last executing test programs:

10.05769464s ago: executing program 3 (id=2501):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r1}, &(0x7f0000000000), &(0x7f00000005c0)=r2}, 0x20)
ioctl$AUTOFS_IOC_EXPIRE_MULTI(0xffffffffffffffff, 0x40049366, &(0x7f0000000c80))
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r3, 0x0, 0x80, &(0x7f0000001d80)=@broute={'broute\x00', 0x20, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000c0], 0x11, 0x0, &(0x7f00000000c0)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}]}, 0x108)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000300)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@usrquota}, {@data_err_ignore}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@oldalloc}, {@grpquota}, {@noload}, {@user_xattr}, {@bh}, {@dioread_nolock}, {@bsdgroups}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x9}}, {@min_batch_time={'min_batch_time', 0x3d, 0x7ff}}, {@noacl}, {@barrier}, {@journal_path={'journal_path', 0x3d, './file1'}}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r4 = socket(0x21, 0x2, 0x2)
setsockopt$sock_int(r4, 0x1, 0x2e, &(0x7f0000000040)=0x3, 0x4)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f0000000140)={0x0, 0x10, &(0x7f0000000100)=[@in={0x2, 0x4e20, @private=0xa010101}]}, &(0x7f0000000180)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f0000000340)={0x1, [<r6=>0x0]}, &(0x7f0000000080)=0x8)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r5, 0x84, 0x1f, &(0x7f0000000000)={r6, @in={{0x2, 0x4e24, @empty}}, 0x0, 0x600}, 0x90)
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f0000000b00)={0x9, 0x8, 0x200, 0x9, 0x0, 0x80, 0x30, 0x2, <r7=>0x0}, &(0x7f0000000b40)=0x20)
getsockopt$inet_sctp6_SCTP_STATUS(r4, 0x84, 0xe, &(0x7f0000000b80)={r6, 0x1000, 0xffff7fff, 0x4, 0x7, 0xffff, 0x9, 0x800, {r7, @in={{0x2, 0x4e23, @multicast1}}, 0x6, 0x8000, 0xf4, 0x0, 0x7ff}}, &(0x7f0000000c40)=0xb0)
copy_file_range(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f00000004c0)=0xae8, 0x518, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000000)=ANY=[@ANYRESOCT=0x0, @ANYRES32=r0, @ANYRES8=r0], 0x0, 0x4000000, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000006c0)='sched_switch\x00', r8}, 0x10)
r9 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r9, 0x29, 0x40, &(0x7f00000005c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x4e0, 0x0, 0x18c, 0x203, 0x320, 0x19030000, 0x410, 0x2e0, 0x2e0, 0x410, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x2d8, 0x320, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{0x0, 0x0, 0x8}, {0x0, 0x0, 0x0, 0x10000000}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x8}, {}, {0x0, 0x0, 0x0, 0xe}, {0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x3}, {0x2, 0x0, 0x4}, {}, {0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x8}, {}, {0x16}, {0x0, 0xff}, {}, {0x7}, {0x0, 0x0, 0x0, 0x4}, {0x0, 0x4, 0x0, 0x101}, {}, {0x0, 0x0, 0x5}, {}, {0x0, 0x0, 0x0, 0x9}, {0xfffc, 0x0, 0x0, 0x6}, {}, {0xfffe}, {}, {}, {}, {0xfffe, 0xfb}, {}, {0x7a04}, {}, {}, {0x20, 0x6}, {}, {}, {}, {0x0, 0x0, 0x0, 0x800}, {}, {0xb8c, 0x0, 0x0, 0xf00}, {0x0, 0x1, 0x0, 0x3}, {0x3}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {0x0, 0xfd}, {}, {}, {0x0, 0x0, 0x0, 0xfffffffd}, {}, {0x0, 0xb}, {0x4, 0x2}]}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x2, 'syz0\x00', {0x8001}}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0xb, 'syz0\x00', {0x6c8}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x540)

9.14192306s ago: executing program 3 (id=2510):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_clone(0x43001000, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000e41621eb70400000000000085000000c300000095"], 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0xce56fe61a68fc369, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd6000ed6a0000000000000000000000000000bbfe8000000000000000000000000000aa2c000003", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5000000090780000"], 0x0)

6.581076422s ago: executing program 3 (id=2539):
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x50)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000140)={@mcast1}, &(0x7f00000001c0)=0x14)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000580)=@bpf_ext={0x1c, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB], &(0x7f0000000300)='syzkaller\x00', 0x9, 0x36, &(0x7f0000000340)=""/54, 0x41000, 0x26, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000380)={0x9, 0x1}, 0x8, 0x10, &(0x7f00000004c0)={0x2, 0x7, 0x63, 0x4}, 0x10, 0x2746, 0xffffffffffffffff, 0x2, 0x0, &(0x7f0000000540)=[{0x0, 0x5, 0x10, 0xc}, {0x2, 0x2, 0xb, 0x1}], 0x10, 0xfff}, 0x94)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'tunl0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0x40, 0x10, 0xffffff1f, 0x0, 0x0, {0x0, 0x6, 0x0, 0x0, 0xffffff81}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r1}]}, 0x40}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', r1, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000700)=@base={0x1, 0x4, 0x7fe2, 0x1}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', 0xffffffffffffffff, 0x0, 0xffffffffffffffff}, 0x18)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000340), 0x0)
r4 = socket$xdp(0x2c, 0x3, 0x0)
r5 = perf_event_open(&(0x7f00000001c0)={0x3, 0x80, 0x1, 0xa, 0x3, 0x0, 0x0, 0x3, 0x800, 0x8, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x9, 0x2, @perf_bp={&(0x7f0000000080), 0x3}, 0x8, 0x8, 0x2, 0x8, 0x6, 0x8, 0xfffb, 0x0, 0x5, 0x0, 0xfc}, 0xffffffffffffffff, 0x2, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x441e, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x5000, 0x10000, 0x8, 0x1, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, r5, 0x2)
setsockopt$XDP_TX_RING(r4, 0x11b, 0x3, &(0x7f0000000380)=0x20000, 0x4)
socket$phonet(0x23, 0x2, 0x1)
r6 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0xb, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, @perf_config_ext={0x1f5a685a}, 0x4dc8, 0x10000, 0xfffffffc, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r7 = syz_io_uring_setup(0xbdc, &(0x7f0000000240)={0x0, 0x6862, 0x8, 0x0, 0x1c0}, &(0x7f00000002c0)=<r8=>0x0, &(0x7f0000000300)=<r9=>0x0)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x6000, @fd=r6, 0x0, 0x0})
io_uring_enter(r7, 0x847ba, 0x0, 0xe, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f00000001c0)={0x1, 0x5, 0x0, 'queue0\x00', 0x5})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r3, 0x404c534a, &(0x7f0000000380))
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r10 = socket$kcm(0xa, 0x2, 0x0)
close(r10)
socket$kcm(0x2, 0x2, 0x73)
setsockopt$sock_attach_bpf(r10, 0x0, 0x4, 0x0, 0x0)

4.510839255s ago: executing program 2 (id=2574):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB='\v\x00\x00\x00\b\x00\x00\x00\f'], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1, 0x0, 0x3}, 0x18)
r2 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
sendmsg$tipc(r2, &(0x7f00000005c0)={&(0x7f0000000000), 0x10, &(0x7f0000000480)=[{&(0x7f0000000180)="f7", 0x101d0}], 0x1}, 0x0)

4.457274191s ago: executing program 2 (id=2575):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000010000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="0b00000008000000010001000900000001"], 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r2, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x3c, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa000000}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10)
r5 = socket(0x10, 0x3, 0x3fffe)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00'})
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
dup(0xffffffffffffffff)
r7 = socket$netlink(0x10, 0x3, 0xf)
bind$netlink(r7, &(0x7f0000000a40)={0x10, 0x0, 0x25dfdbfb, 0x2ffffffff}, 0xc)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000140)={'wlan1\x00', <r9=>0x0})
sendmsg$NL80211_CMD_SET_PMKSA(r7, &(0x7f00000002c0)={&(0x7f0000000080), 0xc, &(0x7f0000000280)={&(0x7f00000001c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="04402bbd7000ffdb00003400000008000300", @ANYRES32=r9, @ANYBLOB="08001f0109000000"], 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x20000001)
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[@ANYBLOB="8c000000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fedbdf2644002b0008a50300", @ANYRES32=r9, @ANYBLOB="0400cc0008000d00010000000400bf000400cc000400bf003c00238008000b00090000000800140086ffffff05001e0000000000060019000000000005001f00000000000500130001000000050008000200000008006b00ff7f00001400238006000c0001000000080015002f000000"], 0x8c}, 0x1, 0x0, 0x0, 0x4008880}, 0x4000000)
sendmsg$NL80211_CMD_NEW_STATION(r5, &(0x7f0000000680)={&(0x7f00000006c0), 0xc, &(0x7f0000000600)={&(0x7f0000000380)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000828bd00000000000300", @ANYRES32=r9, @ANYRESDEC=r3], 0x50}, 0x1, 0x0, 0x0, 0x4000}, 0x800)
r10 = socket(0xa, 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000440)='kfree\x00'}, 0x18)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$ethtool(&(0x7f00000004c0), 0xffffffffffffffff)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000400)={0xffffffffffffffff, <r13=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r13, 0x8933, &(0x7f0000000000)={'lo\x00', <r14=>0x0})
sendmsg$ETHTOOL_MSG_LINKINFO_GET(r11, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000640)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r12, @ANYBLOB="010000000000000000001a0000000c00018008000100", @ANYRES32=r14], 0x20}, 0x1, 0x0, 0x0, 0x4000800}, 0x0)
mmap$perf(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000000, 0x40010, r6, 0xc2)
bind$inet6(r10, &(0x7f0000000140)={0xa, 0xe64, 0xb, @empty, 0x1}, 0x1c)
sendto$inet6(r10, 0x0, 0xffffff21, 0x24000881, &(0x7f0000000100)={0xa, 0x4e24, 0x5, @loopback, 0x7fffffff}, 0x1c)

3.777727358s ago: executing program 2 (id=2580):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f00000006c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x10, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r0}, 0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, 0x0, 0x4000000)
r2 = getpid()
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, 0x0, 0x20040040)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
getpid()
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_RELOAD(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x0, 0x1, 0x70bd27, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x4040010}, 0x30)
syz_io_uring_setup(0x3b64, &(0x7f00000003c0)={0x0, 0x15e3, 0x80, 0x2, 0x25f}, &(0x7f0000000500), &(0x7f0000000540))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=@framed={{0x18, 0x8, 0x0, 0x0, 0x1ac81b, 0x0, 0x0, 0x0, 0x1000000}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x0}, @generic={0x66, 0x8, 0x0, 0x0, 0x1010000}, @initr0, @exit, @alu={0x6, 0x0, 0x3, 0xa, 0x0, 0x0, 0x300}, @printk={@x, {}, {}, {}, {}, {0x5, 0x0, 0xb, 0xa}}]}, &(0x7f0000000000)='GPL\x00', 0x6}, 0x94)

3.078434516s ago: executing program 0 (id=2581):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r0}, 0x10)
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
getsockopt$bt_BT_FLUSHABLE(r3, 0x112, 0x4, 0x0, &(0x7f0000000180))
sendmsg$nl_route_sched(r1, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000007c0)=@newqdisc={0x4c, 0x24, 0xd0f, 0x3, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0x2}, {0xffff, 0xffff}, {0x4, 0x300}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x10, 0x3, 0x1, 0x3, 0x400, 0x8}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40001d4}, 0x8840)

2.83739065s ago: executing program 2 (id=2583):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=ANY=[], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r3, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000006000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc4c0000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000020000380100000800c00018006000100d10300000c0000800800034000000002"], 0xb0}}, 0x40)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000080)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {<r5=>r1}}, './file0\x00'})
io_uring_enter(r5, 0x7442, 0x8b65, 0x60, &(0x7f00000001c0)={[0x7]}, 0x8)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r6, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x400, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}, {0xa, 0x7}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{}, 0x3548, 0x0, 0x0, 0x0, 0x0, 0x6, 0xfd, 0x2, 0x0, 0x0, {0xd0e6, 0x0, 0x0, 0x0, 0x0, 0x3}}}}]}, 0x78}}, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r7, 0x7, &(0x7f0000000200)={0x0, 0x2, 0x0, 0xfffffffffffffffe})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=@newtfilter={0xb4, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {}, {0xd}}, [@filter_kind_options=@f_basic={{0xa}, {0x4c, 0x2, [@TCA_BASIC_EMATCHES={0x48, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xffff}}, @TCA_EMATCH_TREE_LIST={0x3c, 0x2, 0x0, 0x1, [@TCF_EM_NBYTE={0x10, 0x3, 0x0, 0x0, {{}, {0x0, 0x0, 0x1}}}, @TCF_EM_META={0x28, 0x2, 0x0, 0x0, {{0x0, 0x4, 0x4}, [@TCA_EM_META_HDR={0xc}, @TCA_EM_META_RVALUE={0x4}, @TCA_EM_META_HDR={0xc, 0x1, {{0x9, 0x0, 0x1}, {0x7, 0x4, 0x2}}}]}}]}]}]}}, @filter_kind_options=@f_bpf={{0x8}, {0x30, 0x2, [@TCA_BPF_FD={0x8, 0x6, r5}, @TCA_BPF_OPS={{0x6, 0x4, 0x3}, {0x1c, 0x5, [{0x0, 0x3, 0x3, 0x2a6}, {0x8, 0xeb, 0xd, 0x8000}, {0x4ec7, 0x4, 0x4, 0x7}]}}]}}]}, 0xb4}}, 0x20000800)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r8, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000680)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r9, @ANYBLOB='ya\x00\x00\x00\x00\x00\x00\x00\x00~'], 0x1c}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r5, &(0x7f0000000580)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x30, r9, 0x200, 0x70bd2c, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0xffc00000, 0x41}}}}, [@chandef_params=[@NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x2}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x4}]]}, 0x30}}, 0x10)

2.820581672s ago: executing program 4 (id=2584):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000040000000c"], 0x48)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8604, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x60040, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
r2 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r2, 0x0, &(0x7f00000000c0)=<r3=>0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r5)
sendmsg$NFC_CMD_DEV_UP(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)={0x1c, r6, 0x1, 0x70bd28, 0x25dfdbfe, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40089}, 0x8004)
write$nci(r2, &(0x7f0000000140)=ANY=[@ANYBLOB="414601"], 0x4)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={0xffffffffffffffff, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000003c0)=[0x45c], 0x0, 0x0, 0x100000, 0x1}}, 0x40)

2.63580458s ago: executing program 0 (id=2585):
setsockopt(0xffffffffffffffff, 0x0, 0x80000001, &(0x7f00000014c0), 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00'}, 0x10)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000002c0)=0x1)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000100)=0x2)
setns(0xffffffffffffffff, 0x66020000)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000140)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xb904}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18)
creat(&(0x7f0000000080)='./file0/file1\x00', 0x90)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000900)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000090900010073797a300000080080000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a3000000000080005400000003f3c001280140001800c000100636f756e7465720004000280100001800c000100636f756e74657200140001801c000100636f756e746572000400028008000340000001"], 0xc8}, 0x1, 0x0, 0x0, 0x8000}, 0x20050800)

2.63470352s ago: executing program 3 (id=2586):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r1}, &(0x7f0000000000), &(0x7f00000005c0)=r2}, 0x20)
ioctl$AUTOFS_IOC_EXPIRE_MULTI(0xffffffffffffffff, 0x40049366, &(0x7f0000000c80))
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r3, 0x0, 0x80, &(0x7f0000001d80)=@broute={'broute\x00', 0x20, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000c0], 0x11, 0x0, &(0x7f00000000c0)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}]}, 0x108)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000300)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@usrquota}, {@data_err_ignore}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@oldalloc}, {@grpquota}, {@noload}, {@user_xattr}, {@bh}, {@dioread_nolock}, {@bsdgroups}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x9}}, {@min_batch_time={'min_batch_time', 0x3d, 0x7ff}}, {@noacl}, {@barrier}, {@journal_path={'journal_path', 0x3d, './file1'}}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r4 = socket(0x21, 0x2, 0x2)
setsockopt$sock_int(r4, 0x1, 0x2e, &(0x7f0000000040)=0x3, 0x4)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f0000000140)={0x0, 0x10, &(0x7f0000000100)=[@in={0x2, 0x4e20, @private=0xa010101}]}, &(0x7f0000000180)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f0000000340)={0x1, [<r6=>0x0]}, &(0x7f0000000080)=0x8)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r5, 0x84, 0x1f, &(0x7f0000000000)={r6, @in={{0x2, 0x4e24, @empty}}, 0x0, 0x600}, 0x90)
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f0000000b00)={0x9, 0x8, 0x200, 0x9, 0x0, 0x80, 0x30, 0x2}, &(0x7f0000000b40)=0x20)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x58)
copy_file_range(r7, 0x0, r7, &(0x7f00000004c0)=0xae8, 0x518, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000000)=ANY=[@ANYRESOCT=0x0, @ANYRES32=r0, @ANYRES8=r0], 0x0, 0x4000000, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000006c0)='sched_switch\x00', r8}, 0x10)
r9 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r9, 0x29, 0x40, &(0x7f00000005c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x4e0, 0x0, 0x18c, 0x203, 0x320, 0x19030000, 0x410, 0x2e0, 0x2e0, 0x410, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x2d8, 0x320, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{0x0, 0x0, 0x8}, {0x0, 0x0, 0x0, 0x10000000}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x8}, {}, {0x0, 0x0, 0x0, 0xe}, {0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x3}, {0x2, 0x0, 0x4}, {}, {0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x8}, {}, {0x16}, {0x0, 0xff}, {}, {0x7}, {0x0, 0x0, 0x0, 0x4}, {0x0, 0x4, 0x0, 0x101}, {}, {0x0, 0x0, 0x5}, {}, {0x0, 0x0, 0x0, 0x9}, {0xfffc, 0x0, 0x0, 0x6}, {}, {0xfffe}, {}, {}, {}, {0xfffe, 0xfb}, {}, {0x7a04}, {}, {}, {0x20, 0x6}, {}, {}, {}, {0x0, 0x0, 0x0, 0x800}, {}, {0xb8c, 0x0, 0x0, 0xf00}, {0x0, 0x1, 0x0, 0x3}, {0x3}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {0x0, 0xfd}, {}, {}, {0x0, 0x0, 0x0, 0xfffffffd}, {}, {0x0, 0xb}, {0x4, 0x2}]}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x2, 'syz0\x00', {0x8001}}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0xb, 'syz0\x00', {0x6c8}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x540)

2.549189019s ago: executing program 0 (id=2587):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={0x0, r0, 0x0, 0x2}, 0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
futex(&(0x7f000000cffc)=0x1, 0x1, 0x800001, 0x0, 0x0, 0x0)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
mlock2(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x1)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='pagemap\x00')
pread64(r2, &(0x7f0000000200)=""/102400, 0x19000, 0x1000000000)
mprotect(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x7)

2.388809945s ago: executing program 1 (id=2588):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f00000005c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x4e0, 0x0, 0x18c, 0x203, 0x320, 0x19030000, 0x410, 0x2e0, 0x2e0, 0x410, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x2d8, 0x320, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{0x0, 0x0, 0x8}, {0x0, 0x0, 0x0, 0x10000000}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x8}, {}, {0x0, 0x0, 0x0, 0xe}, {0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x3}, {0x2, 0x0, 0x4}, {}, {0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x8}, {}, {0x16}, {0x0, 0xff}, {}, {0x7}, {0x0, 0x0, 0x0, 0x4}, {0x0, 0x4, 0x0, 0x101}, {}, {0x0, 0x0, 0x5}, {}, {0x0, 0x0, 0x0, 0x9}, {0xfffc, 0x0, 0x0, 0x6}, {}, {0xfffe}, {}, {}, {}, {0xfffe, 0xfb}, {}, {0x7a04}, {}, {}, {0x20, 0x6}, {}, {}, {}, {0x0, 0x0, 0x0, 0x800}, {}, {0xb8c, 0x0, 0x0, 0xf00}, {0x0, 0x1, 0x0, 0x3}, {0x3}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {0x0, 0xfd}, {}, {}, {0x0, 0x0, 0x0, 0xfffffffd}, {}, {0x0, 0xb}, {0x4, 0x2}]}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x2, 'syz0\x00', {0x8001}}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0xb, 'syz0\x00', {0x6c8}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x540)

2.362960997s ago: executing program 1 (id=2589):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000001040)=@newtaction={0x898, 0x30, 0x12f, 0x0, 0x0, {}, [{0x884, 0x1, [@m_police={0x880, 0x1, 0x0, 0x0, {{0xb}, {0x854, 0x2, 0x0, 0x1, [[@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x80000000, 0x0, 0x5, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x3, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x3, 0x0, 0x80, 0x5, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0xfffffffc, 0xb, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff35, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x3, 0x0, 0x1]}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x7cf4}], [@TCA_POLICE_RATE={0x404, 0x2, [0x7, 0x6, 0xffffffff, 0x7f, 0x401, 0x2, 0x0, 0x2, 0x80000000, 0x7fffffff, 0x5, 0x8, 0x0, 0x7fff, 0x75ba, 0x7fffffff, 0x5, 0xffffffff, 0x7ff, 0x2, 0x9, 0x2, 0x0, 0x1000, 0x1, 0x3, 0x6, 0x0, 0xfa, 0x4, 0x0, 0xf, 0x80000001, 0x7, 0xfffffffb, 0x1, 0x20, 0x5, 0x8, 0x1, 0x2f2, 0x7fff, 0x0, 0x81, 0x206, 0x1ff, 0x7, 0x3, 0x5, 0x3, 0x9, 0x1000, 0x401, 0x1, 0x6, 0x7, 0x2, 0x4, 0x7f, 0x5, 0xfffffffb, 0x1, 0x4, 0x5, 0x4, 0x2000009, 0x9, 0x10, 0x9, 0x7, 0xffffff00, 0x97, 0x0, 0x4, 0x8, 0x8, 0x1, 0x958, 0x1fe, 0x4, 0x6, 0x7, 0x80, 0x5, 0xe53, 0x0, 0xfffffffe, 0x4, 0x8, 0x9, 0x7fff, 0x30, 0x8, 0xfffffff7, 0x4, 0x9, 0x1, 0x4, 0x7, 0x9, 0x5, 0x7, 0x6, 0x0, 0x5, 0x2, 0x7, 0x2, 0xcdd, 0x2, 0xd67, 0x7, 0x4, 0x25, 0x9dc5, 0x7, 0xfffffff7, 0x2, 0x400, 0x8, 0x0, 0x7, 0x5, 0x9, 0xa, 0xa, 0x9, 0x5, 0xdb5, 0x101, 0x4, 0x74e4, 0x7fff, 0x7, 0x7ff, 0x1, 0xd70, 0x1, 0x8, 0xa, 0x800007, 0x1, 0x82, 0x52e, 0x7, 0x1, 0x5, 0x26, 0x1, 0x1b2a, 0x81, 0x9, 0x1c, 0x767, 0x7, 0x9, 0x10, 0xc2a, 0xff, 0x7, 0x6, 0x7, 0x3, 0xfffffff4, 0x8, 0x3, 0x3ff, 0x8, 0x2, 0x5, 0x6, 0x3, 0xd7c3, 0x2, 0x10000, 0x7fff, 0x5, 0x5, 0x0, 0xfffffff7, 0x4, 0x2, 0x0, 0x6ee1847d, 0x10001, 0x7ff, 0x1, 0xf0, 0x7, 0x2, 0x7, 0x4, 0x6, 0x4, 0x7, 0x2, 0x0, 0x1, 0x4, 0x3, 0xfff, 0x80000001, 0x7, 0x676, 0x3, 0x9, 0x4, 0x4, 0x7fff, 0x4a5, 0x23, 0x4, 0x9, 0x8, 0x4000000, 0x8000, 0xa, 0x9, 0xca000000, 0x3, 0xfffffffa, 0x3, 0x7, 0x9, 0x7, 0x65fe, 0x9, 0x6, 0x4, 0x80000000, 0x5, 0x801, 0xb848, 0x6, 0x6, 0x800, 0x7, 0x1, 0xb, 0x80, 0x2, 0x3, 0x6, 0x9, 0x4, 0x4, 0xc, 0x80000001, 0x5, 0x5, 0x10000002, 0xb, 0x7, 0x5, 0x2, 0x4]}], [@TCA_POLICE_TBF={0x3c, 0x1, {0x3, 0x1, 0x7, 0x4, 0x1, {0x7, 0x0, 0x3, 0x7, 0x7, 0x80000001}, {0x4, 0x2, 0x1, 0xa, 0x1ff, 0x1c0000}, 0x9, 0xbc, 0xdf72c67}}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa}}}]}]}, 0x898}}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
recvmsg(r2, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r3, &(0x7f0000000240)={0x0, 0x334ecc4b, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
sendmsg$tipc(r3, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24040804}, 0x8800)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000400180100002020692500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r4, 0x0, 0x2000099d9}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
recvmsg(r5, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{0x0}], 0x1, 0x0, 0x0, 0x200000}, 0x1f00)
sendmsg$tipc(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000002c0)='kfree\x00'}, 0x10)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'bridge0\x00'})
r7 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
fcntl$setlease(r7, 0x400, 0x0)
fcntl$setlease(r7, 0x400, 0x2)

1.960600587s ago: executing program 2 (id=2590):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000540)={{}, 0x0, 0x0}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000002c0)='kfree\x00', r0, 0x0, 0x2}, 0x18)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), 0xffffffffffffffff)
socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5}, 0x38)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0xa2}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01080000000000000000020000000900020073797a2a0000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[], 0x74}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), r5)
getsockname$packet(r5, &(0x7f0000000400)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r6, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x8801)
getpeername$packet(r5, &(0x7f0000000180)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000380)=0x14)
sendmsg$nl_route_sched(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000600)=@getchain={0x64, 0x66, 0x1, 0x70bd2b, 0x25dfdbff, {0x0, 0x0, 0x0, r7, {0x10, 0xfff3}, {0x4, 0xa}, {0xfff1, 0x5}}, [{0x8, 0xb, 0x4}, {0x8, 0xb, 0x988ec69}, {0x8, 0xb, 0x8}, {0x8, 0xb, 0x41}, {0x8, 0xb, 0x1}, {0x8, 0xb, 0x2}, {0x8, 0xb, 0xd}, {0x8, 0xb, 0x8001}]}, 0x64}}, 0x24000000)
sendmsg$nl_route_sched(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000006c0)=@delchain={0x34, 0x64, 0xf31, 0xfffffffb, 0x400, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xfff3, 0xffff}, {0xa, 0x1b}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x4008051}, 0x4000)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x18, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r8, 0x0, 0x2}, 0x18)
newfstatat(0xffffffffffffff9c, 0x0, 0x0, 0x4000)

1.888395984s ago: executing program 4 (id=2591):
r0 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r0, 0x80045505, &(0x7f0000000040)=@usbdevfs_disconnect={0xffffffff})
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x12, &(0x7f0000000480)=0x4, 0x4)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x3, 0x8604, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x0, 0x8}, 0x4a00, 0x10000, 0x0, 0x6, 0x8, 0x40, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$USBDEVFS_SETCONFIGURATION(r0, 0x80045505, &(0x7f0000000000)=0x1)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="07010000000000001800000000000000000000000000000095"], &(0x7f00000000c0)='syzkaller\x00', 0x4}, 0x94)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x3, 0x0, 0x2, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x4000000000, 0x3fff8000}, 0x201, 0x32, 0x43a1bd76, 0x4, 0x9, 0x9, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_clone(0x200, &(0x7f0000000300)="f598c1835426d886908f7cbd7ad30182b728e4657859e717b3481705df9cb2d4c597924352612f23c7f42b0fd7637fbfb3059a6728ba11a1c3c88cf7d0b7a2ad698bd375d52fc9f16212acfcf76c85b3f12cf05cda2b1fbe0801c87cda990289071c433c9a94a4f5ec37a094479779530d5184213325cf86d0e74a4d89fc168430c25aa523bbaa792fa0f8774e6e74bd67b9bf0565e32b61d46d36e740e0265df4ef883c874af330df61d367401baff9a787dcb4a67da6bc1edc9f3a392e228460e47dacf7e93b80e9605e16ae9c7dd38d9ffaa11c119f1f7eb0929bb1e84c502fbacea18759e7b91bec8a8b", 0xec, &(0x7f00000001c0), &(0x7f0000000400), &(0x7f0000000440)="33bdd7d5540718424694773d1ae8459eb4d9e398f45ff5c50447b92068d82903")
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x5, 0x5, &(0x7f0000000180)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$kcm(0xa, 0x1, 0x106)
setsockopt$sock_attach_bpf(r2, 0x29, 0x1a, 0x0, 0x4)
r3 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f0000000080)={'netdevsim0\x00', &(0x7f0000000000)=@ethtool_sfeatures={0x33, 0x1, [{0xfe, 0x40000}]}})
setsockopt$inet_MCAST_JOIN_GROUP(r4, 0x0, 0x2a, &(0x7f0000000000)={0xd, {{0x2, 0x0, @multicast1}}}, 0x88)
setsockopt$inet_MCAST_MSFILTER(r4, 0x0, 0x30, &(0x7f0000001140)=ANY=[@ANYBLOB], 0x90)
socket(0xb, 0x3, 0x371)
write$UHID_CREATE(r3, &(0x7f0000002a00)={0x0, {'syz0\x00', 'syz1\x00', 'syz0\x00', &(0x7f00000000c0)=""/43, 0x2b, 0x0, 0x0, 0x10001}}, 0x120)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r7, 0x8933, &(0x7f0000000000)={'team0\x00', <r8=>0x0})
sendmsg$nl_route(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="680000001000ffff25bd7000fbdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="17200000ef7b3e69400012800c0001006d6163766c616e003000028008000300030000000800010010000000100005800a000400aaaaaaaaaaaa00000a000400aaaaaaaaaaaa000008000500", @ANYRES64=r8], 0x68}, 0x1, 0x0, 0x0, 0x40000}, 0x8000006)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc000}, 0x0)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x4, &(0x7f0000000980)=ANY=[@ANYBLOB="1801000000000000000000006dfeff00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='kfree\x00', r9, 0x0, 0x401}, 0x11)
write$UHID_DESTROY(r3, &(0x7f0000000080), 0x4)
socket$nl_netfilter(0x10, 0x3, 0xc)

1.769307585s ago: executing program 3 (id=2592):
syz_mount_image$msdos(&(0x7f0000000540), &(0x7f0000001500)='./file0\x00', 0x0, &(0x7f00000005c0), 0x1, 0x52e, &(0x7f0000000600)="$eJzs2j+LE0EcBuAxd+YOG1OLxYKN1XFaWbpIDg4XhMgWWrlwsdkVYbfZpLpvI/jZ7NJcF7nskrv4rzFx1DwPhHnJm8Bvmt0p5t3DD+XFx+b9sy+fwvHzJAxCCIOrEEar1LnTr4NVHobbLgMA8K+ZTIo09gzsVl2nxfUZ7ui7Jv8cZSAAAAAAAAAAAAB+m/v/ALB/3P///9V1Wgz789sm9/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAeK6Wy/vLX3xizwcAbJ/3PwDsn9dv3r5Ms2w8SZLjEBaXbd7m3dr1Z+fZ+DRZGd38a9G2+cG6f9L1yWZ/N9zr+6c/7Ifh8aOuv+5evMq+6Y/Cxe63DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANxykqyNbr5dtG1+0PUnP+u7dHaejU/7H2z2h+HB4R/bBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALAFzWxeFlU1rQVBENYh9pMJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACIpZnNy6KqpnUTexIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4G/RzOZlUVXTeoch9h4BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2L6vAQAA//+aYmE9")
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x8042, 0x10c)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x46, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000002c0)=0x1)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000100)=0x2)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x4001, 0x3, 0x278, 0xb8, 0x0, 0x148, 0x0, 0x148, 0x1e0, 0x240, 0x240, 0x1e0, 0x240, 0x7fffffe, 0x0, {[{{@ip={@local, @local, 0x0, 0xffffffff, 'dvmrp1\x00', 'bond_slave_1\x00', {}, {}, 0x1, 0x3, 0x1}, 0x0, 0x70, 0xb8}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x1, 0xf, 0x9, 0xfffe0000, '\x00', {0x3}}}}, {{@ip={@multicast1, @remote, 0xff, 0x0, 'wg0\x00', 'geneve0\x00', {0xff}, {}, 0x2e, 0x3, 0xe}, 0x0, 0xe0, 0x128, 0x0, {}, [@common=@unspec=@helper={{0x48}, {0x0, 'irc-20000\x00'}}, @inet=@rpfilter={{0x28}, {0xf}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x3, 0x5, 0x8, 'snmp_trap\x00', {0x5}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2d8)
setns(0xffffffffffffffff, 0x66020000)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000140)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xb904}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000900)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000090900010073797a300000080080000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a3000000000080005400000003f3c001280140001800c000100636f756e7465720004000280100001800c000100636f756e74657200140001801c000100636f756e746572000400028008000340000001"], 0xc8}, 0x1, 0x0, 0x0, 0x8000}, 0x20050800)

1.72044994s ago: executing program 0 (id=2593):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f00000006c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x10, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, 0x0, 0x4000000)
r2 = getpid()
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=@newlink={0x38, 0x10, 0xffffffffffffffff, 0x70bd26, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x37c13, 0x51a23}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @sit={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_TOS={0x5, 0x5, 0x1}]}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x20040040)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0x10)
socket$inet6_sctp(0xa, 0x1, 0x84)
syz_genetlink_get_family_id$tipc(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_PORTS(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x24048800)
r5 = getpid()
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RELOAD(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r7, 0x1, 0x70bd27, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r5}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x30)
sendmsg$DEVLINK_CMD_RELOAD(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)={0xb0, r7, 0x100, 0x70bd2d, 0x25dfdbff, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_ID={0x8, 0x8c, 0x2}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_ID={0x8, 0x8c, 0x3}}, {@pci={{0x8}, {0x11}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r2}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_ID={0x8, 0x8c, 0x2}}]}, 0xb0}, 0x1, 0x0, 0x0, 0x7fab206199fef1ae}, 0x801)
r8 = syz_io_uring_setup(0x3b64, &(0x7f00000003c0)={0x0, 0x15e3, 0x80, 0x2, 0x25f}, &(0x7f0000000500), &(0x7f0000000540))
syz_io_uring_setup(0x5099, &(0x7f0000000580)={0x0, 0xbe79, 0x1000, 0x3, 0x2ed, 0x0, r8}, &(0x7f0000000600), &(0x7f0000000680))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x12, &(0x7f0000000080)=@framed={{0x18, 0x8, 0x0, 0x0, 0x1ac81b, 0x0, 0x0, 0x0, 0x1000000}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x0}, @generic={0x66, 0x8, 0x0, 0x0, 0x1010000}, @initr0, @exit, @printk={@x, {}, {}, {}, {}, {0x5, 0x0, 0xb, 0xa}}]}, &(0x7f0000000000)='GPL\x00', 0x6}, 0x94)

1.276966274s ago: executing program 1 (id=2594):
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10)
r1 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0xc9, 0x0, 0x4, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x1, @perf_bp={0x0, 0x9}, 0x40, 0x10000, 0x0, 0x5, 0xb, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x39)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = socket$kcm(0x10, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff)
r4 = socket$igmp(0x2, 0x3, 0x2)
openat$pfkey(0xffffffffffffff9c, &(0x7f00000001c0), 0x80, 0x0)
r5 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7c, 0x2, @perf_config_ext={0x1, 0x3fff8000}, 0x0, 0x35, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r5, 0x40042408, r6)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg$inet(r7, &(0x7f0000000780)=[{{&(0x7f0000000040)={0x2, 0x4e21, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aaffffffff0000000010000000000000000000000007"], 0x30}}], 0x1, 0x4000804)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x200000, &(0x7f0000000180)={[{@grpquota}, {@errors_remount}, {@quota}, {@oldalloc}]}, 0x1, 0x50d, &(0x7f0000001bc0)="$eJzs3c9vI1cdAPDveGPHyaZNWnoABO3SFha0WifxtlHVA5QTQqgSokeQtiHxRlHsOIqd0oQ9pGckTkhU4gRH/gDOPSFx5ILgxqUckPgRgRokDkYzHqdO1t5NyQ+n8ecjzc5787z+vrfZeS/+JvYLYGzdioj9iChFxNsRMZtfT/Ij3uge6eM+Oni4cnjwcCWJTuetfyRZe3ot+v5O6mb+nOWI+N63In6YPBq3tbu3sVyv17bz+ny7sTXf2t27u95YXqut1Tar1aXFpYXX7r1aPbexvtAo5aUvfvj7/a/9OO3WTH6lfxznqTv04lGc1EREfOcigo3AjXw8pVF3hP9LISKejYgXs/t/Nm5kX00A4DrrdGajM9tfP5IcrwIA10Uhy4ElhUqeC5iJQqFS6ebwnovpQr3Zat950NzZXO3myuaiWHiwXq8t5LnCuSgmaX0xK39cr56o34uIZyLiZ5NTWb2y0qyvjvIbHwAYYzdPrP//nuyu/wDANVcedQcAgEtn/QeA8WP9B4DxY/0HgPHTXf+nRt0NAOASef0PAOPH+g8AY+W7b76ZHp3D/POvV9/Z3dlovnN3tdbaqDR2Viorze2tylqzuZZ9Zk/jSc9Xbza3Fl+JnXfnvr7Vas+3dvfuN5o7m+372ed6368Vs0ftX8LIAIBhnnnhgz8l6Yr8+lR2RN9eDsWR9gy4aIVRdwAYmRuj7gAwMnb7gvF1htf4xYifShHAp9rvsj8HbNF7THnQG4Q6nU7noroFXLjbn5P/h3HVl//3W8AwZuT/YXzJ/8P46nSS027yH6d9IABwtcnxA0N+/v9sfv51/sOBH6yefMT7F9krAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuNp6+/9W8r3AZ6JQqFQinoqIuSgmD9brtYWIeDoi/jhZnEzriyPuMwBwVoW/Jvn+X7dnX5451vT8zaNiKSJ+9Iu3fv7ucru9/YeIUvLPyd719vv59eonClw6rxEAAI/XW6ezc98L+Y8OHq70jsvsz9++GRHlbvzDg1IcHsWfiInsXI5iREz/K8nrXUlf7uIs9t+LiM8OGn8SM1kOpLvz6cn4aeynLjV+4Vj8QtbWPaf/Fp85h77AuPkgnX/eGHT/FeJWdh58/5ezGers8vkvfaqVw2wO/Dh+b/67MWT+u3XaGK/89tvd0tSjbe9FfH4iohf7sG/+6cVPhsR/+ZTx//yF518c1tb5ZcTtGBy/P9Z8u7E139rdu7veWF6rrdU2q9WlxaWF1+69Wp3PctTzw1eDv79+5+lhben4p4fELz9h/F8+5fh/9d+3v/+lx8T/6kuD4hfiucfET9fEr5wy/vL0b8rD2tL4q0PG/6Sv/51Txv/wL3uPbBsOAIxOa3dvY7ler20rKFz9Qvpf9gp0Y2DhG5cVqxSDm37yUveePtHU+97/E8YaNmOcR9YNuAqObvqI+M+oOwMAAAAAAAAAAAAAAAx0Ge9YGvUYAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuL7+FwAA//87osfs")
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x101042, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
write$selinux_validatetrans(0xffffffffffffffff, 0x0, 0x79)
r8 = socket$inet(0x2, 0x2, 0x0)
setsockopt$sock_int(r8, 0x1, 0xf, &(0x7f0000000180)=0x2, 0x4)
setsockopt$MRT_ADD_VIF(r4, 0x0, 0xca, &(0x7f0000003d80)={0x0, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev}, 0x10)
setsockopt$MRT_ADD_VIF(r4, 0x0, 0xca, &(0x7f00000000c0)={0x3, 0x4, 0x80, 0x0, @vifc_lcl_addr=@rand_addr=0x640100fd, @local}, 0x10)
sendmsg$kcm(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000040)="2e00000011008188040f80ec59acbc0413a1f8480b0000005e140602000000000e0027001000000002800000121f", 0x2e}], 0x1}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0700000004000000080200000100000000000000", @ANYRES32, @ANYBLOB="0000000010"], 0x50)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x0, 0x3}, 0x10)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x0, 0x1}, 0x10)

1.256186126s ago: executing program 4 (id=2595):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ff"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1, 0x0, 0x3}, 0x18)
r2 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
sendmsg$tipc(r2, &(0x7f00000005c0)={&(0x7f0000000000), 0x10, &(0x7f0000000480)=[{&(0x7f0000000180)="f7", 0x101d0}], 0x1}, 0x0)

1.220019979s ago: executing program 3 (id=2596):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000240)=ANY=[@ANYRESOCT=r0, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0xc0100, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r2, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r2, 0x5437, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)

967.894324ms ago: executing program 4 (id=2597):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f00000006c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x10, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, 0x0, 0x4000000)
r1 = getpid()
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=@newlink={0x38, 0x10, 0xffffffffffffffff, 0x70bd26, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x37c13, 0x51a23}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @sit={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_TOS={0x5, 0x5, 0x1}]}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x20040040)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = getpid()
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_RELOAD(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, 0x0, 0x1, 0x70bd27, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r3}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x30)
syz_io_uring_setup(0x3b64, &(0x7f00000003c0)={0x0, 0x15e3, 0x80, 0x2, 0x25f}, &(0x7f0000000500), &(0x7f0000000540))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=@framed={{0x18, 0x8, 0x0, 0x0, 0x1ac81b, 0x0, 0x0, 0x0, 0x1000000}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x0}, @generic={0x66, 0x8, 0x0, 0x0, 0x1010000}, @initr0, @exit, @alu={0x6, 0x0, 0x3, 0xa, 0x0, 0x0, 0x300}, @printk={@x, {}, {}, {}, {}, {0x5, 0x0, 0xb, 0xa}}]}, &(0x7f0000000000)='GPL\x00', 0x6}, 0x94)

735.121867ms ago: executing program 0 (id=2598):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001cc0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000001d80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0x8, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x1, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ec0)={&(0x7f0000000bc0)='kfree\x00', r3, 0x0, 0xfffffffffffffff4}, 0x18)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000))
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x121202, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000003c0)=0x1)
ioctl$TIOCVHANGUP(r4, 0x5437, 0x2)

714.216969ms ago: executing program 4 (id=2599):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f00000005c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x4e0, 0x0, 0x18c, 0x203, 0x320, 0x19030000, 0x410, 0x2e0, 0x2e0, 0x410, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x2d8, 0x320, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{0x0, 0x0, 0x8}, {0x0, 0x0, 0x0, 0x10000000}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x8}, {}, {0x0, 0x0, 0x0, 0xe}, {0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x3}, {0x2, 0x0, 0x4}, {}, {0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x8}, {}, {0x16}, {0x0, 0xff}, {}, {0x7}, {0x0, 0x0, 0x0, 0x4}, {0x0, 0x4, 0x0, 0x101}, {}, {0x0, 0x0, 0x5}, {}, {0x0, 0x0, 0x0, 0x9}, {0xfffc, 0x0, 0x0, 0x6}, {}, {0xfffe}, {}, {}, {}, {0xfffe, 0xfb}, {}, {0x7a04}, {}, {}, {0x20, 0x6}, {}, {}, {}, {0x0, 0x0, 0x0, 0x800}, {}, {0xb8c, 0x0, 0x0, 0xf00}, {0x0, 0x1, 0x0, 0x3}, {0x3}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {0x0, 0xfd}, {}, {}, {0x0, 0x0, 0x0, 0xfffffffd}, {}, {0x0, 0xb}, {0x4, 0x2}]}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x2, 'syz0\x00', {0x8001}}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0xb, 'syz0\x00', {0x6c8}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x540)

606.42646ms ago: executing program 1 (id=2600):
r0 = socket(0x2c, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="110000000400000004000000ff"], 0x17)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r1, &(0x7f0000000140), &(0x7f0000000080)=@udp6=r0}, 0x20)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000003b00)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="1802000000000000"], 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x2b, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000340)={r1, &(0x7f0000000200), &(0x7f0000001500)=@tcp=r0}, 0x20)
close(r0)

581.691462ms ago: executing program 0 (id=2601):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000001040)=@newtaction={0x898, 0x30, 0x12f, 0x0, 0x0, {}, [{0x884, 0x1, [@m_police={0x880, 0x1, 0x0, 0x0, {{0xb}, {0x854, 0x2, 0x0, 0x1, [[@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x80000000, 0x0, 0x5, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x3, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x3, 0x0, 0x80, 0x5, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0xfffffffc, 0xb, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff35, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x3, 0x0, 0x1]}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x7cf4}], [@TCA_POLICE_RATE={0x404, 0x2, [0x7, 0x6, 0xffffffff, 0x7f, 0x401, 0x2, 0x0, 0x2, 0x80000000, 0x7fffffff, 0x5, 0x8, 0x0, 0x7fff, 0x75ba, 0x7fffffff, 0x5, 0xffffffff, 0x7ff, 0x2, 0x9, 0x2, 0x0, 0x1000, 0x1, 0x3, 0x6, 0x0, 0xfa, 0x4, 0x0, 0xf, 0x80000001, 0x7, 0xfffffffb, 0x1, 0x20, 0x5, 0x8, 0x1, 0x2f2, 0x7fff, 0x0, 0x81, 0x206, 0x1ff, 0x7, 0x3, 0x5, 0x3, 0x9, 0x1000, 0x401, 0x1, 0x6, 0x7, 0x2, 0x4, 0x7f, 0x5, 0xfffffffb, 0x1, 0x4, 0x5, 0x4, 0x2000009, 0x9, 0x10, 0x9, 0x7, 0xffffff00, 0x97, 0x0, 0x4, 0x8, 0x8, 0x1, 0x958, 0x1fe, 0x4, 0x6, 0x7, 0x80, 0x5, 0xe53, 0x0, 0xfffffffe, 0x4, 0x8, 0x9, 0x7fff, 0x30, 0x8, 0xfffffff7, 0x4, 0x9, 0x1, 0x4, 0x7, 0x9, 0x5, 0x7, 0x6, 0x0, 0x5, 0x2, 0x7, 0x2, 0xcdd, 0x2, 0xd67, 0x7, 0x4, 0x25, 0x9dc5, 0x7, 0xfffffff7, 0x2, 0x400, 0x8, 0x0, 0x7, 0x5, 0x9, 0xa, 0xa, 0x9, 0x5, 0xdb5, 0x101, 0x4, 0x74e4, 0x7fff, 0x7, 0x7ff, 0x1, 0xd70, 0x1, 0x8, 0xa, 0x800007, 0x1, 0x82, 0x52e, 0x7, 0x1, 0x5, 0x26, 0x1, 0x1b2a, 0x81, 0x9, 0x1c, 0x767, 0x7, 0x9, 0x10, 0xc2a, 0xff, 0x7, 0x6, 0x7, 0x3, 0xfffffff4, 0x8, 0x3, 0x3ff, 0x8, 0x2, 0x5, 0x6, 0x3, 0xd7c3, 0x2, 0x10000, 0x7fff, 0x5, 0x5, 0x0, 0xfffffff7, 0x4, 0x2, 0x0, 0x6ee1847d, 0x10001, 0x7ff, 0x1, 0xf0, 0x7, 0x2, 0x7, 0x4, 0x6, 0x4, 0x7, 0x2, 0x0, 0x1, 0x4, 0x3, 0xfff, 0x80000001, 0x7, 0x676, 0x3, 0x9, 0x4, 0x4, 0x7fff, 0x4a5, 0x23, 0x4, 0x9, 0x8, 0x4000000, 0x8000, 0xa, 0x9, 0xca000000, 0x3, 0xfffffffa, 0x3, 0x7, 0x9, 0x7, 0x65fe, 0x9, 0x6, 0x4, 0x80000000, 0x5, 0x801, 0xb848, 0x6, 0x6, 0x800, 0x7, 0x1, 0xb, 0x80, 0x2, 0x3, 0x6, 0x9, 0x4, 0x4, 0xc, 0x80000001, 0x5, 0x5, 0x10000002, 0xb, 0x7, 0x5, 0x2, 0x4]}], [@TCA_POLICE_TBF={0x3c, 0x1, {0x3, 0x1, 0x7, 0x4, 0x1, {0x7, 0x0, 0x3, 0x7, 0x7, 0x80000001}, {0x4, 0x2, 0x1, 0xa, 0x1ff, 0x1c0000}, 0x9, 0xbc, 0xdf72c67}}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa}}}]}]}, 0x898}}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
recvmsg(r3, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r4, &(0x7f0000000240)={0x0, 0x334ecc4b, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
sendmsg$tipc(r4, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24040804}, 0x8800)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000400180100002020692500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r5, 0x0, 0x2000099d9}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmsg$tipc(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r6}, 0x10)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
quotactl$Q_QUOTAON(0xffffffff80000202, &(0x7f0000000380)=@filename='./file0\x00', 0x0, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000002c0)='kfree\x00', r8}, 0x10)
r9 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000040)={'bridge0\x00', <r10=>0x0})
r11 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="440000001000ffff27bd7000fbdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="fda65f0500000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r10, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r10], 0x44}, 0x1, 0x0, 0x0, 0x308}, 0x0)

521.529678ms ago: executing program 4 (id=2602):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000040000000c"], 0x48)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8604, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x60040, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
r2 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r2, 0x0, &(0x7f00000000c0)=<r3=>0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r5)
sendmsg$NFC_CMD_DEV_UP(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)={0x1c, r6, 0x1, 0x70bd28, 0x25dfdbfe, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40089}, 0x8004)
write$nci(r2, &(0x7f0000000140)=ANY=[@ANYBLOB="414601"], 0x4)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={0xffffffffffffffff, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000003c0)=[0x45c], 0x0, 0x0, 0x100000, 0x1}}, 0x40)

520.947299ms ago: executing program 1 (id=2603):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001540)={0x18, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x9, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0xfffffffffffffffc}, 0x18)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10)
lsm_set_self_attr(0x69, 0x0, 0x20, 0x0)
r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80)
r3 = bpf$ITER_CREATE(0xb, &(0x7f00000004c0)={r2}, 0x8)
close(r3)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r2, 0x8, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
syz_clone(0x400c0000, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="1900000004000000040000000500000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000007c61c30100465c31ab380000000000eaff0000000000000000000000004e721c41ce5b1f20e9c04a5823ec557ee4bc97fe20103b78e5517dd3c0212a115501148f345fddf9e8f6410b2e1d146367a993a0c335a7ccc7fef758bdc97aa2c800"/112], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r6], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r9 = openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000080)='devices.allow\x00', 0x2, 0x0)
write$cgroup_devices(r9, &(0x7f0000000000)=ANY=[@ANYBLOB='b ', @ANYRESDEC], 0xc)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000000)={r3, r5, 0x4, r8}, 0x10)
syz_mount_image$ext4(&(0x7f0000000140)='ext2\x00', &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000000), 0xfd, 0x477, &(0x7f0000000880)="$eJzs3M9vVEUcAPDv2/7gt62IP0CUKhobjS0tqBw8gNHEgyYmesBjbQsiCzW0GiFEVw94NCTejUcT/wJPejHqycSr3g0JMVxAvTzzdt9rd5fddSlbF9zPJ1k68+YtM9+dN7szb7oNYGBNZP8kEdsj4teIGKtlG0+YqP24fvXC/J9XL8wnkaav/5FUz7t29cJ8cWrxvG1FptJ4vN7yufOn5srlxbN5fnrl9LvTy+fOP33y9NyJxROLZ2YPHz50cOa5Z2ef6UmcWZuu7flwae/ul9+89Or8sUtv/fh1UsTfEMf73f+nmzuWTrQ4NlQkHu++ljvCjrp0MtzHhnBT3o6IrLtGquN/LIZirfPG4qVP+to4YEOlaZpual9cSYH/sST63QKgP/LP+SSiMp+tgevX84PgytHaAiiL+3r+qJUMRyk/Z6RpfdtL2WrrWOWvL7JHNN1PAQDYCN8erf0s5n5r849Sw138I/ne0HhE3B0ROyPinojYFRH3RsR9EXF/RDxQ95xW+z7NmjdJbpz/lC6vK7AuZfO/5/O9rcb5XzH7i/GhPLejGv9IcvxkefFARNwVEZMxsinLz3So47sXf/msXdlE3fwve2T1F3PBvB2Xh5tu0C3MrczdSsz1rnwcsWe4VfzJ6k5A1o+7I2LPvvXVcfLJr/a2K/v3+DvowT5T+mXEE7X+r0RT/IWk8/7k9OYoLx6YLq6KG/3088XX2tV/S/H3QNb/W1te/6vxjyf1+7XLN1/Hxd8+bbum6fL6H61/Tnb9jyZvVNNFwQdzKytnZyJGk1fy40fy4431Vc+bXTs/i39yf+vxvzPWXokHIyK7iB+KiIcjYl/e9kci4tGI2N8h/h9eeOyd9ce/sbL4F26q/9smir3tG4qGTn3/TbWk6KzxDvEn0aL/D1VTk/mRbt7/Orb07K1czQAAAHDnKUXE9khKU6vpUmlqqvb78rtia6m8tLzy1PGl984s1L4jMB4jpeJO19jq/dCozOTL+uL+6GxT/mB+3/jzoS3V/NT8Unmh38HDgNvWZvxnfh/qd+uADef7WjC41jv+0zT9qMdNAf5jPv9hcBn/MLhajP8tTfkOfyMAuJO1+vy3sIfBYP4Pg8v4h8Fl/MPgMv5hIOXfhB/u5gv+G5bI3n/6V3s3iWhoYZr2qRmjt8erUU1EqW+1xzqfPtmnV+zv/I9t3h4d12Wi3+9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvfFPAAAA//89VeJz")
syz_emit_ethernet(0x22, &(0x7f00000013c0)=ANY=[@ANYBLOB="bbbbbbbbbbbbaa87b4aaaa100800450000140000000000889078acfb13bbac14141e"], 0x0)
fcntl$getown(r0, 0x9)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x8, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)

356.896664ms ago: executing program 2 (id=2604):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r1}, &(0x7f0000000000), &(0x7f00000005c0)=r2}, 0x20)
ioctl$AUTOFS_IOC_EXPIRE_MULTI(0xffffffffffffffff, 0x40049366, &(0x7f0000000c80))
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r4, 0x0, 0x80, &(0x7f0000001d80)=@broute={'broute\x00', 0x20, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000c0], 0x11, 0x0, &(0x7f00000000c0)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}]}, 0x108)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000300)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@usrquota}, {@data_err_ignore}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@oldalloc}, {@grpquota}, {@noload}, {@user_xattr}, {@bh}, {@dioread_nolock}, {@bsdgroups}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x9}}, {@min_batch_time={'min_batch_time', 0x3d, 0x7ff}}, {@noacl}, {@barrier}, {@journal_path={'journal_path', 0x3d, './file1'}}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r5 = socket(0x21, 0x2, 0x2)
setsockopt$sock_int(r5, 0x1, 0x2e, &(0x7f0000000040)=0x3, 0x4)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r6, 0x84, 0x6f, &(0x7f0000000140)={0x0, 0x10, &(0x7f0000000100)=[@in={0x2, 0x4e20, @private=0xa010101}]}, &(0x7f0000000180)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r6, 0x84, 0x1d, &(0x7f0000000340)={0x1, [<r7=>0x0]}, &(0x7f0000000080)=0x8)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r6, 0x84, 0x1f, &(0x7f0000000000)={r7, @in={{0x2, 0x4e24, @empty}}, 0x0, 0x600}, 0x90)
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f0000000b00)={0x9, 0x8, 0x200, 0x9, 0x0, 0x80, 0x30, 0x2, <r8=>0x0}, &(0x7f0000000b40)=0x20)
getsockopt$inet_sctp6_SCTP_STATUS(r5, 0x84, 0xe, &(0x7f0000000b80)={r7, 0x1000, 0xffff7fff, 0x4, 0x7, 0xffff, 0x9, 0x800, {r8, @in={{0x2, 0x4e23, @multicast1}}, 0x6, 0x8000, 0xf4, 0x0, 0x7ff}}, &(0x7f0000000c40)=0xb0)
r9 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x58)
copy_file_range(r9, 0x0, r9, &(0x7f00000004c0)=0xae8, 0x518, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000000)=ANY=[@ANYRESOCT=0x0, @ANYRES32=r0, @ANYRES8=r0], 0x0, 0x4000000, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000006c0)='sched_switch\x00', r10}, 0x10)
r11 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r11, 0x29, 0x40, &(0x7f00000005c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x4e0, 0x0, 0x18c, 0x203, 0x320, 0x19030000, 0x410, 0x2e0, 0x2e0, 0x410, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x2d8, 0x320, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{0x0, 0x0, 0x8}, {0x0, 0x0, 0x0, 0x10000000}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x8}, {}, {0x0, 0x0, 0x0, 0xe}, {0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x3}, {0x2, 0x0, 0x4}, {}, {0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x8}, {}, {0x16}, {0x0, 0xff}, {}, {0x7}, {0x0, 0x0, 0x0, 0x4}, {0x0, 0x4, 0x0, 0x101}, {}, {0x0, 0x0, 0x5}, {}, {0x0, 0x0, 0x0, 0x9}, {0xfffc, 0x0, 0x0, 0x6}, {}, {0xfffe}, {}, {}, {}, {0xfffe, 0xfb}, {}, {0x7a04}, {}, {}, {0x20, 0x6}, {}, {}, {}, {0x0, 0x0, 0x0, 0x800}, {}, {0xb8c, 0x0, 0x0, 0xf00}, {0x0, 0x1, 0x0, 0x3}, {0x3}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {0x0, 0xfd}, {}, {}, {0x0, 0x0, 0x0, 0xfffffffd}, {}, {0x0, 0xb}, {0x4, 0x2}]}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x2, 'syz0\x00', {0x8001}}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0xb, 'syz0\x00', {0x6c8}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x540)

0s ago: executing program 1 (id=2605):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000780)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf2000000000000007000000080000002d0301000000000095000000000000007126000000000000bf670000000000005601000000ff07ad67060000020000006a0200000ee60000bf250000000000003d350000000000006507000002000000070700004c0000001f75000000000000bf54000000000000160400000400f9ffad3001000000000084000000000000004500000001f0ffff95000000000000006e8ad524a56601a5585b7351ca1136aef2e9407e5c2501d11900db85604036883647b1fb3f1403b816f511c8c56e56e40b01005505f8a89dae4293b10f3631b25fc9f189084c7fddccff01361d355f6cce8ec2abcdf1bc9040daef2cfa2046e2091e269f4734ffa55eb2d4e8de20b38c8808b365b46bd54c68cd30139a8c3827a7dd6d6e2b5fea3906f8456b0000000000ff07efffffff0047018ae79db613d2aec070f718ab629b4975320dd7a7da532281fd22c7b835005bf52715396669836db6000000005b4f0591ee7c8cd263dd172b28d01c4d8d4fee81e3cdd5daf2cdad3d1a74a2f078aa6402483856a6e494408d0b33047f06aec2cc590df28efc7dbec6857db922195a271af103f03e1155197e067b2ebf4e2dae060959c9639564f000fc3cdd05a1575c91cf5ba8b2db403681ee48f5287123a0d246c0c4c00fe979dbc09ed4db22d7172adc6ae8faa5f9ad188e07000000000000008d88a0b4684559d46cae41db1b914e93f1f8000000000000000000e33de432e488ad0e724c2d14a1e770e116984a5700afb8a1f3d47277ef0e33e7e00ec5f74e10937ba0e321346977b7d1b18013f509675b5b0f352e30dffda780e95c301f4fc7d5a76475ace6b128b02bfd71023daffdf748a6bd356fcba6ec96373d1101000736ac0bbcb5f4836bddfe8bf46308000000ade9e59fcf271bb98bd0b8b5216b858b414c31682f9f3db2e4d8e5898e445fe55ac56c0d642986f8bbc7340bc6393f774318c9fc9b05788de2c6e601b50777e8dff581de1d5ae3d801ead7eba31126e2172fa1eadf5f3bec81004d00000000c8e4692e051c731f9ac766b7fd66278d40f0760f23e8c7d1f47cd8e02504e85e152955ad8acd989c0b2eea71414f533f5685c3904bfe1d0011ffc1ba5398f3d6812467c1a4186edd036f15bf847c50f79e1a0ad3d2b5080ecb0148e2b86177869884ae62420c9f1b534e969fce97ffff070000000000dbbfe0ed7c5853a665c0805752dca0e571d75cac5a5d8e4f6e05055b6dec5a9a5696f053a92d81fd9e5f2b9dbbe24f38e745b5a95d45003d0600e413dc623f3e6b096c8b0ad7438c6631388892c55b0671140afbfb83bba415f729fea4c8a8a86189dceedad84cdd17c46bdd847a1f4b0facd3744f5bbb06abb319204fca4bcd4297fe7b4cee75abf43e14fe861224799c0f12702964fc890a176fdafa2c9387280b5693c000c0304cece48642649375dae0b7979b229f708a97349e96e783af9a23cd3980a2c29d3d62875e5319cd51bdd224878a0b25edf0e83c930633bd9a0c3e28f359608ea326c77a1aa17318f392a0ec6c188916f452533d4327feccfd68ec8278a90252693fb133c4615801077e1d75420017c03990b855fe481a20b4919bb11c6d737b6545ef140a0fc339bb53953662f1454f9852e7c4e17eb8668f076c659f56d6c7f97a96d6cdf45cfe88b30c170000000001000000effbf33bd1becb0de0a080931f137967de563c29d81aacb3d48226a4e4b6670900000000000000fa68bff3693afc44db223f2be09295e4a8da03d23b48bb38b31a14ffcddd92c38f6b6d86a0e5ed47a82bad5d2a6dce4c4d353261260c9d7a6bd9f2c872c4172a3d2ac80dfb718cc159e6423065624f130000000000000000000000000000000000000000002a37163e8d7ef2f3c58d045f0700000094029acbe333aebd10f2118fbfeda3fa5500d52cd5241588d2b68a332edfef6d701c8936a25d68b841f982511392cc0d3a78616f8ce0f2877d099258bf85866d0ee7f803fa50fd41ef62b028d12028a7b497d92f544523290f520b0d"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @sched_cls}, 0x48)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)=@deltfilter={0x24, 0x2d, 0x200, 0x70bd26, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x0, 0x10}, {0x4, 0xe}, {0x4, 0xf}}}, 0x24}}, 0x14000000)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'dummy0\x00'})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x1fffffffffffffcd, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r3, 0x400, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x1c, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='leases_conflict\x00'}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)

kernel console output (not intermixed with test programs):

to 164
[  281.604029][T10061] loop0: detected capacity change from 0 to 128
[  281.685925][T10066] ISOFS: unable to read i-node block
[  281.691362][T10066] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[  281.880709][T10079] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2032'.
[  281.944211][   T52] Bluetooth: hci0: Frame reassembly failed (-84)
[  282.195897][T10096] loop1: detected capacity change from 0 to 164
[  282.202892][T10096] ISOFS: unable to read i-node block
[  282.209668][T10096] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[  282.635809][T10104] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  282.810852][T10104] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  283.140138][T10104] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  283.298729][T10104] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  283.465792][   T31] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  283.495762][   T52] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  283.504161][   T52] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  283.575777][   T52] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  283.656346][T10112] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2044'.
[  283.856248][ T2346] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  283.866272][ T2346] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  283.902992][   T58] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  283.946954][   T58] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  283.947105][T10120] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2046'.
[  283.967031][ T3513] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  284.000235][T10122] loop0: detected capacity change from 0 to 1024
[  284.016106][T10122] EXT4-fs: Ignoring removed oldalloc option
[  284.022067][T10122] EXT4-fs: Ignoring removed bh option
[  284.029208][T10120] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2046'.
[  284.031730][T10122] ext4: Bad value for 'min_batch_time'
[  284.051399][T10120] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2046'.
[  284.146503][T10130] loop2: detected capacity change from 0 to 164
[  284.156530][T10130] ISOFS: unable to read i-node block
[  284.162161][T10130] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[  284.240800][T10141] loop3: detected capacity change from 0 to 2048
[  284.453860][T10148] xt_CT: No such helper "snmp_trap"
[  284.466696][T10151] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2054'.
[  284.711450][T10152] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  284.937570][T10161] loop0: detected capacity change from 0 to 2048
[  284.954334][T10152] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  284.986571][T10161] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2058'.
[  285.041994][T10152] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  285.141901][T10165] loop0: detected capacity change from 0 to 2048
[  285.176513][T10152] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  285.259684][T10171] loop3: detected capacity change from 0 to 164
[  285.268118][T10172] xt_CT: No such helper "snmp_trap"
[  285.276264][T10171] ISOFS: unable to read i-node block
[  285.281604][T10171] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[  285.313424][T10165] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2060'.
[  285.363930][T10175] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2064'.
[  285.392617][T10177] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  285.468020][T10177] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  285.486316][T10180] wireguard1: entered promiscuous mode
[  285.491866][T10180] wireguard1: entered allmulticast mode
[  285.513874][   T31] Bluetooth: hci0: Frame reassembly failed (-84)
[  285.534808][T10177] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  285.549061][   T29] kauditd_printk_skb: 60 callbacks suppressed
[  285.549078][   T29] audit: type=1326 audit(1760988391.187:2056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10179 comm="syz.0.2066" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff7ea77efc9 code=0x0
[  285.617341][T10177] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  285.703340][   T31] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  285.728730][   T31] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  285.773203][   T31] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  285.789439][   T31] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  285.840566][T10189] hub 1-0:1.0: USB hub found
[  285.851002][T10189] hub 1-0:1.0: 8 ports detected
[  285.928539][   T10] hid_parser_main: 25 callbacks suppressed
[  285.928610][   T10] hid-generic 0000:0000:10001.0028: unknown main item tag 0x7
[  285.941993][   T10] hid-generic 0000:0000:10001.0028: unknown main item tag 0x0
[  285.949532][   T10] hid-generic 0000:0000:10001.0028: unknown main item tag 0x0
[  285.957102][   T10] hid-generic 0000:0000:10001.0028: unknown main item tag 0x0
[  285.964673][   T10] hid-generic 0000:0000:10001.0028: unknown main item tag 0x0
[  285.972195][   T10] hid-generic 0000:0000:10001.0028: unknown main item tag 0x0
[  285.979730][   T10] hid-generic 0000:0000:10001.0028: unknown main item tag 0x0
[  285.987254][   T10] hid-generic 0000:0000:10001.0028: unknown main item tag 0x0
[  285.994770][   T10] hid-generic 0000:0000:10001.0028: unknown main item tag 0x0
[  286.002378][   T10] hid-generic 0000:0000:10001.0028: unknown main item tag 0x0
[  286.014510][   T10] hid-generic 0000:0000:10001.0028: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  286.034057][T10189] 8021q: adding VLAN 0 to HW filter on device macvlan14
[  286.092428][T10194] 8021q: adding VLAN 0 to HW filter on device macvlan15
[  286.333066][T10202] loop3: detected capacity change from 0 to 2048
[  286.421711][T10202] __nla_validate_parse: 2 callbacks suppressed
[  286.421741][T10202] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2070'.
[  286.677816][T10210] loop3: detected capacity change from 0 to 1024
[  286.704827][T10210] EXT4-fs: Ignoring removed oldalloc option
[  286.710815][T10210] EXT4-fs: Ignoring removed bh option
[  286.734501][T10210] ext4: Bad value for 'min_batch_time'
[  287.068876][T10215] loop1: detected capacity change from 0 to 164
[  287.076085][T10215] ISOFS: unable to read i-node block
[  287.081618][T10215] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[  287.430671][T10221] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2077'.
[  287.448913][T10222] bridge0: entered promiscuous mode
[  287.456162][T10221] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2077'.
[  287.466699][T10222] macvtap1: entered allmulticast mode
[  287.472189][T10222] bridge0: entered allmulticast mode
[  287.487291][T10222] bridge0: port 1(macvtap1) entered blocking state
[  287.493908][T10222] bridge0: port 1(macvtap1) entered disabled state
[  287.509710][T10222] bridge0: left allmulticast mode
[  287.516212][T10222] bridge0: left promiscuous mode
[  287.557407][T10229] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2080'.
[  287.566676][ T3675] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  287.573304][ T3513] Bluetooth: hci0: command 0x1003 tx timeout
[  287.597024][T10229] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2080'.
[  287.612429][T10229] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2080'.
[  288.156961][T10247] wireguard0: entered promiscuous mode
[  288.162485][T10247] wireguard0: entered allmulticast mode
[  288.184302][T10245] loop1: detected capacity change from 0 to 164
[  288.200719][T10245] ISOFS: unable to read i-node block
[  288.213011][   T29] audit: type=1326 audit(1760988393.847:2057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10246 comm="syz.2.2088" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f22071defc9 code=0x0
[  288.216118][T10245] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[  288.568155][T10260] bridge0: entered promiscuous mode
[  288.573444][T10260] macvtap1: entered allmulticast mode
[  288.578978][T10260] bridge0: entered allmulticast mode
[  288.586049][T10260] bridge0: port 1(macvtap1) entered blocking state
[  288.592726][T10260] bridge0: port 1(macvtap1) entered disabled state
[  288.602765][T10260] bridge0: left allmulticast mode
[  288.607908][T10260] bridge0: left promiscuous mode
[  288.702606][T10265] bridge0: entered promiscuous mode
[  288.708344][T10265] macvtap1: entered allmulticast mode
[  288.713774][T10265] bridge0: entered allmulticast mode
[  288.726999][T10265] bridge0: port 1(macvtap1) entered blocking state
[  288.733771][T10265] bridge0: port 1(macvtap1) entered disabled state
[  288.777426][T10265] bridge0: left allmulticast mode
[  288.782594][T10265] bridge0: left promiscuous mode
[  288.800504][T10267] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2092'.
[  288.824612][T10267] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2092'.
[  288.839551][T10267] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2092'.
[  288.966292][  T382] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  288.981804][  T382] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  288.991741][  T382] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  289.002526][  T382] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  289.090124][T10281] loop3: detected capacity change from 0 to 2048
[  289.181841][T10281] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2098'.
[  289.359274][T10288] loop3: detected capacity change from 0 to 764
[  289.373101][T10286] loop0: detected capacity change from 0 to 164
[  289.381610][T10288] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  289.390213][T10286] ISOFS: unable to read i-node block
[  289.395850][T10286] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[  289.531495][T10296] loop3: detected capacity change from 0 to 1024
[  289.538339][T10296] EXT4-fs: Ignoring removed oldalloc option
[  289.544345][T10296] EXT4-fs: Ignoring removed bh option
[  289.555192][T10296] ext4: Bad value for 'min_batch_time'
[  289.614386][T10299] hub 1-0:1.0: USB hub found
[  289.627368][T10299] hub 1-0:1.0: 8 ports detected
[  289.699449][T10300] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  289.848250][T10300] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  289.907200][T10300] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  289.968422][T10300] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  290.046999][   T37] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  290.057444][   T37] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  290.067230][ T3550] hid-generic 0000:0000:10001.0029: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  290.081709][   T37] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  290.115446][T10305] 8021q: adding VLAN 0 to HW filter on device macvlan19
[  290.169896][   T37] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  290.191821][T10307] 8021q: adding VLAN 0 to HW filter on device macvlan20
[  290.297246][   T37] Bluetooth: hci0: Frame reassembly failed (-84)
[  290.504074][T10320] loop3: detected capacity change from 0 to 2048
[  290.561315][T10320] xt_CT: No such helper "snmp_trap"
[  290.780143][T10330] bridge0: entered promiscuous mode
[  290.788871][T10330] macvtap1: entered allmulticast mode
[  290.794300][T10330] bridge0: entered allmulticast mode
[  290.801482][T10330] bridge0: port 1(macvtap1) entered blocking state
[  290.808167][T10330] bridge0: port 1(macvtap1) entered disabled state
[  290.836684][T10330] bridge0: left allmulticast mode
[  290.841822][T10330] bridge0: left promiscuous mode
[  291.129052][T10337] macvtap1: entered allmulticast mode
[  291.134515][T10337] bridge0: entered allmulticast mode
[  291.223948][T10337] bridge0: port 1(macvtap1) entered blocking state
[  291.230590][T10337] bridge0: port 1(macvtap1) entered disabled state
[  291.399986][T10337] bridge0: left allmulticast mode
[  291.482326][T10341] __nla_validate_parse: 4 callbacks suppressed
[  291.482346][T10341] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2116'.
[  291.578321][T10339] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2115'.
[  292.610691][ T3513] Bluetooth: hci0: command 0x1003 tx timeout
[  292.618160][ T3675] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  292.766202][T10349] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  292.847401][T10349] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  292.877341][T10349] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  293.027442][T10359] wireguard1: entered promiscuous mode
[  293.033129][T10359] wireguard1: entered allmulticast mode
[  293.194943][T10349] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  293.241752][   T29] audit: type=1326 audit(1760988398.877:2058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10358 comm="syz.1.2122" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa644beefc9 code=0x0
[  293.337859][T10366] loop2: detected capacity change from 0 to 764
[  293.386372][T10366] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  293.425365][T10355] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2120'.
[  293.434734][T10355] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2120'.
[  293.954971][T10370] macvtap1: entered allmulticast mode
[  293.960432][T10370] bridge0: entered allmulticast mode
[  293.976424][T10370] bridge0: port 1(macvtap1) entered blocking state
[  293.983067][T10370] bridge0: port 1(macvtap1) entered disabled state
[  294.000269][T10370] bridge0: left allmulticast mode
[  294.185042][T10374] loop3: detected capacity change from 0 to 164
[  294.195605][T10374] ISOFS: unable to read i-node block
[  294.207582][T10374] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[  294.692374][T10376] bridge0: entered promiscuous mode
[  294.703513][T10376] macvtap1: entered allmulticast mode
[  294.710385][T10376] bridge0: entered allmulticast mode
[  294.718876][T10376] bridge0: port 1(macvtap1) entered blocking state
[  294.725579][T10376] bridge0: port 1(macvtap1) entered disabled state
[  294.733290][T10376] bridge0: left allmulticast mode
[  294.738387][T10376] bridge0: left promiscuous mode
[  294.857765][T10384] macvtap1: entered allmulticast mode
[  294.863203][T10384] bridge0: entered allmulticast mode
[  294.870095][T10384] bridge0: port 1(macvtap1) entered blocking state
[  294.876759][T10384] bridge0: port 1(macvtap1) entered disabled state
[  294.886960][T10384] bridge0: left allmulticast mode
[  294.915824][   T31] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  294.924195][   T31] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  294.945925][   T37] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  294.954342][   T37] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  295.425210][T10398] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2132'.
[  295.510161][T10408] loop2: detected capacity change from 0 to 164
[  295.517537][T10408] ISOFS: unable to read i-node block
[  295.526214][T10408] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[  295.547795][T10406] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2135'.
[  295.570164][T10411] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2137'.
[  295.581470][T10411] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2137'.
[  295.604502][T10411] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2137'.
[  295.655893][T10409] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2135'.
[  295.749407][T10413] loop2: detected capacity change from 0 to 512
[  295.764582][T10413] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  295.786448][T10413] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.2138: bg 0: block 104: invalid block bitmap
[  295.799418][T10413] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  295.810591][T10413] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.2138: invalid indirect mapped block 1 (level 1)
[  295.824775][T10413] EXT4-fs (loop2): 1 truncate cleaned up
[  295.830880][T10413] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  295.857544][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  296.090724][T10422] loop2: detected capacity change from 0 to 512
[  296.127425][T10422] EXT4-fs: Mount option(s) incompatible with ext2
[  296.410826][T10431] loop3: detected capacity change from 0 to 1024
[  296.435739][T10431] EXT4-fs: Ignoring removed oldalloc option
[  296.441778][T10431] EXT4-fs: Ignoring removed bh option
[  296.454492][T10431] ext4: Bad value for 'min_batch_time'
[  296.512663][T10432] bridge0: entered promiscuous mode
[  296.531858][T10432] macvtap1: entered allmulticast mode
[  296.538831][T10432] bridge0: entered allmulticast mode
[  296.555851][T10432] bridge0: port 1(macvtap1) entered blocking state
[  296.562484][T10432] bridge0: port 1(macvtap1) entered disabled state
[  296.577893][T10432] bridge0: left allmulticast mode
[  296.583067][T10432] bridge0: left promiscuous mode
[  297.018374][ T3675] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  297.097580][T10444] hub 1-0:1.0: USB hub found
[  297.116080][T10444] hub 1-0:1.0: 8 ports detected
[  297.243065][T10452] __nla_validate_parse: 2 callbacks suppressed
[  297.243084][T10452] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2147'.
[  297.399117][   T36] hid_parser_main: 60 callbacks suppressed
[  297.399135][   T36] hid-generic 0000:0000:10001.002A: unknown main item tag 0x7
[  297.414112][   T36] hid-generic 0000:0000:10001.002A: unknown main item tag 0x0
[  297.423080][   T36] hid-generic 0000:0000:10001.002A: unknown main item tag 0x0
[  297.432189][   T36] hid-generic 0000:0000:10001.002A: unknown main item tag 0x0
[  297.441278][   T36] hid-generic 0000:0000:10001.002A: unknown main item tag 0x0
[  297.450236][   T36] hid-generic 0000:0000:10001.002A: unknown main item tag 0x0
[  297.457795][   T36] hid-generic 0000:0000:10001.002A: unknown main item tag 0x0
[  297.466741][   T36] hid-generic 0000:0000:10001.002A: unknown main item tag 0x0
[  297.474341][   T36] hid-generic 0000:0000:10001.002A: unknown main item tag 0x0
[  297.483408][   T36] hid-generic 0000:0000:10001.002A: unknown main item tag 0x0
[  297.493761][   T36] hid-generic 0000:0000:10001.002A: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  297.551609][T10460] loop0: detected capacity change from 0 to 512
[  297.559880][T10460] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  297.572935][T10460] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.2149: bg 0: block 104: invalid block bitmap
[  297.610309][T10460] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  297.622546][T10460] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.2149: invalid indirect mapped block 1 (level 1)
[  297.637482][T10444] 8021q: adding VLAN 0 to HW filter on device macvlan18
[  297.676458][T10450] 8021q: adding VLAN 0 to HW filter on device macvlan19
[  297.710178][T10460] EXT4-fs (loop0): 1 truncate cleaned up
[  297.732266][T10460] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  297.817819][T10468] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  298.117658][T10468] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  298.142138][ T3313] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  298.176683][T10478] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2154'.
[  298.203002][T10478] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2154'.
[  298.213976][T10475] bridge0: entered promiscuous mode
[  298.227223][T10475] macvtap1: entered allmulticast mode
[  298.232754][T10475] bridge0: entered allmulticast mode
[  298.265760][T10475] bridge0: port 1(macvtap1) entered blocking state
[  298.272353][T10475] bridge0: port 1(macvtap1) entered disabled state
[  298.303778][T10475] bridge0: left allmulticast mode
[  298.308887][T10475] bridge0: left promiscuous mode
[  298.338647][T10468] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  298.521968][T10468] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  298.673863][   T52] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  298.703458][   T52] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  298.729900][   T52] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  298.745879][   T52] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  298.929474][T10486] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2156'.
[  299.042535][T10494] loop2: detected capacity change from 0 to 1024
[  299.050660][T10494] EXT4-fs: Ignoring removed oldalloc option
[  299.058110][T10494] EXT4-fs: Ignoring removed bh option
[  299.105753][T10494] ext4: Bad value for 'min_batch_time'
[  299.264553][T10497] loop4: detected capacity change from 0 to 2048
[  299.449929][T10497] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2159'.
[  299.792211][   T29] audit: type=1400 audit(1760988405.427:2059): avc:  denied  { create } for  pid=10510 comm="syz.4.2164" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  299.823293][T10511] xt_hashlimit: max too large, truncated to 1048576
[  299.866483][T10511] Cannot find add_set index 0 as target
[  299.895784][   T29] audit: type=1400 audit(1760988405.447:2060): avc:  denied  { bind } for  pid=10510 comm="syz.4.2164" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  299.916646][   T29] audit: type=1400 audit(1760988405.447:2061): avc:  denied  { write } for  pid=10510 comm="syz.4.2164" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  299.937326][   T29] audit: type=1400 audit(1760988405.457:2062): avc:  denied  { create } for  pid=10510 comm="syz.4.2164" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  299.988631][T10519] loop3: detected capacity change from 0 to 512
[  300.002400][T10519] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  300.021168][T10518] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2166'.
[  300.071521][T10519] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.2165: bg 0: block 104: invalid block bitmap
[  300.209237][T10519] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  300.227966][T10519] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.2165: invalid indirect mapped block 1 (level 1)
[  300.261490][T10519] EXT4-fs (loop3): 1 truncate cleaned up
[  300.276651][T10519] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  300.340926][T10531] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2168'.
[  300.456683][ T3320] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  300.568716][   T29] audit: type=1400 audit(1760988406.207:2063): avc:  denied  { bind } for  pid=10536 comm="syz.2.2172" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  300.702522][   T29] audit: type=1400 audit(1760988406.237:2064): avc:  denied  { write } for  pid=10536 comm="syz.2.2172" path="socket:[36186]" dev="sockfs" ino=36186 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  300.890447][T10550] FAULT_INJECTION: forcing a failure.
[  300.890447][T10550] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  300.903663][T10550] CPU: 0 UID: 0 PID: 10550 Comm: syz.1.2177 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  300.903697][T10550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  300.903713][T10550] Call Trace:
[  300.903721][T10550]  <TASK>
[  300.903730][T10550]  __dump_stack+0x1d/0x30
[  300.903843][T10550]  dump_stack_lvl+0xe8/0x140
[  300.903880][T10550]  dump_stack+0x15/0x1b
[  300.903951][T10550]  should_fail_ex+0x265/0x280
[  300.904054][T10550]  should_fail+0xb/0x20
[  300.904088][T10550]  should_fail_usercopy+0x1a/0x20
[  300.904156][T10550]  _copy_from_user+0x1c/0xb0
[  300.904194][T10550]  kstrtouint_from_user+0x69/0xf0
[  300.904233][T10550]  ? 0xffffffff81000000
[  300.904249][T10550]  ? selinux_file_permission+0x1e4/0x320
[  300.904307][T10550]  proc_fail_nth_write+0x50/0x160
[  300.904337][T10550]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  300.904419][T10550]  vfs_write+0x269/0x960
[  300.904441][T10550]  ? __rcu_read_unlock+0x4f/0x70
[  300.904482][T10550]  ? __fget_files+0x184/0x1c0
[  300.904508][T10550]  ksys_write+0xda/0x1a0
[  300.904532][T10550]  __x64_sys_write+0x40/0x50
[  300.904594][T10550]  x64_sys_call+0x2802/0x3000
[  300.904631][T10550]  do_syscall_64+0xd2/0x200
[  300.904663][T10550]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  300.904689][T10550]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  300.904823][T10550]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  300.904847][T10550] RIP: 0033:0x7fa644beda7f
[  300.904865][T10550] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  300.904888][T10550] RSP: 002b:00007fa64364f030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  300.904944][T10550] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fa644beda7f
[  300.905018][T10550] RDX: 0000000000000001 RSI: 00007fa64364f0a0 RDI: 0000000000000003
[  300.905034][T10550] RBP: 00007fa64364f090 R08: 0000000000000000 R09: 0000000000000000
[  300.905049][T10550] R10: 000000000000004a R11: 0000000000000293 R12: 0000000000000001
[  300.905064][T10550] R13: 00007fa644e46038 R14: 00007fa644e45fa0 R15: 00007ffd69888568
[  300.905147][T10550]  </TASK>
[  300.944207][T10551] loop0: detected capacity change from 0 to 1024
[  301.144248][T10551] EXT4-fs: Ignoring removed oldalloc option
[  301.151997][T10551] EXT4-fs: Ignoring removed bh option
[  301.158929][T10551] ext4: Bad value for 'min_batch_time'
[  301.226272][T10557] loop2: detected capacity change from 0 to 764
[  301.249455][T10557] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  301.592416][T10563] loop1: detected capacity change from 0 to 1024
[  301.673102][T10563] EXT4-fs: Ignoring removed oldalloc option
[  301.679283][T10563] EXT4-fs: Ignoring removed bh option
[  301.724910][   T29] audit: type=1400 audit(1760988407.357:2065): avc:  denied  { create } for  pid=10566 comm="syz.2.2182" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  301.744572][   T29] audit: type=1400 audit(1760988407.357:2066): avc:  denied  { ioctl } for  pid=10566 comm="syz.2.2182" path="socket:[36273]" dev="sockfs" ino=36273 ioctlcmd=0x942d scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  301.769287][   T29] audit: type=1400 audit(1760988407.357:2067): avc:  denied  { map } for  pid=10566 comm="syz.2.2182" path="socket:[36273]" dev="sockfs" ino=36273 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  301.792497][   T29] audit: type=1400 audit(1760988407.357:2068): avc:  denied  { read } for  pid=10566 comm="syz.2.2182" path="socket:[36273]" dev="sockfs" ino=36273 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  301.824691][T10563] ext4: Bad value for 'min_batch_time'
[  301.843320][T10571] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2184'.
[  302.189283][T10583] bridge0: entered promiscuous mode
[  302.196113][T10583] macvtap1: entered allmulticast mode
[  302.201510][T10583] bridge0: entered allmulticast mode
[  302.242815][T10583] bridge0: port 1(macvtap1) entered blocking state
[  302.249409][T10583] bridge0: port 1(macvtap1) entered disabled state
[  302.266658][T10583] bridge0: left allmulticast mode
[  302.271762][T10583] bridge0: left promiscuous mode
[  302.602443][T10591] loop2: detected capacity change from 0 to 764
[  302.611217][T10591] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  302.866005][T10593] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2190'.
[  302.913237][T10627] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2201'.
[  302.924248][T10627] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2201'.
[  302.949988][T10627] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2201'.
[  302.986015][T10630] FAULT_INJECTION: forcing a failure.
[  302.986015][T10630] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  302.999233][T10630] CPU: 0 UID: 0 PID: 10630 Comm: syz.0.2202 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  302.999334][T10630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  302.999357][T10630] Call Trace:
[  302.999364][T10630]  <TASK>
[  302.999374][T10630]  __dump_stack+0x1d/0x30
[  302.999470][T10630]  dump_stack_lvl+0xe8/0x140
[  302.999507][T10630]  dump_stack+0x15/0x1b
[  302.999582][T10630]  should_fail_ex+0x265/0x280
[  302.999676][T10630]  should_fail+0xb/0x20
[  302.999762][T10630]  should_fail_usercopy+0x1a/0x20
[  302.999802][T10630]  _copy_to_user+0x20/0xa0
[  302.999830][T10630]  simple_read_from_buffer+0xb5/0x130
[  302.999891][T10630]  proc_fail_nth_read+0x10e/0x150
[  302.999934][T10630]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  303.000028][T10630]  vfs_read+0x1a8/0x770
[  303.000128][T10630]  ? __rcu_read_unlock+0x4f/0x70
[  303.000200][T10630]  ? __fget_files+0x184/0x1c0
[  303.000229][T10630]  ksys_read+0xda/0x1a0
[  303.000250][T10630]  __x64_sys_read+0x40/0x50
[  303.000267][T10630]  x64_sys_call+0x27c0/0x3000
[  303.000359][T10630]  do_syscall_64+0xd2/0x200
[  303.000394][T10630]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  303.000459][T10630]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  303.000489][T10630]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  303.000510][T10630] RIP: 0033:0x7ff7ea77d9dc
[  303.000524][T10630] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  303.000585][T10630] RSP: 002b:00007ff7e91e7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  303.000609][T10630] RAX: ffffffffffffffda RBX: 00007ff7ea9d5fa0 RCX: 00007ff7ea77d9dc
[  303.000625][T10630] RDX: 000000000000000f RSI: 00007ff7e91e70a0 RDI: 0000000000000006
[  303.000641][T10630] RBP: 00007ff7e91e7090 R08: 0000000000000000 R09: 0000000000000000
[  303.000721][T10630] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  303.000733][T10630] R13: 00007ff7ea9d6038 R14: 00007ff7ea9d5fa0 R15: 00007ffde1941f08
[  303.000756][T10630]  </TASK>
[  303.215657][T10632] loop4: detected capacity change from 0 to 764
[  303.232075][T10634] serio: Serial port ptm0
[  303.237536][T10632] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  303.341175][T10634] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2204'.
[  303.406387][T10645] loop0: detected capacity change from 0 to 2048
[  303.542060][T10645] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2208'.
[  303.584561][T10651] wireguard0: entered promiscuous mode
[  303.590068][T10651] wireguard0: entered allmulticast mode
[  303.603044][T10648] xt_CT: No such helper "snmp_trap"
[  303.648431][T10655] loop1: detected capacity change from 0 to 2048
[  303.680617][T10646] bridge0: entered promiscuous mode
[  303.687060][T10646] macvtap1: entered allmulticast mode
[  303.692588][T10646] bridge0: entered allmulticast mode
[  303.715730][T10646] bridge0: port 1(macvtap1) entered blocking state
[  303.722464][T10646] bridge0: port 1(macvtap1) entered disabled state
[  303.739287][T10658] loop0: detected capacity change from 0 to 2048
[  303.756208][T10646] bridge0: left allmulticast mode
[  303.761333][T10646] bridge0: left promiscuous mode
[  303.768246][T10655] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2210'.
[  303.830976][T10671] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2214'.
[  303.869666][T10671] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2214'.
[  303.889511][T10671] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2214'.
[  304.056028][T10681] FAULT_INJECTION: forcing a failure.
[  304.056028][T10681] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  304.064094][T10683] loop3: detected capacity change from 0 to 128
[  304.069540][T10681] CPU: 0 UID: 0 PID: 10681 Comm: syz.1.2219 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  304.069624][T10681] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  304.069640][T10681] Call Trace:
[  304.069648][T10681]  <TASK>
[  304.069657][T10681]  __dump_stack+0x1d/0x30
[  304.069702][T10681]  dump_stack_lvl+0xe8/0x140
[  304.069839][T10681]  dump_stack+0x15/0x1b
[  304.069871][T10681]  should_fail_ex+0x265/0x280
[  304.069906][T10681]  should_fail+0xb/0x20
[  304.069941][T10681]  should_fail_usercopy+0x1a/0x20
[  304.070038][T10681]  _copy_from_user+0x1c/0xb0
[  304.070065][T10681]  ___sys_sendmsg+0xc1/0x1d0
[  304.070122][T10681]  __x64_sys_sendmsg+0xd4/0x160
[  304.070160][T10681]  x64_sys_call+0x191e/0x3000
[  304.070194][T10681]  do_syscall_64+0xd2/0x200
[  304.070318][T10681]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  304.070389][T10681]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  304.070419][T10681]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  304.070511][T10681] RIP: 0033:0x7fa644beefc9
[  304.070530][T10681] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  304.070621][T10681] RSP: 002b:00007fa64364f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  304.070643][T10681] RAX: ffffffffffffffda RBX: 00007fa644e45fa0 RCX: 00007fa644beefc9
[  304.070657][T10681] RDX: 0000000000000800 RSI: 0000200000000180 RDI: 0000000000000004
[  304.070673][T10681] RBP: 00007fa64364f090 R08: 0000000000000000 R09: 0000000000000000
[  304.070687][T10681] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  304.070702][T10681] R13: 00007fa644e46038 R14: 00007fa644e45fa0 R15: 00007ffd69888568
[  304.070724][T10681]  </TASK>
[  304.270939][T10683] EXT4-fs: Ignoring removed nobh option
[  304.286313][T10683] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  304.301493][T10683] ext4 filesystem being mounted at /435/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  304.373473][T10692] loop4: detected capacity change from 0 to 2048
[  304.462247][ T3320] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  304.488590][T10701] FAULT_INJECTION: forcing a failure.
[  304.488590][T10701] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  304.501704][T10701] CPU: 0 UID: 0 PID: 10701 Comm: syz.1.2226 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  304.501738][T10701] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  304.501755][T10701] Call Trace:
[  304.501761][T10701]  <TASK>
[  304.501781][T10701]  __dump_stack+0x1d/0x30
[  304.501816][T10701]  dump_stack_lvl+0xe8/0x140
[  304.501903][T10701]  dump_stack+0x15/0x1b
[  304.501935][T10701]  should_fail_ex+0x265/0x280
[  304.501970][T10701]  should_fail+0xb/0x20
[  304.501995][T10701]  should_fail_usercopy+0x1a/0x20
[  304.502136][T10701]  _copy_from_iter+0xd2/0xe80
[  304.502161][T10701]  ? __build_skb_around+0x1ab/0x200
[  304.502191][T10701]  ? __alloc_skb+0x223/0x320
[  304.502221][T10701]  pfkey_sendmsg+0x126/0x900
[  304.502285][T10701]  ? avc_has_perm+0xf7/0x180
[  304.502317][T10701]  ? selinux_socket_sendmsg+0x175/0x1b0
[  304.502363][T10701]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  304.502385][T10701]  __sock_sendmsg+0x145/0x180
[  304.502465][T10701]  ____sys_sendmsg+0x31e/0x4e0
[  304.502513][T10701]  ___sys_sendmsg+0x17b/0x1d0
[  304.502641][T10701]  __x64_sys_sendmsg+0xd4/0x160
[  304.502683][T10701]  x64_sys_call+0x191e/0x3000
[  304.502750][T10701]  do_syscall_64+0xd2/0x200
[  304.502788][T10701]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  304.502868][T10701]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  304.502902][T10701]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  304.502928][T10701] RIP: 0033:0x7fa644beefc9
[  304.502948][T10701] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  304.502992][T10701] RSP: 002b:00007fa64364f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  304.503047][T10701] RAX: ffffffffffffffda RBX: 00007fa644e45fa0 RCX: 00007fa644beefc9
[  304.503062][T10701] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000004
[  304.503073][T10701] RBP: 00007fa64364f090 R08: 0000000000000000 R09: 0000000000000000
[  304.503085][T10701] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  304.503096][T10701] R13: 00007fa644e46038 R14: 00007fa644e45fa0 R15: 00007ffd69888568
[  304.503117][T10701]  </TASK>
[  304.912369][T10718] loop1: detected capacity change from 0 to 1024
[  304.956412][   T29] kauditd_printk_skb: 108 callbacks suppressed
[  304.956427][   T29] audit: type=1400 audit(1760988410.597:2177): avc:  denied  { ioctl } for  pid=10707 comm="syz.0.2229" path="socket:[35555]" dev="sockfs" ino=35555 ioctlcmd=0x894c scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  304.994762][T10718] EXT4-fs: Ignoring removed oldalloc option
[  305.000722][T10718] EXT4-fs: Ignoring removed bh option
[  305.013708][T10718] ext4: Bad value for 'min_batch_time'
[  305.050839][T10721] loop0: detected capacity change from 0 to 512
[  305.088219][T10727] loop4: detected capacity change from 0 to 1024
[  305.096479][T10727] EXT4-fs: Ignoring removed oldalloc option
[  305.102577][T10727] EXT4-fs: Ignoring removed bh option
[  305.109639][T10727] ext4: Bad value for 'min_batch_time'
[  305.183073][T10722] bridge0: entered promiscuous mode
[  305.189731][T10722] macvtap1: entered allmulticast mode
[  305.196669][T10722] bridge0: entered allmulticast mode
[  305.203436][T10722] bridge0: port 1(macvtap1) entered blocking state
[  305.211272][T10722] bridge0: port 1(macvtap1) entered disabled state
[  305.220231][T10722] bridge0: left allmulticast mode
[  305.226737][T10722] bridge0: left promiscuous mode
[  305.283587][T10735] FAULT_INJECTION: forcing a failure.
[  305.283587][T10735] name failslab, interval 1, probability 0, space 0, times 0
[  305.296317][T10735] CPU: 0 UID: 0 PID: 10735 Comm: syz.0.2237 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  305.296354][T10735] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  305.296370][T10735] Call Trace:
[  305.296378][T10735]  <TASK>
[  305.296388][T10735]  __dump_stack+0x1d/0x30
[  305.296422][T10735]  dump_stack_lvl+0xe8/0x140
[  305.296451][T10735]  dump_stack+0x15/0x1b
[  305.296483][T10735]  should_fail_ex+0x265/0x280
[  305.296513][T10735]  ? hugetlb_vm_op_open+0x218/0x390
[  305.296544][T10735]  should_failslab+0x8c/0xb0
[  305.296571][T10735]  __kmalloc_cache_noprof+0x4c/0x4a0
[  305.296603][T10735]  ? __pfx_hugetlb_vm_op_open+0x10/0x10
[  305.296639][T10735]  hugetlb_vm_op_open+0x218/0x390
[  305.296677][T10735]  ? __pfx_hugetlb_vm_op_open+0x10/0x10
[  305.296706][T10735]  __split_vma+0x355/0x650
[  305.296727][T10735]  ? refill_obj_stock+0x254/0x2e0
[  305.296757][T10735]  vms_gather_munmap_vmas+0x17a/0x7b0
[  305.296795][T10735]  ? mas_find+0x608/0x700
[  305.296830][T10735]  mmap_region+0x52b/0x1620
[  305.296865][T10735]  ? selinux_file_open+0x2df/0x330
[  305.296895][T10735]  ? __rcu_read_unlock+0x4f/0x70
[  305.296932][T10735]  ? mntput_no_expire+0x6f/0x440
[  305.296987][T10735]  do_mmap+0x9b3/0xbe0
[  305.297025][T10735]  __se_sys_remap_file_pages+0x537/0x5e0
[  305.297066][T10735]  ? fput+0x8f/0xc0
[  305.297094][T10735]  __x64_sys_remap_file_pages+0x67/0x80
[  305.297126][T10735]  x64_sys_call+0x23b3/0x3000
[  305.297163][T10735]  do_syscall_64+0xd2/0x200
[  305.297198][T10735]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  305.297224][T10735]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  305.297258][T10735]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  305.297286][T10735] RIP: 0033:0x7ff7ea77efc9
[  305.297305][T10735] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  305.297326][T10735] RSP: 002b:00007ff7e91e7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d8
[  305.297352][T10735] RAX: ffffffffffffffda RBX: 00007ff7ea9d5fa0 RCX: 00007ff7ea77efc9
[  305.297365][T10735] RDX: 0000000000000000 RSI: 0000000000800000 RDI: 0000200000800000
[  305.297380][T10735] RBP: 00007ff7e91e7090 R08: 0000000000000020 R09: 0000000000000000
[  305.297396][T10735] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  305.297411][T10735] R13: 00007ff7ea9d6038 R14: 00007ff7ea9d5fa0 R15: 00007ffde1941f08
[  305.297441][T10735]  </TASK>
[  305.297450][T10735] HugeTLB: unable to allocate vma specific lock
[  305.587959][T10739] loop0: detected capacity change from 0 to 2048
[  305.652585][T10743] loop0: detected capacity change from 0 to 512
[  305.668219][T10743] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  305.682520][T10743] ext4 filesystem being mounted at /440/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  305.696659][   T29] audit: type=1400 audit(1760988411.337:2178): avc:  denied  { setopt } for  pid=10742 comm="syz.0.2241" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  305.765756][   T29] audit: type=1400 audit(1760988411.397:2179): avc:  denied  { read write } for  pid=10742 comm="syz.0.2241" name="rdma_cm" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[  305.791548][   T29] audit: type=1400 audit(1760988411.397:2180): avc:  denied  { open } for  pid=10742 comm="syz.0.2241" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[  305.864004][   T29] audit: type=1400 audit(1760988411.497:2181): avc:  denied  { read } for  pid=10751 comm="syz.3.2243" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  305.930452][ T3313] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  306.025900][   T29] audit: type=1326 audit(1760988411.657:2182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10768 comm="syz.0.2246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7ea77efc9 code=0x7ffc0000
[  306.036651][T10769] FAULT_INJECTION: forcing a failure.
[  306.036651][T10769] name failslab, interval 1, probability 0, space 0, times 0
[  306.051391][   T29] audit: type=1326 audit(1760988411.657:2183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10768 comm="syz.0.2246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7ff7ea77efc9 code=0x7ffc0000
[  306.062193][T10769] CPU: 0 UID: 0 PID: 10769 Comm: syz.0.2246 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  306.062224][T10769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  306.062237][T10769] Call Trace:
[  306.062246][T10769]  <TASK>
[  306.062332][T10769]  __dump_stack+0x1d/0x30
[  306.062444][T10769]  dump_stack_lvl+0xe8/0x140
[  306.062476][T10769]  dump_stack+0x15/0x1b
[  306.062504][T10769]  should_fail_ex+0x265/0x280
[  306.062580][T10769]  should_failslab+0x8c/0xb0
[  306.062606][T10769]  kmem_cache_alloc_noprof+0x50/0x480
[  306.062627][T10769]  ? audit_log_start+0x342/0x720
[  306.062673][T10769]  audit_log_start+0x342/0x720
[  306.062705][T10769]  ? kstrtouint+0x76/0xc0
[  306.062780][T10769]  audit_seccomp+0x48/0x100
[  306.062811][T10769]  ? __seccomp_filter+0x82d/0x1250
[  306.062835][T10769]  __seccomp_filter+0x83e/0x1250
[  306.062859][T10769]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  306.062940][T10769]  ? vfs_write+0x7e8/0x960
[  306.062960][T10769]  ? kmem_cache_free+0xe4/0x3d0
[  306.063029][T10769]  __secure_computing+0x82/0x150
[  306.063066][T10769]  syscall_trace_enter+0xcf/0x1e0
[  306.063093][T10769]  do_syscall_64+0xac/0x200
[  306.063210][T10769]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  306.063249][T10769]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  306.063340][T10769]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  306.063365][T10769] RIP: 0033:0x7ff7ea77efc9
[  306.063382][T10769] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  306.063404][T10769] RSP: 002b:00007ff7e91e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000045
[  306.063454][T10769] RAX: ffffffffffffffda RBX: 00007ff7ea9d5fa0 RCX: 00007ff7ea77efc9
[  306.063469][T10769] RDX: 0000000000002000 RSI: 0000200000000340 RDI: 0000000000000000
[  306.063485][T10769] RBP: 00007ff7e91e7090 R08: 0000000000000000 R09: 0000000000000000
[  306.063569][T10769] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  306.063583][T10769] R13: 00007ff7ea9d6038 R14: 00007ff7ea9d5fa0 R15: 00007ffde1941f08
[  306.063607][T10769]  </TASK>
[  306.063617][T10769] audit: audit_lost=7 audit_rate_limit=0 audit_backlog_limit=64
[  306.063632][T10769] audit: out of memory in audit_log_start
[  306.308769][T10775] loop3: detected capacity change from 0 to 512
[  306.317225][   T29] audit: type=1326 audit(1760988411.657:2184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10768 comm="syz.0.2246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7ea77efc9 code=0x7ffc0000
[  306.387334][T10775] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  306.426531][T10775] ext4 filesystem being mounted at /440/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  306.496895][T10787] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  306.577579][T10787] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  306.602588][ T3320] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  306.627257][T10791] loop4: detected capacity change from 0 to 1024
[  306.634038][T10791] EXT4-fs: Ignoring removed oldalloc option
[  306.641421][T10791] EXT4-fs: Ignoring removed bh option
[  306.653587][T10787] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  306.689695][T10791] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  306.723496][T10787] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  306.742647][T10797] loop3: detected capacity change from 0 to 1024
[  306.768930][T10797] EXT4-fs: Ignoring removed oldalloc option
[  306.776770][T10797] EXT4-fs: Ignoring removed bh option
[  306.803668][   T37] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  306.812172][T10797] ext4: Bad value for 'min_batch_time'
[  306.819427][   T37] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  306.837418][   T37] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  306.864908][   T37] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  306.919313][T10800] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt.
[  306.948838][T10802] loop2: detected capacity change from 0 to 764
[  306.958918][T10804] FAULT_INJECTION: forcing a failure.
[  306.958918][T10804] name failslab, interval 1, probability 0, space 0, times 0
[  306.973097][T10804] CPU: 1 UID: 0 PID: 10804 Comm: syz.0.2259 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  306.973131][T10804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  306.973195][T10804] Call Trace:
[  306.973203][T10804]  <TASK>
[  306.973213][T10804]  __dump_stack+0x1d/0x30
[  306.973259][T10804]  dump_stack_lvl+0xe8/0x140
[  306.973401][T10804]  dump_stack+0x15/0x1b
[  306.973426][T10804]  should_fail_ex+0x265/0x280
[  306.973461][T10804]  ? __pfx_perf_trace_kmem_cache_alloc+0x10/0x10
[  306.973487][T10804]  should_failslab+0x8c/0xb0
[  306.973549][T10804]  __kmalloc_noprof+0xa5/0x570
[  306.973572][T10804]  ? tracepoint_add_func+0x1e8/0x690
[  306.973601][T10804]  ? __pfx_perf_trace_kmem_cache_alloc+0x10/0x10
[  306.973620][T10804]  tracepoint_add_func+0x1e8/0x690
[  306.973733][T10804]  ? perf_trace_event_init+0x18f/0x7b0
[  306.973765][T10804]  ? pcpu_alloc_noprof+0xd29/0x1250
[  306.973800][T10804]  ? __pfx_perf_trace_kmem_cache_alloc+0x10/0x10
[  306.973823][T10804]  tracepoint_probe_register+0x5b/0x90
[  306.973885][T10804]  ? __pfx_perf_trace_kmem_cache_alloc+0x10/0x10
[  306.973912][T10804]  trace_event_reg+0x14b/0x170
[  306.973935][T10804]  perf_trace_event_init+0x35c/0x7b0
[  306.974016][T10804]  perf_trace_init+0x15f/0x1d0
[  306.974044][T10804]  perf_tp_event_init+0x68/0xc0
[  306.974073][T10804]  perf_try_init_event+0xd9/0x540
[  306.974090][T10804]  ? perf_event_alloc+0xb1c/0x1740
[  306.974141][T10804]  perf_event_alloc+0xb27/0x1740
[  306.974166][T10804]  __se_sys_perf_event_open+0x615/0x11c0
[  306.974235][T10804]  ? __rcu_read_unlock+0x4f/0x70
[  306.974275][T10804]  __x64_sys_perf_event_open+0x67/0x80
[  306.974296][T10804]  x64_sys_call+0x7bd/0x3000
[  306.974339][T10804]  do_syscall_64+0xd2/0x200
[  306.974384][T10804]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  306.974410][T10804]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  306.974444][T10804]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  306.974504][T10804] RIP: 0033:0x7ff7ea77efc9
[  306.974523][T10804] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  306.974562][T10804] RSP: 002b:00007ff7e91e7038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[  306.974584][T10804] RAX: ffffffffffffffda RBX: 00007ff7ea9d5fa0 RCX: 00007ff7ea77efc9
[  306.974596][T10804] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000200000000140
[  306.974608][T10804] RBP: 00007ff7e91e7090 R08: 0000000000000002 R09: 0000000000000000
[  306.974619][T10804] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001
[  306.974634][T10804] R13: 00007ff7ea9d6038 R14: 00007ff7ea9d5fa0 R15: 00007ffde1941f08
[  306.974658][T10804]  </TASK>
[  307.236325][T10802] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  307.299384][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  307.322561][T10812] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  307.363610][T10814] SELinux: failed to load policy
[  307.388945][T10817] FAULT_INJECTION: forcing a failure.
[  307.388945][T10817] name failslab, interval 1, probability 0, space 0, times 0
[  307.401668][T10817] CPU: 1 UID: 0 PID: 10817 Comm: syz.0.2266 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  307.401695][T10817] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  307.401707][T10817] Call Trace:
[  307.401714][T10817]  <TASK>
[  307.401723][T10817]  __dump_stack+0x1d/0x30
[  307.401789][T10817]  dump_stack_lvl+0xe8/0x140
[  307.401825][T10817]  dump_stack+0x15/0x1b
[  307.401918][T10817]  should_fail_ex+0x265/0x280
[  307.401958][T10817]  should_failslab+0x8c/0xb0
[  307.401989][T10817]  __kmalloc_cache_node_noprof+0x54/0x4a0
[  307.402048][T10817]  ? __get_vm_area_node+0x106/0x1d0
[  307.402111][T10817]  ? terminate_walk+0x27f/0x2a0
[  307.402142][T10817]  __get_vm_area_node+0x106/0x1d0
[  307.402172][T10817]  __vmalloc_node_range_noprof+0x28c/0xed0
[  307.402203][T10817]  ? sel_write_load+0x158/0x380
[  307.402235][T10817]  ? _parse_integer+0x27/0x40
[  307.402350][T10817]  ? sel_write_load+0x158/0x380
[  307.402429][T10817]  vmalloc_noprof+0x82/0xc0
[  307.402525][T10817]  ? sel_write_load+0x158/0x380
[  307.402602][T10817]  sel_write_load+0x158/0x380
[  307.402632][T10817]  ? __pfx_sel_write_load+0x10/0x10
[  307.402657][T10817]  vfs_write+0x269/0x960
[  307.402673][T10817]  ? __rcu_read_unlock+0x4f/0x70
[  307.402712][T10817]  ? __fget_files+0x184/0x1c0
[  307.402762][T10817]  ksys_write+0xda/0x1a0
[  307.402782][T10817]  __x64_sys_write+0x40/0x50
[  307.402799][T10817]  x64_sys_call+0x2802/0x3000
[  307.402891][T10817]  do_syscall_64+0xd2/0x200
[  307.402927][T10817]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  307.402970][T10817]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  307.402996][T10817]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.403017][T10817] RIP: 0033:0x7ff7ea77efc9
[  307.403037][T10817] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  307.403059][T10817] RSP: 002b:00007ff7e91e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  307.403156][T10817] RAX: ffffffffffffffda RBX: 00007ff7ea9d5fa0 RCX: 00007ff7ea77efc9
[  307.403171][T10817] RDX: 0000000000000010 RSI: 0000200000000bc0 RDI: 0000000000000003
[  307.403201][T10817] RBP: 00007ff7e91e7090 R08: 0000000000000000 R09: 0000000000000000
[  307.403212][T10817] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  307.403224][T10817] R13: 00007ff7ea9d6038 R14: 00007ff7ea9d5fa0 R15: 00007ffde1941f08
[  307.403241][T10817]  </TASK>
[  307.403249][T10817] syz.0.2266: vmalloc error: size 16, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null)
[  307.476654][T10823] hub 1-0:1.0: USB hub found
[  307.476791][T10823] hub 1-0:1.0: 8 ports detected
[  307.543496][ T3396] hid_parser_main: 25 callbacks suppressed
[  307.543518][ T3396] hid-generic 0000:0000:10001.002B: unknown main item tag 0x7
[  307.548414][T10817] ,cpuset=
[  307.551570][ T3396] hid-generic 0000:0000:10001.002B: unknown main item tag 0x0
[  307.557752][T10817] /
[  307.560741][ T3396] hid-generic 0000:0000:10001.002B: unknown main item tag 0x0
[  307.568383][T10817] ,mems_allowed=0
[  307.572627][ T3396] hid-generic 0000:0000:10001.002B: unknown main item tag 0x0
[  307.580019][T10817] 
[  307.583002][ T3396] hid-generic 0000:0000:10001.002B: unknown main item tag 0x0
[  307.604218][T10817] CPU: 1 UID: 0 PID: 10817 Comm: syz.0.2266 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  307.604256][T10817] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  307.604272][T10817] Call Trace:
[  307.604280][T10817]  <TASK>
[  307.604289][T10817]  __dump_stack+0x1d/0x30
[  307.604400][T10817]  dump_stack_lvl+0xe8/0x140
[  307.604442][T10817]  dump_stack+0x15/0x1b
[  307.604477][T10817]  warn_alloc+0x12b/0x1a0
[  307.604508][T10817]  ? terminate_walk+0x27f/0x2a0
[  307.604600][T10817]  __vmalloc_node_range_noprof+0x2b1/0xed0
[  307.604768][T10817]  ? _parse_integer+0x27/0x40
[  307.604824][T10817]  ? sel_write_load+0x158/0x380
[  307.604922][T10817]  vmalloc_noprof+0x82/0xc0
[  307.604955][T10817]  ? sel_write_load+0x158/0x380
[  307.605009][T10817]  sel_write_load+0x158/0x380
[  307.605118][T10817]  ? __pfx_sel_write_load+0x10/0x10
[  307.605163][T10817]  vfs_write+0x269/0x960
[  307.605185][T10817]  ? __rcu_read_unlock+0x4f/0x70
[  307.605302][T10817]  ? __fget_files+0x184/0x1c0
[  307.605334][T10817]  ksys_write+0xda/0x1a0
[  307.605361][T10817]  __x64_sys_write+0x40/0x50
[  307.605414][T10817]  x64_sys_call+0x2802/0x3000
[  307.605456][T10817]  do_syscall_64+0xd2/0x200
[  307.605496][T10817]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  307.605598][T10817]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  307.605681][T10817]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.605710][T10817] RIP: 0033:0x7ff7ea77efc9
[  307.605732][T10817] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  307.605755][T10817] RSP: 002b:00007ff7e91e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  307.605781][T10817] RAX: ffffffffffffffda RBX: 00007ff7ea9d5fa0 RCX: 00007ff7ea77efc9
[  307.605799][T10817] RDX: 0000000000000010 RSI: 0000200000000bc0 RDI: 0000000000000003
[  307.605867][T10817] RBP: 00007ff7e91e7090 R08: 0000000000000000 R09: 0000000000000000
[  307.605884][T10817] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  307.605900][T10817] R13: 00007ff7ea9d6038 R14: 00007ff7ea9d5fa0 R15: 00007ffde1941f08
[  307.605926][T10817]  </TASK>
[  307.607520][T10817] Mem-Info:
[  307.611191][ T3396] hid-generic 0000:0000:10001.002B: unknown main item tag 0x0
[  307.620788][T10817] active_anon:8415 inactive_anon:6 isolated_anon:0
[  307.620788][T10817]  active_file:21042 inactive_file:6496 isolated_file:0
[  307.620788][T10817]  unevictable:37 dirty:58 writeback:4
[  307.620788][T10817]  slab_reclaimable:3385 slab_unreclaimable:18675
[  307.620788][T10817]  mapped:33298 shmem:4450 pagetables:1103
[  307.620788][T10817]  sec_pagetables:0 bounce:0
[  307.620788][T10817]  kernel_misc_reclaimable:0
[  307.620788][T10817]  free:1839785 free_pcp:42440 free_cma:0
[  307.627283][ T3396] hid-generic 0000:0000:10001.002B: unknown main item tag 0x0
[  307.627312][ T3396] hid-generic 0000:0000:10001.002B: unknown main item tag 0x0
[  307.627355][ T3396] hid-generic 0000:0000:10001.002B: unknown main item tag 0x0
[  307.627479][ T3396] hid-generic 0000:0000:10001.002B: unknown main item tag 0x0
[  307.639497][T10812] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  307.647531][T10817] Node 0 active_anon:33776kB inactive_anon:24kB active_file:84168kB inactive_file:25984kB unevictable:148kB isolated(anon):0kB isolated(file):0kB mapped:133308kB dirty:232kB writeback:16kB shmem:17800kB kernel_stack:3488kB pagetables:4412kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  307.657155][ T3396] hid-generic 0000:0000:10001.002B: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  308.120259][T10817] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  308.151252][T10817] lowmem_reserve[]: 0 2879 7858 7858
[  308.157959][T10817] Node 0 DMA32 free:2945524kB boost:0kB min:4128kB low:7056kB high:9984kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:3129332kB managed:2949052kB mlocked:0kB bounce:0kB free_pcp:3528kB local_pcp:0kB free_cma:0kB
[  308.190495][T10817] lowmem_reserve[]: 0 0 4978 4978
[  308.196873][T10817] Node 0 Normal free:4374924kB boost:0kB min:7188kB low:12284kB high:17380kB reserved_highatomic:0KB free_highatomic:0KB active_anon:89736kB inactive_anon:0kB active_file:84168kB inactive_file:25916kB unevictable:68kB writepending:244kB zspages:0kB present:5242880kB managed:5098240kB mlocked:68kB bounce:0kB free_pcp:133492kB local_pcp:126144kB free_cma:0kB
[  308.231740][T10817] lowmem_reserve[]: 0 0 0 0
[  308.237863][T10817] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  308.252010][T10817] Node 0 DMA32: 5*4kB (M) 2*8kB (M) 5*16kB (M) 4*32kB (M) 2*64kB (M) 3*128kB (M) 3*256kB (M) 4*512kB (M) 3*1024kB (M) 3*2048kB (M) 716*4096kB (M) = 2945524kB
[  308.269526][T10817] Node 0 Normal: 204*4kB (UME) 1005*8kB (UE) 867*16kB (UE) 1106*32kB (UME) 1319*64kB (UME) 760*128kB (UME) 424*256kB (UME) 301*512kB (UME) 302*1024kB (UME) 96*2048kB (UME) 821*4096kB (UM) = 4371144kB
[  308.290673][T10817] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  308.301102][T10817] 46894 total pagecache pages
[  308.307018][T10817] 1 pages in swap cache
[  308.311171][T10817] Free swap  = 124972kB
[  308.316480][T10817] Total swap = 124996kB
[  308.320634][T10817] 2097051 pages RAM
[  308.325539][T10817] 0 pages HighMem/MovableOnly
[  308.330214][T10817] 81388 pages reserved
[  308.344633][T10825] 8021q: adding VLAN 0 to HW filter on device macvlan20
[  308.363796][T10823] 8021q: adding VLAN 0 to HW filter on device macvlan21
[  308.400296][T10830] loop3: detected capacity change from 0 to 2048
[  308.462451][T10812] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.586949][T10812] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.694763][   T52] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  308.714912][   T52] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  308.747185][   T52] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  308.780783][   T52] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  308.893769][T10840] loop1: detected capacity change from 0 to 764
[  308.905646][T10840] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  308.939355][T10847] __nla_validate_parse: 10 callbacks suppressed
[  308.939430][T10847] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2275'.
[  309.007190][T10851] binfmt_misc: register: failed to install interpreter file ./file0
[  309.058438][T10857] loop4: detected capacity change from 0 to 1024
[  309.065937][T10857] EXT4-fs: Ignoring removed oldalloc option
[  309.072057][T10857] EXT4-fs: Ignoring removed bh option
[  309.077690][T10857] ext4: Bad value for 'min_batch_time'
[  309.286033][T10862] loop3: detected capacity change from 0 to 1024
[  309.292719][T10862] EXT4-fs: Ignoring removed oldalloc option
[  309.300128][T10862] EXT4-fs: Ignoring removed bh option
[  309.307500][T10863] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.2279'.
[  309.318568][T10860] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.2279'.
[  309.350585][T10862] ext4: Bad value for 'min_batch_time'
[  309.364235][T10863] loop1: detected capacity change from 0 to 512
[  309.373647][T10863] EXT4-fs: Mount option(s) incompatible with ext2
[  309.761754][T10871] bridge0: entered promiscuous mode
[  309.768523][T10871] macvtap1: entered allmulticast mode
[  309.773935][T10871] bridge0: entered allmulticast mode
[  309.782511][T10871] bridge0: port 1(macvtap1) entered blocking state
[  309.790469][T10871] bridge0: port 1(macvtap1) entered disabled state
[  309.800098][T10871] bridge0: left allmulticast mode
[  309.806364][T10871] bridge0: left promiscuous mode
[  309.936867][T10879] loop4: detected capacity change from 0 to 764
[  309.944202][T10879] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  310.161981][T10882] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2287'.
[  310.809010][T10906] loop0: detected capacity change from 0 to 2048
[  310.908976][T10917] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  310.939831][T10915] xt_CT: No such helper "snmp_trap"
[  310.954860][T10906] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2296'.
[  310.997615][T10917] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  311.047239][T10917] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  311.074344][T10914] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2299'.
[  311.115254][T10917] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  311.165058][T10921] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2300'.
[  311.253358][  T382] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  311.265055][  T382] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  311.274164][  T382] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  311.287348][  T382] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  311.590495][T10938] hub 1-0:1.0: USB hub found
[  311.602776][T10938] hub 1-0:1.0: 8 ports detected
[  311.681568][T10946] bridge0: entered promiscuous mode
[  311.715940][T10946] macvtap1: entered allmulticast mode
[  311.721474][T10946] bridge0: entered allmulticast mode
[  311.744706][T10951] loop3: detected capacity change from 0 to 512
[  311.752727][T10951] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  311.757823][T10946] bridge0: port 1(macvtap1) entered blocking state
[  311.768960][T10946] bridge0: port 1(macvtap1) entered disabled state
[  311.776265][T10951] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.2308: bg 0: block 104: invalid block bitmap
[  311.789236][T10951] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  311.799402][T10946] bridge0: left allmulticast mode
[  311.804546][T10946] bridge0: left promiscuous mode
[  311.812279][T10951] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.2308: invalid indirect mapped block 1 (level 1)
[  311.834909][T10951] EXT4-fs (loop3): 1 truncate cleaned up
[  311.846397][T10951] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  311.881784][ T3389] hid-generic 0000:0000:10001.002C: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  311.928791][T10954] 8021q: adding VLAN 0 to HW filter on device macvlan15
[  311.949022][T10956] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2310'.
[  311.959457][T10956] netlink: 'syz.1.2310': attribute type 30 has an invalid length.
[  311.983706][T10938] 8021q: adding VLAN 0 to HW filter on device macvlan16
[  312.010940][  T382] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  312.028699][  T382] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  312.044842][  T382] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  312.055448][T10945] loop1: detected capacity change from 0 to 32768
[  312.063129][  T382] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  312.100561][T10964] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2313'.
[  312.112915][ T3320] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  312.146183][T10966] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  312.198445][T10958] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2311'.
[  312.238066][T10966] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  312.306220][   T31] Bluetooth: hci0: Frame reassembly failed (-84)
[  312.339656][   T29] kauditd_printk_skb: 23 callbacks suppressed
[  312.339669][   T29] audit: type=1400 audit(1760988417.977:2208): avc:  denied  { read } for  pid=10973 comm="syz.2.2317" name="autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  312.369280][   T29] audit: type=1400 audit(1760988417.977:2209): avc:  denied  { open } for  pid=10973 comm="syz.2.2317" path="/dev/autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  312.375785][T10966] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  312.422187][   T29] audit: type=1400 audit(1760988418.057:2210): avc:  denied  { ioctl } for  pid=10973 comm="syz.2.2317" path="/dev/autofs" dev="devtmpfs" ino=91 ioctlcmd=0x937e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  312.511718][T10966] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  312.574591][T10981] loop2: detected capacity change from 0 to 1024
[  312.591548][T10981] EXT4-fs: Ignoring removed oldalloc option
[  312.597714][T10981] EXT4-fs: Ignoring removed bh option
[  312.613450][T10981] ext4: Bad value for 'min_batch_time'
[  313.186514][T10999] bridge0: entered promiscuous mode
[  313.192344][T10999] macvtap1: entered allmulticast mode
[  313.197809][T10999] bridge0: entered allmulticast mode
[  313.238983][T10999] bridge0: port 1(macvtap1) entered blocking state
[  313.245659][T10999] bridge0: port 1(macvtap1) entered disabled state
[  313.332778][T10999] bridge0: left allmulticast mode
[  313.337906][T10999] bridge0: left promiscuous mode
[  313.748288][T11008] loop1: detected capacity change from 0 to 764
[  313.790149][T11008] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  313.881074][T11013] loop4: detected capacity change from 0 to 164
[  313.897356][T11013] ISOFS: unable to read i-node block
[  313.913350][T11013] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[  313.996875][T11017] netlink: 'syz.4.2333': attribute type 10 has an invalid length.
[  314.029040][T11017] ipvlan0: entered allmulticast mode
[  314.034466][T11017] veth0_vlan: entered allmulticast mode
[  314.078920][T11017] team0: Device ipvlan0 failed to register rx_handler
[  314.091625][T11019] __nla_validate_parse: 5 callbacks suppressed
[  314.091644][T11019] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2334'.
[  314.240183][   T29] audit: type=1400 audit(1760988419.877:2211): avc:  denied  { create } for  pid=11024 comm="syz.1.2337" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  314.265113][T11025] syz.1.2337 uses obsolete (PF_INET,SOCK_PACKET)
[  314.271898][T11025] syzkaller1: entered promiscuous mode
[  314.277531][T11025] syzkaller1: entered allmulticast mode
[  314.313826][   T29] audit: type=1400 audit(1760988419.897:2212): avc:  denied  { write } for  pid=11024 comm="syz.1.2337" name="file0" dev="tmpfs" ino=2714 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  314.336616][   T29] audit: type=1400 audit(1760988419.897:2213): avc:  denied  { open } for  pid=11024 comm="syz.1.2337" path="/507/file0" dev="tmpfs" ino=2714 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  314.363317][T11021] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2335'.
[  314.366066][ T3675] Bluetooth: hci0: command 0x1003 tx timeout
[  314.379671][ T3513] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  314.462628][   T29] audit: type=1400 audit(1760988420.097:2214): avc:  denied  { ioctl } for  pid=11024 comm="syz.1.2337" path="/507/file0" dev="tmpfs" ino=2714 ioctlcmd=0x1273 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  314.502062][T11028] loop2: detected capacity change from 0 to 1024
[  314.510041][T11028] EXT4-fs: Ignoring removed oldalloc option
[  314.517197][T11028] EXT4-fs: Ignoring removed bh option
[  314.522711][T11028] ext4: Bad value for 'min_batch_time'
[  314.591316][   T29] audit: type=1400 audit(1760988420.227:2215): avc:  denied  { unlink } for  pid=3316 comm="syz-executor" name="file0" dev="tmpfs" ino=2714 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  314.661890][T11031] loop1: detected capacity change from 0 to 512
[  314.670994][T11031] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  314.682121][T11031] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.2339: bg 0: block 104: invalid block bitmap
[  314.697259][T11031] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  314.706295][T11031] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.2339: invalid indirect mapped block 1 (level 1)
[  314.719838][T11031] EXT4-fs (loop1): 1 truncate cleaned up
[  314.727367][T11031] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  314.756456][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  314.780933][T11036] hub 1-0:1.0: USB hub found
[  314.786949][T11036] hub 1-0:1.0: 8 ports detected
[  314.859559][   T36] hid_parser_main: 60 callbacks suppressed
[  314.859578][   T36] hid-generic 0000:0000:10001.002D: unknown main item tag 0x7
[  314.874298][   T36] hid-generic 0000:0000:10001.002D: unknown main item tag 0x0
[  314.883218][   T36] hid-generic 0000:0000:10001.002D: unknown main item tag 0x0
[  314.892222][   T36] hid-generic 0000:0000:10001.002D: unknown main item tag 0x0
[  314.901005][   T36] hid-generic 0000:0000:10001.002D: unknown main item tag 0x0
[  314.905734][T11036] 8021q: adding VLAN 0 to HW filter on device macvlan20
[  314.910137][   T36] hid-generic 0000:0000:10001.002D: unknown main item tag 0x0
[  314.925744][   T36] hid-generic 0000:0000:10001.002D: unknown main item tag 0x0
[  314.933291][   T36] hid-generic 0000:0000:10001.002D: unknown main item tag 0x0
[  314.942207][   T36] hid-generic 0000:0000:10001.002D: unknown main item tag 0x0
[  314.945651][T11036] 8021q: adding VLAN 0 to HW filter on device macvlan21
[  314.951442][   T36] hid-generic 0000:0000:10001.002D: unknown main item tag 0x0
[  315.007267][   T36] hid-generic 0000:0000:10001.002D: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  315.063969][T11046] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2343'.
[  315.087114][T11045] loop1: detected capacity change from 0 to 764
[  315.106098][T11045] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  315.191050][T11048] loop4: detected capacity change from 0 to 164
[  315.199638][T11048] ISOFS: unable to read i-node block
[  315.206604][T11048] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[  315.379863][T11063] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2350'.
[  315.509280][T11074] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2354'.
[  315.640070][   T29] audit: type=1400 audit(1760988421.247:2216): avc:  denied  { getopt } for  pid=11071 comm="syz.2.2353" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  315.717270][T11078] loop4: detected capacity change from 0 to 2048
[  315.742373][T11080] delete_channel: no stack
[  315.817495][   T29] audit: type=1326 audit(1760988421.307:2217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11071 comm="syz.2.2353" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f22071defc9 code=0x0
[  315.864318][T11080] delete_channel: no stack
[  315.902575][T11086] loop0: detected capacity change from 0 to 164
[  315.932860][T11086] ISOFS: unable to read i-node block
[  315.939570][T11086] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[  315.959429][T11084] xt_CT: No such helper "snmp_trap"
[  315.987283][T11087] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2355'.
[  316.114171][T11090] loop0: detected capacity change from 0 to 2048
[  316.145645][T11090] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  316.231226][T11090] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2357'.
[  316.326890][ T3313] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[  316.361830][ T3313] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  316.368709][   T31] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  316.385706][   T31] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  316.405921][   T31] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  316.424305][   T31] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  316.477839][ T3313] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  316.512516][T11116] loop4: detected capacity change from 0 to 164
[  316.534937][T11116] ISOFS: unable to read i-node block
[  316.540464][T11116] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[  316.586797][T11121] FAULT_INJECTION: forcing a failure.
[  316.586797][T11121] name failslab, interval 1, probability 0, space 0, times 0
[  316.599502][T11121] CPU: 0 UID: 0 PID: 11121 Comm: syz.0.2363 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  316.599531][T11121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  316.599543][T11121] Call Trace:
[  316.599549][T11121]  <TASK>
[  316.599558][T11121]  __dump_stack+0x1d/0x30
[  316.599637][T11121]  dump_stack_lvl+0xe8/0x140
[  316.599670][T11121]  dump_stack+0x15/0x1b
[  316.599715][T11121]  should_fail_ex+0x265/0x280
[  316.599750][T11121]  should_failslab+0x8c/0xb0
[  316.599771][T11121]  kmem_cache_alloc_noprof+0x50/0x480
[  316.599858][T11121]  ? skb_clone+0x151/0x1f0
[  316.599907][T11121]  skb_clone+0x151/0x1f0
[  316.599948][T11121]  __netlink_deliver_tap+0x2c9/0x500
[  316.599986][T11121]  netlink_unicast+0x66b/0x690
[  316.600041][T11121]  netlink_sendmsg+0x58b/0x6b0
[  316.600079][T11121]  ? __pfx_netlink_sendmsg+0x10/0x10
[  316.600116][T11121]  __sock_sendmsg+0x145/0x180
[  316.600155][T11121]  ____sys_sendmsg+0x345/0x4e0
[  316.600189][T11121]  ___sys_sendmsg+0x17b/0x1d0
[  316.600244][T11121]  __sys_sendmmsg+0x178/0x300
[  316.600310][T11121]  __x64_sys_sendmmsg+0x57/0x70
[  316.600344][T11121]  x64_sys_call+0x1c4a/0x3000
[  316.600566][T11121]  do_syscall_64+0xd2/0x200
[  316.600602][T11121]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  316.600633][T11121]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  316.600663][T11121]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  316.600684][T11121] RIP: 0033:0x7ff7ea77efc9
[  316.600698][T11121] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  316.600715][T11121] RSP: 002b:00007ff7e91e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  316.600749][T11121] RAX: ffffffffffffffda RBX: 00007ff7ea9d5fa0 RCX: 00007ff7ea77efc9
[  316.600764][T11121] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000007
[  316.600779][T11121] RBP: 00007ff7e91e7090 R08: 0000000000000000 R09: 0000000000000000
[  316.600793][T11121] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  316.600805][T11121] R13: 00007ff7ea9d6038 R14: 00007ff7ea9d5fa0 R15: 00007ffde1941f08
[  316.600825][T11121]  </TASK>
[  316.816933][T11121] vlan2: entered allmulticast mode
[  316.834409][T11121] dummy0: entered allmulticast mode
[  316.863450][T11123] FAULT_INJECTION: forcing a failure.
[  316.863450][T11123] name failslab, interval 1, probability 0, space 0, times 0
[  316.876259][T11123] CPU: 0 UID: 0 PID: 11123 Comm: syz.3.2369 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  316.876299][T11123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  316.876315][T11123] Call Trace:
[  316.876322][T11123]  <TASK>
[  316.876332][T11123]  __dump_stack+0x1d/0x30
[  316.876425][T11123]  dump_stack_lvl+0xe8/0x140
[  316.876462][T11123]  dump_stack+0x15/0x1b
[  316.876572][T11123]  should_fail_ex+0x265/0x280
[  316.876611][T11123]  ? shmem_init_fs_context+0x36/0x110
[  316.876646][T11123]  should_failslab+0x8c/0xb0
[  316.876677][T11123]  __kmalloc_cache_noprof+0x4c/0x4a0
[  316.876711][T11123]  shmem_init_fs_context+0x36/0x110
[  316.876747][T11123]  devtmpfs_init_fs_context+0x18/0x60
[  316.876793][T11123]  alloc_fs_context+0x3ef/0x4e0
[  316.876863][T11123]  fs_context_for_mount+0x22/0x30
[  316.876905][T11123]  __se_sys_fsopen+0xa0/0x1e0
[  316.877013][T11123]  __x64_sys_fsopen+0x31/0x40
[  316.877093][T11123]  x64_sys_call+0x2aa1/0x3000
[  316.877158][T11123]  do_syscall_64+0xd2/0x200
[  316.877195][T11123]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  316.877221][T11123]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  316.877258][T11123]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  316.877357][T11123] RIP: 0033:0x7fc0ac72efc9
[  316.877376][T11123] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  316.877402][T11123] RSP: 002b:00007fc0ab197038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae
[  316.877503][T11123] RAX: ffffffffffffffda RBX: 00007fc0ac985fa0 RCX: 00007fc0ac72efc9
[  316.877520][T11123] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000200000000000
[  316.877536][T11123] RBP: 00007fc0ab197090 R08: 0000000000000000 R09: 0000000000000000
[  316.877555][T11123] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  316.877571][T11123] R13: 00007fc0ac986038 R14: 00007fc0ac985fa0 R15: 00007ffe052c6b48
[  316.877598][T11123]  </TASK>
[  317.331367][T11141] bridge0: entered promiscuous mode
[  317.338196][T11144] netlink: 'syz.3.2376': attribute type 10 has an invalid length.
[  317.364519][T11141] macvtap1: entered allmulticast mode
[  317.369937][T11141] bridge0: entered allmulticast mode
[  317.380837][T11141] bridge0: port 1(macvtap1) entered blocking state
[  317.387588][T11141] bridge0: port 1(macvtap1) entered disabled state
[  317.397013][T11141] bridge0: left allmulticast mode
[  317.402099][T11141] bridge0: left promiscuous mode
[  317.435844][T11144] ipvlan0: entered allmulticast mode
[  317.441214][T11144] veth0_vlan: entered allmulticast mode
[  317.507321][T11144] team0: Device ipvlan0 failed to register rx_handler
[  317.572453][T11156] loop1: detected capacity change from 0 to 2048
[  317.639019][T11161] wireguard1: entered promiscuous mode
[  317.644584][T11161] wireguard1: entered allmulticast mode
[  317.702238][   T29] kauditd_printk_skb: 10 callbacks suppressed
[  317.702279][   T29] audit: type=1326 audit(1760988423.337:2228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11159 comm="syz.0.2383" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff7ea77efc9 code=0x0
[  317.787114][T11156] xt_CT: No such helper "snmp_trap"
[  317.803368][T11156] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2381'.
[  318.202984][   T29] audit: type=1400 audit(1760988423.837:2229): avc:  denied  { create } for  pid=11178 comm="syz.2.2387" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  318.245550][T11181] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2388'.
[  318.291188][T11179] loop2: detected capacity change from 0 to 1024
[  318.306104][T11179] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  318.341296][   T29] audit: type=1400 audit(1760988423.927:2230): avc:  denied  { write } for  pid=11178 comm="syz.2.2387" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  318.361657][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  318.694396][T11197] loop4: detected capacity change from 0 to 2048
[  318.971511][T11202] xt_CT: No such helper "snmp_trap"
[  319.015362][T11204] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2394'.
[  319.128402][T11210] bridge0: entered promiscuous mode
[  319.162847][T11210] macvtap1: entered allmulticast mode
[  319.169662][T11210] bridge0: entered allmulticast mode
[  319.218559][T11210] bridge0: port 1(macvtap1) entered blocking state
[  319.226747][T11210] bridge0: port 1(macvtap1) entered disabled state
[  319.293269][T11210] bridge0: left allmulticast mode
[  319.299613][T11210] bridge0: left promiscuous mode
[  319.320576][T11217] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2399'.
[  319.591591][T11219] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2400'.
[  319.879988][T11232] loop3: detected capacity change from 0 to 1024
[  319.909430][T11232] EXT4-fs: Ignoring removed oldalloc option
[  319.915515][T11232] EXT4-fs: Ignoring removed bh option
[  319.941310][T11232] ext4: Bad value for 'min_batch_time'
[  320.157179][T11238] hub 1-0:1.0: USB hub found
[  320.169118][T11238] hub 1-0:1.0: 8 ports detected
[  320.482168][ T3422] hid_parser_main: 25 callbacks suppressed
[  320.482185][ T3422] hid-generic 0000:0000:10001.002E: unknown main item tag 0x7
[  320.495671][ T3422] hid-generic 0000:0000:10001.002E: unknown main item tag 0x0
[  320.503157][ T3422] hid-generic 0000:0000:10001.002E: unknown main item tag 0x0
[  320.510674][ T3422] hid-generic 0000:0000:10001.002E: unknown main item tag 0x0
[  320.518242][ T3422] hid-generic 0000:0000:10001.002E: unknown main item tag 0x0
[  320.525804][ T3422] hid-generic 0000:0000:10001.002E: unknown main item tag 0x0
[  320.533286][ T3422] hid-generic 0000:0000:10001.002E: unknown main item tag 0x0
[  320.540797][ T3422] hid-generic 0000:0000:10001.002E: unknown main item tag 0x0
[  320.548290][ T3422] hid-generic 0000:0000:10001.002E: unknown main item tag 0x0
[  320.555811][ T3422] hid-generic 0000:0000:10001.002E: unknown main item tag 0x0
[  320.596530][T11245] 8021q: adding VLAN 0 to HW filter on device macvlan22
[  320.648896][T11242] 8021q: adding VLAN 0 to HW filter on device macvlan23
[  320.677846][ T3422] hid-generic 0000:0000:10001.002E: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  320.763096][   T29] audit: type=1400 audit(1760988426.387:2231): avc:  denied  { create } for  pid=11246 comm="syz.3.2408" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  320.850646][T11251] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2409'.
[  320.922901][T11257] loop1: detected capacity change from 0 to 764
[  320.937457][T11257] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  321.105417][T11267] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2412'.
[  321.150854][   T29] audit: type=1400 audit(1760988426.777:2232): avc:  denied  { create } for  pid=11268 comm="syz.1.2417" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  321.171455][   T29] audit: type=1400 audit(1760988426.777:2233): avc:  denied  { write } for  pid=11268 comm="syz.1.2417" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  321.191666][   T29] audit: type=1400 audit(1760988426.777:2234): avc:  denied  { create } for  pid=11268 comm="syz.1.2417" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  321.282240][T11276] FAULT_INJECTION: forcing a failure.
[  321.282240][T11276] name failslab, interval 1, probability 0, space 0, times 0
[  321.296160][T11276] CPU: 1 UID: 0 PID: 11276 Comm: syz.1.2418 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  321.296246][T11276] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  321.296277][T11276] Call Trace:
[  321.296284][T11276]  <TASK>
[  321.296293][T11276]  __dump_stack+0x1d/0x30
[  321.296328][T11276]  dump_stack_lvl+0xe8/0x140
[  321.296359][T11276]  dump_stack+0x15/0x1b
[  321.296386][T11276]  should_fail_ex+0x265/0x280
[  321.296468][T11276]  should_failslab+0x8c/0xb0
[  321.296491][T11276]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[  321.296516][T11276]  ? __alloc_skb+0x101/0x320
[  321.296543][T11276]  __alloc_skb+0x101/0x320
[  321.296611][T11276]  netlink_alloc_large_skb+0xbf/0xf0
[  321.296646][T11276]  netlink_sendmsg+0x3cf/0x6b0
[  321.296694][T11276]  ? __pfx_netlink_sendmsg+0x10/0x10
[  321.296726][T11276]  __sock_sendmsg+0x145/0x180
[  321.296801][T11276]  ____sys_sendmsg+0x31e/0x4e0
[  321.296835][T11276]  ___sys_sendmsg+0x17b/0x1d0
[  321.296881][T11276]  __x64_sys_sendmsg+0xd4/0x160
[  321.297058][T11276]  x64_sys_call+0x191e/0x3000
[  321.297091][T11276]  do_syscall_64+0xd2/0x200
[  321.297145][T11276]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  321.297168][T11276]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  321.297196][T11276]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  321.297315][T11276] RIP: 0033:0x7fa644beefc9
[  321.297332][T11276] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  321.297353][T11276] RSP: 002b:00007fa64364f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  321.297431][T11276] RAX: ffffffffffffffda RBX: 00007fa644e45fa0 RCX: 00007fa644beefc9
[  321.297446][T11276] RDX: 00000000000048d4 RSI: 0000200000000240 RDI: 0000000000000003
[  321.297459][T11276] RBP: 00007fa64364f090 R08: 0000000000000000 R09: 0000000000000000
[  321.297472][T11276] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  321.297485][T11276] R13: 00007fa644e46038 R14: 00007fa644e45fa0 R15: 00007ffd69888568
[  321.297506][T11276]  </TASK>
[  321.504229][   T29] audit: type=1326 audit(1760988426.897:2235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11268 comm="syz.1.2417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa644beefc9 code=0x7ffc0000
[  321.527840][   T29] audit: type=1326 audit(1760988426.897:2236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11268 comm="syz.1.2417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa644beefc9 code=0x7ffc0000
[  321.529149][T11259] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2412'.
[  321.551533][   T29] audit: type=1326 audit(1760988426.897:2237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11268 comm="syz.1.2417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa644beefc9 code=0x7ffc0000
[  321.663036][T11278] loop1: detected capacity change from 0 to 1024
[  321.683604][T11278] EXT4-fs: Ignoring removed oldalloc option
[  321.690947][T11278] EXT4-fs: Ignoring removed bh option
[  321.717989][T11278] ext4: Bad value for 'min_batch_time'
[  322.092087][T11285] loop0: detected capacity change from 0 to 2048
[  322.342665][T11285] xt_CT: No such helper "snmp_trap"
[  322.386250][T11285] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2420'.
[  322.617439][T11297] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  322.665464][T11299] loop0: detected capacity change from 0 to 128
[  322.717530][T11297] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  322.754177][   T29] kauditd_printk_skb: 12 callbacks suppressed
[  322.754194][   T29] audit: type=1400 audit(1760988428.387:2250): avc:  denied  { mac_admin } for  pid=11298 comm="syz.0.2425" capability=33  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  322.787942][T11299] SELinux:  Context #! ./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  322.796255][T11297] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  322.814663][   T29] audit: type=1326 audit(1760988428.437:2251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11298 comm="syz.0.2425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7ea77efc9 code=0x7ffc0000
[  322.921162][   T29] audit: type=1326 audit(1760988428.437:2252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11298 comm="syz.0.2425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=207 compat=0 ip=0x7ff7ea77efc9 code=0x7ffc0000
[  322.944143][T11307] SELinux:  Context system_u:object_r:crond_var_run_t:s0 is not valid (left unmapped).
[  322.944820][   T29] audit: type=1326 audit(1760988428.437:2253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11298 comm="syz.0.2425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7ea77efc9 code=0x7ffc0000
[  322.977912][   T29] audit: type=1326 audit(1760988428.437:2254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11298 comm="syz.0.2425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7ff7ea77efc9 code=0x7ffc0000
[  323.068220][   T29] audit: type=1400 audit(1760988428.577:2255): avc:  denied  { relabelfrom } for  pid=11298 comm="syz.0.2425" name="NETLINK" dev="sockfs" ino=38509 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  323.092474][   T29] audit: type=1400 audit(1760988428.597:2256): avc:  denied  { relabelto } for  pid=11298 comm="syz.0.2425" name="NETLINK" dev="sockfs" ino=38509 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=netlink_route_socket permissive=1 trawcon="system_u:object_r:crond_var_run_t:s0"
[  323.121201][   T29] audit: type=1400 audit(1760988428.657:2257): avc:  denied  { cpu } for  pid=11298 comm="syz.0.2425" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  323.140562][   T29] audit: type=1326 audit(1760988428.657:2258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11298 comm="syz.0.2425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7ea77efc9 code=0x7ffc0000
[  323.164065][   T29] audit: type=1326 audit(1760988428.657:2259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11298 comm="syz.0.2425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7ea77efc9 code=0x7ffc0000
[  323.236672][T11297] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  323.281099][T11312] 8021q: adding VLAN 0 to HW filter on device macvlan16
[  323.295546][ T3422] hid-generic 0000:0000:10001.002F: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  323.315537][T11312] 8021q: adding VLAN 0 to HW filter on device macvlan17
[  323.378461][  T382] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  323.387199][T11322] loop0: detected capacity change from 0 to 2048
[  323.394102][  T382] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  323.402768][ T2346] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  323.415666][ T2346] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  323.439705][   T37] Bluetooth: hci0: Frame reassembly failed (-84)
[  323.494190][T11322] xt_CT: No such helper "snmp_trap"
[  323.536385][T11322] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2431'.
[  323.581361][T11330] loop2: detected capacity change from 0 to 1024
[  323.608597][T11330] EXT4-fs: Ignoring removed oldalloc option
[  323.614640][T11330] EXT4-fs: Ignoring removed bh option
[  323.634013][T11330] ext4: Bad value for 'min_batch_time'
[  323.775121][T11336] loop1: detected capacity change from 0 to 764
[  323.796205][T11336] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  324.018052][T11345] loop1: detected capacity change from 0 to 2048
[  324.114957][T11345] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2439'.
[  324.167543][T11351] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2441'.
[  324.193640][T11351] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2441'.
[  324.441749][T11370] loop1: detected capacity change from 0 to 764
[  324.494103][T11370] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  324.579290][T11378] loop2: detected capacity change from 0 to 1024
[  324.605446][T11378] EXT4-fs: inline encryption not supported
[  324.637103][T11378] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  324.674335][ T3322] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  324.826797][T11392] pim6reg: entered allmulticast mode
[  324.896064][T11397] __nla_validate_parse: 1 callbacks suppressed
[  324.896084][T11397] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2458'.
[  324.923911][T11398] pim6reg: left allmulticast mode
[  324.947867][T11399] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2458'.
[  324.997695][T11399] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2458'.
[  325.295584][T11413] loop2: detected capacity change from 0 to 1024
[  325.316091][T11413] EXT4-fs: Ignoring removed oldalloc option
[  325.322142][T11413] EXT4-fs: Ignoring removed bh option
[  325.329143][T11413] ext4: Bad value for 'min_batch_time'
[  325.484806][ T3675] Bluetooth: hci0: command 0x1003 tx timeout
[  325.490885][ T3513] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  325.537110][T11419] loop1: detected capacity change from 0 to 764
[  325.544240][T11419] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  325.620457][T11421] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  325.630355][T11421] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  325.718244][T11421] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  325.728106][T11421] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  325.807449][T11421] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  325.817344][T11421] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  325.882294][T11421] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  325.892168][T11421] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  325.955854][   T37] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  325.964177][   T37] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  325.977557][  T382] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  325.985902][  T382] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  325.998062][T11437] loop4: detected capacity change from 0 to 2048
[  326.001299][  T382] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  326.012676][  T382] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  326.029912][  T382] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  326.038203][  T382] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  326.092285][T11447] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=11447 comm=syz.0.2470
[  326.106374][T11447] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=11447 comm=syz.0.2470
[  326.151143][T11449] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2472'.
[  326.194168][T11453] loop2: detected capacity change from 0 to 2048
[  326.276665][T11458] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2473'.
[  326.292024][T11461] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2469'.
[  326.304436][T11451] bridge0: entered promiscuous mode
[  326.309736][T11451] macvtap1: entered allmulticast mode
[  326.315412][T11451] bridge0: entered allmulticast mode
[  326.322264][T11451] bridge0: port 1(macvtap1) entered blocking state
[  326.328948][T11451] bridge0: port 1(macvtap1) entered disabled state
[  326.346716][T11451] bridge0: left allmulticast mode
[  326.351808][T11451] bridge0: left promiscuous mode
[  326.467628][T11473] FAULT_INJECTION: forcing a failure.
[  326.467628][T11473] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  326.482096][T11473] CPU: 1 UID: 0 PID: 11473 Comm: syz.2.2475 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  326.482206][T11473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  326.482223][T11473] Call Trace:
[  326.482350][T11473]  <TASK>
[  326.482358][T11473]  __dump_stack+0x1d/0x30
[  326.482391][T11473]  dump_stack_lvl+0xe8/0x140
[  326.482427][T11473]  dump_stack+0x15/0x1b
[  326.482537][T11473]  should_fail_ex+0x265/0x280
[  326.482577][T11473]  should_fail+0xb/0x20
[  326.482612][T11473]  should_fail_usercopy+0x1a/0x20
[  326.482719][T11473]  strncpy_from_user+0x25/0x230
[  326.482775][T11473]  ? kmem_cache_alloc_noprof+0x242/0x480
[  326.482803][T11473]  ? getname_flags+0x80/0x3b0
[  326.482832][T11473]  getname_flags+0xae/0x3b0
[  326.482855][T11473]  __se_sys_newlstat+0x4b/0x280
[  326.483001][T11473]  ? __bpf_trace_sys_enter+0x10/0x30
[  326.483021][T11473]  ? trace_sys_enter+0xd0/0xf0
[  326.483045][T11473]  __x64_sys_newlstat+0x31/0x40
[  326.483083][T11473]  x64_sys_call+0x1b88/0x3000
[  326.483179][T11473]  do_syscall_64+0xd2/0x200
[  326.483211][T11473]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  326.483246][T11473]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  326.483274][T11473] RIP: 0033:0x7f22071defc9
[  326.483358][T11473] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  326.483379][T11473] RSP: 002b:00007f2205c47038 EFLAGS: 00000246 ORIG_RAX: 0000000000000006
[  326.483403][T11473] RAX: ffffffffffffffda RBX: 00007f2207435fa0 RCX: 00007f22071defc9
[  326.483419][T11473] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000c40
[  326.483514][T11473] RBP: 00007f2205c47090 R08: 0000000000000000 R09: 0000000000000000
[  326.483543][T11473] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  326.483556][T11473] R13: 00007f2207436038 R14: 00007f2207435fa0 R15: 00007ffd088d48a8
[  326.483575][T11473]  </TASK>
[  327.133867][T11535] loop1: detected capacity change from 0 to 164
[  327.164129][T11535] ISOFS: unable to read i-node block
[  327.172413][T11535] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[  327.209153][T11538] loop0: detected capacity change from 0 to 1024
[  327.236038][T11538] EXT4-fs: Ignoring removed oldalloc option
[  327.242226][T11538] EXT4-fs: Ignoring removed bh option
[  327.267732][T11542] loop1: detected capacity change from 0 to 2048
[  327.321277][T11542] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2485'.
[  327.342076][T11538] ext4: Bad value for 'min_batch_time'
[  327.380484][T11544] loop3: detected capacity change from 0 to 1024
[  327.404769][T11544] EXT4-fs: Ignoring removed oldalloc option
[  327.407858][T11546] netlink: 96 bytes leftover after parsing attributes in process `syz.1.2487'.
[  327.411048][T11544] EXT4-fs: Ignoring removed bh option
[  327.456160][T11544] ext4: Bad value for 'min_batch_time'
[  327.586062][T11553] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2489'.
[  327.730388][T11555] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2489'.
[  328.269713][T11569] hub 1-0:1.0: USB hub found
[  328.282213][T11569] hub 1-0:1.0: 8 ports detected
[  328.440928][T11560] bridge0: entered promiscuous mode
[  328.446558][T11560] macvtap1: entered allmulticast mode
[  328.451980][T11560] bridge0: entered allmulticast mode
[  328.465907][T11560] bridge0: port 1(macvtap1) entered blocking state
[  328.472499][T11560] bridge0: port 1(macvtap1) entered disabled state
[  328.496260][T11560] bridge0: left allmulticast mode
[  328.501415][T11560] bridge0: left promiscuous mode
[  328.540329][   T36] hid_parser_main: 60 callbacks suppressed
[  328.540350][   T36] hid-generic 0000:0000:10001.0030: unknown main item tag 0x7
[  328.555484][   T36] hid-generic 0000:0000:10001.0030: unknown main item tag 0x0
[  328.562994][   T36] hid-generic 0000:0000:10001.0030: unknown main item tag 0x0
[  328.570527][   T36] hid-generic 0000:0000:10001.0030: unknown main item tag 0x0
[  328.578149][   T36] hid-generic 0000:0000:10001.0030: unknown main item tag 0x0
[  328.587264][   T36] hid-generic 0000:0000:10001.0030: unknown main item tag 0x0
[  328.596074][   T36] hid-generic 0000:0000:10001.0030: unknown main item tag 0x0
[  328.600110][T11584] binfmt_misc: register: failed to install interpreter file ./file0
[  328.603573][   T36] hid-generic 0000:0000:10001.0030: unknown main item tag 0x0
[  328.621872][   T36] hid-generic 0000:0000:10001.0030: unknown main item tag 0x0
[  328.630832][   T36] hid-generic 0000:0000:10001.0030: unknown main item tag 0x0
[  328.676347][   T36] hid-generic 0000:0000:10001.0030: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  328.701211][T11586] loop2: detected capacity change from 0 to 256
[  328.711314][T11586] /dev/loop2: Can't open blockdev
[  328.730896][   T29] kauditd_printk_skb: 23 callbacks suppressed
[  328.730913][   T29] audit: type=1400 audit(1760988434.357:2283): avc:  denied  { nlmsg_write } for  pid=11585 comm="syz.2.2497" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  328.782016][T11569] 8021q: adding VLAN 0 to HW filter on device macvlan18
[  328.802226][T11576] 8021q: adding VLAN 0 to HW filter on device macvlan19
[  328.858204][   T29] audit: type=1400 audit(1760988434.497:2284): avc:  denied  { ioctl } for  pid=11593 comm="syz.2.2499" path="socket:[40020]" dev="sockfs" ino=40020 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  329.316914][T11599] loop3: detected capacity change from 0 to 1024
[  329.423037][T11599] EXT4-fs: Ignoring removed oldalloc option
[  329.430585][T11599] EXT4-fs: Ignoring removed bh option
[  329.533425][T11599] ext4: Bad value for 'min_batch_time'
[  329.819866][T11617] binfmt_misc: register: failed to install interpreter file ./file0
[  330.013359][T11627] loop4: detected capacity change from 0 to 512
[  330.040229][   T29] audit: type=1400 audit(1760988435.667:2285): avc:  denied  { sqpoll } for  pid=11624 comm="syz.1.2511" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  330.107637][T11627] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  330.255822][T11627] EXT4-fs (loop4): orphan cleanup on readonly fs
[  330.313074][T11627] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.2512: bg 0: block 248: padding at end of block bitmap is not set
[  330.463888][T11641] loop2: detected capacity change from 0 to 512
[  330.490339][T11641] EXT4-fs: Mount option(s) incompatible with ext2
[  330.640599][T11627] Quota error (device loop4): write_blk: dquota write failed
[  330.649354][T11627] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  330.660592][T11627] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.2512: Failed to acquire dquot type 1
[  330.691703][T11639] __nla_validate_parse: 4 callbacks suppressed
[  330.691718][T11639] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.2508'.
[  330.750012][T11633] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.2508'.
[  330.831962][T11627] EXT4-fs (loop4): 1 truncate cleaned up
[  330.865355][T11627] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  330.895448][T11627] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2512'.
[  330.898755][   T29] audit: type=1400 audit(1760988436.537:2286): avc:  denied  { read write } for  pid=11626 comm="syz.4.2512" name="loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  330.904932][T11627] netlink: 64 bytes leftover after parsing attributes in process `syz.4.2512'.
[  330.942526][   T29] audit: type=1400 audit(1760988436.537:2287): avc:  denied  { open } for  pid=11626 comm="syz.4.2512" path="/dev/loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  330.969493][   T29] audit: type=1400 audit(1760988436.547:2288): avc:  denied  { ioctl } for  pid=11626 comm="syz.4.2512" path="/dev/loop-control" dev="devtmpfs" ino=99 ioctlcmd=0x4c80 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  330.996256][T11627] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2512'.
[  330.996292][T11627] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2512'.
[  331.097134][T11650] loop1: detected capacity change from 0 to 512
[  331.125254][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  331.144777][T11650] Quota error (device loop1): find_tree_dqentry: Cycle in quota tree detected: block 3 index 0
[  331.155243][T11650] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0
[  331.164657][T11650] EXT4-fs error (device loop1): ext4_acquire_dquot:6945: comm syz.1.2517: Failed to acquire dquot type 1
[  331.218400][T11658] loop0: detected capacity change from 0 to 512
[  331.244735][T11658] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  331.254592][T11658] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.2516: bg 0: block 104: invalid block bitmap
[  331.267776][T11650] EXT4-fs (loop1): 1 truncate cleaned up
[  331.273882][T11650] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  331.286980][T11650] ext4 filesystem being mounted at /557/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  331.288390][T11658] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  331.318539][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  331.341657][T11658] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.2516: invalid indirect mapped block 1 (level 1)
[  331.379535][T11658] EXT4-fs (loop0): 1 truncate cleaned up
[  331.386431][T11658] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  331.503890][T11678] loop1: detected capacity change from 0 to 764
[  331.511373][T11678] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  331.694503][T11676] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2526'.
[  331.793671][ T3313] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  332.040241][T11695] loop1: detected capacity change from 0 to 1024
[  332.054780][T11695] EXT4-fs: Ignoring removed oldalloc option
[  332.060781][T11695] EXT4-fs: Ignoring removed bh option
[  332.072033][T11695] ext4: Bad value for 'min_batch_time'
[  332.105792][T11700] loop2: detected capacity change from 0 to 1024
[  332.112776][T11700] EXT4-fs: Ignoring removed oldalloc option
[  332.118818][T11700] EXT4-fs: Ignoring removed bh option
[  332.124556][T11700] ext4: Bad value for 'min_batch_time'
[  332.393546][T11710] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2538'.
[  332.531244][T11713] wireguard0: entered promiscuous mode
[  332.536871][T11713] wireguard0: entered allmulticast mode
[  332.920562][T11722] hub 1-0:1.0: USB hub found
[  332.926902][T11722] hub 1-0:1.0: 8 ports detected
[  332.964761][T11727] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2544'.
[  333.013159][T11722] 8021q: adding VLAN 0 to HW filter on device macvlan21
[  333.023417][ T3550] hid-generic 0000:0000:10001.0031: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  333.046068][T11722] 8021q: adding VLAN 0 to HW filter on device macvlan22
[  333.240028][T11748] binfmt_misc: register: failed to install interpreter file ./file0
[  333.290301][T11734] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2546'.
[  333.316183][T11749] loop0: detected capacity change from 0 to 512
[  333.337675][T11749] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  333.516402][T11749] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.2552: bg 0: block 104: invalid block bitmap
[  333.609306][T11767] wireguard1: entered promiscuous mode
[  333.616307][T11767] wireguard1: entered allmulticast mode
[  333.636017][T11749] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  333.680147][T11749] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.2552: invalid indirect mapped block 1 (level 1)
[  333.721743][T11775] vlan2: entered allmulticast mode
[  333.728241][T11775] bridge_slave_0: entered allmulticast mode
[  333.747361][T11749] EXT4-fs (loop0): 1 truncate cleaned up
[  333.787287][T11749] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  333.845961][T11779] binfmt_misc: register: failed to install interpreter file ./file0
[  333.945855][   T29] kauditd_printk_skb: 36 callbacks suppressed
[  333.945874][   T29] audit: type=1400 audit(1760988439.567:2325): avc:  denied  { read } for  pid=11783 comm="syz.2.2567" name="snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  333.975650][   T29] audit: type=1400 audit(1760988439.577:2326): avc:  denied  { open } for  pid=11783 comm="syz.2.2567" path="/dev/snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  334.053721][T11789] FAULT_INJECTION: forcing a failure.
[  334.053721][T11789] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  334.068308][T11789] CPU: 1 UID: 0 PID: 11789 Comm: syz.4.2565 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  334.068357][T11789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  334.068431][T11789] Call Trace:
[  334.068440][T11789]  <TASK>
[  334.068530][T11789]  __dump_stack+0x1d/0x30
[  334.068575][T11789]  dump_stack_lvl+0xe8/0x140
[  334.068608][T11789]  dump_stack+0x15/0x1b
[  334.068703][T11789]  should_fail_ex+0x265/0x280
[  334.068735][T11789]  should_fail+0xb/0x20
[  334.068769][T11789]  should_fail_usercopy+0x1a/0x20
[  334.068848][T11789]  _copy_from_iter+0xd2/0xe80
[  334.068872][T11789]  ? alloc_pages_mpol+0x217/0x260
[  334.068974][T11789]  copy_page_from_iter+0x178/0x2a0
[  334.069001][T11789]  tun_get_user+0x679/0x26e0
[  334.069034][T11789]  ? ref_tracker_alloc+0x1f2/0x2f0
[  334.069077][T11789]  tun_chr_write_iter+0x15e/0x210
[  334.069132][T11789]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  334.069158][T11789]  vfs_write+0x52a/0x960
[  334.069184][T11789]  ksys_write+0xda/0x1a0
[  334.069203][T11789]  __x64_sys_write+0x40/0x50
[  334.069286][T11789]  x64_sys_call+0x2802/0x3000
[  334.069326][T11789]  do_syscall_64+0xd2/0x200
[  334.069412][T11789]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  334.069432][T11789]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  334.069485][T11789]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  334.069507][T11789] RIP: 0033:0x7facf58dda7f
[  334.069522][T11789] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  334.069544][T11789] RSP: 002b:00007facf431e000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  334.069564][T11789] RAX: ffffffffffffffda RBX: 00007facf5b36090 RCX: 00007facf58dda7f
[  334.069585][T11789] RDX: 000000000000004a RSI: 0000200000000000 RDI: 00000000000000c8
[  334.069598][T11789] RBP: 00007facf431e090 R08: 0000000000000000 R09: 0000000000000000
[  334.069625][T11789] R10: 000000000000004a R11: 0000000000000293 R12: 0000000000000001
[  334.069640][T11789] R13: 00007facf5b36128 R14: 00007facf5b36090 R15: 00007fff0ab47808
[  334.069667][T11789]  </TASK>
[  334.285786][   T29] audit: type=1400 audit(1760988439.677:2327): avc:  denied  { ioctl } for  pid=11783 comm="syz.2.2567" path="/dev/snapshot" dev="devtmpfs" ino=90 ioctlcmd=0x3314 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  334.338453][T11788] loop2: detected capacity change from 0 to 164
[  334.407514][T11788] ISOFS: unable to read i-node block
[  334.426075][ T3313] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  334.444532][T11788] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[  334.726434][T11807] FAULT_INJECTION: forcing a failure.
[  334.726434][T11807] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  334.739736][T11807] CPU: 0 UID: 0 PID: 11807 Comm: syz.4.2576 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  334.739857][T11807] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  334.739871][T11807] Call Trace:
[  334.739878][T11807]  <TASK>
[  334.739885][T11807]  __dump_stack+0x1d/0x30
[  334.739921][T11807]  dump_stack_lvl+0xe8/0x140
[  334.739962][T11807]  dump_stack+0x15/0x1b
[  334.740002][T11807]  should_fail_ex+0x265/0x280
[  334.740113][T11807]  should_fail+0xb/0x20
[  334.740145][T11807]  should_fail_usercopy+0x1a/0x20
[  334.740186][T11807]  _copy_from_user+0x1c/0xb0
[  334.740213][T11807]  ___sys_sendmsg+0xc1/0x1d0
[  334.740288][T11807]  __x64_sys_sendmsg+0xd4/0x160
[  334.740331][T11807]  x64_sys_call+0x191e/0x3000
[  334.740367][T11807]  do_syscall_64+0xd2/0x200
[  334.740480][T11807]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  334.740508][T11807]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  334.740539][T11807]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  334.740584][T11807] RIP: 0033:0x7facf58defc9
[  334.740599][T11807] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  334.740622][T11807] RSP: 002b:00007facf433f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  334.740642][T11807] RAX: ffffffffffffffda RBX: 00007facf5b35fa0 RCX: 00007facf58defc9
[  334.740658][T11807] RDX: 0000000000008840 RSI: 0000200000000740 RDI: 0000000000000005
[  334.740680][T11807] RBP: 00007facf433f090 R08: 0000000000000000 R09: 0000000000000000
[  334.740696][T11807] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  334.740711][T11807] R13: 00007facf5b36038 R14: 00007facf5b35fa0 R15: 00007fff0ab47808
[  334.740737][T11807]  </TASK>
[  335.307090][T11819] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  335.516849][T11819] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  335.998393][T11819] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  336.058549][T11819] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  336.199094][ T2346] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  336.211552][ T2346] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  336.237954][ T2346] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  336.266963][T11829] __nla_validate_parse: 3 callbacks suppressed
[  336.267038][T11829] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2583'.
[  336.286230][ T2346] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  336.309887][T11829] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2583'.
[  336.327846][   T29] audit: type=1400 audit(1760988441.967:2328): avc:  denied  { getopt } for  pid=11827 comm="syz.0.2581" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  336.478552][T11839] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2585'.
[  336.502098][T11841] loop3: detected capacity change from 0 to 1024
[  336.525078][T11841] EXT4-fs: Ignoring removed oldalloc option
[  336.531071][T11841] EXT4-fs: Ignoring removed bh option
[  336.555880][T11841] ext4: Bad value for 'min_batch_time'
[  337.250388][T11857] hub 1-0:1.0: USB hub found
[  337.267815][T11857] hub 1-0:1.0: 8 ports detected
[  337.366359][T11862] loop3: detected capacity change from 0 to 2048
[  337.392208][T11857] 8021q: adding VLAN 0 to HW filter on device macvlan24
[  337.401046][ T3396] hid_parser_main: 60 callbacks suppressed
[  337.401061][ T3396] hid-generic 0000:0000:10001.0032: unknown main item tag 0x7
[  337.414418][ T3396] hid-generic 0000:0000:10001.0032: unknown main item tag 0x0
[  337.422064][ T3396] hid-generic 0000:0000:10001.0032: unknown main item tag 0x0
[  337.429584][ T3396] hid-generic 0000:0000:10001.0032: unknown main item tag 0x0
[  337.437149][ T3396] hid-generic 0000:0000:10001.0032: unknown main item tag 0x0
[  337.444659][ T3396] hid-generic 0000:0000:10001.0032: unknown main item tag 0x0
[  337.452147][ T3396] hid-generic 0000:0000:10001.0032: unknown main item tag 0x0
[  337.459801][ T3396] hid-generic 0000:0000:10001.0032: unknown main item tag 0x0
[  337.467432][ T3396] hid-generic 0000:0000:10001.0032: unknown main item tag 0x0
[  337.475019][ T3396] hid-generic 0000:0000:10001.0032: unknown main item tag 0x0
[  337.487050][ T3396] hid-generic 0000:0000:10001.0032: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  337.500744][T11857] 8021q: adding VLAN 0 to HW filter on device macvlan25
[  337.604451][T11868] xt_CT: No such helper "snmp_trap"
[  337.637275][T11855] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2590'.
[  337.648060][T11855] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2590'.
[  337.862535][T11872] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  337.917139][T11872] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  337.973651][T11878] loop1: detected capacity change from 0 to 512
[  337.982679][T11872] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  338.027062][T11872] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  338.040430][T11878] EXT4-fs: Ignoring removed oldalloc option
[  338.108700][ T2346] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  338.117181][ T2346] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  338.137451][T11878] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  338.154918][ T2346] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  338.173466][T11878] ext4 filesystem being mounted at /576/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  338.184113][ T2346] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  338.268367][T11878] EXT4-fs error (device loop1): ext4_lookup:1787: inode #12: comm syz.1.2594: iget: bad i_size value: 2533274857506816
[  338.366280][T11878] EXT4-fs (loop1): Remounting filesystem read-only
[  338.395137][T11878] lo: entered allmulticast mode
[  338.407372][T11878] pimreg: entered allmulticast mode
[  338.431667][T11878] netlink: 'syz.1.2594': attribute type 39 has an invalid length.
[  338.490814][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  338.672542][T11907] loop1: detected capacity change from 0 to 512
[  338.701395][T11907] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  338.745894][T11909] bridge0: entered promiscuous mode
[  338.777844][T11909] macvtap1: entered allmulticast mode
[  338.783341][T11909] bridge0: entered allmulticast mode
[  338.797471][T11911] loop2: detected capacity change from 0 to 1024
[  338.805735][T11911] EXT4-fs: Ignoring removed oldalloc option
[  338.811681][T11911] EXT4-fs: Ignoring removed bh option
[  338.818562][T11911] ext4: Bad value for 'min_batch_time'
[  338.834044][T11909] bridge0: port 1(macvtap1) entered blocking state
[  338.840769][T11909] bridge0: port 1(macvtap1) entered disabled state
[  338.868295][T11909] bridge0: left allmulticast mode
[  338.873453][T11909] bridge0: left promiscuous mode
[  338.939054][T11907] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.2603: bg 0: block 104: invalid block bitmap
[  338.968228][T11907] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  338.984642][T11907] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.2603: invalid indirect mapped block 1 (level 1)
[  339.003844][T11907] EXT4-fs (loop1): 1 truncate cleaned up
[  339.025122][T11907] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  339.098593][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  339.121834][ T3316] ==================================================================
[  339.129960][ T3316] BUG: KCSAN: data-race in __lru_add_drain_all / folios_put_refs
[  339.137814][ T3316] 
[  339.140162][ T3316] write to 0xffff888237d25ee8 of 1 bytes by task 11908 on cpu 1:
[  339.147908][ T3316]  folios_put_refs+0x285/0x2d0
[  339.152727][ T3316]  folio_batch_move_lru+0x24b/0x280
[  339.157961][ T3316]  folio_add_lru+0x14a/0x1f0
[  339.162580][ T3316]  shmem_get_folio_gfp+0x7ab/0xd60
[  339.167724][ T3316]  shmem_write_begin+0xa8/0x190
[  339.172606][ T3316]  generic_perform_write+0x184/0x490
[  339.177920][ T3316]  shmem_file_write_iter+0xc5/0xf0
[  339.183071][ T3316]  __kernel_write_iter+0x2d6/0x540
[  339.188203][ T3316]  dump_user_range+0x61e/0x8f0
[  339.192996][ T3316]  elf_core_dump+0x1de7/0x1f80
[  339.197787][ T3316]  coredump_write+0xb12/0xe30
[  339.202483][ T3316]  vfs_coredump+0x143a/0x20d0
[  339.207175][ T3316]  get_signal+0xd84/0xf70
[  339.211541][ T3316]  arch_do_signal_or_restart+0x96/0x440
[  339.217160][ T3316]  irqentry_exit_to_user_mode+0x5b/0xa0
[  339.222745][ T3316]  irqentry_exit+0x12/0x50
[  339.227194][ T3316]  asm_exc_page_fault+0x26/0x30
[  339.232068][ T3316] 
[  339.234404][ T3316] read to 0xffff888237d25ee8 of 1 bytes by task 3316 on cpu 0:
[  339.241976][ T3316]  __lru_add_drain_all+0x17e/0x450
[  339.247110][ T3316]  lru_add_drain_all+0x10/0x20
[  339.251909][ T3316]  invalidate_bdev+0x47/0x70
[  339.256530][ T3316]  ext4_put_super+0x624/0x7d0
[  339.261333][ T3316]  generic_shutdown_super+0xe6/0x210
[  339.266654][ T3316]  kill_block_super+0x2a/0x70
[  339.271338][ T3316]  ext4_kill_sb+0x42/0x80
[  339.275685][ T3316]  deactivate_locked_super+0x75/0x1c0
[  339.281095][ T3316]  deactivate_super+0x97/0xa0
[  339.285803][ T3316]  cleanup_mnt+0x269/0x2e0
[  339.290240][ T3316]  __cleanup_mnt+0x19/0x20
[  339.294686][ T3316]  task_work_run+0x131/0x1a0
[  339.299308][ T3316]  exit_to_user_mode_loop+0xed/0x110
[  339.304637][ T3316]  do_syscall_64+0x1d6/0x200
[  339.309270][ T3316]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  339.315211][ T3316] 
[  339.317721][ T3316] value changed: 0x1f -> 0x04
[  339.322405][ T3316] 
[  339.324738][ T3316] Reported by Kernel Concurrency Sanitizer on:
[  339.330902][ T3316] CPU: 0 UID: 0 PID: 3316 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(voluntary) 
[  339.340805][ T3316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  339.350879][ T3316] ==================================================================
[  339.964396][ T3513] Bluetooth: hci0: Opcode 0x1003 failed: -110