last executing test programs:

5.100650467s ago: executing program 0 (id=856):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x12, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x801}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000e00)={&(0x7f0000000980)='sys_exit\x00', r1}, 0x10)
r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8)
write$cgroup_int(r3, &(0x7f00000001c0), 0xfffffdef)

4.131896599s ago: executing program 0 (id=866):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000)
r2 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r2, &(0x7f00000001c0)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc)
r3 = syz_io_uring_setup(0x497, &(0x7f0000000540)={0x0, 0x4660, 0x400, 0x3, 0x34e}, &(0x7f00000004c0)=<r4=>0x0, &(0x7f0000000480)=<r5=>0x0)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
ioctl$TIOCSETD(r6, 0x5423, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r2, 0x0, 0x0})
io_uring_enter(r3, 0x3498, 0x969, 0xffff0000000000a1, 0x0, 0x0)
r7 = dup3(r3, r1, 0x80000)
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000140), 0x14)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r9 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x4, &(0x7f0000000500)=ANY=[@ANYRES16=r9], 0x0, 0x7, 0x0, 0x0, 0x0, 0x10}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r10}, &(0x7f0000000180), &(0x7f00000001c0)=r9}, 0x20)
r11 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000008c0)={0x1b, 0x0, 0x0, 0x5, 0x0, r7, 0x4, '\x00', 0x0, r7, 0x5, 0x2, 0x3}, 0x50)
r12 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000940)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0x0, '\x00', 0x0, r7, 0x3, 0x1, 0x1}, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000009c0)={r7, <r13=>0xffffffffffffffff}, 0x4)
r14 = syz_open_procfs(0x0, &(0x7f0000000200)='coredump_filter\x00')
fcntl$setstatus(r14, 0x4, 0x40800)
syz_io_uring_setup(0x416f, &(0x7f0000000780)={0x0, 0xfffffffd, 0x10100, 0x200, 0x1}, &(0x7f0000000100)=<r15=>0x0, &(0x7f0000000300)=<r16=>0x0)
syz_io_uring_submit(r15, r16, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r14, 0x792, &(0x7f00000004c0)=[{&(0x7f0000000000)=""/4, 0x4}], 0x1})
bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x1b, 0x1e, &(0x7f00000005c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x1}, [@btf_id={0x18, 0x0, 0x3, 0x0, 0x1}, @alu={0x4, 0x0, 0x6, 0x6, 0x9, 0x20, 0x8}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xa43e}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r7}}, @ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xffffffc0}}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @jmp={0x5, 0x0, 0x3, 0x3, 0x5}]}, &(0x7f0000000000)='GPL\x00', 0x8, 0x48, &(0x7f00000003c0)=""/72, 0x40f00, 0x17, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x8, &(0x7f0000000280)={0x3, 0x2}, 0x8, 0x10, &(0x7f0000000300)={0x1, 0x5, 0x2, 0x8}, 0x10, 0x0, r8, 0x5, &(0x7f0000000a00)=[r7, r10, r11, r12, r13, r14, r7, r7, r7], &(0x7f0000000b00)=[{0x2, 0x5, 0xb}, {0x3, 0x3, 0x4, 0x9}, {0x5, 0x5, 0x4}, {0x2, 0x4, 0x10, 0x9}, {0x5, 0x4, 0xe, 0xb}], 0x10, 0xb}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
r17 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r17, &(0x7f0000000040)=0xfe8e, 0x12)

3.791575951s ago: executing program 0 (id=871):
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000)
r1 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r1, &(0x7f00000001c0)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc)
r2 = syz_io_uring_setup(0x497, &(0x7f0000000540)={0x0, 0x4660, 0x400, 0x3, 0x34e}, &(0x7f00000004c0)=<r3=>0x0, &(0x7f0000000480)=<r4=>0x0)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
ioctl$TIOCSETD(r5, 0x5423, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r1, 0x0, 0x0})
io_uring_enter(r2, 0x3498, 0x969, 0xffff0000000000a1, 0x0, 0x0)
r6 = dup3(r2, r0, 0x80000)
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000140), 0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x4, &(0x7f0000000500)=ANY=[@ANYRES16=r7], 0x0, 0x7, 0x0, 0x0, 0x0, 0x10}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r8}, &(0x7f0000000180), &(0x7f00000001c0)=r7}, 0x20)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000008c0)={0x1b, 0x0, 0x0, 0x5, 0x0, r6, 0x4, '\x00', 0x0, r6, 0x5, 0x2, 0x3}, 0x50)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000940)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0x0, '\x00', 0x0, r6, 0x3, 0x1, 0x1}, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000009c0)={r6}, 0x4)
r9 = syz_open_procfs(0x0, &(0x7f0000000200)='coredump_filter\x00')
fcntl$setstatus(r9, 0x4, 0x40800)
syz_io_uring_setup(0x416f, &(0x7f0000000780)={0x0, 0xfffffffd, 0x10100, 0x200, 0x1}, &(0x7f0000000100)=<r10=>0x0, &(0x7f0000000300)=<r11=>0x0)
syz_io_uring_submit(r10, r11, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r9, 0x792, &(0x7f00000004c0)=[{&(0x7f0000000000)=""/4, 0x4}], 0x1})
r12 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r12, &(0x7f0000000040)=0xfe8e, 0x12)

3.616428828s ago: executing program 0 (id=875):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, 0x0, 0x0)
sendmsg$NFT_BATCH(r0, 0x0, 0x0)
close(r0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0x2000000000000129, &(0x7f0000002a40)=ANY=[@ANYBLOB="945159e3e2b0e0965f0e05f9", @ANYBLOB="2965b10e6cd52d5e7699ed4feffd21a2fd5f3f9ded57c3e993307c515b39e98c012049cb949d5737f0f1e4dda7bacecaefe17eaf0ac1ac4db82ff68dba1737f631300567aab63da1729d6c91dfadd3e3e3d588420c0530aa77ea0a6ddf5a37b08e28213d0d1d4441d8ae764f06b7ad50d3f3af1b9221b84950ab661f63e7ea6960aa1afcccc0f822322f475d4121ef909095fc0433d842f14b1fcb86239b7fa4df70272d8c8abfd8f5083b0a78c0e488f3fa8789d2278621f2f70355feea01", @ANYBLOB="5285ece0f950e8e56603df78885de9d2a73745d70ef8e08d4c0dcf43d87963ef72332a4d6af9bb71974abaa050e2666dc1e84af4d2fc1f3d4370292066507a4815075ee978b892e0e71016c9f033bc151fece09f13421ac69145a254f78b2770627337ee0a9921167dd2bef44f416fc5a34d0d51f361959dc56f5c05c9a5043c07c21bd158ea2b2b3c2304739d4d84fe6d48ca3afd62bd6023bc55d294d8f89c3601897d93f84a732d54bf1e3ef28473554b5c5abdcfbfc9c283c562ae07cd7de120b1775775badcf731c62fd981ba5699efdd519ed97f0108ebccd8ba5538262419f10e5fc170741de99eece013e6b02364381e619c54282adf9db01666694b1f65d6bae84df306c442978addefa26580dedcc4583b758643991b7a8d7074004ebd9518cca5ba818e95bc05767260969f3ccef17bce75a95b91ee55f8b1de138d6227514ea417439769459a3146c5f17cc63ef2ef362584ff8a89d957b43e06abad7a80da6d5400f816b89ad8b62e26947adf20d93b1390d826c9b203506d8a5969b95b3b11735431a8f93ed21b76265593c475c895057eafd93ef6086c8a268edaa46473df8b783582ec0bc185d6ff3d377d978f5b8e9c76f0598aedab0b824a4f3d751d0b9bd228b36d8b3c22522fa96df46f9fc1846acd888cc5c5820b36d093b29376ec5d7d7a4a3e3e88a09d1f0eb74c9c2750306157734522d1615768119ef0368a51099dc28bcaee7437dcc7f4e0c2a5f1e08f8628652429c1bb971673bc64dd2a0c622d4fb4c38bfe35d350df884f5ea8e79e2d694c64692cd40d8e561acce6d22a85bec668263faedc938ff323c1355648ab1206761e21da7647187768a63842d81c8c88de0212364086e53ef0848878bbfaa00ec85a90143ca5a159bfc8491994adabdb93c6199569bd2e73a45e8c575a4eb7c45ac95f8e4c648b2db47c3c2d5b75ec8fc6a32e29c581a9126e79b8a68da51dbed7d6e496e9f5397274268831b0710b6e35e5a8cc5c71aed057a031d6b2a9614184b93730415e5af1c53e4c59cbecc08dd2fc29124a80787f9aceb0f6334d8139d01cd316813dd4219735e09571c45db51692831555d5adb36ef9ae06491acb2188ed79f541b4bee8a6581a1aacbc87b7ee94fdaa7b113106510e03b7a90d6a181b8c7ee0375cf869d197af1f195bbb160839447c138431f38f382e822753af9d63183ca51828b3f4caddaa824a4e70549e01fb107ddcc8f6532dff73b85e5f25a4599082ab41d4a2d409512e333c8835cacdd00375d244de28b044178f3e093cc9e8bfcb747d4b919af6ac306f9ee5200af5faa6543ee0526ca66c7253df7476199ffae267cc2c568dee5426fb8e9e337672af9bc50f8ab35195ffc445414a3238e8e8f93ae7cb188ab2dc424a07da0a3ac38b53a667b4edb63b07e25e499c9accc804959d700e5224fe428f82ac820326dbde58ed807a0c9f2fc43c230e3b4e0fa17f2f20d820fcf1e316baa21c427e8f132a9b47715e2bdc15f8db9e16890f44b45a7fb6b2e1c5b9e484f0142688b45759151f7e576bafb66dbeff507ab22f5b2b0aa6d37b96cfe3c5c37f8cc5163a68518c7381df1c94b76fcf8a12d076d578c8c2b6a89350855b31570bd5e5ae14e92f58c656fc205df233b238cc60a6d59a33faa51003295eab0e836e9c4d04716208979b5f03706e52cf4cf4dc81a55b3f2bcf71ed6cb549f9a4e9448edf6753792bd63b694c0b1ddb15660f209c9c668d0687eb406769497c9aae9372f01cddf9527e51b7695a6f77160a379102cc35d39a51d7b73295686af26962574bd8623dfaf1ca1746827dcbdca5cf359f6a5ada0a72c74e26f3ef32276175ae2f7d7133b86edca1cea9789d23bac863035dc738c6436bfaa163246a296fc3c85fa45b0b6dc7a4002e317b9469dbb83d966059d02a70975d537803e5970230c4ad30c9c1df40607b802f04c992cb0d9a58e69e28e246ce2840c8c2edd28a7b469988656a75723dc8da99a1935ee8011940fec9a0681090224e66f1f4a253cb948877af0edeaf0d2941f6b897d991aac14beb67899faeafc313f83b4cfd5297434cd5445d3a3c4c4db6630976f917a1a3ee050cad09ae827c3defdf262d439a4ca9d266335e09fdbe854591fac0b13ed17b2de6c6b81df2ce02faf465234779d57623d62ace40a6169885010fd665bc41cbc2f10238dd5896439c106b2002a05ed3d3e0cd89a637d7d8da448431eba6b6f862b5591bb1a8c36ce7332b796505d03e0d978ac319ead3af8f1960710bce0d64f97023100364150f81557ad6f95d64c09a8734ae835d18d85f1833a9d3253efffc3f6b410f60389b7c21e8df4d6d29ddd776b1537e8e40876ba5d8e5ad2992cfa9cd19c4f529efa9a05286174efd28a2f45522b6878ee78efe1c5fb2a2a34546b7d3da19858289bf11da7d5b591e6fd78654b81613308fe0a7b0aa1b876468b9224d0c1ff1e5e09d3bbe3ace05ed875102ef3c06d0047f9d9ae212d86510faf37f6c9a2e031a01e7e4f0a07d2e4e8cd5ed90ef5e537cf63f714dc4b21823fa7bd26202fa3f2e12cbe27ea6f91bf49ba91f3b1dd97446a5a1607825d230233dfa3961e75575e69e402156df33c45d97d3d65b07d76d69121ddc5e4935b0f6079c73e132dc9ad01c6918f90cc9d36319e6c7366b15da1aaa978c4d321fa62efdcf1a7492a676d1840bc8913f941e8155bb712ff7d91db02fe1131a44a2a8b17187a40f3cf5bf7930a3acd6ce48a97588362bb53ae169f657212534bc61d08c9488fbc580924de5e26092e3b461e26651760f79b31b790003b9c4da6d4969f3765676af36ffe53c7058a394823497cdfef11f8dc37f5db9c07a3ece1d23cf1e2d851aa3574c96f353e58f8f8465a3f99872a28e4b493b2d5bf7a07cca3227f09a773c772f9e0e178fee7abd4a174a5c70d0bf2f9d3f478de475d45877bd9abee3a1b5cd45cb5cf084948087a5696c7ccd0f616dc0f052336ce4d21b17917296d9c5ba9c1425ca3c6c0c12428290af866d2a729daf7282b069a16a28d07185152edcd8ca6f496d715e47a7f86d35c00402d0b0e8fe38de4da95f504dc32b3bd57ab771ca4ba982e11d17153f93aaa778ef7e1f2ed256df9228bfbc0d47da16b6da81a74fc53e457e05d8779f0bb5bf354c2e0f307403f065bd4178c58d888721664db57abbc27bb29c80dbacbabab793d04dcc2702b58d25c4dcfd7b7a305d299da7be3951b9a84c6360cdc5e66c21f7c122db3d59dfdb7d815102ef422608e9404f457da7d0ccc5ed6dd21ed8235097c820ccf58d43ce9df7379e25d9d27cb216921ecb4f8f24272b20340f277cab2110e590f1d315d0db8e1f76935f0b79676f4c7cfb9bc30b531a51d5739946dffe6bc655a9fb67a1c07cdd59d7f59bb4a901408c7497efa0947c4b201021eb6621be4e18f5a4e3901212bebfcdcb9d59fefe3c31973d731e7d8ecbb62f818889d3a8501278a2b91294fff9765e7444a1af146260510a6d26fcfb41b9c9d61b3d309ca2b81364a059f0169226a9bfb1e4bc0467a3a1d6ead4757185d3b859ab09ddddd77dad54d873ab94b09a1f4f626b281a755d081dc12ebdc871b2ccc423a6e660c95cf91abbaf006e88958926b7f8b580bde75bcfa7c4bdde1334b650248d5a5f4fc9f89821d1cf7fb1473f674117c7ed3ed003f4737f3ff59acc215a70a07aa4351fe14aac48e4a26aee5132f79bd9a72a88e83e690823c11eaefaf8030412d912dac845d7f1664bbbcd9fa5c0367975a83e8547097f31aef79ba4ee3ff7247ac0702ab3df7d850a50a498cebbaa49c3741b5dc100d315a793466537371a260e60a9f1888fa68b6161e7cdc1f31e629862ed269d6cf67ea0113bf9ef23ca0fd987000fc48d1e8f9e6669893b5c316c0d746c275cd211b738be8a93df7fb5e68db550a1d9b5387ed4c1d397e3958083944ea2c956d7ba90c3a9ef2ecaf7db5aa639a32f5efc54577c857efaa7dbda8067071822386039b5d9e528a03fe5ec45e390ed5b5ec00d82ff56d9c13fd846f3a715ca84ba14d36e505a5d02fa1ed4e815b966d2b88298441cf3164651b79a3d22626e719bf3f9ac44702fd5bd53ef5cfb8268e2c719e78a74c30df12101ed45621e8f8299119dded41dd9a5c3f657ff9a429eccc816a776694d1c74766af20eb6988cbfb9d807a8a53f60cb147addba2f5366ef7291dc62341d27a570b19f8a728a5b45b593e3c1dc36d48013a0f18a29ed0ce88e3f2d725cfae93095a3cdcc4f66fc98ff65219adbbe778a75a17df0bb256a110aede52476f88c5530387eb422be4c8d15f832c74a8af1541f6d6829d4a7c74483696bb98a390864726ba6f0bd068bae9d85f95098354e5416e40c7623201a7dc291514f47ff8ee75123a2f1ad8631c44633357e08d20f336d48b524cb25c21f5d2ebf681eea7aac646546ef5d72c18394e63f61b5cebfda6af79efa077f5c892c4af36734dafa568cb6086f1ae3de37898cd6c59da97a5d15ae5c4c942b1627a36ae11c8f1b5d40e7dabe453d6a45933f48569d11356e76e516e59643d67ad66c02bca913949092c2b05485e5b73ca4587bb49d80e31820a975c3799c4d53a01da7fa2e7caad57a414a196732677254f20e71db6af79ed7708cc7488cc090b0777cea2ceb7f56464620ea4164d7822b11de028cb8bc5dc38d4a5e8c15ccb0d51dbc8493293158b2473dcf018cc1ce65b179e80ccbc632f7883d7a7f77be164f3bbb1597b701bf89b1475119eb8f47774fd449890dd2926d67070a2fa6fd280b797fb2093fdb69f3c8eecc4a726dee18f617bf83110e1844a340bfed2901a22080e83dbce633c966b64478050120a194ea6500cc4c5c7a393c78fcec00073f3df8960fd61c766bb9365ca103625fb0d13b77d83176ed1e575fbcc3d3fea43cfd15d78d7290277cc02e805407f9b24715c965ae011942694ee5b20d4f074d9a04bd3f0528618dd4392196ba25982bcfecb2ba85ce4c56509971994ab3a9d1333b6a9a84da29866c1542629b7ee018804a887e25906b4b4a6bc124db1995cac6f5bcee4136aadf62cd752dd4d11770126668017e61cafdb26c5338c7f8ee98aa5da5deec4407b4f7c79b550ac9e6735616b45d55f0552f8b352b2f380d3e55a0526435f9c0829928c3a6e5bc2deef38b3d04ac46fc94312f89603118a1f13ab1728262d049bc1a728baf4a307df4b4b03fa57938d5f23588e04bc2bb9b251c9d64253bb547cbdb44cc5dde6aaa7232cb85702d1517a82baad902ec806c29247f0d00fbdff71cf09a82bda5ab2045bf27d1e3543842415002e6b8cc7a5b86553b7460bdcde3dc1398f505ee222733e68524919405a3d2dcebeae87ee34f51af53725794d715eaaa9637732fde871eee647284c137951098fd512b28f9de545befec4c45283824fcde0d1b15a9c1d1d16f1e71708cc11ac3ff0b4339a6711e6a112f0d622ffb0ba078f3b76ca0fa6061ec9d6b16ba563ba58c6754639e978a7623ce939f8a416fab75d25516709ce4c180b23066c2b17cdf5db60e0471d1fa9ec8a9f9883f6f2dede477c62f32a462c09f63eb6a6f9b0fef11fac929c9a73b0a04ebfabb10f0d7b1bf39289ddca72b6d93ed396fc4c3195e49abd4680e10a79b3d4504223655f3121e72c7cf36f3da183d7525bf7ef00535343ec37c93d522e8e0a7b921111f750ab6b82b30d27c7b28ea25d960891940564dd46e01da222e72237dbaa06a211a3d9522478a8245ae01808fe930c54d030802", @ANYRESDEC, @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
sched_setaffinity(0x0, 0x0, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet6_udp(0xa, 0x2, 0x0)
syz_clone(0xe50c1700, 0x0, 0x0, 0x0, 0x0, 0x0)

2.999911666s ago: executing program 1 (id=883):
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f0000000000)=<r2=>0x0)
bind$nfc_llcp(r0, &(0x7f0000001040)={0x27, r2, 0xffffffffffffffff, 0x5, 0x0, 0x0, "d92984bd1ca44c226af5160e961711a077609475b78411e88509de050000000000f2170e65e3f50327e422000000000000000000000200000000001900", 0x3c}, 0x60)
close(r1)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
socket$rds(0x15, 0x5, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB, @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x3, 0x0, 0x3, 0x0, 0x2, 0xfffffffffffffffc}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x10000000000000, 0xc, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
close(0x4)

2.96073739s ago: executing program 1 (id=886):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x12, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x801}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000e00)={&(0x7f0000000980)='sys_exit\x00', r1}, 0x10)
r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8)
write$cgroup_int(r3, &(0x7f00000001c0), 0xfffffdef)

2.101489451s ago: executing program 1 (id=898):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x12, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000070000000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x801}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000e00)={&(0x7f0000000980)='sys_exit\x00'}, 0x10)
r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8)
write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef)

2.053296916s ago: executing program 1 (id=899):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x4000, 0x0, 0x0, 0x0, 0x0, 0xc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8080, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000500)={'pimreg1\x00', 0x2})
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
read(r1, &(0x7f0000000040)=""/170, 0xaa)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x42, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
r4 = syz_io_uring_setup(0x3e27, &(0x7f0000000040)={0x0, 0xfd71, 0x0, 0x0, 0x287}, &(0x7f00000000c0), &(0x7f0000000100))
io_uring_register$IORING_REGISTER_FILES(r4, 0x2, &(0x7f0000000180)=[0xffffffffffffffff, 0xffffffffffffffff], 0x2)
r5 = syz_open_procfs(0x0, &(0x7f0000000240)='fdinfo/3\x00')
lseek(r5, 0x4, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000600)='sched_switch\x00', r3, 0x0, 0x7}, 0x18)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811fde3", @ANYRES32=<r7=>r6, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8e}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r6}, &(0x7f00000003c0), &(0x7f00000001c0)=r0}, 0x20)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r9, <r10=>0xffffffffffffffff}, 0x4)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000a40)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r10, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000240)='kmem_cache_free\x00', r11}, 0x18)
r12 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r12, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x4a0, 0x1e8, 0xffffffff, 0xffffffff, 0x1e8, 0xffffffff, 0x3d0, 0xffffffff, 0xffffffff, 0x3d0, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@remote, @loopback, [0xff, 0xff, 0xff, 0xff], [0xff000000, 0xff, 0xff], 'team_slave_0\x00', 'netdevsim0\x00', {}, {0xff}, 0x29, 0x3, 0x0, 0x60}, 0x0, 0x1a0, 0x1e8, 0x60030000, {0x0, 0xff000000}, [@common=@inet=@recent0={{0xf8}, {0x9, 0x0, 0x24, 0x0, 'syz1\x00'}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x1, 0xc9, 0x7a3, 0x6, 'snmp_trap\x00', {0x369bc443}}}}, {{@ipv6={@remote, @local, [0xffffff00, 0xffffffff, 0x0, 0xffffff00], [0xffffffff, 0xffffff00, 0xffffffff, 0xff000000], 'netpci0\x00', 'bridge_slave_1\x00', {}, {0xff}, 0x2b, 0x2, 0x5, 0x5}, 0x0, 0x1c8, 0x1e8, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x29, 0x1, 0x1, 'syz0\x00'}}, @inet=@rpfilter={{0x28}, {0x1c}}]}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x500)
tkill(r2, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r8}, 0x10)
pipe2(&(0x7f0000001cc0)={<r13=>0xffffffffffffffff}, 0x80000)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="71ca44c57472616e733d66642c7266", @ANYRESHEX=r13, @ANYBLOB=',wfdno=', @ANYRES32=r7, @ANYBLOB="486e3d6978b51c12", @ANYRESDEC=0x0, @ANYBLOB=',\x00'])
socket$nl_generic(0x10, 0x3, 0x10)

1.870792943s ago: executing program 3 (id=904):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x4000, 0x0, 0x0, 0x0, 0x0, 0xc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8080, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000500)={'pimreg1\x00', 0x2})
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
read(r1, &(0x7f0000000040)=""/170, 0xaa)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x42, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
r4 = syz_io_uring_setup(0x3e27, &(0x7f0000000040)={0x0, 0xfd71, 0x0, 0x0, 0x287}, &(0x7f00000000c0), &(0x7f0000000100))
io_uring_register$IORING_REGISTER_FILES(r4, 0x2, &(0x7f0000000180)=[0xffffffffffffffff, 0xffffffffffffffff], 0x2)
r5 = syz_open_procfs(0x0, &(0x7f0000000240)='fdinfo/3\x00')
lseek(r5, 0x4, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000600)='sched_switch\x00', r3, 0x0, 0x7}, 0x18)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811fde3", @ANYRES32=r6, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8e}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r6}, &(0x7f00000003c0), &(0x7f00000001c0)=r0}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r7, <r8=>0xffffffffffffffff}, 0x4)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000a40)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r8, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000240)='kmem_cache_free\x00', r9}, 0x18)
r10 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r10, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x4a0, 0x1e8, 0xffffffff, 0xffffffff, 0x1e8, 0xffffffff, 0x3d0, 0xffffffff, 0xffffffff, 0x3d0, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@remote, @loopback, [0xff, 0xff, 0xff, 0xff], [0xff000000, 0xff, 0xff], 'team_slave_0\x00', 'netdevsim0\x00', {}, {0xff}, 0x29, 0x3, 0x0, 0x60}, 0x0, 0x1a0, 0x1e8, 0x60030000, {0x0, 0xff000000}, [@common=@inet=@recent0={{0xf8}, {0x9, 0x0, 0x24, 0x0, 'syz1\x00'}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x1, 0xc9, 0x7a3, 0x6, 'snmp_trap\x00', {0x369bc443}}}}, {{@ipv6={@remote, @local, [0xffffff00, 0xffffffff, 0x0, 0xffffff00], [0xffffffff, 0xffffff00, 0xffffffff, 0xff000000], 'netpci0\x00', 'bridge_slave_1\x00', {}, {0xff}, 0x2b, 0x2, 0x5, 0x5}, 0x0, 0x1c8, 0x1e8, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x29, 0x1, 0x1, 'syz0\x00'}}, @inet=@rpfilter={{0x28}, {0x1c}}]}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x500)

1.616224347s ago: executing program 3 (id=907):
unshare(0x22020600)
r0 = epoll_create1(0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xe, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYRESDEC=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r1, 0x0, 0xb}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r3, 0x40345410, &(0x7f00000083c0)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r3, 0x40505412, &(0x7f00000000c0)={0x7, 0x9dc5, 0x9, 0x0, 0xf})
sendmsg$nl_route_sched(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=@newtaction={0x64, 0x30, 0xb, 0x0, 0x25dfdbfb, {}, [{0x50, 0x1, [@m_ct={0x4c, 0x1, 0x0, 0x0, {{0x7}, {0x24, 0x2, 0x0, 0x1, [@TCA_CT_MARK={0x8, 0x10, 0x8}, @TCA_CT_PARMS={0x18, 0x1, {0x0, 0x20, 0x3}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x64}}, 0x0)
fcntl$dupfd(r0, 0x2, 0xffffffffffffffff)

1.571389031s ago: executing program 3 (id=909):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, 0x0, 0x0)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r1, &(0x7f00000000c0)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x2, 0x3}}, 0x26)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000680)='kfree\x00', r3}, 0x62)
close(r1)

1.547895423s ago: executing program 3 (id=910):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x12, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000070000000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x801}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000e00)={&(0x7f0000000980)='sys_exit\x00'}, 0x10)
r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8)
write$cgroup_int(r2, &(0x7f00000001c0), 0xfffffdef)

1.497608548s ago: executing program 3 (id=912):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={0xffffffffffffffff, 0x0, 0x0, 0x4b, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0}, 0x50)
syz_io_uring_setup(0x2b97, &(0x7f0000000400)={0x0, 0xc890, 0x4000, 0x4, 0x2}, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newqdisc={0x34, 0x24, 0xc17, 0x70bd29, 0x0, {0x60, 0x0, 0x0, 0x0, {0xfff3, 0xfff1}, {0x9, 0xa}, {0xf, 0x1}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0xffffffffffffff1e}, 0x1, 0x0, 0x0, 0x48090}, 0x4000)
r1 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_INIT(r1, 0x29, 0xc8, &(0x7f0000000340), 0x4)
setsockopt$MRT6_ADD_MIF(r1, 0x29, 0xca, &(0x7f0000000040)={0x0, 0x1, 0xe}, 0xc)
setsockopt$MRT6_FLUSH(r1, 0x29, 0xd4, &(0x7f0000000080)=0x6, 0x4)

1.382584849s ago: executing program 3 (id=917):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x8}, 0x18)
add_key(&(0x7f0000000400)='asymmetric\x00', 0x0, &(0x7f0000000480)='0y', 0x2, 0xfffffffffffffffd)
splice(r0, 0x0, r1, 0x0, 0x7, 0x1)
write$P9_RWRITE(r1, &(0x7f0000000040)={0xb}, 0x11000)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x4, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3}, 0x43)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x18, 0x7, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000e50003000000000085100000fcffffff250000001000000006000000faffffff95"], &(0x7f0000000140)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000}, 0x94)

1.087419897s ago: executing program 1 (id=926):
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000200)="0000000000aa303e97380e90231bdbdaf6a4bd866226b7cdb7c26858c4e4fd703be2f51ed6ddc4a47116ec2db75c7042a22491af0ffea4174a9de3350c0a498396b28c7d1784d04aa38922721cb7816094cb82950fd012efd26d", 0x5a}, {&(0x7f0000000900)="0f198d5aa5caa1c55b84b414797cbdd4e8c576a921a070fc828060506683fd1106a961ac55b5b8ea3342ca7de5559ca2c14e05e42aed8ba14b2c78cb540f71a817d80fbf1945a046ebda494a8048a106a4d49d7f214735ada53397db3b203885ce39ee48d69465935eade21ce36e61826c52c82f038341d9bab5687c740ed3c18897094e7e1391eb84a4052e03c0c7c39ae86d454938f65e284620b99481c33d9f5e5b7a6c0d7548723f55b213c76be37f40c850c38e265758ebd8238257a146d6eced16fd658a784c928fea7a841db1a7fd6520442dae5fc0d3a3d3a5f16fcf6fe4f062ecdad7d0f3c6cd339339533c0ef28ad1e2729907094c3de93c1b1b00ad6df89507000000fb7565d3a8e9eaea020ed173c2179fb03e0944460989240a689c7fe795d310be4e7a6b778a903280dbf426b39c3603c49049980767e31edb997f59785184cbd7b9070400000073c745f71db0906cb51780f908fa61634af8ac85d9f04f3dff0a948e81cd3229a59aaeb00995358155343e3239588a0383e4df109d5ca24276d0d83a27d0e9bf681c1bbea12a6f3c20ad50f63430333bb327eb6ae32fe8809065bce26d2dc2fbb2b48d404637d61fd86852e0e1b6ccc6f75b1107aaa5f60ef45f94e953b3f213c3cb4ca4c716565078c666f84e1a99bb4cb5c7190648132f6ff1f6cb79b93f20752753c938da6241607a742361d995188b23cb4b8269e98e822585695962620673433748e476f7cc3e37db88639c525ff3a502c82c283b00aecfe7734ab369e1ed7c75e27a5a333641817baa3ea37844e20e6266c5095abf9d47ca5f8ad93f1a4d8795daec222ada00d65cf91425fae7939ceaa8d94ec1ab5082e1d251c27b3132119b350e81771f3733be232ffb90c03a818bf458aac3314007c3e35d5e4bed6b897608b01e7e26a54433e5f5c74a2ee3c2fc50067be05a677f122b7dba7010830b879a41b579d44158fb89ea05761d2d369853bea84dfb8081ed7b891dcb3bb3361534fdc5252e4964aed936ad2838e7af14fc65c7c1c6d44c6256f2462ae83cfd6a6b2651da607fe79d345e5080098e9e6e7482cc5c267e00d8d09dcde70b60fe6220fe9530547201664db91cf1885ecc2f106b66cd99131523c99f6102ddd7403791b3a7ac59b256cc4c938fe01740ae4f19b5204ca305b1666b0c2a7e5015d6d530995843adfbac3954306d4cd82257d4d2c3283d45dbae43548fed9879328f114f7c8238ac955391b24614d91be1701ae07c170a9c299fcf3d0ac4cea07e88fbf66b697883af17a06ac3f9954eb2fbd20f101802cd023fc48c5d464c16059cc9dce8558c5322ac7612db0e2725427628c2c41a21f0d2f3962e32f710bf9e216ff1694e8d88c8a81328744b36d9ef9f08c0ea3ccd4f8729e2f00a048162834a95", 0x3f1}, {&(0x7f00000003c0)="128b9306006d4810e5ac5040ad9201847839fc378469d5765b9cc241840896c1498194a7197b45d74a8532b82037b02c9e6045c361eb", 0x36}], 0x3}, 0x0)
setsockopt$RDS_CONG_MONITOR(r0, 0x114, 0x6, &(0x7f0000000680)=0x1, 0x4)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1000001, 0x32, 0xffffffffffffffff, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x40)
recvmmsg(r0, &(0x7f0000006a40)=[{{&(0x7f0000000080)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast1}}}, 0x80, &(0x7f00000005c0)=[{}, {&(0x7f0000000140)=""/125, 0x7d}, {&(0x7f0000000280)=""/142, 0x8e}, {&(0x7f00000004c0)=""/202, 0xca}, {&(0x7f0000000400)=""/69, 0x45}, {&(0x7f00000006c0)=""/250, 0xfa}, {&(0x7f0000000d00)=""/4096, 0x1000}], 0x7, &(0x7f00000007c0)=""/186, 0xba}, 0x1}, {{&(0x7f0000001d00)=@ax25={{0x3, @default}, [@bcast, @bcast, @remote, @null, @remote, @remote, @null, @bcast]}, 0x80, &(0x7f0000002200)=[{&(0x7f0000001d80)=""/154, 0x9a}, {&(0x7f0000000380)}, {&(0x7f0000000640)=""/54, 0x36}, {&(0x7f0000001e40)=""/146, 0x92}, {&(0x7f0000001f00)=""/137, 0x89}, {&(0x7f0000001fc0)=""/175, 0xaf}, {&(0x7f0000000880)=""/40, 0x28}, {&(0x7f0000002080)=""/153, 0x99}, {&(0x7f0000006c40)=""/187, 0xbb}], 0x9, &(0x7f00000022c0)=""/2, 0x2}, 0x6}, {{&(0x7f0000002300)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x80, &(0x7f00000023c0)=[{&(0x7f0000002380)=""/17, 0x11}], 0x1, &(0x7f0000002400)=""/216, 0xd8}, 0x1}, {{0x0, 0x0, &(0x7f0000002580)=[{&(0x7f0000002500)=""/49, 0x31}, {&(0x7f0000002540)=""/2, 0x2}], 0x2, &(0x7f00000025c0)=""/80, 0x50}, 0x7}, {{&(0x7f0000002640)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @remote}}}, 0x80, &(0x7f0000002780)=[{&(0x7f00000026c0)=""/54, 0x36}, {&(0x7f0000002700)=""/113, 0x71}], 0x2, &(0x7f00000027c0)=""/78, 0x4e}}, {{&(0x7f0000002840), 0x80, &(0x7f0000003e40)=[{&(0x7f00000028c0)=""/69, 0x45}, {&(0x7f0000002a00)=""/253, 0xfd}, {&(0x7f0000002b00)=""/239, 0xef}, {&(0x7f0000002c00)=""/83, 0x53}, {&(0x7f0000002c80)=""/4096, 0x1000}, {&(0x7f0000003c80)=""/27, 0x1b}, {&(0x7f0000003cc0)}, {&(0x7f0000003d00)=""/130, 0x82}, {&(0x7f0000003dc0)=""/94, 0x5e}], 0x9, &(0x7f0000003f00)=""/116, 0x74}}, {{&(0x7f0000003f80)=@l2tp={0x2, 0x0, @dev}, 0x80, &(0x7f00000065c0)=[{&(0x7f0000004000)=""/91, 0x5b}, {&(0x7f0000004080)=""/114, 0x72}, {&(0x7f0000004100)=""/209, 0xd1}, {&(0x7f0000004200)=""/156, 0x9c}, {&(0x7f00000042c0)=""/200, 0xc8}, {&(0x7f00000043c0)=""/4096, 0x1000}, {&(0x7f00000053c0)=""/108, 0x6c}, {&(0x7f0000005440)=""/106, 0x6a}, {&(0x7f00000054c0)=""/232, 0xe8}, {&(0x7f00000055c0)=""/4096, 0x1000}], 0xa, &(0x7f0000006680)=""/126, 0x7e}, 0x3}, {{&(0x7f0000006700)=@vsock={0x28, 0x0, 0x0, @local}, 0x80, &(0x7f0000006980)=[{&(0x7f0000006780)=""/71, 0x47}, {&(0x7f0000006800)=""/197, 0xc5}, {&(0x7f0000006900)=""/115, 0x73}], 0x3, &(0x7f00000069c0)=""/115, 0x73}, 0x2}], 0x8, 0x100, 0x0)

649.737419ms ago: executing program 2 (id=931):
syz_emit_ethernet(0x4a, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaa"], 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000007880)=[{{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000040)="af0ac95ab194f93f8e795a9b29420fa62d", 0x11}], 0x1}}], 0x1, 0x4000000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x8, 0x6, &(0x7f0000000200)=ANY=[@ANYBLOB="1800008080b63428e900"/20, @ANYRES32, @ANYBLOB], 0x0, 0x7, 0x0, 0x0, 0x41000, 0xf72cb191e650caa, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94)
r0 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_misc(r1, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x0, 0x2000000000001]}})

588.567944ms ago: executing program 2 (id=932):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, 0x0, 0x0)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r1, &(0x7f00000000c0)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x2, 0x3}}, 0x26)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000680)='kfree\x00', r3}, 0x62)
close(r1)

555.914417ms ago: executing program 2 (id=934):
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000)
r1 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r1, &(0x7f00000001c0)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc)
r2 = syz_io_uring_setup(0x497, &(0x7f0000000540)={0x0, 0x4660, 0x400, 0x3, 0x34e}, &(0x7f00000004c0)=<r3=>0x0, &(0x7f0000000480)=<r4=>0x0)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
ioctl$TIOCSETD(r5, 0x5423, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r1, 0x0, 0x0})
io_uring_enter(r2, 0x3498, 0x969, 0xffff0000000000a1, 0x0, 0x0)
r6 = dup3(r2, r0, 0x80000)
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000140), 0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x4, &(0x7f0000000500)=ANY=[@ANYRES16=r7], 0x0, 0x7, 0x0, 0x0, 0x0, 0x10}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r8}, &(0x7f0000000180), &(0x7f00000001c0)=r7}, 0x20)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000008c0)={0x1b, 0x0, 0x0, 0x5, 0x0, r6, 0x4, '\x00', 0x0, r6, 0x5, 0x2, 0x3}, 0x50)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000940)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0x0, '\x00', 0x0, r6, 0x3, 0x1, 0x1}, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000009c0)={r6}, 0x4)
r9 = syz_open_procfs(0x0, &(0x7f0000000200)='coredump_filter\x00')
fcntl$setstatus(r9, 0x4, 0x40800)
syz_io_uring_setup(0x416f, &(0x7f0000000780)={0x0, 0xfffffffd, 0x10100, 0x200, 0x1}, &(0x7f0000000100)=<r10=>0x0, &(0x7f0000000300)=<r11=>0x0)
syz_io_uring_submit(r10, r11, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r9, 0x792, &(0x7f00000004c0)=[{&(0x7f0000000000)=""/4, 0x4}], 0x1})
r12 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r12, &(0x7f0000000040)=0xfe8e, 0x12)

372.787885ms ago: executing program 2 (id=938):
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'sit0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000100)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYRES32=r1, @ANYBLOB="10000880"], 0x38}, 0x1, 0x0, 0x0, 0x4008081}, 0x0)

327.278209ms ago: executing program 2 (id=941):
socket$nl_route(0x10, 0x3, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85eff010000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1099e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c391339878b699644c96bd6ea589765ed2a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac4741201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6d00000000000000000000008f6555f3b7d5021dfc8eb504f1e4fef716d60f0d50b03fc014fd3dff46f56750f0ba4f1b9f7de5c17e7d1f18522897edab8e9e76b667ec6b01908400f55e16f0cfbf026be5f5acc681053f697d62b3545aec4606e190216c22c1d8807b6c43f0f0a4b53619fe5c9412821c3816194a5e29cf12cc7a197b5bdafb096d2d7f6be483814c92ef29c3a21c169794c7de3b4c706f4de5f4b93c831944c7b66fa49f317aa22dbc211e19f031c4f8bee14ecd5eb061a052044adc4dd1b63a1500a9c0e09dbba23f2726a55975efb4519d864d984dcb3a1dcafa1124a6b004029a706478df3be2438d2e35e6ca674dc190143a0b6f7db3408c0c08011e5d8f54711a0bd410ab53a15b1596cb77d2b58df2d8d8"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000280)='+}[@\x00')
r1 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0xfffffdd6}], 0x1, 0x9c00, 0x0, 0x3)

315.2987ms ago: executing program 4 (id=942):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r1, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000340)=ANY=[@ANYBLOB="44000000000801010000000000000000030000020900010073797a310000000006000240880900001400048008000740000000060800064000000005050003000600000010"], 0x44}, 0x1, 0x0, 0x0, 0x20024810}, 0x0)

288.592332ms ago: executing program 4 (id=943):
syz_emit_ethernet(0x4a, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaa"], 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000007880)=[{{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000040)="af0ac95ab194f93f8e795a9b29420fa62d", 0x11}], 0x1}}], 0x1, 0x4000000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x8, 0x6, &(0x7f0000000200)=ANY=[@ANYBLOB="1800008080b63428e900"/20, @ANYRES32, @ANYBLOB], 0x0, 0x7, 0x0, 0x0, 0x41000, 0xf72cb191e650caa, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94)
r0 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_misc(r1, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x0, 0x2000000000001]}})

245.625306ms ago: executing program 4 (id=944):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x12, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000070000000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x801}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000e00)={&(0x7f0000000980)='sys_exit\x00', r1}, 0x10)
r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8)
write$cgroup_int(r3, &(0x7f00000001c0), 0xfffffdef)

203.675521ms ago: executing program 1 (id=945):
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x4e24}, 0x1c)
socket(0x2, 0x80805, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
prctl$PR_SET_NAME(0xf, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
shutdown(r0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="0000000000000000a509000000661b0000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/21], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="f4e916a7343173d80000000000000000b7080000000000007b8af8ff0000f8ffffffb70400ba140000008502bc56d613f9f8d3d100000082000000950006140000000023000000000000000000000000fa88eee62a250c83415c4cfdf4f6d626767841764e6e15988446c7a1b6a6137524fbe4f208bb00cd852925526d80d08af19eb63668b37c84ec53f2364b7547e285e6e565d7c659c63cb2bb6245d4a3686a3d8fbd5cf0feebf79e6541df9150fe5a274f9565ebe5dd6f1c70e430b3852d8c0a2a2bb9c462ee0af4b70d490e2bdb6e201f04727d06b4004215cad1499b0045dc20b299cccfed44e65d64c8528c2a19f7cadfb4bd6f281027f35dfc3c3916328f6ac28b4349d5485138d54c13e43023cc"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
syz_io_uring_setup(0x5c2, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x4}, &(0x7f0000000300)=<r4=>0x0, &(0x7f0000000580))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
clock_nanosleep(0x2, 0x1000000, &(0x7f0000000040)={0x77359400}, 0x0)

203.235041ms ago: executing program 4 (id=946):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0600000004000000080000000a", @ANYBLOB="2cfa49fa4f3ab79320109ed007ff17b4a41740c48f50598546536d8ede968fa3d682e597d7b6d2d8efe56033db90904b264b52e9397dbd32dc09243633dbbdff658f304748ad6455f5f1e7b8d0c4873d4eb050585b1a6521c5ed9041112ec42e2edc9c398e7b22696ca26aaf92dd0bf0210157539a8dee3ad28afcfb3805fa8e5436118ffc75a22a2279a599145e6c8077378259140437be3fc7fe4add4817561339557b1f3b6d89b29fcfee3a59b9c4faaddfb8cf63dada1f4bf0adeffea9b4a76de07bab41816c27f6ef4be8a862c0a44eb49a34e2dfdfe9344c6a16d6285c7b2b50847fa3db108af187a868d0ce8e73733ade5f"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x3, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x4, 0x0, 0x0, 0x41100, 0x6c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000bc0)=ANY=[@ANYBLOB="14000000100001000e000000000000000000000a20000000000a03000000000000000000070000000900010073797a300000000074000000090a010400000000000000000700000008000a40000000000900020073797a30000000000900010073797a3000000000080005400000002f300012802c0001800a00010071756f74610000001c0002800c00044000000000000009fb0c0001400000000000000008080003400000010614"], 0xbc}}, 0x20050800)

201.450911ms ago: executing program 0 (id=947):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$unix(0x1, 0x5, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000026c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2, 0x2}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x0, '\x00', 0x1, 0x7, 0x100, 0x8}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=@newqdisc={0x30, 0x24, 0x4ee4e6a52ff56541, 0x70b927, 0x25dfdc01, {0x0, 0x0, 0x0, r6, {0x0, 0xe}, {0x1, 0xb}, {0xa, 0xb}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4008000)
r7 = socket$kcm(0x11, 0x3, 0x0)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$kcm(r7, &(0x7f00000000c0)={&(0x7f0000000580)=@xdp={0x2c, 0x4, r9, 0x3e}, 0x80, &(0x7f0000000080)=[{0x0}], 0x1}, 0x0)

169.289754ms ago: executing program 4 (id=948):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={0xffffffffffffffff, 0x0, 0x0, 0x4b, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0}, 0x50)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newqdisc={0x34, 0x24, 0xc17, 0x70bd29, 0x0, {0x60, 0x0, 0x0, 0x0, {0xfff3, 0xfff1}, {0x9, 0xa}, {0xf, 0x1}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0xffffffffffffff1e}, 0x1, 0x0, 0x0, 0x48090}, 0x4000)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="280000001800090000000000000000001c140000fe000001000000000c0013"], 0x28}, 0x1, 0x0, 0x0, 0x2000c000}, 0x4c000)
socket(0xa, 0x3, 0x3a)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x6f}, 0x94)
syz_emit_ethernet(0x12, &(0x7f0000000000)=ANY=[@ANYBLOB="910418166421b54fa0aaaa050004424203"], 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000019200)={0x11, 0xd, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000880)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x6, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0xfffffffffffffd2e, &(0x7f0000000000)='e', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x4}, 0x48)

74.084593ms ago: executing program 4 (id=949):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000)
r2 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r2, &(0x7f00000001c0)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc)
r3 = syz_io_uring_setup(0x497, &(0x7f0000000540)={0x0, 0x4660, 0x400, 0x3, 0x34e}, &(0x7f00000004c0)=<r4=>0x0, &(0x7f0000000480)=<r5=>0x0)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
ioctl$TIOCSETD(r6, 0x5423, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r2, 0x0, 0x0})
io_uring_enter(r3, 0x3498, 0x969, 0xffff0000000000a1, 0x0, 0x0)
r7 = dup3(r3, r1, 0x80000)
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000140), 0x14)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r9 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x4, &(0x7f0000000500)=ANY=[@ANYRES16=r9], 0x0, 0x7, 0x0, 0x0, 0x0, 0x10}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r10}, &(0x7f0000000180), &(0x7f00000001c0)=r9}, 0x20)
r11 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000008c0)={0x1b, 0x0, 0x0, 0x5, 0x0, r7, 0x4, '\x00', 0x0, r7, 0x5, 0x2, 0x3}, 0x50)
r12 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000940)={0x1b, 0x0, 0x0, 0x3, 0x0, 0x1, 0x0, '\x00', 0x0, r7, 0x3, 0x1, 0x1}, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000009c0)={r7, <r13=>0xffffffffffffffff}, 0x4)
r14 = syz_open_procfs(0x0, &(0x7f0000000200)='coredump_filter\x00')
fcntl$setstatus(r14, 0x4, 0x40800)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r14, 0x792, &(0x7f00000004c0)=[{&(0x7f0000000000)=""/4, 0x4}], 0x1})
bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x1b, 0x1e, &(0x7f00000005c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x1}, [@btf_id={0x18, 0x0, 0x3, 0x0, 0x1}, @alu={0x4, 0x0, 0x6, 0x6, 0x9, 0x20, 0x8}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xa43e}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r7}}, @ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xffffffc0}}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @jmp={0x5, 0x0, 0x3, 0x3, 0x5}]}, &(0x7f0000000000)='GPL\x00', 0x8, 0x48, &(0x7f00000003c0)=""/72, 0x40f00, 0x17, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x8, &(0x7f0000000280)={0x3, 0x2}, 0x8, 0x10, &(0x7f0000000300)={0x1, 0x5, 0x2, 0x8}, 0x10, 0x0, r8, 0x5, &(0x7f0000000a00)=[r7, r10, r11, r12, r13, r14, r7, r7, r7], &(0x7f0000000b00)=[{0x2, 0x5, 0xb}, {0x3, 0x3, 0x4, 0x9}, {0x5, 0x5, 0x4}, {0x2, 0x4, 0x10, 0x9}, {0x5, 0x4, 0xe, 0xb}], 0x10, 0xb}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x94)
r15 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r15, &(0x7f0000000040)=0xfe8e, 0x12)

58.673774ms ago: executing program 0 (id=950):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000e617110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000300)={'pim6reg1\x00', 0x1})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @link_local})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000040)='qdisc_destroy\x00', r3}, 0x18)
close(r1)

0s ago: executing program 2 (id=951):
syz_emit_ethernet(0x6e, &(0x7f0000000640)={@broadcast, @broadcast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x38, 0x3a, 0x0, @local, @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x7d0, {0x0, 0x6, "8cb02b", 0x0, 0x2f, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, @local, [@srh={0x0, 0x0, 0x4, 0x0, 0x20}]}}}}}}}, 0x0)

kernel console output (not intermixed with test programs):

667][ T3919] syz_tun: entered promiscuous mode
[   48.426534][ T3915] Alternate GPT is invalid, using primary GPT.
[   48.439844][ T3915]  loop2: p2 p3 p7
[   48.616437][ T3929] netlink: 8 bytes leftover after parsing attributes in process `syz.3.178'.
[   48.633523][ T3929] syz_tun: entered promiscuous mode
[   48.684061][ T3931] netlink: 'syz.3.180': attribute type 2 has an invalid length.
[   48.721132][ T3308] udevd[3308]: inotify_add_watch(7, /dev/loop2p7, 10) failed: No such file or directory
[   48.741636][ T3704] udevd[3704]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[   48.753969][ T3653] udevd[3653]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[   48.818124][ T3940] netlink: 'syz.2.183': attribute type 4 has an invalid length.
[   48.896834][ T3950] program syz.2.188 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   48.908925][ T3947] SELinux: ebitmap start bit (16777215) is not a multiple of the map unit size (64)
[   48.939376][ T3947] SELinux: failed to load policy
[   48.943317][ T3953] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   48.950373][ T3947] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=24951 sclass=netlink_route_socket pid=3947 comm=syz.3.186
[   48.963263][ T3953] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   49.010480][ T3943] netlink: 'syz.4.184': attribute type 16 has an invalid length.
[   49.018318][ T3943] netlink: 'syz.4.184': attribute type 17 has an invalid length.
[   49.034888][ T3943] net_ratelimit: 15 callbacks suppressed
[   49.034899][ T3943] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   49.066993][ T3943] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=54 sclass=netlink_route_socket pid=3943 comm=syz.4.184
[   49.071164][ T3956] vlan2: entered allmulticast mode
[   49.085113][ T3956] bond0: entered allmulticast mode
[   49.090533][ T3956] bond_slave_0: entered allmulticast mode
[   49.090862][ T3943] loop4: detected capacity change from 0 to 512
[   49.096323][ T3956] bond_slave_1: entered allmulticast mode
[   49.103498][ T3943] EXT4-fs: dax option not supported
[   49.188150][ T3959] netlink: 24 bytes leftover after parsing attributes in process `syz.4.191'.
[   49.227632][ T3961] loop3: detected capacity change from 0 to 1024
[   49.235167][ T3961] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[   49.342421][ T3967] netlink: 4 bytes leftover after parsing attributes in process `syz.1.195'.
[   49.375438][ T3969] loop1: detected capacity change from 0 to 1024
[   49.383315][ T3969] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[   49.447532][ T3959] loop4: detected capacity change from 0 to 2048
[   49.497526][ T3959] Alternate GPT is invalid, using primary GPT.
[   49.506445][ T3959]  loop4: p2 p3 p7
[   49.551479][ T3975] netlink: 24 bytes leftover after parsing attributes in process `syz.0.198'.
[   49.836363][ T3979] program syz.2.200 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   49.910480][ T3985] netlink: 24 bytes leftover after parsing attributes in process `syz.4.203'.
[   49.931257][ T3975] loop0: detected capacity change from 0 to 2048
[   49.964827][ T3983] SELinux: ebitmap start bit (16777215) is not a multiple of the map unit size (64)
[   49.976073][ T3983] SELinux: failed to load policy
[   50.004471][ T3983] 8021q: adding VLAN 0 to HW filter on device bond2
[   50.088877][ T3983] bond2: (slave veth5): Enslaving as an active interface with an up link
[   50.116968][ T3975] Alternate GPT is invalid, using primary GPT.
[   50.125637][ T3975]  loop0: p2 p3 p7
[   50.267400][ T3985] loop4: detected capacity change from 0 to 2048
[   50.333173][ T3990] netlink: 'syz.2.205': attribute type 16 has an invalid length.
[   50.348521][ T3934] Alternate GPT is invalid, using primary GPT.
[   50.355025][ T3934]  loop4: p2 p3 p7
[   50.359945][ T3995] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   50.370317][ T3995] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   50.385495][ T3993] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=54 sclass=netlink_route_socket pid=3993 comm=syz.2.205
[   50.407539][ T3993] loop2: detected capacity change from 0 to 512
[   50.422528][ T3993] EXT4-fs: dax option not supported
[   50.455800][ T3990] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   50.581837][ T3985] Alternate GPT is invalid, using primary GPT.
[   50.593606][ T3985]  loop4: p2 p3 p7
[   50.740058][ T4007] loop2: detected capacity change from 0 to 7
[   50.796065][ T3308] udevd[3308]: inotify_add_watch(7, /dev/loop4p7, 10) failed: No such file or directory
[   50.798307][ T3934] udevd[3934]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[   50.807644][ T3653] udevd[3653]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory
[   50.902162][ T4011] syzkaller0: entered promiscuous mode
[   50.907742][ T4011] syzkaller0: entered allmulticast mode
[   50.985738][ T4017] EXT4-fs: Ignoring removed orlov option
[   50.991589][ T4017] EXT4-fs: Ignoring removed nomblk_io_submit option
[   51.005682][ T4017] ext4: Unknown parameter 'subj_role'
[   51.077644][ T4026] program syz.2.223 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   51.097253][ T3653] Alternate GPT is invalid, using primary GPT.
[   51.104217][ T3653]  loop0: p2 p3 p7
[   51.391429][ T3004] Alternate GPT is invalid, using primary GPT.
[   51.398101][ T3004]  loop0: p2 p3 p7
[   51.465492][ T3704] udevd[3704]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory
[   51.480375][ T3934] udevd[3934]: inotify_add_watch(7, /dev/loop0p7, 10) failed: No such file or directory
[   51.503129][ T3653] udevd[3653]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory
[   51.554246][ T3934] udevd[3934]: inotify_add_watch(7, /dev/loop0p7, 10) failed: No such file or directory
[   51.623278][ T4038] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   51.788985][ T4032] Alternate GPT is invalid, using primary GPT.
[   51.808924][ T4032]  loop2: p2 p3 p7
[   52.070850][ T4051] program syz.4.233 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   52.122787][ T4053] program syz.1.234 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   52.142236][ T4055] program syz.2.235 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   52.216433][ T4058] syzkaller0: entered promiscuous mode
[   52.221967][ T4058] syzkaller0: entered allmulticast mode
[   52.545197][ T4081] program syz.2.248 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   52.713905][ T4095] SELinux:  policydb magic number 0x6c65732f does not match expected magic number 0xf97cff8c
[   52.772037][ T4092] validate_nla: 4 callbacks suppressed
[   52.772054][ T4092] netlink: 'syz.4.253': attribute type 1 has an invalid length.
[   52.798605][ T4095] SELinux: failed to load policy
[   52.837830][ T4092] 8021q: adding VLAN 0 to HW filter on device bond1
[   52.914645][ T4107] netlink: 'syz.4.259': attribute type 2 has an invalid length.
[   52.946033][ T4107] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 36:ed:9c:5e:40:48
[   53.134182][ T4094] set_capacity_and_notify: 4 callbacks suppressed
[   53.134198][ T4094] loop0: detected capacity change from 0 to 1024
[   53.152443][ T4094] EXT4-fs: Ignoring removed orlov option
[   53.158347][ T4094] EXT4-fs: Ignoring removed nomblk_io_submit option
[   53.172300][ T4094] ext4: Unknown parameter 'subj_role'
[   53.273168][ T4124] __nla_validate_parse: 6 callbacks suppressed
[   53.273194][ T4124] netlink: 72 bytes leftover after parsing attributes in process `syz.0.266'.
[   53.360836][ T4130] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   53.370768][ T4130] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   53.433470][   T29] kauditd_printk_skb: 77 callbacks suppressed
[   53.433490][   T29] audit: type=1400 audit(1766323154.846:379): avc:  denied  { create } for  pid=4116 comm="syz.1.263" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   53.854343][   T29] audit: type=1400 audit(1766323155.266:380): avc:  denied  { create } for  pid=4134 comm="syz.2.271" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[   53.891712][   T29] audit: type=1400 audit(1766323155.296:381): avc:  denied  { bind } for  pid=4134 comm="syz.2.271" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[   54.004559][ T4142] loop0: detected capacity change from 0 to 4096
[   54.032676][   T29] audit: type=1326 audit(1766323155.356:382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4141 comm="syz.0.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc515aff749 code=0x7ffc0000
[   54.056363][   T29] audit: type=1326 audit(1766323155.356:383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4141 comm="syz.0.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc515aff749 code=0x7ffc0000
[   54.080052][   T29] audit: type=1326 audit(1766323155.356:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4141 comm="syz.0.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc515aff749 code=0x7ffc0000
[   54.103391][   T29] audit: type=1326 audit(1766323155.356:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4141 comm="syz.0.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc515aff749 code=0x7ffc0000
[   54.126943][   T29] audit: type=1326 audit(1766323155.356:386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4141 comm="syz.0.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc515aff749 code=0x7ffc0000
[   54.150818][   T29] audit: type=1326 audit(1766323155.366:387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4141 comm="syz.0.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc515aff749 code=0x7ffc0000
[   54.174067][   T29] audit: type=1326 audit(1766323155.366:388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4141 comm="syz.0.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc515aff749 code=0x7ffc0000
[   54.200769][ T4142] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   54.222037][ T4147] program syz.1.275 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   54.256358][ T4142] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[   54.283424][ T4150] netlink: 4 bytes leftover after parsing attributes in process `syz.1.276'.
[   54.392944][ T3320] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.737662][ T4167] FAULT_INJECTION: forcing a failure.
[   54.737662][ T4167] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   54.751443][ T4167] CPU: 0 UID: 0 PID: 4167 Comm: syz.3.283 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   54.751499][ T4167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   54.751512][ T4167] Call Trace:
[   54.751521][ T4167]  <TASK>
[   54.751531][ T4167]  __dump_stack+0x1d/0x30
[   54.751620][ T4167]  dump_stack_lvl+0x95/0xd0
[   54.751640][ T4167]  dump_stack+0x15/0x1b
[   54.751661][ T4167]  should_fail_ex+0x265/0x280
[   54.751687][ T4167]  should_fail+0xb/0x20
[   54.751709][ T4167]  should_fail_usercopy+0x1a/0x20
[   54.751772][ T4167]  _copy_from_user+0x1c/0xb0
[   54.751799][ T4167]  proc_control_compat+0x44/0xe0
[   54.751826][ T4167]  usbdev_ioctl+0xed5/0x1700
[   54.751855][ T4167]  ? __pfx_usbdev_ioctl+0x10/0x10
[   54.751919][ T4167]  __se_sys_ioctl+0xce/0x140
[   54.751986][ T4167]  __x64_sys_ioctl+0x43/0x50
[   54.752018][ T4167]  x64_sys_call+0x14b0/0x3000
[   54.752040][ T4167]  do_syscall_64+0xca/0x2b0
[   54.752114][ T4167]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   54.752137][ T4167] RIP: 0033:0x7f66432bf749
[   54.752213][ T4167] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   54.752231][ T4167] RSP: 002b:00007f6641d1f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   54.752253][ T4167] RAX: ffffffffffffffda RBX: 00007f6643515fa0 RCX: 00007f66432bf749
[   54.752266][ T4167] RDX: 0000200000000040 RSI: 00000000c0105500 RDI: 0000000000000005
[   54.752278][ T4167] RBP: 00007f6641d1f090 R08: 0000000000000000 R09: 0000000000000000
[   54.752305][ T4167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   54.752337][ T4167] R13: 00007f6643516038 R14: 00007f6643515fa0 R15: 00007ffda1bf5278
[   54.752353][ T4167]  </TASK>
[   55.015778][ T4170] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   55.031639][ T4170] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   55.223679][ T4174] program syz.4.286 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   55.345586][ T4180] loop4: detected capacity change from 0 to 128
[   55.352467][ T4181] SELinux:  Context Ü is not valid (left unmapped).
[   55.408813][ T4186] loop2: detected capacity change from 0 to 7
[   55.463962][ T4190] loop1: detected capacity change from 0 to 1024
[   55.481869][ T4190] EXT4-fs: Ignoring removed orlov option
[   55.508625][ T4190] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   55.636274][ T4202] program syz.0.297 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   55.724459][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.774628][ T4211] loop2: detected capacity change from 0 to 7
[   55.975716][ T4215] netlink: 'syz.1.302': attribute type 16 has an invalid length.
[   55.983618][ T4215] netlink: 'syz.1.302': attribute type 17 has an invalid length.
[   56.042245][ T4217] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=54 sclass=netlink_route_socket pid=4217 comm=syz.1.302
[   56.094870][ T4217] loop1: detected capacity change from 0 to 512
[   56.101348][ T4219] loop4: detected capacity change from 0 to 512
[   56.122510][ T4219] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[   56.131544][ T4217] EXT4-fs: dax option not supported
[   56.248660][ T4215] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   56.677262][ T4235] loop0: detected capacity change from 0 to 1024
[   56.684974][ T4235] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[   57.462822][ T4245] FAULT_INJECTION: forcing a failure.
[   57.462822][ T4245] name failslab, interval 1, probability 0, space 0, times 1
[   57.475875][ T4245] CPU: 0 UID: 0 PID: 4245 Comm: syz.1.312 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   57.475951][ T4245] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   57.475964][ T4245] Call Trace:
[   57.475972][ T4245]  <TASK>
[   57.475980][ T4245]  __dump_stack+0x1d/0x30
[   57.476009][ T4245]  dump_stack_lvl+0x95/0xd0
[   57.476033][ T4245]  dump_stack+0x15/0x1b
[   57.476098][ T4245]  should_fail_ex+0x265/0x280
[   57.476124][ T4245]  should_failslab+0x8c/0xb0
[   57.476151][ T4245]  kmem_cache_alloc_noprof+0x69/0x4b0
[   57.476173][ T4245]  ? audit_log_start+0x342/0x720
[   57.476253][ T4245]  audit_log_start+0x342/0x720
[   57.476344][ T4245]  ? kstrtouint+0x76/0xc0
[   57.476365][ T4245]  audit_seccomp+0x48/0x100
[   57.476417][ T4245]  ? __seccomp_filter+0x832/0x1260
[   57.476442][ T4245]  __seccomp_filter+0x843/0x1260
[   57.476466][ T4245]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   57.476509][ T4245]  ? vfs_write+0x7e8/0x960
[   57.476534][ T4245]  __secure_computing+0x82/0x150
[   57.476604][ T4245]  syscall_trace_enter+0xcf/0x1e0
[   57.476632][ T4245]  do_syscall_64+0xa4/0x2b0
[   57.476666][ T4245]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   57.476686][ T4245] RIP: 0033:0x7fed83acf749
[   57.476702][ T4245] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   57.476829][ T4245] RSP: 002b:00007fed8252f038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[   57.476854][ T4245] RAX: ffffffffffffffda RBX: 00007fed83d25fa0 RCX: 00007fed83acf749
[   57.476866][ T4245] RDX: 0000000000000002 RSI: ffffffffffffffff RDI: 0000000000000007
[   57.476878][ T4245] RBP: 00007fed8252f090 R08: 0000000000000000 R09: 0000000000000000
[   57.476901][ T4245] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   57.476912][ T4245] R13: 00007fed83d26038 R14: 00007fed83d25fa0 R15: 00007ffc424f3ab8
[   57.476956][ T4245]  </TASK>
[   57.718624][ T4249] loop0: detected capacity change from 0 to 1024
[   57.731786][ T4249] EXT4-fs: Ignoring removed orlov option
[   57.731821][ T4249] EXT4-fs: Ignoring removed nomblk_io_submit option
[   57.732305][ T4249] ext4: Unknown parameter 'subj_role'
[   57.798689][ T4255] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[   57.823348][ T1049] IPVS: starting estimator thread 0...
[   57.873038][ T4257] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   57.912200][ T4261] IPVS: using max 2496 ests per chain, 124800 per kthread
[   58.006588][ T4257] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[   58.039762][ T4276] program syz.2.324 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   58.125164][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   58.139973][ T4284] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   58.149800][ T4284] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   58.168767][ T4277] netlink: 'syz.1.323': attribute type 16 has an invalid length.
[   58.176698][ T4277] netlink: 'syz.1.323': attribute type 17 has an invalid length.
[   58.196508][ T4277] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   58.220050][ T4287] set_capacity_and_notify: 2 callbacks suppressed
[   58.220070][ T4287] loop3: detected capacity change from 0 to 1024
[   58.229799][ T4277] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=54 sclass=netlink_route_socket pid=4277 comm=syz.1.323
[   58.237742][ T4287] EXT4-fs: Ignoring removed orlov option
[   58.252237][ T4287] EXT4-fs: Ignoring removed nomblk_io_submit option
[   58.263120][ T4289] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   58.271857][ T4289] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   58.272043][ T4277] loop1: detected capacity change from 0 to 512
[   58.282465][ T4287] ext4: Unknown parameter 'subj_role'
[   58.287057][ T4277] EXT4-fs: dax option not supported
[   58.527134][ T4306] SELinux: ebitmap start bit (16777215) is not a multiple of the map unit size (64)
[   58.536835][ T4306] SELinux: failed to load policy
[   58.543518][ T4306] netlink: 'syz.1.336': attribute type 1 has an invalid length.
[   58.558028][ T4306] 8021q: adding VLAN 0 to HW filter on device bond1
[   58.578057][ T4306] vlan2: entered allmulticast mode
[   58.583253][ T4306] bond0: entered allmulticast mode
[   58.588474][ T4306] bond_slave_0: entered allmulticast mode
[   58.594351][ T4306] bond_slave_1: entered allmulticast mode
[   58.623696][ T4306] bond1: (slave vlan2): making interface the new active one
[   58.656875][ T4309] loop0: detected capacity change from 0 to 1024
[   58.665663][ T4306] bond1: (slave vlan2): Enslaving as an active interface with an up link
[   58.691047][ T4309] EXT4-fs: Ignoring removed nomblk_io_submit option
[   58.749713][ T4309] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   58.768013][   T29] kauditd_printk_skb: 193 callbacks suppressed
[   58.768062][   T29] audit: type=1400 audit(1766323160.176:580): avc:  denied  { append } for  pid=4308 comm="syz.0.337" name="file1" dev="loop0" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   58.796978][   T29] audit: type=1400 audit(1766323160.176:581): avc:  denied  { open } for  pid=4308 comm="syz.0.337" path="/78/file1/file1" dev="loop0" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   58.830735][ T3320] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   59.167619][ T4319] netlink: 'syz.0.340': attribute type 16 has an invalid length.
[   59.175558][ T4319] netlink: 'syz.0.340': attribute type 17 has an invalid length.
[   59.199643][ T4327] loop4: detected capacity change from 0 to 512
[   59.276084][ T4325] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=54 sclass=netlink_route_socket pid=4325 comm=syz.0.340
[   59.305221][ T4327] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[   59.334066][ T4319] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   59.360931][   T29] audit: type=1400 audit(1766323160.746:582): avc:  denied  { getopt } for  pid=4331 comm="syz.1.344" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   59.406507][ T4337] loop2: detected capacity change from 0 to 7
[   59.422004][ T4325] loop0: detected capacity change from 0 to 512
[   59.454095][ T4325] EXT4-fs: dax option not supported
[   59.516615][   T71] vlan2: left promiscuous mode
[   59.521431][   T71] bond0: left promiscuous mode
[   59.562320][ T4336] netlink: 'syz.2.345': attribute type 16 has an invalid length.
[   59.570115][ T4336] netlink: 'syz.2.345': attribute type 17 has an invalid length.
[   59.634921][ T4336] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   59.657375][   T29] audit: type=1326 audit(1766323161.066:583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4340 comm="syz.3.348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66432bf749 code=0x7ffc0000
[   59.680867][   T29] audit: type=1326 audit(1766323161.066:584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4340 comm="syz.3.348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f66432bf749 code=0x7ffc0000
[   59.704620][   T29] audit: type=1326 audit(1766323161.066:585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4340 comm="syz.3.348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66432bf749 code=0x7ffc0000
[   59.728575][   T29] audit: type=1326 audit(1766323161.066:586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4340 comm="syz.3.348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f66432bf749 code=0x7ffc0000
[   59.753088][   T29] audit: type=1326 audit(1766323161.066:587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4340 comm="syz.3.348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66432bf749 code=0x7ffc0000
[   59.776607][   T29] audit: type=1326 audit(1766323161.066:588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4340 comm="syz.3.348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66432bf749 code=0x7ffc0000
[   59.807973][ T4344] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=54 sclass=netlink_route_socket pid=4344 comm=syz.2.345
[   59.834126][ T4336] loop2: detected capacity change from 0 to 512
[   59.852324][ T4336] EXT4-fs: dax option not supported
[   59.866236][   T29] audit: type=1400 audit(1766323161.236:589): avc:  denied  { connect } for  pid=4345 comm="syz.0.349" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   59.895778][ T4350] syzkaller0: entered promiscuous mode
[   59.901377][ T4350] syzkaller0: entered allmulticast mode
[   60.040608][ T4357] loop0: detected capacity change from 0 to 4096
[   60.054684][ T4362] netlink: 4 bytes leftover after parsing attributes in process `syz.3.356'.
[   60.071830][ T4364] FAULT_INJECTION: forcing a failure.
[   60.071830][ T4364] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   60.085174][ T4364] CPU: 0 UID: 0 PID: 4364 Comm: syz.1.357 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   60.085281][ T4364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   60.085295][ T4364] Call Trace:
[   60.085302][ T4364]  <TASK>
[   60.085309][ T4364]  __dump_stack+0x1d/0x30
[   60.085332][ T4364]  dump_stack_lvl+0x95/0xd0
[   60.085351][ T4364]  dump_stack+0x15/0x1b
[   60.085371][ T4364]  should_fail_ex+0x265/0x280
[   60.085433][ T4364]  should_fail+0xb/0x20
[   60.085453][ T4364]  should_fail_usercopy+0x1a/0x20
[   60.085484][ T4364]  _copy_from_user+0x1c/0xb0
[   60.085509][ T4364]  ___sys_sendmsg+0xc1/0x1d0
[   60.085558][ T4364]  __x64_sys_sendmsg+0xd4/0x160
[   60.085637][ T4364]  x64_sys_call+0x17ba/0x3000
[   60.085659][ T4364]  do_syscall_64+0xca/0x2b0
[   60.085694][ T4364]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   60.085719][ T4364] RIP: 0033:0x7fed83acf749
[   60.085759][ T4364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   60.085778][ T4364] RSP: 002b:00007fed8252f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   60.085801][ T4364] RAX: ffffffffffffffda RBX: 00007fed83d25fa0 RCX: 00007fed83acf749
[   60.085815][ T4364] RDX: 0000000020048054 RSI: 0000200000000200 RDI: 0000000000000008
[   60.085829][ T4364] RBP: 00007fed8252f090 R08: 0000000000000000 R09: 0000000000000000
[   60.085843][ T4364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   60.085932][ T4364] R13: 00007fed83d26038 R14: 00007fed83d25fa0 R15: 00007ffc424f3ab8
[   60.085950][ T4364]  </TASK>
[   60.304870][ T4357] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   60.333002][ T4357] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[   60.451191][ T4371] loop2: detected capacity change from 0 to 7
[   60.540360][ T3320] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   60.555357][ T4374] loop2: detected capacity change from 0 to 7
[   60.564380][ T4369] netlink: 56 bytes leftover after parsing attributes in process `syz.3.359'.
[   60.789420][ T4394] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=4394 comm=syz.0.368
[   60.817834][ T4396] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   60.835684][ T4398] FAULT_INJECTION: forcing a failure.
[   60.835684][ T4398] name failslab, interval 1, probability 0, space 0, times 0
[   60.848559][ T4398] CPU: 0 UID: 0 PID: 4398 Comm: syz.3.371 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   60.848585][ T4398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   60.848595][ T4398] Call Trace:
[   60.848603][ T4398]  <TASK>
[   60.848655][ T4398]  __dump_stack+0x1d/0x30
[   60.848678][ T4398]  dump_stack_lvl+0x95/0xd0
[   60.848699][ T4398]  dump_stack+0x15/0x1b
[   60.848719][ T4398]  should_fail_ex+0x265/0x280
[   60.848844][ T4398]  should_failslab+0x8c/0xb0
[   60.848868][ T4398]  kmem_cache_alloc_noprof+0x69/0x4b0
[   60.848890][ T4398]  ? audit_log_start+0x342/0x720
[   60.848914][ T4398]  audit_log_start+0x342/0x720
[   60.848936][ T4398]  ? kstrtouint+0x76/0xc0
[   60.849024][ T4398]  audit_seccomp+0x48/0x100
[   60.849054][ T4398]  ? __seccomp_filter+0x832/0x1260
[   60.849081][ T4398]  __seccomp_filter+0x843/0x1260
[   60.849118][ T4398]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   60.849142][ T4398]  ? vfs_write+0x7e8/0x960
[   60.849163][ T4398]  __secure_computing+0x82/0x150
[   60.849268][ T4398]  syscall_trace_enter+0xcf/0x1e0
[   60.849295][ T4398]  do_syscall_64+0xa4/0x2b0
[   60.849330][ T4398]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   60.849350][ T4398] RIP: 0033:0x7f66432bf749
[   60.849367][ T4398] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   60.849440][ T4398] RSP: 002b:00007f6641d1f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000119
[   60.849491][ T4398] RAX: ffffffffffffffda RBX: 00007f6643515fa0 RCX: 00007f66432bf749
[   60.849506][ T4398] RDX: 0000000000000001 RSI: 0000200000000180 RDI: 0000000000000004
[   60.849520][ T4398] RBP: 00007f6641d1f090 R08: 0000000000000000 R09: 0000000000000000
[   60.849532][ T4398] R10: 0000000000008001 R11: 0000000000000246 R12: 0000000000000001
[   60.849543][ T4398] R13: 00007f6643516038 R14: 00007f6643515fa0 R15: 00007ffda1bf5278
[   60.849628][ T4398]  </TASK>
[   60.853315][ T4396] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   61.057036][ T4393] SELinux: ebitmap start bit (16777215) is not a multiple of the map unit size (64)
[   61.064666][ T4400] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[   61.082458][ T4393] SELinux: failed to load policy
[   61.164704][ T4407] EXT4-fs: Ignoring removed nomblk_io_submit option
[   61.185968][ T4407] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   61.845727][ T4421] program syz.4.379 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   61.883044][ T4413] netlink: 'syz.2.376': attribute type 16 has an invalid length.
[   61.891065][ T4413] netlink: 'syz.2.376': attribute type 17 has an invalid length.
[   61.920855][ T4424] netlink: 'syz.4.380': attribute type 2 has an invalid length.
[   61.940862][ T4413] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   61.958314][ T4424] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 36:ed:9c:5e:40:48
[   61.984141][ T4413] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=54 sclass=netlink_route_socket pid=4413 comm=syz.2.376
[   62.005216][ T4424] netlink: 28 bytes leftover after parsing attributes in process `syz.4.380'.
[   62.027738][ T4413] EXT4-fs: dax option not supported
[   62.056233][ T4407] syz.3.374 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[   62.070883][ T4407] CPU: 1 UID: 0 PID: 4407 Comm: syz.3.374 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   62.070912][ T4407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   62.070962][ T4407] Call Trace:
[   62.070969][ T4407]  <TASK>
[   62.070976][ T4407]  __dump_stack+0x1d/0x30
[   62.071001][ T4407]  dump_stack_lvl+0x95/0xd0
[   62.071020][ T4407]  dump_stack+0x15/0x1b
[   62.071037][ T4407]  dump_header+0x81/0x240
[   62.071056][ T4407]  oom_kill_process+0x295/0x350
[   62.071114][ T4407]  out_of_memory+0x97b/0xb80
[   62.071135][ T4407]  try_charge_memcg+0x610/0xa10
[   62.071160][ T4407]  obj_cgroup_charge_pages+0xa6/0x150
[   62.071186][ T4407]  __memcg_kmem_charge_page+0x9f/0x170
[   62.071212][ T4407]  __alloc_frozen_pages_noprof+0x18f/0x360
[   62.071334][ T4407]  alloc_pages_mpol+0xb3/0x260
[   62.071361][ T4407]  alloc_pages_noprof+0x90/0x130
[   62.071398][ T4407]  __vmalloc_node_range_noprof+0xa7b/0x1310
[   62.071430][ T4407]  __kvmalloc_node_noprof+0x492/0x6b0
[   62.071464][ T4407]  ? ip_set_alloc+0x24/0x30
[   62.071514][ T4407]  ? ip_set_alloc+0x24/0x30
[   62.071595][ T4407]  ip_set_alloc+0x24/0x30
[   62.071619][ T4407]  hash_netiface_create+0x282/0x740
[   62.071648][ T4407]  ? __pfx_hash_netiface_create+0x10/0x10
[   62.071743][ T4407]  ip_set_create+0x3cc/0x970
[   62.071767][ T4407]  ? __nla_parse+0x40/0x60
[   62.071791][ T4407]  nfnetlink_rcv_msg+0x4c6/0x590
[   62.071897][ T4407]  netlink_rcv_skb+0x123/0x220
[   62.071923][ T4407]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[   62.071950][ T4407]  nfnetlink_rcv+0x167/0x16c0
[   62.072004][ T4407]  ? kmem_cache_free+0xe3/0x3a0
[   62.072026][ T4407]  ? __kfree_skb+0x109/0x150
[   62.072048][ T4407]  ? nlmon_xmit+0x4f/0x60
[   62.072065][ T4407]  ? consume_skb+0x49/0x150
[   62.072095][ T4407]  ? nlmon_xmit+0x4f/0x60
[   62.072192][ T4407]  ? dev_hard_start_xmit+0x3b0/0x3e0
[   62.072218][ T4407]  ? __dev_queue_xmit+0x138d/0x1ec0
[   62.072319][ T4407]  ? __dev_queue_xmit+0x148/0x1ec0
[   62.072344][ T4407]  ? ref_tracker_free+0x37d/0x3e0
[   62.072369][ T4407]  ? __netlink_deliver_tap+0x4dc/0x500
[   62.072398][ T4407]  netlink_unicast+0x5c0/0x690
[   62.072434][ T4407]  netlink_sendmsg+0x58b/0x6b0
[   62.072463][ T4407]  ? __pfx_netlink_sendmsg+0x10/0x10
[   62.072538][ T4407]  __sock_sendmsg+0x145/0x180
[   62.072556][ T4407]  ____sys_sendmsg+0x31e/0x4a0
[   62.072637][ T4407]  ___sys_sendmsg+0x17b/0x1d0
[   62.072671][ T4407]  __x64_sys_sendmsg+0xd4/0x160
[   62.072702][ T4407]  x64_sys_call+0x17ba/0x3000
[   62.072724][ T4407]  do_syscall_64+0xca/0x2b0
[   62.072754][ T4407]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   62.072777][ T4407] RIP: 0033:0x7f66432bf749
[   62.072810][ T4407] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   62.072826][ T4407] RSP: 002b:00007f6641d1f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   62.072845][ T4407] RAX: ffffffffffffffda RBX: 00007f6643515fa0 RCX: 00007f66432bf749
[   62.072857][ T4407] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000004
[   62.072869][ T4407] RBP: 00007f6643343f91 R08: 0000000000000000 R09: 0000000000000000
[   62.072958][ T4407] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   62.072970][ T4407] R13: 00007f6643516038 R14: 00007f6643515fa0 R15: 00007ffda1bf5278
[   62.073015][ T4407]  </TASK>
[   62.400882][ T4407] memory: usage 307200kB, limit 307200kB, failcnt 381
[   62.408304][ T4407] memory+swap: usage 307960kB, limit 9007199254740988kB, failcnt 0
[   62.416438][ T4407] kmem: usage 307156kB, limit 9007199254740988kB, failcnt 0
[   62.423826][ T4407] Memory cgroup stats for /syz3:
[   62.428554][ T4435] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   62.447439][ T4435] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   62.466654][ T4407] cache 8192
[   62.470149][ T4407] rss 4096
[   62.473279][ T4407] shmem 0
[   62.476423][ T4407] mapped_file 0
[   62.480001][ T4407] dirty 0
[   62.483120][ T4407] writeback 4096
[   62.486768][ T4407] workingset_refault_anon 122
[   62.491564][ T4407] workingset_refault_file 747
[   62.496572][ T4407] swap 778240
[   62.499880][ T4407] swapcached 36864
[   62.503660][ T4407] pgpgin 12972
[   62.507447][ T4407] pgpgout 12961
[   62.511175][ T4407] pgfault 18736
[   62.514900][ T4407] pgmajfault 21
[   62.519017][ T4407] inactive_anon 36864
[   62.523320][ T4407] active_anon 0
[   62.527077][ T4407] inactive_file 4096
[   62.531170][ T4407] active_file 4096
[   62.535052][ T4407] unevictable 0
[   62.538532][ T4407] hierarchical_memory_limit 314572800
[   62.544038][ T4407] hierarchical_memsw_limit 9223372036854771712
[   62.550360][ T4407] total_cache 8192
[   62.554235][ T4407] total_rss 4096
[   62.557864][ T4407] total_shmem 0
[   62.561355][ T4407] total_mapped_file 0
[   62.565419][ T4407] total_dirty 0
[   62.568898][ T4407] total_writeback 4096
[   62.573004][ T4407] total_workingset_refault_anon 122
[   62.578586][ T4407] total_workingset_refault_file 747
[   62.583843][ T4407] total_swap 778240
[   62.588356][ T4407] total_swapcached 36864
[   62.593090][ T4407] total_pgpgin 12972
[   62.597008][ T4407] total_pgpgout 12961
[   62.601383][ T4407] total_pgfault 18736
[   62.605454][ T4407] total_pgmajfault 21
[   62.609785][ T4407] total_inactive_anon 36864
[   62.614416][ T4407] total_active_anon 0
[   62.618638][ T4407] total_inactive_file 4096
[   62.623143][ T4407] total_active_file 4096
[   62.627397][ T4407] total_unevictable 0
[   62.631464][ T4407] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.374,pid=4406,uid=0
[   62.646174][ T4407] Memory cgroup out of memory: Killed process 4406 (syz.3.374) total-vm:104208kB, anon-rss:1136kB, file-rss:21796kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[   62.708985][ T4407] syz.3.374 (4407) used greatest stack depth: 6120 bytes left
[   62.731038][ T4452] pim6reg: entered allmulticast mode
[   62.767303][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   62.851862][ T4452] pim6reg: left allmulticast mode
[   62.870426][ T4450] EXT4-fs: Ignoring removed orlov option
[   62.876167][ T4450] EXT4-fs: Ignoring removed nomblk_io_submit option
[   62.883028][ T4450] ext4: Unknown parameter 'subj_role'
[   62.929806][ T4457] netlink: 4 bytes leftover after parsing attributes in process `syz.1.393'.
[   62.995302][ T4466] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 36:ed:9c:5e:40:48
[   63.020742][ T4466] netlink: 28 bytes leftover after parsing attributes in process `syz.1.396'.
[   63.053697][ T4459] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   63.072845][ T4470] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4470 comm=syz.1.398
[   63.081268][ T4459] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=54 sclass=netlink_route_socket pid=4459 comm=syz.2.394
[   63.102207][ T4470] netlink: 14 bytes leftover after parsing attributes in process `syz.1.398'.
[   63.120490][ T4459] EXT4-fs: dax option not supported
[   63.136272][ T4470] hsr_slave_0: left promiscuous mode
[   63.152272][ T4470] hsr_slave_1: left promiscuous mode
[   63.329137][ T3503] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   63.336649][ T3503] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   63.344129][ T3503] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   63.352597][ T3503] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   63.360193][ T3503] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   63.367898][ T3503] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   63.375357][ T3503] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   63.382929][ T3503] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   63.390421][ T3503] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   63.397896][ T3503] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   63.412458][ T4491] geneve2: entered promiscuous mode
[   63.419238][  T333] netdevsim netdevsim1 eth0: set [1, 1] type 2 family 0 port 34939 - 0
[   63.427652][ T4493] netlink: 12 bytes leftover after parsing attributes in process `syz.2.404'.
[   63.436898][  T333] netdevsim netdevsim1 eth1: set [1, 1] type 2 family 0 port 34939 - 0
[   63.437855][ T3503] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v8.01 Device [syz0] on syz0
[   63.445793][  T333] netdevsim netdevsim1 eth2: set [1, 1] type 2 family 0 port 34939 - 0
[   63.487324][ T4496] netlink: 4 bytes leftover after parsing attributes in process `syz.4.406'.
[   63.506931][  T333] netdevsim netdevsim1 eth3: set [1, 1] type 2 family 0 port 34939 - 0
[   63.513024][ T4493] set_capacity_and_notify: 7 callbacks suppressed
[   63.513040][ T4493] loop2: detected capacity change from 0 to 512
[   63.535973][ T4499] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   63.536168][ T4493] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   63.553323][ T4493] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[   63.577423][ T4489] SELinux:  Context @ is not valid (left unmapped).
[   63.583550][ T4494] fido_id[4494]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   63.602453][ T4499] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   63.632009][ T4489] netlink: 8 bytes leftover after parsing attributes in process `syz.2.404'.
[   63.645476][ T4489] netlink: 8 bytes leftover after parsing attributes in process `syz.2.404'.
[   63.781181][ T4512] program syz.1.411 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   63.794496][ T4502] SELinux: ebitmap start bit (16777215) is not a multiple of the map unit size (64)
[   63.819121][ T4502] SELinux: failed to load policy
[   63.824378][ T4516] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   63.850536][   T29] kauditd_printk_skb: 349 callbacks suppressed
[   63.850554][   T29] audit: type=1400 audit(1766323165.256:937): avc:  denied  { lock } for  pid=4517 comm="syz.2.414" path=2F7365637265746D656D202864656C6574656429 dev="secretmem" ino=9612 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   63.883352][ T4518] validate_nla: 3 callbacks suppressed
[   63.883367][ T4518] netlink: 'syz.2.414': attribute type 4 has an invalid length.
[   63.892895][ T4516] SELinux: failed to load policy
[   63.902781][ T4518] .`: renamed from bond0 (while UP)
[   63.909257][ T4518] bond_slave_0: left promiscuous mode
[   63.914805][ T4518] bond_slave_1: left promiscuous mode
[   63.971007][ T4523] netlink: 'syz.2.416': attribute type 12 has an invalid length.
[   63.978941][ T4523] netlink: 'syz.2.416': attribute type 29 has an invalid length.
[   64.022675][  T333] bond1: (slave vlan2): link status definitely down, disabling slave
[   64.031054][  T333] bond1: now running without any active interface!
[   64.045612][   T29] audit: type=1400 audit(1766323165.456:938): avc:  denied  { mount } for  pid=4529 comm="syz.1.421" name="/" dev="configfs" ino=1449 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[   64.051197][ T4532] netlink: 'syz.0.420': attribute type 6 has an invalid length.
[   64.076387][ T4532] netlink: 'syz.0.420': attribute type 5 has an invalid length.
[   64.087537][ T4531] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4531 comm=syz.1.421
[   64.103713][ T1715] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[   64.113173][ T1715] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[   64.126438][ T1715] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[   64.189555][ T1715] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[   64.192812][ T4549] loop2: detected capacity change from 0 to 7
[   64.252670][ T4553] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   64.263124][ T4553] SELinux: failed to load policy
[   64.395957][ T4566] netlink: 'syz.1.437': attribute type 12 has an invalid length.
[   64.403841][ T4566] netlink: 'syz.1.437': attribute type 29 has an invalid length.
[   64.655843][ T4573] netlink: 'syz.4.439': attribute type 16 has an invalid length.
[   64.663687][ T4573] netlink: 'syz.4.439': attribute type 17 has an invalid length.
[   64.690716][ T4573] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   64.698419][ T4587] loop2: detected capacity change from 0 to 7
[   64.716185][ T4583] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=54 sclass=netlink_route_socket pid=4583 comm=syz.4.439
[   64.777537][ T4573] loop4: detected capacity change from 0 to 512
[   64.784663][ T4573] EXT4-fs: dax option not supported
[   64.801106][ T4592] loop0: detected capacity change from 0 to 512
[   64.851366][ T4592] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   64.879891][ T4592] ext4 filesystem being mounted at /97/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   64.914988][   T29] audit: type=1400 audit(1766323166.326:939): avc:  denied  { read append } for  pid=4591 comm="syz.0.447" path="/97/file1/cgroup.controllers" dev="loop0" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   64.944272][ T4601] FAULT_INJECTION: forcing a failure.
[   64.944272][ T4601] name failslab, interval 1, probability 0, space 0, times 0
[   64.956975][ T4601] CPU: 1 UID: 0 PID: 4601 Comm: syz.1.452 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   64.957005][ T4601] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   64.957018][ T4601] Call Trace:
[   64.957026][ T4601]  <TASK>
[   64.957060][ T4601]  __dump_stack+0x1d/0x30
[   64.957087][ T4601]  dump_stack_lvl+0x95/0xd0
[   64.957109][ T4601]  dump_stack+0x15/0x1b
[   64.957130][ T4601]  should_fail_ex+0x265/0x280
[   64.957193][ T4601]  should_failslab+0x8c/0xb0
[   64.957216][ T4601]  __kmalloc_cache_noprof+0x65/0x4c0
[   64.957241][ T4601]  ? audit_log_d_path+0x8d/0x150
[   64.957262][ T4601]  audit_log_d_path+0x8d/0x150
[   64.957307][ T4601]  audit_log_d_path_exe+0x42/0x70
[   64.957333][ T4601]  audit_log_task+0x1e9/0x250
[   64.957366][ T4601]  ? kstrtouint+0x76/0xc0
[   64.957454][ T4601]  audit_seccomp+0x61/0x100
[   64.957480][ T4601]  ? __seccomp_filter+0x832/0x1260
[   64.957508][ T4601]  __seccomp_filter+0x843/0x1260
[   64.957580][ T4601]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   64.957610][ T4601]  ? vfs_write+0x7e8/0x960
[   64.957694][ T4601]  ? __rcu_read_unlock+0x4f/0x70
[   64.957717][ T4601]  ? __fget_files+0x184/0x1c0
[   64.957746][ T4601]  __secure_computing+0x82/0x150
[   64.957817][ T4601]  syscall_trace_enter+0xcf/0x1e0
[   64.957902][ T4601]  do_syscall_64+0xa4/0x2b0
[   64.957940][ T4601]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   64.957962][ T4601] RIP: 0033:0x7fed83acf749
[   64.957977][ T4601] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   64.958053][ T4601] RSP: 002b:00007fed8252f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   64.958075][ T4601] RAX: ffffffffffffffda RBX: 00007fed83d25fa0 RCX: 00007fed83acf749
[   64.958090][ T4601] RDX: 0000000000000000 RSI: 0000000043403d0e RDI: 0000000000000006
[   64.958142][ T4601] RBP: 00007fed8252f090 R08: 0000000000000000 R09: 0000000000000000
[   64.958155][ T4601] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   64.958168][ T4601] R13: 00007fed83d26038 R14: 00007fed83d25fa0 R15: 00007ffc424f3ab8
[   64.958208][ T4601]  </TASK>
[   64.966373][ T4603] loop3: detected capacity change from 0 to 1024
[   64.972775][ T3320] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   65.003207][ T4603] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[   65.007288][   T29] audit: type=1400 audit(1766323166.346:940): avc:  denied  { ioctl } for  pid=4591 comm="syz.0.447" path="/97/file1/cgroup.controllers" dev="loop0" ino=18 ioctlcmd=0x4804 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="@"
[   65.015353][ T4605] pim6reg: entered allmulticast mode
[   65.017297][   T29] audit: type=1326 audit(1766323166.346:941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4600 comm="syz.1.452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fed83acf749 code=0x7ffc0000
[   65.073590][ T4609] pim6reg: left allmulticast mode
[   65.076610][   T29] audit: type=1326 audit(1766323166.346:942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4600 comm="syz.1.452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fed83acf749 code=0x7ffc0000
[   65.283361][   T29] audit: type=1326 audit(1766323166.346:943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4600 comm="syz.1.452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fed83acf749 code=0x7ffc0000
[   65.306848][   T29] audit: type=1326 audit(1766323166.346:944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4600 comm="syz.1.452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fed83acf749 code=0x7ffc0000
[   65.330547][   T29] audit: type=1326 audit(1766323166.346:945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4600 comm="syz.1.452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fed83acf749 code=0x7ffc0000
[   65.353887][   T29] audit: type=1326 audit(1766323166.346:946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4600 comm="syz.1.452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fed83acf749 code=0x7ffc0000
[   65.381522][ T4610] netlink: 'syz.1.454': attribute type 12 has an invalid length.
[   65.389447][ T4610] __nla_validate_parse: 11 callbacks suppressed
[   65.389461][ T4610] netlink: 260 bytes leftover after parsing attributes in process `syz.1.454'.
[   65.458008][ T4635] netlink: 12 bytes leftover after parsing attributes in process `syz.1.457'.
[   65.528148][ T4640] loop1: detected capacity change from 0 to 512
[   65.590225][ T4640] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   65.611149][ T4644] loop2: detected capacity change from 0 to 2048
[   65.613306][ T4640] ext4 filesystem being mounted at /107/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   65.635012][ T4638] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   65.643174][ T4644] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   65.663145][ T4647] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=54 sclass=netlink_route_socket pid=4647 comm=syz.4.458
[   65.711975][ T4638] loop4: detected capacity change from 0 to 512
[   65.741308][ T4638] EXT4-fs: dax option not supported
[   65.823668][ T4656] loop0: detected capacity change from 0 to 1024
[   65.852481][ T4656] EXT4-fs: Ignoring removed orlov option
[   65.858190][ T4656] EXT4-fs: Ignoring removed nomblk_io_submit option
[   65.878244][ T4656] ext4: Unknown parameter 'subj_role'
[   65.902373][ T4665] netlink: 260 bytes leftover after parsing attributes in process `syz.3.467'.
[   65.957168][ T4669] pim6reg: entered allmulticast mode
[   65.977769][ T4669] pim6reg: left allmulticast mode
[   66.049822][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   66.079506][ T3316] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   66.117790][ T4686] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[   66.257781][ T4706] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   66.276240][ T4700] SELinux: ebitmap start bit (16777215) is not a multiple of the map unit size (64)
[   66.286735][ T4700] SELinux: failed to load policy
[   66.299269][ T4700] 8021q: adding VLAN 0 to HW filter on device bond2
[   66.341409][ T4683] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=54 sclass=netlink_route_socket pid=4683 comm=syz.0.475
[   66.379616][ T4683] EXT4-fs: dax option not supported
[   66.401278][ T3549] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v8.01 Device [syz0] on syz0
[   66.413081][ T4719] netlink: 12 bytes leftover after parsing attributes in process `syz.1.488'.
[   66.438321][ T4723] FAULT_INJECTION: forcing a failure.
[   66.438321][ T4723] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   66.451667][ T4723] CPU: 1 UID: 0 PID: 4723 Comm: syz.1.489 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   66.451696][ T4723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   66.451707][ T4723] Call Trace:
[   66.451724][ T4723]  <TASK>
[   66.451733][ T4723]  __dump_stack+0x1d/0x30
[   66.451762][ T4723]  dump_stack_lvl+0x95/0xd0
[   66.451849][ T4723]  dump_stack+0x15/0x1b
[   66.451881][ T4723]  should_fail_ex+0x265/0x280
[   66.451906][ T4723]  should_fail+0xb/0x20
[   66.451925][ T4723]  should_fail_usercopy+0x1a/0x20
[   66.451990][ T4723]  strncpy_from_user+0x27/0x260
[   66.452024][ T4723]  getname_flags+0xae/0x3b0
[   66.452049][ T4723]  user_path_at+0x28/0x130
[   66.452082][ T4723]  __se_sys_mount+0x25b/0x2e0
[   66.452101][ T4723]  ? fput+0x8f/0xc0
[   66.452136][ T4723]  __x64_sys_mount+0x67/0x80
[   66.452157][ T4723]  x64_sys_call+0x2cca/0x3000
[   66.452214][ T4723]  do_syscall_64+0xca/0x2b0
[   66.452250][ T4723]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   66.452318][ T4723] RIP: 0033:0x7fed83acf749
[   66.452336][ T4723] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   66.452354][ T4723] RSP: 002b:00007fed8252f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   66.452375][ T4723] RAX: ffffffffffffffda RBX: 00007fed83d25fa0 RCX: 00007fed83acf749
[   66.452388][ T4723] RDX: 0000200000000180 RSI: 0000200000000000 RDI: 0000000000000000
[   66.452426][ T4723] RBP: 00007fed8252f090 R08: 0000200000000340 R09: 0000000000000000
[   66.452438][ T4723] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   66.452449][ T4723] R13: 00007fed83d26038 R14: 00007fed83d25fa0 R15: 00007ffc424f3ab8
[   66.452469][ T4723]  </TASK>
[   66.642062][ T4720] fido_id[4720]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   66.662409][ T4725] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[   66.722309][ T4733] netlink: 260 bytes leftover after parsing attributes in process `syz.2.493'.
[   66.747260][ T4725] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   66.828909][ T4749] netlink: 8 bytes leftover after parsing attributes in process `syz.2.499'.
[   66.961301][ T4764] netlink: 260 bytes leftover after parsing attributes in process `syz.1.506'.
[   66.972680][ T4762] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[   67.007303][ T4770] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[   67.107630][ T4778] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=56346 sclass=netlink_route_socket pid=4778 comm=syz.2.505
[   67.172719][ T4780] netlink: 20 bytes leftover after parsing attributes in process `syz.3.512'.
[   67.182830][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   67.232400][ T4778] EXT4-fs error (device loop2): ext4_iget_extra_inode:5073: inode #12: comm syz.2.505: corrupted in-inode xattr: e_value size too large
[   67.287971][ T4786] SELinux: ebitmap start bit (16777215) is not a multiple of the map unit size (64)
[   67.306522][ T4786] SELinux: failed to load policy
[   67.324985][ T4786] 8021q: adding VLAN 0 to HW filter on device bond3
[   67.336640][ T4784] EXT4-fs: Ignoring removed orlov option
[   67.342461][ T4784] EXT4-fs: Ignoring removed nomblk_io_submit option
[   67.360439][ T4784] ext4: Unknown parameter 'subj_role'
[   67.385204][ T4791] netlink: 8 bytes leftover after parsing attributes in process `syz.3.517'.
[   67.423270][ T4795] netlink: 260 bytes leftover after parsing attributes in process `syz.4.518'.
[   67.797082][ T4812] SELinux: ebitmap start bit (16777215) is not a multiple of the map unit size (64)
[   67.828534][ T4812] SELinux: failed to load policy
[   67.847945][ T4803] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[   68.053182][ T4803] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   68.068097][ T4815] 8021q: adding VLAN 0 to HW filter on device bond1
[   68.076359][ T4762] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   68.148231][ T4762] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[   68.160849][ T4762] EXT4-fs (loop2): This should not happen!! Data will be lost
[   68.160849][ T4762] 
[   68.170557][ T4762] EXT4-fs (loop2): Total free blocks count 0
[   68.176569][ T4762] EXT4-fs (loop2): Free/Dirty block details
[   68.182574][ T4762] EXT4-fs (loop2): free_blocks=2415919104
[   68.188307][ T4762] EXT4-fs (loop2): dirty_blocks=8192
[   68.193720][ T4762] EXT4-fs (loop2): Block reservation details
[   68.199795][ T4762] EXT4-fs (loop2): i_reserved_data_blocks=512
[   68.456333][ T1986] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28
[   68.474031][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.717783][ T4837] SELinux: ebitmap start bit (16777215) is not a multiple of the map unit size (64)
[   68.732511][ T4837] SELinux: failed to load policy
[   68.758253][ T4837] 8021q: adding VLAN 0 to HW filter on device bond2
[   68.800129][ T4837] bond2: (slave veth3): Enslaving as an active interface with a down link
[   68.938869][ T4846] set_capacity_and_notify: 10 callbacks suppressed
[   68.938889][ T4846] loop1: detected capacity change from 0 to 1024
[   68.963675][ T4848] validate_nla: 18 callbacks suppressed
[   68.963692][ T4848] netlink: 'syz.3.538': attribute type 4 has an invalid length.
[   69.007401][ T4846] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[   69.028001][ T4848] .`: renamed from bond0 (while UP)
[   69.073871][ T4851] netlink: 'syz.0.539': attribute type 4 has an invalid length.
[   69.118436][ T4851] .`: renamed from bond0 (while UP)
[   69.136385][   T29] kauditd_printk_skb: 96 callbacks suppressed
[   69.136460][   T29] audit: type=1400 audit(1766323170.546:1043): avc:  denied  { setopt } for  pid=4852 comm="syz.3.540" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   69.170390][   T29] audit: type=1400 audit(1766323170.566:1044): avc:  denied  { bind } for  pid=4852 comm="syz.3.540" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   69.177211][ T4855] netlink: 'syz.4.541': attribute type 12 has an invalid length.
[   69.198208][ T4855] netlink: 'syz.4.541': attribute type 29 has an invalid length.
[   69.280872][ T4861] pim6reg: entered allmulticast mode
[   69.309193][ T4853] mmap: syz.3.540 (4853) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   69.334442][ T4853] loop3: detected capacity change from 0 to 512
[   69.352632][   T29] audit: type=1400 audit(1766323170.766:1045): avc:  denied  { create } for  pid=4856 comm="syz.2.530" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   69.355001][ T4857] pim6reg: left allmulticast mode
[   69.420296][   T29] audit: type=1400 audit(1766323170.766:1046): avc:  denied  { mounton } for  pid=4852 comm="syz.3.540" path="/69/file1" dev="tmpfs" ino=388 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   69.427073][ T4876] loop2: detected capacity change from 0 to 7
[   69.442904][   T29] audit: type=1400 audit(1766323170.766:1047): avc:  denied  { setopt } for  pid=4856 comm="syz.2.530" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   69.469600][   T29] audit: type=1400 audit(1766323170.786:1048): avc:  denied  { read write } for  pid=4852 comm="syz.3.540" name="loop3" dev="devtmpfs" ino=103 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   69.494029][   T29] audit: type=1400 audit(1766323170.786:1049): avc:  denied  { open } for  pid=4852 comm="syz.3.540" path="/dev/loop3" dev="devtmpfs" ino=103 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   69.518090][   T29] audit: type=1400 audit(1766323170.786:1050): avc:  denied  { ioctl } for  pid=4852 comm="syz.3.540" path="/dev/loop3" dev="devtmpfs" ino=103 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   69.543821][   T29] audit: type=1400 audit(1766323170.786:1051): avc:  denied  { read } for  pid=4852 comm="syz.3.540" dev="nsfs" ino=4026532742 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   69.565672][   T29] audit: type=1400 audit(1766323170.786:1052): avc:  denied  { open } for  pid=4852 comm="syz.3.540" path="net:[4026532742]" dev="nsfs" ino=4026532742 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   69.610635][ T4872] SELinux: failed to load policy
[   69.621848][ T4872] netlink: 'syz.0.547': attribute type 1 has an invalid length.
[   69.648505][ T4872] 8021q: adding VLAN 0 to HW filter on device bond0
[   69.675141][ T4872] bond0: (slave veth5): Enslaving as an active interface with a down link
[   69.735054][ T4885] loop4: detected capacity change from 0 to 4096
[   69.751554][ T4891] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   69.760528][ T4885] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   69.790110][ T4891] vhci_hcd vhci_hcd.2: invalid port number 96
[   69.796295][ T4891] vhci_hcd vhci_hcd.2: default hub control req: 0500 vfffa i0060 l0
[   69.842920][ T4891] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   69.850347][ T4891] batman_adv: batadv0: Removing interface: batadv_slave_0
[   69.872901][ T4891] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   69.880333][ T4891] batman_adv: batadv0: Removing interface: batadv_slave_1
[   69.902624][ T4901] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'filter'
[   70.008782][ T4904] loop1: detected capacity change from 0 to 4096
[   70.100254][ T4906] loop2: detected capacity change from 0 to 7
[   70.110442][ T4904] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   70.126694][ T4904] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[   70.252734][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.375465][ T4922] pim6reg: entered allmulticast mode
[   70.390275][ T4922] pim6reg: left allmulticast mode
[   70.397504][ T4924] loop0: detected capacity change from 0 to 1024
[   70.406745][ T4924] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[   70.423564][ T4926] FAULT_INJECTION: forcing a failure.
[   70.423564][ T4926] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[   70.436962][ T4926] CPU: 0 UID: 0 PID: 4926 Comm: syz.2.568 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   70.436993][ T4926] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   70.437006][ T4926] Call Trace:
[   70.437014][ T4926]  <TASK>
[   70.437023][ T4926]  __dump_stack+0x1d/0x30
[   70.437052][ T4926]  dump_stack_lvl+0x95/0xd0
[   70.437075][ T4926]  dump_stack+0x15/0x1b
[   70.437095][ T4926]  should_fail_ex+0x265/0x280
[   70.437116][ T4926]  should_fail_alloc_page+0xf2/0x100
[   70.437155][ T4926]  __alloc_frozen_pages_noprof+0x109/0x360
[   70.437250][ T4926]  alloc_pages_mpol+0xb3/0x260
[   70.437277][ T4926]  alloc_pages_noprof+0x90/0x130
[   70.437335][ T4926]  __pud_alloc+0x47/0x4b0
[   70.437362][ T4926]  handle_mm_fault+0x18b5/0x2c60
[   70.437387][ T4926]  ? __rcu_read_unlock+0x4f/0x70
[   70.437481][ T4926]  ? mt_find+0x21b/0x330
[   70.437506][ T4926]  do_user_addr_fault+0x3fe/0x1080
[   70.437540][ T4926]  exc_page_fault+0x62/0xa0
[   70.437593][ T4926]  asm_exc_page_fault+0x26/0x30
[   70.437615][ T4926] RIP: 0010:rep_movs_alternative+0x4a/0x90
[   70.437644][ T4926] Code: cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 e9 7f 17 02 00 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[   70.437662][ T4926] RSP: 0018:ffffc900001cbc70 EFLAGS: 00050206
[   70.437712][ T4926] RAX: ffff88811ab2bc10 RBX: 0000000000000090 RCX: 0000000000000090
[   70.437727][ T4926] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffff8881241a0480
[   70.437742][ T4926] RBP: 0000000000000000 R08: 00000000000002b3 R09: 0000000000000000
[   70.437756][ T4926] R10: 00018881241a0480 R11: 00018881241a050f R12: 0000000000000090
[   70.437776][ T4926] R13: ffff888119436430 R14: ffff8881241a0480 R15: 0000200000000000
[   70.437798][ T4926]  _copy_from_user+0x6f/0xb0
[   70.437837][ T4926]  memdup_sockptr_noprof+0x95/0x100
[   70.437867][ T4926]  ip_set_mcast_msfilter+0x95/0x1b0
[   70.437901][ T4926]  do_ip_setsockopt+0x16ca/0x2240
[   70.437933][ T4926]  ? selinux_netlbl_socket_setsockopt+0x1f9/0x2d0
[   70.438029][ T4926]  ip_setsockopt+0x58/0x110
[   70.438059][ T4926]  ipv6_setsockopt+0xfb/0x130
[   70.438078][ T4926]  sctp_setsockopt+0x116/0xe30
[   70.438105][ T4926]  sock_common_setsockopt+0x69/0x80
[   70.438127][ T4926]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   70.438198][ T4926]  __sys_setsockopt+0x184/0x200
[   70.438228][ T4926]  __x64_sys_setsockopt+0x64/0x80
[   70.438251][ T4926]  x64_sys_call+0x21d5/0x3000
[   70.438320][ T4926]  do_syscall_64+0xca/0x2b0
[   70.438369][ T4926]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   70.438403][ T4926] RIP: 0033:0x7fd0b8aef749
[   70.438419][ T4926] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   70.438434][ T4926] RSP: 002b:00007fd0b7557038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   70.438455][ T4926] RAX: ffffffffffffffda RBX: 00007fd0b8d45fa0 RCX: 00007fd0b8aef749
[   70.438470][ T4926] RDX: 0000000000000030 RSI: 0000000000000000 RDI: 0000000000000003
[   70.438537][ T4926] RBP: 00007fd0b7557090 R08: 0000000000000090 R09: 0000000000000000
[   70.438552][ T4926] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[   70.438635][ T4926] R13: 00007fd0b8d46038 R14: 00007fd0b8d45fa0 R15: 00007ffe53926528
[   70.438655][ T4926]  </TASK>
[   70.790590][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.828597][ T4931] loop1: detected capacity change from 0 to 512
[   70.836321][ T4931] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[   70.878716][ T4931] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   70.984084][ T4951] __nla_validate_parse: 6 callbacks suppressed
[   70.984101][ T4951] netlink: 4 bytes leftover after parsing attributes in process `syz.3.576'.
[   71.089345][ T4955] netlink: 'syz.3.578': attribute type 12 has an invalid length.
[   71.097270][ T4955] netlink: 'syz.3.578': attribute type 29 has an invalid length.
[   71.105132][ T4955] netlink: 468 bytes leftover after parsing attributes in process `syz.3.578'.
[   71.167497][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.352261][ T4973] pim6reg: entered allmulticast mode
[   71.415851][ T4978] pim6reg: left allmulticast mode
[   71.456768][ T4985] serio: Serial port ttyS3
[   71.502597][ T4987] loop3: detected capacity change from 0 to 1024
[   71.524851][ T4987] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[   71.549039][ T4970] netlink: 'syz.2.580': attribute type 16 has an invalid length.
[   71.556920][ T4970] netlink: 'syz.2.580': attribute type 17 has an invalid length.
[   71.559798][ T4989] netlink: 4 bytes leftover after parsing attributes in process `syz.1.587'.
[   71.607635][ T4984] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=54 sclass=netlink_route_socket pid=4984 comm=syz.2.580
[   71.614408][ T4970] 8021q: adding VLAN 0 to HW filter on device .`
[   71.631062][ T4984] loop2: detected capacity change from 0 to 512
[   71.642579][ T4970] bond_slave_0: entered promiscuous mode
[   71.646725][ T4993] netlink: 8 bytes leftover after parsing attributes in process `syz.0.588'.
[   71.648285][ T4970] bond_slave_1: entered promiscuous mode
[   71.666669][ T4984] EXT4-fs: dax option not supported
[   71.685843][ T4970] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   71.702308][ T1986] bond1: (slave vlan2): link status definitely up, 20000 Mbps full duplex
[   71.710860][ T1986] bond1: (slave vlan2): making interface the new active one
[   71.752729][ T1986] bond1: active interface up!
[   71.757824][ T4991] netlink: 'syz.0.588': attribute type 2 has an invalid length.
[   71.833536][ T5005] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[   71.853225][ T5007] netlink: 468 bytes leftover after parsing attributes in process `syz.0.591'.
[   71.869763][ T5009] FAULT_INJECTION: forcing a failure.
[   71.869763][ T5009] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   71.883012][ T5009] CPU: 0 UID: 0 PID: 5009 Comm: syz.2.592 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   71.883067][ T5009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   71.883079][ T5009] Call Trace:
[   71.883086][ T5009]  <TASK>
[   71.883094][ T5009]  __dump_stack+0x1d/0x30
[   71.883118][ T5009]  dump_stack_lvl+0x95/0xd0
[   71.883140][ T5009]  dump_stack+0x15/0x1b
[   71.883162][ T5009]  should_fail_ex+0x265/0x280
[   71.883225][ T5009]  should_fail+0xb/0x20
[   71.883247][ T5009]  should_fail_usercopy+0x1a/0x20
[   71.883275][ T5009]  _copy_from_user+0x1c/0xb0
[   71.883304][ T5009]  copy_from_bpfptr+0x5c/0x90
[   71.883329][ T5009]  bpf_prog_load+0x73b/0x1140
[   71.883409][ T5009]  ? security_bpf+0x2b/0x90
[   71.883462][ T5009]  __sys_bpf+0x469/0x7c0
[   71.883493][ T5009]  __x64_sys_bpf+0x41/0x50
[   71.883589][ T5009]  x64_sys_call+0x28e1/0x3000
[   71.883667][ T5009]  do_syscall_64+0xca/0x2b0
[   71.883753][ T5009]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   71.883773][ T5009] RIP: 0033:0x7fd0b8aef749
[   71.883791][ T5009] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   71.883810][ T5009] RSP: 002b:00007fd0b7557038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   71.883872][ T5009] RAX: ffffffffffffffda RBX: 00007fd0b8d45fa0 RCX: 00007fd0b8aef749
[   71.883886][ T5009] RDX: 00000000000000a0 RSI: 00002000000003c0 RDI: 0000000000000005
[   71.883901][ T5009] RBP: 00007fd0b7557090 R08: 0000000000000000 R09: 0000000000000000
[   71.883915][ T5009] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   71.883930][ T5009] R13: 00007fd0b8d46038 R14: 00007fd0b8d45fa0 R15: 00007ffe53926528
[   71.883951][ T5009]  </TASK>
[   71.889665][ T5005] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   72.138714][ T5021] netlink: 666 bytes leftover after parsing attributes in process `syz.2.596'.
[   72.157286][ T5019] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   72.385492][ T5034] pim6reg: entered allmulticast mode
[   72.392364][ T5034] pim6reg: left allmulticast mode
[   72.505777][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.637469][ T5041] serio: Serial port ttyS3
[   72.663392][ T3320] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.672348][ T5049] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   72.692792][ T5049] ext4 filesystem being mounted at /148/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   72.814693][ T5049] netlink: 8 bytes leftover after parsing attributes in process `syz.2.606'.
[   72.842879][ T5057] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[   72.915399][ T3316] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   73.065002][ T5070] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[   73.105515][ T5070] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.106234][ T5069] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[   73.327765][ T5081] pim6reg: entered allmulticast mode
[   73.337447][ T3503] hid_parser_main: 54 callbacks suppressed
[   73.337465][ T3503] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   73.351146][ T3503] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   73.352482][ T5081] pim6reg: left allmulticast mode
[   73.358688][ T3503] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   73.382783][ T3503] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   73.390299][ T3503] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   73.397773][ T3503] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   73.405324][ T3503] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   73.412973][ T3503] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   73.420477][ T3503] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   73.427992][ T3503] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   73.436845][ T3503] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v8.01 Device [syz0] on syz0
[   73.485231][ T5087] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 36:ed:9c:5e:40:48
[   73.501905][ T5088] fido_id[5088]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   73.584292][ T5057] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   73.616781][ T5057] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[   73.629530][ T5057] EXT4-fs (loop1): This should not happen!! Data will be lost
[   73.629530][ T5057] 
[   73.632323][ T5095] SELinux: ebitmap start bit (16777215) is not a multiple of the map unit size (64)
[   73.639368][ T5057] EXT4-fs (loop1): Total free blocks count 0
[   73.654788][ T5057] EXT4-fs (loop1): Free/Dirty block details
[   73.655531][ T5095] SELinux: failed to load policy
[   73.660961][ T5057] EXT4-fs (loop1): free_blocks=2415919104
[   73.661014][ T5057] EXT4-fs (loop1): dirty_blocks=8192
[   73.677246][ T5057] EXT4-fs (loop1): Block reservation details
[   73.683309][ T5057] EXT4-fs (loop1): i_reserved_data_blocks=512
[   73.690608][ T5095] 8021q: adding VLAN 0 to HW filter on device bond0
[   73.709695][ T5095] bond0: (slave veth7): Enslaving as an active interface with a down link
[   73.723408][   T60] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28
[   73.838796][ T3320] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.862610][ T5104] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   73.886243][ T5104] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[   73.947809][ T5114] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   73.969059][ T5108] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=54 sclass=netlink_route_socket pid=5108 comm=syz.4.627
[   73.984621][ T5108] set_capacity_and_notify: 7 callbacks suppressed
[   73.984633][ T5108] loop4: detected capacity change from 0 to 512
[   74.009218][ T3316] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.012662][ T5108] EXT4-fs: dax option not supported
[   74.054200][ T5116] validate_nla: 7 callbacks suppressed
[   74.054216][ T5116] netlink: 'syz.2.629': attribute type 2 has an invalid length.
[   74.080674][ T3403] hid-generic 0000:0000:0000.0004: hidraw0: <UNKNOWN> HID v8.01 Device [syz0] on syz0
[   74.103194][ T5119] fido_id[5119]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   74.200342][ T5123] SELinux: ebitmap start bit (16777215) is not a multiple of the map unit size (64)
[   74.210294][ T5123] SELinux: failed to load policy
[   74.216058][ T5123] netlink: 'syz.3.633': attribute type 1 has an invalid length.
[   74.239047][ T5123] 8021q: adding VLAN 0 to HW filter on device bond0
[   74.267418][ T5123] bond0: (slave veth3): Enslaving as an active interface with a down link
[   74.292278][   T29] kauditd_printk_skb: 368 callbacks suppressed
[   74.292300][   T29] audit: type=1400 audit(1766323175.706:1421): avc:  denied  { ioctl } for  pid=5136 comm="syz.4.636" path="socket:[10644]" dev="sockfs" ino=10644 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   74.328647][ T5142] netlink: 4 bytes leftover after parsing attributes in process `syz.3.637'.
[   74.383420][ T5147] loop2: detected capacity change from 0 to 7
[   74.430692][ T5149] loop3: detected capacity change from 0 to 1024
[   74.431048][ T5151] netlink: 'syz.4.641': attribute type 2 has an invalid length.
[   74.437773][ T5149] EXT4-fs: Ignoring removed nomblk_io_submit option
[   74.456756][ T5151] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 36:ed:9c:5e:40:48
[   74.486824][ T5149] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   74.519136][   T29] audit: type=1400 audit(1766323175.926:1422): avc:  denied  { read write } for  pid=5148 comm="syz.3.640" name="file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   74.541895][   T29] audit: type=1400 audit(1766323175.926:1423): avc:  denied  { open } for  pid=5148 comm="syz.3.640" path="/89/file1/file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   74.638689][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.750531][   T29] audit: type=1326 audit(1766323176.156:1424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5169 comm="syz.3.647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66432bf749 code=0x7ffc0000
[   74.774486][   T29] audit: type=1326 audit(1766323176.156:1425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5169 comm="syz.3.647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f66432bf749 code=0x7ffc0000
[   74.798054][   T29] audit: type=1326 audit(1766323176.156:1426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5169 comm="syz.3.647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66432bf749 code=0x7ffc0000
[   74.821394][   T29] audit: type=1326 audit(1766323176.156:1427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5169 comm="syz.3.647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66432bf749 code=0x7ffc0000
[   74.849018][ T5175] netlink: 4 bytes leftover after parsing attributes in process `syz.0.650'.
[   74.859831][ T5173] FAULT_INJECTION: forcing a failure.
[   74.859831][ T5173] name failslab, interval 1, probability 0, space 0, times 0
[   74.869340][ T5176] loop1: detected capacity change from 0 to 128
[   74.872704][ T5173] CPU: 1 UID: 0 PID: 5173 Comm: syz.4.649 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   74.872731][ T5173] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   74.872742][ T5173] Call Trace:
[   74.872749][ T5173]  <TASK>
[   74.872757][ T5173]  __dump_stack+0x1d/0x30
[   74.872892][ T5173]  dump_stack_lvl+0x95/0xd0
[   74.872913][ T5173]  dump_stack+0x15/0x1b
[   74.872933][ T5173]  should_fail_ex+0x265/0x280
[   74.872956][ T5173]  should_failslab+0x8c/0xb0
[   74.872978][ T5173]  kmem_cache_alloc_noprof+0x69/0x4b0
[   74.873059][ T5173]  ? alloc_empty_file+0x76/0x200
[   74.873085][ T5173]  alloc_empty_file+0x76/0x200
[   74.873175][ T5173]  alloc_file_pseudo+0xc6/0x160
[   74.873203][ T5173]  __shmem_file_setup+0x1de/0x210
[   74.873284][ T5173]  shmem_file_setup+0x3b/0x50
[   74.873320][ T5173]  __se_sys_memfd_create+0x2f7/0x6b0
[   74.873355][ T5173]  __x64_sys_memfd_create+0x31/0x40
[   74.873441][ T5173]  x64_sys_call+0x28cb/0x3000
[   74.873464][ T5173]  do_syscall_64+0xca/0x2b0
[   74.873496][ T5173]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.873517][ T5173] RIP: 0033:0x7f3fa333f749
[   74.873533][ T5173] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   74.873565][ T5173] RSP: 002b:00007f3fa1da6e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[   74.873586][ T5173] RAX: ffffffffffffffda RBX: 0000000000000476 RCX: 00007f3fa333f749
[   74.873599][ T5173] RDX: 00007f3fa1da6ef0 RSI: 0000000000000000 RDI: 00007f3fa33c4960
[   74.873612][ T5173] RBP: 0000200000000540 R08: 00007f3fa1da6bb7 R09: 00007f3fa1da6e40
[   74.873624][ T5173] R10: 000000000000000a R11: 0000000000000202 R12: 00002000000001c0
[   74.873637][ T5173] R13: 00007f3fa1da6ef0 R14: 00007f3fa1da6eb0 R15: 0000200000000440
[   74.873654][ T5173]  </TASK>
[   75.064088][   T29] audit: type=1326 audit(1766323176.256:1428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5169 comm="syz.3.647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f66432bf749 code=0x7ffc0000
[   75.087458][   T29] audit: type=1326 audit(1766323176.256:1429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5169 comm="syz.3.647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66432bf749 code=0x7ffc0000
[   75.111009][   T29] audit: type=1326 audit(1766323176.256:1430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5169 comm="syz.3.647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66432bf749 code=0x7ffc0000
[   75.140379][ T5176] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   75.192768][ T5178] netlink: 'syz.3.652': attribute type 2 has an invalid length.
[   75.222694][ T5176] ext4 filesystem being mounted at /138/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   75.241719][ T5176] netlink: 8 bytes leftover after parsing attributes in process `syz.1.648'.
[   75.276951][ T5187] netlink: 'syz.0.654': attribute type 16 has an invalid length.
[   75.284800][ T5187] netlink: 'syz.0.654': attribute type 17 has an invalid length.
[   75.308850][ T5187] 8021q: adding VLAN 0 to HW filter on device .`
[   75.311668][ T3314] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   75.324840][ T5187] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   75.359931][ T5197] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=54 sclass=netlink_route_socket pid=5197 comm=syz.0.654
[   75.390992][ T5202] loop0: detected capacity change from 0 to 512
[   75.423043][ T5204] loop3: detected capacity change from 0 to 1024
[   75.430040][ T5202] EXT4-fs: dax option not supported
[   75.444052][ T5204] EXT4-fs: Ignoring removed orlov option
[   75.449893][ T5204] EXT4-fs: Ignoring removed nomblk_io_submit option
[   75.522459][ T5204] ext4: Unknown parameter 'subj_role'
[   75.614023][ T5216] netlink: 'syz.3.667': attribute type 2 has an invalid length.
[   75.651295][ T5218] ªªªªªª: renamed from vlan0 (while UP)
[   75.671667][ T5221] geneve2: entered promiscuous mode
[   75.683798][   T37] netdevsim netdevsim4 eth0: set [1, 1] type 2 family 0 port 40639 - 0
[   75.702815][   T37] netdevsim netdevsim4 eth1: set [1, 1] type 2 family 0 port 40639 - 0
[   75.711805][   T37] netdevsim netdevsim4 eth2: set [1, 1] type 2 family 0 port 40639 - 0
[   75.736468][   T37] netdevsim netdevsim4 eth3: set [1, 1] type 2 family 0 port 40639 - 0
[   75.826848][ T3503] hid-generic 0000:0000:0000.0005: hidraw0: <UNKNOWN> HID v8.01 Device [syz0] on syz0
[   75.861264][ T5233] fido_id[5233]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   75.973816][ T5239] pim6reg: entered allmulticast mode
[   76.048330][ T5234] pim6reg: left allmulticast mode
[   76.079412][ T5245] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5245 comm=syz.3.676
[   76.104509][ T5247] loop4: detected capacity change from 0 to 1024
[   76.115828][ T5247] EXT4-fs: Ignoring removed orlov option
[   76.121865][ T5247] EXT4-fs: Ignoring removed nomblk_io_submit option
[   76.141426][ T5247] ext4: Unknown parameter 'subj_role'
[   76.266499][ T5254] pim6reg: entered allmulticast mode
[   76.342168][ T5258] pim6reg: left allmulticast mode
[   76.431696][ T5259] loop4: detected capacity change from 0 to 2048
[   76.445766][ T5261] __nla_validate_parse: 2 callbacks suppressed
[   76.445784][ T5261] netlink: 12 bytes leftover after parsing attributes in process `syz.0.683'.
[   76.463658][ T3403] hid-generic 0000:0000:0000.0006: hidraw0: <UNKNOWN> HID v8.01 Device [syz0] on syz0
[   76.508616][ T5259] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   76.540823][ T5262] fido_id[5262]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   76.601644][ T5268] loop0: detected capacity change from 0 to 2048
[   76.665238][ T5268] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   76.782849][ T5279] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5279 comm=syz.3.689
[   76.801490][ T5277] SELinux: ebitmap start bit (16777215) is not a multiple of the map unit size (64)
[   76.823515][ T5277] SELinux: failed to load policy
[   76.839488][ T5277] netlink: 'syz.1.688': attribute type 1 has an invalid length.
[   76.874281][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.892628][ T5277] 8021q: adding VLAN 0 to HW filter on device bond2
[   77.037898][ T3320] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.051286][ T5294] netlink: 12 bytes leftover after parsing attributes in process `syz.1.695'.
[   77.117088][ T5301] loop4: detected capacity change from 0 to 128
[   77.141774][ T5301] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   77.176316][ T5304] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[   77.201689][ T5301] ext4 filesystem being mounted at /142/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   77.224143][ T5311] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   77.245116][ T5301] netlink: 8 bytes leftover after parsing attributes in process `syz.4.698'.
[   77.278289][ T3317] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   77.322798][ T3320] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[   77.406187][ T5322] netlink: 4 bytes leftover after parsing attributes in process `syz.4.704'.
[   77.484794][ T5324] SELinux: ebitmap start bit (16777215) is not a multiple of the map unit size (64)
[   77.495313][ T5324] SELinux: failed to load policy
[   77.501410][ T5324] netlink: 'syz.4.705': attribute type 1 has an invalid length.
[   77.516186][ T5324] 8021q: adding VLAN 0 to HW filter on device bond4
[   77.568024][ T5328] pim6reg: entered allmulticast mode
[   77.613407][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.725957][ T5330] netlink: 'syz.4.707': attribute type 16 has an invalid length.
[   77.741087][ T5330] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   77.782350][ T5330] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=54 sclass=netlink_route_socket pid=5330 comm=syz.4.707
[   77.811975][ T5330] EXT4-fs: dax option not supported
[   77.913027][ T5345] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 36:ed:9c:5e:40:48
[   77.960317][ T5345] netlink: 28 bytes leftover after parsing attributes in process `syz.4.714'.
[   77.999632][ T5352] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   78.061335][ T5357] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   78.061426][ T5352] ext4 filesystem being mounted at /106/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   78.102712][ T5357] ext4 filesystem being mounted at /149/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   78.133244][ T5352] netlink: 8 bytes leftover after parsing attributes in process `syz.3.716'.
[   78.163341][ T3317] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   78.194021][ T3315] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   78.295032][ T5373] pim6reg: entered allmulticast mode
[   78.399392][ T5361] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   78.442314][ T5379] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=54 sclass=netlink_route_socket pid=5379 comm=syz.2.720
[   78.458726][ T5359] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   78.477871][ T5384] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 36:ed:9c:5e:40:48
[   78.518139][ T5384] netlink: 28 bytes leftover after parsing attributes in process `syz.4.727'.
[   78.539713][ T5359] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=54 sclass=netlink_route_socket pid=5359 comm=syz.1.718
[   78.555754][ T5361] EXT4-fs: dax option not supported
[   78.615634][ T5359] EXT4-fs: dax option not supported
[   78.725751][ T5395] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   78.770901][ T5395] ext4 filesystem being mounted at /158/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   78.824142][ T3316] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   78.868380][ T5402] syzkaller0: entered promiscuous mode
[   78.874037][ T5402] syzkaller0: entered allmulticast mode
[   78.917773][ T5404] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   79.225630][ T5419] validate_nla: 7 callbacks suppressed
[   79.225657][ T5419] netlink: 'syz.0.738': attribute type 2 has an invalid length.
[   79.248744][ T5420] pim6reg: entered allmulticast mode
[   79.276083][ T5419] netlink: 28 bytes leftover after parsing attributes in process `syz.0.738'.
[   79.293747][ T3316] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.349610][ T5424] set_capacity_and_notify: 9 callbacks suppressed
[   79.349694][ T5424] loop2: detected capacity change from 0 to 7
[   79.400225][ T5422] loop2: detected capacity change from 0 to 2048
[   79.430536][ T5426] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[   79.445630][ T5428] netlink: 4 bytes leftover after parsing attributes in process `syz.1.742'.
[   79.459625][   T29] kauditd_printk_skb: 252 callbacks suppressed
[   79.459695][   T29] audit: type=1326 audit(1766323180.866:1683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5390 comm="syz.4.729" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fa333f749 code=0x7fc00000
[   79.504193][ T5422] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[   79.505655][ T5434] loop4: detected capacity change from 0 to 128
[   79.593429][ T5434] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   79.611940][ T5439] syzkaller0: entered promiscuous mode
[   79.617622][ T5439] syzkaller0: entered allmulticast mode
[   79.672478][ T5434] ext4 filesystem being mounted at /154/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   79.733853][ T5434] netlink: 8 bytes leftover after parsing attributes in process `syz.4.744'.
[   79.766800][ T5441] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5441 comm=syz.0.747
[   79.847221][ T3317] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   79.895391][ T5422] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   79.911427][ T5422] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[   79.924109][ T5422] EXT4-fs (loop2): This should not happen!! Data will be lost
[   79.924109][ T5422] 
[   79.933970][ T5422] EXT4-fs (loop2): Total free blocks count 0
[   79.939977][ T5422] EXT4-fs (loop2): Free/Dirty block details
[   79.945937][ T5422] EXT4-fs (loop2): free_blocks=2415919104
[   79.951696][ T5422] EXT4-fs (loop2): dirty_blocks=8192
[   79.957067][ T5422] EXT4-fs (loop2): Block reservation details
[   79.963241][ T5422] EXT4-fs (loop2): i_reserved_data_blocks=512
[   79.999608][ T5445] SELinux: ebitmap start bit (16777215) is not a multiple of the map unit size (64)
[   80.009541][ T5445] SELinux: failed to load policy
[   80.015343][ T5445] netlink: 'syz.4.749': attribute type 1 has an invalid length.
[   80.057861][ T5445] 8021q: adding VLAN 0 to HW filter on device bond5
[   80.100722][   T37] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28
[   80.132305][ T5451] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[   80.296908][ T5462] loop2: detected capacity change from 0 to 7
[   80.310919][ T5464] team0 (unregistering): Port device team_slave_0 removed
[   80.344435][ T5464] team0 (unregistering): Port device team_slave_1 removed
[   80.366707][ T5468] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   80.375611][ T5468] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   80.419997][ T5472] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[   80.432568][ T5476] FAULT_INJECTION: forcing a failure.
[   80.432568][ T5476] name failslab, interval 1, probability 0, space 0, times 0
[   80.445405][ T5476] CPU: 1 UID: 0 PID: 5476 Comm: syz.2.761 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   80.445436][ T5476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   80.445450][ T5476] Call Trace:
[   80.445457][ T5476]  <TASK>
[   80.445489][ T5476]  __dump_stack+0x1d/0x30
[   80.445592][ T5476]  dump_stack_lvl+0x95/0xd0
[   80.445612][ T5476]  dump_stack+0x15/0x1b
[   80.445634][ T5476]  should_fail_ex+0x265/0x280
[   80.445726][ T5476]  should_failslab+0x8c/0xb0
[   80.445750][ T5476]  __kmalloc_cache_noprof+0x65/0x4c0
[   80.445776][ T5476]  ? ip_setup_cork+0x176/0x410
[   80.445877][ T5476]  ip_setup_cork+0x176/0x410
[   80.445983][ T5476]  ? __pfx_ip_generic_getfrag+0x10/0x10
[   80.446009][ T5476]  ip_make_skb+0xb1/0x2c0
[   80.446041][ T5476]  udp_sendmsg+0x1013/0x13c0
[   80.446191][ T5476]  ? __pfx_ip_generic_getfrag+0x10/0x10
[   80.446225][ T5476]  udpv6_sendmsg+0x812/0x15b0
[   80.446256][ T5476]  ? _raw_spin_lock+0x52/0xa0
[   80.446292][ T5476]  ? __pfx_udpv6_sendmsg+0x10/0x10
[   80.446366][ T5476]  inet6_sendmsg+0xac/0xd0
[   80.446399][ T5476]  __sock_sendmsg+0x8b/0x180
[   80.446460][ T5476]  ____sys_sendmsg+0x345/0x4a0
[   80.446488][ T5476]  ___sys_sendmsg+0x17b/0x1d0
[   80.446598][ T5476]  __sys_sendmmsg+0x178/0x300
[   80.446640][ T5476]  __x64_sys_sendmmsg+0x57/0x70
[   80.446673][ T5476]  x64_sys_call+0x1e28/0x3000
[   80.446701][ T5476]  do_syscall_64+0xca/0x2b0
[   80.446748][ T5476]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.446773][ T5476] RIP: 0033:0x7fd0b8aef749
[   80.446791][ T5476] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   80.446825][ T5476] RSP: 002b:00007fd0b7557038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   80.446847][ T5476] RAX: ffffffffffffffda RBX: 00007fd0b8d45fa0 RCX: 00007fd0b8aef749
[   80.446862][ T5476] RDX: 0000000000000001 RSI: 0000200000000b00 RDI: 0000000000000003
[   80.446873][ T5476] RBP: 00007fd0b7557090 R08: 0000000000000000 R09: 0000000000000000
[   80.446887][ T5476] R10: 0000000008000004 R11: 0000000000000246 R12: 0000000000000001
[   80.446901][ T5476] R13: 00007fd0b8d46038 R14: 00007fd0b8d45fa0 R15: 00007ffe53926528
[   80.446921][ T5476]  </TASK>
[   80.742719][ T5480] netlink: 'syz.2.762': attribute type 16 has an invalid length.
[   80.750505][ T5480] netlink: 'syz.2.762': attribute type 17 has an invalid length.
[   80.795453][ T5483] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=54 sclass=netlink_route_socket pid=5483 comm=syz.2.762
[   80.840132][ T5483] loop2: detected capacity change from 0 to 512
[   80.848703][ T5480] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   80.864748][   T29] audit: type=1400 audit(1766323182.266:1684): avc:  denied  { bind } for  pid=5484 comm="syz.4.764" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   80.893121][ T5483] EXT4-fs: dax option not supported
[   80.967792][ T5493] loop2: detected capacity change from 0 to 7
[   81.008951][   T29] audit: type=1326 audit(1766323182.416:1685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5494 comm="syz.2.768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0b8aef749 code=0x7ffc0000
[   81.061352][   T29] audit: type=1326 audit(1766323182.446:1686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5494 comm="syz.2.768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd0b8aef749 code=0x7ffc0000
[   81.084763][   T29] audit: type=1326 audit(1766323182.456:1687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5494 comm="syz.2.768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0b8aef749 code=0x7ffc0000
[   81.108340][   T29] audit: type=1326 audit(1766323182.456:1688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5494 comm="syz.2.768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd0b8aef749 code=0x7ffc0000
[   81.132037][   T29] audit: type=1326 audit(1766323182.456:1689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5494 comm="syz.2.768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0b8aef749 code=0x7ffc0000
[   81.155711][   T29] audit: type=1326 audit(1766323182.456:1690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5494 comm="syz.2.768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd0b8aef749 code=0x7ffc0000
[   81.173140][ T5498] syzkaller0: entered promiscuous mode
[   81.179061][   T29] audit: type=1326 audit(1766323182.456:1691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5494 comm="syz.2.768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0b8aef749 code=0x7ffc0000
[   81.184639][ T5498] syzkaller0: entered allmulticast mode
[   81.213916][   T29] audit: type=1326 audit(1766323182.456:1692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5494 comm="syz.2.768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd0b8af1667 code=0x7ffc0000
[   81.423083][ T5514] pim6reg: entered allmulticast mode
[   81.430683][ T5514] pim6reg: left allmulticast mode
[   81.494388][ T5521] loop2: detected capacity change from 0 to 128
[   81.526577][ T5521] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   81.543107][ T5521] ext4 filesystem being mounted at /168/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   81.565943][ T5518] netlink: 'syz.1.778': attribute type 16 has an invalid length.
[   81.573833][ T5518] netlink: 'syz.1.778': attribute type 17 has an invalid length.
[   81.591723][ T5521] __nla_validate_parse: 2 callbacks suppressed
[   81.591743][ T5521] netlink: 8 bytes leftover after parsing attributes in process `syz.2.779'.
[   81.607584][ T5518] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   81.624006][ T5526] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=54 sclass=netlink_route_socket pid=5526 comm=syz.1.778
[   81.643710][ T5518] loop1: detected capacity change from 0 to 512
[   81.650725][ T5518] EXT4-fs: dax option not supported
[   81.678265][ T5530] loop0: detected capacity change from 0 to 1024
[   81.714079][ T5530] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[   81.737006][ T3316] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   81.803320][ T5532] netlink: 592 bytes leftover after parsing attributes in process `syz.1.783'.
[   81.816869][ T5536] syzkaller0: entered promiscuous mode
[   81.822520][ T5536] syzkaller0: entered allmulticast mode
[   81.959676][ T3483] hid_parser_main: 118 callbacks suppressed
[   81.959694][ T3483] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[   81.973239][ T3483] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[   81.980802][ T3483] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[   81.990997][ T3483] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[   81.998585][ T3483] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[   82.002805][ T5545] SELinux: ebitmap start bit (16777215) is not a multiple of the map unit size (64)
[   82.006067][ T3483] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[   82.022824][ T3483] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[   82.030285][ T3483] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[   82.032457][ T5545] SELinux: failed to load policy
[   82.037706][ T3483] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[   82.050106][ T3483] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[   82.061992][ T3483] hid-generic 0000:0000:0000.0007: hidraw0: <UNKNOWN> HID v8.01 Device [syz0] on syz0
[   82.062473][ T5550] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[   82.081861][ T5547] netlink: 12 bytes leftover after parsing attributes in process `syz.1.787'.
[   82.120413][ T5554] netlink: 'syz.2.788': attribute type 1 has an invalid length.
[   82.134573][ T5554] 8021q: adding VLAN 0 to HW filter on device bond3
[   82.135431][ T5552] fido_id[5552]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   82.214990][ T5545] vlan3: entered allmulticast mode
[   82.220275][ T5545] bond0: entered allmulticast mode
[   82.228499][ T5545] bond3: (slave vlan3): Enslaving as an active interface with a down link
[   82.257842][ T5559] netlink: 12 bytes leftover after parsing attributes in process `syz.1.791'.
[   82.349836][ T5560] netlink: 'syz.4.792': attribute type 16 has an invalid length.
[   82.357753][ T5560] netlink: 'syz.4.792': attribute type 17 has an invalid length.
[   82.366524][ T5563] loop1: detected capacity change from 0 to 2048
[   82.401368][ T5560] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   82.418635][ T5563] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[   82.443179][ T5560] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=54 sclass=netlink_route_socket pid=5560 comm=syz.4.792
[   82.462437][ T5565] netlink: 'syz.2.794': attribute type 16 has an invalid length.
[   82.473899][ T5560] EXT4-fs: dax option not supported
[   82.513884][ T5568] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=54 sclass=netlink_route_socket pid=5568 comm=syz.2.794
[   82.543956][ T5570] netlink: 592 bytes leftover after parsing attributes in process `syz.0.795'.
[   82.562732][ T5565] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   82.663638][ T5565] EXT4-fs: dax option not supported
[   82.747285][ T5580] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[   82.759185][ T5580] 9p: Bad value for 'wfdno'
[   82.796296][ T5581] syzkaller0: entered promiscuous mode
[   82.801891][ T5581] syzkaller0: entered allmulticast mode
[   82.904429][ T3483] hid-generic 0000:0000:0000.0008: hidraw0: <UNKNOWN> HID v8.01 Device [syz0] on syz0
[   82.933460][ T5587] netlink: 12 bytes leftover after parsing attributes in process `syz.2.800'.
[   82.946049][ T5592] fido_id[5592]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   82.979313][ T5586] EXT4-fs: Ignoring removed orlov option
[   82.985335][ T5586] EXT4-fs: Ignoring removed nomblk_io_submit option
[   83.007334][ T5586] ext4: Unknown parameter 'subj_role'
[   83.009328][ T5599] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   83.022354][ T5599] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   83.041307][ T5597] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[   83.052759][ T5595] batman_adv: batadv0: Interface deactivated: dummy0
[   83.059494][ T5595] batman_adv: batadv0: Removing interface: dummy0
[   83.067120][ T5563] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   83.082807][ T5563] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[   83.095363][ T5563] EXT4-fs (loop1): This should not happen!! Data will be lost
[   83.095363][ T5563] 
[   83.105064][ T5563] EXT4-fs (loop1): Total free blocks count 0
[   83.105730][ T5602] netlink: 592 bytes leftover after parsing attributes in process `syz.3.807'.
[   83.111223][ T5563] EXT4-fs (loop1): Free/Dirty block details
[   83.126298][ T5563] EXT4-fs (loop1): free_blocks=2415919104
[   83.132129][ T5563] EXT4-fs (loop1): dirty_blocks=8192
[   83.137509][ T5563] EXT4-fs (loop1): Block reservation details
[   83.143579][ T5563] EXT4-fs (loop1): i_reserved_data_blocks=512
[   83.150216][ T5601] EXT4-fs (loop4): Can't support bigalloc feature without extents feature
[   83.150216][ T5601] 
[   83.161042][ T5601] EXT4-fs (loop4): couldn't mount as ext2 due to feature incompatibilities
[   83.206541][ T4437] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28
[   83.245238][ T5608] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[   83.272837][ T5611] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   83.290015][ T5611] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   83.848170][ T5625] geneve2: entered promiscuous mode
[   83.854986][ T4437] netdevsim netdevsim3 eth0: set [1, 1] type 2 family 0 port 42442 - 0
[   83.864478][ T4437] netdevsim netdevsim3 eth1: set [1, 1] type 2 family 0 port 42442 - 0
[   83.893455][ T4437] netdevsim netdevsim3 eth2: set [1, 1] type 2 family 0 port 42442 - 0
[   83.926165][ T4437] netdevsim netdevsim3 eth3: set [1, 1] type 2 family 0 port 42442 - 0
[   83.965272][ T3696] hid-generic 0000:0000:0000.0009: hidraw0: <UNKNOWN> HID v8.01 Device [syz0] on syz0
[   83.977573][ T5633] netlink: 12 bytes leftover after parsing attributes in process `syz.3.816'.
[   84.016860][ T5634] fido_id[5634]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   84.046198][ T5636] EXT4-fs: Ignoring removed orlov option
[   84.052193][ T5636] EXT4-fs: Ignoring removed nomblk_io_submit option
[   84.078855][ T5636] ext4: Unknown parameter 'subj_role'
[   84.219572][ T5642] syzkaller0: entered promiscuous mode
[   84.225208][ T5642] syzkaller0: entered allmulticast mode
[   84.448290][ T5657] set_capacity_and_notify: 7 callbacks suppressed
[   84.448311][ T5657] loop2: detected capacity change from 0 to 7
[   84.470451][   T29] kauditd_printk_skb: 168 callbacks suppressed
[   84.470469][   T29] audit: type=1400 audit(1766323185.876:1859): avc:  denied  { execute } for  pid=5656 comm="syz.4.825" dev="tmpfs" ino=1109 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   84.471240][ T5658] process 'syz.4.825' launched '/dev/fd/14' with NULL argv: empty string added
[   84.529710][   T29] audit: type=1400 audit(1766323185.936:1860): avc:  denied  { execute_no_trans } for  pid=5656 comm="syz.4.825" path=2F6D656D66643A2D42D54E49C56A9A707070F00884A26D202864656C6574656429 dev="tmpfs" ino=1109 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   84.582902][ T5661] validate_nla: 2 callbacks suppressed
[   84.582918][ T5661] netlink: 'syz.0.827': attribute type 2 has an invalid length.
[   84.615670][ T3483] hid-generic 0000:0000:0000.000A: hidraw0: <UNKNOWN> HID v8.01 Device [syz0] on syz0
[   84.641397][ T5663] netlink: 12 bytes leftover after parsing attributes in process `syz.4.828'.
[   84.668313][ T5664] fido_id[5664]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   84.698479][ T5666] loop0: detected capacity change from 0 to 1024
[   84.705524][ T5666] EXT4-fs: Ignoring removed orlov option
[   84.711460][ T5666] EXT4-fs: Ignoring removed nomblk_io_submit option
[   84.732352][ T5666] ext4: Unknown parameter 'subj_role'
[   84.770499][   T29] audit: type=1326 audit(1766323186.176:1861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5650 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0b8aef749 code=0x7ffc0000
[   84.793635][   T29] audit: type=1326 audit(1766323186.176:1862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5650 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0b8aef749 code=0x7ffc0000
[   84.949923][ T5676] netlink: 592 bytes leftover after parsing attributes in process `syz.0.834'.
[   85.036771][ T5683] loop2: detected capacity change from 0 to 7
[   85.167395][ T5690] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[   85.285612][ T5689] netlink: 'syz.3.839': attribute type 2 has an invalid length.
[   85.590719][ T5723] loop4: detected capacity change from 0 to 128
[   85.603980][ T5724] loop0: detected capacity change from 0 to 128
[   85.623538][ T5710] netlink: 'syz.3.844': attribute type 16 has an invalid length.
[   85.623764][ T5724] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   85.631391][ T5710] netlink: 'syz.3.844': attribute type 17 has an invalid length.
[   85.656751][ T5723] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   85.670129][ T5724] ext4 filesystem being mounted at /181/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   85.711968][ T5725] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=54 sclass=netlink_route_socket pid=5725 comm=syz.3.844
[   85.725731][ T5723] ext4 filesystem being mounted at /183/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   85.736774][ T3320] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   85.736864][ T5710] 8021q: adding VLAN 0 to HW filter on device .`
[   85.769338][ T5730] loop2: detected capacity change from 0 to 1024
[   85.790728][ T3317] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   85.805455][ T5725] loop3: detected capacity change from 0 to 512
[   85.815645][ T5730] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[   85.841696][ T5710] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   85.858029][ T5732] netlink: 'syz.0.852': attribute type 2 has an invalid length.
[   85.903171][ T5725] EXT4-fs: dax option not supported
[   85.926510][ T5737] loop4: detected capacity change from 0 to 1024
[   85.933668][ T5737] EXT4-fs: Ignoring removed orlov option
[   85.939362][ T5737] EXT4-fs: Ignoring removed nomblk_io_submit option
[   85.946385][ T5737] ext4: Unknown parameter 'subj_role'
[   86.134182][ T5746] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[   86.155296][ T5748] loop4: detected capacity change from 0 to 2048
[   86.183768][ T5748] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[   86.719172][ T5763] loop1: detected capacity change from 0 to 1024
[   86.734658][ T5763] EXT4-fs: Ignoring removed orlov option
[   86.781008][ T5763] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   86.813032][ T5748] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   86.828887][ T5748] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[   86.841476][ T5748] EXT4-fs (loop4): This should not happen!! Data will be lost
[   86.841476][ T5748] 
[   86.851709][ T5748] EXT4-fs (loop4): Total free blocks count 0
[   86.857784][ T5748] EXT4-fs (loop4): Free/Dirty block details
[   86.863807][ T5748] EXT4-fs (loop4): free_blocks=2415919104
[   86.869755][ T5748] EXT4-fs (loop4): dirty_blocks=8192
[   86.875368][ T5748] EXT4-fs (loop4): Block reservation details
[   86.881499][ T5748] EXT4-fs (loop4): i_reserved_data_blocks=512
[   86.889640][   T29] audit: type=1400 audit(1766323188.306:1863): avc:  denied  { cpu } for  pid=5762 comm=58E14D4A057470 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[   86.942710][   T29] audit: type=1400 audit(1766323188.356:1864): avc:  denied  { name_bind } for  pid=5762 comm="syz.1.865" src=3618 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[   86.944457][ T5765] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=5765 comm=syz.1.865
[   87.043235][   T29] audit: type=1400 audit(1766323188.456:1865): avc:  denied  { append } for  pid=5762 comm=58E14D4A057470 name="001" dev="devtmpfs" ino=147 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   87.079663][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.108583][ T5770] __nla_validate_parse: 3 callbacks suppressed
[   87.108598][ T5770] netlink: 4 bytes leftover after parsing attributes in process `syz.1.867'.
[   87.130573][   T37] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28
[   87.231886][ T5767] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[   87.235163][ T5772] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[   87.384554][ T5787] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[   87.470561][ T5794] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[   87.587706][ T5794] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4215: comm syz.2.876: Allocating blocks 41-42 which overlap fs metadata
[   87.588197][ T5797] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   87.614318][ T5794] Quota error (device loop2): write_blk: dquota write failed
[   87.622115][ T5794] Quota error (device loop2): find_free_dqentry: Can't write quota data block 5
[   87.628070][ T5791] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=54 sclass=netlink_route_socket pid=5791 comm=syz.3.874
[   87.631453][ T5797] ext4 filesystem being mounted at /189/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   87.644078][ T5794] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4215: comm syz.2.876: Allocating blocks 41-42 which overlap fs metadata
[   87.668848][ T5791] EXT4-fs: dax option not supported
[   87.694820][ T5797] netlink: 8 bytes leftover after parsing attributes in process `syz.4.877'.
[   87.727614][ T5794] Quota error (device loop2): write_blk: dquota write failed
[   87.741435][ T3317] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   87.742797][ T5794] EXT4-fs error (device loop2): ext4_acquire_dquot:6986: comm syz.2.876: Failed to acquire dquot type 1
[   87.763129][ T5794] EXT4-fs error (device loop2): mb_free_blocks:2037: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[   87.778302][ T5794] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #12: comm syz.2.876: corrupted inode contents
[   87.791767][ T5794] EXT4-fs error (device loop2): ext4_dirty_inode:6502: inode #12: comm syz.2.876: mark_inode_dirty error
[   87.809287][ T5805] netlink: 'syz.3.878': attribute type 1 has an invalid length.
[   87.836930][ T5794] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #12: comm syz.2.876: corrupted inode contents
[   87.849213][ T5794] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #12: comm syz.2.876: mark_inode_dirty error
[   87.954528][ T5794] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #12: comm syz.2.876: corrupted inode contents
[   87.977990][ T5794] EXT4-fs error (device loop2) in ext4_orphan_del:303: Corrupt filesystem
[   88.000005][ T5814] netlink: 16 bytes leftover after parsing attributes in process `syz.4.882'.
[   88.006603][ T5794] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #12: comm syz.2.876: corrupted inode contents
[   88.074704][ T5794] EXT4-fs error (device loop2): ext4_truncate:4635: inode #12: comm syz.2.876: mark_inode_dirty error
[   88.134186][ T5794] EXT4-fs error (device loop2) in ext4_process_orphan:345: Corrupt filesystem
[   88.163582][ T5794] EXT4-fs (loop2): 1 truncate cleaned up
[   88.184503][ T5794] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   88.310878][ T5831] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=54 sclass=netlink_route_socket pid=5831 comm=syz.3.888
[   88.371138][ T5831] EXT4-fs: dax option not supported
[   88.740809][ T5846] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[   89.013261][ T3316] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.078280][ T5866] netlink: 4 bytes leftover after parsing attributes in process `syz.2.900'.
[   89.090607][ T5858] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[   89.157469][ T5865] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[   89.169217][ T5865] 9p: Bad value for 'wfdno'
[   89.297472][ T4168] hid_parser_main: 118 callbacks suppressed
[   89.297493][ T4168] hid-generic 0000:0000:0000.000B: unknown main item tag 0x1
[   89.311129][ T4168] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[   89.318677][ T4168] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[   89.326373][ T4168] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[   89.333795][ T4168] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[   89.341188][ T4168] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[   89.348705][ T4168] hid-generic 0000:0000:0000.000B: unknown main item tag 0x4
[   89.356217][ T4168] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[   89.363647][ T4168] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[   89.371136][ T4168] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[   89.389770][ T5877] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[   89.422255][ T4168] hid-generic 0000:0000:0000.000B: hidraw0: <UNKNOWN> HID v8.01 Device [syz0] on syz0
[   89.451483][ T5884] netlink: 12 bytes leftover after parsing attributes in process `syz.2.906'.
[   89.546224][ T5898] netlink: 4 bytes leftover after parsing attributes in process `syz.2.911'.
[   89.582828][ T5903] set_capacity_and_notify: 7 callbacks suppressed
[   89.582848][ T5903] loop2: detected capacity change from 0 to 7
[   89.606866][ T5904] pim6reg: entered allmulticast mode
[   89.613317][ T5904] pim6reg: left allmulticast mode
[   89.729104][ T5906] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=54 sclass=netlink_route_socket pid=5906 comm=syz.2.915
[   89.745602][ T5906] loop2: detected capacity change from 0 to 512
[   89.753441][ T5906] EXT4-fs: dax option not supported
[   89.802018][   T10] hid-generic 0000:0000:0000.000C: hidraw0: <UNKNOWN> HID v8.01 Device [syz0] on syz0
[   89.836445][ T5916] netlink: 12 bytes leftover after parsing attributes in process `syz.4.919'.
[   89.849034][ T5918] fido_id[5918]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   90.016123][   T29] kauditd_printk_skb: 146 callbacks suppressed
[   90.016199][   T29] audit: type=1326 audit(1766323191.426:2011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5936 comm="syz.2.927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0b8aef749 code=0x7ffc0000
[   90.070916][ T5941] loop2: detected capacity change from 0 to 128
[   90.077457][   T29] audit: type=1326 audit(1766323191.466:2012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5936 comm="syz.2.927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0b8aef749 code=0x7ffc0000
[   90.101017][   T29] audit: type=1326 audit(1766323191.466:2013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5936 comm="syz.2.927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0b8aef749 code=0x7ffc0000
[   90.124653][   T29] audit: type=1326 audit(1766323191.466:2014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5936 comm="syz.2.927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0b8aef749 code=0x7ffc0000
[   90.148265][   T29] audit: type=1326 audit(1766323191.466:2015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5936 comm="syz.2.927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd0b8aef749 code=0x7ffc0000
[   90.171677][   T29] audit: type=1326 audit(1766323191.466:2016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5936 comm="syz.2.927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0b8aef749 code=0x7ffc0000
[   90.195610][   T29] audit: type=1326 audit(1766323191.466:2017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5936 comm="syz.2.927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0b8aef749 code=0x7ffc0000
[   90.219148][   T29] audit: type=1326 audit(1766323191.466:2018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5936 comm="syz.2.927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0b8aef749 code=0x7ffc0000
[   90.242736][   T29] audit: type=1326 audit(1766323191.466:2019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5936 comm="syz.2.927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd0b8aef749 code=0x7ffc0000
[   90.266410][   T29] audit: type=1326 audit(1766323191.466:2020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5936 comm="syz.2.927" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0b8aef749 code=0x7ffc0000
[   90.297895][ T5941] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   90.342311][ T5941] ext4 filesystem being mounted at /198/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   90.363820][ T5941] netlink: 8 bytes leftover after parsing attributes in process `syz.2.929'.
[   90.386449][ T5943] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=54 sclass=netlink_route_socket pid=5943 comm=syz.4.930
[   90.403902][ T5943] loop4: detected capacity change from 0 to 512
[   90.412838][ T5943] EXT4-fs: dax option not supported
[   90.436554][ T5948] loop2: detected capacity change from 0 to 7
[   90.585660][ T5959] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[   90.723795][ T5967] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[   90.773538][ T5969] loop2: detected capacity change from 0 to 2048
[   90.896535][ T5983] syzkaller0: entered promiscuous mode
[   90.902232][ T5983] syzkaller0: entered allmulticast mode
[   91.064710][ T5990] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[   91.075603][ T3004] ==================================================================
[   91.083721][ T3004] BUG: KCSAN: data-race in d_delete / path_lookupat
[   91.090338][ T3004] 
[   91.092667][ T3004] read-write to 0xffff888107a3d0c0 of 4 bytes by task 3653 on cpu 1:
[   91.100826][ T3004]  d_delete+0x15a/0x180
[   91.105020][ T3004]  d_delete_notify+0x32/0x100
[   91.109833][ T3004]  vfs_unlink+0x32c/0x440
[   91.114179][ T3004]  do_unlinkat+0x1cd/0x4b0
[   91.118600][ T3004]  __x64_sys_unlink+0x2e/0x40
[   91.123300][ T3004]  x64_sys_call+0x2f48/0x3000
[   91.127995][ T3004]  do_syscall_64+0xca/0x2b0
[   91.132514][ T3004]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.138502][ T3004] 
[   91.140830][ T3004] read to 0xffff888107a3d0c0 of 4 bytes by task 3004 on cpu 0:
[   91.148375][ T3004]  path_lookupat+0x1d8/0x500
[   91.152981][ T3004]  filename_lookup+0x147/0x340
[   91.157840][ T3004]  do_readlinkat+0x7d/0x320
[   91.162361][ T3004]  __x64_sys_readlink+0x47/0x60
[   91.167218][ T3004]  x64_sys_call+0x2af1/0x3000
[   91.171949][ T3004]  do_syscall_64+0xca/0x2b0
[   91.176462][ T3004]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.182365][ T3004] 
[   91.184691][ T3004] value changed: 0x00300180 -> 0x00004080
[   91.190475][ T3004] 
[   91.193001][ T3004] Reported by Kernel Concurrency Sanitizer on:
[   91.199154][ T3004] CPU: 0 UID: 0 PID: 3004 Comm: udevd Not tainted syzkaller #0 PREEMPT(voluntary) 
[   91.208538][ T3004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   91.218692][ T3004] ==================================================================