abc37a944c9e75a691728c26896ac3615297766f406aeb0f2fd147d68fad3fb3b032880280ebb4bf89252a36b0d9eb393daae72829b8da870b886676244897d5322b32703fcf138b66eedeb3024666a88fd99d8962f696ab7b34e19ced1bd27488aa2ffe5bfa11f8f9289bd8c052d4e88316cc33b0255ef1bfca4c17067d7f78175c56db481fe8dc6f73b1cbdf9d5823f115c9e03f2dfd07bc1ad88564d48b18cd9a30d83cbd5e6a3eedcb0ee86e5dd47f32820cb74dcf730b2052b31297b529e5e24f042335d13915e4048132fe1a101841e919c7870bb680eddead9a6111394bc12e274fbd88abaf2d254721c42e82abf4d1e319a631794ed6ce319ddd844ac5e9b1fc96dd9aaad42f2e087abe1b85430c4a00631970e3e74a6ed923f49e0df75685e044fae3fcea0af4dbfeebe0a9c2e73e8a89b89603a75f585e3ebba5453ae595da1469ea90ea3c9fb6a22411c56c58dfbf504caa629dbfc73ebbedc91669f2babf8b8215c525edf8feb366f104ffa9eb2bb79232660aece4730ef1ae8585c629ffe1390356a58e900da145b83ad177c7bb2d125e59d7ff4d3a8562efc620b4cf9b33c2305bbf1957e0f8b06f0fbe9c80db73b08fdd0be4a1ea4f91f52af47160040424aed8ac3c10251fb0b5d9be08247edf3dda5d1750d0597d60c8a0d9418a4e0c9325bb90f0886f9e5dda9e88ac1942ec1e53da0cf5ccad66b9cdfc2fdca784dd06a73713ef73785706d024873ddca5ccfcf0b91748a2c1fbd8c241934b5b473007b29d76aec5addf7b945a5f7abd6ddeccc8d0ccb26d69d4793b7224c27ba7bf45aac8a2be56086ab8c65ea69fdd593a01a29e2912378002d824bd98e6ed1c5dd5f33be529e640997f5f1bbde051fb2a669145966db4889bf32aa13777ac6c077c51bb8b2523954cea3adc307cfe53b8cbb00edf0c04c456392aea6613e8078a309dc538a6a24f80fc1b7f9fce3e3291ca6dab8090a634fcdb24e7a9de8aecd595b988f597cd623d148a8841b0a5203953166ea2e85316928f28dd2604d37c9ec80a49c0d91cbfe6d584b9b6a321b97bf99ae1d67985fd441976a828c97456003a7892c7c7f4a51bb49e3d3ea1e95ec29c89a2676", 0x1001}], 0x3)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
getresuid(&(0x7f0000000040), &(0x7f0000000240), &(0x7f0000000300)=<r10=>0x0)
ioctl$TUNSETOWNER(r8, 0x400454cc, r10)
syz_memcpy_off$IO_URING_METADATA_FLAGS(0x0, 0x114, &(0x7f00000003c0)=0x1, 0x0, 0x4)
bind$rds(r8, &(0x7f0000000340)={0x2, 0x4e24, @empty}, 0x10)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x40, 0x0, r7, 0x0, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, 0x30}})
io_uring_enter(0xffffffffffffffff, 0x3516, 0x0, 0x4, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})

682.875228ms ago: executing program 1 (id=2503):
mkdir(&(0x7f0000000580)='./file0\x00', 0x92)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r0 = inotify_init1(0x800)
inotify_add_watch(r0, &(0x7f00000002c0)='./file0\x00', 0x100080c)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000340)='kfree\x00', r1, 0x0, 0x40}, 0x18)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xb, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4004055}, 0xc00c880)
socket$kcm(0x2, 0x5, 0x84)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0)
openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB="50000000090601020000000000000000020000000900020073797a31000000000500010007000000280007800c00018008000140ffffffff0500070084000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x4000}, 0x80)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
r6 = openat$selinux_member(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
write$selinux_access(r6, &(0x7f00000004c0)=ANY=[], 0x56)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000480)='kfree\x00', r8}, 0x10)
sendmsg$NFT_BATCH(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c00038008000140000000000800024000000000180003801400010076657468305f746f5f687372000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c0003801400010076657468305f746f5f687372"], 0xfc}}, 0x0)
faccessat2(0xffffffffffffffff, 0x0, 0x2, 0x1200)
ioctl$SNAPSHOT_GET_IMAGE_SIZE(0xffffffffffffffff, 0x8008330e, &(0x7f0000000400))
setsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x43, &(0x7f0000000080)={0x0, 0x2710}, 0x10)
lsetxattr$security_selinux(&(0x7f0000000400)='./file0\x00', &(0x7f0000000000), &(0x7f0000000280)='system_u:object_r:fsadm_exec_t:s0\x00', 0x22, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)

659.929828ms ago: executing program 1 (id=2504):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000200)={{r0}, &(0x7f0000000140), &(0x7f0000000040)='%pI4   \x00'}, 0x2a)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
syz_usb_connect$rtl8150(0x1, 0x3f, &(0x7f0000000000)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xbda, 0x8150, 0x0, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d}}]}}, 0x0)

644.517408ms ago: executing program 0 (id=2505):
msgget$private(0x0, 0x8)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0)
openat(r1, &(0x7f00000000c0)='./file0\x00', 0x6a1c2, 0x50)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000100)={0xa, 0x4e22, 0x5ccc6e75, @rand_addr, 0x3}, 0x1c)
listen(r2, 0x3)
mount$9p_tcp(&(0x7f0000000100), &(0x7f0000000140)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='trans=tcp,port=0x0000000000004e22'])
close_range(r2, r2, 0x0)

626.628448ms ago: executing program 2 (id=2506):
syz_emit_ethernet(0x21c, &(0x7f0000000440)={@random="61fe71b72b5f", @link_local={0x17, 0x80, 0xc2, 0x2, 0x9}, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "d23396", 0x1e6, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, [{0x3, 0xa, "a78ce5400659808000000003f7ffffffffffffffffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34466d42c60a5c15b37adac15084dbaf736b41e5af1802"}, {0x3, 0x1, "000000000000000026000400"}, {0x3, 0x18, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d036397a0acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978"}, {0x18, 0x16, "06aa85616177c61bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0822a18b79f7c5eba31fb68b2d734a6671e27182aee4df24a4a5c6186c0d3baa75af390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd"}]}}}}}}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'bridge_slave_0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), r0)
sendmsg$ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="00022bbd7000fedbdf2511000000440001800800030000000000140002007465616d5f736c6176655f300000000008000300030000001400020076657468305f746f5f6261746164760008000100", @ANYRES32=r1, @ANYBLOB="a9ad880b361fbc14af50350111ed49257e78c792280b705d69620e1e59490279f6c4785f2c51a338a2f237df5a6340e03b44080e21083d176f68f342fa852000ee0bd43339f98e03eaa02b22e816659a9ae2744ea4"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x80)
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x4}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
nanosleep(&(0x7f0000000040), 0x0)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet_icmp(0x2, 0x2, 0x1)
sched_setaffinity(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="0000000004000000000000003516cecedf4d5a1501e95eb3855c08610f8be42a4470d4", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4)
syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x800)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000a80)={{}, &(0x7f0000000a00), &(0x7f0000000a40)}, 0x20)
setsockopt$MRT_INIT(0xffffffffffffffff, 0x0, 0xc8, &(0x7f0000000000), 0x4)

597.479099ms ago: executing program 4 (id=2507):
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70200001400a685b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
openat(r0, &(0x7f00000000c0)='./file0\x00', 0x10000, 0x149)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0xa, 0x3, 0x87)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'gre0\x00', <r6=>0x0})
socket$nl_route(0x10, 0x3, 0x0)
syz_mount_image$ext4(&(0x7f0000000300)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000001c0), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2000006, 0x31, 0xffffffffffffffff, 0xd0fb6000)
setsockopt$MRT6_ASSERT(r5, 0x29, 0xcf, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000001140)='ext3\x00', &(0x7f00000007c0)='./file1\x00', 0x1416c14, &(0x7f0000000340), 0x1, 0x786, &(0x7f0000001d80)="$eJzs3c1rHOUfAPDvbJKmTdtf8gPR1lNA0EBpYmpsFTxUPIhgoaBebcNmG2o22ZLdlCYEtIjgRVDxIOilZ1/qzasvV/0vPIilalqseJDIbHbaTbO73aRJtrqfD0zyPPPM7PN85/XZnWEmgK41nP7JRRyOiPeTiMHa+CQi+qqp3oiTa9PdWlnOp0MSq6uv/JZUp7m5spyPunlS+2uZQxHx3TsRR3Ib6y0vLs1MFouF+Vp+rDJ7Yay8uHT0/OzkdGG6MHd8fGLi2ImnTxzfvlj/+HHpwLUPXnziy5N/vf3I1fe+T+JkHKiV1cexXYZjuLZM+tJFuM4L211ZhyWdbgBbku6aPWt7eRyOweippgCA/7I3I2IVAOgyifM/AHSZ7HeAmyvL+Wzo7C8Su+v68xGxdy3+7PrmWklv7Zrd3up10IGbyborI0lEDG1D/cMR8enXr3+eDrFD1yEBGnnrckScHRreePxPNtyzUOfhPW189pMtyrL5h+8a7/gHu+ebtP/zTKP+X+52/yca9H/6G+y7W3HP/X/fNlTSQtr/e67u3rZbdfHXDPXUcgerfb6+5Nz5YiE9tv0vIkairz/Nj7eoY+TG3zealdX3/37/8I3P0vrT/2ulrx06dXDjPFOTlcn7ibne9csRj/Y2ij+5vf6TJv3f023W8dKz737SrCyNP403G9bHn9m5e5JWr0Q83nD937mjLWl5f+JYdXMYyzaKBr766eOBZvXXr/90SOvPvgvshnT9D7SOfyipv1+zvPk6frgy+G2zsnvHn/ult3/9POn2vyd5tZrO+hGXJiuV+fGIPcnLG8cfuzNvls+mT+Mfeazx/t9q+0+/E55tM/7ea79+sfX4d1Ya/9Sm1v/mE1dvzfQ0q7+99T9RTY3UxrRz/Gu3gfez7AAAAAAAAAAAAAAAAAAAAAAAAACgXbmIOBBJbvR2OpcbHV17h/dDMZArlsqVI+dKC3NTUX1X9lD05bJHXQ7WPQ91vPY8/Cx/7K78UxHx/4j4qH9fkj1HcarDsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZn+T9/+nfu7vdOsAgB2zt9MNAAB2nfM/AHQf538A6C7O/QDQnfQBAKD7OP8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACww06fOpUOq3+uLOfT/NTFxYWZ0sWjU4XyzOjsQn40X5q/MDpdKk0XC6P50uy9Pq9YKl2YiLmFS2OVQrkyVl5cOjNbWpirnDk/OzldOFPo25WoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGBzyotLM5PFYmFeYguJ1QejGZ1P9NQ2pwelPbuaSFpP01dbNg9CUzeRaHXUyO38gQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgX+KfAAAA//+Sex+L")
r7 = open(&(0x7f00000005c0)='./bus\x00', 0x167842, 0x19)
pwritev2(r7, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0xffffffe4}], 0x1, 0x1400, 0x0, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(r5, 0x8916, &(0x7f0000000000)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x18, r6})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000001000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x14, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000340)='kfree\x00', r8, 0x0, 0x100003c}, 0x18)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x44}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r10 = perf_event_open(&(0x7f0000000380)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x64, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xece7, 0x0, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x1007, 0x9, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0xfc}, 0x0, 0x0, 0xffffffffffffffff, 0x8)
mmap$perf(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0x11, r10, 0x0)
perf_event_open(&(0x7f0000000040)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x4, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0xc7d7}, 0x0, 0x0, r10, 0xa)
sendmsg$nl_route(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="200000006800e97800000000000000000a0000000000000008000500", @ANYRES8], 0x20}}, 0x0)
sendmsg$nl_route(r3, &(0x7f0000004380)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="240000001800090400000000000000000a000000000000030000000008001e0001"], 0x24}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x0)
faccessat(r0, 0x0, 0x5)

501.966801ms ago: executing program 0 (id=2508):
syz_emit_ethernet(0x21a, &(0x7f0000000440)={@random="61fe71b72b5f", @link_local={0x17, 0x80, 0xc2, 0x2, 0x9}, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "d23396", 0x1e4, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, [{0x3, 0x2, "a78ce5400659808000000003f7ffffffffffffff"}, {0x3, 0x1, "000000000000000026000400"}, {0x3, 0x18, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d036397a0acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978"}, {0x18, 0x1d, "06aa85616177c61bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0822a18b79f7c5eba31fb68b2d734a6671e27182aee4df24a4a5c6186c0d3baa75af390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a000023f5acaa556b9f30dcab2b90aa235a670670ffc5dc49dfb58d89310000000000"}]}}}}}}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'bridge_slave_0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), r0)
sendmsg$ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="00022bbd7000fedbdf2511000000440001800800030000000000140002007465616d5f736c6176655f300000000008000300030000001400020076657468305f746f5f6261746164760008000100", @ANYRES32=r1, @ANYBLOB="a9ad880b361fbc14af50350111ed49257e78c792280b705d69620e1e59490279f6c4785f2c51a338a2f237df5a6340e03b44080e21083d176f68f342fa852000ee0bd43339f98e03eaa02b22e816659a9ae2744ea4"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x80)
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r3}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="0000000004000000000000003516cecedf4d5a1501e95eb3855c08610f8be42a4470d4", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4)
r4 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x800)
ioctl$SG_GET_VERSION_NUM(r4, 0x2284, &(0x7f0000000080))

249.083636ms ago: executing program 4 (id=2509):
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0xffffffffffffffff}, 0x13)
r0 = socket$inet6(0xa, 0x6, 0x0)
r1 = gettid()
r2 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
read$ptp(r2, 0x0, 0x0)
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)=<r3=>0x0)
timer_settime(r3, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000280)={0x2, 0x4, @multicast1}, 0x10)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
epoll_create1(0x80000)

162.571217ms ago: executing program 3 (id=2510):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), r0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f00000001c0)={'wpan0\x00', <r3=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002abd7000fedbdf251d000000080003", @ANYRES32=r3, @ANYBLOB="18002f"], 0x34}, 0x1, 0x0, 0x0, 0x20008800}, 0x800)

73.981869ms ago: executing program 1 (id=2511):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000000b00010076657468"], 0xa8}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x18)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000740)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000060a0b040000000000000000020000002c0004802800018011000100666c6f775f6f66666c6f616400000000100002800900010073797a30000000000900010073797a30000000000900020073797a32000000007c010000020a01"], 0x250}, 0x1, 0x0, 0x0, 0x2000094}, 0x4000800)

72.763529ms ago: executing program 3 (id=2512):
mkdir(&(0x7f0000000580)='./file0\x00', 0x92)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018", @ANYRES32=r0], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
lsetxattr$security_selinux(&(0x7f0000000400)='./file0\x00', &(0x7f0000000000), &(0x7f0000000280)='system_u:object_r:fsadm_exec_t:s0\x00', 0x22, 0x0)

24.9371ms ago: executing program 3 (id=2513):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x4)
sched_setscheduler(0x0, 0x2, 0x0)
unshare(0x8040600)
r1 = socket$phonet_pipe(0x23, 0x5, 0x2)
setsockopt$PNPIPE_ENCAP(r1, 0x113, 0x1, &(0x7f0000000140)=0x1, 0x4)
sched_setscheduler(0x0, 0x5, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x0)
epoll_create1(0x0)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000007c0)='uid_map\x00')
preadv(r2, &(0x7f0000000200)=[{&(0x7f0000000380)=""/106, 0xbe}], 0x1, 0x40fb, 0x9)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000001300)={@fallback, 0xffffffffffffffff, 0x17, 0x1}, 0x20)
r3 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0xfffffffffffffefc, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r6, 0x0, 0xfffffffffffff001}, 0x18)
r7 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
mount$bind(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='./file0\x00', &(0x7f00000002c0), 0x80004a, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r7, 0xc08c5332, &(0x7f0000000300)={0x0, 0x0, 0x0, 'queue1\x00'})
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r7, 0x408c5333, &(0x7f0000000580)={0x0, 0x0, 0x0, 'queue0\x00'})
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r5, 0x6, 0x1e, &(0x7f00000000c0)=0x9cc, 0x4)
connect$inet(r8, &(0x7f0000000100)={0x2, 0x0, @remote}, 0x10)
setsockopt$inet_MCAST_MSFILTER(r8, 0x0, 0x30, 0x0, 0x0)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r9, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a31000000002c0003800800014000000000180003801400010076657468315f746f5f626f6e6400000008000240000000006c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a30000000004000038008000140000000002c0003801400010067656e657665300000000000000000001400010076657468315f746f5f626f6e64000000080002"], 0x10c}}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000900)={0x0, &(0x7f0000000a00)=""/196, 0x0, 0xc4}, 0x28)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000b00)={r3}, 0x4)
ioctl$VT_RESIZEX(r0, 0x560a, &(0x7f0000000000)={0x5, 0xc, 0x8009, 0x0, 0x9})

0s ago: executing program 1 (id=2514):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="190000000400"], 0x48)
capset(&(0x7f0000000340)={0x19980330}, &(0x7f0000002100)={0x1, 0x4, 0x0, 0xfffffffe, 0x7, 0x179})
r1 = syz_open_dev$loop(&(0x7f0000000000), 0x9, 0x4002)
ioctl$IOC_PR_RELEASE(r1, 0x401070ca, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/14, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000000200)='GPL\x00', 0x6, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000001c0), 0x321fc1, 0x0)
ioctl$TCSBRKP(r2, 0x5425, 0x6)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0xc044)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000181200", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="4000000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="81ffffff00000000180012800e0001007769726567756172640000000400028008000a00bc"], 0x40}}, 0x0)
r6 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$selinux_load(r6, &(0x7f0000000280)=ANY=[@ANYBLOB="8cff7cf9080000005345204c696e757813"], 0x65)
ioctl$TCSBRKP(r2, 0x5425, 0x80000000)
r7 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(r7, 0xc08c5334, &(0x7f0000000500)={0x8b, 0xfff, 0x1, 'queue1\x00', 0x80000001})

kernel console output (not intermixed with test programs):

cuous mode
[  169.933248][ T9755] team_slave_0: left promiscuous mode
[  169.938739][ T9755] team_slave_1: left promiscuous mode
[  169.944248][ T9755] syz_tun: left promiscuous mode
[  169.949409][ T9755] bond_slave_0: left promiscuous mode
[  169.954867][ T9755] bond_slave_1: left promiscuous mode
[  170.143208][ T9772] loop0: detected capacity change from 0 to 512
[  170.173929][ T9772] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  170.311862][ T9772] EXT4-fs (loop0): 1 truncate cleaned up
[  170.358311][ T9772] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  170.541870][ T9778] lo speed is unknown, defaulting to 1000
[  170.646028][ T9785] FAULT_INJECTION: forcing a failure.
[  170.646028][ T9785] name failslab, interval 1, probability 0, space 0, times 0
[  170.658902][ T9785] CPU: 0 UID: 0 PID: 9785 Comm: syz.2.1747 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  170.658991][ T9785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  170.659064][ T9785] Call Trace:
[  170.659073][ T9785]  <TASK>
[  170.659104][ T9785]  __dump_stack+0x1d/0x30
[  170.659125][ T9785]  dump_stack_lvl+0xe8/0x140
[  170.659143][ T9785]  dump_stack+0x15/0x1b
[  170.659158][ T9785]  should_fail_ex+0x265/0x280
[  170.659255][ T9785]  ? __se_sys_mount+0xef/0x2e0
[  170.659285][ T9785]  should_failslab+0x8c/0xb0
[  170.659317][ T9785]  __kmalloc_cache_noprof+0x4c/0x320
[  170.659346][ T9785]  ? memdup_user+0x99/0xd0
[  170.659392][ T9785]  __se_sys_mount+0xef/0x2e0
[  170.659416][ T9785]  ? fput+0x8f/0xc0
[  170.659444][ T9785]  ? ksys_write+0x192/0x1a0
[  170.659466][ T9785]  __x64_sys_mount+0x67/0x80
[  170.659510][ T9785]  x64_sys_call+0x2b4d/0x2ff0
[  170.659538][ T9785]  do_syscall_64+0xd2/0x200
[  170.659578][ T9785]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  170.659602][ T9785]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  170.659646][ T9785]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.659674][ T9785] RIP: 0033:0x7f702938ebe9
[  170.659691][ T9785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  170.659708][ T9785] RSP: 002b:00007f7027def038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  170.659726][ T9785] RAX: ffffffffffffffda RBX: 00007f70295c5fa0 RCX: 00007f702938ebe9
[  170.659737][ T9785] RDX: 00002000000002c0 RSI: 0000200000000140 RDI: 0000000000000000
[  170.659780][ T9785] RBP: 00007f7027def090 R08: 00002000000003c0 R09: 0000000000000000
[  170.659796][ T9785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  170.659812][ T9785] R13: 00007f70295c6038 R14: 00007f70295c5fa0 R15: 00007ffd260d62d8
[  170.659837][ T9785]  </TASK>
[  170.871164][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.945720][ T9794] devtmpfs: Unknown parameter 'trans'
[  170.964753][ T9799] sd 0:0:1:0: device reset
[  170.968466][ T9792] lo speed is unknown, defaulting to 1000
[  171.078366][ T9807] wireguard0: entered promiscuous mode
[  171.084011][ T9807] wireguard0: entered allmulticast mode
[  171.188818][ T9814] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1755'.
[  171.200742][ T9814] bond_slave_0: entered promiscuous mode
[  171.206530][ T9814] bond_slave_1: entered promiscuous mode
[  171.212264][ T9814] team_slave_0: entered promiscuous mode
[  171.217947][ T9814] team_slave_1: entered promiscuous mode
[  171.223698][ T9814] syz_tun: entered promiscuous mode
[  171.235909][ T9814] macsec1: entered promiscuous mode
[  171.241148][ T9814] bond0: entered promiscuous mode
[  171.246468][ T9814] team0: entered promiscuous mode
[  171.259745][ T9814] bond0: left promiscuous mode
[  171.264817][ T9814] team0: left promiscuous mode
[  171.270027][ T9814] bond_slave_0: left promiscuous mode
[  171.275511][ T9814] bond_slave_1: left promiscuous mode
[  171.280894][ T9814] team_slave_0: left promiscuous mode
[  171.286367][ T9814] team_slave_1: left promiscuous mode
[  171.291852][ T9814] syz_tun: left promiscuous mode
[  171.304569][ T9816] loop0: detected capacity change from 0 to 2048
[  171.315855][ T9816] EXT4-fs (loop0): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  171.332883][ T9816] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1756: bg 0: block 120: padding at end of block bitmap is not set
[  171.416641][ T3312] EXT4-fs (loop0): unmounting filesystem 00000800-0000-0000-0000-000000000000.
[  171.449398][ T9825] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1758'.
[  171.578904][ T9833] serio: Serial port ptm0
[  171.591119][ T9831] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1760'.
[  172.537428][ T9840] serio: Serial port ptm0
[  175.010358][ T9849] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  175.042283][ T9849] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  175.136270][ T9852] wireguard0: entered promiscuous mode
[  175.141807][ T9852] wireguard0: entered allmulticast mode
[  175.165635][ T9853] loop1: detected capacity change from 0 to 1024
[  175.182612][   T29] kauditd_printk_skb: 360 callbacks suppressed
[  175.182628][   T29] audit: type=1400 audit(1757159842.244:6955): avc:  denied  { create } for  pid=9855 comm="syz.2.1769" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  175.184312][ T9856] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1769'.
[  175.189487][ T9858] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  175.226882][   T29] audit: type=1400 audit(1757159842.254:6956): avc:  denied  { shutdown } for  pid=9855 comm="syz.2.1769" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  175.228553][ T9858] SELinux: failed to load policy
[  175.248883][ T9853] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  175.267030][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  175.316064][ T9868] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1773'.
[  175.328584][ T9870] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1774'.
[  175.399566][ T9878] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1777'.
[  175.538923][ T9888] loop2: detected capacity change from 0 to 1024
[  175.557340][ T9888] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  175.723286][   T29] audit: type=1400 audit(1757159842.784:6957): avc:  denied  { map } for  pid=9873 comm="syz.4.1775" path="socket:[24111]" dev="sockfs" ino=24111 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1
[  175.770253][ T9890] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1775'.
[  175.818905][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.025100][ T9908] FAULT_INJECTION: forcing a failure.
[  176.025100][ T9908] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  176.038249][ T9908] CPU: 0 UID: 0 PID: 9908 Comm: syz.3.1787 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  176.038303][ T9908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  176.038319][ T9908] Call Trace:
[  176.038328][ T9908]  <TASK>
[  176.038338][ T9908]  __dump_stack+0x1d/0x30
[  176.038372][ T9908]  dump_stack_lvl+0xe8/0x140
[  176.038391][ T9908]  dump_stack+0x15/0x1b
[  176.038408][ T9908]  should_fail_ex+0x265/0x280
[  176.038436][ T9908]  should_fail+0xb/0x20
[  176.038461][ T9908]  should_fail_usercopy+0x1a/0x20
[  176.038542][ T9908]  _copy_to_user+0x20/0xa0
[  176.038582][ T9908]  simple_read_from_buffer+0xb5/0x130
[  176.038612][ T9908]  proc_fail_nth_read+0x10e/0x150
[  176.038664][ T9908]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  176.038695][ T9908]  vfs_read+0x1a8/0x770
[  176.038714][ T9908]  ? __rcu_read_unlock+0x4f/0x70
[  176.038742][ T9908]  ? __fget_files+0x184/0x1c0
[  176.038784][ T9908]  ? finish_task_switch+0xad/0x2b0
[  176.038813][ T9908]  ksys_read+0xda/0x1a0
[  176.038844][ T9908]  __x64_sys_read+0x40/0x50
[  176.038865][ T9908]  x64_sys_call+0x27bc/0x2ff0
[  176.038931][ T9908]  do_syscall_64+0xd2/0x200
[  176.038972][ T9908]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  176.039003][ T9908]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  176.039039][ T9908]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  176.039075][ T9908] RIP: 0033:0x7fc2d400d5fc
[  176.039094][ T9908] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  176.039187][ T9908] RSP: 002b:00007fc2d2a77030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  176.039210][ T9908] RAX: ffffffffffffffda RBX: 00007fc2d4245fa0 RCX: 00007fc2d400d5fc
[  176.039314][ T9908] RDX: 000000000000000f RSI: 00007fc2d2a770a0 RDI: 0000000000000003
[  176.039330][ T9908] RBP: 00007fc2d2a77090 R08: 0000000000000000 R09: 0000000000000000
[  176.039345][ T9908] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  176.039367][ T9908] R13: 00007fc2d4246038 R14: 00007fc2d4245fa0 R15: 00007ffcfaeb94f8
[  176.039389][ T9908]  </TASK>
[  176.316443][   T29] audit: type=1400 audit(1757159843.364:6958): avc:  denied  { shutdown } for  pid=9910 comm="syz.3.1788" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  176.336250][   T29] audit: type=1400 audit(1757159843.364:6959): avc:  denied  { getopt } for  pid=9910 comm="syz.3.1788" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  176.383787][ T9911] bridge0: entered promiscuous mode
[  176.389256][ T9911] macvtap1: entered allmulticast mode
[  176.394801][ T9911] bridge0: entered allmulticast mode
[  176.402155][ T9911] bridge0: port 4(macvtap1) entered blocking state
[  176.408873][ T9911] bridge0: port 4(macvtap1) entered disabled state
[  176.416888][ T9918] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1789'.
[  176.427534][ T9911] bridge0: left allmulticast mode
[  176.432711][ T9911] bridge0: left promiscuous mode
[  176.471537][ T9922] loop4: detected capacity change from 0 to 512
[  176.498790][ T9922] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  176.537394][ T9922] EXT4-fs (loop4): 1 truncate cleaned up
[  176.553006][ T9922] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  176.570000][   T29] audit: type=1326 audit(1757159843.634:6960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9928 comm="syz.3.1794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2d400ebe9 code=0x7ffc0000
[  176.596298][   T29] audit: type=1326 audit(1757159843.634:6961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9928 comm="syz.3.1794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fc2d400ebe9 code=0x7ffc0000
[  176.619853][   T29] audit: type=1326 audit(1757159843.634:6962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9928 comm="syz.3.1794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2d400ebe9 code=0x7ffc0000
[  176.635188][ T9929] loop3: detected capacity change from 0 to 2048
[  176.643362][   T29] audit: type=1326 audit(1757159843.634:6963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9928 comm="syz.3.1794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fc2d400ebe9 code=0x7ffc0000
[  176.650045][ T9924] loop0: detected capacity change from 0 to 8192
[  176.673191][   T29] audit: type=1326 audit(1757159843.634:6964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9928 comm="syz.3.1794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2d400ebe9 code=0x7ffc0000
[  176.699635][ T9926] lo speed is unknown, defaulting to 1000
[  176.756492][ T9929] EXT4-fs (loop3): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  176.759713][ T9929] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1794: bg 0: block 120: padding at end of block bitmap is not set
[  176.861025][ T3303] EXT4-fs (loop3): unmounting filesystem 00000800-0000-0000-0000-000000000000.
[  176.953980][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  177.044616][ T9944] loop4: detected capacity change from 0 to 512
[  177.047750][ T9944] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  177.067958][ T9944] EXT4-fs (loop4): 1 truncate cleaned up
[  177.074532][ T9944] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  177.207206][ T9952] loop0: detected capacity change from 0 to 8192
[  177.341069][ T9955] serio: Serial port ptm0
[  177.367148][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  177.452435][ T9961] loop4: detected capacity change from 0 to 1024
[  177.494010][ T9961] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  177.798605][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  177.952025][ T9979] loop0: detected capacity change from 0 to 512
[  177.997157][ T9981] loop3: detected capacity change from 0 to 1024
[  178.003987][ T9981] EXT4-fs: Ignoring removed orlov option
[  178.009918][ T9979] EXT4-fs: Ignoring removed bh option
[  178.044174][ T9979] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  178.045249][ T9981] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  178.076546][ T9979] EXT4-fs (loop0): 1 truncate cleaned up
[  178.083267][ T9979] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  178.187350][ T9979] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  178.325320][ T9992] sd 0:0:1:0: device reset
[  178.349544][ T9995] serio: Serial port ptm0
[  178.390750][ T9993] lo speed is unknown, defaulting to 1000
[  178.418110][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  178.457617][T10001] wireguard0: entered promiscuous mode
[  178.463163][T10001] wireguard0: entered allmulticast mode
[  178.640661][T10014] loop2: detected capacity change from 0 to 1024
[  178.655892][T10014] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  178.692615][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  178.882210][T10024] loop1: detected capacity change from 0 to 8192
[  179.107916][T10033] serio: Serial port ptm0
[  179.562806][T10021] 9pnet_fd: p9_fd_create_tcp (10021): problem connecting socket to 127.0.0.1
[  179.576755][T10043] lo speed is unknown, defaulting to 1000
[  179.659661][T10052] loop3: detected capacity change from 0 to 1024
[  179.682746][T10052] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  179.757574][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  180.175521][T10066] netlink: 360 bytes leftover after parsing attributes in process `syz.0.1836'.
[  180.574356][T10068] wireguard0: entered promiscuous mode
[  180.579910][T10068] wireguard0: entered allmulticast mode
[  180.623024][T10070] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  180.641717][T10072] serio: Serial port ptm0
[  180.652772][T10070] SELinux: failed to load policy
[  180.786278][T10088] netlink: 360 bytes leftover after parsing attributes in process `syz.2.1845'.
[  180.860088][   T29] kauditd_printk_skb: 176 callbacks suppressed
[  180.860102][   T29] audit: type=1326 audit(1757159847.924:7141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10098 comm="syz.3.1848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2d400ebe9 code=0x7ffc0000
[  180.860238][T10101] sd 0:0:1:0: device reset
[  180.866358][   T29] audit: type=1326 audit(1757159847.924:7142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10098 comm="syz.3.1848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2d400ebe9 code=0x7ffc0000
[  180.918130][   T29] audit: type=1326 audit(1757159847.924:7143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10098 comm="syz.3.1848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fc2d400ebe9 code=0x7ffc0000
[  180.937636][T10095] lo speed is unknown, defaulting to 1000
[  180.941689][   T29] audit: type=1326 audit(1757159847.924:7144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10098 comm="syz.3.1848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2d400ebe9 code=0x7ffc0000
[  180.970944][   T29] audit: type=1326 audit(1757159847.924:7145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10098 comm="syz.3.1848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=290 compat=0 ip=0x7fc2d400ebe9 code=0x7ffc0000
[  180.970974][   T29] audit: type=1326 audit(1757159847.924:7146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10098 comm="syz.3.1848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2d400ebe9 code=0x7ffc0000
[  180.971003][   T29] audit: type=1326 audit(1757159847.924:7147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10098 comm="syz.3.1848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fc2d400ebe9 code=0x7ffc0000
[  180.971040][   T29] audit: type=1326 audit(1757159847.924:7148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10098 comm="syz.3.1848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2d400ebe9 code=0x7ffc0000
[  180.972839][   T29] audit: type=1326 audit(1757159847.994:7149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10098 comm="syz.3.1848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fc2d400ebe9 code=0x7ffc0000
[  181.088584][   T29] audit: type=1326 audit(1757159848.114:7150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10098 comm="syz.3.1848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fc2d4005ba7 code=0x7ffc0000
[  181.604143][T10114] wireguard1: entered promiscuous mode
[  181.609825][T10114] wireguard1: entered allmulticast mode
[  181.646245][T10117] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  181.653941][T10117] SELinux: failed to load policy
[  181.769339][T10123] serio: Serial port ptm1
[  181.832320][T10131] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  181.862646][T10131] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  181.872857][T10134] netlink: 360 bytes leftover after parsing attributes in process `syz.3.1860'.
[  181.907526][T10137] sd 0:0:1:0: device reset
[  181.924139][T10138] loop0: detected capacity change from 0 to 512
[  181.938915][T10140] wireguard0: entered promiscuous mode
[  181.940639][T10138] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  181.944545][T10140] wireguard0: entered allmulticast mode
[  181.968514][T10138] EXT4-fs (loop0): 1 truncate cleaned up
[  181.985827][T10138] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  181.999609][T10143] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  182.007995][T10143] SELinux: failed to load policy
[  182.029514][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  182.157670][T10156] loop0: detected capacity change from 0 to 2048
[  182.175023][T10156] EXT4-fs (loop0): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  182.228890][T10156] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1866: bg 0: block 120: padding at end of block bitmap is not set
[  182.353311][ T3312] EXT4-fs (loop0): unmounting filesystem 00000800-0000-0000-0000-000000000000.
[  182.378489][T10167] loop3: detected capacity change from 0 to 8192
[  182.665972][T10201] loop2: detected capacity change from 0 to 2048
[  182.723546][T10201] EXT4-fs (loop2): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  182.790617][T10208] netlink: 'syz.1.1873': attribute type 4 has an invalid length.
[  182.798501][T10208] netlink: 17 bytes leftover after parsing attributes in process `syz.1.1873'.
[  182.914982][T10201] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1874: bg 0: block 120: padding at end of block bitmap is not set
[  183.191108][ T3305] EXT4-fs (loop2): unmounting filesystem 00000800-0000-0000-0000-000000000000.
[  183.254654][T10216] lo speed is unknown, defaulting to 1000
[  183.291811][T10221] netlink: 10 bytes leftover after parsing attributes in process `syz.2.1880'.
[  183.339441][T10223] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  183.350367][T10223] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  183.441669][T10226] sd 0:0:1:0: device reset
[  184.038867][T10242] loop3: detected capacity change from 0 to 8192
[  184.149998][T10245] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1890'.
[  184.238718][T10251] wireguard0: entered promiscuous mode
[  184.244346][T10251] wireguard0: entered allmulticast mode
[  184.725550][T10265] serio: Serial port ptm0
[  184.771321][T10272] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=10272 comm=syz.3.1899
[  184.786002][T10272] sd 0:0:1:0: device reset
[  184.804974][T10275] netlink: 360 bytes leftover after parsing attributes in process `syz.4.1900'.
[  184.844909][T10279] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1902'.
[  184.887001][T10282] netlink: 10 bytes leftover after parsing attributes in process `syz.4.1901'.
[  185.400944][T10286] loop1: detected capacity change from 0 to 8192
[  187.571315][T10312] loop3: detected capacity change from 0 to 1024
[  187.583326][T10312] EXT4-fs: Ignoring removed orlov option
[  187.589121][   T29] kauditd_printk_skb: 375 callbacks suppressed
[  187.589136][   T29] audit: type=1326 audit(1757159854.644:7526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10309 comm="syz.2.1914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f702938ebe9 code=0x7ffc0000
[  187.619101][   T29] audit: type=1326 audit(1757159854.644:7527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10309 comm="syz.2.1914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f702938ebe9 code=0x7ffc0000
[  187.642639][   T29] audit: type=1326 audit(1757159854.644:7528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10309 comm="syz.2.1914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f702938ebe9 code=0x7ffc0000
[  187.666228][   T29] audit: type=1326 audit(1757159854.644:7529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10309 comm="syz.2.1914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f702938ebe9 code=0x7ffc0000
[  187.689976][   T29] audit: type=1326 audit(1757159854.644:7530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10309 comm="syz.2.1914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f702938ebe9 code=0x7ffc0000
[  187.713542][   T29] audit: type=1326 audit(1757159854.644:7531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10309 comm="syz.2.1914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f702938ebe9 code=0x7ffc0000
[  187.737103][   T29] audit: type=1326 audit(1757159854.644:7532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10309 comm="syz.2.1914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f702938ebe9 code=0x7ffc0000
[  187.760713][   T29] audit: type=1326 audit(1757159854.644:7533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10309 comm="syz.2.1914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f702938ebe9 code=0x7ffc0000
[  187.784290][   T29] audit: type=1326 audit(1757159854.644:7534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10309 comm="syz.2.1914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f702938ebe9 code=0x7ffc0000
[  187.807833][   T29] audit: type=1326 audit(1757159854.644:7535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10309 comm="syz.2.1914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f702938ebe9 code=0x7ffc0000
[  187.823450][T10329] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  187.833874][T10325] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=10325 comm=syz.0.1916
[  187.847105][T10329] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  187.854889][T10325] sd 0:0:1:0: device reset
[  187.866885][T10312] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  187.868027][T10327] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1919'.
[  187.900159][T10327] loop1: detected capacity change from 0 to 1024
[  187.924689][T10327] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  187.953894][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  187.972667][T10335] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  187.996181][T10335] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  188.060835][T10339] loop1: detected capacity change from 0 to 8192
[  188.098982][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  188.188993][T10341] loop3: detected capacity change from 0 to 1024
[  188.204787][T10341] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  188.230962][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  188.278516][T10349] wireguard1: entered promiscuous mode
[  188.284203][T10349] wireguard1: entered allmulticast mode
[  188.336680][T10351] loop3: detected capacity change from 0 to 512
[  188.343405][T10351] EXT4-fs: Ignoring removed bh option
[  188.350251][T10351] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  188.359737][T10351] EXT4-fs (loop3): 1 truncate cleaned up
[  188.366101][T10351] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  188.460131][T10362] tipc: Started in network mode
[  188.465243][T10362] tipc: Node identity fe800000000000000000000000000016, cluster identity 4711
[  188.485366][T10362] tipc: Enabled bearer <udp:syz1>, priority 10
[  188.506729][T10368] wireguard2: entered promiscuous mode
[  188.512551][T10368] wireguard2: entered allmulticast mode
[  188.528605][T10371] loop0: detected capacity change from 0 to 512
[  188.543333][T10371] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  188.574513][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  188.586601][T10371] EXT4-fs (loop0): 1 truncate cleaned up
[  188.592825][T10371] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  188.660618][T10379] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=10379 comm=syz.4.1937
[  188.698329][T10382] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  188.737966][T10382] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  188.758499][T10379] sd 0:0:1:0: device reset
[  188.927862][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  189.445574][T10408] lo speed is unknown, defaulting to 1000
[  189.784271][T10424] lo speed is unknown, defaulting to 1000
[  189.897530][ T3411] tipc: Node number set to 4269801494
[  190.137138][T10436] serio: Serial port ptm2
[  190.213343][T10439] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  190.241318][T10439] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  190.255619][T10441] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=10441 comm=syz.0.1956
[  190.280447][T10441] sd 0:0:1:0: device reset
[  190.335820][T10445] wireguard1: entered promiscuous mode
[  190.341487][T10445] wireguard1: entered allmulticast mode
[  190.381919][T10451] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  190.389688][T10451] SELinux: failed to load policy
[  190.798574][T10465] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1963'.
[  190.811262][T10465] bond_slave_0: entered promiscuous mode
[  190.816978][T10465] bond_slave_1: entered promiscuous mode
[  190.822712][T10465] team_slave_0: entered promiscuous mode
[  190.828410][T10465] team_slave_1: entered promiscuous mode
[  190.834180][T10465] syz_tun: entered promiscuous mode
[  190.840203][T10465] macsec1: entered promiscuous mode
[  190.845462][T10465] bond0: entered promiscuous mode
[  190.850607][T10465] team0: entered promiscuous mode
[  190.857869][T10465] bond0: left promiscuous mode
[  190.862822][T10465] team0: left promiscuous mode
[  190.868179][T10465] bond_slave_0: left promiscuous mode
[  190.873627][T10465] bond_slave_1: left promiscuous mode
[  190.879031][T10465] team_slave_0: left promiscuous mode
[  190.884529][T10465] team_slave_1: left promiscuous mode
[  190.885272][T10471] loop0: detected capacity change from 0 to 1024
[  190.889968][T10465] syz_tun: left promiscuous mode
[  190.899631][T10471] EXT4-fs: Ignoring removed orlov option
[  190.925556][T10471] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  190.958314][T10469] lo speed is unknown, defaulting to 1000
[  191.042176][T10476] serio: Serial port ptm0
[  191.137756][T10479] loop4: detected capacity change from 0 to 2048
[  191.161396][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.197163][T10479] EXT4-fs (loop4): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  191.227706][T10487] loop0: detected capacity change from 0 to 512
[  191.232665][T10479] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1968: bg 0: block 120: padding at end of block bitmap is not set
[  191.249888][T10487] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  191.259847][T10485] wireguard2: entered promiscuous mode
[  191.264003][T10487] EXT4-fs (loop0): 1 truncate cleaned up
[  191.265503][T10485] wireguard2: entered allmulticast mode
[  191.272734][T10487] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  191.279904][T10490] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  191.297064][T10490] SELinux: failed to load policy
[  191.446048][T10502] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  191.457810][T10502] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  191.504496][T10501] loop0: detected capacity change from 0 to 8192
[  192.710434][   T29] kauditd_printk_skb: 127 callbacks suppressed
[  192.710490][   T29] audit: type=1326 audit(1757159859.774:7663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10526 comm="syz.2.1982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f702938ebe9 code=0x7ffc0000
[  192.787871][   T29] audit: type=1326 audit(1757159859.804:7664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10526 comm="syz.2.1982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f702938ebe9 code=0x7ffc0000
[  192.811526][   T29] audit: type=1326 audit(1757159859.834:7665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10526 comm="syz.2.1982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f702938ebe9 code=0x7ffc0000
[  192.835166][   T29] audit: type=1326 audit(1757159859.834:7666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10526 comm="syz.2.1982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f702938ebe9 code=0x7ffc0000
[  192.858747][   T29] audit: type=1326 audit(1757159859.834:7667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10526 comm="syz.2.1982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f702938ebe9 code=0x7ffc0000
[  192.882544][   T29] audit: type=1326 audit(1757159859.834:7668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10526 comm="syz.2.1982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f702938ebe9 code=0x7ffc0000
[  192.906050][   T29] audit: type=1326 audit(1757159859.834:7669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10526 comm="syz.2.1982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f702938ebe9 code=0x7ffc0000
[  192.929658][   T29] audit: type=1326 audit(1757159859.834:7670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10526 comm="syz.2.1982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f702938ebe9 code=0x7ffc0000
[  192.953343][   T29] audit: type=1326 audit(1757159859.834:7671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10526 comm="syz.2.1982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f702938ebe9 code=0x7ffc0000
[  192.977009][   T29] audit: type=1326 audit(1757159859.834:7672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10526 comm="syz.2.1982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f702938ebe9 code=0x7ffc0000
[  193.033408][T10529] loop3: detected capacity change from 0 to 2048
[  193.157000][T10529] EXT4-fs mount: 2 callbacks suppressed
[  193.157016][T10529] EXT4-fs (loop3): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  193.187983][T10529] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1983: bg 0: block 120: padding at end of block bitmap is not set
[  193.213363][T10538] tipc: Started in network mode
[  193.218384][T10538] tipc: Node identity fe800000000000000000000000000016, cluster identity 4711
[  193.244640][T10538] tipc: Enabled bearer <udp:syz1>, priority 10
[  193.269339][ T3303] EXT4-fs (loop3): unmounting filesystem 00000800-0000-0000-0000-000000000000.
[  193.519185][T10527] 9pnet_fd: p9_fd_create_tcp (10527): problem connecting socket to 127.0.0.1
[  193.595857][T10549] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  193.608220][T10549] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  193.749094][T10551] loop4: detected capacity change from 0 to 1024
[  193.765362][T10551] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  193.829331][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.898951][T10561] loop4: detected capacity change from 0 to 1024
[  193.906135][T10561] EXT4-fs: Ignoring removed orlov option
[  193.926349][T10561] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  194.120990][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.153328][T10565] netlink: 'syz.2.1996': attribute type 4 has an invalid length.
[  194.161232][T10565] netlink: 17 bytes leftover after parsing attributes in process `syz.2.1996'.
[  194.227417][T10571] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1999'.
[  194.273818][T10577] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2001'.
[  194.290376][T10577] bond_slave_0: entered promiscuous mode
[  194.296136][T10577] bond_slave_1: entered promiscuous mode
[  194.303211][T10577] macsec1: entered promiscuous mode
[  194.308562][T10577] bond0: entered promiscuous mode
[  194.313847][T10577] team0: entered promiscuous mode
[  194.318883][T10577] team_slave_0: entered promiscuous mode
[  194.324650][T10577] team_slave_1: entered promiscuous mode
[  194.330423][T10577] syz_tun: entered promiscuous mode
[  194.338941][T10577] bond0: left promiscuous mode
[  194.343956][T10577] team0: left promiscuous mode
[  194.348766][T10577] team_slave_0: left promiscuous mode
[  194.354264][T10577] team_slave_1: left promiscuous mode
[  194.359821][T10577] syz_tun: left promiscuous mode
[  194.363529][ T1034] tipc: Node number set to 4269801494
[  194.365291][T10577] bond_slave_0: left promiscuous mode
[  194.375756][T10577] bond_slave_1: left promiscuous mode
[  194.422188][T10582] loop2: detected capacity change from 0 to 8192
[  194.509696][T10586] netlink: 360 bytes leftover after parsing attributes in process `syz.0.2005'.
[  195.082231][T10607] loop1: detected capacity change from 0 to 1024
[  195.107379][T10607] EXT4-fs: Ignoring removed orlov option
[  195.107452][T10611] serio: Serial port ptm1
[  195.121411][T10607] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  195.138698][T10613] loop0: detected capacity change from 0 to 512
[  195.145511][T10613] EXT4-fs: Ignoring removed bh option
[  195.152736][T10613] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  195.179122][T10613] EXT4-fs (loop0): 1 truncate cleaned up
[  195.229717][T10620] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2016'.
[  195.237659][T10613] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  195.265092][T10613] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.289019][T10620] bond_slave_0: entered promiscuous mode
[  195.294736][T10620] bond_slave_1: entered promiscuous mode
[  195.300393][T10620] team_slave_0: entered promiscuous mode
[  195.306072][T10620] team_slave_1: entered promiscuous mode
[  195.311816][T10620] syz_tun: entered promiscuous mode
[  195.320469][T10620] macsec1: entered promiscuous mode
[  195.325834][T10620] bond0: entered promiscuous mode
[  195.331046][T10620] team0: entered promiscuous mode
[  195.360703][T10620] bond0: left promiscuous mode
[  195.365743][T10620] team0: left promiscuous mode
[  195.371250][T10620] bond_slave_0: left promiscuous mode
[  195.376758][T10620] bond_slave_1: left promiscuous mode
[  195.382148][T10620] team_slave_0: left promiscuous mode
[  195.387691][T10620] team_slave_1: left promiscuous mode
[  195.393102][T10620] syz_tun: left promiscuous mode
[  195.413976][T10624] loop0: detected capacity change from 0 to 512
[  195.453925][T10624] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  195.472093][T10622] loop3: detected capacity change from 0 to 8192
[  195.482915][T10624] EXT4-fs (loop0): 1 truncate cleaned up
[  195.490181][T10624] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  195.548462][T10627] loop4: detected capacity change from 0 to 2048
[  195.577250][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.591087][T10627] EXT4-fs (loop4): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  195.616682][T10627] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.2019: bg 0: block 120: padding at end of block bitmap is not set
[  195.647149][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.706336][T10633] loop1: detected capacity change from 0 to 512
[  195.713357][T10633] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  195.727986][T10633] EXT4-fs (loop1): 1 truncate cleaned up
[  195.739305][T10633] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  195.785844][T10642] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2025'.
[  195.813418][ T3310] EXT4-fs (loop4): unmounting filesystem 00000800-0000-0000-0000-000000000000.
[  195.987365][T10651] lo speed is unknown, defaulting to 1000
[  196.111024][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.991327][T10674] wireguard0: entered promiscuous mode
[  196.996982][T10674] wireguard0: entered allmulticast mode
[  197.289948][T10688] loop3: detected capacity change from 0 to 1024
[  197.355546][T10690] loop4: detected capacity change from 0 to 8192
[  197.380554][T10692] netlink: 'syz.1.2038': attribute type 4 has an invalid length.
[  197.388371][T10692] netlink: 17 bytes leftover after parsing attributes in process `syz.1.2038'.
[  197.606412][T10688] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  197.781740][T10700] loop0: detected capacity change from 0 to 512
[  197.811505][T10672] 9pnet_fd: p9_fd_create_tcp (10672): problem connecting socket to 127.0.0.1
[  197.823254][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.839825][T10700] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  197.856951][T10700] EXT4-fs (loop0): 1 truncate cleaned up
[  197.873549][T10700] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  197.888045][T10703] wireguard0: entered promiscuous mode
[  197.893651][T10703] wireguard0: entered allmulticast mode
[  197.922188][T10706] loop2: detected capacity change from 0 to 1024
[  197.941686][T10707] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  197.956536][T10706] EXT4-fs: Ignoring removed orlov option
[  197.962456][T10707] SELinux: failed to load policy
[  197.992324][T10706] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  198.083619][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.116370][   T29] kauditd_printk_skb: 258 callbacks suppressed
[  198.116388][   T29] audit: type=1326 audit(1757159865.184:7931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10715 comm="syz.1.2047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7c4d6ebe9 code=0x7ffc0000
[  198.156758][   T29] audit: type=1326 audit(1757159865.214:7932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10715 comm="syz.1.2047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fd7c4d6ebe9 code=0x7ffc0000
[  198.180504][   T29] audit: type=1326 audit(1757159865.214:7933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10715 comm="syz.1.2047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7c4d6ebe9 code=0x7ffc0000
[  198.204075][   T29] audit: type=1326 audit(1757159865.214:7934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10715 comm="syz.1.2047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7c4d6ebe9 code=0x7ffc0000
[  198.227785][   T29] audit: type=1326 audit(1757159865.214:7935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10715 comm="syz.1.2047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fd7c4d6ebe9 code=0x7ffc0000
[  198.251470][   T29] audit: type=1326 audit(1757159865.214:7936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10715 comm="syz.1.2047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7c4d6ebe9 code=0x7ffc0000
[  198.275169][   T29] audit: type=1326 audit(1757159865.214:7937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10715 comm="syz.1.2047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7c4d6ebe9 code=0x7ffc0000
[  198.298668][   T29] audit: type=1326 audit(1757159865.214:7938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10715 comm="syz.1.2047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd7c4d6ebe9 code=0x7ffc0000
[  198.322241][   T29] audit: type=1326 audit(1757159865.214:7939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10715 comm="syz.1.2047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7c4d6ebe9 code=0x7ffc0000
[  198.345763][   T29] audit: type=1326 audit(1757159865.214:7940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10715 comm="syz.1.2047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7c4d6ebe9 code=0x7ffc0000
[  198.725775][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.349711][T10744] loop3: detected capacity change from 0 to 512
[  199.357610][T10744] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  199.371988][T10744] EXT4-fs (loop3): 1 truncate cleaned up
[  199.380548][T10744] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  199.407269][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.436664][T10750] 9pnet_fd: p9_fd_create_tcp (10750): problem connecting socket to 127.0.0.1
[  199.591814][T10757] devtmpfs: Unknown parameter 'trans'
[  199.660241][T10762] netlink: 'syz.3.2057': attribute type 4 has an invalid length.
[  199.668093][T10762] netlink: 17 bytes leftover after parsing attributes in process `syz.3.2057'.
[  200.122725][T10765] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2060'.
[  200.139680][T10765] bond_slave_0: entered promiscuous mode
[  200.145401][T10765] bond_slave_1: entered promiscuous mode
[  200.151059][T10765] team_slave_0: entered promiscuous mode
[  200.156733][T10765] team_slave_1: entered promiscuous mode
[  200.162399][T10765] syz_tun: entered promiscuous mode
[  200.170239][T10765] macsec1: entered promiscuous mode
[  200.175545][T10765] bond0: entered promiscuous mode
[  200.180869][T10765] team0: entered promiscuous mode
[  200.219117][T10765] bond0: left promiscuous mode
[  200.224202][T10765] team0: left promiscuous mode
[  200.229421][T10765] bond_slave_0: left promiscuous mode
[  200.234840][T10765] bond_slave_1: left promiscuous mode
[  200.240290][T10765] team_slave_0: left promiscuous mode
[  200.245811][T10765] team_slave_1: left promiscuous mode
[  200.251238][T10765] syz_tun: left promiscuous mode
[  200.481556][T10774] wireguard0: entered promiscuous mode
[  200.487220][T10774] wireguard0: entered allmulticast mode
[  200.508130][T10777] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  201.269351][T10786] loop0: detected capacity change from 0 to 512
[  201.334755][T10786] EXT4-fs: Ignoring removed bh option
[  201.415563][T10786] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  201.448616][T10794] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2069'.
[  201.463240][T10786] EXT4-fs (loop0): 1 truncate cleaned up
[  201.505833][T10786] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  201.519975][T10786] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  201.546076][T10800] loop2: detected capacity change from 0 to 512
[  201.573731][T10800] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  201.592094][T10805] loop1: detected capacity change from 0 to 1024
[  201.609173][T10800] EXT4-fs (loop2): 1 truncate cleaned up
[  201.622873][T10805] EXT4-fs: Ignoring removed orlov option
[  201.639524][T10800] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  201.669148][T10805] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  201.696820][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  201.742584][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  201.788946][T10819] wireguard1: entered promiscuous mode
[  201.794633][T10819] wireguard1: entered allmulticast mode
[  201.807495][T10822] loop4: detected capacity change from 0 to 2048
[  201.824941][T10826] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  201.825992][T10822] EXT4-fs (loop4): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  201.832838][T10826] SELinux: failed to load policy
[  201.883412][T10822] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.2079: bg 0: block 120: padding at end of block bitmap is not set
[  201.911289][T10828] lo speed is unknown, defaulting to 1000
[  201.978496][ T3310] EXT4-fs (loop4): unmounting filesystem 00000800-0000-0000-0000-000000000000.
[  201.991770][T10835] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2081'.
[  202.036397][T10842] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=10842 comm=syz.4.2082
[  202.056081][T10842] sd 0:0:1:0: device reset
[  202.056831][T10844] wireguard1: entered promiscuous mode
[  202.066118][T10844] wireguard1: entered allmulticast mode
[  202.456431][T10858] loop3: detected capacity change from 0 to 512
[  202.473140][T10858] EXT4-fs: Ignoring removed bh option
[  202.485163][T10858] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  202.504581][T10858] EXT4-fs (loop3): 1 truncate cleaned up
[  202.510635][T10858] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  202.642462][T10858] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  202.754723][T10870] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2091'.
[  202.841821][T10880] loop0: detected capacity change from 0 to 1024
[  202.863823][T10880] EXT4-fs: Ignoring removed orlov option
[  202.881905][T10880] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  202.924859][T10887] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2098'.
[  202.968562][T10887] bond_slave_0: entered promiscuous mode
[  202.974366][T10887] bond_slave_1: entered promiscuous mode
[  203.003273][T10887] macsec1: entered promiscuous mode
[  203.008592][T10887] bond0: entered promiscuous mode
[  203.013810][T10887] team0: entered promiscuous mode
[  203.018909][T10887] team_slave_0: entered promiscuous mode
[  203.024780][T10887] team_slave_1: entered promiscuous mode
[  203.030704][T10887] syz_tun: entered promiscuous mode
[  203.082127][T10891] devtmpfs: Unknown parameter 'trans'
[  203.098368][T10887] bond0: left promiscuous mode
[  203.103361][T10887] team0: left promiscuous mode
[  203.108197][T10887] team_slave_0: left promiscuous mode
[  203.113668][T10887] team_slave_1: left promiscuous mode
[  203.119354][T10887] syz_tun: left promiscuous mode
[  203.124912][T10887] bond_slave_0: left promiscuous mode
[  203.130393][T10887] bond_slave_1: left promiscuous mode
[  203.198385][T10898] wireguard0: entered promiscuous mode
[  203.204015][T10898] wireguard0: entered allmulticast mode
[  203.246046][T10902] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  203.254314][T10902] SELinux: failed to load policy
[  203.600536][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  204.492920][T10923] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2108'.
[  204.532721][T10928] wireguard0: entered promiscuous mode
[  204.538432][T10928] wireguard0: entered allmulticast mode
[  204.560246][T10931] wireguard0: entered promiscuous mode
[  204.565895][T10931] wireguard0: entered allmulticast mode
[  204.579019][T10934] loop0: detected capacity change from 0 to 512
[  204.586836][T10934] EXT4-fs: Ignoring removed bh option
[  204.592578][T10934] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  204.619811][T10935] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  204.656621][T10934] EXT4-fs (loop0): 1 truncate cleaned up
[  204.677553][T10935] SELinux: failed to load policy
[  204.683173][T10934] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  204.695575][T10940] wireguard1: entered promiscuous mode
[  204.698722][T10934] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  204.701198][T10940] wireguard1: entered allmulticast mode
[  204.732974][T10942] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  204.744234][T10942] SELinux: failed to load policy
[  204.817344][T10948] loop0: detected capacity change from 0 to 2048
[  204.824234][   T29] kauditd_printk_skb: 190 callbacks suppressed
[  204.824252][   T29] audit: type=1326 audit(1757159871.874:8131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10947 comm="syz.0.2114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f593640ebe9 code=0x7ffc0000
[  204.854153][   T29] audit: type=1326 audit(1757159871.874:8132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10947 comm="syz.0.2114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f593640ebe9 code=0x7ffc0000
[  204.877704][   T29] audit: type=1326 audit(1757159871.874:8133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10947 comm="syz.0.2114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f593640ebe9 code=0x7ffc0000
[  204.901222][   T29] audit: type=1326 audit(1757159871.874:8134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10947 comm="syz.0.2114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f593640ebe9 code=0x7ffc0000
[  204.924770][   T29] audit: type=1326 audit(1757159871.874:8135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10947 comm="syz.0.2114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f593640ebe9 code=0x7ffc0000
[  204.948394][   T29] audit: type=1326 audit(1757159871.874:8136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10947 comm="syz.0.2114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f593640ebe9 code=0x7ffc0000
[  204.972140][   T29] audit: type=1326 audit(1757159871.874:8137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10947 comm="syz.0.2114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f593640ebe9 code=0x7ffc0000
[  204.995723][   T29] audit: type=1326 audit(1757159871.874:8138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10947 comm="syz.0.2114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f593640ebe9 code=0x7ffc0000
[  205.019301][   T29] audit: type=1326 audit(1757159871.874:8139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10947 comm="syz.0.2114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f593640ebe9 code=0x7ffc0000
[  205.042927][   T29] audit: type=1326 audit(1757159871.874:8140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10947 comm="syz.0.2114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f593640ebe9 code=0x7ffc0000
[  205.076337][T10948] EXT4-fs (loop0): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  205.106066][T10948] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.2114: bg 0: block 120: padding at end of block bitmap is not set
[  205.193524][ T3312] EXT4-fs (loop0): unmounting filesystem 00000800-0000-0000-0000-000000000000.
[  205.303010][T10966] serio: Serial port ptm0
[  205.808851][T10973] lo speed is unknown, defaulting to 1000
[  205.905058][T10981] netlink: 'syz.4.2123': attribute type 4 has an invalid length.
[  205.905082][T10981] netlink: 17 bytes leftover after parsing attributes in process `syz.4.2123'.
[  206.322623][T10992] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2127'.
[  206.335856][T10992] bond_slave_0: entered promiscuous mode
[  206.341528][T10992] bond_slave_1: entered promiscuous mode
[  206.347642][T10992] macsec1: entered promiscuous mode
[  206.352855][T10992] bond0: entered promiscuous mode
[  206.358276][T10992] team0: entered promiscuous mode
[  206.363310][T10992] team_slave_0: entered promiscuous mode
[  206.369155][T10992] team_slave_1: entered promiscuous mode
[  206.375214][T10992] syz_tun: entered promiscuous mode
[  206.394276][T10993] loop1: detected capacity change from 0 to 512
[  206.400812][T10992] bond0: left promiscuous mode
[  206.406019][T10992] team0: left promiscuous mode
[  206.408195][T10993] EXT4-fs: Ignoring removed bh option
[  206.410941][T10992] team_slave_0: left promiscuous mode
[  206.421692][T10992] team_slave_1: left promiscuous mode
[  206.427335][T10992] syz_tun: left promiscuous mode
[  206.432510][T10992] bond_slave_0: left promiscuous mode
[  206.434785][T10996] loop3: detected capacity change from 0 to 1024
[  206.437941][T10992] bond_slave_1: left promiscuous mode
[  206.469049][T10996] EXT4-fs: Ignoring removed orlov option
[  206.477854][T10993] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  206.478760][T10996] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  206.510867][T10993] EXT4-fs (loop1): 1 truncate cleaned up
[  206.520990][T10993] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  206.577850][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  206.610891][T11000] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  206.628366][T10993] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  206.715452][T11007] devtmpfs: Unknown parameter 'trans'
[  206.735394][T11008] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  206.761556][T11008] SELinux: failed to load policy
[  206.775258][T11011] loop2: detected capacity change from 0 to 1024
[  206.786301][T11011] EXT4-fs: Ignoring removed orlov option
[  206.805418][T11004] wireguard0: entered promiscuous mode
[  206.811065][T11004] wireguard0: entered allmulticast mode
[  206.825936][T11011] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  206.894669][T11020] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2136'.
[  206.908444][T11020] bond_slave_0: entered promiscuous mode
[  206.914198][T11020] bond_slave_1: entered promiscuous mode
[  206.920692][T11020] macsec1: entered promiscuous mode
[  206.925996][T11020] bond0: entered promiscuous mode
[  206.931197][T11020] team0: entered promiscuous mode
[  206.936294][T11020] team_slave_0: entered promiscuous mode
[  206.942023][T11020] team_slave_1: entered promiscuous mode
[  206.947855][T11020] syz_tun: entered promiscuous mode
[  206.957220][T11020] bond0: left promiscuous mode
[  206.962197][T11020] team0: left promiscuous mode
[  206.967041][T11020] team_slave_0: left promiscuous mode
[  206.972473][T11020] team_slave_1: left promiscuous mode
[  206.978055][T11020] syz_tun: left promiscuous mode
[  206.983289][T11020] bond_slave_0: left promiscuous mode
[  206.988730][T11020] bond_slave_1: left promiscuous mode
[  207.012524][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  207.078549][T11028] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2139'.
[  207.107488][T11030] loop1: detected capacity change from 0 to 1024
[  207.115872][T11030] EXT4-fs: Ignoring removed orlov option
[  207.134775][T11030] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  207.200223][T11037] FAULT_INJECTION: forcing a failure.
[  207.200223][T11037] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  207.213352][T11037] CPU: 1 UID: 0 PID: 11037 Comm: syz.3.2142 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  207.213427][T11037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  207.213439][T11037] Call Trace:
[  207.213447][T11037]  <TASK>
[  207.213460][T11037]  __dump_stack+0x1d/0x30
[  207.213487][T11037]  dump_stack_lvl+0xe8/0x140
[  207.213525][T11037]  dump_stack+0x15/0x1b
[  207.213547][T11037]  should_fail_ex+0x265/0x280
[  207.213577][T11037]  should_fail+0xb/0x20
[  207.213613][T11037]  should_fail_usercopy+0x1a/0x20
[  207.213688][T11037]  _copy_to_user+0x20/0xa0
[  207.213724][T11037]  simple_read_from_buffer+0xb5/0x130
[  207.213750][T11037]  proc_fail_nth_read+0x10e/0x150
[  207.213781][T11037]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  207.213856][T11037]  vfs_read+0x1a8/0x770
[  207.213877][T11037]  ? io_register_rsrc+0x1b2/0x1e0
[  207.213967][T11037]  ? __rcu_read_unlock+0x4f/0x70
[  207.214032][T11037]  ? __fget_files+0x184/0x1c0
[  207.214066][T11037]  ksys_read+0xda/0x1a0
[  207.214094][T11037]  __x64_sys_read+0x40/0x50
[  207.214150][T11037]  x64_sys_call+0x27bc/0x2ff0
[  207.214173][T11037]  do_syscall_64+0xd2/0x200
[  207.214207][T11037]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  207.214237][T11037]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  207.214340][T11037]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  207.214367][T11037] RIP: 0033:0x7fc2d400d5fc
[  207.214385][T11037] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  207.214448][T11037] RSP: 002b:00007fc2d2a77030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  207.214471][T11037] RAX: ffffffffffffffda RBX: 00007fc2d4245fa0 RCX: 00007fc2d400d5fc
[  207.214486][T11037] RDX: 000000000000000f RSI: 00007fc2d2a770a0 RDI: 0000000000000004
[  207.214561][T11037] RBP: 00007fc2d2a77090 R08: 0000000000000000 R09: 0000000000000000
[  207.214595][T11037] R10: 0000000000000020 R11: 0000000000000246 R12: 0000000000000001
[  207.214639][T11037] R13: 00007fc2d4246038 R14: 00007fc2d4245fa0 R15: 00007ffcfaeb94f8
[  207.214660][T11037]  </TASK>
[  207.418888][T11032] netlink: 'syz.0.2141': attribute type 4 has an invalid length.
[  207.426678][T11032] netlink: 17 bytes leftover after parsing attributes in process `syz.0.2141'.
[  207.510763][T11046] wireguard0: entered promiscuous mode
[  207.516315][T11046] wireguard0: entered allmulticast mode
[  207.557959][T11052] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  207.557986][T11052] SELinux: failed to load policy
[  207.572701][T11042] lo speed is unknown, defaulting to 1000
[  207.613296][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  207.645057][T11053] loop3: detected capacity change from 0 to 512
[  207.645304][T11053] EXT4-fs: Ignoring removed bh option
[  207.646343][T11053] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  207.659873][T11053] EXT4-fs (loop3): 1 truncate cleaned up
[  207.660412][T11053] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  207.661443][T11053] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  207.774873][T11066] wireguard0: entered promiscuous mode
[  207.780375][T11066] wireguard0: entered allmulticast mode
[  207.796109][T11069] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2150'.
[  207.810831][T11070] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  207.812647][T11069] bond_slave_0: entered promiscuous mode
[  207.818781][T11070] SELinux: failed to load policy
[  207.824134][T11069] bond_slave_1: entered promiscuous mode
[  207.834775][T11069] team_slave_0: entered promiscuous mode
[  207.840433][T11069] team_slave_1: entered promiscuous mode
[  207.846171][T11069] syz_tun: entered promiscuous mode
[  207.851816][T11069] macsec1: entered promiscuous mode
[  207.857218][T11069] bond0: entered promiscuous mode
[  207.862512][T11069] team0: entered promiscuous mode
[  207.875140][T11069] bond0: left promiscuous mode
[  207.880132][T11069] team0: left promiscuous mode
[  207.885303][T11069] bond_slave_0: left promiscuous mode
[  207.890707][T11069] bond_slave_1: left promiscuous mode
[  207.892888][T11073] loop3: detected capacity change from 0 to 1024
[  207.896115][T11069] team_slave_0: left promiscuous mode
[  207.908107][T11069] team_slave_1: left promiscuous mode
[  207.913532][T11069] syz_tun: left promiscuous mode
[  207.914372][T11073] EXT4-fs: Ignoring removed orlov option
[  207.962388][T11073] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  208.062712][T11078] netlink: 360 bytes leftover after parsing attributes in process `syz.0.2152'.
[  208.105661][T11080] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  208.116592][T11082] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  208.133385][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  208.153835][T11080] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  208.181433][T11086] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=11086 comm=syz.0.2158
[  208.239651][T11086] sd 0:0:1:0: device reset
[  208.337433][T11095] wireguard2: entered promiscuous mode
[  208.342946][T11095] wireguard2: entered allmulticast mode
[  208.708864][T11105] loop2: detected capacity change from 0 to 512
[  208.760065][T11105] EXT4-fs: Ignoring removed bh option
[  208.811788][T11105] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  208.945026][T11105] EXT4-fs (loop2): 1 truncate cleaned up
[  208.980369][T11111] loop4: detected capacity change from 0 to 1024
[  208.991184][T11105] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  209.010994][T11111] EXT4-fs: Ignoring removed orlov option
[  209.027170][T11105] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  209.037678][T11111] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  209.097199][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  209.179083][T11122] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  209.203376][T11120] loop4: detected capacity change from 0 to 8192
[  209.295625][T11128] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  209.307443][T11128] loop0: detected capacity change from 0 to 1024
[  209.341351][T11128] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  209.418430][T11133] wireguard0: entered promiscuous mode
[  209.424064][T11133] wireguard0: entered allmulticast mode
[  209.452443][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  209.478017][T11138] FAULT_INJECTION: forcing a failure.
[  209.478017][T11138] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  209.491218][T11138] CPU: 1 UID: 0 PID: 11138 Comm: syz.0.2173 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  209.491251][T11138] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  209.491313][T11138] Call Trace:
[  209.491320][T11138]  <TASK>
[  209.491329][T11138]  __dump_stack+0x1d/0x30
[  209.491354][T11138]  dump_stack_lvl+0xe8/0x140
[  209.491379][T11138]  dump_stack+0x15/0x1b
[  209.491399][T11138]  should_fail_ex+0x265/0x280
[  209.491428][T11138]  should_fail+0xb/0x20
[  209.491481][T11138]  should_fail_usercopy+0x1a/0x20
[  209.491505][T11138]  _copy_from_user+0x1c/0xb0
[  209.491621][T11138]  ___sys_sendmsg+0xc1/0x1d0
[  209.491661][T11138]  __x64_sys_sendmsg+0xd4/0x160
[  209.491730][T11138]  x64_sys_call+0x191e/0x2ff0
[  209.491755][T11138]  do_syscall_64+0xd2/0x200
[  209.491795][T11138]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  209.491830][T11138]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  209.491865][T11138]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.491894][T11138] RIP: 0033:0x7f593640ebe9
[  209.491911][T11138] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  209.491930][T11138] RSP: 002b:00007f5934e77038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  209.491993][T11138] RAX: ffffffffffffffda RBX: 00007f5936645fa0 RCX: 00007f593640ebe9
[  209.492070][T11138] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[  209.492162][T11138] RBP: 00007f5934e77090 R08: 0000000000000000 R09: 0000000000000000
[  209.492176][T11138] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  209.492191][T11138] R13: 00007f5936646038 R14: 00007f5936645fa0 R15: 00007ffcc43ff9d8
[  209.492212][T11138]  </TASK>
[  209.699968][T11141] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=11141 comm=syz.0.2174
[  209.724967][T11141] sd 0:0:1:0: device reset
[  209.788651][T11146] serio: Serial port ptm1
[  209.816030][T11147] netlink: 10 bytes leftover after parsing attributes in process `syz.3.2175'.
[  209.971819][T11150] loop1: detected capacity change from 0 to 1024
[  209.983233][T11150] EXT4-fs: Ignoring removed orlov option
[  209.992636][T11150] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  210.059059][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  210.073312][T11154] wireguard2: entered promiscuous mode
[  210.078931][T11154] wireguard2: entered allmulticast mode
[  210.111562][T11157] wireguard1: entered promiscuous mode
[  210.117136][T11157] wireguard1: entered allmulticast mode
[  210.118951][T11159] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  210.131692][T11159] SELinux: failed to load policy
[  210.159415][T11160] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  210.168477][T11160] SELinux: failed to load policy
[  210.321203][   T29] kauditd_printk_skb: 160 callbacks suppressed
[  210.321217][   T29] audit: type=1326 audit(1757159877.384:8301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11161 comm="syz.2.2180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f702938ebe9 code=0x7ffc0000
[  210.354070][   T29] audit: type=1326 audit(1757159877.414:8302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11161 comm="syz.2.2180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f702938ebe9 code=0x7ffc0000
[  210.377790][   T29] audit: type=1326 audit(1757159877.414:8303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11161 comm="syz.2.2180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f702938ebe9 code=0x7ffc0000
[  210.401350][   T29] audit: type=1326 audit(1757159877.414:8304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11161 comm="syz.2.2180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f702938ebe9 code=0x7ffc0000
[  210.424923][   T29] audit: type=1326 audit(1757159877.414:8305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11161 comm="syz.2.2180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f702938ebe9 code=0x7ffc0000
[  210.431272][T11166] loop1: detected capacity change from 0 to 1024
[  210.448347][   T29] audit: type=1326 audit(1757159877.414:8306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11161 comm="syz.2.2180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f702938ebe9 code=0x7ffc0000
[  210.448383][   T29] audit: type=1326 audit(1757159877.414:8307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11161 comm="syz.2.2180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f702938ebe9 code=0x7ffc0000
[  210.502601][   T29] audit: type=1326 audit(1757159877.574:8308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11161 comm="syz.2.2180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f702938ebe9 code=0x7ffc0000
[  210.512709][T11166] EXT4-fs: Ignoring removed orlov option
[  210.526267][   T29] audit: type=1326 audit(1757159877.574:8309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11161 comm="syz.2.2180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f702938ebe9 code=0x7ffc0000
[  210.555892][   T29] audit: type=1326 audit(1757159877.604:8310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11173 comm="syz.4.2184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f880a31ebe9 code=0x7ffc0000
[  210.582329][T11166] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  210.595107][T11164] wireguard0: entered promiscuous mode
[  210.600667][T11164] wireguard0: entered allmulticast mode
[  210.636691][T11171] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  210.645382][T11171] SELinux: failed to load policy
[  210.827136][T11192] tipc: Enabling of bearer <udp:syz1> rejected, already enabled
[  210.899700][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  210.910148][T11194] loop0: detected capacity change from 0 to 1024
[  210.954421][T11194] EXT4-fs: Ignoring removed orlov option
[  210.996483][T11194] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  211.013155][T11196] wireguard1: entered promiscuous mode
[  211.018817][T11196] wireguard1: entered allmulticast mode
[  211.041894][T11199] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  211.049646][T11199] SELinux: failed to load policy
[  211.181056][T11204] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=11204 comm=syz.2.2192
[  211.223828][T11204] sd 0:0:1:0: device reset
[  211.335552][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  211.866015][T11216] netlink: 360 bytes leftover after parsing attributes in process `syz.2.2196'.
[  211.883188][T11211] lo speed is unknown, defaulting to 1000
[  212.139241][T11230] wireguard0: entered promiscuous mode
[  212.144875][T11230] wireguard0: entered allmulticast mode
[  212.187945][T11232] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  212.195578][T11232] SELinux: failed to load policy
[  212.264972][T11234] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2202'.
[  212.287624][T11234] bond_slave_0: entered promiscuous mode
[  212.293390][T11234] bond_slave_1: entered promiscuous mode
[  212.310992][T11234] macsec1: entered promiscuous mode
[  212.316349][T11234] bond0: entered promiscuous mode
[  212.321694][T11234] team0: entered promiscuous mode
[  212.326777][T11234] team_slave_0: entered promiscuous mode
[  212.332542][T11234] team_slave_1: entered promiscuous mode
[  212.338367][T11234] syz_tun: entered promiscuous mode
[  212.349319][T11238] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2204'.
[  212.358861][T11234] bond0: left promiscuous mode
[  212.363835][T11234] team0: left promiscuous mode
[  212.368695][T11234] team_slave_0: left promiscuous mode
[  212.374164][T11234] team_slave_1: left promiscuous mode
[  212.379766][T11234] syz_tun: left promiscuous mode
[  212.385095][T11234] bond_slave_0: left promiscuous mode
[  212.390495][T11234] bond_slave_1: left promiscuous mode
[  212.669446][T11249] loop0: detected capacity change from 0 to 1024
[  212.700585][T11249] EXT4-fs: Ignoring removed orlov option
[  212.982501][T11256] netlink: 10 bytes leftover after parsing attributes in process `syz.2.2208'.
[  213.221976][T11259] serio: Serial port ptm0
[  213.360898][T11270] wireguard0: entered promiscuous mode
[  213.366561][T11270] wireguard0: entered allmulticast mode
[  213.398725][T11275] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  213.411854][T11275] SELinux: failed to load policy
[  213.420115][T11274] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  213.426988][T11268] loop4: detected capacity change from 0 to 8192
[  213.437872][T11274] loop1: detected capacity change from 0 to 1024
[  213.537432][T11279] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2217'.
[  213.690499][T11297] loop3: detected capacity change from 0 to 1024
[  213.701059][T11295] loop4: detected capacity change from 0 to 2048
[  213.709247][T11297] EXT4-fs: Ignoring removed orlov option
[  214.307418][T11309] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2226'.
[  214.327271][T11309] bond_slave_0: entered promiscuous mode
[  214.333026][T11309] bond_slave_1: entered promiscuous mode
[  214.351538][T11309] macsec1: entered promiscuous mode
[  214.356812][T11309] bond0: entered promiscuous mode
[  214.361995][T11309] team0: entered promiscuous mode
[  214.367135][T11309] team_slave_0: entered promiscuous mode
[  214.372894][T11309] team_slave_1: entered promiscuous mode
[  214.378699][T11309] syz_tun: entered promiscuous mode
[  214.464161][T11312] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  214.472088][T11309] bond0: left promiscuous mode
[  214.477046][T11309] team0: left promiscuous mode
[  214.481824][T11309] team_slave_0: left promiscuous mode
[  214.487344][T11309] team_slave_1: left promiscuous mode
[  214.492888][T11309] syz_tun: left promiscuous mode
[  214.498188][T11309] bond_slave_0: left promiscuous mode
[  214.503605][T11309] bond_slave_1: left promiscuous mode
[  214.511791][T11312] SELinux: failed to load policy
[  214.542227][T11311] wireguard2: entered promiscuous mode
[  214.547799][T11311] wireguard2: entered allmulticast mode
[  214.674434][T11320] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  214.686157][T11322] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  214.713223][T11320] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  214.717181][T11322] loop1: detected capacity change from 0 to 1024
[  214.723686][T11152] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 120: padding at end of block bitmap is not set
[  214.791787][T11329] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2234'.
[  214.808504][T11326] loop0: detected capacity change from 0 to 8192
[  214.842261][T11333] devtmpfs: Unknown parameter 'trans'
[  214.869120][T11335] loop2: detected capacity change from 0 to 1024
[  214.876298][T11335] EXT4-fs: Ignoring removed orlov option
[  215.180399][T11348] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=11348 comm=syz.1.2239
[  215.194405][T11348] sd 0:0:1:0: device reset
[  215.218380][T11351] devtmpfs: Unknown parameter 'trans'
[  215.413218][T11363] wireguard0: entered promiscuous mode
[  215.418796][T11363] wireguard0: entered allmulticast mode
[  215.446854][T11367] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  215.454631][T11367] SELinux: failed to load policy
[  215.527416][T11366] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2245'.
[  215.604649][T11370] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2246'.
[  215.633895][T11372] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2247'.
[  215.746081][T11379] loop3: detected capacity change from 0 to 512
[  215.760710][T11379] EXT4-fs: Ignoring removed bh option
[  215.822731][T11378] loop1: detected capacity change from 0 to 8192
[  215.843836][T11379] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  215.870697][T11379] EXT4-fs (loop3): 1 truncate cleaned up
[  215.983396][T11384] tipc: Enabled bearer <udp:syz1>, priority 10
[  216.020738][T11386] loop3: detected capacity change from 0 to 1024
[  216.034133][T11386] EXT4-fs: Ignoring removed orlov option
[  216.189324][T11395] devtmpfs: Unknown parameter 'trans'
[  216.273284][T11401] wireguard2: entered promiscuous mode
[  216.278855][T11401] wireguard2: entered allmulticast mode
[  216.323117][T11404] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  216.348228][T11404] SELinux: failed to load policy
[  216.403280][T11410] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=11410 comm=syz.3.2259
[  216.421332][T11410] sd 0:0:1:0: device reset
[  216.994718][T11420] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  217.006808][T11419] loop4: detected capacity change from 0 to 1024
[  217.154227][T11427] loop3: detected capacity change from 0 to 8192
[  217.173902][T11421] loop0: detected capacity change from 0 to 512
[  217.180501][T11421] EXT4-fs: Ignoring removed bh option
[  217.187425][T11421] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  217.197020][T11421] EXT4-fs (loop0): 1 truncate cleaned up
[  217.292091][T11434] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  217.325225][T11434] SELinux: failed to load policy
[  217.335847][T11430] wireguard1: entered promiscuous mode
[  217.341402][T11430] wireguard1: entered allmulticast mode
[  217.421819][T11439] loop4: detected capacity change from 0 to 1024
[  217.448296][T11439] EXT4-fs: Ignoring removed orlov option
[  217.464179][T11443] __nla_validate_parse: 1 callbacks suppressed
[  217.464198][T11443] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2266'.
[  218.270830][T11449] loop1: detected capacity change from 0 to 512
[  218.574491][T11449] EXT4-fs: Ignoring removed bh option
[  218.606930][T11449] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  218.645407][T11449] EXT4-fs (loop1): 1 truncate cleaned up
[  218.737400][   T29] kauditd_printk_skb: 186 callbacks suppressed
[  218.737416][   T29] audit: type=1326 audit(1757159885.804:8497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11462 comm="syz.2.2273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f702938ebe9 code=0x7ffc0000
[  218.743940][T11470] loop4: detected capacity change from 0 to 1024
[  218.767802][   T29] audit: type=1326 audit(1757159885.844:8498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11462 comm="syz.2.2273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f702938ebe9 code=0x7ffc0000
[  218.783082][T11474] loop1: detected capacity change from 0 to 1024
[  218.825945][   T29] audit: type=1326 audit(1757159885.894:8499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11462 comm="syz.2.2273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f702938ebe9 code=0x7ffc0000
[  218.849528][   T29] audit: type=1326 audit(1757159885.894:8500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11462 comm="syz.2.2273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f702938ebe9 code=0x7ffc0000
[  218.863791][T11474] EXT4-fs: Ignoring removed orlov option
[  218.873129][   T29] audit: type=1326 audit(1757159885.894:8501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11462 comm="syz.2.2273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f702938ebe9 code=0x7ffc0000
[  218.893865][T11470] EXT4-fs: Ignoring removed orlov option
[  218.902227][   T29] audit: type=1326 audit(1757159885.894:8502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11462 comm="syz.2.2273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f702938ebe9 code=0x7ffc0000
[  218.931512][   T29] audit: type=1326 audit(1757159885.894:8503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11462 comm="syz.2.2273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f702938ebe9 code=0x7ffc0000
[  218.955038][   T29] audit: type=1326 audit(1757159885.894:8504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11462 comm="syz.2.2273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f702938ebe9 code=0x7ffc0000
[  218.978725][   T29] audit: type=1326 audit(1757159885.894:8505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11462 comm="syz.2.2273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f702938ebe9 code=0x7ffc0000
[  219.002230][   T29] audit: type=1326 audit(1757159885.894:8506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11462 comm="syz.2.2273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f702938ebe9 code=0x7ffc0000
[  219.186967][T11482] loop0: detected capacity change from 0 to 512
[  219.195826][T11482] EXT4-fs: Ignoring removed bh option
[  219.207260][T11482] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  219.277320][T11482] EXT4-fs (loop0): 1 truncate cleaned up
[  219.715794][T11493] loop4: detected capacity change from 0 to 8192
[  219.894643][T11499] netlink: 10 bytes leftover after parsing attributes in process `syz.3.2282'.
[  220.906328][T11505] netlink: 360 bytes leftover after parsing attributes in process `syz.4.2284'.
[  221.018229][T11511] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  221.153823][T11511] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  221.558013][T11520] loop2: detected capacity change from 0 to 1024
[  221.565317][T11520] EXT4-fs: Ignoring removed orlov option
[  221.855847][T11524] wireguard0: entered promiscuous mode
[  221.861394][T11524] wireguard0: entered allmulticast mode
[  221.902438][T11529] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  221.910223][T11529] SELinux: failed to load policy
[  222.013808][T11535] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=11535 comm=syz.1.2294
[  222.037334][T11535] sd 0:0:1:0: device reset
[  222.059573][T11538] wg2: entered promiscuous mode
[  222.064594][T11538] wg2: entered allmulticast mode
[  222.113244][T11540] loop4: detected capacity change from 0 to 2048
[  222.146359][T11540] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.2296: bg 0: block 120: padding at end of block bitmap is not set
[  222.599474][T11555] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2300'.
[  222.624586][T11557] FAULT_INJECTION: forcing a failure.
[  222.624586][T11557] name failslab, interval 1, probability 0, space 0, times 0
[  222.637458][T11557] CPU: 0 UID: 0 PID: 11557 Comm: syz.1.2301 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  222.637492][T11557] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  222.637508][T11557] Call Trace:
[  222.637517][T11557]  <TASK>
[  222.637525][T11557]  __dump_stack+0x1d/0x30
[  222.637544][T11557]  dump_stack_lvl+0xe8/0x140
[  222.637567][T11557]  dump_stack+0x15/0x1b
[  222.637629][T11557]  should_fail_ex+0x265/0x280
[  222.637650][T11557]  should_failslab+0x8c/0xb0
[  222.637672][T11557]  kmem_cache_alloc_noprof+0x50/0x310
[  222.637711][T11557]  ? getname_flags+0x80/0x3b0
[  222.637736][T11557]  getname_flags+0x80/0x3b0
[  222.637820][T11557]  getname_uflags+0x21/0x30
[  222.637869][T11557]  __x64_sys_execveat+0x5d/0x90
[  222.637898][T11557]  x64_sys_call+0x1fec/0x2ff0
[  222.637922][T11557]  do_syscall_64+0xd2/0x200
[  222.637950][T11557]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  222.637979][T11557]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  222.638003][T11557]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.638021][T11557] RIP: 0033:0x7fd7c4d6ebe9
[  222.638034][T11557] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  222.638049][T11557] RSP: 002b:00007fd7c37cf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000142
[  222.638171][T11557] RAX: ffffffffffffffda RBX: 00007fd7c4fa5fa0 RCX: 00007fd7c4d6ebe9
[  222.638188][T11557] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffffffffff
[  222.638202][T11557] RBP: 00007fd7c37cf090 R08: 0000000000001000 R09: 0000000000000000
[  222.638217][T11557] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  222.638234][T11557] R13: 00007fd7c4fa6038 R14: 00007fd7c4fa5fa0 R15: 00007ffeea115c88
[  222.638251][T11557]  </TASK>
[  222.867053][T11559] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2302'.
[  222.882503][T11561] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  222.895746][T11561] loop1: detected capacity change from 0 to 1024
[  222.908442][T11563] loop3: detected capacity change from 0 to 1024
[  223.000603][T11571] wireguard2: entered promiscuous mode
[  223.006242][T11571] wireguard2: entered allmulticast mode
[  223.046213][T11579] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  223.054930][T11578] FAULT_INJECTION: forcing a failure.
[  223.054930][T11578] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  223.068064][T11578] CPU: 1 UID: 0 PID: 11578 Comm: syz.1.2308 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  223.068132][T11578] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  223.068219][T11578] Call Trace:
[  223.068226][T11578]  <TASK>
[  223.068234][T11578]  __dump_stack+0x1d/0x30
[  223.068260][T11578]  dump_stack_lvl+0xe8/0x140
[  223.068279][T11578]  dump_stack+0x15/0x1b
[  223.068294][T11578]  should_fail_ex+0x265/0x280
[  223.068370][T11578]  should_fail+0xb/0x20
[  223.068394][T11578]  should_fail_usercopy+0x1a/0x20
[  223.068425][T11578]  _copy_from_user+0x1c/0xb0
[  223.068556][T11578]  ___sys_sendmsg+0xc1/0x1d0
[  223.068604][T11578]  __x64_sys_sendmsg+0xd4/0x160
[  223.068641][T11578]  x64_sys_call+0x191e/0x2ff0
[  223.068678][T11578]  do_syscall_64+0xd2/0x200
[  223.068725][T11578]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  223.068754][T11578]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  223.068790][T11578]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.068816][T11578] RIP: 0033:0x7fd7c4d6ebe9
[  223.068873][T11578] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  223.068896][T11578] RSP: 002b:00007fd7c37cf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  223.068915][T11578] RAX: ffffffffffffffda RBX: 00007fd7c4fa5fa0 RCX: 00007fd7c4d6ebe9
[  223.068964][T11578] RDX: 0000000024040084 RSI: 0000200000006040 RDI: 0000000000000003
[  223.068979][T11578] RBP: 00007fd7c37cf090 R08: 0000000000000000 R09: 0000000000000000
[  223.068994][T11578] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  223.069008][T11578] R13: 00007fd7c4fa6038 R14: 00007fd7c4fa5fa0 R15: 00007ffeea115c88
[  223.069030][T11578]  </TASK>
[  223.070117][T11579] SELinux: failed to load policy
[  223.272497][T11591] loop1: detected capacity change from 0 to 512
[  223.298147][T11593] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2312'.
[  223.317971][T11591] EXT4-fs: Ignoring removed nobh option
[  223.338741][T11595] netlink: 'syz.2.2314': attribute type 4 has an invalid length.
[  223.352906][T11591] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #3: comm syz.1.2311: corrupted inode contents
[  223.368728][T11591] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #3: comm syz.1.2311: mark_inode_dirty error
[  223.433195][T11595] netlink: 'syz.2.2314': attribute type 4 has an invalid length.
[  223.433924][T11591] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #3: comm syz.1.2311: corrupted inode contents
[  223.461728][T11591] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #3: comm syz.1.2311: mark_inode_dirty error
[  223.475226][T11591] EXT4-fs error (device loop1): ext4_acquire_dquot:6937: comm syz.1.2311: Failed to acquire dquot type 0
[  223.487903][T11591] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.2311: corrupted inode contents
[  223.501480][T11591] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #16: comm syz.1.2311: mark_inode_dirty error
[  223.515856][T11591] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.2311: corrupted inode contents
[  223.527987][T11591] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #16: comm syz.1.2311: mark_inode_dirty error
[  223.865196][T11591] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.2311: corrupted inode contents
[  223.966185][T11591] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem
[  224.000833][T11591] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.2311: corrupted inode contents
[  224.296326][T11591] EXT4-fs error (device loop1): ext4_truncate:4666: inode #16: comm syz.1.2311: mark_inode_dirty error
[  224.386055][T11612] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  224.393601][T11591] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem
[  224.403772][T11611] netlink: 360 bytes leftover after parsing attributes in process `syz.3.2317'.
[  224.415388][T11591] EXT4-fs (loop1): 1 truncate cleaned up
[  224.423238][T11591] EXT4-fs mount: 37 callbacks suppressed
[  224.423258][T11591] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  224.432440][T11612] loop2: detected capacity change from 0 to 1024
[  224.443385][T11591] ext4 filesystem being mounted at /482/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  224.461976][T11591] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.496650][T11591] syz.1.2311 (11591) used greatest stack depth: 9760 bytes left
[  224.510150][T11612] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  224.528396][T11620] FAULT_INJECTION: forcing a failure.
[  224.528396][T11620] name failslab, interval 1, probability 0, space 0, times 0
[  224.541087][T11620] CPU: 1 UID: 0 PID: 11620 Comm: syz.3.2320 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  224.541118][T11620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  224.541132][T11620] Call Trace:
[  224.541140][T11620]  <TASK>
[  224.541148][T11620]  __dump_stack+0x1d/0x30
[  224.541181][T11620]  dump_stack_lvl+0xe8/0x140
[  224.541234][T11620]  dump_stack+0x15/0x1b
[  224.541253][T11620]  should_fail_ex+0x265/0x280
[  224.541279][T11620]  should_failslab+0x8c/0xb0
[  224.541302][T11620]  __kmalloc_noprof+0xa5/0x3e0
[  224.541405][T11620]  ? ip_options_get+0x52/0x350
[  224.541512][T11620]  ip_options_get+0x52/0x350
[  224.541591][T11620]  ip_cmsg_send+0x49e/0x5f0
[  224.541649][T11620]  udp_sendmsg+0x851/0x13c0
[  224.541754][T11620]  ? _raw_spin_unlock_bh+0x36/0x40
[  224.541814][T11620]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  224.541905][T11620]  ? __rcu_read_unlock+0x4f/0x70
[  224.541926][T11620]  ? __pfx_ip4_datagram_release_cb+0x10/0x10
[  224.541955][T11620]  ? __pfx_udp_sendmsg+0x10/0x10
[  224.542019][T11620]  inet_sendmsg+0xac/0xd0
[  224.542051][T11620]  __sock_sendmsg+0x102/0x180
[  224.542093][T11620]  ____sys_sendmsg+0x345/0x4e0
[  224.542149][T11620]  ___sys_sendmsg+0x17b/0x1d0
[  224.542216][T11620]  __sys_sendmmsg+0x178/0x300
[  224.542270][T11620]  __x64_sys_sendmmsg+0x57/0x70
[  224.542303][T11620]  x64_sys_call+0x1c4a/0x2ff0
[  224.542409][T11620]  do_syscall_64+0xd2/0x200
[  224.542447][T11620]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  224.542478][T11620]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  224.542536][T11620]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.542623][T11620] RIP: 0033:0x7fc2d400ebe9
[  224.542643][T11620] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  224.542667][T11620] RSP: 002b:00007fc2d2a77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  224.542691][T11620] RAX: ffffffffffffffda RBX: 00007fc2d4245fa0 RCX: 00007fc2d400ebe9
[  224.542707][T11620] RDX: 0000000000000001 RSI: 0000200000000540 RDI: 0000000000000005
[  224.542746][T11620] RBP: 00007fc2d2a77090 R08: 0000000000000000 R09: 0000000000000000
[  224.542761][T11620] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  224.542775][T11620] R13: 00007fc2d4246038 R14: 00007fc2d4245fa0 R15: 00007ffcfaeb94f8
[  224.542799][T11620]  </TASK>
[  224.802771][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.815651][T11627] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2323'.
[  224.855140][   T29] kauditd_printk_skb: 78 callbacks suppressed
[  224.855156][   T29] audit: type=1326 audit(1757159891.924:8583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11624 comm="syz.1.2322" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd7c4d6ebe9 code=0x0
[  225.024257][T11638] netlink: 'syz.2.2328': attribute type 4 has an invalid length.
[  225.032059][T11638] netlink: 17 bytes leftover after parsing attributes in process `syz.2.2328'.
[  225.110625][ T3310] EXT4-fs (loop4): unmounting filesystem 00000800-0000-0000-0000-000000000000.
[  225.155359][T11646] netlink: 360 bytes leftover after parsing attributes in process `syz.4.2330'.
[  225.655051][   T29] audit: type=1400 audit(1757159892.724:8584): avc:  denied  { getopt } for  pid=11651 comm="syz.0.2332" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  225.692824][ T2957] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  225.700316][ T2957] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  225.707813][ T2957] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  225.723716][   T29] audit: type=1400 audit(1757159892.754:8585): avc:  denied  { read write } for  pid=11652 comm="syz.4.2333" name="uhid" dev="devtmpfs" ino=253 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  225.747326][   T29] audit: type=1400 audit(1757159892.754:8586): avc:  denied  { open } for  pid=11652 comm="syz.4.2333" path="/dev/uhid" dev="devtmpfs" ino=253 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  225.793055][T11654] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2333'.
[  225.917863][ T2957] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  225.925345][ T2957] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  225.932747][ T2957] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  225.940179][ T2957] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  225.947603][ T2957] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  225.955024][ T2957] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  225.962489][ T2957] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  225.998710][   T29] audit: type=1400 audit(1757159892.964:8587): avc:  denied  { sqpoll } for  pid=11658 comm="syz.1.2334" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  226.055761][T11668] loop1: detected capacity change from 0 to 1024
[  226.070291][ T2957] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v8.00 Device [syz0] on syz0
[  226.094369][T11668] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  226.123092][T11672] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  226.127159][T11669] fido_id[11669]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  226.153356][T11672] loop2: detected capacity change from 0 to 1024
[  226.168950][T11659] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2334'.
[  226.190158][T11674] FAULT_INJECTION: forcing a failure.
[  226.190158][T11674] name failslab, interval 1, probability 0, space 0, times 0
[  226.203073][T11674] CPU: 0 UID: 0 PID: 11674 Comm: syz.0.2337 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  226.203102][T11674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  226.203141][T11674] Call Trace:
[  226.203147][T11674]  <TASK>
[  226.203153][T11674]  __dump_stack+0x1d/0x30
[  226.203176][T11674]  dump_stack_lvl+0xe8/0x140
[  226.203196][T11674]  dump_stack+0x15/0x1b
[  226.203210][T11674]  should_fail_ex+0x265/0x280
[  226.203269][T11674]  should_failslab+0x8c/0xb0
[  226.203298][T11674]  kmem_cache_alloc_noprof+0x50/0x310
[  226.203339][T11674]  ? skb_clone+0x151/0x1f0
[  226.203364][T11674]  skb_clone+0x151/0x1f0
[  226.203387][T11674]  nfnetlink_rcv+0x305/0x1690
[  226.203470][T11674]  ? nlmon_xmit+0x4f/0x60
[  226.203565][T11674]  ? consume_skb+0x49/0x150
[  226.203584][T11674]  ? nlmon_xmit+0x4f/0x60
[  226.203610][T11674]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  226.203748][T11674]  ? __dev_queue_xmit+0x1200/0x2000
[  226.203772][T11674]  ? __dev_queue_xmit+0x182/0x2000
[  226.203852][T11674]  ? ref_tracker_free+0x37d/0x3e0
[  226.203894][T11674]  netlink_unicast+0x5bd/0x690
[  226.203917][T11674]  netlink_sendmsg+0x58b/0x6b0
[  226.204019][T11674]  ? __pfx_netlink_sendmsg+0x10/0x10
[  226.204044][T11674]  __sock_sendmsg+0x142/0x180
[  226.204082][T11674]  ____sys_sendmsg+0x31e/0x4e0
[  226.204117][T11674]  ___sys_sendmsg+0x17b/0x1d0
[  226.204217][T11674]  __x64_sys_sendmsg+0xd4/0x160
[  226.204244][T11674]  x64_sys_call+0x191e/0x2ff0
[  226.204281][T11674]  do_syscall_64+0xd2/0x200
[  226.204405][T11674]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  226.204442][T11674]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  226.204524][T11674]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.204553][T11674] RIP: 0033:0x7f593640ebe9
[  226.204567][T11674] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  226.204585][T11674] RSP: 002b:00007f5934e77038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  226.204655][T11674] RAX: ffffffffffffffda RBX: 00007f5936645fa0 RCX: 00007f593640ebe9
[  226.204668][T11674] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000006
[  226.204678][T11674] RBP: 00007f5934e77090 R08: 0000000000000000 R09: 0000000000000000
[  226.204689][T11674] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  226.204754][T11674] R13: 00007f5936646038 R14: 00007f5936645fa0 R15: 00007ffcc43ff9d8
[  226.204771][T11674]  </TASK>
[  226.449792][T11672] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  226.525099][ T3305] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  226.679698][T11682] netlink: 'syz.2.2340': attribute type 4 has an invalid length.
[  226.687573][T11682] netlink: 17 bytes leftover after parsing attributes in process `syz.2.2340'.
[  226.751238][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  226.799688][   T29] audit: type=1326 audit(1757159893.864:8588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11693 comm="syz.4.2345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f880a31ebe9 code=0x7ffc0000
[  226.837630][   T29] audit: type=1326 audit(1757159893.864:8589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11693 comm="syz.4.2345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f880a31ebe9 code=0x7ffc0000
[  226.861427][   T29] audit: type=1326 audit(1757159893.864:8590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11693 comm="syz.4.2345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f880a31ebe9 code=0x7ffc0000
[  226.885020][   T29] audit: type=1326 audit(1757159893.864:8591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11693 comm="syz.4.2345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f880a31ebe9 code=0x7ffc0000
[  226.908700][   T29] audit: type=1326 audit(1757159893.864:8592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11693 comm="syz.4.2345" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f880a31ebe9 code=0x7ffc0000
[  227.758299][T11711] loop2: detected capacity change from 0 to 8192
[  227.834070][T11716] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=11716 comm=syz.1.2350
[  227.858578][T11718] loop4: detected capacity change from 0 to 1024
[  227.883794][T11716] sd 0:0:1:0: device reset
[  227.911218][T11718] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  227.970370][T11718] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 18: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[  228.038836][T11724] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2351'.
[  228.081641][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  229.191496][T11747] loop3: detected capacity change from 0 to 1024
[  229.212207][T11747] EXT4-fs: Ignoring removed orlov option
[  229.231509][T11747] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  229.278741][T11754] loop4: detected capacity change from 0 to 1024
[  229.300544][T11745] lo speed is unknown, defaulting to 1000
[  229.323475][T11754] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  229.329485][T11743] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  229.343433][T11755] loop2: detected capacity change from 0 to 2048
[  229.388059][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  229.422848][T11755] EXT4-fs (loop2): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  229.455946][T11755] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.2362: bg 0: block 120: padding at end of block bitmap is not set
[  229.632935][ T3305] EXT4-fs (loop2): unmounting filesystem 00000800-0000-0000-0000-000000000000.
[  229.745796][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  229.796751][T11775] netlink: 360 bytes leftover after parsing attributes in process `syz.3.2367'.
[  229.817027][T11771] loop2: detected capacity change from 0 to 8192
[  229.857114][T11778] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=11778 comm=syz.3.2369
[  229.876485][T11778] sd 0:0:1:0: device reset
[  230.141765][T11782] wireguard1: entered promiscuous mode
[  230.147335][T11782] wireguard1: entered allmulticast mode
[  230.178869][T11784] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  230.188800][T11784] SELinux: failed to load policy
[  230.368148][T11786] loop4: detected capacity change from 0 to 1024
[  230.376470][T11790] wireguard1: entered promiscuous mode
[  230.382075][T11790] wireguard1: entered allmulticast mode
[  230.386925][T11793] serio: Serial port ptm2
[  230.403319][T11786] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  230.421967][T11797] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  230.434758][T11797] SELinux: failed to load policy
[  230.462527][T11786] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 18: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[  230.496038][T11786] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2372'.
[  230.526917][T11808] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  230.539828][T11808] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  230.566056][T11812] wireguard1: entered promiscuous mode
[  230.566515][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  230.571675][T11812] wireguard1: entered allmulticast mode
[  230.642752][T11818] wireguard0: entered promiscuous mode
[  230.648343][T11818] wireguard0: entered allmulticast mode
[  230.664587][T11815] loop4: detected capacity change from 0 to 8192
[  230.729348][T11823] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  230.737224][T11823] SELinux: failed to load policy
[  230.743544][T11816] lo speed is unknown, defaulting to 1000
[  230.875837][T11828] devtmpfs: Unknown parameter 'trans'
[  230.992957][T11839] serio: Serial port ptm0
[  231.036259][T11844] wireguard0: entered promiscuous mode
[  231.041771][T11844] wireguard0: entered allmulticast mode
[  231.084933][T11850] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  231.092600][T11850] SELinux: failed to load policy
[  231.141502][T11853] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  231.258485][T11858] loop2: detected capacity change from 0 to 8192
[  231.472082][T11867] netlink: 10 bytes leftover after parsing attributes in process `syz.3.2397'.
[  231.500764][T11869] devtmpfs: Unknown parameter 'trans'
[  231.645676][T11876] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  231.654264][T11876] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  231.770319][T11883] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  231.783143][T11883] loop1: detected capacity change from 0 to 1024
[  231.796364][T11883] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  231.820497][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  231.846761][T11888] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2406'.
[  231.858410][T11888] bond_slave_0: entered promiscuous mode
[  231.864129][T11888] bond_slave_1: entered promiscuous mode
[  231.869832][T11888] dummy0: entered promiscuous mode
[  231.875259][T11888] macsec1: entered promiscuous mode
[  231.880599][T11888] bond0: entered promiscuous mode
[  231.885841][T11888] team0: entered promiscuous mode
[  231.890889][T11888] team_slave_0: entered promiscuous mode
[  231.896669][T11888] team_slave_1: entered promiscuous mode
[  231.902546][T11888] syz_tun: entered promiscuous mode
[  231.910107][T11888] bond0: left promiscuous mode
[  231.915142][T11888] team0: left promiscuous mode
[  231.919966][T11888] team_slave_0: left promiscuous mode
[  231.925529][T11888] team_slave_1: left promiscuous mode
[  231.931093][T11888] syz_tun: left promiscuous mode
[  231.946277][T11888] bond_slave_0: left promiscuous mode
[  231.951859][T11888] bond_slave_1: left promiscuous mode
[  231.957346][T11888] dummy0: left promiscuous mode
[  232.041977][T11893] loop4: detected capacity change from 0 to 512
[  232.048579][T11893] EXT4-fs: Ignoring removed bh option
[  232.062495][T11893] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  232.072418][T11893] EXT4-fs (loop4): 1 truncate cleaned up
[  232.086195][T11893] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  232.099905][T11893] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  232.155887][T11901] lo speed is unknown, defaulting to 1000
[  232.277319][T11912] devtmpfs: Unknown parameter 'trans'
[  232.344460][T11921] syz!: rxe_newlink: already configured on team_slave_0
[  232.355568][T11921] loop3: detected capacity change from 0 to 1024
[  232.366608][T11921] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  232.406943][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  232.421886][T11927] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2419'.
[  232.450083][T11927] macsec1: entered promiscuous mode
[  232.455420][T11927] bond0: entered promiscuous mode
[  232.460575][T11927] bond_slave_0: entered promiscuous mode
[  232.466392][T11927] bond_slave_1: entered promiscuous mode
[  232.473279][T11927] bond0: left promiscuous mode
[  232.478166][T11927] bond_slave_0: left promiscuous mode
[  232.483690][T11927] bond_slave_1: left promiscuous mode
[  232.490856][T11925] lo speed is unknown, defaulting to 1000
[  232.544912][T11929] loop3: detected capacity change from 0 to 8192
[  232.670953][T11935] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=11935 comm=syz.3.2421
[  232.686068][T11935] sd 0:0:1:0: device reset
[  232.690618][   T29] kauditd_printk_skb: 77 callbacks suppressed
[  232.690660][   T29] audit: type=1326 audit(1757159899.754:8670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11930 comm="syz.2.2420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f702938ebe9 code=0x7ffc0000
[  232.720630][   T29] audit: type=1326 audit(1757159899.754:8671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11930 comm="syz.2.2420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f702938ebe9 code=0x7ffc0000
[  232.744222][   T29] audit: type=1326 audit(1757159899.754:8672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11930 comm="syz.2.2420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f702938ebe9 code=0x7ffc0000
[  232.768423][   T29] audit: type=1326 audit(1757159899.754:8673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11930 comm="syz.2.2420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f702938ebe9 code=0x7ffc0000
[  232.792042][   T29] audit: type=1326 audit(1757159899.754:8674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11930 comm="syz.2.2420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f702938ebe9 code=0x7ffc0000
[  232.815639][   T29] audit: type=1326 audit(1757159899.754:8675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11930 comm="syz.2.2420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f702938ebe9 code=0x7ffc0000
[  232.839127][   T29] audit: type=1326 audit(1757159899.754:8676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11930 comm="syz.2.2420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f702938ebe9 code=0x7ffc0000
[  232.862731][   T29] audit: type=1326 audit(1757159899.754:8677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11930 comm="syz.2.2420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f702938e7eb code=0x7ffc0000
[  232.886193][   T29] audit: type=1326 audit(1757159899.754:8678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11930 comm="syz.2.2420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f702938d550 code=0x7ffc0000
[  232.909831][   T29] audit: type=1326 audit(1757159899.754:8679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11930 comm="syz.2.2420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f702938ebe9 code=0x7ffc0000
[  233.046794][T11940] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  233.068432][T11940] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  233.206411][T11951] netlink: 10 bytes leftover after parsing attributes in process `syz.4.2427'.
[  233.276607][T11953] loop1: detected capacity change from 0 to 512
[  233.297814][T11953] EXT4-fs: Ignoring removed bh option
[  233.326110][T11953] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  233.353291][T11953] EXT4-fs (loop1): 1 truncate cleaned up
[  233.360651][T11953] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  233.374681][T11953] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  233.525875][T11961] syz!: rxe_newlink: already configured on team_slave_0
[  233.558268][T11959] loop3: detected capacity change from 0 to 1024
[  233.607266][T11959] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  233.659653][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  233.668935][T11969] loop2: detected capacity change from 0 to 8192
[  233.695225][T11968] loop0: detected capacity change from 0 to 8192
[  233.790170][T11973] lo speed is unknown, defaulting to 1000
[  234.062400][T11984] lo speed is unknown, defaulting to 1000
[  234.135143][T11992] loop4: detected capacity change from 0 to 512
[  234.151460][T11992] EXT4-fs: Ignoring removed bh option
[  234.159263][T11992] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  234.171140][T11992] EXT4-fs (loop4): 1 truncate cleaned up
[  234.178335][T11992] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  234.191583][T11992] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  234.556082][T12005] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  234.565760][T12005] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  234.691522][T12008] loop4: detected capacity change from 0 to 8192
[  234.761153][T12010] netlink: 64 bytes leftover after parsing attributes in process `syz.0.2445'.
[  234.827299][T12013] netlink: 360 bytes leftover after parsing attributes in process `syz.0.2445'.
[  234.841916][T12015] wireguard2: entered promiscuous mode
[  234.847795][T12015] wireguard2: entered allmulticast mode
[  234.896379][T12017] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  234.912871][T12012] loop4: detected capacity change from 0 to 8192
[  234.953537][T12017] SELinux: failed to load policy
[  234.969017][T12020] netlink: 10 bytes leftover after parsing attributes in process `syz.0.2448'.
[  235.020915][T12022] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  235.114841][T12028] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=12028 comm=syz.2.2452
[  235.250678][T12032] loop3: detected capacity change from 0 to 1024
[  235.267772][T12032] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  235.613183][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  235.896402][T12043] syz!: rxe_newlink: already configured on team_slave_0
[  235.936101][T12043] loop3: detected capacity change from 0 to 1024
[  236.001743][T12043] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  236.180300][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  236.275805][T12054] wireguard0: entered promiscuous mode
[  236.281334][T12054] wireguard0: entered allmulticast mode
[  236.318921][T12056] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  236.326956][T12056] SELinux: failed to load policy
[  236.408449][T12061] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2461'.
[  236.469958][T12059] loop3: detected capacity change from 0 to 8192
[  236.532500][T12068] loop4: detected capacity change from 0 to 1024
[  236.548092][T12068] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  236.586717][T12068] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 18: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[  236.627246][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  236.661338][T12076] serio: Serial port ptm0
[  236.686726][T12074] loop3: detected capacity change from 0 to 8192
[  237.056775][T12095] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=12095 comm=syz.0.2474
[  237.077802][T12095] sd 0:0:1:0: device reset
[  237.207506][T12093] lo speed is unknown, defaulting to 1000
[  237.345051][T12069] 9pnet_fd: p9_fd_create_tcp (12069): problem connecting socket to 127.0.0.1
[  237.433937][T12102] loop1: detected capacity change from 0 to 8192
[  237.610014][T12104] netlink: 360 bytes leftover after parsing attributes in process `syz.1.2478'.
[  237.744716][T12120] wireguard0: entered promiscuous mode
[  237.750274][T12120] wireguard0: entered allmulticast mode
[  237.774360][T12109] loop1: detected capacity change from 0 to 8192
[  237.801783][   T29] kauditd_printk_skb: 50 callbacks suppressed
[  237.801799][   T29] audit: type=1326 audit(1757159904.864:8730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12113 comm="syz.4.2483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f880a31ebe9 code=0x7ffc0000
[  237.831553][   T29] audit: type=1326 audit(1757159904.864:8731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12113 comm="syz.4.2483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f880a31ebe9 code=0x7ffc0000
[  237.855175][   T29] audit: type=1326 audit(1757159904.864:8732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12113 comm="syz.4.2483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f880a31ebe9 code=0x7ffc0000
[  237.878676][   T29] audit: type=1326 audit(1757159904.864:8733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12113 comm="syz.4.2483" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f880a31ebe9 code=0x7ffc0000
[  237.920308][T12128] netlink: 'syz.3.2488': attribute type 8 has an invalid length.
[  237.928198][T12128] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2488'.
[  237.955553][T12130] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2489'.
[  237.989051][T12134] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=12134 comm=syz.3.2491
[  238.005145][T12134] sd 0:0:1:0: device reset
[  238.086565][T12139] netlink: 360 bytes leftover after parsing attributes in process `syz.1.2493'.
[  238.314031][T12148] lo speed is unknown, defaulting to 1000
[  238.390758][T12149] lo speed is unknown, defaulting to 1000
[  238.582609][   T29] audit: type=1326 audit(1757159905.644:8734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12159 comm="syz.4.2500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f880a31ebe9 code=0x7ffc0000
[  238.609467][T12160] loop4: detected capacity change from 0 to 2048
[  238.609865][   T29] audit: type=1326 audit(1757159905.644:8735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12159 comm="syz.4.2500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f880a31ebe9 code=0x7ffc0000
[  238.639469][   T29] audit: type=1326 audit(1757159905.644:8736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12159 comm="syz.4.2500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f880a31ebe9 code=0x7ffc0000
[  238.662977][T12161] netlink: 10 bytes leftover after parsing attributes in process `syz.3.2498'.
[  238.672010][   T29] audit: type=1326 audit(1757159905.644:8737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12159 comm="syz.4.2500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f880a31ebe9 code=0x7ffc0000
[  238.695567][   T29] audit: type=1326 audit(1757159905.644:8738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12159 comm="syz.4.2500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f880a31ebe9 code=0x7ffc0000
[  238.719107][   T29] audit: type=1326 audit(1757159905.644:8739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12159 comm="syz.4.2500" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f880a31ebe9 code=0x7ffc0000
[  238.746522][T12160] EXT4-fs (loop4): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  238.776576][T12160] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.2500: bg 0: block 120: padding at end of block bitmap is not set
[  238.877060][ T3310] EXT4-fs (loop4): unmounting filesystem 00000800-0000-0000-0000-000000000000.
[  238.897732][T12167] wireguard0: entered promiscuous mode
[  238.903269][T12167] wireguard0: entered allmulticast mode
[  238.955452][T12170] loop4: detected capacity change from 0 to 8192
[  239.044048][T12174] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  239.067210][T12174] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  239.073042][T12178] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=12178 comm=syz.2.2506
[  239.136289][T12180] loop4: detected capacity change from 0 to 1024
[  239.190959][T12186] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=12186 comm=syz.0.2508
[  239.195063][T12180] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  239.208226][T12186] sd 0:0:1:0: device reset
[  239.344507][T12180] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 18: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[  239.440780][ T3310] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  239.558474][T12192] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2510'.
[  239.662956][T12195] netlink: 360 bytes leftover after parsing attributes in process `syz.1.2511'.
[  239.703047][ T5708] ==================================================================
[  239.711182][ T5708] BUG: KCSAN: data-race in set_nlink / set_nlink
[  239.717529][ T5708] 
[  239.719861][ T5708] read to 0xffff888106cdc780 of 4 bytes by task 3482 on cpu 0:
[  239.727412][ T5708]  set_nlink+0x29/0xb0
[  239.731498][ T5708]  kernfs_iop_permission+0x1e2/0x220
[  239.736796][ T5708]  inode_permission+0x1c7/0x310
[  239.741756][ T5708]  link_path_walk+0x162/0x900
[  239.746445][ T5708]  path_openat+0x1de/0x2170
[  239.750958][ T5708]  do_filp_open+0x109/0x230
[  239.755467][ T5708]  do_sys_openat2+0xa6/0x110
[  239.760112][ T5708]  __x64_sys_openat+0xf2/0x120
[  239.764928][ T5708]  x64_sys_call+0x2e9c/0x2ff0
[  239.769624][ T5708]  do_syscall_64+0xd2/0x200
[  239.774143][ T5708]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.780046][ T5708] 
[  239.782380][ T5708] write to 0xffff888106cdc780 of 4 bytes by task 5708 on cpu 1:
[  239.790007][ T5708]  set_nlink+0x99/0xb0
[  239.794084][ T5708]  kernfs_iop_permission+0x1e2/0x220
[  239.799377][ T5708]  inode_permission+0x1c7/0x310
[  239.804239][ T5708]  link_path_walk+0x162/0x900
[  239.808925][ T5708]  path_openat+0x1de/0x2170
[  239.813436][ T5708]  do_filp_open+0x109/0x230
[  239.817946][ T5708]  do_sys_openat2+0xa6/0x110
[  239.822637][ T5708]  __x64_sys_openat+0xf2/0x120
[  239.827418][ T5708]  x64_sys_call+0x2e9c/0x2ff0
[  239.832110][ T5708]  do_syscall_64+0xd2/0x200
[  239.836634][ T5708]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.842537][ T5708] 
[  239.844868][ T5708] value changed: 0x00000165 -> 0x00000164
[  239.850587][ T5708] 
[  239.852910][ T5708] Reported by Kernel Concurrency Sanitizer on:
[  239.859066][ T5708] CPU: 1 UID: 0 PID: 5708 Comm: udevd Not tainted syzkaller #0 PREEMPT(voluntary) 
[  239.868359][ T5708] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  239.878421][ T5708] ==================================================================
[  239.892716][T12206] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  239.903536][T12206] SELinux: failed to load policy
[  239.914993][T12201] wireguard1: entered promiscuous mode
[  239.920492][T12201] wireguard1: entered allmulticast mode