last executing test programs:

2.294206429s ago: executing program 4 (id=579):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYRES32], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000100)='./file1\x00', 0x2800050, &(0x7f0000003240)=ANY=[], 0x6, 0x33c, &(0x7f0000000340)="$eJzs3M9rK1UUwPGTyY8mKW2yEEVBetGNboY2uhaDtCAGLG0jtoIwbScaMiYlEyoRse3Krbh3JbgoXXZXUP+Bbtzpxo27bgQXdqFvHvOrmfxq07yU9LXfD5Tc3HNPMjP3JpwZOrn4+LsvahVbrxgt0dJKYiIilyJ50SQUCx41r52SqENJBK0PiqXS8ppSK8WNtwpKqfmFn7/8OhMEz2bkPP/pxd+Fv85fPH/54snG51VbVW1Vb7SUobYbf7aMbctUu1W7piu1apmGbapq3TabfrzhxytWY2+vrYz67lx2r2natjLqbVUz26rVUK1mWxmfGdW60nVdzWUFNykfr60ZxTGTdya8MbgjzWbRiItIpi9SPp7KBgEAgKnqrf81t6S/Vf3/5uw/v7+6vrkl81797w7u1P8nr/3amv3odD6o/89Sg+r/t//wX6ur/k+LyDj1/w9yi/q/vyJ6XJ6p/sf9sJDq64p1PXPr/2zw+fUcfXKy6DWo/wEAAAAAAAAAAAAAAAAAAAAAeB5cOk7OcZxc+Bj+dW4hCJ7jQRo2/zMiknZn32H+H7L1zS1JezfuuXNsfbtf3i/7j270f8cnpixKTv7z1kPYJ44T3nmkXHn5xToI8g/2y3EvUqxIVSwxZUlyku/Nd5yV90vLS8oX5F/dppSN5hckJy8Mzi905wfvn5I3Xo/k65KT33akIZbseuu6k//NklLvfVjqyc944wAAAAAAeAh0dWXg+buuD4v7vzJSrHiXiYZcH/DPrxcHnp8ncq8kpr33AAAAAAA8Dnb7q5phWWbzmkZGbh4zfiMx2uBUT0/yusHxyB6Ouj0p70KGyLAx8QFHTJPoGDdaM34c8ah2NcJ/pOgKpYPO8Q5vuP8Tm6/DaI8mI2Qlejd+we1Qt3z3o2BHrnrCy0apIcdZVvtfR+taCd1HNTmx9fzS9z/9O7kPyDun4Qq4efBRpCc58pq3LDPdu+q8RnL4N4Y2gW8dAAAAANPQKfrDnnej4dhUNgoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEfmTn7Sr6cx7X0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7ounAQAA//8QRPLT")
creat(0x0, 0x0)
socket(0x2, 0x5, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
write(0xffffffffffffffff, &(0x7f0000000080), 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000016c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x840e, &(0x7f0000000780)={[{@discard}, {@noinit_itable}, {@stripe={'stripe', 0x3d, 0x200000000004}}, {@jqfmt_vfsold}, {@bsdgroups}, {@quota}, {@sysvgroups}, {@noacl}, {@inlinecrypt}, {@data_ordered}]}, 0x3, 0x43a, &(0x7f0000000340)="$eJzs28tvG1UXAPAzfrRfX19CVR59AIGCqHgkTVpKF2xAILEACQkWZRmStCp1G9QEiVYRBITKCqFK7BFLJP4CVrBBwAqJLexRpQpl08LKaOyZxHYcNzFOnOLfT5r23plr3XM8c+07c+MABtZI+k8SsTcifouIoXq1ucFI/b/bSwtTfy0tTCVRrb7xZ1Jrd2tpYSpvmr9uT14pRRQ+SeJwm37nrly9MFmpzFzO6mPzF98dm7ty9ZnzFyfPzZybuTRx+vTJE+PPnZp4tid5pnndOvTB7JGDr7x1/bWpM9ff/umbJM+/JY8eGel08PFqtcfd9de+hnJS6mMgbEixPkyjXBv/Q1GMlZM3FC9/3NfggE1VrVar9619eLEK/Icl0e8IgP7Iv+jT+99826Kpx7Zw84X6DVCa9+1sqx8pRSFrU265v+2lkYg4s/j3l+kWm/McAgCgyXfp/OfpdvO/QjQ+F/p/toYyHBH3RMT+iDgVEQci4t6IWtv7I+KBDfbfukiyev5TuNFVYuuUzv+ez9a2mud/+ewvhotZbV8t/3Jy9nxl5nj2nhyL8s60Pt6hj+9f+vXztY41zv/SLe0/nwtmcdwo7Wx+zfTk/GRziN27+VHEoVK7/JPllYAkIg5GxKEu+zj/5NdH1jp25/w76ME6U/WriCfq538xWvLPJZ3XJ8f+F5WZ42P5VbHaz79ce32t/v9V/j2Qnv/dba//5fyHk8b12rmN93Ht90/XvKfp9vrfkbzZtO/9yfn5y+MRO5JX60E37p9oaTex0j7N/9jR9uN/f6y8E4cjIr2IH4yIhyLi4Sz2RyLi0Yg42iH/H1987J3u899caf7TGzr/K4Ud0bqnfaF44Ydvmzod3kj+6fk/WSsdy/Ysf/51sJ64uruaAQAA4O5TiIi9kRRGl8uFwuho/W/4D8TuQmV2bv6ps7PvXZqu/0ZgOMqF/EnXUMPz0PHstj6vT7TUT2TPjb8o7qrVR6dmK9P9Th4G3J4otR3/qT+K/Y4O2HR+rwWDy/iHwWX8w+Ay/mFwtRn/u/oRB7D12n3/f9iHOICt1zL+LfvBAHH/D4PL+IfBZfzDQJrbFXf+kbyCwqpCFLZFGOssfFbeFmHcRYV+fzIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0xj8BAAD//3g65pw=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
socketpair(0x17, 0x3, 0x4, &(0x7f0000000080))
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0x3a, &(0x7f0000000140)={@local, @local, @void, {@ipv4={0x800, @tcp={{0x6, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0xd9, 0x6, 0x0, @private=0xa010102, @local, {[@generic={0x7, 0x2}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2}}}}}}, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./bus\x00', 0x1c1002, 0x0)
write(r2, &(0x7f0000004200)='t', 0x1)
sendfile(r2, r0, 0x0, 0x3ffff)
sendfile(r2, r0, 0x0, 0x7ffff000)

1.85166825s ago: executing program 3 (id=586):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYRES32], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='sched_switch\x00', r0}, 0x10)
r1 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x2014040, &(0x7f0000000600)={[{@minixdf}, {@nobh}, {@oldalloc}, {@commit={'commit', 0x3d, 0x5}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x84}}, {@lazytime}, {@nodelalloc}, {@noblock_validity}, {@nodelalloc}, {@minixdf}], [{@audit}, {@uid_lt}, {@measure}, {@obj_user={'obj_user', 0x3d, 'debug_want_extra_isize'}}, {@dont_appraise}, {@fowner_eq}, {@uid_lt}, {@fsmagic={'fsmagic', 0x3d, 0x7}}]}, 0x1, 0x57a, &(0x7f0000000980)="$eJzs3V1rHNUbAPBnNi99/f+bQinqhQR6YaR20yS+VBCsN4JosaD3dUm2oWTTLdlNaWKh7YW98UaKIGJB/ADeeyXFL+CnKGihSAl64U1kNrNx2+wm6XabTZzfD6adMzObZ549c86es7PLBpBbo+k/hYgXI+KrJOJIy77ByHaOrh238uj6dLoksbr6yR9JJNm25vFJ9v+hrPBCRPzyRcTJwsa4taXluVKlUl7IyuP1+SvjtaXlU5fmS7Pl2fLlyampM29MTb791ps9y/XV8399+/G9D858eWLlmx8fHL2TxNk4nO1rzeMZ3GwtjMZo9pwMxdknDpzoQbDdJOn3CdCVgaydD0XaBxyJgazVA/99NyJiFcipRPuHnGqOA5pz+x7Ng/eMh++tTYA25j+49t5I7G/MjQ6uJI/NjNL57kgP4qcxfvr97p10iS3eh7jRg3gATTdvRcTpwcGN/V+S9X/dO91483hzT8bI2+sP9NO9dPzzWrvxT2F9/BNtxj+H2rTdbmzd/gsPehCmo3T8907b8e961zUykJX+1xjzDSUXL1XKpyPi/xExFkP70vJm93POrNxf7bSvdfyXLmn85lgwO48Hg/sef8xMqV56lpxbPbwV8VLb8W+yXv9Jm/pPn4/z24xxvHz35U77ts7/+Vr9IeKVtvWf3dFqJt35/uR443oYb14VG/15+/ivneKPvd/f/NP6P7hZ/hEjSev92trTx/h+/9/lTvu6vf6Hk08b68PZtmulen1hImI4+Wjj9sl/H9ssN49P8x87sXn/1+76PxARn20z/9vHbnc8tN/Xf5r/zFPV/9Ov3P/w8+86xd9e/b/eWBvLtmyn/9vuCT7LcwcAAAAAAAC7TSEiDkdSKK6vFwrF4trnO47FwUKlWqufvFhdvDwTje/KjsRQoXmn+0jL5yEmss/DNsuTT5SnIuJoRHw9cKBRLk5XKzP9Th4AAAAAAAAAAAAAAAAAAAB2iUMdvv+f+m2g32cHPHd+8hvya8v234tfegJ2Ja//kF/aP+SX9g/5pf1Dfmn/kF/aP+TXVu3/1g6dB7DzvP4DAAAAAAAAAAAAAAAAAAAAAAAAAABAT50/dy5dVlceXZ9OyzNXlxbnqldPzZRrc8X5xenidHXhSnG2Wp2tlIvT1fmt/l6lWr0yMRmL18br5Vp9vLa0fGG+uni5fuHSfGm2fKE8tCNZAQAAAAAAAAAAAAAAAAAAwN5SW1qeK1Uq5YW9tDIcETsY9N3of8rPOcE1XT18sOvoPxci+p57Llb2d1G5fe6YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDFPwEAAP//vkExlw==")
socket$nl_route(0x10, 0x3, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x3)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0xfc, 0x0, 0x7ffc0002}]})
syz_io_uring_submit(0x0, 0x0, &(0x7f0000019240)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x7, 0x0, @fd=r1, 0x9, 0x0, 0x0, 0x9, 0x1, {0x2}})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), r2)
ptrace$setregs(0xd, 0x0, 0x7, &(0x7f0000000440))
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=ANY=[@ANYRES8=r3], 0x7c}}, 0x944)
shutdown(0xffffffffffffffff, 0x0)
r4 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000cc0)=ANY=[@ANYBLOB], 0x50)
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r6=>0xffffffffffffffff})
pipe(&(0x7f00000001c0)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
splice(r6, 0x0, r8, 0x0, 0x7, 0x9)
write$P9_RWRITE(r8, &(0x7f0000000040)={0xb}, 0x11000)
read(r7, &(0x7f0000032440)=""/102364, 0x18fdc)
r9 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r9, &(0x7f00000003c0)={0x0, 0x18, 0xfa00, {0xffffffffffffffff, 0x0, 0x2, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r9, &(0x7f0000000200)={0x3, 0x40, 0xfa00, {{0xa, 0xfffe, 0x0, @empty, 0x4}, {0xa, 0x0, 0x0, @loopback, 0xfffffffc}, 0xffffffffffffffff, 0x400}}, 0x48)
ioctl$KDFONTOP_SET_DEF(0xffffffffffffffff, 0x4b72, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYRES8=r8, @ANYBLOB="b7c02c5e7fd32ef0ca09c29f1288f9065f55abfb5f5952c1bfe75d780f4aaebd5597e4154143780349aab1d59a549849be632d47de9db99998", @ANYRESOCT=r4], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x15, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r6, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)

1.656992768s ago: executing program 1 (id=591):
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_RECVMSG={0xa, 0x34, 0x3, 0xffffffffffffffff, 0x0, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000000240)=[{0x0}], 0x1}, 0x0, 0x40000000})
r0 = syz_io_uring_setup(0x174d, &(0x7f00000004c0)={0x0, 0x4ccd, 0x800, 0x1000, 0x5cc}, &(0x7f0000000300)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000040)=0xfffffffb, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000000c0)={0x1, &(0x7f0000000200)=[{0x30, 0x4, 0x0, 0x2}]}, 0xffffffffffffff0e)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x0, 0x0, 0xffffffffffffffff, 0x0, r0})
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x30000c6, &(0x7f0000000080), 0x1, 0x569, &(0x7f00000002c0)="$eJzs3U1rXFUfAPD/nWT6/jxNoRQVkYALK7WTJvGlgou61mJB93VIbkPJpFMyk9LEgu3CrqW4EQviXly7LH4BF36GghaKlKALN5E7uTOdJDPJtJ0mU+f3g1vOuS8598y5/9NzcmYyAQyt8eyfQsTLEfF1EnE0IpL82GjkB8fXz1t9dGMm25JYW/v0z6RxXpZv/qzmdYfzzEsR8ctXEacKW8utLa/MlyuVdDHPT9QXrk7UlldOX14oz6Vz6ZWp6emz70xPvf/eu32r65sX/v72k3sjee7YnSTOxZE8116PZ3CzPTMe4/lrUoxzm06c7ENhgyTpuPenXb8PnsxIHufFyPqAozGSRz3w3/dlRKwBQyp54vj/rfh87gTYXc1xQHNu36d58Avj4YfrE6Ct9R9d/91IHGjMjQ6tJhtmRtl8d6wP5Wdl/PzH3TvZFv37PQTAjm7eiogzo6Nb+78k7/+e3pkeztlchv4Pds+9bPzzVqfxT6E1/okO45/DHWL3aewc/4UHfSimq2z890HH8W9r0WpsJM/9rzHmKyaXLlfSrG/7f0ScjOL+LL/des7Z1ftr3Y61j/+yLSu/ORbM7+PB6P6N18yW6+VnqXO7h7ciXuk4/k1a7Z90aP/s9bjQYxkn0ruvdTu2c/2fr7UfIt7o2P6PV7SS7dcnJxrPw0Tzqdjqr9snfu1W/l7XP2v/Q9vXfyxpX6+ttV890lMZ3x/4J43WevJGG+ofvT//+5LPGul9+b7r5Xp9cTJiX/Jxa3+huX/q8bXNfPP8rP4nX9++/+v0/B+MiM97qn3E7eM/vtrt2CC0/2zH9m/Nbje1/5Mn7n/0xXfdyu+t/3u7kTqZ7+ml/+v1Bp/ltQMAAAAAAIBBU4iII5EUSq10oVAqrb+/43gcKlSqtfqpS9WlK7PR+KzsWBQLzZXuo23vh5jMVwyb+alN+emIOBYR34wcbORLM9XK7F5XHgAAAAAAAAAAAAAAAAAAAAbE4S6f/8/8vvXPux/Y/TsEnitf+Q3Da8f478c3PQEDyf//MLzEPwwv8Q/DS/zD8BL/MLzEPwwv8Q/DS/wDAAAAAAAAAAAAAAAAAAAAAAAAAABAX104fz7b1lYf3ZjJ8rPXlpfmq9dOz6a1+dLC0kxpprp4tTRXrc5V0tJMdWGnn1epVq9OTsXS9Yl6WqtP1JZXLi5Ul67UL15eKM+lF9PirtQKAAAAAAAAAAAAAAAAAAAAXiy15ZX5cqWSLkpIPFVidDBuQ6LPib3umQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgsX8DAAD//welMww=")
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000280)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendmmsg$inet6(r3, &(0x7f0000003c80)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback, 0x280020}, 0x1c, &(0x7f00000000c0)=[{&(0x7f0000000540)='\x00', 0x1}], 0x1}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0)=[@hoplimit_2292={{0x14, 0x29, 0x8, 0x4}}], 0x18}}], 0x2, 0x20008050)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r4}, 0x4)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={0x0}, 0x0, 0x10000, 0x0, 0x5, 0x8, 0xd9a, 0x0, 0x0, 0x0, 0x0, 0x2000000020000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2008002, &(0x7f0000000080), 0x1, 0x55c, &(0x7f00000006c0)="$eJzs3c1vG2kZAPBnJh92u91mC3uAFdCCFgqqajfubrXay7YXEFqthFhxQBy6IXGjqHZdamfZhEpk/4ZFAokT/AkckDgg7YkDN45IHBDSckAqEIEaJJCMZux8NHGIiR17E/9+0mQ+Xs88z9tkPK/fcecNYGJdiYiNiJiNiHciYq67PelOcbszZa97uvl4cWvz8WIS7fbbf0vy8mxbvkNh95jPdY9ZjIhvfi3iu8nBuM219fsLtVr1UXe93Ko/LDfX1q+v1BeWq8vVB5XKrflbN167+WplaHW9XP/Fk6+uvPmtX//qsx/9buMrP8jSutAt26nHkHWqPrMTJzMdEW+eRLAxmOrOZ8ecB8eTRsQnIuIL+fk/F1P5XycAcJa123PRntu7DgCcdWneB5akpYhI024joNTpw3sxzqe1RrN17V5j9cFSp6/shZhJ763UqjcuFf7wvfzFM0m2Pp+X5eX5emXf+s2IuBQRPyqcy9dLi43a0niaPAAw8Z7be/2PiH8W0rRU6mvXHnf1AIBTo3jsPX1ZAABOq+Nf/wGA02rf9f/cuPIAAEanj8//3Zv9GyeeCwAwGv9f///FE8sDABgd9/8BYPK4/gPARPnGW29lU3ur+/zrpXfXVu833r2+VG3eL9VXF0uLjUcPS8uNxnL+zJ76UcerNRoP51+J1ffKrWqzVW6urd+tN1YftO7mz/W+W50ZSa0AgP/l0uUPf59ExMbr5/Ip9ozl4FoNZ1s67gSAsZkaZGcNBDjVPMALJldfl/C8kfDbE88FGI+eD/Mu9lx81k86sw/6CeJ7RvCxcvXT/ff/G+MZzhb9/zC5jtf//8bQ8wBGT/8/TK52O9k/5v/sThEAcCYN8BW+9g+H1QgBxuqowbyPuv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAk+jC7exnkpbyscDT7GdaKkU8HxEvxExyb6VWvRERF+NyRMwUsvX5cScNAAwo/UvSHf/r6tzLF/aXzib/KuTziPj+T9/+8XsLrdaj+Wz733e2F7aHD6vs7jfAuIIAwJDl1+9Kd77ng/zTzceL29Mo83lyJ/7THYp4cWvzcT51SqYj2xhRzNsS5/+RxHR3n2JEvBQRU0OIv/F+RHyqV/2TuJD3gXRGPt0bP7qxnx9p/PSZ+Gle1plnja9PDiEXmDQf3omI273OvzSu5PPe538xf4ca3JM7nYNtv/dt7Yk/3Y001SN+ds5f6TfGK7/5+oGN7blO2fsRL033ip/sxE8Oif9yn/H/+JnPffDGIWXtn0Vcjd7x98Yqt+oPy8219esr9YXl6nL1QaVya/7Wjdduvlop533U5e2e6oP++vq1i4flltX//CHxiz3rP7uz7xf7rP/P//3Odz6/u1rYH//L21v2/f5f7Bm/I7smfqnP+Avnf3no8N1Z/KVD6n/U7/9an/E/+vP6Up8vBQBGoLm2fn+hVqs+Gmgh+xQ6jOMcWMhS7O/F283FwYL+KU6iFsdcmDmpf9VjLxT7zGd6p6043DS+nR2xR1Ha5x/JcRbSoddioIWno4o1vvckYDR2T/pxZwIAAAAAAAAAAAAAABxmFP91adx1BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Oz6bwAAAP//yxbH0Q==")
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r5}, 0x10)
setxattr$security_ima(&(0x7f0000000100)='./file1\x00', &(0x7f0000000140), &(0x7f00000013c0)=ANY=[], 0x700, 0x0)
io_uring_enter(r0, 0x749f, 0x4, 0x0, 0x0, 0xfffffffffffffef5)

1.352116116s ago: executing program 4 (id=594):
syz_emit_ethernet(0xfdef, &(0x7f0000000000)={@local, @remote, @void, {@llc={0x8864, {@snap={0x0, 0x0, '~', "3fab95", 0x892f}}}}}, 0x0)
timer_create(0x3, 0x0, &(0x7f0000044000)=<r0=>0x0)
syz_clone(0x6a000000, 0x0, 0x0, 0x0, 0x0, 0x0)
timer_settime(r0, 0x1, &(0x7f0000000a00), &(0x7f0000000a40))
r1 = open(0x0, 0x0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000000)=0x4, 0x4)

1.351755146s ago: executing program 1 (id=595):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000280)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x6d}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r0}, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000180), r2)
sendmsg$NLBL_MGMT_C_ADD(r1, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000c80)={0x34, r3, 0x1, 0x70bd25, 0x0, {}, [@NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @multicast2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @private=0xa010101}, @NLBL_MGMT_A_DOMAIN={0x5, 0x1, '\x00'}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000010}, 0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000780), r4)
r6 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000380), r1)
sendmsg$NLBL_UNLABEL_C_STATICLIST(r4, &(0x7f0000000500)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x28, r6, 0x8, 0x70bd29, 0x25dfdbff, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'pimreg0\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x40000}, 0x804)
sendmsg$NLBL_MGMT_C_ADD(r4, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000d40)={&(0x7f0000000c80)={0x34, r5, 0x1, 0x400000, 0x0, {}, [@NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @multicast1}, @NLBL_MGMT_A_DOMAIN={0x5, 0x1, '\x00'}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x34}}, 0x0)
syz_clone(0xe50c1700, 0x0, 0x0, 0x0, 0x0, 0x0)

1.181159751s ago: executing program 4 (id=600):
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x80)
fchdir(r1)
symlink(&(0x7f0000000300)='./file0/../file0/../file0\x00', &(0x7f00000017c0)='./file0\x00')
syz_io_uring_setup(0x109, &(0x7f0000000140)={0x0, 0x114df, 0x400, 0x1, 0x87}, &(0x7f00000000c0)=<r2=>0x0, &(0x7f0000000200)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080000000100200000000000", @ANYRES32, @ANYBLOB, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0100000008000000000000000000"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f0000000740)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000440)='kfree\x00', r4, 0x0, 0x5}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4}, 0x50)
setregid(0xffffffffffffffff, 0x0)
fsetxattr$system_posix_acl(0xffffffffffffffff, 0x0, &(0x7f0000000f80)={{}, {0x1, 0x7}, [], {}, [], {0x10, 0x6}, {0x20, 0x1}}, 0x24, 0x1)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_setup(0x6dbb, 0x0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000000206030000000000000000000000000005000100070000000900020073797a310000000014000780050015000c00000008001240000000000500050002000000050004000000000010000300686173683a6970"], 0x5c}}, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000), &(0x7f0000000040)=0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, r1, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x29c780})

949.665183ms ago: executing program 1 (id=605):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'team0\x00', <r1=>0x0})
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
socket(0x10, 0x3, 0x0)
epoll_create1(0x0)
r2 = inotify_init1(0x80800)
dup(r2)
socket$inet6_udp(0xa, 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
r3 = socket(0x10, 0x803, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r4, 0x29, 0x36, &(0x7f0000000300)=ANY=[@ANYBLOB="3c34000000000000040100c910fc02000000000000000000000000000107", @ANYRES32=r3], 0x1b0)
setsockopt$inet6_IPV6_HOPOPTS(r4, 0x29, 0x36, 0x0, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="440000001000ffff27bd7000fbdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="fdb75f0505000200140012800c0001006d616376746170000400028008000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r1], 0x44}, 0x1, 0x0, 0x0, 0x1}, 0x2054)

893.503178ms ago: executing program 3 (id=607):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='net/ip6_mr_cache\x00')
ioctl$FS_IOC_READ_VERITY_METADATA(r0, 0xc0286687, &(0x7f0000000280)={0x3, 0x6, 0x10, &(0x7f0000000240)=""/16})
r1 = socket$key(0xf, 0x3, 0x2)
r2 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r3, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000000)={<r4=>0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000440)=0x10)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r3, 0x84, 0x76, &(0x7f0000000180)={r4, 0xd}, &(0x7f00000001c0)=0x8)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r5=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYRES32=r2, @ANYRES32=r5, @ANYRESOCT=r2], 0x24}}, 0x0)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r6=>0xffffffffffffffff})
getpeername$packet(r6, 0x0, &(0x7f0000000040))
ioctl$PPPIOCSFLAGS(r6, 0x40047459, &(0x7f00000001c0)=0x40014a5)
fcntl$setsig(r1, 0xa, 0x13)
getsockopt$IP_SET_OP_GET_FNAME(r1, 0x1, 0x53, &(0x7f0000000000)={0x8, 0x7, 0x0, 'syz1\x00'}, &(0x7f0000000040)=0x2c)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffd9b, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r7}, &(0x7f0000000240), &(0x7f0000000280)=r8}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r8}, 0x10)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a300000000068000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a300000000008000540000000212c0011800a0001006c696d69740000001c0002800c00024000000000000000030c0001400000000200000101480000000c0a01010000000000000000070000000900020073797a31000000000900010073797a30000000001c0003800c00008008000340000000020c0000800800034000000002"], 0xf8}}, 0x0)
sendmsg$key(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000180)=ANY=[@ANYRES16=r5], 0x50}}, 0x0)

865.11598ms ago: executing program 0 (id=608):
socket$netlink(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_udplite(0xa, 0x2, 0x88)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
pipe2(&(0x7f0000000c00), 0x800)
eventfd(0x3)
socket$inet6_udp(0xa, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000013c0)=ANY=[@ANYBLOB="64000000100003040000000000000ffe00000000", @ANYRES32=0x0, @ANYBLOB="e5fda988000000002800128009000100766c616e00000000180002800c0002211c0000001f000000060001000000000008000500", @ANYRES32=r0, @ANYBLOB='\b\x00\n\x00', @ANYRES32, @ANYBLOB="0a000100000070"], 0x64}}, 0x4000000)

804.016406ms ago: executing program 3 (id=609):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0) (async)
r2 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=@newqdisc={0x3c, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0x6}}, [@qdisc_kind_options=@q_codel={{0xa}, {0xc, 0x2, [@TCA_CODEL_LIMIT={0x8}]}}]}, 0x3c}}, 0x2000400c)
r4 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x0) (async)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000900)=@newtfilter={0x54, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r5, {0x8, 0x7}, {}, {0xa, 0xfff1}}, [@filter_kind_options=@f_flower={{0xb}, {0x24, 0x2, [@TCA_FLOWER_KEY_CT_ZONE={0x6, 0x5d, 0x6}, @TCA_FLOWER_KEY_ENC_OPTS={0x18, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0x14, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_VER={0x5, 0x1, 0x1}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_INDEX={0x8, 0x2, 0x100c}]}]}]}}]}, 0x54}, 0x1, 0x0, 0x0, 0x22044028}, 0x20000050)
dup3(r1, r0, 0x0)

696.829466ms ago: executing program 4 (id=611):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r0}, 0x10)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000008850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000480)='GPL\x00', 0xa, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000380)=@generic={&(0x7f00000002c0)='./mnt\x00', 0x0, 0x8}, 0x18)
r2 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid(0x0, 0x0, 0x0, 0x4, 0x0)
r3 = syz_pidfd_open(r2, 0x0)
pidfd_send_signal(r3, 0x2, 0x0, 0x0)

694.661596ms ago: executing program 1 (id=612):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000040000000000000004850000007b00"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000ac0)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x8, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b7"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r2}, 0x18)
syz_emit_ethernet(0x87a2f, 0x0, 0x0)
connect$inet(r0, &(0x7f0000000480)={0x2, 0xffff, @multicast2}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000000)={0x100000011, @multicast2, 0x0, 0x0, 'ovf\x00', 0x17, 0x1003, 0x62}, 0x2c)
syz_io_uring_complete(0x0)

643.182291ms ago: executing program 2 (id=613):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="020000000400000008000000"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000280)='mm_page_free\x00', r1, 0x0, 0x800000000000002}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r2 = gettid()
process_vm_writev(r2, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0x7ffff000}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
sendto$inet6(0xffffffffffffffff, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

640.107341ms ago: executing program 3 (id=614):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000080)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r1 = syz_io_uring_setup(0x3d67, &(0x7f0000010400)={0x0, 0x86e1, 0x400, 0x8}, &(0x7f0000010080), &(0x7f0000000040))
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f0000000b40)=[{0x0}, {0x0}], 0x2)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r1, 0x10, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000540)=[{0x0}, {&(0x7f0000000340), 0xa002a0}], &(0x7f00000005c0), 0x2}, 0x20)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r3, 0x0, 0x80000}, 0x18)
mbind(&(0x7f00005b4000/0x4000)=nil, 0x100000000004000, 0x0, 0x0, 0x0, 0x2)
r4 = syz_io_uring_setup(0x10f, &(0x7f00000000c0)={0x0, 0x211a, 0x80, 0x4, 0x306}, &(0x7f0000000340), &(0x7f0000000280))
io_uring_register$IORING_REGISTER_FILES(r4, 0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x10, 0xf, &(0x7f0000000740)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x401}, {{0x18, 0x4, 0x1, 0x0, r0}, {}, {}, {0x85, 0x0, 0x0, 0x5a}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3, 0x9, 0x0, 0x1, 0x7}}, [], {{0x6, 0x1, 0x3, 0x8}, {0x6, 0x0, 0x2, 0x8, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000700)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x29, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

639.997781ms ago: executing program 0 (id=615):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000700)={0x2, 0xb, 0x2, 0x3, 0xa, 0x0, 0x70bd2c, 0x25dfdbfe, [@sadb_x_policy={0x8, 0x12, 0x3, 0x3, 0x0, 0x6e6bbe, 0x5, {0x6, 0xff, 0x6, 0xf4, 0x0, 0x80000000, 0x0, @in=@multicast1, @in6=@remote}}]}, 0x50}}, 0x0)

639.833531ms ago: executing program 1 (id=616):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, 0x0, 0x24000840)
r1 = socket$inet6(0xa, 0x1, 0x8010000000000084)
sendmsg$inet6(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000480)='y', 0x1}], 0x1}, 0x0)
shutdown(r1, 0x1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000000206010700000000000000000000000014000300686173683a69702c706f72742c6970000900020073797a31000000000500010007000000050005000a0000000500040001000000c1590c9fe92c70409533a7acaf3d7072b144c5f5c963697b3ff9bea20eba159d251d57a146ac718289d253f3be698fed96dc6035adef29a07823dc76dea18307c0b1366c07f0145dcd4b556e3129"], 0x4c}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="740000000906010200000000ffff0000030000000900020073797a310000000005000100070000004c0007801800018014000240fe8000000000000000000000000000aa1800148014000240fc000000000000000000000000000000060004404e1f0000050007008400000006000540"], 0x74}, 0x1, 0x0, 0x0, 0x10040003}, 0x0)

610.939364ms ago: executing program 0 (id=617):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000040000000000000004850000007b00"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000ac0)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x8, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b7"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r2}, 0x18)
syz_emit_ethernet(0x87a2f, 0x0, 0x0)
connect$inet(r0, &(0x7f0000000480)={0x2, 0xffff, @multicast2}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000000)={0x100000011, @multicast2, 0x0, 0x0, 'ovf\x00', 0x17, 0x1003, 0x62}, 0x2c)
syz_io_uring_complete(0x0)

589.774106ms ago: executing program 4 (id=618):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB="0500000004000000080000000b"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000480)='kfree\x00', r1, 0x0, 0x2}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc080003400000001408000c4000000e45400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d103000014000000110001"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)={{0x14, 0x10, 0x1, 0xefff, 0x0, {0x3}}, [@NFT_MSG_NEWSETELEM={0x5c, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x30, 0x3, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d103"}]}, @NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0x2df31ab3}]}, {0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}, {0x4}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)

584.283046ms ago: executing program 1 (id=619):
r0 = socket(0xa, 0x5, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000200)=[@in6={0xa, 0x4e24, 0x4, @loopback}], 0x1c)
setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000480)=ANY=[], 0xf0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x50)
dup(r0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x18)
sendto$inet6(r0, &(0x7f0000000040)="00d8", 0x20a00, 0x44004, &(0x7f0000000100)={0xa, 0x4e24, 0xb, @loopback, 0xc5f}, 0x1c)

535.907451ms ago: executing program 0 (id=620):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000340)={0x1, &(0x7f0000000180)=[{0x6, 0x80, 0x4, 0x7fff0000}]})
r1 = gettid()
r2 = syz_clone(0x20300000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000001200), &(0x7f0000000000)='./file0\x00', 0x2, &(0x7f0000000080)=ANY=[@ANYRES64=0x0, @ANYRESOCT=0x0, @ANYRESHEX, @ANYRES16=0x0, @ANYRESOCT=0x0], 0xfb, 0x1248, &(0x7f0000002480)="$eJzs3M+LG2UYB/Bnf7Tb3bg/1FqtIn2xF72E3T14UZBFtiANKG1XaAVh6qYaMybLJixExNWTVy/+AV7FozdBvOklHvwbvO3Fowd1xCStjY5adtcNls/nkiHPfIfnzRsG3pB3Dp7/+J1mUcTA1AsxvRMx+0uKFNNx2wfxzHPffPvk1es3Lm/UaptXUrq0cW3t2ZTS0oWvXnvv86e+7lZe/WLpy7nor7x+8OP6D/1z/fMHv157q9FJjU5qtbspSzfb7W52M6+n7UanWU3plbyedeqp0erUd8fqt/L2zk4vZa3txYWd3Xqnk7JWLzXrvdRtp+5uL2VvZo1WqlaraXEhiPnDR7c++6n4ffKL4lScjqIoivlYiOl4IBZjKZZjJR6Mh+LhOBuPxLl4NB6L84OzjrN9AAAAAAAAAAAAAAAAAAAAoGz/f+Uv+/8/iSjb/39hws0DAAAAAAAAAAAAAAAAAADAfeLq9RuXN2q1zSspnYnIP9rb2tsavg7rG7eiEXnUYzWW4+cY7P4virefGFaL4nTUNlfTwEp8mO+P8vt7WzPj+bXB4wRG+WL01IGiuPRSbXNtmE/j+blYuDu/Hstxtjy//qf8xUH+TDx98a58NZbj+zeiHXlsDzr/I//+Wkovvly7k/+uPxzd9qQmBQAAAI5ZNd1Run6vVv+uPsyX/z4wvj5fLV3fz8bjs5MdOxGd3rvNLM/ruxM/uN3R8J39iDjEdeZGF5n8cJpZPh0R93ry1Kjx8dJ8/LcdnvqHc6YGB5UJfHSfViKOEJ8Z+yIdqZ/5w6QWS6fyf3fwb3eOmWO/F3HyRpM+V1qsnHg7AAAAAAAAAAAA3KOT+DvhpMcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAbO3AsAAAAACDM3zqNjg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICvAgAA//9yn7ck")
r3 = getpgid(r2)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
setpgid(r3, r4)
kcmp$KCMP_EPOLL_TFD(r1, r2, 0x7, r0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff, 0x2})

525.121972ms ago: executing program 4 (id=621):
r0 = socket(0xa, 0x5, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000200)=[@in6={0xa, 0x4e24, 0x4, @loopback}], 0x1c)
setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000480)=ANY=[], 0xf0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x18)
sendto$inet6(r0, &(0x7f0000000040)="00d8", 0x20a00, 0x44004, &(0x7f0000000100)={0xa, 0x4e24, 0xb, @loopback={0xc00000000000000}, 0xc5f}, 0x1c)

521.476162ms ago: executing program 2 (id=622):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = io_uring_setup(0x3b44, &(0x7f00000002c0)={0x0, 0x86a1, 0x0, 0x0, 0x20000004})
close_range(r1, 0xffffffffffffffff, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x56, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYRES8=r0, @ANYRES64=r0, @ANYRES16=r0, @ANYBLOB="e83eb78114ebd2dff922e7aee26985d691d7d28ada45a7216142b844e4c508e991b3467e60f593afc5a0130c2c8783bcc51a66d3a8da9435174d83f31065d7aae62fc7d3481f68d68b5a740651339aad3f37b45fc8caea0aa56a3143f95e118feefedb6f5c1312b044b13b38d15a13e15b3e6cfe", @ANYBLOB="5a47d7264449095327bcc7e91405ecc68eb08d981a0851707368354da2b217b003b0f3598ec4c3e7aff991661d5f5f3029f6cd85105d743ae16ad53f9079a612b4d62576be7d8e08716d912d4e280a3cf2e77418697db69e6f978d2655a5b980ee8a82d7f01f4b8f4406e5567f82f031c3af2ff3ff5aeeb4a9fd27a28c3012e3ab56c7b2205383dc75da8cd4d47f97a096732d8f5b6c5d94dc6d7307975993525cfa21cb50c18f5f629329d19866b8ddca90bfae8c", @ANYRES16=r1, @ANYRES16=r1, @ANYRES64=r1], 0x7c}}, 0x4008001)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000980)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a80000000060a0b0400000000000000000200fffe540004802800018007000100637400001c0002800800014000000002080002400000001005000300010000002800018007000100637400001c0002800800024000000011080004400000000c05000300010000000900010073797a30000000000900020073797a32"], 0xa8}, 0x1, 0x0, 0x0, 0x40}, 0x0)

456.877238ms ago: executing program 2 (id=623):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000280)='kfree\x00', r0}, 0x18)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000000)={[{@nomblk_io_submit}, {@bh}]}, 0x1, 0x47a, &(0x7f0000000180)="$eJzs3M9vVEUcAPDv222L/LIV8QeIgqKRaGxpQeXgAYwmHjQx0QMe67YQpFBDqxFCtHrAoyHxbjya8Bd40otRTyZe9W5IiOECenrm7b7Xvl1217ZsXXA/n2TpzM5bZr7MTHfmDbsBDKx92R9JxLaI+C0iRhvZ5gv2NX7cvH6x9tf1i7Uk0vStP5P6dTeuX6wVlxav21pklpqfL1s4f+H09Nzc7Lk8P7F45v2JhfMXnjt1Zvrk7MnZs1NHjhw+NPniC1PP9yTOrE03dn88v2fXa+9cfqN2/PK7P11Jivib4viwJ/WV/uqyapF4qle13CG2l9LJUB8bwppkAzLrruH6/B+Naqx03mi8+llfGwdsqDRN002di5dS4H8siX63AOiP/H0+iViqZXvg8n5+EFw71tgAZXHfzB+NkqGo5NcMt+xveynbbR1f+vur7BEt91MAADbCd8caP4u138r6o9J0F/9ofjY0FhH3RcSOiLg/InZGxAMR8WBEPBQRD5de0+7cp1XrIcmt65/K1XUFtkrZ+u+l/Gyref1XrP5irJrnttfjH05OnJqbPRgR90bEgRjelOUnu9Tx/Su/ftGpbF9p/Zc9svqLtWDejqtDLTfoZqYXp28n5rJrn0bsHmoXf7J8EpD1466I2L13fXWceuabPZ3K/j3+LnpwzpR+HfF0o/+XoiX+QtL9fHLinpibPThRjIpb/fzLpTdL2dpoKXNb8fdA1v9b2o7/5fjHkvJ57cLa67j0++cd9zSrHP8j5ddk438kebueLgo+ml5cPDcZMZK8nj9/NH++ub76dVMr12fxH9jffv7viJV/iUciIhvEj0bEYxGxN2/74xHxRETs7xL/jy8/+d76499YWfwza+r/jonibPuWourpH76tlxSdNdYl/iTa9P/heupA/ky733+jzUMkurb03O2MZgAAALj7VCJiWySV8eV0pTI+3vj/8jtjS2VufmHx2RPzH5ydaXxGYCyGK8WdrtHl+6GxNJlv669UI7LyqTxf3C89lN83/rK6uZ4fr83PzfQ7eBhwWzvM/8wf1X63DthwPq8Fg2u98z9N00963BTgP+b9HwaX+Q+Dq83839yS7/IdAcDdrN37v409DAbrfxhc5j8MLvMfBpf5DwMp/yT80Go+4L9hiez3T/9qX3siTftU+0j/Y19ORKVvtUe/Y19bIsm/SyO9Q9qzukS9yU4BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAu94/AQAA//8QtN5n")
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3c010000190001000000000003000000fc020000000000000000000000000000fe8000000000000000000000000000bb0000fffd000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="f8ffffffffffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000ffffffffffffffff00000000800000000000000000000000000000000000000700820000000000000000000000000000000004000000000084000500ff010000000000000000000000000001000000003c00000000000000ffffffff000000000000000000000000043500000400210000000000000000000000000020010000000000000000000000000000bffffffd3c00"], 0x13c}}, 0x4040000)
syz_emit_ethernet(0x46, &(0x7f0000000000)={@multicast, @random="caf66222e6aa", @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "430093", 0x10, 0x3a, 0xff, @local, @mcast2, {[], @ndisc_ra}}}}}, 0x0)
r2 = socket$unix(0x1, 0x2, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000001c0)={@fallback=<r3=>r2, 0x22, 0x0, 0x7, &(0x7f00000000c0)=[0x0], 0x1, 0x0, &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000140)=[0x0], &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, 0x40)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x20000000000000d1, &(0x7f0000000440)=ANY=[@ANYBLOB="0000000010000000000049f10000000000000000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PPPIOCGCHAN(r3, 0x80047437, &(0x7f0000000200))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
timer_getoverrun(0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r6)
lsetxattr$trusted_overlay_upper(&(0x7f0000000980)='./file0\x00', &(0x7f00000009c0), &(0x7f0000000a00)={0x0, 0xfb, 0x2b, 0x0, 0x2, "9b7b7773effa9e3efc8b315baefb1994", "a3febcb5fb6b32af8cb029e2e1c694f09dd01aef2095"}, 0x2b, 0x2)
sendmsg$NL80211_CMD_GET_WIPHY(r6, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000740)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010300000000000000000100000008000300", @ANYRES32=0x0, @ANYBLOB="000099000200000032000000"], 0x1c}, 0x1, 0x0, 0x0, 0x4000064}, 0x844)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r3, 0xc0189375, &(0x7f0000000240)={{0x1, 0x1, 0x18, <r8=>r6}, './file0\x00'})
getsockopt$inet_mreqn(r3, 0x0, 0x23, &(0x7f0000000400)={@multicast1, @initdev, <r9=>0x0}, &(0x7f0000000540)=0xc)
r10 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48)
r11 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r11, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f00000000c0)={0x18, 0x2e, 0x1, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @fd}]}, 0x18}], 0x1}, 0x0)
r12 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xe, 0x4, 0x8, 0x808, 0x0, 0xffffffffffffffff, 0x6}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x15, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r12, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x6, 0x9, &(0x7f0000000300)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0xa}, [@map_fd={0x18, 0x4, 0x1, 0x0, r8}, @alu={0x7, 0x1, 0x2, 0x2, 0x9, 0xffffffffffffffc0, 0x8}, @exit, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @generic={0x8d, 0x9, 0x0, 0x6}]}, &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x20, '\x00', r9, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000580)={0x2, 0x1}, 0x8, 0x10, &(0x7f00000005c0)={0x4, 0x5, 0xc9, 0x377}, 0x10, 0x0, 0x0, 0x6, &(0x7f0000000600)=[r3, r10, r4, r3], &(0x7f00000006c0)=[{0x1, 0x4, 0xa, 0x2}, {0x4, 0x5, 0x3, 0x5}, {0x2, 0x3, 0xa, 0x6}, {0x4, 0x4, 0x9, 0x6}, {0x1, 0x5, 0x5, 0x2}, {0x1, 0x1, 0x6, 0xa}], 0x10, 0x7}, 0x94)
r13 = socket$l2tp(0x2, 0x2, 0x73)
ioctl$sock_SIOCGIFINDEX(r13, 0x8933, &(0x7f0000000000)={'gretap0\x00', <r14=>0x0})
r15 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r15, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=ANY=[@ANYBLOB="4c000000100003052cbd7000fedbdf2500000020", @ANYRES32=0x0, @ANYBLOB="0000000000080400240012800b0001006d6163736563000014000280050006000000000005000f000000000008000500", @ANYRES32=r14], 0x4c}}, 0x0)

312.444312ms ago: executing program 0 (id=624):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b000000000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x70)
openat(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x0, 0x0)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000300)={0x0, 0x0, 0x0, 'queue1\x00'})
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000580)={0x0, 0x0, 0x0, 'queue0\x00'})

227.988989ms ago: executing program 0 (id=625):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001e00)={0xb, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x39, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={0x0, r2, 0x0, 0x800000000000002}, 0x18)
pipe2(&(0x7f00000006c0)={<r3=>0xffffffffffffffff}, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x400, 0x0, 0xb2}, 0x9c)
bind$inet6(r4, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r4, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
close_range(r3, 0xffffffffffffffff, 0x0)

199.459032ms ago: executing program 3 (id=626):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001e00)={0xb, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x39, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={0x0, r2, 0x0, 0x800000000000002}, 0x18)
pipe2(&(0x7f00000006c0)={<r3=>0xffffffffffffffff}, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x400, 0x0, 0xb2}, 0x9c)
bind$inet6(r4, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r4, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
close_range(r3, 0xffffffffffffffff, 0x0) (fail_nth: 1)

196.231303ms ago: executing program 2 (id=627):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000040000000000000004850000007b00"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000ac0)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x8, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r2}, 0x18)
syz_emit_ethernet(0x87a2f, 0x0, 0x0)
connect$inet(r0, &(0x7f0000000480)={0x2, 0xffff, @multicast2}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000000)={0x100000011, @multicast2, 0x0, 0x0, 'ovf\x00', 0x17, 0x1003, 0x62}, 0x2c)
syz_io_uring_complete(0x0)

166.326595ms ago: executing program 2 (id=628):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r0}, 0x10)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000008850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000480)='GPL\x00', 0xa, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000380)=@generic={&(0x7f00000002c0)='./mnt\x00', 0x0, 0x8}, 0x18)
r2 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid(0x0, 0x0, 0x0, 0x4, 0x0)
r3 = syz_pidfd_open(r2, 0x0)
pidfd_send_signal(r3, 0x2, 0x0, 0x0)

75.622023ms ago: executing program 2 (id=629):
openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
perf_event_open$cgroup(&(0x7f00000003c0)={0x2, 0x80, 0x14, 0x9, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000300), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd, 0x0, 0x0, 0x0, 0x9}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x4)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000000001c000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x8, 0x0, 0x0, 0xc2f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x20, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x5, 0x0, 0x0, 0x41100, 0xaf, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r2, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, r1, {}, 0xa}}, 0x26)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x1800006, 0x2172, 0xffffffffffffffff, 0x12d6f000)
prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x4000)=nil)
munmap(&(0x7f0000002000/0x2000)=nil, 0x2000)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='cmdline\x00')
preadv(r3, &(0x7f0000000040)=[{&(0x7f0000001440)=""/4106, 0x100a}], 0x1, 0x300, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
r7 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r7, &(0x7f0000000040)=@pppol2tp={0x18, 0x1, {0x0, r6, {0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x4}}, 0x26)
ioctl$INCFS_IOC_FILL_BLOCKS(r3, 0x80106720, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0xff, 0x1000, &(0x7f0000002480)="0620cc35888c910d4b3f0a58c073c1952b3f528e448538b3bca1b1ddc014bfac1a542382d241d9cf687eb737b1537b9230b0dd73e8a2f33448dc5abb8c8b8c89c8d7ff5f1da22735a6f16a734f8e52a10f43d05ec2a75b95b59efa527dec29e680d1502ddda4fdd964d572daa55364576637269f677ee85b281aeb376e3a37d6e5270516b63c8182eaf8fcf6de75222a84e31f4286bc59b6807ccdd24387a19a408e9c037e481c051445513aa5707978cbf0a109f5772190c1a99186c6b1cbf5469b4056bd1d82a4d681f2bf1bf6345dae01783e4f8fc9caad3a3be409fca05708cf4ab98580ca55498a323379a4a2a20872cc744a5bf00fc1623314045d18ddea292c05ff395f91b90598474887ef3899e06a52be53f4ac20d8a229e8c72b5d6bb0858158e0503e2e5649aff85392a01dd4625221aa21ebd3374e75fd17a7d54f3f6c97f6a3eb8cf98867e3cbcbfe2437dec398543b0173f5e1c087721feaf85a54fbd69de35b88c966b0793338863f5fd493af9624bdb14dda261e0334f32a0cd296de75802c3d503fc4a6491e602328ee7aa21736faa064b6aba7c62171c113a3ac2caec815807d2c00c17759276560e4e3081b581cf27cc85fb8890068471b63c9f097225cbdfc3f0666070228c201711d967ff9b00399dcd095a117752ca131294a2c5ad29208c43c35c337e3c6a7d3bb810c6d5edc2bb529088c9f9232a032bb8ba5f8d24d3a2f492c4a887c018e9dd1845a889aab4e3a14385751f7096ec8ccf3a6e6c6bfcaf0c5c298243f614b8d69f62cb4a3fc5e9750c6a65b40625bb79a7483594729cbb27a0e9273ac91a1a530a324a3723a1dc19fa73b6867054403134b25e5484cb3ff3981fb33b41637ace2405bd69618297b43718df3e4a194835665f070f425300412d7727ec724daea467e8069b4751aaafb5031d6a729fa284d97453e6ca092ce29fb3518c38105e4016fd4095eca1f787f7daea13fa737b011c1ad193180c7eea3050cee58ce7e4203316f7f7e84d7e87775a13ed80dea0688d4d2017b9afc96d2ae0bc441f90fc174b0078610530fd6977fbd65d1235443d639ca297272217df0cf7806185d22423cb003c78893f6cbb50fdd167dc39ccef38fa2dd2d712d41f9302e8caea50be6071b8270b073f906d4cebe397c48319547ef76f70aec8791cbc96a48fe49d5272ce5cf7469088bfec77e6baa5196bbcdaa30dd84352c40b609e82e2aa001e5af55d19f1a92692555292148279020c6bd2d3b20ab15c46f722b3bc420930175f6d57810115cc75c7f790fef1954166446813c226cf6aefe828dc61c30fade07bec0a2d247b2628153569b1a20111dd500ba9f5230922831cff2b3b535e09e7cca5fa8e56acb7f5bee0da63a001865a1142179b29cbdcec49b8ec193016101fb64a99f0bcca1df50a83d98d07d86559dbced23791d068e800f970fd9e5cb3108384cf191e61bef3b813679cfe14d33c1ec32d4d35f8485d3fd32bd1105d97f35b965738852e0c64dfdd69b47a4b850d7343033765502b938353c9805a2ff231bed17535dd4d336a2b0995769fd7b9f7b90b3d2dda2c2a338d42b1106e8abdf338c5205b97830846654ee603926330ec9b1a2fcb866d95d59ea17c1468789dbad2fb35aefc4a8745cbf39d1970582efb9106a59d2573b277ad68e0b829cabf6bc95eaa6e094a614709e29c82e84353fe11a0ae5881b936561bad451cecf3648c9b8411675e848bca375407fa699d67521d2305019da90fb836dc680250125f24fe792a1e36711d879bfebc0983a2b5c2949fbefdd776d34ae7aa372b093fe8b399e2bc22cd7e72606ff8c45b0188c03e219f9fa0ac367e3dede86426827afcc76c51da15452e35b6e4a72d3fcea13c386bd8d377404ecdd5c1fabe260899ec8114be538ba86a8128fcfb5fafed7c65467f126e17cd047f4b3927f125e815b9de1b841b6996636b86feee4082884ac48ae271bf4e2e6e95dc560851dece8cb3ef4d0cd256c68dad2632eb9d6fbc2cfba71f41f2951fab130052788a31a954e5817e6f53ace3b60c6264154fab6d33366c467c5c72b15c1e7ca798657f3cf851aee37eca9ff1a84b8ba8bdb1c785feffc06f7f461c18aadb72ecfb005a03a9b4b6bf74b406276a2ed7afd7cb59a7a188939d123b40eda150f5a078608f09319321aeaebcd3690d9ee870416be93c1b0d38cf43d7df2bf0019f5f9b3427a91b709ce42c2df65d642c2d1eb84c043808d51e1973fcf3d1121a8f7fd0c06d55eec0f27305d980416e43d859ab87c5fe6df3b85ff6e5f55c115282127de8edfc908ce8cb3e3b8c897bf8275e90c4ff3abb41d8a148c15151eeb09b6a2abf60e0104e202139aa446c3ad375b9bfccdc1a538a2732504437a6f221208a0c7be79fbe6eba788477cfe243053e19e7ff1a19534cae9cbb8d2dc90df989b51525be262b266f3166c7e3f5b99273bb8d9c07e26dd4fcb9034a410d977dea3d24c21a4023b9c2cba52e4266afe097668a0480b232a555cd6501d989d9e1cc30809ff524570d41e23770449b4ee85ad83cfb58c26d2fa4d24cf73e9caf53ba95b56e58dc90a7a8ccd0ab3663a7ba48e367859db5006d8dcfe92dbb9f5d1c630976caac16873dc38733923364fea9a68e3bda44001ba1559221f3b10714a92b8280c690f5d7219dab0c19b373de71c28ae6c8fa76ccdeae885aeee7c2f7a9d61fc2c7477a3782be2a8b5e068f97a5a542875a7e122c48a9f904a0fa933a00a57077d5c56606e49ee595ebeca2281b2e2bd9ac5963f4f4ddcce6ac44c4619e3e661b1dd73fc3316822b81523913494e867f5a7adf8faa608d0f0a4f6529b95e88c1d6c6a94964d22098b6a00deaacdb0d5ca948e473bcac904ce4a4ded79a0431ff0cbadd597b423b51111e58f863c55d1803bfd285ac343ce4eba31a0b9bb8fe34dbc3851240c0323acecf8e6e82b0c68578cf447dc61171802fcc3e14f2aa733f3c1993769c72d0273ff4515be24cc3ad4d0724daf2adad5c2847fd4c5f45a1efebae375933d4ff44f056cbe960d196cee6a02bc031fe0d182eb35a3756dd15dbf0e6205e759b2daa6514c4bef24c89e5bc6ff504f459c22277f3f28aa17157602e4b05cd31ecbbfd294f258d7026a40f83dd43369bf3495cb8b37fdf4ba2d9c14c798f9e0ddb01c086325b0cc88ecdf2b0a5892719bd2a0e409671241cfff13276687ce471ad7328b35113126014fa848e976be1ecd8f825db300f30fdb47bd41b2243ca5e6435d8c9e2c80e2b7ba3b0f1ad501224640df424eeaf3890fe17b074e52285eba04ba9622bffb432d771d8f559e962610c5167dedea8064c268213a71cd17f1af3cbc46555363c1e69121387473cbeccf8482145d792ef77a655cdac9f4c94af10d1256072fcecd10dc971a478d4095481f9cfb8d920c024092dedb37469363abecc18cb95eed6dbe4138e34cb3726375199bf851e09968522e3f5907ed769e12ccdfb45ae42dd240a5514046f4cc0e28b0eda3839c06f1f294fb178933ab54f75a30af8eff167fb73504550f3e55c89f561b0ae0262d6a92a8af96728480152fc65e0efa990eb7e712866da578a416e113ebe375d84b31db71b78e0e4f7d92bdb3156e3a65390e2e072159ab16192183b329f9c1528e2f212dc548d64aa8328a68f8e465d01f887177e712b5475cce579af56f8c754b813bb98479e9ea34e3581a50807ecc955e159822b5b8c8f8d2bab3fb068432dd1404f681ece65a1b700074a5a409ecff5b4d5bf588c7e24f9c9ebf4bcc87b7d98a5d041a434298a15ca87bcc79f4748a370ea8fa5bcf8f23047ac3ffce409a9e0814e2350a7c842d4980779d9b4d77aece348cf31fcb458c9168e89f54343fba122c6f940c33bc98094e2d0ff3103232041b6f73651a4546cb45d8ed2be53274844104e412c71525bf8b69fc6c473c15423330f47695d2d3d5a151eddd3e233325dd6d257b2df24bc2d290e670d5ceaf5dac1c79f55231b93cc7438e90a63859f33bba1bf8f29506f6e1afcb9d2f822f171c0058df9168cc34153b5d025b8821ef77849f5d9a738e77a59a263a70bdab5cd0d3f27df098090262da68138171cc7095c2e9d4d9e57eef1618308933152594de3ff5acc1e77c51c0dfb6e48efd660f4cb85333eae031099149457e7c82fb06f16a837fe1e8ceb211cee9aa6484d94c9f3fd36c28d770c231370a4521b46c7499362ab97e3860ecce129beb046c6f29338167cd1494807dae7b3ea683f2fccaeeb389db998451d028db189d951c4472a6fa3abaabbda8f2a80765967ac2a022d579f830c649789ad917625e5ce09467706289fc640c60e6a2711648c16bf583cb2ebd6c6ffa007473c0447a1cecc0a1e2973403390d96a09707f30d9fbca80128401f2b27486da64cfcaaabc35cfcb1bfcb96cb64218dfc0a733a57ab5a301901fdf234c64e8a7f8b818d9c02bbff76ce986200bd7e2ab6b58838a278ca8fea77c72c84fae306f2a2401201ebb13446b2a388dbf76a1a06cac9c42cc49e75d78733db087b37be98a496a8d1f3c81426b085e46d6a26dc26dc624f5876f9d2eee4c1e59c2511ba3b763c3d8e77fed8716b2b23010389b8616163b695c803c7bc75291a2fbf54312f3cfa47c65e6d7d49cf0906dc743ad10a5be5550d021f53532b91560a39ceb213b697c5a63118dab5150a7464c4f383091266b2bfc5fbbec8f473825541f0adc9df31d54a787b8e11e35f3ae128f7f34e9183b364bc4ee0ec0165fc4e487fc8dc897423d8300430e9161c52e6305d07e9004968e1e7d89f2ff2b4323c9e47f72f4df840787ade800d762769103712115d107202636aa219ab93489db43276aaf20a3428eeeac2bdbba493b01f29f1e9e8926ddd31840ad840470b831a34c3ae3f4217dc1fa4e68dfd5c1681758bf9bf6432cac1299f9f14e50ab303e4f563293ef14475d0da337a68b1de96cf719400d043a6b560939d83a6b160d7f4e88feb8941185845832e131474c86cf51ff06dd2788278c44949647eb44288e8c542fcf2c9359fb981db6be2830f0d7ed1aa90e35ac0ece76aad9d73fb3fc3f2ad25e0512bae41b72c3514e25a5c3096f9d26e5c451dd8694d75467cc57d3ac4758ad82c29ba115870f0c197e64c10a7fbe16260e3ef0aaeaae03706630e5d292fb8f7d10072a7b5c28c400f927cb0a6490f3e99a0643111d460524b2c2393d90a3786951d54ec1f403b440c32c74bc6b1c91731f9fd41b89b92d3e60bc3bee767879826e54d19908e80cc980bedd6e73bb2bfb8a27c6f7779e50f8feb4e5b57b406693ae5b066d3e59f15e38d6cb3b1532019eec739f6fe9b5a2df23fee5391b27896b31065b8a121d7e4464a3a3cdf5f0296a65305451ce3f8f59a584fd0d83cde89026911646c8c6d702504a8bfe31f9169c965189e06b354ca50a4789b22908be6071f885f54e6331f08af2e30c78c559741c4e23419cae3f19a1b648beffb3af1ab568cd426c6bacf1575cc59aeff468524018eb71367c453ed293c464a76ae051908a9954bc785954c10e773122cb2b20a37b3226db18155448314d1f296e6d90ddb85beb99d6272459a5714bcd10d862818d0b9a85e312755623f0584368aa5a0a62dd571ccdc8bf9f25ea9ef346f70a8705e2ef1792da0bf5c4e1a753f32e20da0e2f4ea45f9e275a7546e8269d56379bcf813d185ff3aa92c1b20e6380e121412e018d1b15915c285effd7d839c613910fd973cbc0a283b41cd5471930d31d8ce2", 0x0, 0x1}]})
sendmsg$L2TP_CMD_TUNNEL_GET(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="14000000", @ANYRES16=r5, @ANYBLOB="250300000000fcdfdd2504"], 0x14}, 0x1, 0x0, 0x0, 0x44801}, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000800)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x51, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r8}, 0x10)
r9 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000880)=ANY=[@ANYBLOB="3c010000100013070000000000000000fc020000000000000000000000000001fe8000000000050000000000000000aa00"/64, @ANYRES64, @ANYRES32=0x0, @ANYBLOB="ac1414aa000000000000000000000000000004d533000000e000000100000000000000000000000007000000000000000900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000200000000000000000000004c001400636d6163286165732900"/241], 0x13c}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$inet6(r10, &(0x7f00000001c0)={&(0x7f0000000440)={0xa, 0x4e20, 0x2, @local, 0x4}, 0x1c, &(0x7f0000000480)=[{&(0x7f0000000500)="ffffffef00d022946e3f5438641effd181e7013949cf149f91d701c8da268e7ded34e9a8cfd8ec64f9c54e6f73b8742e3e74ccf0631f1cfb8a341097166f06eb8db6bdf4146b0000000ffd5f26074aeedc613fea327a7f2ac095de9105e507b6211f541dad30720be70cc1c586df2929ca0e32b1a113d4ded4a279f35cde154df8cdd495181bd483148405fca2d813c24e228f566c41efcd86a289e9a692617241373c1f9078d051ee6bcf6dac8211e6e7d922948c1159ed289f9bc69c7002552bce80d896969e1696f40daf80f2eb4ba25c18de391e76296b16ecbefb081e3cb0aad2e773e21130711b1a68615f32bdd4aabf1b47e6431b077b9c60dce7828df5a138845a64ffafb69ba94918652d5faed965b8a9f8b7a9db6e8439f96eb01ac7faaad100000000000000", 0x12b}, {&(0x7f0000000640)="60689a9ed199a612ba6a2431723cec02394ee9f1b33c1089587c4f1e4694c4e051660453308045cdaa1b0cdcf92c80bcc68eb68cde2a8f98ac5068200d74bfab97eed6cf32e13bbcd8c4dc607e8cd535d16c946cee6a9342dc7bab7a71d386fc87235b4dd21b99baf1412c4cd3639627ea870eb2bc72fc121268bbb516d0803ccdad5d12e7682c29344ae312ad1f57952aadd0622f1f0b4e2ea8829a0a20993233810d01b5052e74100c7657b93986da3aa44991", 0xb4}], 0x2, &(0x7f0000000840)=ANY=[@ANYRES64=r0], 0x128}, 0x4)
syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)
r11 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001400)=ANY=[@ANYRES8=r2], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r11, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x5, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

0s ago: executing program 3 (id=630):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
r1 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000040)={0x0, r0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0xb, 0xc, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESDEC=r1, @ANYRESOCT=r0, @ANYRESOCT, @ANYBLOB="eda1d4703e4d11a28f6c911e9f258a3831376bc8b16a67a5b81935c3a41168b2a73a72a111696eeff95dd96b09f408abca443fb1e329af3b9486031c2b5e77f5a4131270372d304c52b9a54f8f4f47bbaee3713e6e922ab94edd76d55d3a1616af5e46982eb05fdb0428e8b1dcef61950df822bbda60345ae5cd3098d5efb801f5fa3467ee9e1885"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x39, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
socket(0x3, 0xb89d9f59186e721b, 0x3)
close(0x3)
bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000100)='kfree\x00', r3}, 0x18)
r4 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r4, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r4, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000200)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f00000006c0)=[{&(0x7f0000000100)=""/44, 0x2c}], 0x1, 0x0, 0x800}}], 0x48}, 0x0)
r5 = socket$rxrpc(0x21, 0x2, 0x2)
ioctl$sock_inet_SIOCSIFDSTADDR(r5, 0x8918, &(0x7f0000000340)={'bond_slave_1\x00', {0x2, 0x4e23, @empty}})
r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={0x0, r6, 0x0, 0x800000000000002}, 0x18)
pipe2(&(0x7f00000006c0)={<r7=>0xffffffffffffffff}, 0x0)
keyctl$session_to_parent(0x12)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ec0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r8}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0a00000001010000fc7f0000cc00000000000000", @ANYRES32, @ANYBLOB="00000000e7ff1010000200"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r9 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r9, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x400, 0x0, 0xb2}, 0x9c)
bind$inet6(r9, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r9, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback, 0x71cb}, 0x1c)
setxattr$trusted_overlay_upper(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000640)={0x0, 0xfb, 0x6c, 0x7, 0x7, "723a24769da504922960c6462444967c", "8c41462248aa45150ca726c79b6d3490c02d72661b171ef4c5f76dca6856986933e154ed3271690a87fe3f02d5c459da21e84bd22d6e31c23069c5be8adfa229678456af1c01352e6131b22ac6e33a07370e45ed844103"}, 0x6c, 0x1)
close_range(r7, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

 active
[   29.315218][ T3316] batman_adv: batadv0: Adding interface: batadv_slave_1
[   29.322417][ T3316] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   29.348376][ T3316] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   29.365215][ T3326] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   29.378954][ T3321] bridge0: port 1(bridge_slave_0) entered blocking state
[   29.386025][ T3321] bridge0: port 1(bridge_slave_0) entered disabled state
[   29.393372][ T3321] bridge_slave_0: entered allmulticast mode
[   29.399679][ T3321] bridge_slave_0: entered promiscuous mode
[   29.409668][ T3326] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   29.419765][ T3320] batman_adv: batadv0: Adding interface: batadv_slave_0
[   29.426749][ T3320] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   29.452737][ T3320] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   29.463469][ T3321] bridge0: port 2(bridge_slave_1) entered blocking state
[   29.470638][ T3321] bridge0: port 2(bridge_slave_1) entered disabled state
[   29.478068][ T3321] bridge_slave_1: entered allmulticast mode
[   29.484377][ T3321] bridge_slave_1: entered promiscuous mode
[   29.506137][ T3320] batman_adv: batadv0: Adding interface: batadv_slave_1
[   29.513397][ T3320] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   29.539626][ T3320] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   29.564532][ T3326] team0: Port device team_slave_0 added
[   29.586956][ T3326] team0: Port device team_slave_1 added
[   29.594665][ T3319] hsr_slave_0: entered promiscuous mode
[   29.600627][ T3319] hsr_slave_1: entered promiscuous mode
[   29.608543][ T3321] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   29.619958][ T3316] hsr_slave_0: entered promiscuous mode
[   29.625961][ T3316] hsr_slave_1: entered promiscuous mode
[   29.632151][ T3316] debugfs: 'hsr0' already exists in 'hsr'
[   29.637944][ T3316] Cannot create hsr debugfs directory
[   29.649733][ T3321] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   29.678320][ T3326] batman_adv: batadv0: Adding interface: batadv_slave_0
[   29.685292][ T3326] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   29.711500][ T3326] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   29.736729][ T3326] batman_adv: batadv0: Adding interface: batadv_slave_1
[   29.743746][ T3326] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   29.769862][ T3326] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   29.782336][ T3320] hsr_slave_0: entered promiscuous mode
[   29.788464][ T3320] hsr_slave_1: entered promiscuous mode
[   29.794335][ T3320] debugfs: 'hsr0' already exists in 'hsr'
[   29.800105][ T3320] Cannot create hsr debugfs directory
[   29.806445][ T3321] team0: Port device team_slave_0 added
[   29.825434][ T3321] team0: Port device team_slave_1 added
[   29.871106][ T3321] batman_adv: batadv0: Adding interface: batadv_slave_0
[   29.878124][ T3321] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   29.904345][ T3321] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   29.924734][ T3326] hsr_slave_0: entered promiscuous mode
[   29.930679][ T3326] hsr_slave_1: entered promiscuous mode
[   29.936585][ T3326] debugfs: 'hsr0' already exists in 'hsr'
[   29.942317][ T3326] Cannot create hsr debugfs directory
[   29.950572][ T3321] batman_adv: batadv0: Adding interface: batadv_slave_1
[   29.957669][ T3321] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   29.983563][ T3321] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   30.064685][ T3321] hsr_slave_0: entered promiscuous mode
[   30.070773][ T3321] hsr_slave_1: entered promiscuous mode
[   30.076786][ T3321] debugfs: 'hsr0' already exists in 'hsr'
[   30.082518][ T3321] Cannot create hsr debugfs directory
[   30.165979][ T3319] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   30.175227][ T3319] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   30.186827][ T3319] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   30.197995][ T3319] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   30.235545][ T3326] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   30.244422][ T3326] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   30.253431][ T3326] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   30.267565][ T3326] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   30.299074][ T3320] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   30.310004][ T3320] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   30.326956][ T3320] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   30.339837][ T3320] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   30.349212][ T3316] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   30.358138][ T3316] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   30.373611][ T3316] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   30.387563][ T3316] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   30.418032][ T3321] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   30.430204][ T3321] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   30.439551][ T3321] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   30.449802][ T3321] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   30.460139][ T3319] 8021q: adding VLAN 0 to HW filter on device bond0
[   30.486322][ T3319] 8021q: adding VLAN 0 to HW filter on device team0
[   30.504115][ T1954] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.511292][ T1954] bridge0: port 1(bridge_slave_0) entered forwarding state
[   30.520249][ T1954] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.527479][ T1954] bridge0: port 2(bridge_slave_1) entered forwarding state
[   30.556073][ T3326] 8021q: adding VLAN 0 to HW filter on device bond0
[   30.591960][ T3326] 8021q: adding VLAN 0 to HW filter on device team0
[   30.609283][ T1954] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.616355][ T1954] bridge0: port 1(bridge_slave_0) entered forwarding state
[   30.634343][ T3320] 8021q: adding VLAN 0 to HW filter on device bond0
[   30.643631][ T2199] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.650737][ T2199] bridge0: port 2(bridge_slave_1) entered forwarding state
[   30.674234][ T3316] 8021q: adding VLAN 0 to HW filter on device bond0
[   30.691652][ T3321] 8021q: adding VLAN 0 to HW filter on device bond0
[   30.704561][ T3316] 8021q: adding VLAN 0 to HW filter on device team0
[   30.717511][ T3320] 8021q: adding VLAN 0 to HW filter on device team0
[   30.727958][ T3319] 8021q: adding VLAN 0 to HW filter on device batadv0
[   30.739051][ T2199] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.746193][ T2199] bridge0: port 1(bridge_slave_0) entered forwarding state
[   30.755046][ T2199] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.762208][ T2199] bridge0: port 1(bridge_slave_0) entered forwarding state
[   30.776558][ T2199] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.783652][ T2199] bridge0: port 2(bridge_slave_1) entered forwarding state
[   30.800698][   T56] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.807833][   T56] bridge0: port 2(bridge_slave_1) entered forwarding state
[   30.820834][ T3321] 8021q: adding VLAN 0 to HW filter on device team0
[   30.839234][   T56] bridge0: port 1(bridge_slave_0) entered blocking state
[   30.846361][   T56] bridge0: port 1(bridge_slave_0) entered forwarding state
[   30.870353][ T3320] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   30.880897][ T3320] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   30.913098][ T2199] bridge0: port 2(bridge_slave_1) entered blocking state
[   30.920323][ T2199] bridge0: port 2(bridge_slave_1) entered forwarding state
[   30.939788][ T3316] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   30.950260][ T3316] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   31.013409][ T3320] 8021q: adding VLAN 0 to HW filter on device batadv0
[   31.029301][ T3326] 8021q: adding VLAN 0 to HW filter on device batadv0
[   31.040180][ T3319] veth0_vlan: entered promiscuous mode
[   31.071285][ T3316] 8021q: adding VLAN 0 to HW filter on device batadv0
[   31.090024][ T3319] veth1_vlan: entered promiscuous mode
[   31.149832][ T3319] veth0_macvtap: entered promiscuous mode
[   31.167386][ T3319] veth1_macvtap: entered promiscuous mode
[   31.209052][ T3321] 8021q: adding VLAN 0 to HW filter on device batadv0
[   31.227186][ T3319] batman_adv: batadv0: Interface activated: batadv_slave_0
[   31.242385][ T3319] batman_adv: batadv0: Interface activated: batadv_slave_1
[   31.249983][ T3320] veth0_vlan: entered promiscuous mode
[   31.281710][ T1086] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   31.291578][ T1086] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   31.308120][ T1086] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   31.317686][ T3320] veth1_vlan: entered promiscuous mode
[   31.329761][ T3316] veth0_vlan: entered promiscuous mode
[   31.338390][   T29] kauditd_printk_skb: 10 callbacks suppressed
[   31.338406][   T29] audit: type=1400 audit(1766936405.556:90): avc:  denied  { mounton } for  pid=3319 comm="syz-executor" path="/root/syzkaller.vl19dU/syz-tmp" dev="sda1" ino=2041 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[   31.348300][ T3326] veth0_vlan: entered promiscuous mode
[   31.375602][   T29] audit: type=1400 audit(1766936405.556:91): avc:  denied  { mount } for  pid=3319 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   31.397698][   T29] audit: type=1400 audit(1766936405.556:92): avc:  denied  { mounton } for  pid=3319 comm="syz-executor" path="/root/syzkaller.vl19dU/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   31.403052][ T3320] veth0_macvtap: entered promiscuous mode
[   31.422914][   T29] audit: type=1400 audit(1766936405.556:93): avc:  denied  { mount } for  pid=3319 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[   31.429830][  T291] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   31.450616][   T29] audit: type=1400 audit(1766936405.556:94): avc:  denied  { mounton } for  pid=3319 comm="syz-executor" path="/root/syzkaller.vl19dU/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[   31.470845][ T3320] veth1_macvtap: entered promiscuous mode
[   31.486016][   T29] audit: type=1400 audit(1766936405.556:95): avc:  denied  { mounton } for  pid=3319 comm="syz-executor" path="/root/syzkaller.vl19dU/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[   31.486047][   T29] audit: type=1400 audit(1766936405.556:96): avc:  denied  { unmount } for  pid=3319 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   31.522616][ T3326] veth1_vlan: entered promiscuous mode
[   31.548915][   T29] audit: type=1400 audit(1766936405.586:97): avc:  denied  { mounton } for  pid=3319 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=536 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[   31.550283][ T3316] veth1_vlan: entered promiscuous mode
[   31.571818][   T29] audit: type=1400 audit(1766936405.586:98): avc:  denied  { mount } for  pid=3319 comm="syz-executor" name="/" dev="gadgetfs" ino=3849 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[   31.578684][ T3321] veth0_vlan: entered promiscuous mode
[   31.608332][ T3319] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   31.616034][ T3326] veth0_macvtap: entered promiscuous mode
[   31.635557][ T3321] veth1_vlan: entered promiscuous mode
[   31.643509][   T29] audit: type=1400 audit(1766936405.856:99): avc:  denied  { read write } for  pid=3319 comm="syz-executor" name="loop3" dev="devtmpfs" ino=103 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   31.652190][ T3316] veth0_macvtap: entered promiscuous mode
[   31.680520][ T3326] veth1_macvtap: entered promiscuous mode
[   31.692092][ T3326] batman_adv: batadv0: Interface activated: batadv_slave_0
[   31.710277][ T3326] batman_adv: batadv0: Interface activated: batadv_slave_1
[   31.718212][ T3316] veth1_macvtap: entered promiscuous mode
[   31.729743][ T3320] batman_adv: batadv0: Interface activated: batadv_slave_0
[   31.753546][ T3320] batman_adv: batadv0: Interface activated: batadv_slave_1
[   31.761115][ T1086] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   31.770164][ T3487] loop3: detected capacity change from 0 to 8192
[   31.772001][ T1086] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   31.788374][ T3316] batman_adv: batadv0: Interface activated: batadv_slave_0
[   31.798720][ T1655] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   31.812253][ T1655] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   31.832173][ T3316] batman_adv: batadv0: Interface activated: batadv_slave_1
[   31.840113][ T1655] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   31.867132][ T1655] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   31.882299][ T2199] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   31.894081][ T2199] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   31.907280][ T3489] loop3: detected capacity change from 0 to 1024
[   31.909126][ T3321] veth0_macvtap: entered promiscuous mode
[   31.917271][ T3489] EXT4-fs: Ignoring removed nomblk_io_submit option
[   31.923182][ T3321] veth1_macvtap: entered promiscuous mode
[   31.948316][ T2199] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   31.977155][ T3489] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   31.987879][ T2199] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   32.009574][ T3321] batman_adv: batadv0: Interface activated: batadv_slave_0
[   32.018107][ T2199] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   32.032087][ T3321] batman_adv: batadv0: Interface activated: batadv_slave_1
[   32.044027][ T2199] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   32.054509][ T3489] Zero length message leads to an empty skb
[   32.074464][ T2199] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   32.096761][ T2199] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   32.105637][ T2199] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   32.116396][ T2199] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   32.126012][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   32.212358][ T3506] loop3: detected capacity change from 0 to 512
[   32.221129][ T3503] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[   32.221229][ T3479] IPVS: starting estimator thread 0...
[   32.272896][ T3506] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   32.305454][ T3506] ext4 filesystem being mounted at /2/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   32.327640][ T3511] IPVS: using max 2496 ests per chain, 124800 per kthread
[   32.371846][ T3519] loop2: detected capacity change from 0 to 128
[   32.373870][ T3521] loop0: detected capacity change from 0 to 512
[   32.378559][ T3508] loop1: detected capacity change from 0 to 8192
[   32.437796][ T3521] EXT4-fs error (device loop0): ext4_acquire_dquot:6986: comm syz.0.10: Failed to acquire dquot type 1
[   32.475264][ T3521] EXT4-fs (loop0): 1 truncate cleaned up
[   32.476354][ T3519] syz.2.9: attempt to access beyond end of device
[   32.476354][ T3519] loop2: rw=0, sector=121, nr_sectors = 920 limit=128
[   32.494921][ T3521] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   32.529365][ T3521] ext4 filesystem being mounted at /1/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   32.559305][ T3519] netlink: 'syz.2.9': attribute type 13 has an invalid length.
[   32.569287][ T3320] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   32.671045][ T3528] IPVS: wrr: UDP 224.0.0.2:0 - no destination available
[   32.678332][ T3409] IPVS: starting estimator thread 0...
[   32.684217][ T3535] loop1: detected capacity change from 0 to 128
[   32.711944][ T3533] syz.0.13 uses obsolete (PF_INET,SOCK_PACKET)
[   32.714887][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   32.734731][ T3008] udevd[3008]: worker [3301] terminated by signal 33 (Unknown signal 33)
[   32.744333][ T3008] udevd[3008]: worker [3301] failed while handling '/devices/virtual/block/loop1'
[   32.792266][ T3536] IPVS: using max 2448 ests per chain, 122400 per kthread
[   32.809607][ T3008] udevd[3008]: worker [3310] terminated by signal 33 (Unknown signal 33)
[   32.820502][ T3008] udevd[3008]: worker [3310] failed while handling '/devices/virtual/block/loop3'
[   32.838130][ T3542] openvswitch: netlink: Missing key (keys=40, expected=200000)
[   32.898318][ T3535] syz.1.12: attempt to access beyond end of device
[   32.898318][ T3535] loop1: rw=2049, sector=145, nr_sectors = 8 limit=128
[   32.914092][ T3541] netlink: 'syz.3.15': attribute type 3 has an invalid length.
[   32.921842][ T3541] netlink: 'syz.3.15': attribute type 1 has an invalid length.
[   32.929708][ T3541] netlink: 181400 bytes leftover after parsing attributes in process `syz.3.15'.
[   32.961367][ T3535] syz.1.12: attempt to access beyond end of device
[   32.961367][ T3535] loop1: rw=2049, sector=161, nr_sectors = 8 limit=128
[   32.966996][    C1] hrtimer: interrupt took 35177 ns
[   32.976109][ T3541] netlink: 4 bytes leftover after parsing attributes in process `syz.3.15'.
[   32.999283][ T3541] netlink: 4 bytes leftover after parsing attributes in process `syz.3.15'.
[   33.036808][ T3557] netlink: 20 bytes leftover after parsing attributes in process `syz.0.21'.
[   33.061886][ T3555] loop4: detected capacity change from 0 to 512
[   33.065784][ T3559] openvswitch: netlink: Missing key (keys=40, expected=200000)
[   33.083812][ T3555] EXT4-fs: Ignoring removed nobh option
[   33.086126][ T3535] syz.1.12: attempt to access beyond end of device
[   33.086126][ T3535] loop1: rw=2049, sector=177, nr_sectors = 8 limit=128
[   33.103422][ T3535] syz.1.12: attempt to access beyond end of device
[   33.103422][ T3535] loop1: rw=2049, sector=193, nr_sectors = 80 limit=128
[   33.117480][ T3535] syz.1.12: attempt to access beyond end of device
[   33.117480][ T3535] loop1: rw=2049, sector=281, nr_sectors = 8 limit=128
[   33.131319][ T3535] syz.1.12: attempt to access beyond end of device
[   33.131319][ T3535] loop1: rw=2049, sector=297, nr_sectors = 8 limit=128
[   33.140060][ T3555] EXT4-fs: old and new quota format mixing
[   33.145128][ T3535] syz.1.12: attempt to access beyond end of device
[   33.145128][ T3535] loop1: rw=2049, sector=313, nr_sectors = 8 limit=128
[   33.195260][ T3561] capability: warning: `syz.0.24' uses deprecated v2 capabilities in a way that may be insecure
[   33.207069][ T3561] program syz.0.24 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   33.215939][ T3555] netlink: 'syz.4.22': attribute type 20 has an invalid length.
[   33.218073][ T3535] syz.1.12: attempt to access beyond end of device
[   33.218073][ T3535] loop1: rw=2049, sector=329, nr_sectors = 8 limit=128
[   33.272492][ T3555] Illegal XDP return value 4294967294 on prog  (id 21) dev N/A, expect packet loss!
[   33.276535][ T3535] syz.1.12: attempt to access beyond end of device
[   33.276535][ T3535] loop1: rw=2049, sector=345, nr_sectors = 8 limit=128
[   33.836135][ T3595] FAULT_INJECTION: forcing a failure.
[   33.836135][ T3595] name failslab, interval 1, probability 0, space 0, times 1
[   33.849148][ T3595] CPU: 1 UID: 0 PID: 3595 Comm: syz.3.36 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   33.849180][ T3595] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   33.849195][ T3595] Call Trace:
[   33.849202][ T3595]  <TASK>
[   33.849211][ T3595]  __dump_stack+0x1d/0x30
[   33.849295][ T3595]  dump_stack_lvl+0x95/0xd0
[   33.849316][ T3595]  dump_stack+0x15/0x1b
[   33.849341][ T3595]  should_fail_ex+0x265/0x280
[   33.849369][ T3595]  should_failslab+0x8c/0xb0
[   33.849411][ T3595]  __kvmalloc_node_noprof+0x149/0x6b0
[   33.849479][ T3595]  ? alloc_netdev_mqs+0xa5/0xa40
[   33.849515][ T3595]  ? __pfx_sl_setup+0x10/0x10
[   33.849544][ T3595]  alloc_netdev_mqs+0xa5/0xa40
[   33.849573][ T3595]  slip_open+0x2d1/0x920
[   33.849671][ T3595]  ? vfree+0x295/0x3a0
[   33.849696][ T3595]  ? up_write+0x18/0x60
[   33.849721][ T3595]  tty_ldisc_open+0x5d/0xb0
[   33.849745][ T3595]  tty_set_ldisc+0x1db/0x380
[   33.849770][ T3595]  tiocsetd+0x51/0x60
[   33.849794][ T3595]  tty_ioctl+0xa79/0xb80
[   33.849879][ T3595]  ? __pfx_tty_ioctl+0x10/0x10
[   33.849899][ T3595]  __se_sys_ioctl+0xce/0x140
[   33.849944][ T3595]  __x64_sys_ioctl+0x43/0x50
[   33.849978][ T3595]  x64_sys_call+0x14b0/0x3000
[   33.850069][ T3595]  do_syscall_64+0xca/0x2b0
[   33.850107][ T3595]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   33.850134][ T3595] RIP: 0033:0x7fc91da7f749
[   33.850165][ T3595] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   33.850185][ T3595] RSP: 002b:00007fc91c4e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   33.850207][ T3595] RAX: ffffffffffffffda RBX: 00007fc91dcd5fa0 RCX: 00007fc91da7f749
[   33.850221][ T3595] RDX: 00002000000003c0 RSI: 0000000000005423 RDI: 0000000000000006
[   33.850234][ T3595] RBP: 00007fc91c4e7090 R08: 0000000000000000 R09: 0000000000000000
[   33.850247][ T3595] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   33.850260][ T3595] R13: 00007fc91dcd6038 R14: 00007fc91dcd5fa0 R15: 00007ffdc6a85bd8
[   33.850329][ T3595]  </TASK>
[   34.068443][ T3597] loop2: detected capacity change from 0 to 512
[   34.099764][ T3597] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[   34.127491][ T3601] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[   34.147251][ T3601] loop0: detected capacity change from 0 to 128
[   34.165901][ T3597] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   34.208078][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   34.238567][ T3608] wÞ£ÿ calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   34.248921][ T3609] openvswitch: netlink: Missing key (keys=40, expected=200000)
[   34.462605][ T3625] EXT4-fs: dax option not supported
[   34.526635][ T3625] TCP: TCP_TX_DELAY enabled
[   35.067470][ T3642] netlink: 12 bytes leftover after parsing attributes in process `syz.4.54'.
[   35.076708][ T3642] netlink: 8 bytes leftover after parsing attributes in process `syz.4.54'.
[   35.245899][ T3651] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   35.277766][ T3651] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   35.371165][ T3651] ext4 filesystem being mounted at /9/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   35.462625][ T3659] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 !
[   35.471718][ T3651] netlink: 28 bytes leftover after parsing attributes in process `syz.0.56'.
[   35.480593][ T3651] netlink: 108 bytes leftover after parsing attributes in process `syz.0.56'.
[   35.512062][ T3651] netlink: 28 bytes leftover after parsing attributes in process `syz.0.56'.
[   35.522762][ T3651] netlink: 108 bytes leftover after parsing attributes in process `syz.0.56'.
[   35.585275][ T3320] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.702477][ T3677] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   35.723917][ T3677] ext4 filesystem being mounted at /14/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   35.995847][ T3326] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.053343][ T3695] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   36.066780][ T3695] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.246570][ T3705] =======================================================
[   36.246570][ T3705] WARNING: The mand mount option has been deprecated and
[   36.246570][ T3705]          and is ignored by this kernel. Remove the mand
[   36.246570][ T3705]          option from the mount to silence this warning.
[   36.246570][ T3705] =======================================================
[   36.283695][ T3705] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   36.297018][ T3705] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   36.310569][ T3705] EXT4-fs error (device loop2): ext4_init_orphan_info:620: comm syz.2.74: orphan file block 0: bad magic
[   36.322689][ T3705] EXT4-fs (loop2): mount failed
[   36.353701][ T3708] FAULT_INJECTION: forcing a failure.
[   36.353701][ T3708] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   36.367177][ T3708] CPU: 0 UID: 0 PID: 3708 Comm: syz.2.75 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   36.367210][ T3708] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   36.367224][ T3708] Call Trace:
[   36.367232][ T3708]  <TASK>
[   36.367240][ T3708]  __dump_stack+0x1d/0x30
[   36.367350][ T3708]  dump_stack_lvl+0x95/0xd0
[   36.367373][ T3708]  dump_stack+0x15/0x1b
[   36.367398][ T3708]  should_fail_ex+0x265/0x280
[   36.367426][ T3708]  should_fail+0xb/0x20
[   36.367505][ T3708]  should_fail_usercopy+0x1a/0x20
[   36.367534][ T3708]  _copy_to_user+0x20/0xa0
[   36.367567][ T3708]  simple_read_from_buffer+0xb5/0x130
[   36.367593][ T3708]  proc_fail_nth_read+0x10e/0x150
[   36.367664][ T3708]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   36.367811][ T3708]  vfs_read+0x1a8/0x770
[   36.367832][ T3708]  ? __rcu_read_unlock+0x4f/0x70
[   36.367919][ T3708]  ? __fget_files+0x184/0x1c0
[   36.368005][ T3708]  ? mutex_lock+0x58/0x90
[   36.368088][ T3708]  ksys_read+0xda/0x1a0
[   36.368119][ T3708]  __x64_sys_read+0x40/0x50
[   36.368163][ T3708]  x64_sys_call+0x2889/0x3000
[   36.368190][ T3708]  do_syscall_64+0xca/0x2b0
[   36.368249][ T3708]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   36.368274][ T3708] RIP: 0033:0x7f249679e15c
[   36.368311][ T3708] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   36.368332][ T3708] RSP: 002b:00007f2495207030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   36.368356][ T3708] RAX: ffffffffffffffda RBX: 00007f24969f5fa0 RCX: 00007f249679e15c
[   36.368371][ T3708] RDX: 000000000000000f RSI: 00007f24952070a0 RDI: 0000000000000005
[   36.368385][ T3708] RBP: 00007f2495207090 R08: 0000000000000000 R09: 0000000000000000
[   36.368399][ T3708] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   36.368412][ T3708] R13: 00007f24969f6038 R14: 00007f24969f5fa0 R15: 00007ffddcd4d598
[   36.368449][ T3708]  </TASK>
[   36.662024][   T29] kauditd_printk_skb: 582 callbacks suppressed
[   36.662043][   T29] audit: type=1400 audit(1766936410.876:680): avc:  denied  { setopt } for  pid=3712 comm="syz.0.78" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   36.700190][   T29] audit: type=1400 audit(1766936410.906:681): avc:  denied  { map } for  pid=3713 comm="syz.3.79" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=5014 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   36.700229][   T29] audit: type=1400 audit(1766936410.906:682): avc:  denied  { read write } for  pid=3713 comm="syz.3.79" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=5014 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   36.700253][   T29] audit: type=1400 audit(1766936410.916:683): avc:  denied  { create } for  pid=3713 comm="syz.3.79" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[   36.780609][ T3726] FAULT_INJECTION: forcing a failure.
[   36.780609][ T3726] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   36.780713][ T3726] CPU: 1 UID: 0 PID: 3726 Comm: syz.2.82 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   36.780744][ T3726] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   36.780759][ T3726] Call Trace:
[   36.780768][ T3726]  <TASK>
[   36.780776][ T3726]  __dump_stack+0x1d/0x30
[   36.780877][ T3726]  dump_stack_lvl+0x95/0xd0
[   36.780951][ T3726]  dump_stack+0x15/0x1b
[   36.780984][ T3726]  should_fail_ex+0x265/0x280
[   36.781008][ T3726]  should_fail+0xb/0x20
[   36.781027][ T3726]  should_fail_usercopy+0x1a/0x20
[   36.781078][ T3726]  _copy_from_user+0x1c/0xb0
[   36.781111][ T3726]  __sys_connect+0xd0/0x2b0
[   36.781146][ T3726]  __x64_sys_connect+0x3f/0x50
[   36.781251][ T3726]  x64_sys_call+0x2e09/0x3000
[   36.781281][ T3726]  do_syscall_64+0xca/0x2b0
[   36.781378][ T3726]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   36.781400][ T3726] RIP: 0033:0x7f249679f749
[   36.781418][ T3726] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   36.781435][ T3726] RSP: 002b:00007f2495207038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[   36.781455][ T3726] RAX: ffffffffffffffda RBX: 00007f24969f5fa0 RCX: 00007f249679f749
[   36.781515][ T3726] RDX: 000000000000001c RSI: 0000200000000000 RDI: 0000000000000003
[   36.781530][ T3726] RBP: 00007f2495207090 R08: 0000000000000000 R09: 0000000000000000
[   36.781545][ T3726] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   36.781558][ T3726] R13: 00007f24969f6038 R14: 00007f24969f5fa0 R15: 00007ffddcd4d598
[   36.781577][ T3726]  </TASK>
[   36.814236][   T29] audit: type=1326 audit(1766936411.026:684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3727 comm="syz.1.83" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68bc8cf749 code=0x7ffc0000
[   36.815198][   T29] audit: type=1326 audit(1766936411.026:685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3727 comm="syz.1.83" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68bc8cf749 code=0x7ffc0000
[   36.815239][   T29] audit: type=1326 audit(1766936411.026:686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3727 comm="syz.1.83" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f68bc8cf749 code=0x7ffc0000
[   36.815280][   T29] audit: type=1326 audit(1766936411.026:687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3727 comm="syz.1.83" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68bc8cf749 code=0x7ffc0000
[   36.815315][   T29] audit: type=1326 audit(1766936411.026:688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3727 comm="syz.1.83" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68bc8cf749 code=0x7ffc0000
[   36.815392][   T29] audit: type=1326 audit(1766936411.026:689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3727 comm="syz.1.83" exe="/root/syz-executor" sig=0 arch=c000003e syscall=461 compat=0 ip=0x7f68bc8cf749 code=0x7ffc0000
[   36.867031][ T3730] set_capacity_and_notify: 6 callbacks suppressed
[   36.867050][ T3730] loop2: detected capacity change from 0 to 8192
[   37.024468][ T3738] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   37.024545][ T3738] batadv_slave_0: entered promiscuous mode
[   37.033885][ T3743] loop2: detected capacity change from 0 to 512
[   37.034145][ T3743] EXT4-fs: Ignoring removed i_version option
[   37.034191][ T3743] EXT4-fs: Ignoring removed bh option
[   37.066844][ T3746] netlink: 'syz.1.86': attribute type 4 has an invalid length.
[   37.077974][ T3743] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   37.078250][ T3743] ext4 filesystem being mounted at /21/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   37.236321][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   37.295986][ T3758] loop1: detected capacity change from 0 to 8192
[   37.400814][ T3752] sch_fq: defrate 0 ignored.
[   37.449330][ T3765] loop0: detected capacity change from 0 to 512
[   37.478206][ T3773] veth2: entered promiscuous mode
[   37.483448][ T3773] veth2: entered allmulticast mode
[   37.484714][ T3765] EXT4-fs: Ignoring removed bh option
[   37.495145][ T3765] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   37.560662][ T3765] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   37.577308][ T3791] loop4: detected capacity change from 0 to 512
[   37.593248][ T3765] ext4 filesystem being mounted at /14/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   37.625567][ T3791] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   37.633291][ T3802] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1551 sclass=netlink_route_socket pid=3802 comm=syz.2.104
[   37.649912][ T3791] ext4 filesystem being mounted at /23/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   37.666094][ T3797] loop1: detected capacity change from 0 to 8192
[   37.735012][ T3806] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 !
[   37.765789][ T3326] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   37.801267][ T3320] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   37.861659][ T3818] FAULT_INJECTION: forcing a failure.
[   37.861659][ T3818] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[   37.875126][ T3818] CPU: 0 UID: 0 PID: 3818 Comm: syz.2.113 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   37.875156][ T3818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   37.875168][ T3818] Call Trace:
[   37.875175][ T3818]  <TASK>
[   37.875185][ T3818]  __dump_stack+0x1d/0x30
[   37.875212][ T3818]  dump_stack_lvl+0x95/0xd0
[   37.875233][ T3818]  dump_stack+0x15/0x1b
[   37.875314][ T3818]  should_fail_ex+0x265/0x280
[   37.875343][ T3818]  should_fail_alloc_page+0xf2/0x100
[   37.875368][ T3818]  __alloc_frozen_pages_noprof+0x109/0x360
[   37.875433][ T3818]  alloc_pages_mpol+0xb3/0x260
[   37.875467][ T3818]  alloc_pages_noprof+0x90/0x130
[   37.875496][ T3818]  pte_alloc_one+0x1e/0xd0
[   37.875586][ T3818]  __do_fault+0x7b/0x200
[   37.875609][ T3818]  handle_mm_fault+0x150e/0x2c60
[   37.875652][ T3818]  ? check_vma_flags+0x315/0x340
[   37.875754][ T3818]  __get_user_pages+0x1024/0x1ed0
[   37.875792][ T3818]  __mm_populate+0x243/0x3a0
[   37.875860][ T3818]  vm_mmap_pgoff+0x232/0x2e0
[   37.875886][ T3818]  ksys_mmap_pgoff+0x268/0x310
[   37.875913][ T3818]  x64_sys_call+0x16bb/0x3000
[   37.875969][ T3818]  do_syscall_64+0xca/0x2b0
[   37.876072][ T3818]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   37.876093][ T3818] RIP: 0033:0x7f249679f749
[   37.876110][ T3818] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   37.876201][ T3818] RSP: 002b:00007f24951e6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[   37.876284][ T3818] RAX: ffffffffffffffda RBX: 00007f24969f6090 RCX: 00007f249679f749
[   37.876297][ T3818] RDX: 0000000000000002 RSI: 0000000000b36000 RDI: 0000200000000000
[   37.876310][ T3818] RBP: 00007f24951e6090 R08: 0000000000000007 R09: 0000000000000000
[   37.876323][ T3818] R10: 0000000000028012 R11: 0000000000000246 R12: 0000000000000001
[   37.876370][ T3818] R13: 00007f24969f6128 R14: 00007f24969f6090 R15: 00007ffddcd4d598
[   37.876393][ T3818]  </TASK>
[   38.083370][ T3817] IPv6: Can't replace route, no match found
[   38.090968][ T3823] netlink: 'syz.1.115': attribute type 3 has an invalid length.
[   38.099606][ T3823] netlink: 'syz.1.115': attribute type 3 has an invalid length.
[   38.107697][ T3824] netlink: 'syz.1.115': attribute type 3 has an invalid length.
[   38.115538][ T3824] netlink: 'syz.1.115': attribute type 3 has an invalid length.
[   38.127477][ T3823] loop1: detected capacity change from 0 to 512
[   38.145079][ T3821] __nla_validate_parse: 10 callbacks suppressed
[   38.145095][ T3821] netlink: 64 bytes leftover after parsing attributes in process `syz.4.116'.
[   38.160501][ T3821] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   38.176168][ T3823] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   38.185652][ T3817] netlink: 12 bytes leftover after parsing attributes in process `syz.0.112'.
[   38.197456][ T3823] EXT4-fs (loop1): orphan cleanup on readonly fs
[   38.211118][ T3817] loop0: detected capacity change from 0 to 512
[   38.217806][ T3823] EXT4-fs error (device loop1): ext4_do_update_inode:5617: inode #16: comm syz.1.115: corrupted inode contents
[   38.230581][ T3823] EXT4-fs (loop1): Remounting filesystem read-only
[   38.237449][ T3823] EXT4-fs (loop1): 1 truncate cleaned up
[   38.243416][  T827] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   38.254048][  T827] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   38.264875][ T3817] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[   38.274141][ T3817] EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities
[   38.318696][  T827] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[   38.330267][ T3823] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   38.409052][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.449468][ T3841] loop1: detected capacity change from 0 to 256
[   38.469641][ T3841] FAT-fs (loop1): Directory bread(block 64) failed
[   38.491914][ T3846] SELinux:  Context system_u:object_r:removable_device_t:s0 is not valid (left unmapped).
[   38.513594][ T3841] FAT-fs (loop1): Directory bread(block 65) failed
[   38.542846][ T3841] FAT-fs (loop1): Directory bread(block 66) failed
[   38.566607][ T3841] FAT-fs (loop1): Directory bread(block 67) failed
[   38.579102][ T3843] loop0: detected capacity change from 0 to 8192
[   38.590154][ T3841] FAT-fs (loop1): Directory bread(block 68) failed
[   38.616819][ T3841] FAT-fs (loop1): Directory bread(block 69) failed
[   38.651287][ T3841] FAT-fs (loop1): Directory bread(block 70) failed
[   38.657045][ T3857] Unable to read rock-ridge attributes
[   38.676653][ T3841] FAT-fs (loop1): Directory bread(block 71) failed
[   38.691602][ T3857] netlink: 8 bytes leftover after parsing attributes in process `syz.4.127'.
[   38.703229][ T3857] netlink: 220 bytes leftover after parsing attributes in process `syz.4.127'.
[   38.706497][ T3841] FAT-fs (loop1): Directory bread(block 72) failed
[   38.740893][ T3841] FAT-fs (loop1): Directory bread(block 73) failed
[   38.805217][ T3867] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   38.893531][ T3326] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.919451][ T3881] FAULT_INJECTION: forcing a failure.
[   38.919451][ T3881] name failslab, interval 1, probability 0, space 0, times 0
[   38.932382][ T3881] CPU: 1 UID: 0 PID: 3881 Comm: syz.4.132 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   38.932412][ T3881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   38.932424][ T3881] Call Trace:
[   38.932431][ T3881]  <TASK>
[   38.932439][ T3881]  __dump_stack+0x1d/0x30
[   38.932492][ T3881]  dump_stack_lvl+0x95/0xd0
[   38.932518][ T3881]  dump_stack+0x15/0x1b
[   38.932603][ T3881]  should_fail_ex+0x265/0x280
[   38.932693][ T3881]  should_failslab+0x8c/0xb0
[   38.932745][ T3881]  __kmalloc_cache_noprof+0x65/0x4c0
[   38.932805][ T3881]  ? proc_thread_self_get_link+0xb0/0x130
[   38.932914][ T3881]  proc_thread_self_get_link+0xb0/0x130
[   38.932948][ T3881]  ? __pfx_proc_thread_self_get_link+0x10/0x10
[   38.933057][ T3881]  pick_link+0x513/0x8d0
[   38.933090][ T3881]  step_into_slowpath+0x351/0x480
[   38.933122][ T3881]  link_path_walk+0x974/0xe30
[   38.933189][ T3881]  path_openat+0x1c0/0x23b0
[   38.933227][ T3881]  do_filp_open+0x109/0x230
[   38.933273][ T3881]  do_sys_openat2+0xa6/0x150
[   38.933345][ T3881]  __x64_sys_openat+0xf2/0x120
[   38.933380][ T3881]  x64_sys_call+0x2b07/0x3000
[   38.933410][ T3881]  do_syscall_64+0xca/0x2b0
[   38.933465][ T3881]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   38.933490][ T3881] RIP: 0033:0x7f41c5cbdf90
[   38.933561][ T3881] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 69 95 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 bc 95 02 00 8b 44
[   38.933582][ T3881] RSP: 002b:00007f41c471ef10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[   38.933602][ T3881] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f41c5cbdf90
[   38.933615][ T3881] RDX: 0000000000000002 RSI: 00007f41c471efa0 RDI: 00000000ffffff9c
[   38.933627][ T3881] RBP: 00007f41c471efa0 R08: 0000000000000000 R09: 0000000000000000
[   38.933641][ T3881] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[   38.933712][ T3881] R13: 00007f41c5f16038 R14: 00007f41c5f15fa0 R15: 00007fffd2718d58
[   38.933729][ T3881]  </TASK>
[   39.246643][ T3888] futex_wake_op: syz.2.134 tries to shift op by -3; fix this program
[   39.266756][ T3888] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[   39.279492][ T3888] 9p: Bad value for 'wfdno'
[   39.424675][ T3898] tipc: Started in network mode
[   39.429741][ T3898] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[   39.446736][ T3898] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[   39.455110][ T3898] tipc: Enabled bearer <udp:syz0>, priority 10
[   39.584809][ T3906] SELinux: failed to load policy
[   39.828693][ T3922] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[   40.238132][ T3930] netlink: 12 bytes leftover after parsing attributes in process `syz.1.148'.
[   40.247201][ T3930] netlink: 12 bytes leftover after parsing attributes in process `syz.1.148'.
[   40.265745][ T3930] EXT4-fs warning (device loop1): ext4_multi_mount_protect:394: Unable to create kmmpd thread for loop1.
[   40.292492][ T3928] netlink: 12 bytes leftover after parsing attributes in process `syz.2.147'.
[   40.364779][ T3925] netlink: 4 bytes leftover after parsing attributes in process `syz.2.147'.
[   40.447778][ T3479] tipc: Node number set to 1
[   40.492947][ T3940] netlink: 28 bytes leftover after parsing attributes in process `syz.2.150'.
[   40.502055][ T3940] netlink: 108 bytes leftover after parsing attributes in process `syz.2.150'.
[   40.759040][ T3973] netlink: 'syz.1.161': attribute type 10 has an invalid length.
[   40.775077][ T3973] dummy0: entered promiscuous mode
[   40.783310][ T3973] bridge0: port 3(dummy0) entered blocking state
[   40.789806][ T3973] bridge0: port 3(dummy0) entered disabled state
[   40.819914][ T3973] dummy0: entered allmulticast mode
[   40.836609][ T3973] bridge0: port 3(dummy0) entered blocking state
[   40.839784][ T3984] EXT4-fs: quotafile must be on filesystem root
[   40.843141][ T3973] bridge0: port 3(dummy0) entered forwarding state
[   40.991063][ T4004] netlink: 'syz.4.170': attribute type 3 has an invalid length.
[   41.068170][ T4009] bridge0: entered promiscuous mode
[   41.074223][ T4009] macsec1: entered promiscuous mode
[   41.080609][ T4009] bridge0: port 3(macsec1) entered blocking state
[   41.087204][ T4009] bridge0: port 3(macsec1) entered disabled state
[   41.094037][ T4009] macsec1: entered allmulticast mode
[   41.099561][ T4009] bridge0: entered allmulticast mode
[   41.105381][ T4009] macsec1: left allmulticast mode
[   41.110542][ T4009] bridge0: left allmulticast mode
[   41.116188][ T4009] bridge0: left promiscuous mode
[   41.176907][ T4012] FAULT_INJECTION: forcing a failure.
[   41.176907][ T4012] name failslab, interval 1, probability 0, space 0, times 0
[   41.189709][ T4012] CPU: 1 UID: 0 PID: 4012 Comm: syz.1.172 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   41.189736][ T4012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   41.189748][ T4012] Call Trace:
[   41.189754][ T4012]  <TASK>
[   41.189762][ T4012]  __dump_stack+0x1d/0x30
[   41.189794][ T4012]  dump_stack_lvl+0x95/0xd0
[   41.189819][ T4012]  dump_stack+0x15/0x1b
[   41.189843][ T4012]  should_fail_ex+0x265/0x280
[   41.189866][ T4012]  should_failslab+0x8c/0xb0
[   41.189889][ T4012]  kmem_cache_alloc_noprof+0x69/0x4b0
[   41.189913][ T4012]  ? vm_area_dup+0x33/0x2c0
[   41.189941][ T4012]  vm_area_dup+0x33/0x2c0
[   41.189968][ T4012]  dup_mmap+0x4b7/0xea0
[   41.190028][ T4012]  copy_mm+0x11a/0x370
[   41.190054][ T4012]  copy_process+0xcbc/0x1ef0
[   41.190083][ T4012]  kernel_clone+0x16c/0x5c0
[   41.190108][ T4012]  ? vfs_write+0x7e8/0x960
[   41.190140][ T4012]  __x64_sys_clone+0xe6/0x120
[   41.190169][ T4012]  x64_sys_call+0x12d0/0x3000
[   41.190192][ T4012]  do_syscall_64+0xca/0x2b0
[   41.190230][ T4012]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   41.190254][ T4012] RIP: 0033:0x7f68bc8cf749
[   41.190268][ T4012] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   41.190286][ T4012] RSP: 002b:00007f68bb2ecfe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[   41.190307][ T4012] RAX: ffffffffffffffda RBX: 00007f68bcb26180 RCX: 00007f68bc8cf749
[   41.190322][ T4012] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040800200
[   41.190334][ T4012] RBP: 00007f68bb2ed090 R08: 0000000000000000 R09: 0000000000000000
[   41.190346][ T4012] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[   41.190357][ T4012] R13: 00007f68bcb26218 R14: 00007f68bcb26180 R15: 00007fff31b50e78
[   41.190374][ T4012]  </TASK>
[   41.584756][ T4014] process 'syz.2.174' launched '/dev/fd/3' with NULL argv: empty string added
[   41.595305][ T4014] bio_check_eod: 205 callbacks suppressed
[   41.595319][ T4014] syz.2.174: attempt to access beyond end of device
[   41.595319][ T4014] loop2: rw=8912896, sector=263328, nr_sectors = 4 limit=164
[   41.619296][ T4014] syz.2.174: attempt to access beyond end of device
[   41.619296][ T4014] loop2: rw=8388608, sector=263328, nr_sectors = 4 limit=164
[   41.642593][ T4014] iso9660: Corrupted directory entry in block 4 of inode 1792
[   41.756105][   T29] kauditd_printk_skb: 323 callbacks suppressed
[   41.756196][   T29] audit: type=1400 audit(1766936415.966:1007): avc:  denied  { ioctl } for  pid=4023 comm="syz.2.178" path="/dev/mISDNtimer" dev="devtmpfs" ino=250 ioctlcmd=0x4940 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   41.787592][   T29] audit: type=1326 audit(1766936415.976:1008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4021 comm="syz.3.177" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc91da7f749 code=0x0
[   41.830358][   T29] audit: type=1326 audit(1766936416.046:1009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4027 comm="syz.4.179" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f41c5cbf749 code=0x0
[   41.876500][   T29] audit: type=1326 audit(1766936416.086:1010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4031 comm="syz.1.180" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f68bc8cf749 code=0x0
[   41.906760][ T4034] FAULT_INJECTION: forcing a failure.
[   41.906760][ T4034] name failslab, interval 1, probability 0, space 0, times 0
[   41.919415][ T4034] CPU: 0 UID: 0 PID: 4034 Comm: syz.4.179 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   41.919488][ T4034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   41.919500][ T4034] Call Trace:
[   41.919506][ T4034]  <TASK>
[   41.919513][ T4034]  __dump_stack+0x1d/0x30
[   41.919538][ T4034]  dump_stack_lvl+0x95/0xd0
[   41.919558][ T4034]  dump_stack+0x15/0x1b
[   41.919577][ T4034]  should_fail_ex+0x265/0x280
[   41.919627][ T4034]  should_failslab+0x8c/0xb0
[   41.919649][ T4034]  kmem_cache_alloc_noprof+0x69/0x4b0
[   41.919728][ T4034]  ? __send_signal_locked+0x154/0x760
[   41.919751][ T4034]  __send_signal_locked+0x154/0x760
[   41.919774][ T4034]  send_signal_locked+0x34e/0x3c0
[   41.919795][ T4034]  ptrace_attach+0x3c3/0x590
[   41.919813][ T4034]  __se_sys_ptrace+0x146/0x2c0
[   41.919955][ T4034]  __x64_sys_ptrace+0x55/0x70
[   41.920021][ T4034]  x64_sys_call+0x2ee5/0x3000
[   41.920043][ T4034]  do_syscall_64+0xca/0x2b0
[   41.920143][ T4034]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   41.920165][ T4034] RIP: 0033:0x7f41c5cbf749
[   41.920197][ T4034] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   41.920214][ T4034] RSP: 002b:00007f41c46fe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000065
[   41.920234][ T4034] RAX: ffffffffffffffda RBX: 00007f41c5f16090 RCX: 00007f41c5cbf749
[   41.920246][ T4034] RDX: 0000000000000000 RSI: 0000000000000070 RDI: 0000000000000010
[   41.920288][ T4034] RBP: 00007f41c46fe090 R08: 0000000000000000 R09: 0000000000000000
[   41.920300][ T4034] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   41.920311][ T4034] R13: 00007f41c5f16128 R14: 00007f41c5f16090 R15: 00007fffd2718d58
[   41.920328][ T4034]  </TASK>
[   42.157032][   T29] audit: type=1400 audit(1766936416.376:1011): avc:  denied  { read } for  pid=4027 comm="syz.4.179" name="usbmon0" dev="devtmpfs" ino=141 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   42.196478][   T29] audit: type=1400 audit(1766936416.376:1012): avc:  denied  { open } for  pid=4027 comm="syz.4.179" path="/dev/usbmon0" dev="devtmpfs" ino=141 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   42.220388][   T29] audit: type=1400 audit(1766936416.376:1013): avc:  denied  { ioctl } for  pid=4027 comm="syz.4.179" path="/dev/usbmon0" dev="devtmpfs" ino=141 ioctlcmd=0x7213 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   42.246026][   T29] audit: type=1400 audit(1766936416.396:1014): avc:  denied  { mount } for  pid=4023 comm="syz.2.178" name="/" dev="rpc_pipefs" ino=6504 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:rpc_pipefs_t tclass=filesystem permissive=1
[   42.274809][ T4040] set_capacity_and_notify: 10 callbacks suppressed
[   42.274828][ T4040] loop0: detected capacity change from 0 to 512
[   42.402063][   T29] audit: type=1400 audit(1766936416.516:1015): avc:  denied  { create } for  pid=4039 comm="syz.0.181" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[   42.493115][   T29] audit: type=1400 audit(1766936416.666:1016): avc:  denied  { read } for  pid=4031 comm="syz.1.180" name="ptp0" dev="devtmpfs" ino=246 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[   42.727931][ T4052] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   42.869959][ T4061] loop4: detected capacity change from 0 to 256
[   43.071540][ T3499] IPVS: starting estimator thread 0...
[   43.073158][ T4068] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[   43.166739][ T4077] IPVS: using max 2544 ests per chain, 127200 per kthread
[   43.174873][ T4084] __nla_validate_parse: 14 callbacks suppressed
[   43.174896][ T4084] netlink: 8 bytes leftover after parsing attributes in process `syz.1.192'.
[   43.201275][ T4087] netlink: 28 bytes leftover after parsing attributes in process `syz.4.194'.
[   43.250359][ T4095] 9pnet_fd: Insufficient options for proto=fd
[   43.283594][ T4098] loop0: detected capacity change from 0 to 512
[   43.313820][ T4098] EXT4-fs error (device loop0): __ext4_iget:5426: inode #11: block 1: comm syz.0.197: invalid block
[   43.326272][ T4103] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   43.334116][ T4098] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.197: couldn't read orphan inode 11 (err -117)
[   43.347006][ T4098] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   43.363526][ T4103] batman_adv: batadv0: Removing interface: batadv_slave_0
[   43.374172][ T4098] EXT4-fs error (device loop0): htree_dirblock_to_tree:1051: inode #2: comm syz.0.197: Directory hole found for htree leaf block 0
[   43.431711][ T3320] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.469113][ T4103] erspan0: entered promiscuous mode
[   43.496135][ T4103] netlink: 8 bytes leftover after parsing attributes in process `syz.4.200'.
[   43.584789][ T4124] loop4: detected capacity change from 0 to 128
[   43.586803][ T4122] netlink: 16 bytes leftover after parsing attributes in process `syz.2.206'.
[   43.619556][ T4124] ext4: Unknown parameter 'appraise'
[   43.629778][ T4124] netlink: 8 bytes leftover after parsing attributes in process `syz.4.207'.
[   43.645947][ T4128] loop2: detected capacity change from 0 to 1024
[   43.663839][ T4131] xt_CT: You must specify a L4 protocol and not use inversions on it
[   43.685361][ T4135] loop3: detected capacity change from 0 to 128
[   43.721103][ T4137] hub 1-0:1.0: USB hub found
[   43.728176][ T4139] pim6reg: entered allmulticast mode
[   43.733885][ T4137] hub 1-0:1.0: 8 ports detected
[   43.762120][ T4139] pim6reg: left allmulticast mode
[   43.780643][ T4135] syz.3.211: attempt to access beyond end of device
[   43.780643][ T4135] loop3: rw=2049, sector=145, nr_sectors = 16 limit=128
[   43.795335][ T4135] syz.3.211: attempt to access beyond end of device
[   43.795335][ T4135] loop3: rw=2049, sector=169, nr_sectors = 8 limit=128
[   43.809876][ T4135] syz.3.211: attempt to access beyond end of device
[   43.809876][ T4135] loop3: rw=2049, sector=185, nr_sectors = 8 limit=128
[   43.824617][ T4135] syz.3.211: attempt to access beyond end of device
[   43.824617][ T4135] loop3: rw=2049, sector=201, nr_sectors = 8 limit=128
[   43.840546][ T4135] syz.3.211: attempt to access beyond end of device
[   43.840546][ T4135] loop3: rw=2049, sector=217, nr_sectors = 8 limit=128
[   43.849973][ T4143] loop2: detected capacity change from 0 to 512
[   43.854711][ T4135] syz.3.211: attempt to access beyond end of device
[   43.854711][ T4135] loop3: rw=2049, sector=233, nr_sectors = 8 limit=128
[   43.874803][ T4135] syz.3.211: attempt to access beyond end of device
[   43.874803][ T4135] loop3: rw=2049, sector=249, nr_sectors = 8 limit=128
[   43.888776][ T4135] syz.3.211: attempt to access beyond end of device
[   43.888776][ T4135] loop3: rw=2049, sector=265, nr_sectors = 8 limit=128
[   43.891626][ T4143] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.915050][ T4143] ext4 filesystem being mounted at /54/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   43.941953][ T4139] syz.2.212 (4139) used greatest stack depth: 10512 bytes left
[   43.982091][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.995247][ T4152] netlink: 4 bytes leftover after parsing attributes in process `syz.3.216'.
[   44.017814][ T4155] loop2: detected capacity change from 0 to 1024
[   44.024864][ T4155] EXT4-fs: Ignoring removed nobh option
[   44.030496][ T4155] EXT4-fs: Ignoring removed oldalloc option
[   44.037195][ T4155] ext4: Unknown parameter 'audit'
[   44.108508][ T4167] loop4: detected capacity change from 0 to 128
[   44.131597][ T4167] ext4: Unknown parameter 'appraise'
[   44.202359][ T4171] loop3: detected capacity change from 0 to 8192
[   44.212189][ T4170] infiniband !yz!: set down
[   44.216829][ T4170] infiniband !yz!: added team_slave_0
[   44.230695][ T4170] RDS/IB: !yz!: added
[   44.235262][ T4170] smc: adding ib device !yz! with port count 1
[   44.241809][ T4170] smc:    ib device !yz! port 1 has no pnetid
[   44.329783][ T4182] syz.3.227 (4182) used greatest stack depth: 9264 bytes left
[   44.389997][ T4185] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[   44.399161][ T4185] EXT4-fs (loop3): invalid journal inode
[   44.405243][ T4185] EXT4-fs (loop3): can't get journal size
[   44.412318][ T4185] EXT4-fs (loop3): 1 truncate cleaned up
[   44.418898][ T4185] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   44.510673][ T4190] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[   44.619037][ T4198] dummy0: mtu less than device minimum
[   44.647600][ T4202] sctp: [Deprecated]: syz.0.234 (pid 4202) Use of int in max_burst socket option deprecated.
[   44.647600][ T4202] Use struct sctp_assoc_value instead
[   44.665162][ T4202] netlink: 'syz.0.234': attribute type 39 has an invalid length.
[   44.736883][ T4200] cgroup: Unknown subsys name '¬§@﬽æì¦4*oäÂÒ£hÓîºoþüíUÜ'
[   44.787678][ T4207] ext4: Unknown parameter 'appraise'
[   44.860075][ T4213] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   44.880889][ T4213] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   44.907645][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.025156][ T4229] netlink: 8 bytes leftover after parsing attributes in process `syz.2.240'.
[   45.083336][ T4231] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   45.104708][ T4239] FAT-fs (loop1): bogus number of FAT sectors
[   45.110931][ T4239] FAT-fs (loop1): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[   45.120469][ T4239] FAT-fs (loop1): Can't find a valid FAT filesystem
[   45.139280][ T3320] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[   45.154538][ T4239] FAT-fs (loop1): bogus number of FAT sectors
[   45.155121][ T4234] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   45.160876][ T4239] FAT-fs (loop1): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[   45.182483][ T4239] FAT-fs (loop1): Can't find a valid FAT filesystem
[   45.195187][ T4243] netlink: 4 bytes leftover after parsing attributes in process `syz.2.247'.
[   45.223456][ T4234] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2857: Unable to expand inode 13. Delete some EAs or run e2fsck.
[   45.238137][ T3320] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.253615][ T4253] FAULT_INJECTION: forcing a failure.
[   45.253615][ T4253] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   45.266763][ T4253] CPU: 0 UID: 0 PID: 4253 Comm: syz.1.251 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   45.266795][ T4253] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   45.266808][ T4253] Call Trace:
[   45.266816][ T4253]  <TASK>
[   45.266826][ T4253]  __dump_stack+0x1d/0x30
[   45.266856][ T4253]  dump_stack_lvl+0x95/0xd0
[   45.266955][ T4253]  dump_stack+0x15/0x1b
[   45.266979][ T4253]  should_fail_ex+0x265/0x280
[   45.267006][ T4253]  should_fail+0xb/0x20
[   45.267039][ T4253]  should_fail_usercopy+0x1a/0x20
[   45.267107][ T4253]  _copy_to_user+0x20/0xa0
[   45.267211][ T4253]  simple_read_from_buffer+0xb5/0x130
[   45.267236][ T4253]  proc_fail_nth_read+0x10e/0x150
[   45.267271][ T4253]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   45.267303][ T4253]  vfs_read+0x1a8/0x770
[   45.267346][ T4253]  ? __rcu_read_unlock+0x4f/0x70
[   45.267370][ T4253]  ? __fget_files+0x184/0x1c0
[   45.267450][ T4253]  ? mutex_lock+0x58/0x90
[   45.267482][ T4253]  ksys_read+0xda/0x1a0
[   45.267503][ T4253]  __x64_sys_read+0x40/0x50
[   45.267522][ T4253]  x64_sys_call+0x2889/0x3000
[   45.267547][ T4253]  do_syscall_64+0xca/0x2b0
[   45.267618][ T4253]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   45.267644][ T4253] RIP: 0033:0x7f68bc8ce15c
[   45.267662][ T4253] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   45.267732][ T4253] RSP: 002b:00007f68bb32f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   45.267755][ T4253] RAX: ffffffffffffffda RBX: 00007f68bcb25fa0 RCX: 00007f68bc8ce15c
[   45.267770][ T4253] RDX: 000000000000000f RSI: 00007f68bb32f0a0 RDI: 0000000000000007
[   45.267784][ T4253] RBP: 00007f68bb32f090 R08: 0000000000000000 R09: 0000000000000000
[   45.267877][ T4253] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   45.267889][ T4253] R13: 00007f68bcb26038 R14: 00007f68bcb25fa0 R15: 00007fff31b50e78
[   45.267910][ T4253]  </TASK>
[   45.276775][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.479212][ T3326] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.517141][ T4262] netlink: 'syz.3.252': attribute type 1 has an invalid length.
[   45.525437][ T4262] netlink: 16 bytes leftover after parsing attributes in process `syz.3.252'.
[   45.587813][ T4269] EXT4-fs error (device loop0): ext4_quota_enable:7177: inode #4: comm syz.0.256: casefold flag without casefold feature
[   45.617564][ T4278] netlink: 12 bytes leftover after parsing attributes in process `syz.4.260'.
[   45.630681][ T4269] EXT4-fs error (device loop0): ext4_quota_enable:7180: comm syz.0.256: Bad quota inode: 4, type: 1
[   45.642961][ T4269] EXT4-fs warning (device loop0): ext4_enable_quotas:7221: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   45.644513][ T4272] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   45.678115][ T4269] EXT4-fs (loop0): mount failed
[   45.700816][ T4269] EXT4-fs error (device loop0): ext4_quota_enable:7177: inode #4: comm syz.0.256: casefold flag without casefold feature
[   45.710463][ T4285] xt_hashlimit: max too large, truncated to 1048576
[   45.727284][ T4269] EXT4-fs error (device loop0): ext4_quota_enable:7180: comm syz.0.256: Bad quota inode: 4, type: 1
[   45.739026][ T4269] EXT4-fs warning (device loop0): ext4_enable_quotas:7221: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   45.749584][ T4285] xt_CT: You must specify a L4 protocol and not use inversions on it
[   45.763331][ T4269] EXT4-fs (loop0): mount failed
[   45.798383][ T4269] EXT4-fs error (device loop0): ext4_quota_enable:7177: inode #4: comm syz.0.256: casefold flag without casefold feature
[   45.824598][ T4269] EXT4-fs error (device loop0): ext4_quota_enable:7180: comm syz.0.256: Bad quota inode: 4, type: 1
[   45.838526][ T4269] EXT4-fs warning (device loop0): ext4_enable_quotas:7221: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   45.854088][ T4269] EXT4-fs (loop0): mount failed
[   45.871915][ T4269] EXT4-fs error (device loop0): ext4_quota_enable:7177: inode #4: comm syz.0.256: casefold flag without casefold feature
[   45.889491][ T4269] EXT4-fs error (device loop0): ext4_quota_enable:7180: comm syz.0.256: Bad quota inode: 4, type: 1
[   45.902407][ T4269] EXT4-fs warning (device loop0): ext4_enable_quotas:7221: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   45.918986][ T4269] EXT4-fs (loop0): mount failed
[   45.978246][ T4269] EXT4-fs error (device loop0): ext4_quota_enable:7177: inode #4: comm syz.0.256: casefold flag without casefold feature
[   46.000156][ T4269] EXT4-fs error (device loop0): ext4_quota_enable:7180: comm syz.0.256: Bad quota inode: 4, type: 1
[   46.001572][ T3319] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[   46.027607][ T4269] EXT4-fs warning (device loop0): ext4_enable_quotas:7221: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   46.047850][ T4269] EXT4-fs (loop0): mount failed
[   46.072046][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.081101][ T4269] EXT4-fs error (device loop0): ext4_quota_enable:7177: inode #4: comm syz.0.256: casefold flag without casefold feature
[   46.081345][ T4269] EXT4-fs error (device loop0): ext4_quota_enable:7180: comm syz.0.256: Bad quota inode: 4, type: 1
[   46.081532][ T4269] EXT4-fs warning (device loop0): ext4_enable_quotas:7221: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   46.082075][ T4269] EXT4-fs (loop0): mount failed
[   46.165175][ T4269] EXT4-fs error (device loop0): ext4_quota_enable:7177: inode #4: comm syz.0.256: casefold flag without casefold feature
[   46.189456][ T4269] EXT4-fs error (device loop0): ext4_quota_enable:7180: comm syz.0.256: Bad quota inode: 4, type: 1
[   46.200912][ T4269] EXT4-fs warning (device loop0): ext4_enable_quotas:7221: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   46.217358][ T4269] EXT4-fs (loop0): mount failed
[   46.239342][ T4269] EXT4-fs error (device loop0): ext4_quota_enable:7177: inode #4: comm syz.0.256: casefold flag without casefold feature
[   46.254855][ T4269] EXT4-fs error (device loop0): ext4_quota_enable:7180: comm syz.0.256: Bad quota inode: 4, type: 1
[   46.317945][ T4269] EXT4-fs warning (device loop0): ext4_enable_quotas:7221: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   46.349109][ T4269] EXT4-fs (loop0): mount failed
[   46.459335][ T4269] EXT4-fs error (device loop0): ext4_quota_enable:7177: inode #4: comm syz.0.256: casefold flag without casefold feature
[   46.473705][ T4269] EXT4-fs error (device loop0): ext4_quota_enable:7180: comm syz.0.256: Bad quota inode: 4, type: 1
[   46.478622][ T4339] netlink: 'syz.1.275': attribute type 1 has an invalid length.
[   46.493624][ T4269] EXT4-fs warning (device loop0): ext4_enable_quotas:7221: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   46.516506][ T4269] EXT4-fs (loop0): mount failed
[   46.562867][ T4269] EXT4-fs error (device loop0): ext4_quota_enable:7177: inode #4: comm syz.0.256: casefold flag without casefold feature
[   46.586058][ T4269] EXT4-fs error (device loop0): ext4_quota_enable:7180: comm syz.0.256: Bad quota inode: 4, type: 1
[   46.629843][ T4269] EXT4-fs warning (device loop0): ext4_enable_quotas:7221: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   46.661864][ T4269] EXT4-fs (loop0): mount failed
[   46.680778][ T4357] EXT4-fs: Ignoring removed i_version option
[   46.686995][ T4357] EXT4-fs: Ignoring removed bh option
[   46.699842][ T4351] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[   46.722318][ T3397] IPVS: starting estimator thread 0...
[   46.795737][   T29] kauditd_printk_skb: 544 callbacks suppressed
[   46.795753][   T29] audit: type=1326 audit(1766936421.006:1561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4354 comm="syz.1.281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68bc8cf749 code=0x7ffc0000
[   46.826537][ T4359] IPVS: using max 2592 ests per chain, 129600 per kthread
[   46.833932][   T29] audit: type=1326 audit(1766936421.046:1562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4354 comm="syz.1.281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68bc8cf749 code=0x7ffc0000
[   46.835065][ T4357] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.866532][ T4269] EXT4-fs error (device loop0): ext4_quota_enable:7177: inode #4: comm syz.0.256: casefold flag without casefold feature
[   46.891549][ T4363] EXT4-fs: dax option not supported
[   46.897427][ T4269] EXT4-fs error (device loop0): ext4_quota_enable:7180: comm syz.0.256: Bad quota inode: 4, type: 1
[   46.911658][ T4269] EXT4-fs warning (device loop0): ext4_enable_quotas:7221: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   46.932371][ T4357] ext4 filesystem being mounted at /43/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   46.977468][ T4363] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   46.988491][ T4363] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   47.053936][ T4269] EXT4-fs (loop0): mount failed
[   47.059481][   T29] audit: type=1326 audit(1766936421.276:1563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4375 comm="syz.2.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f249679f749 code=0x7ffc0000
[   47.064134][ T4363] JBD2: no valid journal superblock found
[   47.089123][ T4363] EXT4-fs (loop4): Could not load journal inode
[   47.097510][   T29] audit: type=1326 audit(1766936421.316:1564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4375 comm="syz.2.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f249679f749 code=0x7ffc0000
[   47.128388][ T4363] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[   47.170044][   T29] audit: type=1326 audit(1766936421.346:1565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4375 comm="syz.2.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f249679f749 code=0x7ffc0000
[   47.194587][   T29] audit: type=1326 audit(1766936421.346:1566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4375 comm="syz.2.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f249679f749 code=0x7ffc0000
[   47.218022][   T29] audit: type=1326 audit(1766936421.346:1567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4375 comm="syz.2.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f249679f749 code=0x7ffc0000
[   47.241560][   T29] audit: type=1326 audit(1766936421.356:1568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4375 comm="syz.2.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f249679f749 code=0x7ffc0000
[   47.265345][   T29] audit: type=1326 audit(1766936421.356:1569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4375 comm="syz.2.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f249679f749 code=0x7ffc0000
[   47.288872][   T29] audit: type=1326 audit(1766936421.356:1570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4375 comm="syz.2.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f249679f749 code=0x7ffc0000
[   47.319764][ T4269] set_capacity_and_notify: 24 callbacks suppressed
[   47.319779][ T4269] loop0: detected capacity change from 0 to 1024
[   47.407396][ T4269] EXT4-fs error (device loop0): ext4_quota_enable:7177: inode #4: comm syz.0.256: casefold flag without casefold feature
[   47.437422][ T4269] EXT4-fs error (device loop0): ext4_quota_enable:7180: comm syz.0.256: Bad quota inode: 4, type: 1
[   47.478631][ T4269] EXT4-fs warning (device loop0): ext4_enable_quotas:7221: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   47.504439][ T4385] capability: warning: `syz.2.290' uses 32-bit capabilities (legacy support in use)
[   47.504907][ T4269] EXT4-fs (loop0): mount failed
[   47.521710][ T4385] program syz.2.290 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   47.561780][ T4269] loop0: detected capacity change from 0 to 1024
[   47.569487][ T4388] loop2: detected capacity change from 0 to 512
[   47.578115][ T4388] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   47.578692][ T4269] EXT4-fs error (device loop0): ext4_quota_enable:7177: inode #4: comm syz.0.256: casefold flag without casefold feature
[   47.586762][ T4388] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[   47.610982][ T4269] EXT4-fs error (device loop0): ext4_quota_enable:7180: comm syz.0.256: Bad quota inode: 4, type: 1
[   47.629934][ T4269] EXT4-fs warning (device loop0): ext4_enable_quotas:7221: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   47.653771][ T4388] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4215: comm syz.2.291: Allocating blocks 41-42 which overlap fs metadata
[   47.668521][ T4269] EXT4-fs (loop0): mount failed
[   47.673787][ T4388] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4215: comm syz.2.291: Allocating blocks 41-42 which overlap fs metadata
[   47.712603][ T4269] loop0: detected capacity change from 0 to 1024
[   47.727110][ T4388] EXT4-fs error (device loop2): ext4_acquire_dquot:6986: comm syz.2.291: Failed to acquire dquot type 1
[   47.757047][ T4388] EXT4-fs error (device loop2): mb_free_blocks:2037: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[   47.777651][ T4269] EXT4-fs error (device loop0): ext4_quota_enable:7177: inode #4: comm syz.0.256: casefold flag without casefold feature
[   47.806974][ T4393] pimreg: entered allmulticast mode
[   47.813406][ T4388] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #12: comm syz.2.291: corrupted inode contents
[   47.828597][ T4269] EXT4-fs error (device loop0): ext4_quota_enable:7180: comm syz.0.256: Bad quota inode: 4, type: 1
[   47.836736][ T4388] EXT4-fs error (device loop2): ext4_dirty_inode:6502: inode #12: comm syz.2.291: mark_inode_dirty error
[   47.865861][ T4269] EXT4-fs warning (device loop0): ext4_enable_quotas:7221: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   47.894673][ T4388] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #12: comm syz.2.291: corrupted inode contents
[   47.906819][ T4269] EXT4-fs (loop0): mount failed
[   47.923689][ T4269] loop0: detected capacity change from 0 to 1024
[   47.949809][ T4399] openvswitch: netlink: Missing key (keys=40, expected=200000)
[   47.974095][ T4269] EXT4-fs error (device loop0): ext4_quota_enable:7177: inode #4: comm syz.0.256: casefold flag without casefold feature
[   47.990415][ T4388] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #12: comm syz.2.291: mark_inode_dirty error
[   47.998259][ T4269] EXT4-fs error (device loop0): ext4_quota_enable:7180: comm syz.0.256: Bad quota inode: 4, type: 1
[   48.036718][ T4388] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #12: comm syz.2.291: corrupted inode contents
[   48.048637][ T4269] EXT4-fs warning (device loop0): ext4_enable_quotas:7221: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   48.084163][ T4269] EXT4-fs (loop0): mount failed
[   48.097937][ T4388] EXT4-fs error (device loop2) in ext4_orphan_del:303: Corrupt filesystem
[   48.124005][ T4388] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #12: comm syz.2.291: corrupted inode contents
[   48.137021][ T4269] loop0: detected capacity change from 0 to 1024
[   48.154377][ T4269] EXT4-fs error (device loop0): ext4_quota_enable:7177: inode #4: comm syz.0.256: casefold flag without casefold feature
[   48.167259][ T4388] EXT4-fs error (device loop2): ext4_truncate:4635: inode #12: comm syz.2.291: mark_inode_dirty error
[   48.167489][ T4269] EXT4-fs error (device loop0): ext4_quota_enable:7180: comm syz.0.256: Bad quota inode: 4, type: 1
[   48.188056][ T4409] loop1: detected capacity change from 0 to 128
[   48.198115][ T4388] EXT4-fs error (device loop2) in ext4_process_orphan:345: Corrupt filesystem
[   48.207876][ T4269] EXT4-fs warning (device loop0): ext4_enable_quotas:7221: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   48.208800][ T4409] vfat: Unknown parameter ''
[   48.226993][ T4388] EXT4-fs (loop2): 1 truncate cleaned up
[   48.235049][ T4388] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   48.254758][ T4269] EXT4-fs (loop0): mount failed
[   48.261292][ T4388] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[   48.271124][ T4269] loop0: detected capacity change from 0 to 1024
[   48.284658][ T4388] EXT4-fs (loop2): shut down requested (2)
[   48.292003][ T4388] __nla_validate_parse: 3 callbacks suppressed
[   48.292021][ T4388] netlink: 8 bytes leftover after parsing attributes in process `syz.2.291'.
[   48.308999][ T4269] EXT4-fs error (device loop0): ext4_quota_enable:7177: inode #4: comm syz.0.256: casefold flag without casefold feature
[   48.322200][ T4269] EXT4-fs error (device loop0): ext4_quota_enable:7180: comm syz.0.256: Bad quota inode: 4, type: 1
[   48.333422][ T4269] EXT4-fs warning (device loop0): ext4_enable_quotas:7221: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   48.349335][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.349559][ T4269] EXT4-fs (loop0): mount failed
[   48.378743][ T4269] loop0: detected capacity change from 0 to 1024
[   48.399044][ T4269] EXT4-fs error (device loop0): ext4_quota_enable:7177: inode #4: comm syz.0.256: casefold flag without casefold feature
[   48.412096][ T4415] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[   48.420951][ T4269] EXT4-fs error (device loop0): ext4_quota_enable:7180: comm syz.0.256: Bad quota inode: 4, type: 1
[   48.437615][ T4269] EXT4-fs warning (device loop0): ext4_enable_quotas:7221: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   48.463090][ T4269] EXT4-fs (loop0): mount failed
[   48.482497][ T4269] loop0: detected capacity change from 0 to 1024
[   48.499957][ T4269] EXT4-fs error (device loop0): ext4_quota_enable:7177: inode #4: comm syz.0.256: casefold flag without casefold feature
[   48.540107][ T4269] EXT4-fs error (device loop0): ext4_quota_enable:7180: comm syz.0.256: Bad quota inode: 4, type: 1
[   48.601369][ T4269] EXT4-fs warning (device loop0): ext4_enable_quotas:7221: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   48.654947][ T4269] EXT4-fs (loop0): mount failed
[   48.709525][ T4429] netlink: 'syz.1.305': attribute type 10 has an invalid length.
[   48.719750][ T4429] bridge0: port 3(dummy0) entered disabled state
[   48.735677][ T4429] dummy0: left allmulticast mode
[   48.735698][ T4429] dummy0: left promiscuous mode
[   48.735811][ T4429] bridge0: port 3(dummy0) entered disabled state
[   48.759381][ T4429] team0: Failed to send port change of device dummy0 via netlink (err -105)
[   48.759444][ T4429] team0: Failed to send options change via netlink (err -105)
[   48.776062][ T4429] team0: Port device dummy0 added
[   48.782074][ T4433] netlink: 8 bytes leftover after parsing attributes in process `syz.0.307'.
[   48.782172][ T4433] FAULT_INJECTION: forcing a failure.
[   48.782172][ T4433] name failslab, interval 1, probability 0, space 0, times 0
[   48.782196][ T4433] CPU: 1 UID: 0 PID: 4433 Comm: syz.0.307 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   48.782301][ T4433] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   48.782314][ T4433] Call Trace:
[   48.782319][ T4433]  <TASK>
[   48.782326][ T4433]  __dump_stack+0x1d/0x30
[   48.782354][ T4433]  dump_stack_lvl+0x95/0xd0
[   48.782379][ T4433]  dump_stack+0x15/0x1b
[   48.782461][ T4433]  should_fail_ex+0x265/0x280
[   48.782484][ T4433]  should_failslab+0x8c/0xb0
[   48.782506][ T4433]  __kmalloc_cache_noprof+0x65/0x4c0
[   48.782532][ T4433]  ? fou_nl_add_doit+0x124/0x410
[   48.782559][ T4433]  fou_nl_add_doit+0x124/0x410
[   48.782638][ T4433]  genl_family_rcv_msg_doit+0x143/0x1b0
[   48.782732][ T4433]  genl_rcv_msg+0x422/0x460
[   48.782754][ T4433]  ? __pfx_fou_nl_add_doit+0x10/0x10
[   48.782786][ T4433]  netlink_rcv_skb+0x123/0x220
[   48.782814][ T4433]  ? __pfx_genl_rcv_msg+0x10/0x10
[   48.782919][ T4433]  genl_rcv+0x28/0x40
[   48.782938][ T4433]  netlink_unicast+0x5c0/0x690
[   48.782972][ T4433]  netlink_sendmsg+0x58b/0x6b0
[   48.783007][ T4433]  ? __pfx_netlink_sendmsg+0x10/0x10
[   48.783038][ T4433]  __sock_sendmsg+0x145/0x180
[   48.783061][ T4433]  ____sys_sendmsg+0x31e/0x4a0
[   48.783180][ T4433]  ___sys_sendmsg+0x17b/0x1d0
[   48.783240][ T4433]  __x64_sys_sendmsg+0xd4/0x160
[   48.783300][ T4433]  x64_sys_call+0x17ba/0x3000
[   48.783324][ T4433]  do_syscall_64+0xca/0x2b0
[   48.783358][ T4433]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   48.783379][ T4433] RIP: 0033:0x7f7cc418f749
[   48.783396][ T4433] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   48.783417][ T4433] RSP: 002b:00007f7cc2bef038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   48.783441][ T4433] RAX: ffffffffffffffda RBX: 00007f7cc43e5fa0 RCX: 00007f7cc418f749
[   48.783541][ T4433] RDX: 0000000000000000 RSI: 0000200000000640 RDI: 0000000000000004
[   48.783555][ T4433] RBP: 00007f7cc2bef090 R08: 0000000000000000 R09: 0000000000000000
[   48.783568][ T4433] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   48.783582][ T4433] R13: 00007f7cc43e6038 R14: 00007f7cc43e5fa0 R15: 00007ffd3f7c40f8
[   48.783601][ T4433]  </TASK>
[   48.849035][ T4437] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[   48.872611][ T4429] FAULT_INJECTION: forcing a failure.
[   48.872611][ T4429] name failslab, interval 1, probability 0, space 0, times 0
[   48.872645][ T4429] CPU: 0 UID: 0 PID: 4429 Comm: syz.1.305 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   48.872744][ T4429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   48.872759][ T4429] Call Trace:
[   48.872767][ T4429]  <TASK>
[   48.872776][ T4429]  __dump_stack+0x1d/0x30
[   48.872801][ T4429]  dump_stack_lvl+0x95/0xd0
[   48.872828][ T4429]  dump_stack+0x15/0x1b
[   48.872916][ T4429]  should_fail_ex+0x265/0x280
[   48.872939][ T4429]  should_failslab+0x8c/0xb0
[   48.872961][ T4429]  __kmalloc_cache_noprof+0x65/0x4c0
[   48.872989][ T4429]  ? rtnl_newlink+0x5c/0x1360
[   48.873034][ T4429]  ? __pfx_rtnl_newlink+0x10/0x10
[   48.873052][ T4429]  rtnl_newlink+0x5c/0x1360
[   48.873073][ T4429]  ? _raw_spin_unlock+0x26/0x50
[   48.873094][ T4429]  ? vfree+0x295/0x3a0
[   48.873129][ T4429]  ? kfree+0x10e/0x3c0
[   48.873211][ T4429]  ? xas_load+0x413/0x430
[   48.873247][ T4429]  ? xas_load+0x413/0x430
[   48.873283][ T4429]  ? skb_network_protocol+0x329/0x420
[   48.873317][ T4429]  ? __rcu_read_unlock+0x4f/0x70
[   48.873342][ T4429]  ? __rcu_read_unlock+0x4f/0x70
[   48.873367][ T4429]  ? avc_has_perm_noaudit+0xab/0x130
[   48.873390][ T4429]  ? cred_has_capability+0x210/0x280
[   48.873476][ T4429]  ? selinux_capable+0x31/0x40
[   48.873498][ T4429]  ? security_capable+0x83/0x90
[   48.873530][ T4429]  ? ns_capable+0x7d/0xb0
[   48.873639][ T4429]  ? __pfx_rtnl_newlink+0x10/0x10
[   48.873658][ T4429]  rtnetlink_rcv_msg+0x5fe/0x6d0
[   48.873683][ T4429]  netlink_rcv_skb+0x123/0x220
[   48.873766][ T4429]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   48.873790][ T4429]  rtnetlink_rcv+0x1c/0x30
[   48.873819][ T4429]  netlink_unicast+0x5c0/0x690
[   48.873866][ T4429]  netlink_sendmsg+0x58b/0x6b0
[   48.873939][ T4429]  ? __pfx_netlink_sendmsg+0x10/0x10
[   48.874039][ T4429]  __sock_sendmsg+0x145/0x180
[   48.874102][ T4429]  ____sys_sendmsg+0x31e/0x4a0
[   48.874219][ T4429]  ___sys_sendmsg+0x17b/0x1d0
[   48.874258][ T4429]  __x64_sys_sendmsg+0xd4/0x160
[   48.874304][ T4429]  x64_sys_call+0x17ba/0x3000
[   48.874336][ T4429]  do_syscall_64+0xca/0x2b0
[   48.874373][ T4429]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   48.874509][ T4429] RIP: 0033:0x7f68bc8cf749
[   48.874524][ T4429] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   48.874542][ T4429] RSP: 002b:00007f68bb32f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   48.874562][ T4429] RAX: ffffffffffffffda RBX: 00007f68bcb25fa0 RCX: 00007f68bc8cf749
[   48.874579][ T4429] RDX: 0000000004008084 RSI: 0000200000000600 RDI: 0000000000000004
[   48.874595][ T4429] RBP: 00007f68bb32f090 R08: 0000000000000000 R09: 0000000000000000
[   48.874651][ T4429] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   48.874666][ T4429] R13: 00007f68bcb26038 R14: 00007f68bcb25fa0 R15: 00007fff31b50e78
[   48.874750][ T4429]  </TASK>
[   48.891203][ T4443] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[   49.120492][ T4446] iso9660: Unknown parameter 'sess
ñn'
[   49.725723][ T4475] openvswitch: netlink: Missing key (keys=40, expected=200000)
[   49.771897][ T4480] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   49.794520][ T4480] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   49.807707][ T4483] netlink: 12 bytes leftover after parsing attributes in process `syz.2.322'.
[   49.823281][ T4483] 8021q: adding VLAN 0 to HW filter on device bond1
[   49.837375][ T4483] macvlan2: entered promiscuous mode
[   49.842890][ T4483] macvlan2: entered allmulticast mode
[   49.849489][ T4483] bond1: (slave macvlan2): Opening slave failed
[   49.978995][ T4487] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[   50.098102][ T4492] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[   50.168734][ T4500] openvswitch: netlink: Missing key (keys=40, expected=200000)
[   50.192738][ T4502] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'filter'
[   50.254086][ T4507] netlink: 83992 bytes leftover after parsing attributes in process `syz.0.332'.
[   50.271551][ T4507] netlink: zone id is out of range
[   50.276776][ T4507] netlink: zone id is out of range
[   50.282637][ T4507] netlink: zone id is out of range
[   50.287949][ T4507] netlink: zone id is out of range
[   50.293774][ T4507] netlink: zone id is out of range
[   50.300479][ T4507] netlink: zone id is out of range
[   50.320382][ T4509] netlink: 8 bytes leftover after parsing attributes in process `syz.4.333'.
[   50.334602][ T4509] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[   50.374905][ T4509] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1137: updating to rev 1 because of new feature flag, running e2fsck is recommended
[   50.402858][ T4509] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.333: bg 0: block 248: padding at end of block bitmap is not set
[   50.447044][ T4509] EXT4-fs error (device loop4): ext4_acquire_dquot:6986: comm syz.4.333: Failed to acquire dquot type 1
[   50.477168][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.487304][ T4509] EXT4-fs (loop4): 1 truncate cleaned up
[   50.493816][ T4509] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback.
[   50.551464][ T4509] syz.4.333 (4509) used greatest stack depth: 9088 bytes left
[   50.578491][ T3326] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0008-000000000000.
[   50.671679][ T4536] EXT4-fs: dax option not supported
[   50.711991][ T4536] netlink: 12 bytes leftover after parsing attributes in process `syz.4.339'.
[   50.791580][ T4544] ALSA: seq fatal error: cannot create timer (-22)
[   50.907790][ T4549] FAT-fs (loop3): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[   50.948236][ T4553] netlink: 'syz.0.347': attribute type 12 has an invalid length.
[   50.956116][ T4553] netlink: 'syz.0.347': attribute type 29 has an invalid length.
[   50.964158][ T4553] netlink: 148 bytes leftover after parsing attributes in process `syz.0.347'.
[   50.973199][ T4553] netlink: 'syz.0.347': attribute type 1 has an invalid length.
[   50.981023][ T4553] netlink: 43 bytes leftover after parsing attributes in process `syz.0.347'.
[   51.233915][ T1954] FAT-fs (loop3): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[   51.309534][ T4573] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   51.335845][ T4571] EXT4-fs: inline encryption not supported
[   51.341872][ T4571] EXT4-fs: Ignoring removed orlov option
[   51.348770][ T4571] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled
[   51.361992][ T4573] netlink: 8 bytes leftover after parsing attributes in process `syz.2.356'.
[   51.376209][ T4571] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   51.426350][ T4584] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=4584 comm=syz.4.357
[   51.461161][ T4580] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   51.469927][ T4580] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   51.516232][ T4587] netlink: 20 bytes leftover after parsing attributes in process `syz.4.358'.
[   51.630809][ T4597] bridge_slave_1: left allmulticast mode
[   51.636636][ T4597] bridge_slave_1: left promiscuous mode
[   51.642559][ T4597] bridge0: port 2(bridge_slave_1) entered disabled state
[   51.654013][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.664805][ T4597] bridge_slave_0: left allmulticast mode
[   51.670524][ T4597] bridge_slave_0: left promiscuous mode
[   51.676280][ T4597] bridge0: port 1(bridge_slave_0) entered disabled state
[   51.814814][   T29] kauditd_printk_skb: 258 callbacks suppressed
[   51.814833][   T29] audit: type=1400 audit(1766936426.026:1823): avc:  denied  { allowed } for  pid=4607 comm="syz.3.364" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[   51.982581][ T4619] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[   52.002779][   T29] audit: type=1400 audit(1766936426.216:1824): avc:  denied  { lock } for  pid=4616 comm="syz.0.368" path="/49/file2/file1" dev="loop0" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   52.038205][ T3320] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[   52.117140][   T29] audit: type=1400 audit(1766936426.246:1825): avc:  denied  { link } for  pid=4616 comm="syz.0.368" name="file1" dev="loop0" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   52.182754][ T4633] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[   52.275269][ T4633] EXT4-fs warning (device loop0): ext4_update_dynamic_rev:1137: updating to rev 1 because of new feature flag, running e2fsck is recommended
[   52.290272][ T4633] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.372: bg 0: block 248: padding at end of block bitmap is not set
[   52.306730][ T4633] Quota error (device loop0): write_blk: dquota write failed
[   52.314220][ T4633] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[   52.332841][   T29] audit: type=1400 audit(1766936426.546:1826): avc:  denied  { create } for  pid=4649 comm="syz.2.379" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   52.354293][   T29] audit: type=1400 audit(1766936426.546:1827): avc:  denied  { write } for  pid=4649 comm="syz.2.379" name="file0" dev="tmpfs" ino=553 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   52.357928][ T4643] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4643 comm=syz.1.376
[   52.376886][   T29] audit: type=1400 audit(1766936426.546:1828): avc:  denied  { open } for  pid=4649 comm="syz.2.379" path="/100/file0" dev="tmpfs" ino=553 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   52.412144][   T29] audit: type=1400 audit(1766936426.546:1829): avc:  denied  { ioctl } for  pid=4649 comm="syz.2.379" path="/100/file0" dev="tmpfs" ino=553 ioctlcmd=0x1273 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   52.412161][ T4633] EXT4-fs error (device loop0): ext4_acquire_dquot:6986: comm syz.0.372: Failed to acquire dquot type 1
[   52.412689][ T4633] EXT4-fs (loop0): 1 truncate cleaned up
[   52.447134][ T4637] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4637 comm=syz.1.376
[   52.451271][ T4633] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback.
[   52.492815][ T4651] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[   52.586218][   T29] audit: type=1400 audit(1766936426.796:1830): avc:  denied  { unlink } for  pid=3321 comm="syz-executor" name="file0" dev="tmpfs" ino=553 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   52.610595][ T3320] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0008-000000000000.
[   52.629681][ T4657] set_capacity_and_notify: 9 callbacks suppressed
[   52.629766][ T4657] loop1: detected capacity change from 0 to 8192
[   53.044044][ T4685] loop2: detected capacity change from 0 to 128
[   53.052385][ T4685] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   53.064919][ T4685] ext4 filesystem being mounted at /103/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   53.101952][ T4685] netlink: 'syz.2.391': attribute type 21 has an invalid length.
[   53.110164][ T4685] netlink: 'syz.2.391': attribute type 1 has an invalid length.
[   53.141302][ T4692] loop3: detected capacity change from 0 to 1024
[   53.149031][ T4692] EXT4-fs: Ignoring removed nobh option
[   53.154736][ T4692] EXT4-fs: Ignoring removed bh option
[   53.168317][ T4692] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   53.431128][ T4701] loop4: detected capacity change from 0 to 8192
[   53.436952][ T4692] __nla_validate_parse: 3 callbacks suppressed
[   53.436969][ T4692] netlink: 12 bytes leftover after parsing attributes in process `syz.3.394'.
[   53.639552][ T3321] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   53.720984][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.759634][ T4720] loop0: detected capacity change from 0 to 764
[   53.767252][ T4720] rock: corrupted directory entry. extent=32, offset=2044, size=237
[   53.777411][ T4720] Symlink component flag not implemented
[   53.783432][ T4720] Symlink component flag not implemented (7)
[   53.875269][ T4728] syzkaller0: tun_chr_ioctl cmd 1074025677
[   53.881433][ T4728] syzkaller0: linktype set to 805
[   53.907287][ T4728] 9p: Could not find request transport: x
[   54.056712][ T4737] loop3: detected capacity change from 0 to 2048
[   54.364195][ T4737] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[   54.394790][ T4742] xt_hashlimit: max too large, truncated to 1048576
[   54.470073][ T4747] loop4: detected capacity change from 0 to 512
[   54.512126][ T4747] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   54.589720][  T275] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   54.625600][  T275] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 24 with max blocks 2 with error 28
[   54.637981][  T275] EXT4-fs (loop3): This should not happen!! Data will be lost
[   54.637981][  T275] 
[   54.647916][  T275] EXT4-fs (loop3): Total free blocks count 0
[   54.654097][  T275] EXT4-fs (loop3): Free/Dirty block details
[   54.660058][  T275] EXT4-fs (loop3): free_blocks=2415919104
[   54.665833][  T275] EXT4-fs (loop3): dirty_blocks=32
[   54.671122][  T275] EXT4-fs (loop3): Block reservation details
[   54.677200][  T275] EXT4-fs (loop3): i_reserved_data_blocks=2
[   54.729353][ T4747] EXT4-fs (loop4): 1 truncate cleaned up
[   54.736768][ T4747] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   54.755515][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[   54.897172][ T3326] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.921779][ T4763] FAULT_INJECTION: forcing a failure.
[   54.921779][ T4763] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   54.935079][ T4763] CPU: 0 UID: 0 PID: 4763 Comm: syz.3.417 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   54.935108][ T4763] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   54.935152][ T4763] Call Trace:
[   54.935161][ T4763]  <TASK>
[   54.935171][ T4763]  __dump_stack+0x1d/0x30
[   54.935201][ T4763]  dump_stack_lvl+0x95/0xd0
[   54.935227][ T4763]  dump_stack+0x15/0x1b
[   54.935251][ T4763]  should_fail_ex+0x265/0x280
[   54.935282][ T4763]  should_fail+0xb/0x20
[   54.935303][ T4763]  should_fail_usercopy+0x1a/0x20
[   54.935332][ T4763]  _copy_to_user+0x20/0xa0
[   54.935378][ T4763]  simple_read_from_buffer+0xb5/0x130
[   54.935405][ T4763]  proc_fail_nth_read+0x10e/0x150
[   54.935529][ T4763]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   54.935623][ T4763]  vfs_read+0x1a8/0x770
[   54.935640][ T4763]  ? __rcu_read_unlock+0x4f/0x70
[   54.935769][ T4763]  ? __fget_files+0x184/0x1c0
[   54.935794][ T4763]  ? mutex_lock+0x58/0x90
[   54.935828][ T4763]  ksys_read+0xda/0x1a0
[   54.935861][ T4763]  __x64_sys_read+0x40/0x50
[   54.935884][ T4763]  x64_sys_call+0x2889/0x3000
[   54.935992][ T4763]  do_syscall_64+0xca/0x2b0
[   54.936034][ T4763]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   54.936129][ T4763] RIP: 0033:0x7fc91da7e15c
[   54.936148][ T4763] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   54.936168][ T4763] RSP: 002b:00007fc91c4e7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   54.936188][ T4763] RAX: ffffffffffffffda RBX: 00007fc91dcd5fa0 RCX: 00007fc91da7e15c
[   54.936260][ T4763] RDX: 000000000000000f RSI: 00007fc91c4e70a0 RDI: 0000000000000006
[   54.936272][ T4763] RBP: 00007fc91c4e7090 R08: 0000000000000000 R09: 0000000000000000
[   54.936286][ T4763] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   54.936297][ T4763] R13: 00007fc91dcd6038 R14: 00007fc91dcd5fa0 R15: 00007ffdc6a85bd8
[   54.936318][ T4763]  </TASK>
[   55.138909][ T4770] xt_hashlimit: max too large, truncated to 1048576
[   55.208187][ T4778] netlink: 'syz.2.425': attribute type 10 has an invalid length.
[   55.219827][ T4780] net_ratelimit: 4 callbacks suppressed
[   55.219843][ T4780] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[   55.220319][ T4778] team0: Failed to send options change via netlink (err -105)
[   55.240142][ T4778] team0: Port device dummy0 added
[   55.242014][ T4774] loop1: detected capacity change from 0 to 512
[   55.293103][ T4774] netlink: 172 bytes leftover after parsing attributes in process `syz.1.423'.
[   55.326272][ T4784] loop2: detected capacity change from 0 to 8192
[   55.332917][ T4782] loop3: detected capacity change from 0 to 4096
[   55.337799][ T4784] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   55.376971][ T4782] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   55.440798][ T4774] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[   55.468906][ T4774] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   55.504358][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.526712][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.639390][ T4806] netlink: 8 bytes leftover after parsing attributes in process `syz.4.435'.
[   55.660535][ T4809] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   55.695977][ T4809] EXT4-fs (loop0): 1 truncate cleaned up
[   55.702494][ T4809] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   55.736468][ T4817] rdma_op ffff888130c39980 conn xmit_rdma 0000000000000000
[   55.757006][ T3320] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.831814][ T4825] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   56.021991][ T3479] IPVS: starting estimator thread 0...
[   56.033636][ T4855] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[   56.041519][ T4860] netlink: 8 bytes leftover after parsing attributes in process `syz.2.451'.
[   56.054157][ T4831] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[   56.081789][ T4857] netlink: 4 bytes leftover after parsing attributes in process `syz.2.451'.
[   56.093038][ T3316] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.116495][ T4859] IPVS: using max 2304 ests per chain, 115200 per kthread
[   56.344638][ T4882] FAULT_INJECTION: forcing a failure.
[   56.344638][ T4882] name failslab, interval 1, probability 0, space 0, times 0
[   56.357476][ T4882] CPU: 0 UID: 0 PID: 4882 Comm: syz.2.462 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   56.357554][ T4882] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   56.357568][ T4882] Call Trace:
[   56.357575][ T4882]  <TASK>
[   56.357646][ T4882]  __dump_stack+0x1d/0x30
[   56.357673][ T4882]  dump_stack_lvl+0x95/0xd0
[   56.357766][ T4882]  dump_stack+0x15/0x1b
[   56.357787][ T4882]  should_fail_ex+0x265/0x280
[   56.357810][ T4882]  should_failslab+0x8c/0xb0
[   56.357834][ T4882]  __kmalloc_noprof+0xb9/0x5a0
[   56.357935][ T4882]  ? pfkey_add+0x85b/0x12e0
[   56.357967][ T4882]  ? crypto_has_ahash+0x27/0x40
[   56.357996][ T4882]  pfkey_add+0x85b/0x12e0
[   56.358035][ T4882]  pfkey_sendmsg+0x718/0x900
[   56.358086][ T4882]  ? __pfx_pfkey_sendmsg+0x10/0x10
[   56.358192][ T4882]  __sock_sendmsg+0x145/0x180
[   56.358216][ T4882]  ____sys_sendmsg+0x31e/0x4a0
[   56.358330][ T4882]  ___sys_sendmsg+0x17b/0x1d0
[   56.358394][ T4882]  __x64_sys_sendmsg+0xd4/0x160
[   56.358429][ T4882]  x64_sys_call+0x17ba/0x3000
[   56.358459][ T4882]  do_syscall_64+0xca/0x2b0
[   56.358527][ T4882]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   56.358552][ T4882] RIP: 0033:0x7f249679f749
[   56.358570][ T4882] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   56.358661][ T4882] RSP: 002b:00007f2495207038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   56.358686][ T4882] RAX: ffffffffffffffda RBX: 00007f24969f5fa0 RCX: 00007f249679f749
[   56.358702][ T4882] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000006
[   56.358714][ T4882] RBP: 00007f2495207090 R08: 0000000000000000 R09: 0000000000000000
[   56.358727][ T4882] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   56.358739][ T4882] R13: 00007f24969f6038 R14: 00007f24969f5fa0 R15: 00007ffddcd4d598
[   56.358802][ T4882]  </TASK>
[   56.577647][ T4891] netlink: 8 bytes leftover after parsing attributes in process `syz.0.466'.
[   56.590616][ T4891] netlink: 4 bytes leftover after parsing attributes in process `syz.0.466'.
[   56.681356][ T4893] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   56.706296][ T4893] ext4 filesystem being mounted at /119/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   56.717657][ T4896] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   56.740442][ T4896] ext4 filesystem being mounted at /75/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   56.802436][ T4893] bridge0: port 2(bridge_slave_1) entered disabled state
[   56.809765][ T4893] bridge0: port 1(bridge_slave_0) entered disabled state
[   56.881147][ T4893] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   56.895081][ T4893] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   57.006541][ T4909] bridge0: port 2(bridge_slave_1) entered disabled state
[   57.013862][ T4909] bridge0: port 1(bridge_slave_0) entered disabled state
[   57.023728][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.130440][   T29] kauditd_printk_skb: 404 callbacks suppressed
[   57.130457][   T29] audit: type=1400 audit(1766936431.346:2235): avc:  denied  { write } for  pid=4921 comm="syz.1.476" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[   57.161717][   T29] audit: type=1400 audit(1766936431.346:2236): avc:  denied  { open } for  pid=4921 comm="syz.1.476" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[   57.190513][   T29] audit: type=1400 audit(1766936431.346:2237): avc:  denied  { read append } for  pid=4921 comm="syz.1.476" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[   57.210836][ T4923] netlink: 'syz.1.476': attribute type 83 has an invalid length.
[   57.225354][   T29] audit: type=1326 audit(1766936431.436:2238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4928 comm="syz.4.477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41c5cbf749 code=0x7ffc0000
[   57.250937][   T29] audit: type=1326 audit(1766936431.466:2239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4928 comm="syz.4.477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f41c5cbf749 code=0x7ffc0000
[   57.255037][ T4909] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   57.275020][   T29] audit: type=1326 audit(1766936431.466:2240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4928 comm="syz.4.477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41c5cbf749 code=0x7ffc0000
[   57.306275][   T29] audit: type=1326 audit(1766936431.466:2241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4928 comm="syz.4.477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41c5cbf749 code=0x7ffc0000
[   57.350907][   T56] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   57.378110][   T29] audit: type=1326 audit(1766936431.526:2242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4928 comm="syz.4.477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f41c5cbf749 code=0x7ffc0000
[   57.378144][   T56] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   57.378214][   T56] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   57.401882][   T29] audit: type=1326 audit(1766936431.546:2243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4928 comm="syz.4.477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41c5cbf749 code=0x7ffc0000
[   57.415775][   T56] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   57.419785][   T29] audit: type=1326 audit(1766936431.556:2244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4928 comm="syz.4.477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41c5cbf749 code=0x7ffc0000
[   57.444387][   T56] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   57.505615][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.521554][ T4938] netlink: 8 bytes leftover after parsing attributes in process `syz.1.480'.
[   57.566873][   T56] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   57.587193][  T827] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   57.599046][  T827] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   57.602274][ T4942] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   57.669489][ T4952] set_capacity_and_notify: 7 callbacks suppressed
[   57.669509][ T4952] loop1: detected capacity change from 0 to 8192
[   57.827676][ T4969] loop4: detected capacity change from 0 to 1024
[   57.834591][ T4969] EXT4-fs: Ignoring removed nobh option
[   57.856114][ T4969] EXT4-fs: Ignoring removed oldalloc option
[   57.862359][ T4969] EXT4-fs: Ignoring removed bh option
[   57.913800][ T4969] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   57.942581][ T4969] EXT4-fs warning (device loop4): ext4_resize_begin:72: won't resize using backup superblock at 1
[   57.958110][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   58.009318][ T4991] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[   58.080091][ T5003] loop3: detected capacity change from 0 to 164
[   58.090083][ T5005] pim6reg: entered allmulticast mode
[   58.095735][ T5005] pim6reg: left allmulticast mode
[   58.108069][ T5003] bio_check_eod: 69 callbacks suppressed
[   58.108089][ T5003] syz.3.499: attempt to access beyond end of device
[   58.108089][ T5003] loop3: rw=8912896, sector=263328, nr_sectors = 4 limit=164
[   58.129609][ T5003] syz.3.499: attempt to access beyond end of device
[   58.129609][ T5003] loop3: rw=8388608, sector=263328, nr_sectors = 4 limit=164
[   58.187444][ T5003] iso9660: Corrupted directory entry in block 4 of inode 1792
[   58.217942][ T5013] rtc_cmos 00:00: Alarms can be up to one day in the future
[   58.271641][ T5026] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[   58.280055][ T5028] openvswitch: netlink: Missing key (keys=40, expected=200000)
[   58.302238][ T5032] loop0: detected capacity change from 0 to 128
[   58.324286][ T5036] netlink: 12 bytes leftover after parsing attributes in process `syz.1.512'.
[   58.426064][ T5047] 9pnet_fd: Insufficient options for proto=fd
[   58.538117][ T5056] loop0: detected capacity change from 0 to 512
[   58.547488][ T5061] loop1: detected capacity change from 0 to 512
[   58.569497][ T5056] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   58.585681][ T5056] ext4 filesystem being mounted at /78/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   58.600338][ T5069] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[   58.625374][ T5072] openvswitch: netlink: Missing key (keys=40, expected=200000)
[   58.669210][ T3326] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   58.684943][ T3320] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   58.708074][ T5079] netlink: 'syz.0.526': attribute type 1 has an invalid length.
[   58.740474][ T5083] netlink: 16 bytes leftover after parsing attributes in process `syz.2.527'.
[   58.753105][ T3479] rtc_cmos 00:00: Alarms can be up to one day in the future
[   58.760844][ T3479] rtc_cmos 00:00: Alarms can be up to one day in the future
[   58.768683][ T3479] rtc_cmos 00:00: Alarms can be up to one day in the future
[   58.776358][ T3479] rtc_cmos 00:00: Alarms can be up to one day in the future
[   58.783762][ T3479] rtc rtc0: __rtc_set_alarm: err=-22
[   60.132158][ T5091] syz_tun: refused to change device tx_queue_len
[   60.365735][ T5097] netlink: 12 bytes leftover after parsing attributes in process `syz.2.531'.
[   60.394294][ T5095] loop4: detected capacity change from 0 to 164
[   60.403640][ T5095] rock: directory entry would overflow storage
[   60.409908][ T5095] rock: sig=0x4f50, size=4, remaining=3
[   60.415572][ T5095] iso9660: Corrupted directory entry in block 4 of inode 1792
[   60.425285][ T5100] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[   60.448858][ T5103] netlink: 4 bytes leftover after parsing attributes in process `syz.2.531'.
[   60.537399][ T5110] netlink: 4 bytes leftover after parsing attributes in process `syz.0.535'.
[   60.584661][ T5108] netlink: 4 bytes leftover after parsing attributes in process `syz.0.535'.
[   60.609638][ T5117] loop4: detected capacity change from 0 to 512
[   60.643425][ T5117] EXT4-fs (loop4): failed to initialize system zone (-117)
[   60.651051][ T5117] EXT4-fs (loop4): mount failed
[   60.760225][ T5125] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[   60.768579][ T5125] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[   60.970194][ T5145] netlink: 8 bytes leftover after parsing attributes in process `syz.4.550'.
[   61.071396][ T5152] loop3: detected capacity change from 0 to 8192
[   61.117263][ T5152]  loop3: p1 < > p2 < > p3 p4 < >
[   61.122383][ T5152] loop3: partition table partially beyond EOD, truncated
[   61.123846][ T5152] loop3: p1 start 67108864 is beyond EOD, truncated
[   61.137046][ T5152] loop3: p2 start 4278190080 is beyond EOD, truncated
[   61.144029][ T5152] loop3: p3 start 100859904 is beyond EOD, truncated
[   61.406004][ T5165] netlink: 4 bytes leftover after parsing attributes in process `syz.3.558'.
[   61.406026][ T5165] batman_adv: batadv0: Removing interface: batadv_slave_0
[   61.406461][ T5165] batman_adv: batadv0: Removing interface: batadv_slave_1
[   61.669953][ T5182] loop0: detected capacity change from 0 to 512
[   61.670277][ T5182] EXT4-fs: Ignoring removed bh option
[   61.682900][ T5182] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   61.710530][ T5182] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   61.710744][ T5182] ext4 filesystem being mounted at /86/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   61.727550][ T5182] EXT4-fs error (device loop0): ext4_lookup:1785: inode #12: comm syz.0.564: iget: bad i_size value: 2533274857506816
[   61.749108][ T5190] Invalid option length (0) for dns_resolver key
[   61.778222][ T5192] sch_tbf: burst 22 is lower than device lo mtu (65550) !
[   61.913117][ T5196] netlink: 8 bytes leftover after parsing attributes in process `syz.1.568'.
[   61.922106][ T5196] netlink: 28 bytes leftover after parsing attributes in process `syz.1.568'.
[   61.957336][ T3320] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   62.086841][ T5215] netlink: 20 bytes leftover after parsing attributes in process `syz.4.573'.
[   62.137729][ T5220] 0ªX¹¦À: renamed from caif0
[   62.144417][ T5220] 0ªX¹¦À: entered allmulticast mode
[   62.149819][ T5220] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[   62.267693][   T29] kauditd_printk_skb: 345 callbacks suppressed
[   62.267710][   T29] audit: type=1400 audit(1766936436.486:2590): avc:  denied  { create } for  pid=5232 comm="syz.4.579" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=irda_socket permissive=1
[   62.312487][   T29] audit: type=1326 audit(1766936436.516:2591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5234 comm="syz.0.580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cc418f749 code=0x7ffc0000
[   62.336246][   T29] audit: type=1326 audit(1766936436.516:2592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5234 comm="syz.0.580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cc418f749 code=0x7ffc0000
[   62.359795][   T29] audit: type=1326 audit(1766936436.516:2593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5234 comm="syz.0.580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=107 compat=0 ip=0x7f7cc418f749 code=0x7ffc0000
[   62.383233][   T29] audit: type=1326 audit(1766936436.516:2594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5234 comm="syz.0.580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cc418f749 code=0x7ffc0000
[   62.406720][   T29] audit: type=1326 audit(1766936436.516:2595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5234 comm="syz.0.580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cc418f749 code=0x7ffc0000
[   62.430409][   T29] audit: type=1326 audit(1766936436.516:2596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5234 comm="syz.0.580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7cc418f749 code=0x7ffc0000
[   62.453891][   T29] audit: type=1326 audit(1766936436.516:2597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5234 comm="syz.0.580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cc418f749 code=0x7ffc0000
[   62.477871][   T29] audit: type=1326 audit(1766936436.516:2598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5234 comm="syz.0.580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cc418f749 code=0x7ffc0000
[   62.501382][   T29] audit: type=1326 audit(1766936436.516:2599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5234 comm="syz.0.580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f7cc418f749 code=0x7ffc0000
[   62.760338][ T5252] openvswitch: netlink: Missing key (keys=40, expected=200000)
[   62.776657][ T5253] set_capacity_and_notify: 2 callbacks suppressed
[   62.776691][ T5253] loop3: detected capacity change from 0 to 1024
[   62.836347][ T5253] EXT4-fs: Ignoring removed nobh option
[   62.842040][ T5253] EXT4-fs: Ignoring removed oldalloc option
[   62.849709][ T5253] ext4: Unknown parameter 'audit'
[   62.886076][ T5259] loop2: detected capacity change from 0 to 1024
[   62.906781][ T5259] EXT4-fs: inline encryption not supported
[   62.912786][ T5259] EXT4-fs: Ignoring removed mblk_io_submit option
[   62.988859][ T5259] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   63.088290][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   63.392151][ T5295] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[   63.418851][ T5296] SELinux: failed to load policy
[   63.623808][ T5307] team_slave_0: entered promiscuous mode
[   63.629642][ T5307] team_slave_1: entered promiscuous mode
[   63.635966][ T5307] dummy0: entered promiscuous mode
[   63.650561][ T5307] 8021q: adding VLAN 0 to HW filter on device macvtap1
[   63.682341][ T5307] team0: Device macvtap1 is already an upper device of the team interface
[   63.707203][ T5307] team_slave_0: left promiscuous mode
[   63.712661][ T5307] team_slave_1: left promiscuous mode
[   63.718093][ T5307] dummy0: left promiscuous mode
[   63.733156][ T5312] team_slave_0: entered promiscuous mode
[   63.738889][ T5312] team_slave_1: entered promiscuous mode
[   63.748028][ T5312] vlan2: entered promiscuous mode
[   63.753350][ T5312] team0: entered promiscuous mode
[   63.849499][ T5317] xt_CT: You must specify a L4 protocol and not use inversions on it
[   63.958533][ T5334] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[   64.061800][ T5348] loop2: detected capacity change from 0 to 512
[   64.083656][ T5341] loop0: detected capacity change from 0 to 8192
[   64.086282][ T5348] EXT4-fs: Ignoring removed nomblk_io_submit option
[   64.097104][ T5348] EXT4-fs: Ignoring removed bh option
[   64.103821][ T5341] FAT-fs (loop0): bogus logical sector size 0
[   64.110089][ T5341] FAT-fs (loop0): Can't find a valid FAT filesystem
[   64.117849][ T5348] EXT4-fs error (device loop2): mb_free_blocks:2037: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[   64.149301][ T5348] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #11: comm syz.2.623: corrupted inode contents
[   64.178928][ T5348] EXT4-fs error (device loop2): ext4_dirty_inode:6502: inode #11: comm syz.2.623: mark_inode_dirty error
[   64.202849][ T5348] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.623: invalid indirect mapped block 1 (level 1)
[   64.226859][ T5348] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #11: comm syz.2.623: corrupted inode contents
[   64.243857][ T5348] EXT4-fs error (device loop2) in ext4_orphan_del:303: Corrupt filesystem
[   64.269577][ T5348] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #11: comm syz.2.623: corrupted inode contents
[   64.282398][ T5348] EXT4-fs error (device loop2): ext4_truncate:4635: inode #11: comm syz.2.623: mark_inode_dirty error
[   64.293986][ T5348] EXT4-fs error (device loop2) in ext4_process_orphan:345: Corrupt filesystem
[   64.303191][ T5348] EXT4-fs (loop2): 1 truncate cleaned up
[   64.309643][ T5348] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   64.351865][ T5358] IPVS: ovf: UDP 224.0.0.2:0 - no destination available
[   64.403010][ T5363] FAULT_INJECTION: forcing a failure.
[   64.403010][ T5363] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   64.416517][ T5363] CPU: 0 UID: 0 PID: 5363 Comm: syz.3.626 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   64.416549][ T5363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   64.416563][ T5363] Call Trace:
[   64.416569][ T5363]  <TASK>
[   64.416577][ T5363]  __dump_stack+0x1d/0x30
[   64.416606][ T5363]  dump_stack_lvl+0x95/0xd0
[   64.416684][ T5363]  dump_stack+0x15/0x1b
[   64.416703][ T5363]  should_fail_ex+0x265/0x280
[   64.416727][ T5363]  should_fail_alloc_page+0xf2/0x100
[   64.416826][ T5363]  __alloc_frozen_pages_noprof+0x109/0x360
[   64.416849][ T5363]  alloc_pages_mpol+0xb3/0x260
[   64.416905][ T5363]  vma_alloc_folio_noprof+0x1aa/0x300
[   64.416927][ T5363]  handle_mm_fault+0xef5/0x2c60
[   64.416956][ T5363]  do_user_addr_fault+0x630/0x1080
[   64.416986][ T5363]  exc_page_fault+0x62/0xa0
[   64.417047][ T5363]  asm_exc_page_fault+0x26/0x30
[   64.417062][ T5363] RIP: 0033:0x7fc91da2cc5b
[   64.417074][ T5363] Code: c0 8b 87 c0 00 00 00 66 0f 6c c0 85 c0 0f 85 44 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 21 00 00 48 8d 7c 24 20 <0f> 29 44 24 40 49 89 e4 48 89 44 24 50 8b 43 74 48 89 9c 24 00 01
[   64.417103][ T5363] RSP: 002b:00007fc91c4c3e10 EFLAGS: 00010246
[   64.417116][ T5363] RAX: 00007fc91c4c5f30 RBX: 00007fc91dcaa640 RCX: 0000000000000000
[   64.417125][ T5363] RDX: 00007fc91c4c5f78 RSI: 00007fc91dae0df8 RDI: 00007fc91c4c3e30
[   64.417134][ T5363] RBP: 0000000000000009 R08: 0000000000000000 R09: 0000000000000000
[   64.417142][ T5363] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   64.417150][ T5363] R13: 00007fc91dcd6128 R14: 00007fc91dcd6090 R15: 00007ffdc6a85bd8
[   64.417164][ T5363]  </TASK>
[   64.417171][ T5363] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[   64.470447][ T5366] __nla_validate_parse: 1 callbacks suppressed
[   64.470464][ T5366] netlink: 76 bytes leftover after parsing attributes in process `syz.2.629'.
[   64.602447][  T827] ==================================================================
[   64.610574][  T827] BUG: KCSAN: data-race in l2tp_tunnel_del_work / sk_common_release
[   64.618588][  T827] 
[   64.621005][  T827] write to 0xffff88811c182b20 of 8 bytes by task 5365 on cpu 0:
[   64.628640][  T827]  sk_common_release+0xae/0x230
[   64.633501][  T827]  udp_lib_close+0x15/0x20
[   64.637936][  T827]  inet_release+0xce/0xf0
[   64.642276][  T827]  sock_close+0x6b/0x150
[   64.646544][  T827]  __fput+0x29b/0x650
[   64.650624][  T827]  ____fput+0x1c/0x30
[   64.654627][  T827]  task_work_run+0x131/0x1a0
[   64.659254][  T827]  exit_to_user_mode_loop+0x1fe/0x740
[   64.664649][  T827]  do_syscall_64+0x1e1/0x2b0
[   64.669275][  T827]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   64.675267][  T827] 
[   64.677595][  T827] read to 0xffff88811c182b20 of 8 bytes by task 827 on cpu 1:
[   64.685150][  T827]  l2tp_tunnel_del_work+0x2f/0x1a0
[   64.690722][  T827]  process_scheduled_works+0x4ce/0x9d0
[   64.696194][  T827]  worker_thread+0x582/0x770
[   64.700795][  T827]  kthread+0x489/0x510
[   64.704880][  T827]  ret_from_fork+0x149/0x290
[   64.709498][  T827]  ret_from_fork_asm+0x1a/0x30
[   64.714300][  T827] 
[   64.716625][  T827] value changed: 0xffff88811b818000 -> 0x0000000000000000
[   64.724256][  T827] 
[   64.726583][  T827] Reported by Kernel Concurrency Sanitizer on:
[   64.732751][  T827] CPU: 1 UID: 0 PID: 827 Comm: kworker/u8:8 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   64.742565][  T827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   64.752635][  T827] Workqueue: l2tp l2tp_tunnel_del_work
[   64.758115][  T827] ==================================================================