last executing test programs:

2.676584668s ago: executing program 4 (id=486):
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000080)=ANY=[@ANYBLOB="1800"/15], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
rt_tgsigqueueinfo(0x0, 0x0, 0x3e, &(0x7f0000000080)={0x0, 0xffffffff, 0x41})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x1, 0x7, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xb, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x51, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f00000002c0)='kfree\x00', r5, 0x0, 0x4}, 0x18)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
unshare(0x64000600)

1.713746563s ago: executing program 4 (id=497):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x1, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r0, 0x0, 0x2}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000080), 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV")

1.650769834s ago: executing program 3 (id=498):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0x2, <r0=>0x0}, 0x8)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x64, 0x6, 0x510, 0x288, 0x288, 0xd0, 0x1b8, 0x358, 0x440, 0x440, 0x440, 0x440, 0x440, 0x6, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00', @empty, [0xffffffff, 0xff000000, 0xffffff00, 0xff000000], [0xffffff00, 0xff, 0xff, 0x7fffffff], 'hsr0\x00', 'xfrm0\x00', {0xff}, {0xff}, 0x29, 0x7, 0x2, 0x1}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x0, 0x5}}}, {{@ipv6={@mcast1, @local, [], [], 'macvtap0\x00', 'ip6tnl0\x00', {}, {}, 0x11}, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@broadcast}}}, {{@ipv6={@mcast2, @loopback, [], [], 'veth0_to_team\x00', 'syzkaller0\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@MARK={0x28}}, {{@uncond, 0x0, 0xa8, 0xd0}, @inet=@DSCP={0x28}}, {{@uncond, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@dev={0xac, 0x14, 0x14, 0x12}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x570)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2540, 0x0)
r4 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r5}, &(0x7f0000000180), &(0x7f00000001c0)=r4}, 0x20)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000800)='./file0\x00', 0x0, &(0x7f0000000980)=ANY=[@ANYBLOB="757466382c626c6f636b3d307830303030303030303030303030323030006e6f726f636b2c63727566742c6d61703d6f66662c646d6f64653d3078303430303030303030303030303063664173657373696f6e3d3078303030303030303030303030303033382c756e686964652c756e686964652c6769643d29e0cd5c372ab078c28fb05c6421428d066455368833565fd726743513f4466efa8d4fba06d57341875f5775ab343c0f6bc59fbde784ec3597e0e286d8d0dbf360afa3bc5c145b6e4f8b0305932fb55ff13f9fcb5035769f5fca33ac02bdeacb24c58103edc3d8b46df7614aa493952584ee662174309b11a4ad19e64dcdeeca1c148170b8d1aaf26082364b0d90d63d8502ffa63dde945e4612ac134315f389af667a04931ad25ff10b9b5107e517dbbcf5dcb60f564f54b344218d9325b53e829c38c96c69adc9e745202923a1b8124333cce0a8f1c748d42a272eb3e5502051090f1ac34fe5e8f038", @ANYRESHEX=0x0, @ANYRESOCT], 0x2, 0x699, &(0x7f0000000140)="$eJzs3V9rG9n9x/HPyLIte3+E5dcSQsifk6QLDk2VkbxxMCl01dHInlbSiBm52FBY0o29hMjZNkmh8c3WN/0D2yfQu970og+i0Ot9Fr0pLSztXaE3KnNmJEvRv3ijOLvN+2V2NTrznTnfmaPoy9iaIwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADle1XVLjupBc2fXTOZVo7AxZX26t0XdTBduzuxXcpL/VCjoQtp04Zsnq88n/7uuS+mzSyokDwUdvXP+3XvfyOd6209J6MvQaXf49PnRo/udzv6Tl4hd0Kl3/yYp11taycZkTNCW3wziMGhUtnwTxKHZ3Nhwb2/XYlML6n68F7f9hvEiP9cOI7Pm3TSlzc114xf3wp3mVrVS93uNd79Tdt0N84PldKAlFWNvO6jXg+aWjUlWJzF3zWc/TgP8SsOYg4ed/fVZR5IElV4mqDwrqOyWy6VSuVzauLN5567r5kca3ITj9mkkYu4vWnzNzOeNG5iDXFL//+pIdRXU1I52Zcb+eKoqUqjGhPWZXv1/77Y/td/B+t+r8hek72WrL8rW/yvpsyuT6v+EXIyM3WDcGmdC++l+Fm1GRk/1XEd6pPvqqKN9PZnDvo3M1bns5Qx+tuSrqUCxQgVqqGJbTNZitKkNbcjVh9pWTbGMagpUl69Ye4rVlm9fUZ4i+aqorVCRjNbk6aaMStrUptZl5KuoPYXaUVNbqqqif3e73QM9tOd9fUqO6gWVJgQsDwaVp+xpUv3/yafp6zSr/y71/22Vvg6W04fPp8UAXwHd7Pp/UG72ZldfX0YAAAAAAGDeHPvbd8f+7f6ypK5qQd1333RaAAAAAABgjhx1l3VJTnL9L+myHK7/AQAAAAD4X+PYe+wcSav2Q/3OyZ1QL/NLgIUzSBEAAAAAALwie+f/lSWpayetuCrnVNf/AAAAAADga+A3A3Ps53tz7HZ7f9bPSYpby86f/7msaNE5bu1+yzmsJGsqh1nMyCcA2rWLzrlsol77sCTJPvP8S07WWzYJZn/ewS8OZs3170QvJLC0MLiDCQk4Sc8b+eyZPtO1dJNr2TzzD45ysmvSXlZrQd0vemH9XkmVyrlc299t//zxw19IUf84Dx529osffdJ5YHM5TpqOD5OdfjqUTm78yTjJ5Zmdb8HeczHuiFdU63X522Zj1bH9ur3jX1DlMDfY0bQBOOnzV7qejtn11TR29ag/435y/IXk+EtFO2RDRx8tOidZlF488nEDMSGLgs3iRhpzY+2Gyn9Ll/ujkHMK316QysXRMRjKojyYxexz4fxr5FwMZGEfemsGzsV6ksVfkh1NyGL9dFmMjAgAvCkHuiz7LnRZdhLzfhUqZHW3Vx56b2pfqu7Mru4fDFf3Z7/vdu0GC1I++9vE1F4KSt7R1xxbh5bSQ8pfHPOO7mZ1paAJ7+juK1S3pK8/nXwHUpb2SBb/6Xa790q239+9UFX/MNTdSL9xvbyQnMLbzw5/aifAT3y8//H+43J5fcN933XvlLVoDyN7WBC1BwAwYvZ37MyMcN7XtTTi2oN/vJcuDVW8/+9/pKCoj/SJOnqgW72vELg6fq+rAx9DuJVetWrgqtWcf/ee/V664diSbk28qrO1dCC23I9dVG+T4Up9Erv+mkcBAICzdX1GHR5f/wtD9f+W1tKItYtjr7uHa3l2ddy/pJ8UW5qd/AfzPhsAALwd/OgLZ7X9ayeKgtaHpc3NUqW97Zso9H5ooqC65Zug2fYjb7vS3PJNKwrboRfWTSvSclD1YxPvtFph1Da1MDKtMA527Te/m+yr32O/UWm2Ay9u1f1K7BsvbLYrXttUg9gzrZ3v14N424/sxnHL94Ja4FXaQdg0cbgTeX7RmNj3BwKDqt9sB7UgWWyaVhQ0KtGe+VFY32n4purHXhS02mG6w15fQbMWRg2722K+O+7zAgAAvHWePj96dL/T2X/y4sJKcmmethxrQszowpKePk+uypOWfLaKOYIAAPiKOSngp9io8BoTAgAAAAAAAAAAAAAAAAAAAAAAI2bf0nfKhcVxNwtK/Zafncta9Eud3GI4sh9H807sNAu5027VuyXi6NHnU4JX+i290z8Yc3xmB/j3/5PesS1KW/Lz72tlyuC+joXvHqRndGJMsnLsquX+WOTn/88hWXj8xwmrut1ud/rmy8PncGnaAQ4v5CU9WXqFITj79yIAZ+u/AQAA//9b5DOa")
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x4, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x0, 0xbffffffffffffffd, 0xffffffffffffffff, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000000c0)={r8, &(0x7f00000001c0), &(0x7f0000000080)=""/52}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000b40)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffd5e, 0x0, 0x0, 0x0, r0, r6, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b7040000000000008500000057"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000a40000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1600000000000000040000000100000000000000", @ANYRES32=0x1, @ANYRES32=0x0], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

1.501445526s ago: executing program 3 (id=500):
accept4$phonet_pipe(0xffffffffffffffff, 0x0, 0x0, 0x80000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000700000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x50032, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)

1.462794867s ago: executing program 3 (id=501):
write$selinux_attr(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
clock_adjtime(0x0, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000180)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x48940, 0x0)
setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f00000002c0), 0x27)
setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x11a, 0x1, &(0x7f00000000c0)=@ccm_128={{0x303}, "000000009b993e68", "75df9868592b9fd3ccfffffffffffff7", ')\x00\x000', "00000011000a00"}, 0x28)
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = socket(0x400000000010, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prlimit64(0x0, 0xf, &(0x7f0000000140)={0x0, 0xffffffffffffffff}, 0x0)
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_GET(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="14"], 0x14}}, 0x4000000)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYRESHEX=r0, @ANYRES32=r1], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r4, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r5}, 0x10)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="5c0000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="04000000000000003c0012800b00010062726964676500002c00028005002b000300000005002c"], 0x5c}, 0x1, 0xffffffea, 0x0, 0x8800}, 0x0)
bind$unix(r2, &(0x7f00000000c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)

1.461649167s ago: executing program 4 (id=502):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000001000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)})
getpgid(0xffffffffffffffff)

1.364280659s ago: executing program 4 (id=504):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4}}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8943, &(0x7f0000000900)={'syz_tun\x00', @random='\x00\x00\x00 \x00'})

1.361792768s ago: executing program 4 (id=505):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000180)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
io_setup(0x8, &(0x7f00000002c0)=<r4=>0x0)
io_submit(r4, 0x1, &(0x7f0000001780)=[&(0x7f0000000100)={0x2000034000, 0x4, 0x0, 0x1, 0x0, r3, &(0x7f0000000040)="0200ffff0000", 0x6}])
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000fb"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
socket(0x25, 0x2, 0x0)
socket$inet6(0xa, 0x2, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
write(0xffffffffffffffff, &(0x7f00000002c0)="fc0000001c000704ab5b2509b868030002ab087a0100000001481093210001c0f0030584050060100000000000039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3ef3d92c94170e5bba2e177312e081bea05d3a021e8ca062914a46ccfc510bb73c9455cdc8363ae4f5df77bc4cfd6239ec2a0f0d1bcae5fa0f5f9dcdd51af51af8502943283f4bb102b2b8f5566791cf190201ded815b2ccd243f395ed94e0ad91bd6433802e0784f2013cd1890058a10000c880ac801fe4af000049f0d4796f0000090548de", 0xfc)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSARP(r6, 0x8953, &(0x7f0000000180)={{0x2, 0x0, @empty}, {0x0, @dev}, 0x0, {0x2, 0x0, @multicast1=0xe000cc02}})

1.323897329s ago: executing program 3 (id=506):
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000300)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000440)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fcntl$notify(r2, 0x402, 0x4)
openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x88040, 0x0)

1.29388515s ago: executing program 3 (id=508):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
pipe(&(0x7f0000000d00)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18)
close(r4)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r4, &(0x7f0000000140)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r5, &(0x7f0000000500), 0x0, 0x2000c044)
write$binfmt_misc(r3, &(0x7f0000000240), 0xfffffecc)
splice(r2, 0x0, r4, 0x0, 0x714f, 0x0)

1.27599802s ago: executing program 4 (id=511):
r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x40, 0x1, 0xfd, 0x0, 0x0, 0x9, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x2, @perf_config_ext={0xf60, 0xffffffff}, 0x1100, 0x5dd8, 0x3a65, 0x5, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x41, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000100)=0x1, 0x4)
connect$inet6(r1, &(0x7f00000001c0)={0xa, 0x4000, 0x0, @loopback}, 0x1c)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000240)='tunl0\x00', 0x10)
setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000000), 0xffba)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect(0x0, 0x36, &(0x7f0000000040)=ANY=[], 0x0)
ioctl$EVIOCGBITSW(r0, 0x40095505, 0x0)
setsockopt$inet6_IPV6_ADDRFORM(r1, 0x29, 0x1, &(0x7f0000000340), 0x4)
mmap(&(0x7f00005dd000/0x2000)=nil, 0x2000, 0x2, 0x50, 0xffffffffffffffff, 0x7e538000)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
r3 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000200)={0x0, 0x2, 0x18}, 0xc)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x1, 0x803, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000480)=@newlink={0x50, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x70439}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @sit={{0x8}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_IPTUN_PMTUDISC={0x5}, @IFLA_IPTUN_FLAGS={0x6, 0x8, 0x1}, @IFLA_IPTUN_LINK={0x8, 0x1, r6}]}}}, @IFLA_MASTER={0x8, 0xa, r6}]}, 0x50}}, 0x0)
r7 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000280), 0x4)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000002c0)={0x1b, 0x0, 0x0, 0x1000, 0x0, r3, 0x9, '\x00', r6, r7, 0x0, 0x5, 0x4, 0x0, @void, @value, @void, @value}, 0x50)
r8 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
readv(r8, &(0x7f0000000440)=[{&(0x7f0000000380)=""/159, 0x9f}], 0x1)
syz_usb_disconnect(r8)
r9 = syz_open_dev$evdev(&(0x7f0000000040), 0x2, 0x0)
ioctl$EVIOCGABS20(r9, 0x40044591, 0x0)
ioctl$EVIOCRMFF(r8, 0x4004550e, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r2, 0x0, 0x60, &(0x7f0000000f40)={'filter\x00', 0x10, 0x4, 0x3f0, 0x110, 0x0, 0x0, 0x308, 0x308, 0x308, 0x4, 0x0, {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@random="e5fce0c960bc", @private=0xa010102, @dev={0xac, 0x14, 0x14, 0x1e}, 0xf, 0xffffffff}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28, 'CLASSIFY\x00', 0x0, {0x2}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@remote, @broadcast, @loopback, 0x1, 0x1}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x440)
getpeername$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @initdev}, &(0x7f00000000c0)=0x1c)

705.902839ms ago: executing program 1 (id=536):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000000900010073797a30000000003c000000090a010500000000000000000100fffe08000a40000000000900020073797a32000000000900010073797a3000000000080005400000000f840000000c0a01030000000000000000010000000900020073797a32000000005800038054000080080003400000000248000b80200001800a00010071756f7461000000100002800c0001400000000000000000102301800c000100636f756e76657200140001800a00010072616e6765000000040002800900010073797a30"], 0x108}, 0x1, 0x0, 0x0, 0xc090}, 0x0)

705.499799ms ago: executing program 2 (id=537):
r0 = socket(0x8000000010, 0x2, 0x0)
write(r0, &(0x7f00000002c0)="fc0000001c000704ab5b2509b868030002ab087a0100000001481093210001c0f0030584050060100000000000039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3ef3d92c94170e5bba2e177312e081bea05d3a021e8ca062914a46ccfc510bb73c9455cdc8363ae4f5df77bc4cfd6239ec2a0f0d1bcae5fa0f5f9dcdd51af51af8502943283f4bb102b2b8f5566791cf190201ded815b2ccd243f395ed94e0ad91bd6433802e0784f2013cd1890058a10000c880ac801fe4af000049f0d4796f0000090548", 0xfb)

675.16246ms ago: executing program 2 (id=538):
r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x88002, 0x0)
pwritev(r0, &(0x7f00000000c0)=[{0x0}, {&(0x7f0000000140)}], 0x2, 0x0, 0x0)

672.64237ms ago: executing program 1 (id=539):
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = dup(r2)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x4000000000000, 0x4, 0x0, 0x0) (fail_nth: 2)

451.987253ms ago: executing program 0 (id=540):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000005c0)='kfree\x00', r0, 0x0, 0x100000001}, 0x18)
r1 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r1, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000080)='kfree\x00', r2}, 0x18)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0xf10c, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
open(0x0, 0x400402, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = dup(r4)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x4000000000000, 0x4, 0x0, 0x14)
r6 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000140), 0x800000, 0x0)
ioctl$PPPIOCNEWUNIT(r6, 0xc004743e, &(0x7f00000000c0)=0xffffffff)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$EVIOCGPROP(r7, 0x40047438, &(0x7f0000000180)=""/246)
ioctl$PPPIOCSFLAGS1(r7, 0x4004743a, &(0x7f0000000300))
ioctl$PPPIOCGCHAN(r1, 0x80047437, &(0x7f0000001f00))
sendmmsg(r1, &(0x7f0000000340)=[{{0x0, 0x0, &(0x7f0000000440)}}, {{0x0, 0x0, &(0x7f0000000880)=[{0x0}, {&(0x7f0000000080)="72d3e6e236cbc50c54027df6dd0ee86ff83bb92d", 0x14}, {&(0x7f0000000780)}, {&(0x7f00000004c0)="7349f1dab90f272a54b7c0c299961565aa39fc4b43b1bfb35372d5c0929f6450a5b1b0b084705e70e3c1e9286199d61582ad873e55e12a3f48d7a1cde7114fdd73fe0a8f754f34f4ccecb9f50e29c230742633bcd310f9b992f3d0fc0bb10cc60b419ebe76a0bda5119b4e72e90d8eab88dfac5f19787ef30b303972cdd6dd9122bcda81fe2c0d29e58a8cde45ab04337627ddcf2edb9a8b8e9f3483ea5cdedb221e41dc7b17e3", 0xa7}], 0x4, &(0x7f0000000580)=ANY=[@ANYBLOB='(\x00\x00\x00\x00\x00'], 0x28}}], 0x2, 0x10014)

412.387244ms ago: executing program 2 (id=541):
r0 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)

412.061424ms ago: executing program 1 (id=542):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000580)=@newtfilter={0x4c, 0x2c, 0xd27, 0x70bd24, 0x25dfdbfc, {0x0, 0x0, 0x0, r3, {0xfff1, 0xfff3}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_bpf={{0x8}, {0x20, 0x2, [@TCA_BPF_FLAGS_GEN={0x8, 0x9, 0x2}, @TCA_BPF_OPS={{0x6, 0x4, 0x1}, {0xc, 0x5, [{0x6, 0xd, 0x5, 0x4}]}}]}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x48c8}, 0x20004804)

411.564274ms ago: executing program 3 (id=543):
getpid()
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000540)=0xffffffffffffffff, 0x4)
openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r2)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc)=<r4=>0x0)
timer_settime(r4, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
clock_gettime(0x0, &(0x7f0000000280))
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r5, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@newqdisc={0x48, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x2, 0x8}}]}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000005880)=@newtfilter={0x24, 0x28, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {}, {0xfff1, 0x3d}}}, 0x24}}, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'veth1_to_team\x00', <r7=>0x0})
bind$packet(r6, &(0x7f0000000040)={0x11, 0x1c, r7, 0x1, 0x1, 0x6, @broadcast}, 0x14)

355.185065ms ago: executing program 0 (id=544):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000001000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)})
getpgid(0xffffffffffffffff)

354.527215ms ago: executing program 2 (id=545):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000000c0)='./file2\x00', 0x280880f, &(0x7f0000000080), 0x2f, 0x4fd, &(0x7f0000000100)="$eJzs3dFrW18dAPDvvW1+v3XrTKc+zIFzuEk3dGm7uq34MB2IPg3U+T5rm5XStBltuq1luA7/AEFEBUH0RV8E/4CB7E8QYaDvoqKIbvrgw/RKkpu6ZUlbXdor7ecDp/ecw7n5npM0J/fce0kCOLLORcTNiMjSLLsUEeW8Ps1TbLVTs93LF4/mmimJLLv9l5FI8rpms2b+/XzfE/luxyLiK1+M+Hrydty1jc2l2VqtupqXJxrLyass27y8uDy7UF2orkxPT12buT5zdWZyIOMci4gbn//Dd7/10y/c+MWnHvz2zp8ufqM9wLbOOAYtiZG36oYjYnU/ghWkOZ5Snr+6W+Mn+98fAAD6ax7vfzAiPh4Rl6IcQ62jOQAAAOAwyT47Gq+SiAwAAAA4tNKIGI0kreT3+45GmlYq7Xt4PxzH01p9rfHJrLx9vmAsSundxVp1Mr93YCxKSbM8ld9j2ylf6SpPR8SpiPhOeaRVrszVa/OFnvkAAACAo+NE1/r/7+X2+h8AAAA4ZMaK7gAAAACw76z/AQAA4PCz/gcAAIBD7Uu3bjVT1vn96/n7G+tL9fuX56trS5Xl9bnKXH31XmWhXl9ofWff8m6PV6vX7306VtYfTjSqa42JtY3NO8v19ZXGncXWz4EDAAAABTj1sWe/SSJi6zMjaafuvXxbisiG8vzTn/zwdDE9BPZL+t80/v3+9QM4eENFdwAozHDRHQAKUyq6A0Dh3p4H3jwy6Hvzzi93f+zkVZb9j90CAAAGaPwj29f/Wyleu/6fPC60a8A+y6//J0nRHQEOnOv/cHS5/gdHV2mnIwCLAjj00j281d/l+n+bewAAAKBoo62UpJV8HTAaaVqpRJxs/SxAKbm7WKtORsQHIuLX5dL7zfJUa8/E6QEAAAAAAAAAAAAAAAAAAAAAAAAA2KMsSyIDAAAADrWI9I9J6zzAUIyXL4x2nx94L/lHubWNiAc/uP29h7ONxupUs/6v2/WN7+f1V4o4gwEAAAB066zTO+t4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABikly8ezXXSQcb9882IGOsVfziOtbbHohQRx/+WxPBr+yURMTSA+FtPIuJ0r/hJs1sxlveiO34aESMFxz8xgPhwlD1rzj+f6/X+S+Nca9v7/Tecp3fVf/5Lt+e/oT7z38k9xjjz/OcTfeM/iTgz3Hv+6cRP+sQ/v3PYUifzta9ubvZrlP04Yrzn50/yRqyJxvK9ibWNzcuLy7ML1YXqyvT01LWZ6zNXZyYn7i7WqvnfnjG+/dGn/9pp/Mf7xB/bZfwXdh7/tn8+f/jiQ13PSXTKP8qyi+d7v/6nW9ty1h2/89n3ifxzoFke7+S32vnXnf3Zr87uNP75PuPf7fW/uMfxX/ryN3+3x6YAwAFY29hcmq3VqqsyRyYzssfG2eP2/8i7Bx2JAxzgbPyfPM/503eQYx9gpshZCQAA2A//OegvuicAAAAAAAAAAAAAAAAAAABwdO32NWAxgK8T6465VcxQAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB29O8AAAD//7fE3E8=")
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="280000000203010400000000ffffffff000000000800010001"], 0x28}}, 0x0)
sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000020311020000000000000000000000100800010001"], 0x1c}, 0x1, 0x0, 0x0, 0x4001}, 0x0)
r1 = socket(0x10, 0x3, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/cgroups\x00', 0x0, 0x0)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
r5 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000080)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f0000000000)={0x1, [<r6=>0x0]}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r4, 0x84, 0x10, &(0x7f0000000000)=@sack_info={r6, 0x3, 0x5}, &(0x7f0000000140)=0xc)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r3, 0x84, 0x22, &(0x7f0000000600)={0x0, 0x4, 0x6, 0x7fff, r6}, &(0x7f0000000640)=0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000240)={'wg0\x00', <r7=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=@newlink={0x30, 0x10, 0x1, 0x40000, 0x2001, {0x0, 0x0, 0x0, r7, 0x30}, [@IFLA_VFINFO_LIST={0x8, 0x16, 0x0, 0x1, [{0x4}]}, @IFLA_LINKMODE={0x5, 0x11, 0x6e}]}, 0x30}, 0x1, 0x0, 0x0, 0x40091}, 0x4000014)
r8 = io_uring_setup(0x30d8, &(0x7f0000000240)={0x0, 0xf489, 0x400, 0x0, 0x238})
r9 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r9, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
setsockopt$MRT_ADD_VIF(r9, 0x0, 0xca, &(0x7f0000003d80)={0x0, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev}, 0x10)
r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r11)
sendmsg$NLBL_CIPSOV4_C_ADD(r11, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB="08010000", @ANYRES16=r12, @ANYBLOB="0100000000000000000001000000080001000000000014000480050003000000000005000300000000000800020001000000d00008800c0007800800060000000000240007"], 0x108}}, 0x0)
sendmsg$NLBL_CIPSOV4_C_LISTALL(r10, &(0x7f0000000a00)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x4530000}, 0xc, &(0x7f00000009c0)={&(0x7f0000000700)={0x29c, r12, 0x20, 0x70bd2d, 0x25dfdbff, {}, [@NLBL_CIPSOV4_A_MLSCATLST={0x28, 0xc, 0x0, 0x1, [{0x24, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x6a58f237}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x23b0197f}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x7033}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x121e0ca2}]}]}, @NLBL_CIPSOV4_A_MLSLVLLST={0xb8, 0x8, 0x0, 0x1, [{0x1c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x15a9556c}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xc8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x55}]}, {0xc, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x2ecdefe5}]}, {0x14, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x4d9e2145}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x74183ed6}]}, {0x34, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x6f}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xea}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x75}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x1f}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xffff0000}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x12}]}, {0x44, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x54}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x2}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xd3}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x101}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x46e768eb}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x63bec9fa}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x3e710e37}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x882daae}]}]}, @NLBL_CIPSOV4_A_MLSLVLLST={0xdc, 0x8, 0x0, 0x1, [{0x4}, {0x14, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xb8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x4325c61c}]}, {0x14, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x34ef55e0}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x1a}]}, {0xc, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x1e}]}, {0x24, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x52ecca64}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x3cad33f9}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x7d}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x1816d58c}]}, {0x2c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x12650426}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xf0}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x58779790}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x331b630c}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x57}]}, {0x2c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x7c963afa}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xb7}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xcd}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x78bd8fb1}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xd2}]}, {0x24, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x67b4cbe6}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x26}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x28663216}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x47}]}]}, @NLBL_CIPSOV4_A_MLSLVLLST={0x44, 0x8, 0x0, 0x1, [{0x24, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xbe}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x31a173a7}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xc0}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xd7}]}, {0x1c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x31a71511}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x6235bd54}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x153f010a}]}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x2}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x3}, @NLBL_CIPSOV4_A_TAGLST={0x1c, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x2}, {0x5, 0x3, 0x1}, {0x5, 0x3, 0x5}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x2}, @NLBL_CIPSOV4_A_MLSLVLLST={0x4c, 0x8, 0x0, 0x1, [{0x34, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x55a83152}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0xc25e265}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x3e}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xd1}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x529e2a9c}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xfc}]}, {0x14, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x57}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x91}]}]}, @NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x2}]}, 0x29c}, 0x1, 0x0, 0x0, 0x4048084}, 0x8000)
r13 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_mreq(r13, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8)
syz_emit_ethernet(0x2a, &(0x7f0000000080)={@local, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0xf5, 0x0, 0x0, 0x2, 0x0, @rand_addr, @multicast1=0xe0000300}, @address_request}}}}, 0x0)
close_range(r8, 0xffffffffffffffff, 0x0)
socketpair(0x2b, 0x5, 0x81, 0xfffffffffffffffd)

314.443395ms ago: executing program 0 (id=546):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100))
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$kcm(0x29, 0x2, 0x0)
sendmmsg$inet(r1, &(0x7f0000004e80)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000440)="e1", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000008c0)="9b", 0x1}], 0x1}}], 0x2, 0x4000005)
close(r1)
socket(0x400000000010, 0x3, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x8000, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x2, @perf_config_ext={0xf60, 0x40ffffffff}, 0x1100, 0x5, 0x3a65, 0x5, 0x0, 0x5, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x21081e, &(0x7f00000002c0), 0x1, 0x4f2, &(0x7f0000000600)="$eJzs3U1vG1sZAODXzpeTm97kXu4CENBSCgVVdRK3jaouoKwQQpUQXYLUhsSNothxFDulCV2k/wGJSqxgyQ9g3RV7Ngh2bMoCiY8I1FRiYTTjSeomdpOSNI7i55FGM+eMM+85ieec+nXtE0DfuhQRWxExHBEPI2Iiq89lW9xtbcnjXm0/nd/Zfjqfi2bz/j9z6fmkLtp+JvFRds1CRPzoexE/zR2MW9/YXJ6rVMprWXmqUV2dqm9sXl+qzi2WF8srpdLszOz07Ru3SifW14vV4ezoyy//sPWtnyfNGs9q2vtxklpdH9qLE9nv/AcfIlgPDETEYPb8yVzoZXt4P/mI+DQiLqf3/0QMpH9NAOA8azYnojnRXgYAzrt8mgPL5YtZLmA88vlisZXD+yzG8pVavXHtUW19ZaGVK5uMofyjpUp5OssVTsZQLinPpMdvyqV95RsR8UlE/GJkNC0X52uVhV7+wwcA+thH++b//4y05n8A4Jwr9LoBAMCpM/8DQP8x/wNA/zH/A0D/Mf8DQP8x/wNA/zH/A0Bf+eG9e8nW3Mm+/3rh8cb6cu3x9YVyfblYXZ8vztfWVouLtdpi+p091cOuV6nVVmduxvqTyW+v1htT9Y3NB9Xa+krjQfq93g/KQ6fSKwDgXT65+OLPuYjYujOabtG2loO5Gs63fK8bAPTMQK8bAPSM1b6gfx3jNb70AJwTHZbofUshIkb3VzabzeaHaxLwgV39gvw/9Ku2/L//BQx9Rv4f+lfX/P+BF/vAedNs5o665n8c9YEAwNkmxw90ef//02z/2+zNgZ8s7H/E8/0VPlEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/9hd/7eYrdwxHvl8sRhxISImYyj3aKlSno6IjyPiTyNDI0l5psdtBgCOK/+3XLb+19WJK+P7zw7nXo+k+4j42a/u//LJXKOx9sek/l979Y3nWX2pF+0HAA6zO0+n+7YX8q+2n87vbqfZnr9/NyIKrfg728Oxsxd/MAbTfSGGImLs37ms3JJry10cx9aziPh8p/7nYjzNgbRWPt0fP4l94VTj59+Kn0/PtfbJ7+JzJ9AW6DcvkvHnbqf7Lx+X0n3n+7+QjlDHl41/yaXmd9Ix8E383fFvoMv4d+moMW7+/vuto9GD555FfHEwYjf2Ttv4sxs/1yX+lYOX6+gvX/rK5W7nmr+OuBqd47fHmmpUV6fqG5vXl6pzi+XF8kqpNDszO337xq3SVJqjnuo+G/zjzrWPu51L+j/WJX7hkP5//Wjdj9/89+GPv/qO+N/8Wqf4+fjsHfGTOfEbR4w/N/a7QrdzSfyFLv0/7O9/7YjxX/5188Cy4QBA79Q3NpfnKpXymgMHZ/8gecqegWZ0PPjOacUajvf6qWbz/4rVbcQ4iawbcBbs3fQR8brXjQEAAAAAAAAAAAAAADo6jU8s9bqPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnF//CwAA//8wuNJ1")

313.949515ms ago: executing program 1 (id=547):
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_type(r0, &(0x7f00000000c0), 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
r3 = io_uring_setup(0x5b77, &(0x7f00000001c0)={0x0, 0xd634, 0x0, 0x2, 0x140})
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = dup(r5)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="5c0000000206030000000000fffff000000000000900020073797a32000100000500040000000000050005000200000010000300686173683a69702c6d6163000500010007000000140007800800134000000000080012"], 0x5c}}, 0x24000000)
fcntl$notify(r4, 0x402, 0x4)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fcntl$notify(r7, 0x402, 0x4)
close_range(r3, 0xffffffffffffffff, 0x0)
rmdir(&(0x7f0000000700)='./cgroup/../file0\x00')
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$gtp(&(0x7f0000002e40), 0xffffffffffffffff)
sendmsg$GTP_CMD_DELPDP(r8, &(0x7f0000002f40)={0x0, 0x0, &(0x7f0000002f00)={&(0x7f0000000000)={0x14, r9, 0x1, 0x70bd2c, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x4000846}, 0x4001804)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r10}, 0x10)
r11 = socket$caif_seqpacket(0x25, 0x5, 0x0)
dup2(r10, r11)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0x4, 0x6, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)

191.543557ms ago: executing program 1 (id=548):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r0}, &(0x7f0000000380), &(0x7f00000003c0)=r1}, 0x20)
r2 = socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={<r3=>0xffffffffffffffff})
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x14)
sendmsg$nl_route_sched(r2, &(0x7f0000006280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000cc0)=@newtaction={0xbc, 0x30, 0x1, 0x70bd29, 0x0, {0x0, 0x0, 0x6a00}, [{0xa8, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x0, 0x0, 0x6, 0x0, 0x8}, 0x2, r4}}]}, {0x4, 0xa}, {0xc}, {0xc}}}, @m_mpls={0x54, 0x2, 0x0, 0x0, {{0x9}, {0x28, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1c, 0x2, {{0x7a, 0x725, 0x4, 0xf, 0x7ff}, 0x3}}, @TCA_MPLS_BOS={0x5, 0x8, 0x1}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0xbc}}, 0x0)

190.900897ms ago: executing program 0 (id=549):
r0 = socket(0x8000000010, 0x2, 0x0)
write(r0, &(0x7f00000002c0)="fc0000001c000704ab5b2509b868030002ab087a0100000001481093210001c0f0030584050060100000000000039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3ef3d92c94170e5bba2e177312e081bea05d3a021e8ca062914a46ccfc510bb73c9455cdc8363ae4f5df77bc4cfd6239ec2a0f0d1bcae5fa0f5f9dcdd51af51af8502943283f4bb102b2b8f5566791cf190201ded815b2ccd243f395ed94e0ad91bd6433802e0784f2013cd1890058a10000c880ac801fe4af000049f0d4796f0000090548", 0xfb)

181.050038ms ago: executing program 2 (id=550):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000000900010073797a30000000003c000000090a010500000000000000000100fffe08000a40000000000900020073797a32000000000900010073797a3000000000080005400000000f840000000c0a01030000000000000000010000000900020073797a32000000005800038054000080080003400000000248000b80200001800a00010071756f7461000000100002800c0001400000000000000000102301800c000100636f756e76657200140001800a00010072616e6765000000040002800900010073797a30"], 0x108}, 0x1, 0x0, 0x0, 0xc090}, 0x0)

173.054728ms ago: executing program 1 (id=551):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42202)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00'})
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000180)={0x92, @time={0x65757100, 0x1316575}, 0x3, {0x1}})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000006"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
write$sndseq(r0, &(0x7f0000000640)=[{0x0, 0x6, 0x36, 0x0, @tick=0x100, {0x8, 0x81}, {0x9, 0x4}, @result={0x19, 0x7fff}}, {0x3, 0x5, 0x5, 0xd2, @time={0x4, 0x6}, {0x9, 0x9}, {0x6, 0xd}, @result={0x4, 0x2}}, {0x6, 0xa5, 0x4e, 0x81, @tick=0x2beb, {0x9, 0x3}, {0xf, 0x6}, @note={0x9, 0x6}}, {0xe3, 0xfb, 0x86, 0x4a, @time={0x9d, 0x4}, {0x2, 0x2f}, {0xf7, 0x5}, @raw32={[0x1, 0xe, 0x5]}}, {0x4, 0x27, 0xfa, 0xc, @time={0x9, 0x800}, {0x8, 0x8}, {0x1, 0xd}, @raw32={[0x8000, 0x3, 0x40]}}, {0x40, 0xfe, 0xe, 0x81, @tick=0x1, {0xff, 0x8b}, {0xb, 0x5}, @connect={{0x5, 0x79}, {0xff, 0x81}}}, {0x8, 0x6, 0x2, 0xee, @tick=0xfffffffa, {0x0, 0x40}, {0x7, 0x3}, @raw32={[0xa, 0xe55, 0x10]}}], 0xc4)
syz_read_part_table(0x634, &(0x7f0000000000)="$eJzs3DFoXVUYB/D/Td+77yWFpjp2SXUWi51NDUj6qHSqdMtSFTRUHOJUseRFs5ghg4OzSxGytHXR0MFBLeIkTqGDWnEVpKjUIr1y3715fU8QRNOh8PtBuN859/vOd07uzZgbHmkz6SbFKOylk+TES3/L2Mh+Qvp1fpKq2947v7N8+kxVVVVR56ykmyc+P3I9Sact6Y+XqapqfTw4lSsfzt14rxh2d27VTb/cOlRPzzbbOJo8dbjsj5aZWCFVNbWx3kH+Hvhvri7eLIrNsh09+ev9peTaL8vnds9uvX/9hXZ6Pfmqebrv1O/FfvZbuXj8QmcU1k/5zcl1f2subeprU497Np2pPQw31wb167a3P3FssPPpq8/+cfxGqpP5uuzM7N8oynFRmQwP5vzz9du/fWlxdW9weXZ8o/vB419koR3cqaocrVs+ltGfzsIBdAYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4GG4unhz/t3NtcF2sro36LWzy+d2z26VSZ5/ZTSeybUTk1WH2uvFXLhdX9ezlvz4SbqTSUX9023Ku0vN3A8L1dOjoLPfvzfbBJcWV/cG9+aS28/cPzZoqpLPTj5otz5eeTfPtdHdqjEabPzTIdsW1XyT9829yfMXnWRtsD3qf/mnotNPspKPi+F4m/VGXu/l5eZ41d2yrf3zwTEAAAAAAAAAAAAAAAAAAADgf1k+feaNO2280k/y89szdVz1mv9yL+aKqfzvesnsqeRKP8VwKcmtF38vvz2y9X376YBhehkmOfzRxvm2pJxaYPyJgCJV+TBPxr/xVwAAAP//mFl59Q==")
syz_open_procfs(0x0, 0x0)
openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000740), 0x0, 0x0)

157.450898ms ago: executing program 2 (id=552):
r0 = getpid()
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
r3 = ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
r4 = ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
r5 = syz_io_uring_complete(0x0)
sendmsg$DEVLINK_CMD_RELOAD(r1, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000200)={&(0x7f0000000080)={0x150, r2, 0x400, 0x70bd26, 0x25dfdbfc, {}, [{@pci={{0x8}, {0x11}}, @DEVLINK_ATTR_NETNS_FD={0x8, 0x8a, r3}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_FD={0x8, 0x8a, r4}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_FD={0x8, 0x8a, r5}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r0}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r0}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, 0xffffffffffffffff}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r0}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r0}}]}, 0x150}}, 0x64001)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r6, <r7=>0xffffffffffffffff}, 0x4)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0x10, &(0x7f0000000a40)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r7, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kmem_cache_free\x00', r8}, 0x10)
renameat2(0xffffffffffffffff, &(0x7f0000000380)='./file0\x00', 0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x5}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x9)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
connect$unix(r9, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r10, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r9, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r11 = syz_pidfd_open(r0, 0x0)
setns(r11, 0x24020000)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r12 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r13 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r12}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000180)='kfree\x00', r13}, 0x10)
unshare(0x24040000)
r14 = syz_io_uring_setup(0x234, &(0x7f0000000580)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=<r15=>0x0, &(0x7f0000000100)=<r16=>0x0)
syz_io_uring_submit(r15, r16, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xffffffffffffff31})
io_uring_enter(r14, 0x207a98, 0x0, 0x0, 0x0, 0x0)
syz_clone3(&(0x7f00000008c0)={0x15340180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f00000002c0)}, 0x58)

151.948098ms ago: executing program 0 (id=553):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000fb7030000000007008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xe)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
gettid()
socketpair$tipc(0x1e, 0x4, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
recvmsg(0xffffffffffffffff, &(0x7f0000000b00)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[], 0x48)
openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000e40)='tasks\x00', 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_clone(0x41200100, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
r2 = socket(0x25, 0x6, 0x3)
r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r3, &(0x7f0000000080)={0x0, 0xff, 0x3, 0x1}, 0x8)
setsockopt$IP_VS_SO_SET_TIMEOUT(r2, 0x0, 0x48a, &(0x7f0000000040)={0x642, 0x800}, 0xc)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f0000000600)=@filter={'filter\x00', 0xc, 0x4, 0x268, 0xffffffff, 0x130, 0x98, 0x98, 0x98, 0xffffffff, 0x1d0, 0x98, 0x1d0, 0x98, 0x4, 0x0, {[{{@uncond, 0x0, 0x70, 0x98}, @REJECT={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xffffffffffffffff}}, {{@ip={@local, @broadcast, 0x0, 0x0, 'ip6tnl0\x00', 'hsr0\x00'}, 0x0, 0x70, 0xa0}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2c8)
unshare(0x2c060000)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a9c000000060a0b040000000000000000020000057000048018000180080001006f7366000c000280080001400000000424000180090001006d6574610000000014000280080002400000000c080003400000001730000180080001006e6174002400028008000740000000000800014000000000080003400000001408000240000000020900010073797a30000000000900020073797a32"], 0xc4}, 0x1, 0x0, 0x0, 0x850}, 0x0)

0s ago: executing program 0 (id=554):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x400000, @void, @value}, 0x94)
r0 = open(&(0x7f0000000000)='./file0\x00', 0xc0000, 0xc)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'sit0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r2, {0x0, 0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0x10, 0x1}}]}}, @TCA_RATE={0x6}]}, 0x4c}, 0x1, 0x0, 0x0, 0x48801}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f00000002c0)={'ip6_vti0\x00', &(0x7f0000000100)={'syztnl1\x00', 0x0, 0x29, 0x0, 0x4, 0x1269830d, 0x2, @mcast2, @dev={0xfe, 0x80, '\x00', 0x2e}, 0x80, 0x8000, 0x40, 0x3}})
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000440)={'wg0\x00'})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000480)={0x0, @private, @loopback}, &(0x7f00000004c0)=0xc)
getsockopt$PNPIPE_IFINDEX(r0, 0x113, 0x2, &(0x7f0000000500), &(0x7f0000000540)=0x4)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000580)={r0, 0x58, &(0x7f0000000680)}, 0x10)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000780)={'syztnl2\x00', &(0x7f0000000700)={'syztnl0\x00', 0x0, 0x29, 0x7, 0x9, 0x9, 0x7, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @loopback, 0x7800, 0x7f01, 0xa, 0xe}})
getpeername$packet(r0, &(0x7f00000007c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000800)=0x14)
r3 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000080)={'vxcan1\x00', <r4=>0x0})
sendmsg$can_raw(r3, &(0x7f0000000000)={&(0x7f00000000c0)={0x1d, r4}, 0x10, &(0x7f0000000140)={&(0x7f0000000180)=@can={{0x0, 0x0, 0x1}, 0x0, 0x0, 0x4, 0x0, "9000"}, 0x10}, 0x2}, 0x810)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = dup(r5)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r6, 0x8933, &(0x7f0000000180)={'wg0\x00', <r9=>0x0})
sendmsg$ETHTOOL_MSG_WOL_GET(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)={0x20, r8, 0x1, 0x0, 0x25dfdbfd, {0x1b}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}]}]}, 0x20}}, 0x20048000)

kernel console output (not intermixed with test programs):

1] bridge0: port 2(bridge_slave_1) entered blocking state
[   29.739429][   T51] bridge0: port 2(bridge_slave_1) entered forwarding state
[   29.759686][ T3306] 8021q: adding VLAN 0 to HW filter on device team0
[   29.782385][   T53] bridge0: port 1(bridge_slave_0) entered blocking state
[   29.789500][   T53] bridge0: port 1(bridge_slave_0) entered forwarding state
[   29.798343][   T53] bridge0: port 2(bridge_slave_1) entered blocking state
[   29.805477][   T53] bridge0: port 2(bridge_slave_1) entered forwarding state
[   29.819763][ T3304] 8021q: adding VLAN 0 to HW filter on device batadv0
[   29.838396][ T3303] 8021q: adding VLAN 0 to HW filter on device bond0
[   29.877789][ T3306] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   29.888233][ T3306] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   29.917694][ T3303] 8021q: adding VLAN 0 to HW filter on device team0
[   29.937818][ T3302] 8021q: adding VLAN 0 to HW filter on device bond0
[   29.955874][   T53] bridge0: port 1(bridge_slave_0) entered blocking state
[   29.963008][   T53] bridge0: port 1(bridge_slave_0) entered forwarding state
[   29.978568][ T3302] 8021q: adding VLAN 0 to HW filter on device team0
[   29.993540][   T53] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.000699][   T53] bridge0: port 2(bridge_slave_1) entered forwarding state
[   30.023480][ T2897] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.030687][ T2897] bridge0: port 1(bridge_slave_0) entered forwarding state
[   30.039677][ T2897] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.046824][ T2897] bridge0: port 2(bridge_slave_1) entered forwarding state
[   30.069111][ T3304] veth0_vlan: entered promiscuous mode
[   30.088281][ T3304] veth1_vlan: entered promiscuous mode
[   30.099047][ T3306] 8021q: adding VLAN 0 to HW filter on device batadv0
[   30.116813][ T3305] 8021q: adding VLAN 0 to HW filter on device batadv0
[   30.170464][ T3303] 8021q: adding VLAN 0 to HW filter on device batadv0
[   30.184865][ T3304] veth0_macvtap: entered promiscuous mode
[   30.195929][ T3304] veth1_macvtap: entered promiscuous mode
[   30.219470][ T3302] 8021q: adding VLAN 0 to HW filter on device batadv0
[   30.231282][ T3304] batman_adv: batadv0: Interface activated: batadv_slave_0
[   30.259841][ T3304] batman_adv: batadv0: Interface activated: batadv_slave_1
[   30.296920][ T3306] veth0_vlan: entered promiscuous mode
[   30.303770][ T3304] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   30.312503][ T3304] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   30.321248][ T3304] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   30.329988][ T3304] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   30.360765][ T3306] veth1_vlan: entered promiscuous mode
[   30.375594][ T3305] veth0_vlan: entered promiscuous mode
[   30.384854][ T3305] veth1_vlan: entered promiscuous mode
[   30.401204][ T3303] veth0_vlan: entered promiscuous mode
[   30.428438][ T3306] veth0_macvtap: entered promiscuous mode
[   30.447340][ T3304] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   30.468381][ T3305] veth0_macvtap: entered promiscuous mode
[   30.476247][ T3303] veth1_vlan: entered promiscuous mode
[   30.483594][ T3306] veth1_macvtap: entered promiscuous mode
[   30.498718][ T3305] veth1_macvtap: entered promiscuous mode
[   30.537826][ T3305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   30.548388][ T3305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.561637][ T3305] batman_adv: batadv0: Interface activated: batadv_slave_0
[   30.569371][ T3303] veth0_macvtap: entered promiscuous mode
[   30.578456][ T3303] veth1_macvtap: entered promiscuous mode
[   30.599817][ T3305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   30.610439][ T3305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.622992][ T3305] batman_adv: batadv0: Interface activated: batadv_slave_1
[   30.635892][ T3306] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   30.646413][ T3306] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.656389][ T3306] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   30.666884][ T3306] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.691948][ T3306] batman_adv: batadv0: Interface activated: batadv_slave_0
[   30.704723][ T3306] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   30.715303][ T3306] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.725193][ T3306] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   30.735769][ T3306] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.747685][ T3306] batman_adv: batadv0: Interface activated: batadv_slave_1
[   30.756290][ T3306] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   30.765156][ T3306] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   30.774002][ T3306] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   30.782766][ T3306] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   30.806388][ T3303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   30.816900][ T3303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.826766][ T3303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   30.831444][ T3437] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3'.
[   30.837225][ T3303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.855808][ T3303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   30.866394][ T3303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.877038][ T3303] batman_adv: batadv0: Interface activated: batadv_slave_0
[   30.887329][ T3305] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   30.896266][ T3305] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   30.905040][ T3305] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   30.913795][ T3305] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   30.929402][ T3303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   30.939901][ T3303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.949745][ T3303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   30.960196][ T3303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.970125][ T3303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   30.980594][ T3303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.991472][ T3303] batman_adv: batadv0: Interface activated: batadv_slave_1
[   30.994084][   T29] kauditd_printk_skb: 32 callbacks suppressed
[   30.994100][   T29] audit: type=1400 audit(1744323956.645:124): avc:  denied  { create } for  pid=3436 comm="syz.2.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   31.024268][   T29] audit: type=1400 audit(1744323956.655:125): avc:  denied  { ioctl } for  pid=3436 comm="syz.2.3" path="socket:[3748]" dev="sockfs" ino=3748 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   31.048629][   T29] audit: type=1400 audit(1744323956.655:126): avc:  denied  { bind } for  pid=3436 comm="syz.2.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   31.071888][ T3302] veth0_vlan: entered promiscuous mode
[   31.079975][ T3302] veth1_vlan: entered promiscuous mode
[   31.089910][ T3303] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   31.098694][ T3303] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   31.107441][ T3303] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   31.116192][ T3303] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   31.153547][ T3302] veth0_macvtap: entered promiscuous mode
[   31.160885][ T3302] veth1_macvtap: entered promiscuous mode
[   31.199793][ T3302] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   31.210315][ T3302] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   31.220200][ T3302] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   31.220510][ T3448] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[   31.230702][ T3302] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   31.248217][ T3302] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   31.258675][ T3302] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   31.268522][   T29] audit: type=1400 audit(1744323956.915:127): avc:  denied  { write } for  pid=3445 comm="syz.1.2" name="001" dev="devtmpfs" ino=171 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   31.268544][ T3302] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   31.268563][ T3302] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   31.291043][   T29] audit: type=1400 audit(1744323956.935:128): avc:  denied  { prog_load } for  pid=3447 comm="syz.0.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   31.306043][ T3302] batman_adv: batadv0: Interface activated: batadv_slave_0
[   31.311392][   T29] audit: type=1400 audit(1744323956.935:129): avc:  denied  { bpf } for  pid=3447 comm="syz.0.1" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   31.332064][ T3302] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   31.337512][   T29] audit: type=1400 audit(1744323956.935:130): avc:  denied  { perfmon } for  pid=3447 comm="syz.0.1" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   31.357713][ T3302] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   31.368098][   T29] audit: type=1400 audit(1744323956.935:131): avc:  denied  { append } for  pid=3447 comm="syz.0.1" name="001" dev="devtmpfs" ino=165 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   31.388709][ T3302] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   31.398489][   T29] audit: type=1400 audit(1744323956.965:132): avc:  denied  { prog_run } for  pid=3445 comm="syz.1.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   31.450245][ T3302] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   31.456745][ T3446] hub 9-0:1.0: USB hub found
[   31.460123][ T3302] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   31.474727][ T3446] hub 9-0:1.0: 8 ports detected
[   31.475118][ T3302] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   31.475131][ T3302] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   31.475145][ T3302] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   31.514048][ T3302] batman_adv: batadv0: Interface activated: batadv_slave_1
[   31.550467][ T3451] veth1_virt_wifi: default FDB implementation only supports local addresses
[   31.562110][   T29] audit: type=1400 audit(1744323957.255:133): avc:  denied  { create } for  pid=3450 comm="syz.2.6" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   31.585868][ T3451] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   31.608267][    C1] hrtimer: interrupt took 41966 ns
[   31.616024][ T3453] loop3: detected capacity change from 0 to 1024
[   31.643308][ T3453] EXT4-fs: Ignoring removed orlov option
[   31.645377][ T3302] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   31.649080][ T3453] EXT4-fs: Ignoring removed nomblk_io_submit option
[   31.657788][ T3302] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   31.673272][ T3302] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   31.682008][ T3302] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   31.776136][ T3466] loop1: detected capacity change from 0 to 256
[   31.778312][ T3453] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   31.798345][ T3455] loop0: detected capacity change from 0 to 1024
[   31.825069][ T3455] =======================================================
[   31.825069][ T3455] WARNING: The mand mount option has been deprecated and
[   31.825069][ T3455]          and is ignored by this kernel. Remove the mand
[   31.825069][ T3455]          option from the mount to silence this warning.
[   31.825069][ T3455] =======================================================
[   31.885726][ T3466] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[   31.894017][ T3466] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[   31.937825][ T3453] process 'syz.3.4' launched './file0/file0' with NULL argv: empty string added
[   31.991038][ T3455] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   32.017654][ T3455] ext4 filesystem being mounted at /1/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   32.066858][ T3455] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.7: bg 0: block 393: padding at end of block bitmap is not set
[   32.090712][ T3455] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 48 with error 117
[   32.104101][ T3455] EXT4-fs (loop0): This should not happen!! Data will be lost
[   32.104101][ T3455] 
[   32.210756][ T3483] xt_hashlimit: max too large, truncated to 1048576
[   32.336790][ T3455] syz.0.7 (3455) used greatest stack depth: 9264 bytes left
[   32.352131][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   32.455415][ T3489] hub 9-0:1.0: USB hub found
[   32.460601][ T3489] hub 9-0:1.0: 8 ports detected
[   32.673241][ T3494] hub 9-0:1.0: USB hub found
[   32.679019][ T3494] hub 9-0:1.0: 8 ports detected
[   32.686357][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   32.793489][ T3505] FAULT_INJECTION: forcing a failure.
[   32.793489][ T3505] name failslab, interval 1, probability 0, space 0, times 0
[   32.806293][ T3505] CPU: 1 UID: 0 PID: 3505 Comm: syz.1.20 Not tainted 6.15.0-rc1-syzkaller-00095-g2eb959eeecc6 #0 PREEMPT(voluntary) 
[   32.806368][ T3505] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   32.806385][ T3505] Call Trace:
[   32.806392][ T3505]  <TASK>
[   32.806399][ T3505]  dump_stack_lvl+0xf6/0x150
[   32.806426][ T3505]  dump_stack+0x15/0x1a
[   32.806466][ T3505]  should_fail_ex+0x261/0x270
[   32.806497][ T3505]  should_failslab+0x8f/0xb0
[   32.806532][ T3505]  __kmalloc_node_noprof+0xaf/0x420
[   32.806618][ T3505]  ? alloc_slab_obj_exts+0x32/0x80
[   32.806660][ T3505]  alloc_slab_obj_exts+0x32/0x80
[   32.806681][ T3505]  __memcg_slab_post_alloc_hook+0x271/0x5a0
[   32.806770][ T3505]  __kvmalloc_node_noprof+0x39b/0x520
[   32.806798][ T3505]  ? traverse+0x9f/0x3c0
[   32.806877][ T3505]  traverse+0x9f/0x3c0
[   32.806902][ T3505]  ? terminate_walk+0x271/0x290
[   32.806926][ T3505]  seq_read_iter+0x89f/0x970
[   32.806959][ T3505]  seq_read+0x1fa/0x240
[   32.806988][ T3505]  ? __pfx_seq_read+0x10/0x10
[   32.807051][ T3505]  proc_reg_read+0x13f/0x1d0
[   32.807155][ T3505]  vfs_readv+0x3e5/0x660
[   32.807196][ T3505]  ? __pfx_proc_reg_read+0x10/0x10
[   32.807232][ T3505]  __x64_sys_preadv+0xf9/0x1c0
[   32.807316][ T3505]  x64_sys_call+0x1410/0x2e10
[   32.807341][ T3505]  do_syscall_64+0xc9/0x1c0
[   32.807376][ T3505]  ? clear_bhb_loop+0x25/0x80
[   32.807400][ T3505]  ? clear_bhb_loop+0x25/0x80
[   32.807422][ T3505]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   32.807488][ T3505] RIP: 0033:0x7f564a28d169
[   32.807506][ T3505] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   32.807527][ T3505] RSP: 002b:00007f56488ef038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[   32.807546][ T3505] RAX: ffffffffffffffda RBX: 00007f564a4a5fa0 RCX: 00007f564a28d169
[   32.807557][ T3505] RDX: 0000000000000001 RSI: 0000200000000100 RDI: 0000000000000003
[   32.807568][ T3505] RBP: 00007f56488ef090 R08: 0000000000000000 R09: 0000000000000000
[   32.807579][ T3505] R10: 0000000000000092 R11: 0000000000000246 R12: 0000000000000001
[   32.807640][ T3505] R13: 0000000000000000 R14: 00007f564a4a5fa0 R15: 00007fff252ef078
[   32.807661][ T3505]  </TASK>
[   33.121699][ T3513] @: renamed from vlan0 (while UP)
[   33.138946][ T3515] loop4: detected capacity change from 0 to 512
[   33.150053][ T3388] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   33.157590][ T3388] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   33.165073][ T3388] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   33.173317][ T3388] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   33.180758][ T3388] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   33.188287][ T3388] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   33.195827][ T3388] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   33.203258][ T3388] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   33.210887][ T3388] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   33.218409][ T3388] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   33.226020][ T3388] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   33.231001][ T3515] EXT4-fs (loop4): corrupt root inode, run e2fsck
[   33.233463][ T3388] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   33.247429][ T3388] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   33.258465][ T3515] EXT4-fs (loop4): mount failed
[   33.267508][ T3388] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   33.274991][ T3388] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   33.282387][ T3388] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   33.289788][ T3388] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   33.297357][ T3388] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   33.304923][ T3388] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   33.312335][ T3388] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   33.319781][ T3388] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   33.327200][ T3388] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   33.334651][ T3388] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   33.342046][ T3388] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   33.349491][ T3388] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   33.356977][ T3388] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   33.364540][ T3388] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   33.372630][ T3388] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[   33.399670][ T3515] kernel profiling enabled (shift: 63)
[   33.405284][ T3515] profiling shift: 63 too large
[   33.424719][ T3515] sit0: entered promiscuous mode
[   33.432606][ T3515] netlink: 'syz.4.25': attribute type 3 has an invalid length.
[   33.440277][ T3515] netlink: 1 bytes leftover after parsing attributes in process `syz.4.25'.
[   33.539800][ T3546] loop2: detected capacity change from 0 to 1024
[   33.547076][ T3546] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   33.555849][ T3546] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   33.566821][ T3546] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce028, mo2=0000]
[   33.576306][ T3546] EXT4-fs error (device loop2): ext4_map_blocks:674: inode #3: block 2: comm syz.2.33: lblock 2 mapped to illegal pblock 2 (length 1)
[   33.590437][ T3546] EXT4-fs (loop2): Remounting filesystem read-only
[   33.597158][ T3546] EXT4-fs (loop2): 1 orphan inode deleted
[   33.604169][ T3546] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   33.619176][ T3546] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   33.650731][ T3535] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   33.661069][ T3535] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   33.695026][ T3555] netlink: 8 bytes leftover after parsing attributes in process `syz.1.32'.
[   33.975542][ T3570] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[   34.397263][ T3578] loop3: detected capacity change from 0 to 512
[   34.430837][ T3580] loop0: detected capacity change from 0 to 512
[   34.479858][ T3580] EXT4-fs (loop0): ea_inode feature is not supported for Hurd
[   34.500819][ T3578] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   34.503815][ T3580] netlink: 12 bytes leftover after parsing attributes in process `syz.0.41'.
[   34.541245][ T3578] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   34.561771][ T3580] syz_tun: entered allmulticast mode
[   34.568829][ T3578] ext4 filesystem being mounted at /5/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   34.581333][ T3579] syz_tun: left allmulticast mode
[   34.761289][ T3597] loop1: detected capacity change from 0 to 512
[   34.771858][ T3599] loop0: detected capacity change from 0 to 512
[   34.798243][ T3601] loop2: detected capacity change from 0 to 1024
[   34.806296][ T3599] EXT4-fs (loop0): orphan cleanup on readonly fs
[   34.814271][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   34.826551][ T3597] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   34.830369][ T3601] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   34.840190][ T3597] ext4 filesystem being mounted at /11/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   34.853376][ T3599] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.48: bg 0: block 248: padding at end of block bitmap is not set
[   34.876466][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   34.893814][ T3601] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   34.904641][ T3599] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.48: Failed to acquire dquot type 1
[   34.917157][ T3599] EXT4-fs (loop0): 1 truncate cleaned up
[   34.924023][ T3599] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   34.937664][ T3601] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce028, mo2=0000]
[   34.947375][ T3601] EXT4-fs error (device loop2): ext4_map_blocks:674: inode #3: block 2: comm syz.2.50: lblock 2 mapped to illegal pblock 2 (length 1)
[   34.964671][ T3601] EXT4-fs (loop2): Remounting filesystem read-only
[   34.986088][ T3601] EXT4-fs (loop2): 1 orphan inode deleted
[   34.992152][ T3601] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   35.021034][ T3599] syz.0.48 (3599) used greatest stack depth: 9216 bytes left
[   35.028535][ T3611] mmap: syz.3.53 (3611) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   35.029651][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.050082][ T3601] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.097972][ T3615] loop1: detected capacity change from 0 to 512
[   35.124306][ T3619] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[   35.153346][ T3615] EXT4-fs (loop1): orphan cleanup on readonly fs
[   35.156197][ T3622] 9pnet_fd: Insufficient options for proto=fd
[   35.174825][ T3615] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.55: bg 0: block 248: padding at end of block bitmap is not set
[   35.197484][ T3615] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.55: Failed to acquire dquot type 1
[   35.213826][ T3615] EXT4-fs (loop1): 1 truncate cleaned up
[   35.229210][ T3615] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   35.260867][ T3632] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   35.277286][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.425099][ T3646] loop1: detected capacity change from 0 to 512
[   35.435886][ T3646] EXT4-fs (loop1): ea_inode feature is not supported for Hurd
[   35.450708][ T3646] netlink: 12 bytes leftover after parsing attributes in process `syz.1.69'.
[   35.470875][ T3646] A link change request failed with some changes committed already. Interface wg0 may have been left with an inconsistent configuration, please check.
[   35.493040][ T3646] syz_tun: entered allmulticast mode
[   35.500592][ T3654] loop4: detected capacity change from 0 to 512
[   35.508192][ T3646] netlink: 156 bytes leftover after parsing attributes in process `syz.1.69'.
[   35.519755][ T3646] syz_tun: left allmulticast mode
[   35.534939][ T3654] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   35.547922][ T3654] ext4 filesystem being mounted at /8/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   35.570068][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.625357][ T3652] FAULT_INJECTION: forcing a failure.
[   35.625357][ T3652] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   35.638542][ T3652] CPU: 1 UID: 0 PID: 3652 Comm: syz.2.70 Not tainted 6.15.0-rc1-syzkaller-00095-g2eb959eeecc6 #0 PREEMPT(voluntary) 
[   35.638632][ T3652] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   35.638647][ T3652] Call Trace:
[   35.638654][ T3652]  <TASK>
[   35.638662][ T3652]  dump_stack_lvl+0xf6/0x150
[   35.638687][ T3652]  dump_stack+0x15/0x1a
[   35.638703][ T3652]  should_fail_ex+0x261/0x270
[   35.638730][ T3652]  should_fail+0xb/0x10
[   35.638755][ T3652]  should_fail_usercopy+0x1a/0x20
[   35.638868][ T3652]  fpu__restore_sig+0x124/0xaa0
[   35.638978][ T3652]  restore_sigcontext+0x1ba/0x230
[   35.639014][ T3652]  __do_sys_rt_sigreturn+0x112/0x180
[   35.639059][ T3652]  x64_sys_call+0x2b49/0x2e10
[   35.639085][ T3652]  do_syscall_64+0xc9/0x1c0
[   35.639197][ T3652]  ? clear_bhb_loop+0x25/0x80
[   35.639222][ T3652]  ? clear_bhb_loop+0x25/0x80
[   35.639248][ T3652]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   35.639270][ T3652] RIP: 0033:0x7f6829c1d169
[   35.639320][ T3652] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   35.639403][ T3652] RSP: 002b:00007f6828287038 EFLAGS: 00000246
[   35.639485][ T3652] RAX: 0000000000000000 RBX: 00007f6829e35fa0 RCX: 00007f6829c1d169
[   35.639499][ T3652] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   35.639514][ T3652] RBP: 00007f6828287090 R08: 0000000000000000 R09: 0000000000000000
[   35.639528][ T3652] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000001
[   35.639542][ T3652] R13: 0000000000000000 R14: 00007f6829e35fa0 R15: 00007ffd12dce9e8
[   35.639617][ T3652]  </TASK>
[   35.903858][ T3377] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   35.911451][ T3377] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   35.919022][ T3377] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   35.926554][ T3377] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   35.934119][ T3377] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   35.941517][ T3377] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   35.948935][ T3377] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   35.956374][ T3377] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   35.963800][ T3377] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   35.971192][ T3377] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   35.978676][ T3377] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   35.986241][ T3377] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   35.993651][ T3377] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   36.001082][ T3377] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   36.008538][ T3377] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   36.016008][ T3377] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   36.023436][ T3377] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   36.030882][ T3377] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   36.038321][ T3377] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   36.045740][ T3377] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   36.053148][ T3377] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   36.060542][ T3377] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   36.067957][ T3377] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   36.075368][ T3377] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   36.082784][ T3377] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   36.090178][ T3377] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   36.097734][ T3377] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   36.106238][ T3377] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[   36.156145][ T3679] loop2: detected capacity change from 0 to 512
[   36.163346][ T3679] EXT4-fs (loop2): ea_inode feature is not supported for Hurd
[   36.177827][ T3679] netlink: 12 bytes leftover after parsing attributes in process `syz.2.82'.
[   36.192306][ T3679] A link change request failed with some changes committed already. Interface wg0 may have been left with an inconsistent configuration, please check.
[   36.211645][ T3679] syz_tun: entered allmulticast mode
[   36.223018][ T3679] netlink: 156 bytes leftover after parsing attributes in process `syz.2.82'.
[   36.234994][   T29] kauditd_printk_skb: 197 callbacks suppressed
[   36.235008][   T29] audit: type=1400 audit(1744323961.955:323): avc:  denied  { ioctl } for  pid=3680 comm="syz.3.83" path="socket:[5225]" dev="sockfs" ino=5225 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   36.266019][ T3681] netlink: 4 bytes leftover after parsing attributes in process `syz.3.83'.
[   36.271044][ T3679] syz_tun: left allmulticast mode
[   36.304647][ T3683] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[   36.325389][   T29] audit: type=1326 audit(1744323962.045:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3684 comm="syz.2.85" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6829c1d169 code=0x7ffc0000
[   36.348690][   T29] audit: type=1326 audit(1744323962.045:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3684 comm="syz.2.85" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6829c1d169 code=0x7ffc0000
[   36.375361][   T29] audit: type=1326 audit(1744323962.055:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3684 comm="syz.2.85" exe="/root/syz-executor" sig=0 arch=c000003e syscall=121 compat=0 ip=0x7f6829c1d169 code=0x7ffc0000
[   36.398644][   T29] audit: type=1326 audit(1744323962.055:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3684 comm="syz.2.85" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6829c1d169 code=0x7ffc0000
[   36.421929][   T29] audit: type=1326 audit(1744323962.055:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3684 comm="syz.2.85" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6829c1d169 code=0x7ffc0000
[   36.426920][ T3689] loop0: detected capacity change from 0 to 512
[   36.470791][ T3687] netlink: 8 bytes leftover after parsing attributes in process `syz.2.86'.
[   36.483512][   T29] audit: type=1326 audit(1744323962.205:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3692 comm="syz.3.89" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cb6d6d169 code=0x7ffc0000
[   36.506913][   T29] audit: type=1326 audit(1744323962.205:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3692 comm="syz.3.89" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cb6d6d169 code=0x7ffc0000
[   36.540311][ T3689] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   36.633524][ T3703] loop1: detected capacity change from 0 to 512
[   36.643177][ T3705] syz_tun: refused to change device tx_queue_len
[   36.672132][ T3703] EXT4-fs (loop1): orphan cleanup on readonly fs
[   36.679074][ T3689] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   36.681513][ T3709] netlink: 'syz.3.96': attribute type 10 has an invalid length.
[   36.699408][ T3709] netlink: 40 bytes leftover after parsing attributes in process `syz.3.96'.
[   36.703402][ T3703] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.94: bg 0: block 248: padding at end of block bitmap is not set
[   36.722090][   T29] audit: type=1400 audit(1744323962.275:331): avc:  denied  { append } for  pid=2986 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=6 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   36.723230][ T3709] bridge0: port 3(dummy0) entered blocking state
[   36.745155][   T29] audit: type=1326 audit(1744323962.285:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3692 comm="syz.3.89" exe="/root/syz-executor" sig=0 arch=c000003e syscall=121 compat=0 ip=0x7f4cb6d6d169 code=0x7ffc0000
[   36.751604][ T3709] bridge0: port 3(dummy0) entered disabled state
[   36.783254][ T3689] ext4 filesystem being mounted at /17/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   36.801470][ T3703] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.94: Failed to acquire dquot type 1
[   36.815645][ T3703] EXT4-fs (loop1): 1 truncate cleaned up
[   36.825192][ T3703] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   36.850361][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.907428][ T3716] loop3: detected capacity change from 0 to 2048
[   36.916541][ T3709] dummy0: entered allmulticast mode
[   36.933472][ T3709] dummy0: entered promiscuous mode
[   36.939139][ T3709] bridge0: port 3(dummy0) entered blocking state
[   36.945689][ T3709] bridge0: port 3(dummy0) entered forwarding state
[   36.984790][ T3697] netlink: 12 bytes leftover after parsing attributes in process `syz.4.90'.
[   37.023848][ T3716] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   37.102110][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   37.106120][ T3730] loop1: detected capacity change from 0 to 512
[   37.118489][ T3726] netlink: 'syz.2.100': attribute type 12 has an invalid length.
[   37.131107][ T3730] EXT4-fs (loop1): ea_inode feature is not supported for Hurd
[   37.139880][ T3709] EXT4-fs (loop3): stripe (248) is not aligned with cluster size (16), stripe is disabled
[   37.154197][ T3709] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[   37.170033][ T3730] netlink: 12 bytes leftover after parsing attributes in process `syz.1.103'.
[   37.192155][ T3730] syz_tun: entered allmulticast mode
[   37.204382][ T3730] netlink: 156 bytes leftover after parsing attributes in process `syz.1.103'.
[   37.221115][ T3730] syz_tun: left allmulticast mode
[   37.237650][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   37.289567][ T1039] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   37.297497][ T1039] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   37.304983][ T1039] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   37.322818][ T1039] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   37.330366][ T1039] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   37.337837][ T1039] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   37.345344][ T1039] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   37.352848][ T1039] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   37.360259][ T1039] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   37.367845][ T1039] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   37.375290][ T1039] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   37.382745][ T1039] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   37.390301][ T1039] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   37.401579][ T1039] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   37.409104][ T1039] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   37.416650][ T1039] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   37.424147][ T1039] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   37.431955][ T1039] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   37.439440][ T1039] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   37.447030][ T1039] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   37.454469][ T1039] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   37.454573][ T1039] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   37.454596][ T1039] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   37.454616][ T1039] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   37.454637][ T1039] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   37.454659][ T1039] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   37.454685][ T1039] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   37.465638][ T1039] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[   37.577609][ T3757] hub 9-0:1.0: USB hub found
[   37.577732][ T3757] hub 9-0:1.0: 8 ports detected
[   37.585105][ T3751] hub 2-0:1.0: USB hub found
[   37.585262][ T3751] hub 2-0:1.0: 8 ports detected
[   37.703517][ T3753] netlink: 12 bytes leftover after parsing attributes in process `syz.4.112'.
[   37.750204][ T3764] netlink: 'syz.1.116': attribute type 12 has an invalid length.
[   37.882100][ T3774] pim6reg: entered allmulticast mode
[   37.891399][ T3774] loop3: detected capacity change from 0 to 256
[   37.967172][ T3784] loop4: detected capacity change from 0 to 512
[   37.974058][ T3784] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   37.991972][ T3773] pim6reg: left allmulticast mode
[   38.025179][ T3784] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   38.038175][ T3784] ext4 filesystem being mounted at /21/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   38.691416][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.736682][ T3802] netlink: 12 bytes leftover after parsing attributes in process `syz.3.131'.
[   38.756665][ T3809] loop0: detected capacity change from 0 to 512
[   38.763686][ T3809] EXT4-fs (loop0): ea_inode feature is not supported for Hurd
[   38.780814][ T3809] syz_tun: entered allmulticast mode
[   38.830599][ T3809] syz_tun: left allmulticast mode
[   38.881154][ T3815] loop3: detected capacity change from 0 to 136
[   39.001388][ T3824] loop3: detected capacity change from 0 to 512
[   39.010208][ T3824] EXT4-fs (loop3): orphan cleanup on readonly fs
[   39.017809][ T3824] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.141: bg 0: block 248: padding at end of block bitmap is not set
[   39.033464][ T3824] EXT4-fs error (device loop3): ext4_acquire_dquot:6935: comm syz.3.141: Failed to acquire dquot type 1
[   39.046524][ T3824] EXT4-fs (loop3): 1 truncate cleaned up
[   39.081662][ T3824] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   39.119892][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.250601][ T3837] loop0: detected capacity change from 0 to 512
[   39.321371][ T3835] batadv1: entered allmulticast mode
[   39.333579][ T3837] EXT4-fs (loop0): orphan cleanup on readonly fs
[   39.349600][ T3837] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.146: bg 0: block 248: padding at end of block bitmap is not set
[   39.364175][ T3837] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.146: Failed to acquire dquot type 1
[   39.376563][ T3837] EXT4-fs (loop0): 1 truncate cleaned up
[   39.383143][ T3837] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   39.423756][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.848352][ T3852] hub 9-0:1.0: USB hub found
[   39.864426][ T3854] loop1: detected capacity change from 0 to 512
[   39.872631][ T3852] hub 9-0:1.0: 8 ports detected
[   39.898016][ T3854] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   39.925216][ T3854] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   39.951399][ T3863] loop0: detected capacity change from 0 to 512
[   39.961212][ T3863] EXT4-fs (loop0): ea_inode feature is not supported for Hurd
[   39.962778][ T3854] ext4 filesystem being mounted at /27/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   39.991039][ T3863] syz_tun: entered allmulticast mode
[   40.011123][ T3863] syz_tun: left allmulticast mode
[   40.056880][ T3867] hub 9-0:1.0: USB hub found
[   40.061680][ T3867] hub 9-0:1.0: 8 ports detected
[   40.080737][ T3869] loop0: detected capacity change from 0 to 2048
[   40.140106][ T3869] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   40.162545][ T3872] loop4: detected capacity change from 0 to 1024
[   40.173982][ T3872] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   40.197308][ T3872] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   40.210273][ T3875] loop3: detected capacity change from 0 to 512
[   40.232015][ T3872] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce028, mo2=0000]
[   40.241479][ T3872] EXT4-fs error (device loop4): ext4_map_blocks:674: inode #3: block 2: comm syz.4.159: lblock 2 mapped to illegal pblock 2 (length 1)
[   40.259788][ T3869] wireguard0: entered promiscuous mode
[   40.265415][ T3869] wireguard0: entered allmulticast mode
[   40.267031][ T3872] EXT4-fs (loop4): Remounting filesystem read-only
[   40.272634][ T3875] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   40.293292][ T3872] EXT4-fs (loop4): 1 orphan inode deleted
[   40.299510][ T3872] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   40.304987][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.312997][ T3875] ext4 filesystem being mounted at /42/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   40.323230][ T3872] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.355785][ T3875] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.160: bg 0: block 18: invalid block bitmap
[   40.454339][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.471333][    T9] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   40.478894][    T9] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   40.486326][    T9] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   40.496025][    T9] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   40.503540][    T9] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   40.511028][    T9] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   40.518502][    T9] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   40.525992][    T9] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   40.533480][    T9] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   40.540906][    T9] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   40.548427][    T9] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   40.555994][    T9] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   40.563474][    T9] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   40.573843][    T9] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   40.581322][    T9] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   40.588819][    T9] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   40.588847][    T9] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   40.588871][    T9] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   40.588897][    T9] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   40.588958][    T9] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   40.589027][    T9] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   40.589085][    T9] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   40.589108][    T9] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   40.589132][    T9] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   40.589156][    T9] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   40.589219][    T9] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   40.589242][    T9] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   40.629966][    T9] hid-generic 0000:0000:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[   40.650493][ T3898] loop1: detected capacity change from 0 to 512
[   40.667272][ T3898] EXT4-fs (loop1): corrupt root inode, run e2fsck
[   40.728444][ T3901] loop0: detected capacity change from 0 to 512
[   40.743307][ T3898] EXT4-fs (loop1): mount failed
[   40.752535][ T3901] EXT4-fs (loop0): ea_inode feature is not supported for Hurd
[   40.760599][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.790252][ T3901] syz_tun: entered allmulticast mode
[   40.806641][ T3898] kernel profiling enabled (shift: 63)
[   40.812194][ T3898] profiling shift: 63 too large
[   40.820457][ T3901] syz_tun: left allmulticast mode
[   40.845237][ T3898] sit0: entered promiscuous mode
[   40.853850][ T3898] netlink: 'syz.1.167': attribute type 3 has an invalid length.
[   40.882525][ T3913] FAULT_INJECTION: forcing a failure.
[   40.882525][ T3913] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   40.896029][ T3913] CPU: 0 UID: 0 PID: 3913 Comm: syz.4.174 Not tainted 6.15.0-rc1-syzkaller-00095-g2eb959eeecc6 #0 PREEMPT(voluntary) 
[   40.896060][ T3913] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   40.896070][ T3913] Call Trace:
[   40.896075][ T3913]  <TASK>
[   40.896080][ T3913]  dump_stack_lvl+0xf6/0x150
[   40.896131][ T3913]  dump_stack+0x15/0x1a
[   40.896190][ T3913]  should_fail_ex+0x261/0x270
[   40.896212][ T3913]  should_fail+0xb/0x10
[   40.896232][ T3913]  should_fail_usercopy+0x1a/0x20
[   40.896281][ T3913]  _copy_from_iter+0xd8/0xd10
[   40.896307][ T3913]  ? kmalloc_reserve+0x16e/0x190
[   40.896421][ T3913]  ? __build_skb_around+0x199/0x1f0
[   40.896440][ T3913]  ? __alloc_skb+0x227/0x320
[   40.896509][ T3913]  ? __virt_addr_valid+0x1ed/0x250
[   40.896527][ T3913]  ? __check_object_size+0x367/0x510
[   40.896548][ T3913]  netlink_sendmsg+0x492/0x720
[   40.896572][ T3913]  ? __pfx_netlink_sendmsg+0x10/0x10
[   40.896593][ T3913]  __sock_sendmsg+0x140/0x180
[   40.896639][ T3913]  ____sys_sendmsg+0x350/0x4e0
[   40.896664][ T3913]  __sys_sendmsg+0x1a0/0x240
[   40.896779][ T3913]  __x64_sys_sendmsg+0x46/0x50
[   40.896907][ T3913]  x64_sys_call+0x26f3/0x2e10
[   40.897002][ T3913]  do_syscall_64+0xc9/0x1c0
[   40.897027][ T3913]  ? clear_bhb_loop+0x25/0x80
[   40.897044][ T3913]  ? clear_bhb_loop+0x25/0x80
[   40.897062][ T3913]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   40.897079][ T3913] RIP: 0033:0x7f9ccf9dd169
[   40.897092][ T3913] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   40.897153][ T3913] RSP: 002b:00007f9cce03f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   40.897189][ T3913] RAX: ffffffffffffffda RBX: 00007f9ccfbf5fa0 RCX: 00007f9ccf9dd169
[   40.897199][ T3913] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000006
[   40.897209][ T3913] RBP: 00007f9cce03f090 R08: 0000000000000000 R09: 0000000000000000
[   40.897219][ T3913] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   40.897228][ T3913] R13: 0000000000000000 R14: 00007f9ccfbf5fa0 R15: 00007fffd09b2d28
[   40.897243][ T3913]  </TASK>
[   41.143830][ T3918] loop3: detected capacity change from 0 to 512
[   41.154847][ T3918] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   41.167540][ T3918] ext4 filesystem being mounted at /45/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   41.200643][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.254695][   T29] kauditd_printk_skb: 303 callbacks suppressed
[   41.254713][   T29] audit: type=1326 audit(1744323966.975:628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3928 comm="syz.0.180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68f14dd169 code=0x7ffc0000
[   41.289977][ T3931] Invalid ELF header magic: != ELF
[   41.322271][   T29] audit: type=1400 audit(1744323967.005:629): avc:  denied  { sys_module } for  pid=3930 comm="syz.2.181" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[   41.339029][ T3935] loop0: detected capacity change from 0 to 1024
[   41.343200][   T29] audit: type=1400 audit(1744323967.005:630): avc:  denied  { module_load } for  pid=3930 comm="syz.2.181" path="/sys/kernel/notes" dev="sysfs" ino=210 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=system permissive=1
[   41.373417][   T29] audit: type=1326 audit(1744323967.015:631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3928 comm="syz.0.180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68f14dd169 code=0x7ffc0000
[   41.374789][ T3935] EXT4-fs: Ignoring removed nobh option
[   41.396716][   T29] audit: type=1326 audit(1744323967.015:632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3928 comm="syz.0.180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=121 compat=0 ip=0x7f68f14dd169 code=0x7ffc0000
[   41.396752][   T29] audit: type=1326 audit(1744323967.015:633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3928 comm="syz.0.180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68f14dd169 code=0x7ffc0000
[   41.402387][ T3935] EXT4-fs: Ignoring removed bh option
[   41.425592][   T29] audit: type=1326 audit(1744323967.015:634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3928 comm="syz.0.180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68f14dd169 code=0x7ffc0000
[   41.482500][   T29] audit: type=1400 audit(1744323967.045:635): avc:  denied  { setopt } for  pid=3934 comm="syz.0.184" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   41.486022][ T3937] loop2: detected capacity change from 0 to 512
[   41.509270][ T3935] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   41.528348][   T29] audit: type=1400 audit(1744323967.245:636): avc:  denied  { append } for  pid=3940 comm="syz.3.185" name="001" dev="devtmpfs" ino=165 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   41.529163][ T3941] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[   41.566979][ T3937] EXT4-fs (loop2): ea_inode feature is not supported for Hurd
[   41.569328][   T29] audit: type=1400 audit(1744323967.285:637): avc:  denied  { create } for  pid=3942 comm="syz.1.186" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[   41.604032][ T3937] __nla_validate_parse: 10 callbacks suppressed
[   41.604049][ T3937] netlink: 12 bytes leftover after parsing attributes in process `syz.2.183'.
[   41.622982][ T3935] netlink: 4 bytes leftover after parsing attributes in process `syz.0.184'.
[   41.656536][ T3947] loop1: detected capacity change from 0 to 512
[   41.664835][ T3947] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   41.675472][ T3937] syz_tun: entered allmulticast mode
[   41.684290][ T3937] netlink: 156 bytes leftover after parsing attributes in process `syz.2.183'.
[   41.693659][ T3947] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   41.696165][ T3951] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[   41.714224][ T3947] ext4 filesystem being mounted at /32/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   41.725696][ T3937] syz_tun: left allmulticast mode
[   41.757461][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.803835][ T1039] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   41.811329][ T1039] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   41.818832][ T1039] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   41.852766][ T1039] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   41.860395][ T1039] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   41.867849][ T1039] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   41.875467][ T1039] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   41.882966][ T1039] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   41.890547][ T1039] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   41.898060][ T1039] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   41.905665][ T1039] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   41.913125][ T1039] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   41.920538][ T1039] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   41.955218][ T1039] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   41.962661][ T1039] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   41.970144][ T1039] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   41.977675][ T1039] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   41.985139][ T1039] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   41.991625][ T3971] Invalid ELF header magic: != ELF
[   41.992540][ T1039] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   42.005317][ T1039] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   42.012933][ T1039] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   42.012959][ T1039] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   42.012984][ T1039] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   42.013006][ T1039] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   42.013030][ T1039] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   42.013106][ T1039] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   42.013131][ T1039] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   42.039348][ T1039] hid-generic 0000:0000:0000.0005: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[   42.055857][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.125180][ T3976] loop4: detected capacity change from 0 to 512
[   42.152807][ T3976] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.190080][ T3976] ext4 filesystem being mounted at /32/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   42.207729][ T3976] EXT4-fs error (device loop4): ext4_do_update_inode:5182: inode #2: comm syz.4.201: corrupted inode contents
[   42.225305][ T3987] hub 9-0:1.0: USB hub found
[   42.229991][ T3987] hub 9-0:1.0: 8 ports detected
[   42.264723][ T3976] EXT4-fs error (device loop4): ext4_dirty_inode:6074: inode #2: comm syz.4.201: mark_inode_dirty error
[   42.277915][ T3976] EXT4-fs error (device loop4): ext4_do_update_inode:5182: inode #2: comm syz.4.201: corrupted inode contents
[   42.321576][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.331242][ T3998] loop3: detected capacity change from 0 to 512
[   42.380257][ T4002] netlink: 24 bytes leftover after parsing attributes in process `syz.0.211'.
[   42.396107][ T4004] netlink: 'syz.4.209': attribute type 10 has an invalid length.
[   42.403962][ T4004] netlink: 40 bytes leftover after parsing attributes in process `syz.4.209'.
[   42.456900][ T4004] bridge0: port 3(dummy0) entered blocking state
[   42.463727][ T4004] bridge0: port 3(dummy0) entered disabled state
[   42.475837][ T4004] dummy0: entered allmulticast mode
[   42.481779][ T4004] dummy0: entered promiscuous mode
[   42.481905][ T4014] loop1: detected capacity change from 0 to 512
[   42.492421][ T4004] bridge0: port 3(dummy0) entered blocking state
[   42.499759][ T4004] bridge0: port 3(dummy0) entered forwarding state
[   42.506909][ T4014] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   42.524326][ T4015] loop4: detected capacity change from 0 to 2048
[   42.539420][ T4014] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.553195][ T4014] ext4 filesystem being mounted at /38/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   42.574376][ T4015] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.638451][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.650341][ T4028] FAULT_INJECTION: forcing a failure.
[   42.650341][ T4028] name failslab, interval 1, probability 0, space 0, times 0
[   42.664091][ T4028] CPU: 0 UID: 0 PID: 4028 Comm: syz.0.220 Not tainted 6.15.0-rc1-syzkaller-00095-g2eb959eeecc6 #0 PREEMPT(voluntary) 
[   42.664119][ T4028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   42.664131][ T4028] Call Trace:
[   42.664136][ T4028]  <TASK>
[   42.664143][ T4028]  dump_stack_lvl+0xf6/0x150
[   42.664166][ T4028]  dump_stack+0x15/0x1a
[   42.664224][ T4028]  should_fail_ex+0x261/0x270
[   42.664333][ T4028]  should_failslab+0x8f/0xb0
[   42.664386][ T4028]  kmem_cache_alloc_noprof+0x59/0x340
[   42.664408][ T4028]  ? skb_clone+0x154/0x1f0
[   42.664463][ T4028]  skb_clone+0x154/0x1f0
[   42.664496][ T4028]  __netlink_deliver_tap+0x2bd/0x4f0
[   42.664541][ T4028]  netlink_unicast+0x69e/0x6c0
[   42.664570][ T4028]  netlink_sendmsg+0x609/0x720
[   42.664617][ T4028]  ? __pfx_netlink_sendmsg+0x10/0x10
[   42.664646][ T4028]  __sock_sendmsg+0x140/0x180
[   42.664752][ T4028]  ____sys_sendmsg+0x350/0x4e0
[   42.664798][ T4028]  __sys_sendmsg+0x1a0/0x240
[   42.664848][ T4028]  __x64_sys_sendmsg+0x46/0x50
[   42.664937][ T4028]  x64_sys_call+0x26f3/0x2e10
[   42.665024][ T4028]  do_syscall_64+0xc9/0x1c0
[   42.665093][ T4028]  ? clear_bhb_loop+0x25/0x80
[   42.665121][ T4028]  ? clear_bhb_loop+0x25/0x80
[   42.665147][ T4028]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   42.665172][ T4028] RIP: 0033:0x7f68f14dd169
[   42.665190][ T4028] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   42.665254][ T4028] RSP: 002b:00007f68efb47038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   42.665276][ T4028] RAX: ffffffffffffffda RBX: 00007f68f16f5fa0 RCX: 00007f68f14dd169
[   42.665289][ T4028] RDX: 0000000000000000 RSI: 0000200000000380 RDI: 0000000000000003
[   42.665303][ T4028] RBP: 00007f68efb47090 R08: 0000000000000000 R09: 0000000000000000
[   42.665334][ T4028] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   42.665347][ T4028] R13: 0000000000000000 R14: 00007f68f16f5fa0 R15: 00007ffcdbc403d8
[   42.665366][ T4028]  </TASK>
[   42.667201][ T4028] IPv6: NLM_F_CREATE should be specified when creating new route
[   42.878079][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.891547][ T4031] ip6tnl1: entered promiscuous mode
[   42.896936][ T4031] ip6tnl1: entered allmulticast mode
[   42.914604][ T4033] loop1: detected capacity change from 0 to 512
[   42.921505][ T4033] EXT4-fs (loop1): ea_inode feature is not supported for Hurd
[   42.930785][ T4033] netlink: 12 bytes leftover after parsing attributes in process `syz.1.221'.
[   42.945737][ T4033] syz_tun: entered allmulticast mode
[   42.952616][ T4033] netlink: 156 bytes leftover after parsing attributes in process `syz.1.221'.
[   42.962781][ T4033] syz_tun: left allmulticast mode
[   42.972115][ T4035] loop2: detected capacity change from 0 to 512
[   42.986600][ T4035] EXT4-fs (loop2): ea_inode feature is not supported for Hurd
[   43.017638][ T4035] netlink: 12 bytes leftover after parsing attributes in process `syz.2.222'.
[   43.027011][ T4039] netlink: 16 bytes leftover after parsing attributes in process `syz.4.225'.
[   43.031195][ T4037] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[   43.036048][ T4039] netlink: 24 bytes leftover after parsing attributes in process `syz.4.225'.
[   43.071025][ T4035] syz_tun: entered allmulticast mode
[   43.087003][ T4035] syz_tun: left allmulticast mode
[   43.115170][ T3102] IPVS: starting estimator thread 0...
[   43.145200][ T4053] loop1: detected capacity change from 0 to 512
[   43.160502][ T4053] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   43.213325][ T4049] IPVS: using max 1872 ests per chain, 93600 per kthread
[   43.243744][   T10] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   43.251220][   T10] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   43.258727][   T10] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   43.286888][   T10] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   43.288466][ T4053] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.296676][   T10] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   43.315903][   T10] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   43.323441][   T10] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   43.326043][ T4053] ext4 filesystem being mounted at /41/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   43.330852][   T10] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   43.330893][   T10] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   43.330916][   T10] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   43.363476][   T10] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   43.370987][   T10] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   43.378437][   T10] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   43.754617][ T4074] loop4: detected capacity change from 0 to 512
[   43.766975][   T10] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   43.774482][   T10] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   43.782008][   T10] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   43.789495][   T10] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   43.796931][   T10] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   43.804499][   T10] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   43.811966][   T10] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   43.819412][   T10] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   43.826935][   T10] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   43.834370][   T10] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   43.841793][   T10] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   43.849269][   T10] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   43.856701][   T10] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   43.864137][   T10] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   43.879319][   T10] hid-generic 0000:0000:0000.0006: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[   43.883628][ T4074] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.901879][ T4074] ext4 filesystem being mounted at /38/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   43.962420][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.055228][ T4080] FAULT_INJECTION: forcing a failure.
[   44.055228][ T4080] name failslab, interval 1, probability 0, space 0, times 0
[   44.068037][ T4080] CPU: 1 UID: 0 PID: 4080 Comm: syz.4.235 Not tainted 6.15.0-rc1-syzkaller-00095-g2eb959eeecc6 #0 PREEMPT(voluntary) 
[   44.068069][ T4080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   44.068085][ T4080] Call Trace:
[   44.068093][ T4080]  <TASK>
[   44.068102][ T4080]  dump_stack_lvl+0xf6/0x150
[   44.068128][ T4080]  dump_stack+0x15/0x1a
[   44.068144][ T4080]  should_fail_ex+0x261/0x270
[   44.068265][ T4080]  should_failslab+0x8f/0xb0
[   44.068297][ T4080]  __kvmalloc_node_noprof+0x12c/0x520
[   44.068325][ T4080]  ? __se_sys_add_key+0x1e0/0x330
[   44.068414][ T4080]  ? strncpy_from_user+0x144/0x230
[   44.068441][ T4080]  __se_sys_add_key+0x1e0/0x330
[   44.068468][ T4080]  ? fput+0x99/0xd0
[   44.068496][ T4080]  __x64_sys_add_key+0x67/0x80
[   44.068520][ T4080]  x64_sys_call+0x1f10/0x2e10
[   44.068583][ T4080]  do_syscall_64+0xc9/0x1c0
[   44.068629][ T4080]  ? clear_bhb_loop+0x25/0x80
[   44.068651][ T4080]  ? clear_bhb_loop+0x25/0x80
[   44.068678][ T4080]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   44.068699][ T4080] RIP: 0033:0x7f9ccf9dd169
[   44.068713][ T4080] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   44.068802][ T4080] RSP: 002b:00007f9cce03f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f8
[   44.068820][ T4080] RAX: ffffffffffffffda RBX: 00007f9ccfbf5fa0 RCX: 00007f9ccf9dd169
[   44.068901][ T4080] RDX: 0000200000000100 RSI: 0000000000000000 RDI: 0000200000000280
[   44.068912][ T4080] RBP: 00007f9cce03f090 R08: ffffffffffffffff R09: 0000000000000000
[   44.068924][ T4080] R10: 0000000000000018 R11: 0000000000000246 R12: 0000000000000001
[   44.068935][ T4080] R13: 0000000000000000 R14: 00007f9ccfbf5fa0 R15: 00007fffd09b2d28
[   44.069012][ T4080]  </TASK>
[   44.263240][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.318012][ T4089] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[   44.330462][ T4087] loop4: detected capacity change from 0 to 512
[   44.350890][ T4087] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   44.364101][ T4087] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   44.391337][   T36] IPVS: starting estimator thread 0...
[   44.421943][ T4087] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   44.469499][ T4087] EXT4-fs (loop4): 1 truncate cleaned up
[   44.475752][ T4087] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   44.495349][ T4087] FAULT_INJECTION: forcing a failure.
[   44.495349][ T4087] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   44.500909][ T4095] IPVS: using max 2304 ests per chain, 115200 per kthread
[   44.508441][ T4087] CPU: 0 UID: 0 PID: 4087 Comm: syz.4.242 Not tainted 6.15.0-rc1-syzkaller-00095-g2eb959eeecc6 #0 PREEMPT(voluntary) 
[   44.508471][ T4087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   44.508486][ T4087] Call Trace:
[   44.508495][ T4087]  <TASK>
[   44.508504][ T4087]  dump_stack_lvl+0xf6/0x150
[   44.508536][ T4087]  dump_stack+0x15/0x1a
[   44.508558][ T4087]  should_fail_ex+0x261/0x270
[   44.508675][ T4087]  should_fail+0xb/0x10
[   44.508706][ T4087]  should_fail_usercopy+0x1a/0x20
[   44.508742][ T4087]  strncpy_from_user+0x25/0x230
[   44.508770][ T4087]  ? getname_flags+0x81/0x3b0
[   44.508812][ T4087]  getname_flags+0xb0/0x3b0
[   44.508838][ T4087]  __x64_sys_unlink+0x21/0x40
[   44.508876][ T4087]  x64_sys_call+0x2358/0x2e10
[   44.508905][ T4087]  do_syscall_64+0xc9/0x1c0
[   44.508988][ T4087]  ? clear_bhb_loop+0x25/0x80
[   44.509026][ T4087]  ? clear_bhb_loop+0x25/0x80
[   44.509054][ T4087]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   44.509138][ T4087] RIP: 0033:0x7f9ccf9dd169
[   44.509156][ T4087] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   44.509178][ T4087] RSP: 002b:00007f9cce03f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000057
[   44.509202][ T4087] RAX: ffffffffffffffda RBX: 00007f9ccfbf5fa0 RCX: 00007f9ccf9dd169
[   44.509217][ T4087] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000180
[   44.509232][ T4087] RBP: 00007f9cce03f090 R08: 0000000000000000 R09: 0000000000000000
[   44.509246][ T4087] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   44.509261][ T4087] R13: 0000000000000000 R14: 00007f9ccfbf5fa0 R15: 00007fffd09b2d28
[   44.509324][ T4087]  </TASK>
[   44.739426][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.264280][ T4125] hub 2-0:1.0: USB hub found
[   45.422349][ T4125] hub 2-0:1.0: 8 ports detected
[   45.594639][ T4147] netlink: 'syz.0.259': attribute type 10 has an invalid length.
[   45.603315][ T4147] bridge0: port 3(dummy0) entered blocking state
[   45.609782][ T4147] bridge0: port 3(dummy0) entered disabled state
[   45.667508][ T4147] dummy0: entered allmulticast mode
[   45.675344][ T4147] dummy0: entered promiscuous mode
[   45.680850][ T4147] bridge0: port 3(dummy0) entered blocking state
[   45.687320][ T4147] bridge0: port 3(dummy0) entered forwarding state
[   45.699942][   T10] IPVS: starting estimator thread 0...
[   45.725740][ T4150] bond1: entered promiscuous mode
[   45.730822][ T4150] bond1: entered allmulticast mode
[   45.742028][ T4150] 8021q: adding VLAN 0 to HW filter on device bond1
[   45.754282][ T4159] loop1: detected capacity change from 0 to 512
[   45.793033][ T4155] IPVS: using max 1968 ests per chain, 98400 per kthread
[   45.800785][ T4159] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   45.813392][ T4159] ext4 filesystem being mounted at /50/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   45.839879][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.920582][ T4180] loop1: detected capacity change from 0 to 128
[   45.929604][ T4178] Invalid ELF header magic: != ELF
[   45.945122][ T4180] vfat: Unknown parameter '1���/B�ŦC��V
'
[   45.991179][   T10] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[   45.998651][   T10] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[   46.006106][   T10] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[   46.025577][   T10] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[   46.033149][   T10] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[   46.040555][   T10] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[   46.048181][   T10] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[   46.055744][   T10] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[   46.063315][   T10] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[   46.070836][   T10] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[   46.078387][   T10] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[   46.085818][   T10] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[   46.093258][   T10] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[   46.111433][   T10] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[   46.118889][   T10] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[   46.126362][   T10] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[   46.133858][   T10] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[   46.141264][   T10] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[   46.148685][   T10] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[   46.156160][   T10] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[   46.163587][   T10] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[   46.170999][   T10] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[   46.178498][   T10] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[   46.186128][   T10] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[   46.193724][   T10] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[   46.201125][   T10] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[   46.208632][   T10] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[   46.222827][   T10] hid-generic 0000:0000:0000.0007: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[   46.377390][   T29] kauditd_printk_skb: 292 callbacks suppressed
[   46.377444][   T29] audit: type=1326 audit(1744323972.095:930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4194 comm="syz.0.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68f14dd169 code=0x7ffc0000
[   46.411079][   T29] audit: type=1400 audit(1744323972.095:931): avc:  denied  { unmount } for  pid=3306 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[   46.431239][   T29] audit: type=1326 audit(1744323972.105:932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4194 comm="syz.0.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f68f14dd169 code=0x7ffc0000
[   46.447573][ T4197] hub 9-0:1.0: USB hub found
[   46.454507][   T29] audit: type=1326 audit(1744323972.105:933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4194 comm="syz.0.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68f14dd169 code=0x7ffc0000
[   46.482296][   T29] audit: type=1326 audit(1744323972.105:934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4194 comm="syz.0.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68f14dd169 code=0x7ffc0000
[   46.483984][ T4197] hub 9-0:1.0: 8 ports detected
[   46.505694][   T29] audit: type=1326 audit(1744323972.105:935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4194 comm="syz.0.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f68f14dd169 code=0x7ffc0000
[   46.505728][   T29] audit: type=1326 audit(1744323972.105:936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4194 comm="syz.0.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68f14dd169 code=0x7ffc0000
[   46.505782][   T29] audit: type=1326 audit(1744323972.105:937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4194 comm="syz.0.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7f68f14dd169 code=0x7ffc0000
[   46.505812][   T29] audit: type=1326 audit(1744323972.105:938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4194 comm="syz.0.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68f14dd169 code=0x7ffc0000
[   46.505842][   T29] audit: type=1326 audit(1744323972.105:939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4194 comm="syz.0.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68f14dd169 code=0x7ffc0000
[   47.001555][ T4204] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[   47.199633][ T4211] loop0: detected capacity change from 0 to 512
[   47.219386][ T4216] syz_tun: refused to change device tx_queue_len
[   47.265819][ T4220] FAULT_INJECTION: forcing a failure.
[   47.265819][ T4220] name failslab, interval 1, probability 0, space 0, times 0
[   47.278637][ T4220] CPU: 0 UID: 0 PID: 4220 Comm: syz.2.284 Not tainted 6.15.0-rc1-syzkaller-00095-g2eb959eeecc6 #0 PREEMPT(voluntary) 
[   47.278719][ T4220] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   47.278729][ T4220] Call Trace:
[   47.278735][ T4220]  <TASK>
[   47.278741][ T4220]  dump_stack_lvl+0xf6/0x150
[   47.278827][ T4220]  dump_stack+0x15/0x1a
[   47.278896][ T4220]  should_fail_ex+0x261/0x270
[   47.278919][ T4220]  should_failslab+0x8f/0xb0
[   47.278945][ T4220]  kmem_cache_alloc_noprof+0x59/0x340
[   47.278965][ T4220]  ? skb_clone+0x154/0x1f0
[   47.278989][ T4220]  skb_clone+0x154/0x1f0
[   47.279088][ T4220]  __netlink_deliver_tap+0x2bd/0x4f0
[   47.279114][ T4220]  netlink_unicast+0x69e/0x6c0
[   47.279133][ T4220]  netlink_sendmsg+0x609/0x720
[   47.279156][ T4220]  ? __pfx_netlink_sendmsg+0x10/0x10
[   47.279212][ T4220]  __sock_sendmsg+0x140/0x180
[   47.279241][ T4220]  ____sys_sendmsg+0x350/0x4e0
[   47.279268][ T4220]  __sys_sendmsg+0x1a0/0x240
[   47.279329][ T4220]  __x64_sys_sendmsg+0x46/0x50
[   47.279351][ T4220]  x64_sys_call+0x26f3/0x2e10
[   47.279369][ T4220]  do_syscall_64+0xc9/0x1c0
[   47.279441][ T4220]  ? clear_bhb_loop+0x25/0x80
[   47.279459][ T4220]  ? clear_bhb_loop+0x25/0x80
[   47.279498][ T4220]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   47.279515][ T4220] RIP: 0033:0x7f6829c1d169
[   47.279527][ T4220] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   47.279585][ T4220] RSP: 002b:00007f6828287038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   47.279634][ T4220] RAX: ffffffffffffffda RBX: 00007f6829e35fa0 RCX: 00007f6829c1d169
[   47.279644][ T4220] RDX: 0000000000000000 RSI: 0000200000000380 RDI: 0000000000000003
[   47.279725][ T4220] RBP: 00007f6828287090 R08: 0000000000000000 R09: 0000000000000000
[   47.279734][ T4220] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   47.279744][ T4220] R13: 0000000000000000 R14: 00007f6829e35fa0 R15: 00007ffd12dce9e8
[   47.279759][ T4220]  </TASK>
[   47.483062][ T4211] EXT4-fs (loop0): orphan cleanup on readonly fs
[   47.500031][ T4211] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.278: bg 0: block 248: padding at end of block bitmap is not set
[   47.517663][ T4211] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.278: Failed to acquire dquot type 1
[   47.529707][ T4211] EXT4-fs (loop0): 1 truncate cleaned up
[   47.531151][ T4226] loop3: detected capacity change from 0 to 512
[   47.538762][ T4211] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   47.560987][ T4226] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   47.589376][ T4226] EXT4-fs (loop3): orphan cleanup on readonly fs
[   47.597309][ T4226] EXT4-fs error (device loop3): ext4_orphan_get:1390: inode #16: comm syz.3.286: casefold flag without casefold feature
[   47.618962][ T4226] EXT4-fs error (device loop3): ext4_orphan_get:1395: comm syz.3.286: couldn't read orphan inode 16 (err -117)
[   47.632015][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.632547][ T4231] capability: warning: `syz.1.289' uses deprecated v2 capabilities in a way that may be insecure
[   47.643090][ T4229] loop2: detected capacity change from 0 to 512
[   47.673274][ T4226] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   47.688240][ T4229] EXT4-fs (loop2): ea_inode feature is not supported for Hurd
[   47.702656][ T4229] __nla_validate_parse: 6 callbacks suppressed
[   47.702675][ T4229] netlink: 12 bytes leftover after parsing attributes in process `syz.2.287'.
[   47.727471][ T4229] syz_tun: entered allmulticast mode
[   47.751597][ T4228] syz_tun: left allmulticast mode
[   47.788506][ T4241] syz_tun: refused to change device tx_queue_len
[   47.868167][ T4247] netlink: 16 bytes leftover after parsing attributes in process `syz.1.297'.
[   47.898533][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.962029][ T4263] loop0: detected capacity change from 0 to 512
[   47.990497][ T4266] loop3: detected capacity change from 0 to 512
[   48.015504][ T4263] EXT4-fs (loop0): ea_inode feature is not supported for Hurd
[   48.015672][ T4266] EXT4-fs (loop3): orphan cleanup on readonly fs
[   48.030412][ T4266] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.299: bg 0: block 248: padding at end of block bitmap is not set
[   48.046644][ T4266] EXT4-fs error (device loop3): ext4_acquire_dquot:6935: comm syz.3.299: Failed to acquire dquot type 1
[   48.074089][ T4263] netlink: 12 bytes leftover after parsing attributes in process `syz.0.302'.
[   48.089170][ T4266] EXT4-fs (loop3): 1 truncate cleaned up
[   48.101809][ T4263] syz_tun: entered allmulticast mode
[   48.109031][ T4263] netlink: 156 bytes leftover after parsing attributes in process `syz.0.302'.
[   48.118726][ T4266] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   48.134830][ T4263] syz_tun: left allmulticast mode
[   48.184822][ T4279] loop2: detected capacity change from 0 to 512
[   48.192029][ T4279] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   48.202544][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.216521][ T4279] EXT4-fs (loop2): 1 truncate cleaned up
[   48.226123][ T4279] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   48.297436][ T4289] netlink: 'syz.4.312': attribute type 10 has an invalid length.
[   48.305368][ T4289] netlink: 40 bytes leftover after parsing attributes in process `syz.4.312'.
[   48.315141][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.343940][ T4291] netlink: 16 bytes leftover after parsing attributes in process `syz.4.314'.
[   48.458189][    T9] kernel write not supported for file /170/attr/sockcreate (pid: 9 comm: kworker/0:0)
[   48.484021][ T4302] netlink: 52 bytes leftover after parsing attributes in process `syz.4.318'.
[   48.494860][ T4302] loop4: detected capacity change from 0 to 128
[   48.522496][ T4304] loop4: detected capacity change from 0 to 512
[   48.531385][ T4285] hub 2-0:1.0: USB hub found
[   48.536476][ T4285] hub 2-0:1.0: 8 ports detected
[   48.543824][ T4304] EXT4-fs (loop4): ea_inode feature is not supported for Hurd
[   48.564826][ T4304] netlink: 12 bytes leftover after parsing attributes in process `syz.4.319'.
[   48.583650][ T4304] A link change request failed with some changes committed already. Interface wg0 may have been left with an inconsistent configuration, please check.
[   48.600847][ T4304] syz_tun: entered allmulticast mode
[   48.607594][ T4304] netlink: 156 bytes leftover after parsing attributes in process `syz.4.319'.
[   48.617510][ T4304] syz_tun: left allmulticast mode
[   48.735187][ T4313] hub 9-0:1.0: USB hub found
[   48.739998][ T4313] hub 9-0:1.0: 8 ports detected
[   48.788369][ T4315] loop4: detected capacity change from 0 to 1024
[   48.803606][ T4315] EXT4-fs: Ignoring removed nobh option
[   48.809347][ T4315] EXT4-fs: Ignoring removed bh option
[   48.871366][ T4315] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   48.894014][ T4315] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4115: comm syz.4.324: Allocating blocks 385-513 which overlap fs metadata
[   48.909688][ T4315] EXT4-fs (loop4): pa ffff8881065292a0: logic 16, phys. 129, len 24
[   48.916734][ T4320] loop1: detected capacity change from 0 to 1024
[   48.917773][ T4315] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5366: group 0, free 0, pa_free 8
[   48.944924][ T4316] hub 2-0:1.0: USB hub found
[   48.950733][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.975559][ T4323] netlink: 16 bytes leftover after parsing attributes in process `syz.4.326'.
[   48.985089][ T4320] EXT4-fs: Ignoring removed nobh option
[   48.990710][ T4320] EXT4-fs: Ignoring removed bh option
[   48.997690][ T4316] hub 2-0:1.0: 8 ports detected
[   49.082938][ T4320] EXT4-fs: Mount option(s) incompatible with ext2
[   49.206805][ T4331] loop4: detected capacity change from 0 to 164
[   49.225987][ T4331] Unable to read rock-ridge attributes
[   49.244545][ T4331] Unable to read rock-ridge attributes
[   49.251291][ T4331] iso9660: Corrupted directory entry in block 4 of inode 1792
[   49.259033][ T4331] syz.4.330: attempt to access beyond end of device
[   49.259033][ T4331] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[   49.273992][ T4331] Unable to read rock-ridge attributes
[   49.283533][ T4331] iso9660: Corrupted directory entry in block 4 of inode 1792
[   49.294413][ T4333] loop0: detected capacity change from 0 to 512
[   49.301964][ T4331] Unable to read rock-ridge attributes
[   49.308653][ T4331] iso9660: Corrupted directory entry in block 4 of inode 1792
[   49.325404][ T4333] EXT4-fs (loop0): ea_inode feature is not supported for Hurd
[   49.390239][ T4333] syz_tun: entered allmulticast mode
[   49.399112][ T4333] syz_tun: left allmulticast mode
[   49.436951][ T4339] loop0: detected capacity change from 0 to 1024
[   49.448653][ T4339] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   49.470848][ T4339] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   49.487357][ T4339] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce028, mo2=0000]
[   49.550117][ T4348] loop4: detected capacity change from 0 to 2048
[   49.561538][ T4339] EXT4-fs error (device loop0): ext4_map_blocks:674: inode #3: block 2: comm syz.0.334: lblock 2 mapped to illegal pblock 2 (length 1)
[   49.579749][ T4339] EXT4-fs (loop0): Remounting filesystem read-only
[   49.586935][ T4348] EXT4-fs: Ignoring removed bh option
[   49.618981][ T4354] loop2: detected capacity change from 0 to 512
[   49.628431][ T4354] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   49.638602][ T4339] EXT4-fs (loop0): 1 orphan inode deleted
[   49.646195][ T4339] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   49.660005][ T4354] EXT4-fs (loop2): 1 truncate cleaned up
[   49.660033][ T4339] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.671338][ T3377] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   49.682151][ T3377] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   49.683221][ T4354] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   49.689691][ T3377] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   49.710221][ T3377] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   49.717697][ T3377] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   49.725151][ T3377] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   49.729281][ T4348] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   49.732534][ T3377] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   49.752082][ T3377] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   49.759653][ T3377] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   49.767202][ T3377] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   49.774703][ T3377] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   49.782104][ T3377] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   49.789552][ T3377] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   49.797302][ T3377] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   49.804931][ T3377] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   49.812421][ T3377] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   49.820050][ T3377] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   49.827579][ T3377] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   49.835036][ T3377] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   49.842475][ T3377] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   49.850031][ T3377] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   49.857491][ T3377] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   49.864970][ T3377] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   49.872385][ T3377] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   49.879819][ T3377] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   49.887271][ T3377] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   49.894698][ T3377] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   49.904327][ T3377] hid-generic 0000:0000:0000.0008: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[   49.971600][ T4367] loop0: detected capacity change from 0 to 512
[   49.984336][ T4367] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   49.993445][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.022375][ T4367] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   50.037169][ T4371] loop2: detected capacity change from 0 to 512
[   50.052787][ T4371] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   50.061418][ T4367] ext4 filesystem being mounted at /71/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   50.094000][ T4371] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   50.122803][ T4371] ext4 filesystem being mounted at /64/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   50.215006][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.261727][ T4359] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   50.279789][ T4375] loop0: detected capacity change from 0 to 512
[   50.291122][ T4359] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28
[   50.303500][ T4359] EXT4-fs (loop4): This should not happen!! Data will be lost
[   50.303500][ T4359] 
[   50.313194][ T4359] EXT4-fs (loop4): Total free blocks count 0
[   50.319331][ T4359] EXT4-fs (loop4): Free/Dirty block details
[   50.325338][ T4359] EXT4-fs (loop4): free_blocks=2415919104
[   50.331072][ T4359] EXT4-fs (loop4): dirty_blocks=8224
[   50.336450][ T4359] EXT4-fs (loop4): Block reservation details
[   50.342500][ T4359] EXT4-fs (loop4): i_reserved_data_blocks=514
[   50.353409][ T4375] EXT4-fs (loop0): ea_inode feature is not supported for Hurd
[   50.380999][ T4375] syz_tun: entered allmulticast mode
[   50.388471][ T4375] syz_tun: left allmulticast mode
[   50.404789][ T2897] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 2048 with error 28
[   50.450115][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.477333][ T4379] loop0: detected capacity change from 0 to 512
[   50.513120][ T4379] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   50.538152][ T4384] loop1: detected capacity change from 0 to 1024
[   50.545177][ T4384] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   50.555119][ T4384] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   50.589063][ T4379] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   50.603602][ T4384] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce028, mo2=0000]
[   50.614758][ T4389] loop2: detected capacity change from 0 to 512
[   50.644319][ T4389] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   50.656258][ T4379] ext4 filesystem being mounted at /74/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   50.683943][ T4384] EXT4-fs error (device loop1): ext4_map_blocks:674: inode #3: block 2: comm syz.1.351: lblock 2 mapped to illegal pblock 2 (length 1)
[   50.701815][ T4384] EXT4-fs (loop1): Remounting filesystem read-only
[   50.715536][ T4389] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   50.728041][ T4384] EXT4-fs (loop1): 1 orphan inode deleted
[   50.734579][ T4384] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   50.753427][ T4384] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.762567][ T4389] ext4 filesystem being mounted at /66/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   50.980922][ T4403] loop1: detected capacity change from 0 to 2048
[   50.987691][ T4403] EXT4-fs: Ignoring removed bh option
[   50.995951][ T4405] loop4: detected capacity change from 0 to 2048
[   51.017964][ T4405] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[   51.036000][ T4403] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   51.106953][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.116213][ T4405] loop4: detected capacity change from 0 to 8192
[   51.123047][ T4405] vfat: Unknown parameter '00000000000000000004'
[   51.203917][ T4411] loop0: detected capacity change from 0 to 512
[   51.221712][ T4411] EXT4-fs (loop0): ea_inode feature is not supported for Hurd
[   51.251950][ T4411] syz_tun: entered allmulticast mode
[   51.258981][ T4411] syz_tun: left allmulticast mode
[   51.339282][ T3306] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.358499][ T4421] loop0: detected capacity change from 0 to 512
[   51.390845][ T4421] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   51.404768][ T4421] ext4 filesystem being mounted at /78/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   51.454507][ T3305] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.491285][   T29] kauditd_printk_skb: 328 callbacks suppressed
[   51.491302][   T29] audit: type=1400 audit(1744323977.205:1260): avc:  denied  { create } for  pid=4432 comm="syz.0.367" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   51.521602][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.559731][ T4431] loop1: detected capacity change from 0 to 512
[   51.573926][   T29] audit: type=1400 audit(1744323977.285:1261): avc:  denied  { read write } for  pid=4436 comm="syz.2.369" name="ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   51.597275][   T29] audit: type=1400 audit(1744323977.285:1262): avc:  denied  { open } for  pid=4436 comm="syz.2.369" path="/dev/ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   51.622303][ T4442] loop0: detected capacity change from 0 to 512
[   51.630035][ T4431] ext4 filesystem being mounted at /76/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   51.640839][ T4442] EXT4-fs (loop0): ea_inode feature is not supported for Hurd
[   51.655126][ T4442] syz_tun: entered allmulticast mode
[   51.662334][ T4442] syz_tun: left allmulticast mode
[   51.717799][ T4448] loop0: detected capacity change from 0 to 512
[   51.741937][ T4448] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   51.766587][ T4448] ext4 filesystem being mounted at /82/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   51.794377][   T29] audit: type=1400 audit(1744323977.515:1263): avc:  denied  { bind } for  pid=4456 comm="syz.3.375" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   51.815598][ T4457] FAULT_INJECTION: forcing a failure.
[   51.815598][ T4457] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   51.828752][ T4457] CPU: 1 UID: 0 PID: 4457 Comm: syz.3.375 Not tainted 6.15.0-rc1-syzkaller-00095-g2eb959eeecc6 #0 PREEMPT(voluntary) 
[   51.828828][ T4457] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   51.828844][ T4457] Call Trace:
[   51.828852][ T4457]  <TASK>
[   51.828861][ T4457]  dump_stack_lvl+0xf6/0x150
[   51.828906][ T4457]  dump_stack+0x15/0x1a
[   51.828924][ T4457]  should_fail_ex+0x261/0x270
[   51.828954][ T4457]  should_fail+0xb/0x10
[   51.829007][ T4457]  should_fail_usercopy+0x1a/0x20
[   51.829043][ T4457]  _copy_from_user+0x1c/0xa0
[   51.829081][ T4457]  copy_msghdr_from_user+0x54/0x2b0
[   51.829197][ T4457]  ? __fget_files+0x186/0x1c0
[   51.829272][ T4457]  __sys_sendmsg+0x141/0x240
[   51.829343][ T4457]  __x64_sys_sendmsg+0x46/0x50
[   51.829408][ T4457]  x64_sys_call+0x26f3/0x2e10
[   51.829501][ T4457]  do_syscall_64+0xc9/0x1c0
[   51.829537][ T4457]  ? clear_bhb_loop+0x25/0x80
[   51.829576][ T4457]  ? clear_bhb_loop+0x25/0x80
[   51.829600][ T4457]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   51.829620][ T4457] RIP: 0033:0x7f4cb6d6d169
[   51.829675][ T4457] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   51.829696][ T4457] RSP: 002b:00007f4cb53d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   51.829756][ T4457] RAX: ffffffffffffffda RBX: 00007f4cb6f85fa0 RCX: 00007f4cb6d6d169
[   51.829768][ T4457] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000005
[   51.829782][ T4457] RBP: 00007f4cb53d7090 R08: 0000000000000000 R09: 0000000000000000
[   51.829796][ T4457] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   51.829809][ T4457] R13: 0000000000000000 R14: 00007f4cb6f85fa0 R15: 00007fff91551f78
[   51.829832][ T4457]  </TASK>
[   52.007616][   T29] audit: type=1400 audit(1744323977.535:1264): avc:  denied  { setopt } for  pid=4456 comm="syz.3.375" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   52.128837][   T29] audit: type=1400 audit(1744323977.845:1265): avc:  denied  { mount } for  pid=4462 comm="syz.3.381" name="/" dev="ramfs" ino=7438 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[   52.156440][   T29] audit: type=1400 audit(1744323977.875:1266): avc:  denied  { block_suspend } for  pid=4462 comm="syz.3.381" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   52.227709][ T4468] loop0: detected capacity change from 0 to 1024
[   52.359142][ T4472] loop3: detected capacity change from 0 to 512
[   52.383338][ T4468] EXT4-fs: Ignoring removed bh option
[   52.421222][ T4472] ext4 filesystem being mounted at /81/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   52.468237][ T4468] EXT4-fs: inline encryption not supported
[   52.474156][ T4468] EXT4-fs: Ignoring removed i_version option
[   52.598410][ T4479] syz_tun: refused to change device tx_queue_len
[   52.639936][ T4468] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   52.707086][ T4481] loop2: detected capacity change from 0 to 512
[   52.725488][ T4468] EXT4-fs error (device loop0): ext4_map_blocks:674: inode #3: block 2: comm syz.0.382: lblock 2 mapped to illegal pblock 2 (length 1)
[   52.743068][ T4481] EXT4-fs (loop2): orphan cleanup on readonly fs
[   52.759273][ T4481] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.386: bg 0: block 248: padding at end of block bitmap is not set
[   52.784455][   T29] audit: type=1400 audit(1744323978.495:1267): avc:  denied  { getopt } for  pid=4485 comm="syz.4.388" lport=1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   52.845829][ T4481] Quota error (device loop2): write_blk: dquota write failed
[   52.853406][ T4481] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[   52.863553][ T4481] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.386: Failed to acquire dquot type 1
[   52.878997][ T4468] EXT4-fs error (device loop0): ext4_map_blocks:674: inode #3: block 48: comm syz.0.382: lblock 0 mapped to illegal pblock 48 (length 1)
[   52.881184][ T4487] Invalid ELF header magic: != ELF
[   52.903219][ T4468] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.382: Failed to acquire dquot type 0
[   52.904749][ T4481] EXT4-fs (loop2): 1 truncate cleaned up
[   52.940586][ T4468] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5870: Corrupt filesystem
[   52.961231][ T4468] EXT4-fs error (device loop0): ext4_evict_inode:259: inode #11: comm syz.0.382: mark_inode_dirty error
[   53.025274][ T4468] EXT4-fs warning (device loop0): ext4_evict_inode:262: couldn't mark inode dirty (err -117)
[   53.036204][ T4491] loop3: detected capacity change from 0 to 512
[   53.048525][ T4496] loop2: detected capacity change from 0 to 512
[   53.066555][ T4496] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   53.068322][ T4468] EXT4-fs (loop0): 1 orphan inode deleted
[   53.083089][   T53] EXT4-fs error (device loop0): ext4_map_blocks:674: inode #3: block 1: comm kworker/u8:4: lblock 1 mapped to illegal pblock 1 (length 1)
[   53.102557][   T53] EXT4-fs error (device loop0): ext4_release_dquot:6971: comm kworker/u8:4: Failed to release dquot type 0
[   53.130740][ T4496] ext4 filesystem being mounted at /70/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   53.179700][ T4468] EXT4-fs error (device loop0): __ext4_get_inode_loc:4449: comm syz.0.382: Invalid inode table block 1 in block_group 0
[   53.193489][ T4468] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5870: Corrupt filesystem
[   53.224672][ T4468] EXT4-fs error (device loop0): ext4_quota_off:7219: inode #3: comm syz.0.382: mark_inode_dirty error
[   53.318689][ T4512] netlink: 'syz.0.397': attribute type 10 has an invalid length.
[   53.326689][ T4512] __nla_validate_parse: 13 callbacks suppressed
[   53.326701][ T4512] netlink: 40 bytes leftover after parsing attributes in process `syz.0.397'.
[   53.348178][ T4512] team0: Port device geneve1 added
[   53.390273][ T4516] loop4: detected capacity change from 0 to 512
[   53.423000][ T4516] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   53.558028][ T4516] EXT4-fs (loop4): 1 truncate cleaned up
[   53.591214][ T4491] EXT4-fs (loop3): Couldn't remount RDWR because of unprocessed orphan inode list.  Please umount/remount instead
[   54.044434][ T4539] loop0: detected capacity change from 0 to 512
[   54.070818][ T4539] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   54.102167][ T4539] EXT4-fs (loop0): 1 truncate cleaned up
[   54.126653][ T4537] Invalid ELF header magic: != ELF
[   54.215799][ T4550] loop1: detected capacity change from 0 to 512
[   54.225098][ T4550] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   54.248916][ T4550] ext4 filesystem being mounted at /91/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   54.366230][ T4560] loop0: detected capacity change from 0 to 512
[   54.400132][ T4560] EXT4-fs (loop0): ea_inode feature is not supported for Hurd
[   54.418220][ T4565] loop4: detected capacity change from 0 to 512
[   54.437997][ T4563] loop2: detected capacity change from 0 to 1024
[   54.446376][ T4563] EXT4-fs: Ignoring removed nomblk_io_submit option
[   54.453105][ T4563] ext2: Unknown parameter 'uid>00000000000000000000'
[   54.474068][ T4560] netlink: 12 bytes leftover after parsing attributes in process `syz.0.412'.
[   54.489109][ T4565] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   54.496177][ T4560] syz_tun: entered allmulticast mode
[   54.509133][ T4559] syz_tun: left allmulticast mode
[   54.534478][ T4565] EXT4-fs (loop4): orphan cleanup on readonly fs
[   54.594151][ T4565] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.414: Failed to acquire dquot type 1
[   54.625186][    T9] IPVS: starting estimator thread 0...
[   54.646170][ T4580] FAULT_INJECTION: forcing a failure.
[   54.646170][ T4580] name failslab, interval 1, probability 0, space 0, times 0
[   54.658909][ T4580] CPU: 1 UID: 0 PID: 4580 Comm: syz.3.424 Not tainted 6.15.0-rc1-syzkaller-00095-g2eb959eeecc6 #0 PREEMPT(voluntary) 
[   54.658941][ T4580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   54.658953][ T4580] Call Trace:
[   54.658960][ T4580]  <TASK>
[   54.658968][ T4580]  dump_stack_lvl+0xf6/0x150
[   54.659017][ T4580]  dump_stack+0x15/0x1a
[   54.659038][ T4580]  should_fail_ex+0x261/0x270
[   54.659071][ T4580]  should_failslab+0x8f/0xb0
[   54.659144][ T4580]  __kmalloc_cache_noprof+0x55/0x320
[   54.659167][ T4580]  ? tcp_sendmsg_fastopen+0x163/0x500
[   54.659200][ T4580]  tcp_sendmsg_fastopen+0x163/0x500
[   54.659336][ T4580]  tcp_sendmsg_locked+0x2574/0x2760
[   54.659370][ T4580]  ? mntput+0x49/0x70
[   54.659394][ T4580]  ? terminate_walk+0x271/0x290
[   54.659413][ T4580]  ? __rcu_read_unlock+0x4e/0x70
[   54.659460][ T4580]  ? avc_has_perm_noaudit+0x1cc/0x210
[   54.659581][ T4580]  ? avc_has_perm+0xd6/0x150
[   54.659612][ T4580]  ? _raw_spin_unlock_bh+0x36/0x40
[   54.659639][ T4580]  ? __pfx_tcp_sendmsg+0x10/0x10
[   54.659675][ T4580]  tcp_sendmsg+0x30/0x50
[   54.659769][ T4580]  inet6_sendmsg+0x77/0xd0
[   54.659795][ T4580]  __sock_sendmsg+0x8b/0x180
[   54.659828][ T4580]  __sys_sendto+0x1aa/0x230
[   54.659932][ T4580]  __x64_sys_sendto+0x78/0x90
[   54.659961][ T4580]  x64_sys_call+0x2bcb/0x2e10
[   54.659987][ T4580]  do_syscall_64+0xc9/0x1c0
[   54.660021][ T4580]  ? clear_bhb_loop+0x25/0x80
[   54.660084][ T4580]  ? clear_bhb_loop+0x25/0x80
[   54.660105][ T4580]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   54.660126][ T4580] RIP: 0033:0x7f4cb6d6d169
[   54.660141][ T4580] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   54.660158][ T4580] RSP: 002b:00007f4cb53d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[   54.660176][ T4580] RAX: ffffffffffffffda RBX: 00007f4cb6f85fa0 RCX: 00007f4cb6d6d169
[   54.660238][ T4580] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007
[   54.660249][ T4580] RBP: 00007f4cb53d7090 R08: 0000200000b63fe4 R09: 000000000000001c
[   54.660261][ T4580] R10: 0000000022004001 R11: 0000000000000246 R12: 0000000000000001
[   54.660337][ T4580] R13: 0000000000000000 R14: 00007f4cb6f85fa0 R15: 00007fff91551f78
[   54.660355][ T4580]  </TASK>
[   54.688303][ T4583] Invalid ELF header magic: != ELF
[   54.688566][ T4565] EXT4-fs (loop4): 1 truncate cleaned up
[   54.754934][ T4584] IPVS: using max 2160 ests per chain, 108000 per kthread
[   54.934303][ T4598] loop9: detected capacity change from 0 to 7
[   54.954890][ T4602] loop4: detected capacity change from 0 to 512
[   54.961765][ T4602] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   54.966914][ T4598] Buffer I/O error on dev loop9, logical block 0, async page read
[   54.985605][ T4605] loop1: detected capacity change from 0 to 512
[   54.988003][ T4598] Buffer I/O error on dev loop9, logical block 0, async page read
[   54.999970][ T4598]  loop9: unable to read partition table
[   55.006910][ T4605] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   55.024362][ T4606] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[   55.024794][ T4598] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[   55.024794][ T4598] 
U�������) failed (rc=-5)
[   55.063141][ T4605] EXT4-fs (loop1): 1 truncate cleaned up
[   55.085330][ T4602] ext4 filesystem being mounted at /74/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   55.195388][ T3385] IPVS: starting estimator thread 0...
[   55.219016][ T4616] hub 9-0:1.0: USB hub found
[   55.236319][ T4616] hub 9-0:1.0: 8 ports detected
[   55.251247][ T4624] loop2: detected capacity change from 0 to 1024
[   55.288731][ T4629] Invalid ELF header magic: != ELF
[   55.302253][ T4624] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   55.303750][ T4622] IPVS: using max 2112 ests per chain, 105600 per kthread
[   55.356072][ T4624] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   55.396065][ T4624] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce028, mo2=0000]
[   55.418895][ T4624] EXT4-fs error (device loop2): ext4_map_blocks:674: inode #3: block 2: comm syz.2.439: lblock 2 mapped to illegal pblock 2 (length 1)
[   55.470974][ T4624] EXT4-fs (loop2): Remounting filesystem read-only
[   55.495203][ T4639] netlink: 12 bytes leftover after parsing attributes in process `syz.3.443'.
[   55.505673][ T4624] EXT4-fs (loop2): 1 orphan inode deleted
[   55.511953][ T4641] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[   55.609169][ T4644] loop2: detected capacity change from 0 to 512
[   55.637882][ T4644] ext4 filesystem being mounted at /80/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   55.696037][ T4644] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.445: bg 0: block 18: invalid block bitmap
[   55.710408][ T4656] loop3: detected capacity change from 0 to 256
[   56.002023][ T4676] ������: renamed from vlan1 (while UP)
[   56.031906][ T4676] loop4: detected capacity change from 0 to 512
[   56.039521][ T4679] hub 9-0:1.0: USB hub found
[   56.049925][ T4679] hub 9-0:1.0: 8 ports detected
[   56.074982][ T4676] EXT4-fs (loop4): too many log groups per flexible block group
[   56.082916][ T4676] EXT4-fs (loop4): failed to initialize mballoc (-12)
[   56.108430][ T4685] SELinux: syz.0.462 (4685) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[   56.123557][ T4687] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[   56.126196][ T4676] EXT4-fs (loop4): mount failed
[   56.148481][ T4685] netdevsim netdevsim0 netdevsim0: entered allmulticast mode
[   56.178278][ T4684] netdevsim netdevsim0 netdevsim0: left allmulticast mode
[   56.215793][ T4691] loop4: detected capacity change from 0 to 1024
[   56.230131][ T4691] EXT4-fs (loop4): inodes count not valid: 0 vs 32
[   56.295706][ T4699] netlink: 'syz.0.468': attribute type 1 has an invalid length.
[   56.337309][ T4699] 8021q: adding VLAN 0 to HW filter on device bond1
[   56.352825][ T4699] 8021q: adding VLAN 0 to HW filter on device bond1
[   56.361951][ T4699] bond1: (slave wireguard0): The slave device specified does not support setting the MAC address
[   56.373843][ T4699] bond1: (slave wireguard0): Error -95 calling set_mac_address
[   56.486351][ T4698] dccp_close: ABORT with 20 bytes unread
[   56.540875][ T4718] loop4: detected capacity change from 0 to 512
[   56.561980][ T4718] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   56.597162][ T4718] ext4 filesystem being mounted at /80/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   56.612673][ T4726] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[   56.650333][ T4728] loop2: detected capacity change from 0 to 2048
[   56.816488][   T29] kauditd_printk_skb: 94 callbacks suppressed
[   56.816505][   T29] audit: type=1400 audit(1744323982.535:1355): avc:  denied  { setattr } for  pid=4727 comm="syz.2.476" path="/90/file1/file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   56.851696][ T4737] loop3: detected capacity change from 0 to 512
[   57.039007][ T4737] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   57.235769][ T4737] ext4 filesystem being mounted at /99/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   57.250652][   T29] audit: type=1326 audit(1744323982.885:1356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4741 comm="syz.1.480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f564a28d169 code=0x7ffc0000
[   57.274091][   T29] audit: type=1326 audit(1744323982.885:1357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4741 comm="syz.1.480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f564a28d169 code=0x7ffc0000
[   57.297556][   T29] audit: type=1326 audit(1744323982.905:1358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4741 comm="syz.1.480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f564a28d169 code=0x7ffc0000
[   57.321058][   T29] audit: type=1326 audit(1744323982.905:1359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4741 comm="syz.1.480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f564a28d169 code=0x7ffc0000
[   57.344564][   T29] audit: type=1326 audit(1744323982.905:1360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4741 comm="syz.1.480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f564a28d169 code=0x7ffc0000
[   57.347730][ T4742] loop1: detected capacity change from 0 to 2048
[   57.367921][   T29] audit: type=1326 audit(1744323982.905:1361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4741 comm="syz.1.480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f564a28d169 code=0x7ffc0000
[   57.397883][   T29] audit: type=1326 audit(1744323982.905:1362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4741 comm="syz.1.480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f564a28d169 code=0x7ffc0000
[   57.421320][   T29] audit: type=1326 audit(1744323982.915:1363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4741 comm="syz.1.480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f564a28d169 code=0x7ffc0000
[   57.444709][   T29] audit: type=1326 audit(1744323982.915:1364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4741 comm="syz.1.480" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f564a28d169 code=0x7ffc0000
[   57.681459][ T4757] loop2: detected capacity change from 0 to 512
[   57.709859][ T4757] EXT4-fs (loop2): orphan cleanup on readonly fs
[   57.726615][ T4757] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.483: bg 0: block 248: padding at end of block bitmap is not set
[   57.760627][ T4757] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.483: Failed to acquire dquot type 1
[   57.803471][ T4757] EXT4-fs (loop2): 1 truncate cleaned up
[   57.949547][ T4769] loop2: detected capacity change from 0 to 512
[   57.965460][ T4774] syz_tun: refused to change device tx_queue_len
[   57.984185][ T4775] loop0: detected capacity change from 0 to 512
[   58.073290][ T4775] EXT4-fs (loop0): ea_inode feature is not supported for Hurd
[   58.090659][ T4781] loop1: detected capacity change from 0 to 256
[   58.104381][ T4775] netlink: 12 bytes leftover after parsing attributes in process `syz.0.491'.
[   58.127030][ T4781] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(7)
[   58.133621][ T4781] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   58.141252][ T4781] vhci_hcd vhci_hcd.0: Device attached
[   58.159406][ T4775] syz_tun: entered allmulticast mode
[   58.169866][ T4775] netlink: 156 bytes leftover after parsing attributes in process `syz.0.491'.
[   58.182265][ T4784] vhci_hcd vhci_hcd.0: pdev(1) rhport(1) sockfd(10)
[   58.188945][ T4784] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   58.196565][ T4784] vhci_hcd vhci_hcd.0: Device attached
[   58.210631][ T4775] syz_tun: left allmulticast mode
[   58.233459][ T4781] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   58.272465][ T4781] vhci_hcd vhci_hcd.0: pdev(1) rhport(3) sockfd(14)
[   58.279178][ T4781] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   58.286714][ T4781] vhci_hcd vhci_hcd.0: Device attached
[   58.322789][ T3385] vhci_hcd: vhci_device speed not set
[   58.356526][ T4784] vhci_hcd vhci_hcd.0: pdev(1) rhport(4) sockfd(12)
[   58.363234][ T4784] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   58.370992][ T4784] vhci_hcd vhci_hcd.0: Device attached
[   58.388321][ T3385] usb 3-1: new full-speed USB device number 2 using vhci_hcd
[   58.449484][ T4781] vhci_hcd vhci_hcd.0: pdev(1) rhport(5) sockfd(16)
[   58.456191][ T4781] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   58.463943][ T4781] vhci_hcd vhci_hcd.0: Device attached
[   58.519611][ T4784] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   58.531052][ T4769] ext4 filesystem being mounted at /92/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   58.557692][ T4781] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   58.586228][ T4781] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   58.644107][ T4795] vhci_hcd: connection closed
[   58.644465][ T4128] vhci_hcd: stop threads
[   58.653773][ T4128] vhci_hcd: release socket
[   58.658222][ T4128] vhci_hcd: disconnect device
[   58.664818][ T4782] vhci_hcd: connection reset by peer
[   58.670240][ T4791] vhci_hcd: connection closed
[   58.670490][ T4785] vhci_hcd: connection closed
[   58.675419][ T4789] vhci_hcd: connection closed
[   58.722674][ T4128] vhci_hcd: stop threads
[   58.731737][ T4802] loop4: detected capacity change from 0 to 512
[   58.731793][ T4128] vhci_hcd: release socket
[   58.742583][ T4128] vhci_hcd: disconnect device
[   58.748713][ T4128] vhci_hcd: stop threads
[   58.753016][ T4128] vhci_hcd: release socket
[   58.757447][ T4128] vhci_hcd: disconnect device
[   58.774302][ T4128] vhci_hcd: stop threads
[   58.778752][ T4128] vhci_hcd: release socket
[   58.783218][ T4128] vhci_hcd: disconnect device
[   58.792971][ T4802] EXT4-fs (loop4): orphan cleanup on readonly fs
[   58.813478][ T4802] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.497: bg 0: block 248: padding at end of block bitmap is not set
[   58.854605][ T4128] vhci_hcd: stop threads
[   58.858909][ T4128] vhci_hcd: release socket
[   58.863431][ T4128] vhci_hcd: disconnect device
[   58.874424][ T4808] hub 9-0:1.0: USB hub found
[   58.879171][ T4802] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.497: Failed to acquire dquot type 1
[   58.899501][ T4808] hub 9-0:1.0: 8 ports detected
[   58.927930][ T4802] EXT4-fs (loop4): 1 truncate cleaned up
[   58.948417][ T4798] netlink: 12 bytes leftover after parsing attributes in process `syz.0.495'.
[   58.972146][ T4814] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4814 comm=syz.3.501
[   58.986084][ T4814] netlink: 24 bytes leftover after parsing attributes in process `syz.3.501'.
[   59.032583][ T4818] Invalid ELF header magic: != ELF
[   59.270865][ T4846] loop2: detected capacity change from 0 to 1024
[   59.284532][ T4848] Invalid ELF header magic: != ELF
[   59.313347][ T4846] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   59.332967][ T4846] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   59.371513][ T4853] loop1: detected capacity change from 0 to 512
[   59.372746][ T4846] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce028, mo2=0000]
[   59.387314][ T4832] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   59.398693][ T4832] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   59.404936][ T4846] EXT4-fs error (device loop2): ext4_map_blocks:674: inode #3: block 2: comm syz.2.517: lblock 2 mapped to illegal pblock 2 (length 1)
[   59.421641][ T4853] EXT4-fs (loop1): ea_inode feature is not supported for Hurd
[   59.430980][ T4846] EXT4-fs (loop2): Remounting filesystem read-only
[   59.441792][ T4846] EXT4-fs (loop2): 1 orphan inode deleted
[   59.479958][ T4853] netlink: 12 bytes leftover after parsing attributes in process `syz.1.519'.
[   59.518197][ T4853] syz_tun: entered allmulticast mode
[   59.538130][ T4853] netlink: 156 bytes leftover after parsing attributes in process `syz.1.519'.
[   59.560531][ T4853] syz_tun: left allmulticast mode
[   59.597022][ T4869] hub 9-0:1.0: USB hub found
[   59.606347][ T4869] hub 9-0:1.0: 8 ports detected
[   59.764111][ T4893] FAULT_INJECTION: forcing a failure.
[   59.764111][ T4893] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   59.777355][ T4893] CPU: 1 UID: 0 PID: 4893 Comm: syz.1.539 Not tainted 6.15.0-rc1-syzkaller-00095-g2eb959eeecc6 #0 PREEMPT(voluntary) 
[   59.777386][ T4893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   59.777423][ T4893] Call Trace:
[   59.777431][ T4893]  <TASK>
[   59.777440][ T4893]  dump_stack_lvl+0xf6/0x150
[   59.777469][ T4893]  dump_stack+0x15/0x1a
[   59.777489][ T4893]  should_fail_ex+0x261/0x270
[   59.777517][ T4893]  should_fail+0xb/0x10
[   59.777557][ T4893]  should_fail_usercopy+0x1a/0x20
[   59.777588][ T4893]  _copy_to_user+0x20/0xa0
[   59.777628][ T4893]  simple_read_from_buffer+0xb2/0x130
[   59.777665][ T4893]  proc_fail_nth_read+0x103/0x140
[   59.777692][ T4893]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   59.777734][ T4893]  vfs_read+0x1b2/0x710
[   59.777770][ T4893]  ? __rcu_read_unlock+0x4e/0x70
[   59.777801][ T4893]  ? __fget_files+0x186/0x1c0
[   59.777830][ T4893]  ksys_read+0xeb/0x1b0
[   59.777863][ T4893]  __x64_sys_read+0x42/0x50
[   59.777896][ T4893]  x64_sys_call+0x2a3b/0x2e10
[   59.777938][ T4893]  do_syscall_64+0xc9/0x1c0
[   59.777970][ T4893]  ? clear_bhb_loop+0x25/0x80
[   59.777996][ T4893]  ? clear_bhb_loop+0x25/0x80
[   59.778043][ T4893]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   59.778066][ T4893] RIP: 0033:0x7f564a28bb7c
[   59.778083][ T4893] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   59.778104][ T4893] RSP: 002b:00007f56488ef030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   59.778121][ T4893] RAX: ffffffffffffffda RBX: 00007f564a4a5fa0 RCX: 00007f564a28bb7c
[   59.778133][ T4893] RDX: 000000000000000f RSI: 00007f56488ef0a0 RDI: 0000000000000008
[   59.778147][ T4893] RBP: 00007f56488ef090 R08: 0000000000000000 R09: 0000000000000000
[   59.778161][ T4893] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   59.778202][ T4893] R13: 0000000000000000 R14: 00007f564a4a5fa0 R15: 00007fff252ef078
[   59.778225][ T4893]  </TASK>
[   60.011666][ T4901] hub 9-0:1.0: USB hub found
[   60.047115][ T4901] hub 9-0:1.0: 8 ports detected
[   60.094222][ T4907] loop0: detected capacity change from 0 to 512
[   60.102170][ T4909] loop2: detected capacity change from 0 to 512
[   60.129423][ T4907] EXT4-fs (loop0): too many log groups per flexible block group
[   60.137366][ T4907] EXT4-fs (loop0): failed to initialize mballoc (-12)
[   60.146131][ T4909] EXT4-fs (loop2): ea_inode feature is not supported for Hurd
[   60.154208][ T4907] EXT4-fs (loop0): mount failed
[   60.164817][ T4909] netlink: 12 bytes leftover after parsing attributes in process `syz.2.545'.
[   60.179579][ T4909] syz_tun: entered allmulticast mode
[   60.185990][ T4909] netlink: 156 bytes leftover after parsing attributes in process `syz.2.545'.
[   60.198810][ T4909] syz_tun: left allmulticast mode
[   60.313231][ T4922] loop1: detected capacity change from 0 to 2048
[   60.356466][ T4925] x_tables: duplicate entry at hook 3
[   60.371104][ T4903] netlink: 12 bytes leftover after parsing attributes in process `syz.3.543'.
[   60.373151][ T4922]  loop1: p1 < > p3
[   60.405036][ T4922] loop1: p3 size 134217728 extends beyond EOD, truncated
[   60.415610][ T3004] ==================================================================
[   60.423775][ T3004] BUG: KCSAN: data-race in d_delete / lookup_fast
[   60.430313][ T3004] 
[   60.432647][ T3004] read-write to 0xffff8881058ada80 of 4 bytes by task 3296 on cpu 0:
[   60.440806][ T3004]  d_delete+0x15a/0x180
[   60.445033][ T3004]  d_delete_notify+0x34/0x100
[   60.449729][ T3004]  vfs_unlink+0x320/0x430
[   60.454076][ T3004]  do_unlinkat+0x21b/0x4b0
[   60.458509][ T3004]  __x64_sys_unlink+0x2e/0x40
[   60.463203][ T3004]  x64_sys_call+0x2358/0x2e10
[   60.467890][ T3004]  do_syscall_64+0xc9/0x1c0
[   60.472408][ T3004]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   60.478309][ T3004] 
[   60.480631][ T3004] read to 0xffff8881058ada80 of 4 bytes by task 3004 on cpu 1:
[   60.488177][ T3004]  lookup_fast+0xf0/0x310
[   60.492514][ T3004]  walk_component+0x3f/0x240
[   60.497111][ T3004]  path_lookupat+0x103/0x2a0
[   60.501708][ T3004]  filename_lookup+0x14b/0x340
[   60.506479][ T3004]  do_readlinkat+0x8b/0x210
[   60.511000][ T3004]  __x64_sys_readlink+0x47/0x60
[   60.515885][ T3004]  x64_sys_call+0x2a81/0x2e10
[   60.520595][ T3004]  do_syscall_64+0xc9/0x1c0
[   60.525122][ T3004]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   60.531026][ T3004] 
[   60.533350][ T3004] value changed: 0x00300108 -> 0x00004008
[   60.539094][ T3004] 
[   60.541416][ T3004] Reported by Kernel Concurrency Sanitizer on:
[   60.547568][ T3004] CPU: 1 UID: 0 PID: 3004 Comm: udevd Not tainted 6.15.0-rc1-syzkaller-00095-g2eb959eeecc6 #0 PREEMPT(voluntary) 
[   60.559551][ T3004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   60.569630][ T3004] ==================================================================
[   60.653150][ T3004]  loop1: p1 < > p3
[   60.672994][ T3004] loop1: p3 size 134217728 extends beyond EOD, truncated
[   60.740917][ T3533] udevd[3533]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[   60.752068][ T3287] udevd[3287]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[   63.452816][ T3385] usb 3-1: enqueue for inactive port 0
[   63.458432][ T3385] usb 3-1: enqueue for inactive port 0
[   63.532788][ T3385] vhci_hcd: vhci_device speed not set