last executing test programs:

6m59.773962665s ago: executing program 4 (id=331):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r0, &(0x7f0000000140)={0x2, 0x0, @remote}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000), 0x20000328)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0}, &(0x7f0000000180)=0x40)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @broadcast}, 0x10)

6m59.16365452s ago: executing program 4 (id=344):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xe0042, 0x1ff)
r1 = inotify_init1(0x0)
inotify_add_watch(r1, &(0x7f0000000000)='.\x00', 0x2000775)
write$binfmt_elf64(r0, &(0x7f0000000500)=ANY=[@ANYBLOB="7f454c4605fc0040ff7f00000000000002003e00edfffbff94020000000000004100000000000000dd010000000000000f0000000000380001"], 0x78)
close(r0)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000)

6m59.098095294s ago: executing program 4 (id=347):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0))
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
mkdir(&(0x7f00000008c0)='./bus\x00', 0x0)
open(&(0x7f0000000400)='./file0\x00', 0x64842, 0x2)
r0 = openat$dir(0xffffffffffffff9c, 0x0, 0x101400, 0xad)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xfff, 0x1, @perf_config_ext={0x9, 0x7ff7fffd}, 0x40, 0x1, 0xfffffffc, 0x6, 0xfff, 0x8001, 0x7fff, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0xa)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x5, 0x0, 0x0, 0x0, 0x0, 0x149c, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe, 0x7000000}, 0x50)
lseek(r0, 0x100000001, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
r2 = syz_open_dev$loop(&(0x7f0000000040), 0x7, 0xc0041)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x7}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xc, 0xc, &(0x7f0000000880)=ANY=[@ANYBLOB="1800000000000000000000000000000018150000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b5af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001e000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r4, 0x18000000000002a0, 0x0, 0x0, &(0x7f0000000140), 0x0, 0x2f00, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$LOOP_SET_DIRECT_IO(r2, 0x4c08, 0x591)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x30}, 0x1, 0x0, 0x0, 0x24000890}, 0x0)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=@getqdisc={0x24, 0x26, 0x705, 0x70bd2b, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x1, 0xffe0}, {0x10, 0x8}, {0xfff2, 0x7}}}, 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
setsockopt$inet_tcp_int(r5, 0x6, 0x19, &(0x7f00000001c0)=0x1, 0x4)
bind$inet(r5, &(0x7f0000000100)={0x2, 0x4e24, @loopback}, 0x10)
r7 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$SO_BINDTODEVICE(r7, 0x1, 0x19, &(0x7f00000002c0)='veth1_to_bridge\x00', 0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r7, 0x84, 0x6f, &(0x7f0000000240)={0x0, 0x20, &(0x7f0000000180)=[@in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, @in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000280)=0x10)
sendmmsg$inet(r5, &(0x7f0000004980)=[{{&(0x7f0000000000)={0x2, 0x4e24, @loopback}, 0x10, &(0x7f0000000080)=[{&(0x7f0000000280)}], 0x1}}], 0x1, 0x20008000)
recvmsg(r5, 0x0, 0x103)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$SO_ATTACH_FILTER(r8, 0x1, 0x1a, &(0x7f0000000140)={0x0, 0x0}, 0x10)

6m58.965296162s ago: executing program 4 (id=351):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000500)='./bus\x00', 0x1000c40, &(0x7f00000002c0), 0x5, 0x51c, &(0x7f0000000700)="$eJzs3cFvI1cZAPBvZjebNE2bFCoVENClFBa0WjvxtlHVU7mAUFUJUXHikIbEG0Vx4ih2ShNWavI/IFGJA4ITZyQQHCr1xBHBDW69lANSgRWoQeJgNONx1t3YG3c3awv795NGM29mMt97Y8178RfHL4CJdTUijiLiSkS8ERHzxf6kWOKV9pKd99Gd22snd26vJdFqvf6PJD+e7Yuun8k8XlxzJiK++62IHyRn4zYODrdWa7XqXlEuN7d3y42Dwxub26sb1Y3qTqWyvLS8+NLNFysDtWNmgHOe3f7Vh9/cfPV77/7uCx/86ejrP8qqNVcc627HRWo3feo0TuZyRLz6KIKNwKWiPVdGXREeSBoRn4qI5/Lnfz4u5a/mYHo81gDA/4FWaz5a891lAGDcpXkOLElLRS5gLtK0VGrn8J6O2bRWbzSv36rv76y3c2ULMZXe2qxVF4tc4UJMJVl56e1s+265Eh8v34yIpyLix9OP5eXS2uB5BgDgYj1+z/j/7+n2+A8AjLmeH57pfn++Mry6AADDMciHZwGA8WL8B4DJc3f8nx1pPQCA4fH+HwAmj/EfACbN+53x/9KoawIADMV3XnstW1onxfdfr795sL9Vf/PGerWxVdreXyut1fd2Sxv1+katWlqrb593vVq9vrv0Quy/VW5WG81y4+BwZbu+v9Ncyb/Xe6U6NZRWAQD389Sz7/0liYijlx/Ll+iay8FYDeMtHXUFgJGR84fJ5Vu4YXJ5jw+T69fFf/yeN5dn348Iv/MAQVtvP8APARft2mfl/2FSyf/D5JL/h8kl/w+Tq9VK+s35n56eAgCMlU+Y4/cnARhDQ/37PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIyJuXxZ6CqnaakU8URELMRUcmuzVl2MiCcj4s/TU9NZeWmkNQYAHl76t6SY/+va/PNz9x69kvxnOl9HxA9/+vpP3lptNveWsv3/PN3ffKfYXxlF/QGA83TG6c443vHRndtrnWWY9fnwG+3JRbO4J8XSPnI5LmerP87kkw7P/itplwvZ7yuXLiD+0XFEfKZX+5M8N7JQzHx6b/ws9hNDjZ9+LH6aH2uvs3vx6TNXnu4b87y5XmFSvJf1P6/0ev7SuJqvZ3pOfjyT91APr9P/nZzp/zrP+0ze1/Tq/64OGuOF33+777HjiM9d7hU/OY2f9In//IDx3//8F5/rd6z184hr0Tt+d6xyc3u33Dg4vJHd+OpGdadSWV5aXnzp5ouVcp6jLncy1d3aI8TfX77+ZN/2//K3RUd5Nv7MOe3/yn1b3TrtgH/x3ze+/6V+8Y8jvvbl3q//0/eJn42JXy22+/f0bauzv+k7fXcWf719/48/6et//Zy4HR/89XB9wFMBgCFoHBxurdZq1b0L3ZiKC75g10byiOpsYwQbMcRY2a/JD3udZ4qU2Wrn+ek+5w8/e/eZbN/I7+qFbIyuTwKG4+5DP+qaAAAAAAAAAAAAAAAA/TzyfydKR91CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAxtn/AgAA//8LKMVX")
dup2(0xffffffffffffffff, 0xffffffffffffffff)
perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0)
chroot(&(0x7f0000000100)='./file0\x00')
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000003c0)='./file0\x00', 0x0, 0x2a05004, 0x0)
pivot_root(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='./file0/../file0\x00')

6m58.841779319s ago: executing program 4 (id=353):
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f00000000c0)=0x7)
r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
fallocate(r1, 0x0, 0x0, 0x2000402)
utime(&(0x7f00000000c0)='./file0\x00', 0x0)
lseek(r1, 0x0, 0x3)

6m58.779984152s ago: executing program 2 (id=355):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000540), 0x1, 0x783, &(0x7f0000001000)="$eJzs3c9rHFUcAPDvbJKmSauJIGg9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQg4tIngRVDwIeunZH/Xm1R9X/S88SEvVtFjxIJHZH+222U03bXY3kM8HXva9mdm89903P97sDDsB7FkT6Z9MxKGI+DiJGKtPTyJiqJobjDhRW+72+lo+TUlsbLz9Z1Jd5tb6Wj6a3pM6UC88HRE/fRBxOLO53vLK6nyuWCws1ctTlYXzU+WV1SPnFnJzhbnC4rHpmZmjx186fmznYv3719WD1z954/lvT/z7/lNXP/o5iRNxsD6vOY6dMhET9c9kKP0I7/H6TlfWZ0m/G8BDSTfNgdpWHodiLAaquTZGetkyAKBbNgCAPSgxBgCAPabxPcCt9bV8I/X3G4neuvFaROyvxd+4vlmbM1i/Zre/eh109FZyz5WRJCLGd6D+iYj48vt3v05T1PvBtTSgFy5djogz4xOb9//JpnsWtuuFrWZuDFdfJu6bvNeOP9BPP6Tjn5dbjf8yd8Y/0WL8M9xi230YD97+M9d2oJq20vHfq033tt1uir9ufKBeeqw65htKzp4rFtJ92+MRMRlDw2l5urpo65Hb5M3/brarv3n899en732V1p++3l0ic21w+N73zOYquUeNu+HG5YhnBlvFn9zp/6TN+PdUh3W8+cqHX7Sbl8afxttIm+Pvro0rEc+17P+7fZlseX/iVHV1mGqsFC1899vno+3qb+7/NKX1N84FeiHt/9Gt4x9Pmu/XLG+/jl+ujP3Ybt6D42+9/u9L3qnm99WnXcxVKkvTEfuStzZPP3r3vY1yY/k0/slnW2//tWpbr//pOeGZDuMfvP7HNw8ff3el8c9uq/+3n7l6e36gXf2d9f9MNTdZn9LJ/q/TBj7KZwcAAAAAAAAAAAAAAAAAAAAAAAAAncpExMFIMtk7+Uwmm609w/vJGM0US+XK4bOl5cXZqD4rezyGMo2fuhxr+j3U6frv4TfKR+8rvxgRT0TEZ8Mj1XI2XyrO9jt4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKg70Ob5/6nfh/vdOgCga/b3uwEAQM85/gPA3rO94/9I19oBAPSO838A2Hs6Pv6f6W47AIDecf4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAl506eTJNG/+sr+XT8uyFleX50oUjs4XyfHZhOZ/Nl5bOZ+dKpbliIZsvLbT9R5dqL8VS6fxMLC5fnKoUypWp8srq6YXS8mLl9LmF3FzhdGGoZ5EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQOfKK6vzuWKxsCSzZWZkdzRj12QGY1c0Q6Zrmea9xEj/dlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu9z/AQAA//+MoS4e")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r0, &(0x7f0000000140)='2', 0x1, 0x8000c61)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
sendfile(r1, r1, 0x0, 0xe3aa6ea)
creat(&(0x7f00000003c0)='./file1\x00', 0x11)
write$UHID_INPUT(r1, 0x0, 0x0)

6m58.510260258s ago: executing program 4 (id=359):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @broadcast}, 0x10)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @empty}, 0x10)
sendto(r0, &(0x7f00000002c0)='%', 0x300000, 0x0, 0x0, 0x0)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000003040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000003140)={&(0x7f0000003080)={0x28, r1, 0xe6e964277ae08d57, 0x70bd2d, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @loopback}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x8040000}, 0x40080)

6m58.509694078s ago: executing program 2 (id=360):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0x3, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="5c0000000206030000000000000000000000000005000100070000000900020073797a31000000001400078005001500070000000800124000000000050005000200000005000400000000000d000300686173683a6e6574"], 0x5c}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @loopback}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x30040043}, 0x240008c4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000980)=ANY=[@ANYBLOB="02030003230000002cbd7000fbdbdf2503000900800000001cdc0dca1d9f68846960e56de42944af030006000000000002004e22ac1414bb000000000000000002000100000000000000070c01000000030005000000000002004e21ac1e0101000000000000100002001000000004d3000004d50000000014001800090d94"], 0x118}, 0x1, 0x7}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYRES16, @ANYRES32], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r3, &(0x7f0000000380)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000340)={&(0x7f00000001c0)={0x2c, 0x140f, 0x100, 0x70bd25, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_CHARDEV_TYPE={0xc, 0x45, 'rdma_cm\x00'}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}, @RDMA_NLDEV_ATTR_CHARDEV_TYPE={0x8, 0x45, 'cma\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8000001}, 0x90)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r4, &(0x7f0000000040)={0x1f, 0x0, @any, 0x4}, 0xe)
listen(r4, 0x3)
r5 = open(&(0x7f0000000400)='./file0\x00', 0x64842, 0x2)
pwritev2(r5, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x76200}], 0x1, 0x7c00, 0x0, 0x3)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x18b680, 0x8)
r7 = dup(r6)
sendfile(r7, r5, 0x0, 0x8000fffffffc)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001", @ANYRES32=r8], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

6m58.492074419s ago: executing program 32 (id=359):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @broadcast}, 0x10)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @empty}, 0x10)
sendto(r0, &(0x7f00000002c0)='%', 0x300000, 0x0, 0x0, 0x0)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000003040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000003140)={&(0x7f0000003080)={0x28, r1, 0xe6e964277ae08d57, 0x70bd2d, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @loopback}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x8040000}, 0x40080)

6m58.079630163s ago: executing program 2 (id=369):
openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000940)=@framed={{0x18, 0x9}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}}]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r0}, &(0x7f0000000540), &(0x7f0000000580)=r1}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000007c0)={r0, &(0x7f0000000780)}, 0x20)

6m58.039418875s ago: executing program 2 (id=370):
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x23e9c9e, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00')
lseek(r0, 0x10001, 0x0)

6m57.95941807s ago: executing program 2 (id=371):
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000003f80)=ANY=[], 0x1, 0x2f4, &(0x7f0000000900)="$eJzs3M9PE1sUwPHTn7QlUBYv7+W95IUb3ehmAtW10hhIjE0kSI0/EpMBptp0bEmnwdQY0ZVb4x/hgrBkR6L8A2zc6caNOzYmLmRhrOn8oKVMKYVKEb6fhMxhzj3tvZ2SnNt02Lrz+nEhZ2k5vSLBmJKAiMi2yIgExRNwj0E7jkqzF3Jx8NvH/2/dvXcjnclMzig1lZ69lFJKDY++e/Is7g5bH5DNkQdbX1NfNv/e/Hfr5+yjvKXyliqWKkpXc6XPFX3ONNRC3ipoSk2bhm4ZKl+0jLKTLzn5nFlaXKwqvbgwlFgsG5al9GJVFYyqqpRUpVxVoYd6vqg0TVNDCUEn2ZWZGT19yOL5Hk8Gv0m5nNZDIhLfk8mu9GVCAACgr1r7/6CoXvb/q+c2KoO314bd/n896tf/X/7kPNau/j8mIr79v/f8vv2/3l3/v7cjOluO1P/jZBiN7jkVaIT1ZDmtJ9y/X9vL+6tjdkD/DwAAAAAAAAAAAAAAAAAAAADAn2C7VkvWarWkd/R+6rmYiDT/3iIkIlePf8bopXbXf6Dz9ccp0LhxLzwsYr5ayi5lnaM7YENETDFkTJLyw34/uOqxd+eRqhuR9+ayW7+8lA3ZmXRO8nb9uCQj0lpfq01dz0yOK8fu+ogkmutTkpS//OtTvvVRuXC+qV6TpHyYl5KYsmDPo1H/fFypazczLfVxexwAAAAAAKeBpnb47t81rV3eqd/ZX7d+PhBq7K/HfPfnYfkv3N+1AwAAAABwVljVpwXdNI3yPkFcOo9xgsgBxrQG4W4GdxF4Kzxolfddhh5P42CB9+S7UjH3ZM9flkAXL0ubICiHqRqtr0YddRXex0btxsj0xPFfQTv4583b7717wCtrsQ4rPXwQ2v8NEHG//gUAAADgFGk0/d6Zif5OCAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAM+g4/jtav9cIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnBS/AgAA//9p2gTn")
open(&(0x7f0000000080)='./bus\x00', 0x147c7c, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x389b0d52417bb351)
pwritev2(r0, &(0x7f00000002c0)=[{&(0x7f0000000000)="85", 0x1}], 0x1, 0x0, 0xaa0, 0x8)

6m57.694558975s ago: executing program 2 (id=372):
r0 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
r2 = openat$cgroup(r1, &(0x7f0000000280)='syz1\x00', 0x200002, 0x0)
r3 = openat$cgroup_int(r2, &(0x7f0000000040)='cgroup.max.descendants\x00', 0x2, 0x0)
write$cgroup_int(r3, &(0x7f0000000000)=0xa00000000000000, 0x12)

6m57.658312167s ago: executing program 33 (id=372):
r0 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
r2 = openat$cgroup(r1, &(0x7f0000000280)='syz1\x00', 0x200002, 0x0)
r3 = openat$cgroup_int(r2, &(0x7f0000000040)='cgroup.max.descendants\x00', 0x2, 0x0)
write$cgroup_int(r3, &(0x7f0000000000)=0xa00000000000000, 0x12)

6m56.461420447s ago: executing program 1 (id=391):
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r2, 0xc004743e, 0x110e22fff6)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
ioctl$TUNSETOFFLOAD(r3, 0x4004743d, 0x110e22fff6)
close_range(r1, 0xffffffffffffffff, 0x0)

6m56.287634907s ago: executing program 1 (id=392):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x72bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x42}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=@newtfilter={0x7c, 0x2c, 0xd27, 0x70bd1f, 0x25dfdbfc, {0x0, 0x0, 0x0, r3, {0x4, 0xa}, {}, {0xfff2, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x4c, 0x2, [@TCA_FLOWER_ACT={0x48, 0x3, [@m_bpf={0x44, 0x1, 0x0, 0x0, {{0x8}, {0x1c, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_PARMS={0x18, 0x2, {0x9, 0x9, 0x20000000, 0x9}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}]}, 0x7c}, 0x1, 0x0, 0x0, 0x8848}, 0x80)

6m56.095578048s ago: executing program 1 (id=394):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'pim6reg1\x00', 0x2})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x336)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @link_local})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @dev})

6m55.390269508s ago: executing program 1 (id=401):
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='devpts\x00', 0x0, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x800)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x20000, 0x0)
open_tree(r0, &(0x7f0000000640)='\x00', 0x89901)

6m55.327249262s ago: executing program 1 (id=402):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff}, 0x6)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

6m55.03406886s ago: executing program 1 (id=403):
r0 = syz_open_dev$loop(&(0x7f0000000040), 0x7, 0xc0243)
unshare(0x28000600)
r1 = getpid()
syz_pidfd_open(r1, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r2, 0x0, {0x2a00, 0x80010000, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0xd, "fee8a2a478fc179fd2f8dda1af1ea89de2b7fb0a0100000000000000000300000000000004000000000000000000000000000500", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00050014000800000000000000007f"}})
ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x591)

6m55.012422741s ago: executing program 34 (id=403):
r0 = syz_open_dev$loop(&(0x7f0000000040), 0x7, 0xc0243)
unshare(0x28000600)
r1 = getpid()
syz_pidfd_open(r1, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r2, 0x0, {0x2a00, 0x80010000, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0xd, "fee8a2a478fc179fd2f8dda1af1ea89de2b7fb0a0100000000000000000300000000000004000000000000000000000000000500", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00050014000800000000000000007f"}})
ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x591)

2m5.814935072s ago: executing program 5 (id=4453):
r0 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x2, 0x8a710, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x2, 0x18000, 0x8, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000100)=[{{0x3, 0x1}, {0x1, 0x0, 0x1}}], 0x8)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x9001, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x0, 0x1, 0x401, 0x20004, 0x572, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_MSFILTER(r3, 0x0, 0x30, 0x0, 0x110)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'lo\x00', <r4=>0x0})
sendmsg$ETHTOOL_MSG_TSINFO_GET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="200000007204db02a70cd81db3062366bd60ed907da07620c529360f2b4cb13e395ca27bc48c23f9de70398fc7f2083168cc390a", @ANYRES16=r1, @ANYRES32=r4, @ANYBLOB], 0x20}}, 0x0)

2m5.756214696s ago: executing program 5 (id=4455):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000480)=ANY=[@ANYBLOB="400000001000390400"/18, @ANYRES32, @ANYBLOB="01980000000000002000128008000100736974001400028006000e0006"], 0x40}, 0x1, 0x0, 0x0, 0x80}, 0x0)
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000800)={'lo\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000480)=@newqdisc={0x2c, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r1, {0x5, 0x1}, {0xffff, 0xffff}, {0x0, 0xb}}, [@TCA_EGRESS_BLOCK={0x8, 0xe, 0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x15181b09c6bdc4c6}, 0x20008004)
socket$kcm(0x10, 0x400000002, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0x3b, &(0x7f0000000080)=ANY=[@ANYBLOB="180200000000000000000000000000008500000011"], 0x0, 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x206d}, 0x94)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x27, 0x6, 0x0, 0x0, 0x0, 0x9, 0x690bb, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x1, @perf_bp={0x0, 0x8}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x3, 0x1, 0x2, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x1)
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0xb8)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r2, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0xb8)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x2, 0x13, 0x0, 0x0, 0x2}, 0x10}}, 0x0)
setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f00000001c0), 0x4)
sendmsg$key(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x40241, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x50, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x15, 0x3, 'hash:ip,port,net\x00'}]}, 0x50}}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, 0x0, 0x0)
sendmsg$IPSET_CMD_ADD(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="74000000090601020000000000000000030000000900020073797a310000000005000100070000004c0007801800018014000240fe8000000000000000000000000000aa1800148014000240fc000000000000000000000000000000060004404e1f0000050007008400000006000540"], 0x74}, 0x1, 0x0, 0x0, 0x10040003}, 0x0)

2m5.706516689s ago: executing program 5 (id=4457):
openat$ttyS3(0xffffffffffffff9c, &(0x7f00000002c0), 0x113c00, 0x0)
syz_emit_ethernet(0xae, &(0x7f0000000000)={@link_local, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "010120", 0x78, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x0, 0xa, "a78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96489269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af1802"}, {0x0, 0x1, "000000000400260004000000"}, {0x1, 0x1, "fe906d17efe3"}]}}}}}}, 0x0)

2m5.68267819s ago: executing program 5 (id=4458):
syz_mount_image$ext4(&(0x7f00000005c0)='ext4\x00', &(0x7f0000000600)='./file0\x00', 0x0, &(0x7f00000000c0)={[{@nojournal_checksum}]}, 0x0, 0x5bc, &(0x7f0000001440)="$eJzs3V2IXGcdB+D/md1N87E1H7Zqa2xWQ20gdGez2YREvLDEj1qTWlG8CIWwZKe7IbM7a3YD3algizeiIII3IggVe2FFNJCbSqntRYs3Ckr9oKIxoIIIRSsFEdSRdz620+akCe7uHJrzPHBm3/Oe2X3f2eE355w57zkngNIaSw9ZxGhEXIyI7Z3Z1z9hrPOjefDCXJqyaLU+/bes/byZgxfmek/t/d629DAcsTkidh3LYu/Ile0urTTPTtfrtXPd+ery/GJ1aaV595n56dnabG3h0JGpo5OHp45Mrd9rnfjZ1lv/fOf9l594/p///tZvDv8g9Xe0u6z/dayXsRjr/k9GYmdf/XAWcd96N1aQoc5bHXf21WXDBXaI69Zq7fp+ev/eHhF72/nfHkPRefNeevrBf2yPX91bdB+BjdPqyV/8Sgu4YVXa28BZZTwiOuVKZXy8sw1/S2yt1BtLy/sfapxfmOlsK++IkcpDZ+q1ie6+wo4YydL8gXb5tfnJN8wfjGhvA39paEt7fvx0oz4z6A87oG004tLFz53etO0N+f/LUCf/wI0r5f+XLzz1bCq/OlR0b4BBSvn/3qvznwj5h9KRfygv+Yfykn8oL/mH8pJ/KC/5h/KSfygv+Yfykn8or17+HzhxIh44caLV7J7/vtCYPXN2bvHo5MT4/PnT46cb5xbHZxuN2fYZO/PX/rv1RmPxwGScf7i6XFtari6tNE/NN84vLJ9qn9d/qpZzKQCgACcvb75v557nXsoi4tEPbGlPyabuclmFG1urlUXR5yADxbDrD+XlUm1QXvbxgewayzdfbUF9/fsCDEal6A4AhbnrNsf/oKx8/w/l5ft/KC/b+IDv/6F8fP8P5TV6lft/3dx3766JiHhbRPx0aOSm3r2+gLeU1+3qj0ZcuvSdz1ZX78OtoKCgsFoo7oMKGIzXQl90T4CizBy8MNebBtXmM7ODagnI8/I9nUFAKffN7tRZMrx6bGBkg8YJ7bwjPf7o94/vmxtKU3Q/hzagKSDHo49FxLvy1v9Z+9jAju7zdnWeFrdExK0R8Y6IeOca2/7GpyLG4oVaf538w+Bcb/5vi4i0ur49It4dEbsj4j1rbPsXF1P+f72lv07+oRw+/3zRPQCK8vGniu4BUJSTxhhAaX33kaJ7ABTl6R8W3QOgKF99segeQLk9d09ETOQd/6u0j/f3jHSvC3hT91oAWyJia0Rs655DeHP3HMHtfccMr+XUJyPG4o4f99c5/geD0xv/17xi/F9ldfzfUETsWUMbz3xw9Ct59dO7U/6feKQ3/i9Nqf3eWEBgY738WMTtufnPVsf8ZpFyGvHe/7ONsS9cfjKv/sX7098d+bn8QzFa3454f+TnvyeVqsvzi9Wllebd7ft4z9YWDh2ZOjp5eOrIVLV9iZBq70IhOY7//ZX9efW/m0z5/+Yh+YdipPX/1qvkv3/7/31raOPY1798Mq9+9I8p/7ufffP8V/66KftMe753X4KHp5eXzx2I2JQdv7J+cg0dhRtcLyO9DKX879ubv/+/q/s7af1/LCI+nLYXIuI/EfHfiPhIRHw0Ij4WEfe+SZtfu2v2cl79H55M+X/8rPU/FCPlf+Ya6//0819raGP/vp98Ma/+Q3tS/sd/+6fjDw6nSf4BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1t/SSvPsdL1eO7eBhaJfIwAAAAAAAJTF/wIAAP//d8Uzog==")
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r0 = syz_io_uring_setup(0x82e, &(0x7f0000000300)={0x0, 0xcd1d, 0x10100}, &(0x7f0000000000), &(0x7f0000000080))
io_uring_register$IORING_REGISTER_PBUF_RING(r0, 0x16, &(0x7f0000000380)={&(0x7f0000001000)={[{0x0}, {0x0}, {0x0}, {0x0}]}, 0x4}, 0x1)
r1 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x9, 0x690bb, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x3, 0x6, 0x2, 0x0, 0x0, 0x0, 0x6}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x1)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000300)={0x2, &(0x7f0000000040)=[{0x5}, {0x6}]})
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000580)={'veth1_to_bond\x00', <r5=>0x0})
r6 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000001c0)={r3, r5, 0x25, 0x2, @val=@perf_event={0x11}}, 0x18)
unshare(0x2c020400)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000000)={r6, r3}, 0x10)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_NAME_TYPE_CMD(r8, 0x8983, 0x0)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r8, 0x8983, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r9 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r7)
sendmsg$NFT_MSG_GETSETELEM(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="40000000210a018800000000000000000a0000010900020073797a3100000000090001"], 0x40}, 0x1, 0x0, 0x0, 0x4000805}, 0x8000)
sendmsg$NLBL_MGMT_C_ADDDEF(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000b80)={&(0x7f0000000400)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="01002cbd70000000000004"], 0x2c}, 0x1, 0x0, 0x0, 0x20008800}, 0x0)
madvise(&(0x7f000042f000/0x800000)=nil, 0x80fd00, 0x66)
r10 = syz_open_procfs(0x0, &(0x7f0000000080)='smaps\x00')
preadv(r10, &(0x7f0000000000)=[{&(0x7f0000000640)=""/4112, 0x1010}], 0x1, 0x4000, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="66669d"], 0x1c}, 0x1, 0x0, 0x0, 0x40800}, 0x0)
r11 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r11)
ptrace$setregs(0xd, r11, 0x20000000002, &(0x7f0000000040))

2m4.80810012s ago: executing program 5 (id=4486):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000800)=@can_newroute={0x154, 0x18, 0x1, 0x709d29, 0x25dfdbfd, {0x1d, 0x1, 0x4}, [@CGW_CS_CRC8={0x11e, 0x6, {0x1, 0x2, 0x2, 0x0, 0xff, "71ec6d721744cd5200080000f8cfcad4c4ec6511ec028c5028564abce83afe14c93e15e556c2baed7f897fe841c155a2b2a4b9f3052995cdf66a9c7922fb0300005b6c67281f1519cd7c32c2bf7563b9452575505da99ea128d37616896be8764a2c78edbad5bde7a5e405bdc893770338925f824bd24689c0d11a5568fc3aaa9ad0d7766d8ea8d3bf1006e3df494e2f373148ecb4adafdd39874e9808b118301f1e76054a64c6d243523f5de7b347f3b740e105d0ed18fae7289635301ebd8949268090b3bcd4cbed5f1cfe93cff41a9630802f96defe9e8ea850529827c5e301953a8abaafa1f121e590f74e28233f4129d4587eee87ec5d42c3ef0619022c", 0x3, "5c8d586b2a88d818b56d2a5e15c8a95d29e5b2ea"}}, @CGW_CS_XOR={0x8, 0x5, {0x0, 0x5, 0xfffffffffffffff7, 0x2}}, @CGW_MOD_SET={0x15, 0x4, {{{0x3, 0x1, 0x0, 0x1}, 0x4, 0x5, 0x0, 0x0, "738b276597b6c58b"}, 0x1}}]}, 0x154}, 0x1, 0x0, 0x0, 0x404a0c4}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000711209000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0)
r2 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x2, 0xf4039, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, @perf_bp={0x0, 0x6}, 0x9092, 0x0, 0x43a1bd76, 0x9, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x200b}, 0x0, 0x4000000000, 0xffffffffffffffff, 0x8)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
fcntl$lock(r1, 0x5, &(0x7f0000000280)={0x1, 0x0, 0x10001, 0x2})
socket$xdp(0x2c, 0x3, 0x0)
syz_emit_ethernet(0x5e, &(0x7f0000000580)=ANY=[@ANYBLOB="ffffffffffff0180c20000010011aaab73692c8f00183e118c906a18e2dc696aadec6d798fc9e8f8184ca309998b3dfbe1d2edf8493fbb70289bfc3b6709a5dc4e66c90643273850d2e73173eb1dcd8d79853e7779fe3cf36355cbe6cc343f5e5cad8e021022b9ccbd1f26aec2019efb8bcdfa9d56cbcf9fd0896b59d8cd35bb9b2e642570465aaa468ea83d984d89c6e9bc485db1ee52772c860c30521b8e929b91ecc307e26c868e06b37bf5dd0d7e8a8fbf9b005396837b543bfefe47dd6929b348a5fdfcab85a6ce412bbb1aaad5bb7d86290f0619e30e8d8d6a8fc964245c64425e7f9ae8"], 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="ac000000000101040a0000003c0001802c000180140003000000000000000000000000000000000014000400ff0100000000000000000000000000010c00028005000100000000003c0002"], 0xac}}, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@newqdisc={0x54, 0x10, 0x1, 0x70bd25, 0x25dfdbfc, {0x6, 0x0, 0x8100, 0x0, {0x1, 0x10}, {0xfff1}, {0xe, 0x10}}, [@TCA_RATE={0x6, 0x5, {0xfc}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x11, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x400c800}, 0x0)
r6 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r6, 0x29, 0x20, &(0x7f0000000280)={@mcast1, 0x800, 0x0, 0x103, 0x1}, 0x20)
socket$inet_tcp(0x2, 0x1, 0x0)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000180)={'syz_tun\x00'})
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000c00)='net/ip6_tables_targets\x00')

2m4.218516345s ago: executing program 5 (id=4500):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x2400, &(0x7f0000009b00)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a80000000060a010400000000000000000a0000010900010073797a310000000054000480500001800b00010074617267657400004000028008000240000000012c0003007339f2f10455afb9fdd672bad09dfb78c7699c74e891a0c70000000000000000000000000000000008000100544545000900020073797a320000000014000000110001"], 0xa8}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)

2m4.218197094s ago: executing program 35 (id=4500):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x2400, &(0x7f0000009b00)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a80000000060a010400000000000000000a0000010900010073797a310000000054000480500001800b00010074617267657400004000028008000240000000012c0003007339f2f10455afb9fdd672bad09dfb78c7699c74e891a0c70000000000000000000000000000000008000100544545000900020073797a320000000014000000110001"], 0xa8}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)

4.707636617s ago: executing program 7 (id=7307):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@nat={'nat\x00', 0x2, 0x5, 0x628, 0x0, 0x488, 0xffffffff, 0x0, 0x268, 0x558, 0x558, 0xffffffff, 0x558, 0x558, 0x5, 0x0, {[{{@uncond, 0x0, 0x220, 0x268, 0x0, {}, [@common=@rt={{0x138}, {0x4, [0x3, 0x800], 0x0, 0xf23d8cefb056ae2b, 0x7, [@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast1, @private0, @private1={0xfc, 0x1, '\x00', 0x1}, @ipv4={'\x00', '\xff\xff', @remote}, @loopback, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @remote, @mcast2, @private0={0xfc, 0x0, '\x00', 0x1}, @private2={0xfc, 0x2, '\x00', 0x1}, @empty, @dev={0xfe, 0x80, '\x00', 0x2b}, @dev={0xfe, 0x80, '\x00', 0x39}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @remote], 0x9}}, @common=@unspec=@connlimit={{0x40}, {[0x0, 0xffffffff, 0xffffffff, 0xff000000], 0xffffff7f, 0x1, {0x4}}}]}, @MASQUERADE={0x48, 'MASQUERADE\x00', 0x0, {0x0, @ipv4=@empty, @ipv6=@remote}}}, {{@ipv6={@dev, @loopback, [], [], 'batadv0\x00', 'veth1_vlan\x00'}, 0x0, 0xe8, 0x130, 0x0, {}, [@common=@unspec=@connlimit={{0x40}}]}, @unspec=@SNAT1={0x48, 'SNAT\x00', 0x1, {0x0, @ipv4=@loopback, @ipv6=@private0, @icmp_id, @icmp_id}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @NETMAP={0x48, 'NETMAP\x00', 0x0, {0x0, @ipv6=@dev={0xfe, 0x80, '\x00', 0x1b}, @ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @gre_key, @gre_key}}}, {{@ipv6={@remote, @mcast1, [0x0, 0xff000000], [], 'ipvlan0\x00', 'pim6reg\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE1={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x688)
r1 = socket$kcm(0x29, 0x2, 0x0)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000640)={0x28, 0x0, 0x2710}, 0x10)
mkdir(&(0x7f0000000780)='./file0\x00', 0x140)
ioctl$F2FS_IOC_DEFRAGMENT(r2, 0xc010f508, &(0x7f00000006c0)={0x3, 0xfffffffffffffff7})
getsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000700), &(0x7f0000000740)=0x4)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000280)={'ip6tnl0\x00', &(0x7f0000000100)=@ethtool_sset_info={0x37, 0xfffffff1, 0x7ff}})

4.622193572s ago: executing program 7 (id=7309):
connect$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x6)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0xe, 0x7fff0000}]})
migrate_pages(0x0, 0x3, 0x0, &(0x7f0000000340)=0x101)
bind$inet(r1, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r2 = socket(0x10, 0x3, 0x0)
r3 = syz_clone(0x40000000, &(0x7f00000004c0)="9aa287001b87a87be33fc393133eec9767833852a7faa1504b352ad80f735914dfee2b741ce0d7ca8ba641f4e3771539321c66af7d32d38a2eb11f3ad1af0f4f387e23266a48977475da3bbed5b58f943754b4ff6fadeb896c2dab0f699ab1b64a1a84031fb1919d4361d0fc916cb032ec03322db55dd2d6851f07a2238be299a19c26112493344602f4c4260d72f264defc5f9b3c7326e17b1ad00b3421600b161b7bc7f9cae72a3ca3b0ae33f405190758c189382bffc3d527971f397c89ab3f6b9b6dd8679d39daf7a005c0134ec93d1422253060686395b662952498bb1472646743b738ab6dbc9e341a8a7af449975ef01e06ad7815e0", 0xf9, &(0x7f0000000240), &(0x7f0000000440), &(0x7f00000005c0)="1216f08333f48c4bfcf0d344c768df4b72e986acc1f6acb057da7873745bc81af88e32d0488083cb47363486abb683734da6e4b443013c64b31600b3be4ea5d8b3ab10263048b0d240ccf3fb693815c1b76b03596af5e04d650ee5bed8ba68421ca86c75eac5fed82a3572e89fcb15917994779659f3cc04ce08825b554d6ded905ae0155b5db2a2bdc5962b8b97d4c42a5d279f9475d69dd817e500113173ab35")
r4 = perf_event_open(&(0x7f0000000680)={0x0, 0x80, 0x5, 0x3, 0x1, 0x8, 0x0, 0x3, 0x0, 0xc, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x8, 0x0, @perf_config_ext={0x8000000000000001, 0x2}, 0x10, 0x0, 0x4, 0x9, 0x6, 0x5, 0x1, 0x0, 0x4, 0x0, 0x1}, 0x0, 0x2, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x71, 0x5, 0x7, 0x2, 0x0, 0x8, 0x922, 0x4, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x3a6, 0x0, @perf_config_ext={0x7616, 0xffff}, 0x100154, 0x7b9d, 0x4, 0x3, 0x5, 0x9, 0xfffa, 0x0, 0xaa, 0x0, 0x1}, r3, 0xc, r4, 0x8)
sendmsg$nl_generic(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000002280)=ANY=[@ANYBLOB="240000001900010000000000fbdbdf250a010900100012800c00f880080012"], 0x24}, 0x1, 0x0, 0x0, 0x5}, 0x0)
recvmsg$can_raw(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000080)=@nfc, 0x80, &(0x7f0000000140)=[{&(0x7f0000000100)=""/14, 0xe}], 0x1, &(0x7f0000000180)=""/37, 0x25}, 0x2)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_WIPHY(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000740)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r6, @ANYBLOB="59bb28bd70000100000001000000080003"], 0x1c}, 0x1, 0x0, 0x0, 0x400c080}, 0x24048840)

3.492614828s ago: executing program 7 (id=7317):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x7}, 0x8)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x844)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000040)={0x0, 0x6d207ee5}, 0x8)
bind$inet6(r0, 0x0, 0x0)
sendmmsg$inet6(r0, &(0x7f0000000200)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x1, @loopback, 0x1}, 0x70, &(0x7f0000000580)=[{&(0x7f0000001680)='\t', 0x1}], 0x1}}], 0x1, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r0, 0x84, 0x79, &(0x7f0000000140)={0x0, 0x0, 0x9}, 0x8)

2.573816221s ago: executing program 7 (id=7326):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x3, 0x5, &(0x7f0000006680))
getcwd(&(0x7f00000000c0)=""/52, 0x34)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x4, 0x0, 0x7fff000a}]})
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
truncate(&(0x7f0000000180)='./file0\x00', 0x8fff5)
capset(&(0x7f0000000040)={0x19980330}, &(0x7f0000000080)={0x6, 0x6, 0x2, 0x87, 0xffffffff, 0x2})
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000001880)=@security={'security\x00', 0xe, 0x4, 0x470, 0xffffffff, 0x0, 0x2a0, 0x1a0, 0xffffffff, 0xffffffff, 0x3d8, 0x3d8, 0x3d8, 0xffffffff, 0x4, &(0x7f00000012c0), {[{{@ip={@initdev={0xac, 0x1e, 0x1, 0x0}, @rand_addr=0x64010102, 0xffffff00, 0x80ffffff, 'veth1_to_batadv\x00', 'veth0_macvtap\x00', {0xff}, {0xff}, 0x32, 0x1, 0x8}, 0x0, 0x160, 0x1a0, 0x0, {}, [@common=@unspec=@conntrack2={{0xc0}, {{@ipv6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [0x0, 0x0, 0xffffff00, 0xff], @ipv4=@remote, [0xff000000, 0x0, 0xff, 0xff000000], @ipv6=@empty, [0xffffffff, 0x0, 0xff, 0xffffff00], @ipv6=@mcast1, [0xffffffff, 0xff000000, 0xff, 0xff000000], 0x9, 0xd, 0x9, 0x4e22, 0x4e21, 0x4e20, 0x4e21, 0x200, 0xf16aa2a3220b6f83}, 0x0, 0x1108}}, @common=@inet=@dccp={{0x30}, {[0x4e20, 0x4e21], [0x4e22, 0x4e24], 0x8, 0x8, 0x4, 0x2b}}]}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x7, 0xf, "6e180f141796690973b18e38f00ec1082328532f0073b698c3ad8694869c"}}}, {{@uncond, 0x0, 0xd8, 0x100, 0x0, {}, [@common=@inet=@tos={{0x28}, {0x15, 0xe6, 0x1}}, @common=@set={{0x40}, {{0x2, [0x4, 0x5, 0x2, 0x4, 0xa, 0x3], 0x2, 0x54d8dde5e5d1560a}}}]}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00', 0x0, {0x4}}}, {{@ip={@multicast2, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x1fffffffe, 0xff, 'vlan0\x00', 'pim6reg\x00', {0xff}, {}, 0x84, 0x2, 0x22}, 0x0, 0xf0, 0x138, 0x0, {}, [@common=@osf={{0x50}, {'syz0\x00', 0x0, 0x4, 0x2, 0x1}}, @common=@addrtype={{0x30}, {0x21, 0x0, 0x1}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00', 0x0, 0xffffffff, {0x800}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x4d0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b7000000df000000bfa300000000000007030000f0ffffff720af0fff8ffffff71a4f0ff000000005d040200000000001d400500000000002004000001ed0000620300ff000000003f440000000000007a0a00fe00ffffffc30300ffa1000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710e4d58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00c37dfca3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebba2c598b4fc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a1074649c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c0dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6acdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c3bfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fed000000007baa5b6a686b50f0937f778af083e055f6138a757ebd0ed93517a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c25000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca485683252b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a0032f37ff559be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee07751532d5e7d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e2fa3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef907000000f01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e015cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130b51d6c9b94c5513df2d85e8c01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb581012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef670000000000000000ba470bfe62fe2933082149d42e8a0000000000000000"], &(0x7f00000001c0)='GPL\x00', 0xf, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001340)=ANY=[@ANYBLOB="000000000000000080fe8728e6254732ea756965e4e2db244f28dccbe289ad0b7c5c4f6f16dd32abcb38f7ff0f999883b1b244b0f11b9c9b7ae00387"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x1d, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000001180)={@map=r2, 0x1, 0x1, 0x6, &(0x7f0000000f40)=[0x0, 0x0], 0x2, 0x0, &(0x7f0000000f80)=[0x0, 0x0], &(0x7f0000001100)=[0x0, 0x0], &(0x7f0000001140)=[0x0, 0x0, 0x0, 0x0], <r3=>0x0}, 0x40)
r4 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r4, &(0x7f0000000280)=[{{&(0x7f0000000140)={0xa, 0x4e20, 0x9, @remote, 0x5}, 0x1c, 0x0}}, {{&(0x7f0000000000)={0xa, 0x4e20, 0x1fc5ad4a, @private1={0xfc, 0x1, '\x00', 0x1}, 0x10}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000040)='^', 0x1}], 0x1}}], 0x2, 0x14)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140), 0x80000, 0x0)
r6 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r6, 0x4c81, 0x0)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c82, 0x0)
shutdown(r4, 0x1)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r4, 0x84, 0x77, &(0x7f0000001380)=ANY=[@ANYRES32=0x0, @ANYBLOB="84f1ad52015a41ccbb86c06641e944c030d0ccf7f89b7c01da4f398efb2857e18976ad52040c4cb487c962c8ff261a2bda1b27897e04eb429f18ef12cbbeece521923185d2a187b310a595b40c2ef3c37a3c1d13a673bb653fe4989387bbc491ba4da7865347"], 0x8)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000001280)={'syztnl2\x00', &(0x7f0000001200)={'syztnl2\x00', 0x0, 0x29, 0x7, 0xe9, 0xfffffbff, 0x27, @empty, @dev={0xfe, 0x80, '\x00', 0x15}, 0x40, 0x10, 0x7, 0x6}})
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000011c0)={@cgroup=r1, r0, 0x11, 0x10, 0x0, @void, @value=r0, @void, @void, r3}, 0x20)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(r0, 0xc08c5334, &(0x7f0000000e80)={0xccc, 0x1, 0x0, 'queue0\x00', 0x5e0})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]})
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1700"/20, @ANYRES32=0x1], 0x50)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r7, 0xc0182101, &(0x7f00000004c0))
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000000)='./file0\x00', 0x800415, &(0x7f0000000fc0)=ANY=[@ANYRES64=r0, @ANYBLOB="9f11", @ANYRESDEC, @ANYRES64, @ANYRES64=r2, @ANYBLOB="c1b734a6ce29817cd8f0c5bdd0a040106b174e8d466f1e10a4ac7e6515dbf4674bd485b91d634bec389259d09d0e1f8bda9d9bb8874b6726a80359ba96e72b47799f240569f76a9ec27e0acf3bb2c85fa15ccd46217683fed9ef3f400d9d6b359cb77cfa9308ea8b85cfbb193b54df1b871f78b50ffe7825e51a80b0a7b7cfd9799487c3d18b3b31910f043f50ccd56580a8672d71e79ae4ed484ef7a8aadbb3d10a123c038acbf5f88a54a82c0757d52631b94ea2550afdd58d98a9cc587cd69b3f81f86fefbaed8e29b5c46ff48082058c93fbf94609227b808d2625f84006f409045cdc382853fd5c17e99929ff7be00b8b90f53a040be238eb3c751672665a5f5b000000000000000000", @ANYRES8, @ANYRES8=r1], 0x1, 0x2ca, &(0x7f0000000b80)="$eJzs3FFLU3EYx/EnZ25OdAtCKKge6iZvhq4XUCMUokFlTqqL4JhnNXba5JxhTCJ3E932OqRL74LqDXgT3XQb3UkgdZEX0Yl2dvRMj3OWs5nfD8h5tv//tz0iG8+E/VfvvHxczDupvFGRnphKj0hN1kWSv6uGY41rT73uk6CajAx8+3jm9t171zPZbHRSdSIzdSmtqkPn3jx5+ur8u8rA9PLQ66isJO+vrqU/rwyvnFr9OfWo4GjB0VK5oobOlMsVY8YydbbgFFOqNy3TcEwtlBzTblrPW+W5uaoapdnB+JxtOo4apaoWzapWylqxq2o8NAolTaVSOhiXo623jT25pclJIxO+1v9pvztCx/WH3WnbmZqI9G1fzC0dRFMAAKC7tJ7/vVm/ef6Xtc10dtq7+vP/+P7M/yLM/x1Sa7rVav7H/8K2M0a88fptxvwPAAAAAAAAAAAAAAAAAAAAAMBhsO66Cdd1E/7V/4mKSExE/Nv/uk90xm5//6/hscsH3Sc6I/DFvZiI9WI+N5/zrt56Ji8FscSUUUnIj/r7QYNXT1zLjo9q3XfXdRcb+cX5XESift6XDMufPTHm5VXeWoH8cYkHnz8tCTkZ/vzp0HzfrYsXAvmUJOT9AymLJbP197XN/LMx1as3slvy/fV9Owo9aQEAAAAAgO6U0g3J5s+/EW+9viEm29e9/B7+P7Dl83WvnG7niEoAAAAAAPDXnOpC0bAs0w4plkVkh6V6ERWRFvGjWkSkK9rYUlwRkS5oo2UxuH8dxkTEu0f/ID78ZSPeVsptY0/vLq+mjhYx2XMq9MBgAAAAAIfY5tC/h9CH5x3sCAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAo6flMWAjA96m6kLR39+0J/hALR4nsCtycL8ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0H1+BQAA//8wyhaW")
openat$cgroup_devices(r1, &(0x7f0000000300)='devices.allow\x00', 0x2, 0x0)

2.538318053s ago: executing program 7 (id=7328):
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x63, 0x0, 0x0, 0x0, 0x0, 0x10000000008, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_bp={0x0, 0x2}, 0x0, 0x0, 0xa92e, 0x6, 0x2, 0xcc, 0xffff, 0x0, 0x0, 0x0, 0xbd}, 0x0, 0xfff7ffffffffffff, 0xffffffffffffffff, 0x1)
r0 = socket$qrtr(0x2a, 0x2, 0x0)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r1, &(0x7f00000005c0), 0x10)
recvmsg(r1, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x20)
sendmsg$can_bcm(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB, @ANYRES64=0x0, @ANYRES64=0x2710], 0x48}}, 0x0)
connect$qrtr(r0, &(0x7f0000000040)={0x2a, 0x1, 0xfffffffe}, 0xc)
r2 = socket$qrtr(0x2a, 0x2, 0x0)
recvmmsg(r0, &(0x7f0000000ac0)=[{{0x0, 0xff2c, 0x0}, 0x1}], 0x40, 0x2, 0x0)
bind$qrtr(r0, &(0x7f00000002c0)={0x2a, 0x1, 0x2}, 0xc)
connect$qrtr(r2, &(0x7f0000000040)={0x2a, 0x1, 0x4000}, 0xc)
writev(r2, &(0x7f0000000340)=[{&(0x7f0000000080)="fb", 0x1}], 0x1)

1.625261906s ago: executing program 7 (id=7349):
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x27, 0x6, 0x0, 0x0, 0x0, 0x9, 0x690bb, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x1, @perf_bp={0x0, 0x8}, 0x10, 0x32, 0x43a1bd76, 0x7, 0x3, 0x1, 0x2, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x1)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x38}, 0x1, 0x0, 0x0, 0x22000001}, 0xfd3c721b21c09370)

1.477704445s ago: executing program 6 (id=7351):
r0 = syz_io_uring_setup(0x26b6, &(0x7f0000000200)={0x0, 0xf906, 0x800, 0x0, 0x308}, &(0x7f0000000080), &(0x7f0000000280))
io_uring_register$IORING_UNREGISTER_FILES(r0, 0x24, 0x0, 0x0)

1.472923675s ago: executing program 0 (id=7286):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$TIOCSWINSZ(r0, 0x5414, &(0x7f0000000000)={0x407, 0xfffd, 0x5, 0x8})
syz_mount_image$ext4(&(0x7f0000000d80)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x21881e, &(0x7f00000000c0)={[{@user_xattr}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@stripe={'stripe', 0x3d, 0x6}}]}, 0x1, 0x50f, &(0x7f0000000680)="$eJzs3c9vI1cdAPCvnThxsmmTlh4AQbu0hQWt1km8bVT1AOUCQqgSokeQtiHxRlHsOIqd0oQ9pGeuSFTiBEf+AG5IPSFx5ILgxqUckPgRgRokDoNmPMk6WbuJNokdxZ+PNJr35s36+32bnffWL4lfACPrdkTsR8RERLwbEbP59UJ+xFudI73vk4NHK4cHj1YKkSTv/LOQtafXouvPpG7lr1mOiO9/O+JHhSfjtnb3Npbr9dp2Xp9vN7bmW7t799Yby2u1tdpmtbq0uLTwxv3Xq5fW15caE3npix//Yf9rP0nTmsmvdPfjMnW6XjqOkxqPiO9eRbAhGMv7MzHsRHgqxYh4PiJezp7/2RjLvpoAwE2WJLORzHbXAYCbrpitgRWKlXwtYCaKxUqls4b3QkwX681W++7D5s7mametbC5KxYfr9dpCvlY4F6VCWl/Myo/r1VP1+xHxXET8bHIqq1dWmvXVYf7HBwBG2K1T8/9/JjvzPwBww5WHnQAAMHDmfwAYPeZ/ABg95n8AGD2d+X9q2GkAAAPk/T8AjB7zPwCMlO+9/XZ6JIf551+vvre7s9F8795qrbVRaeysVFaa21uVtWZzLfvMnsZZr1dvNrcWX4ud9+e+vtVqz7d29x40mjub7QfZ53o/qJWyu/YH0DMAoJ/nXvroz4V0Rn5zKjuiay+H0lAzA65acdgJAEMzNuwEgKGx2xeMrgu8x7c8ADdEjy16j/3+W0lS7vULQkmSJFebFnCF7nzO+j+Mqq71fz8FDCPG+j+MLuv/MLqSpHDePf/jvDcCANebNX6gz/f/n8/Pv86/OfDD1dN3fHiVWQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD1drT/byXfC3wmisVKJeKZiJiLUuHher22EBHPRsSfJkuTaX1xyDkDABdV/Fsh3//rzuyrMyeaXrx1XJyIiB//4p2fv7/cbm//MWKi8K/Jo+vtD/Pr1cFnDwCc7Wiezs5db+Q/OXi0cnQMMp+/fzMiyp34hwcTcXgcfzzGs3M5ShEx/e9CXu8odK1dXMT+BxHx2V79L8RMtgbS2fn0dPw09jMDjV88Eb+YtXXO6d/FZy4hFxg1H6Xjz1u9nr9i3M7OvZ//cjZCXVw+/qUvtXKYjYGP4x+Nf2N9xr/b543x2u++0ylNPdn2QcTnxyOOYh92jT9H8Qt94r96+sX6DIh/+cKLL/fLLfllxJ3oHb871ny7sTXf2t27t95YXqut1Tar1aXFpYU37r9enc/WqOf7zwb/ePPus/3a0v5P94lfPqP/X+4b8aRf/e/dH3zpU+J/9ZVe8YvxwqfET+fEr5wz/vL0b8r92tL4q336f9bX/+4543/8170ntg0HAIantbu3sVyv17b7Fn47ffY9CgoDKaT/ZK9BGj0L3xhUrIno3fTTVzrP9KmmJHmqWCfHicfvHC9j1Q24Do4f+oj477CTAQAAAAAAAAAAAAAAehrEbywNu48AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcXP8PAAD//9140jY=")
r1 = open(&(0x7f0000000080)='./file1\x00', 0x64842, 0x22)
syz_read_part_table(0x1058, &(0x7f0000000000)="$eJzsz8GJwkAYBeCXzW6S3VNKWEuJV716sglLEKwlgjZmFRJRk0MKEBG+7zLzmPkf/OGtivEok99kyPFv9ljW8+/ldFldd1Wy/19Uh+4racamrk2/fMRs73ld5NRVKdqfunkOXvph6vjO5vza7QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgM9wCAAD//65IC6s=")
pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x140000}], 0x1, 0x7800, 0x0, 0x3)

1.414265168s ago: executing program 6 (id=7353):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000880)=@raw={'raw\x00', 0x8, 0x3, 0x2b0, 0x0, 0xffffffff, 0xffffffff, 0xf8, 0xffffffff, 0x1e0, 0xffffffff, 0xffffffff, 0x1e0, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @private0={0xfc, 0x0, '\x00', 0x1}, [], [0x0, 0x0, 0x0, 0xff], 'batadv0\x00', 'wg1\x00', {}, {}, 0x6}, 0x0, 0xd0, 0xf8, 0x0, {0x0, 0x4c00}, [@common=@inet=@ecn={{0x28}, {0x20, 0x20, 0x1, 0x8}}]}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00', 0x0, {0xffff}}}, {{@uncond, 0x0, 0xa8, 0xe8}, @common=@inet=@TCPOPTSTRIP={0x40, 'TCPOPTSTRIP\x00', 0x0, {[0x0, 0x0, 0x0, 0x3]}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x310)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=@newqdisc={0x24}, 0x24}}, 0x0)
getsockname$packet(r4, &(0x7f0000000080)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r5, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000002140)=@delchain={0x24, 0x2e, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0x0, 0xffff}, {0x6, 0xa}}}, 0x24}, 0x1, 0x0, 0x0, 0x24000000}, 0x0)
r6 = dup(r1)
write$UHID_INPUT(r6, &(0x7f0000000000)={0x7, {"a2e3ad21ed0d52f91b5d500987f70e06d038e7fd7fc6e5539b0d47078b089b3907376d090890e0878f0e1ac6e7049b334a959b669a240d5d67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d07670936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70fe98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf1a34af674f3f39fe23491235c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e470dea05918b41243513f000800000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3e3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14d9fdb8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a19000000000000006f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69b15c9f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d44400009a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc01008cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c16c02ed4b5d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaab1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106d26658b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6b14effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c110000a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b51028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6815d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3f3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51090840517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4e004a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6ce1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c817e9177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d543902113c4c859465c3c115c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc248850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafcc009fc074bb6b68a1f0c4649820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948998cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2fd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5dc4ff8f0104000000000000df72279fdb0d2b9e936e5a983c12fded79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d3700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc642df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa6e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9f07b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e3ebb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3fec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4cddd5d0fc5a752f9000", 0x1000}}, 0x1006)
socket$phonet_pipe(0x23, 0x5, 0x2)
r7 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r7, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
munlockall()
syz_emit_ethernet(0x52, &(0x7f0000000140)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0xc, 0x4, 0x0, 0x10, 0x44, 0x0, 0x0, 0x0, 0x5, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @private=0x2010100, {[@timestamp_addr={0x44, 0x14, 0x5, 0x3, 0x8, [{@remote, 0x4}, {@broadcast}]}, @ssrr={0x89, 0x3, 0xce}, @generic={0x83, 0x2}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5}}}}}}, 0x0)

1.345350712s ago: executing program 6 (id=7356):
syz_emit_ethernet(0x107, &(0x7f0000000240)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xf9, 0x0, 0x0, 0x7, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0xe5, 0x0, @gue={{0x1, 0x0, 0x1, 0x5, 0xbd0b785f081246da, @void}, "888805051d857c1e9288b08142241e6fb7e16a7dacda9fb5b31b080322618aa545424db7c5e543d6fc348a40ad96c28ae7623b2949c072c120db9e3fee0e0b8ed79d1879518c471a8ef296ce8fc0ebc319d5057d10f1f4c7b9d7cd059fc8caedd4cdc22f54bbe6afe6c00cda8b3eecbbf7992b978bc2e9eae9e1be8e13594b8ad889e006c6c832bdc76402fb1f50707d27082db317bbf1425d19c0837a6261e8163c41a99470d908d3a1aa93c603f0abc15b96246d104cc3d5bb1d1d277c686fb4f4ccc6ae981b1f64ad0fa9041bf2c8ed910b195ca6256bd5"}}}}}}, 0x0)

1.263779176s ago: executing program 6 (id=7357):
socket$netlink(0x10, 0x3, 0x14)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYRESOCT=r0, @ANYRESHEX=r0, @ANYBLOB="014800001953010014003500626f6e6430000000000000000000f9001c00128009000100626f6e64000000000c000280050011003c"], 0x50}, 0x1, 0x0, 0x0, 0x20000000}, 0x11)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0)
r1 = getpid()
r2 = syz_pidfd_open(r1, 0x0)
setns(r2, 0x24020000)
syz_clone(0x1b200000, 0x0, 0x0, 0x0, 0x0, 0x0)

1.19945918s ago: executing program 6 (id=7358):
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x63, 0x0, 0x0, 0x0, 0x0, 0x10000000008, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_bp={0x0, 0x2}, 0x0, 0x0, 0xa92e, 0x6, 0x2, 0xcc, 0xffff, 0x0, 0x0, 0x0, 0xbd}, 0x0, 0xfff7ffffffffffff, 0xffffffffffffffff, 0x1)
r0 = socket$qrtr(0x2a, 0x2, 0x0)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r1, &(0x7f00000005c0), 0x10)
recvmsg(r1, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x20)
sendmsg$can_bcm(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="050000007f000000", @ANYRES64=0x0, @ANYRES64=0x2710], 0x48}}, 0x0)
connect$qrtr(r0, &(0x7f0000000040)={0x2a, 0x1, 0xfffffffe}, 0xc)
r2 = socket$qrtr(0x2a, 0x2, 0x0)
recvmmsg(r0, &(0x7f0000000ac0)=[{{0x0, 0xff2c, 0x0}, 0x1}], 0x40, 0x2, 0x0)
bind$qrtr(r0, &(0x7f00000002c0)={0x2a, 0x1, 0x2}, 0xc)
connect$qrtr(r2, &(0x7f0000000040)={0x2a, 0x1, 0x4000}, 0xc)
writev(r2, &(0x7f0000000340)=[{&(0x7f0000000080)="fb", 0x1}], 0x1)

1.198826151s ago: executing program 8 (id=7359):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x54, 0x2, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x11}]}, @IPSET_ATTR_TYPENAME={0x15, 0x3, 'hash:ip,port,net\x00'}]}, 0x54}}, 0x0)

1.142547293s ago: executing program 0 (id=7360):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)={{0x14}, [@NFT_MSG_NEWRULE={0x60, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2, 0x0, 0xfffe}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x34, 0x4, 0x0, 0x1, [{0x30, 0x1, 0x0, 0x1, @match={{0xa}, @val={0x20, 0x2, 0x0, 0x1, [@NFTA_MATCH_INFO={0x5, 0x3, '\x00'}, @NFTA_MATCH_NAME={0xb, 0x1, 'socket\x00'}, @NFTA_MATCH_REV={0x8, 0x2, 0x1, 0x0, 0x2}]}}}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x88}, 0x1, 0x0, 0x0, 0x24044800}, 0x0) (fail_nth: 1)

917.871227ms ago: executing program 0 (id=7361):
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x2, 0xf4039, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x147b7e, 0x0, @perf_config_ext={0x1, 0xf60e}, 0x9092, 0x0, 0x43a1bd76, 0x2, 0x9, 0x6, 0x5, 0x0, 0x0, 0x0, 0x200b}, 0x0, 0x4000000000, 0xffffffffffffffff, 0x1)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x9, 0x2)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
socket(0xa, 0x3, 0x87)
unshare(0x26000400)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000100)={0x0, <r2=>0x0})
syz_open_procfs(r2, &(0x7f0000000000)='net/mcfilter6\x00')
r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000000), 0x8002, 0x0)
io_setup(0x689, &(0x7f00000049c0)=<r4=>0x0)
r5 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x800000, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000440)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r5, 0x40042408, r6)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
io_submit(r4, 0x1, &(0x7f00000051c0)=[&(0x7f0000004a80)={0x0, 0x0, 0x0, 0x1, 0x7, r3, &(0x7f0000004a00)="c8", 0x1, 0x7}])

917.181077ms ago: executing program 3 (id=7362):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="4400000010000104a5270b7357000000925e4a44", @ANYRES32], 0x44}, 0x1, 0x0, 0x0, 0x40010}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[], 0x48}, 0x1, 0x0, 0x0, 0x20004810}, 0x0)
sendmmsg(r0, 0x0, 0x0, 0x0)

916.793887ms ago: executing program 8 (id=7363):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = memfd_secret(0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB="5c0000000206030000000000000000000000000014000780080008400000000008001240ffffffe80500010006000000050005000200000005000400000000000900020073797a31000000000d000300686173683a6e6574"], 0x5c}}, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0xa, 0x11, r1, 0x0)
ftruncate(r1, 0x51a9497)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080))
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x18)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(r3, 0x84, 0x80, &(0x7f0000000000)=""/4103, &(0x7f0000001040)=0x1007)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket$inet_icmp(0x2, 0x2, 0x1)
socket$inet(0x2, 0x3, 0x7)
r6 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r6, 0x6, 0x13, &(0x7f0000000000)=0x1, 0xfef2)
setsockopt$SO_TIMESTAMPING(r6, 0x1, 0x9, &(0x7f0000000040)=0x440, 0x4)
connect$inet(r6, &(0x7f00000000c0)={0x2, 0x4e23, @remote}, 0x10)
close(0x4)
socket$inet(0x2, 0x80000, 0x9)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000240)={0x0, <r7=>0x0}, &(0x7f0000000400)=0xc)
sendmsg$netlink(r4, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000380)={0x38, 0x2e, 0x1, 0x0, 0x0, "", [@typed={0x8, 0xc, 0x0, 0x0, @uid=r7}, @nested={0xb, 0x0, 0x0, 0x1, [@generic="976b6408686030"]}, @nested={0x14, 0x1, 0x0, 0x1, [@generic="f1c2348fb4010000000000000046758b"]}]}, 0x38}], 0x1, 0x0, 0x0, 0x2000000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a60000000060a090400c40000000000000200fffeec0900020073797a32000000000900010073797a300000000034000480300001800a0001006d6174636800000020000280050003000000000009000100736f636b657400000800024000000002140000001100010000000000"], 0x88}, 0x1, 0x0, 0x0, 0x24044800}, 0x0)

885.660069ms ago: executing program 3 (id=7364):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={0x0}, 0x1, 0x0, 0x0, 0x4000850}, 0x10040000)

810.648903ms ago: executing program 3 (id=7365):
r0 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0xc, 0x40008, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, 0x2, @perf_config_ext={0x9, 0x6}, 0x0, 0x0, 0x800001, 0x6, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x2501, 0x0)
ioctl$SNAPSHOT_FREE(r1, 0x3305)
ioctl$BTRFS_IOC_BALANCE_V2(r0, 0xc4009420, 0x0)

810.288233ms ago: executing program 8 (id=7366):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000001c0)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x4, 0x0, 0x300}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_NF_CALL_IP6TABLES={0x5, 0x25, 0x1}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4}, 0x8044)

785.657795ms ago: executing program 8 (id=7367):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0xc08, 0x3, 0x1e8, 0xc, 0x5002004a, 0xb, 0x310, 0xea02, 0x3d0, 0x3c8, 0x3c8, 0x3d0, 0x3c8, 0x3, 0x0, {[{{@ip={@rand_addr, @local, 0x0, 0x0, 'erspan0\x00', 'ip6tnl0\x00'}, 0x0, 0x70, 0xb8}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'pptp\x00'}}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@NFQUEUE2={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x248) (fail_nth: 2)

702.533459ms ago: executing program 8 (id=7368):
socket$netlink(0x10, 0x3, 0x14)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYRESOCT=r0, @ANYRESHEX=r0, @ANYBLOB="014800001953010014003500626f6e6430000000000000000000f9001c00128009000100626f6e64000000000c000280050011003c"], 0x50}, 0x1, 0x0, 0x0, 0x20000000}, 0x11)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0)
r1 = getpid()
r2 = syz_pidfd_open(r1, 0x0)
setns(r2, 0x24020000)
syz_clone(0x1b200000, 0x0, 0x0, 0x0, 0x0, 0x0)

598.796135ms ago: executing program 8 (id=7369):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500)={<r0=>0xffffffffffffffff})
close(0x3)
r1 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$sock_int(r0, 0x1, 0x20, &(0x7f0000001740)=0x7ffffffd, 0x4)
connect$netlink(r1, &(0x7f0000000100)=@kern={0x10, 0x0, 0x0, 0x8000}, 0xc)
write$binfmt_script(r0, 0x0, 0x6f4000)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
setsockopt(r2, 0x4, 0x7c0, &(0x7f0000000400)="1dbfe112abdc74da9bea64f944acdb6779d47c0c4a1b80862596499f7f3b75d5c550a5bc8622da3bbb1812ce6db308d8b5d7737395f4649920d448444c1f6400fa506c1c241cecf461f765e63d2987dd75011735490f08a285057b861c5c3428a94ab5e1906cc1695b40a203165f034e7304e48bdd1c63d866dbd580fae996a8bac87790abeec8a501542e8ea6cf354ec54e6004c334f8ee21e936100426ac37e95dbf761d923d1a690b41346fdf72e7e578c091c7bff22ead5fe09be6486b56c8", 0xc1)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
ioperm(0x5, 0x8, 0x8000000000005)
perf_event_open(&(0x7f0000000000)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x241a2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x3, @perf_bp={&(0x7f0000000300), 0x1}, 0x0, 0x2, 0x3, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x80, 0x2, 0x1f9}, &(0x7f0000000000), &(0x7f0000000300))
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10010, r4, 0xed526000)
splice(r3, 0x0, r0, 0x0, 0x8002, 0x6)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r3, 0x8982, &(0x7f00000006c0)={0x0, 'bridge0\x00', {0x101}, 0x2})
r5 = socket$netlink(0x10, 0x3, 0x4)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = signalfd(r2, &(0x7f0000000500)={[0x8]}, 0x8)
ioctl$USBDEVFS_ALLOW_SUSPEND(r7, 0x5522)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
r8 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000200), r5)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r5, &(0x7f00000003c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000240)={&(0x7f00000009c0)=ANY=[@ANYBLOB="640000008740e7c42ec155eec094eeb6590a846cc7053485459c0b4ec8f9c5db85e3d1b1650c32f2e6959b1e68e7a09ad4059d8a55e5c510ff58dfca7fb09ffd27f52ea831c686f3da177ea28c293a2035710a7fb09a3a9ea37dba98258a2f58e55f2d250fb5895b2475855f76b7455076685c9c5db5d81b860d9b35ff8b3fc41f4cf14dcd48b2f68e3f18089db60135c84e7d79b9a35c0f1123ed1eb22cffdc323bcd", @ANYRES16=r8, @ANYBLOB="00042bbd7000fddbdf250200000008000200020000000c00018005000200080000000800030005000000050005000c0000000800020001000000040006800800040008000000080004000100000008000300050000000800020002000000"], 0x64}, 0x1, 0x0, 0x0, 0x8114}, 0x40000d0)
r9 = memfd_create(&(0x7f00000005c0)='\x103q}2[\xe0\x9a\xee\xaf\x03\x97\x9et\v\"|Ma\x86\xe7\xc0\x14\x9f\xb9h\xb1\x96\xe7=I\x860S6\xb5\xa8\xc2\x95Je%\xfeG\'\b\x00\x00\x00\x00\x00\x00\x00\x1c\xa6\xab\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94k\xcd\t\x00\x90k\xd6\x05\xb6&\xd0\x9daA\xc5\x9c_\xd4\x18,\f\xd4s\xb2\x99/\xc0\x9a\xf2Oc\xc0c\x03gB!\xb0\xb8n\x01\x9bT\x95\x10\x86\xe8$\x7f\r[\xf9\x0e1v\xb1\n\x88\v\x95uy\xb5:`\x8b\nC\x18A;\xaa%\xaf\xc7\xa3\xac\xa2D\xb5\xe2\xe1\xdc(\xfd\x05\x9fB\x84O\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x1a\xa0\x17\xe3\xac\xe9\xc9\xa7\x8a\x1b\x03\"&\xac\xcap>\xccZ\x01\xbc\x18\xc1\xb9\xe9\v\x8b\x9c\xb4Q\xd4\x96EV<>\x99\xca\xb3\xe0\xc4tL\xed\xf5W\xbd#\xcf\x8a\x84\xed\x9f/\xd4\xbb\xea;-Dp\xf8\xd0F\x90\xf8\x92Ip6\xf4\x16\xe8\x14\xe0\x92!\x92-F\xe2\x14D\x91\xa8b\x04\xdd\x1d\a\xdc\xe0\x18\x85{\x80Q\xf6k\x96\xfaQ\x9fW\vO\xf0\xe4O\\\xceS\xe2\x05\x049d\x06#\x88\xc3\xdf\x85O\x1c\xc3\xad?r\xd7\x0e\x00\xd7\x83\xb0\x88\x9c\xf6Y-F\x98\xdd\x9c~\xfd\x95\xc3\xb6lC\xaa\"Y\xa2K\xecz\x84:*\xf5Y\xd1\x9b1\xbd\x9b\x15\xd4\xec\x02o\x01&\xaa\x90w\xc4\xc7\x8en\xb5\x1ag\xab&?\xbe\xcb\xe8v\xa8\xe0\xa4\x81sW\xacf\x149\xd2}\xef\x03Ga\x9a$4\x8c\xa5!p\x83\x05\x96%\x02%\xabj\n\b\xc8NC\x91}&y\xd3\xe1\xeep\'\xc5\xab\x19GsX5\x8c\n\x9fh\xee;4\xb1%V\xe0\xa9\x8e\xf30:\xd8\x18N~G\x139\xcaf2\x02F1\xc6\x82\x00E\xae\x9d\x17\x871N:\xb4\xea \x8e\xdelP\x83\x1f\'\xe2\xd6\xc0\xc3\xfc\xc9677u\xf3RUP@o>\xee\xb8\xa3\t\x02\xb7\\,\xebK\xed\x1b\xc9e\xb3\x16\xce\x9bI\xdb\xfa\x82\x85\t\x9bg\xd0s\xe2\f{\x8cp~;\xf8\x96\xf2\x91\x06\x89\xa6D\xce\xac\x03\xc1\x83\xd1\xe6 |\xa75\xd7\x80t\xfc\xf8\xd2\x12N\x1cB7^\xfd4\xae\xb0VFw\b!\xae\x1baTv\xc0z\x19\xc5\xc8w\xba\x97N\x9a`\x8f\xfc\x9ee\xf9\x00\x1cQA\x14]\r\xd4\"\xc2\x12GD\xdb{\x88\xaa\x81\xc8\xa2\xdeI\xa2\xbel\x0e\xec\x17fNI\x05\xff\x8d\xf4_\x1a\vqA\xb7\x0ed<\x98\xee\xb8\x19\xec\x9f\xee\xe1_\xacG\x8b\xa3\xc3\x13\x80\x0f\xf4I\xdeAwG\xbdkno\xa2\b\x126\x97\x9b\xf9|P\xd94\v\x15\xcb\xc0\x9d\x11\xf3\x18\xae!2\x1b\x12\xa9\xc8~\xb7S\x94\xb5\xc7;\xa90D>s\xe9\xa4N\xf8\xdb\xab\xa0\x94~\xa1]b\xa4\xe5\xe2e\x1c\x8b\xd2\xc7Md\x93\x02\xd8\xb0,\xeb\x03\xaa\v\xed\x9bR\x8a\x80\xc2\x1f\x17ej\x973wv\x83a\xe06\x96\xde\xbc%Uh;H\xf8S\xf1\xa1g\x02\xc4\xc3\xa4\xa8\x96\t\xfex\xa2?\xcb\\Y\x1e\xfe\xca\xa0i\x80O\x11\xac\xb7$\xdb\xbc\xb0\xcb\xacqU\xb5*\x00\x00\x00\x00\x00\x00\x00\f\xda\xf8oV\x89\xd3\x1f\x99+\xe5T\x8eM4\x1c\xc6\x7f\xd4\xf2\xcc\xd3\x94\xca\xd4\x00\x00\x00\x00\x00\x00\x00\x00\x00~A9\xf6IBu2L\x9e\xa2\xd0\x92\xd1\xbc\xb8\tJ\xa1\aN\x87\x95\xbb\xa9s\xab\x90\x06\xc6!p\x9e?~\xf9\xe6\xae*\v\xa3\xd9gxKN\'z]*\x93\xf7\b\x91\xd0\xff\xd9\xc6a\xb5q\x9c\xa1Go\xd58\x93\xe0,\x9f\xe4\xa9\xd9A\x9e\x95e\x98\xd0V\x9d\xed\x97\xf1\xc5\xce\xf5\x90!d\x9a\xd8\x10\xbbx\r8\xff\x8bNUK\xebA\xe5\x92f\xc4\xd1\xa8\x15\xbf\xb5iW\xdb.kbf*\x89\xf0\xecq m-~\xbbf?\xec=\xd2\xe2\x1e\x8d/o\xcd\xc8x\xdb\xe6\xd0W\xca\xc5kz\x8e9\xfa\x86\x0f\x96p', 0x3)
ioctl$FS_IOC_RESVSP(r9, 0x40305828, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000000})
socket$nl_route(0x10, 0x3, 0x0)

418.655215ms ago: executing program 3 (id=7370):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000580)=ANY=[@ANYBLOB="b40000001800090000000000000000001c"], 0xb4}}, 0x24040810)
syz_emit_ethernet(0x107, &(0x7f0000000240)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xf9, 0x0, 0x0, 0x7, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0xe5, 0x0, @gue={{0x1, 0x0, 0x1, 0x5, 0xbd0b785f081246da, @void}, "888805051d857c1e9288b08142241e6fb7e16a7dacda9fb5b31b080322618aa545424db7c5e543d6fc348a40ad96c28ae7623b2949c072c120db9e3fee0e0b8ed79d1879518c471a8ef296ce8fc0ebc319d5057d10f1f4c7b9d7cd059fc8caedd4cdc22f54bbe6afe6c00cda8b3eecbbf7992b978bc2e9eae9e1be8e13594b8ad889e006c6c832bdc76402fb1f50707d27082db317bbf1425d19c0837a6261e8163c41a99470d908d3a1aa93c603f0abc15b96246d104cc3d5bb1d1d277c686fb4f4ccc6ae981b1f64ad0fa9041bf2c8ed910b195ca6256bd5"}}}}}}, 0x0)
r1 = socket$isdn(0x22, 0x3, 0x3)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000040))

381.179888ms ago: executing program 0 (id=7371):
r0 = getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f0000001200)=[{{0x0, 0xa4, 0x0, 0x0, 0x0, 0x0, 0x10}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002", @ANYRES32=r0, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="00000000280000000000000001"], 0xe0, 0x4000000}}], 0x2, 0x800)

305.940822ms ago: executing program 0 (id=7372):
r0 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0xc, 0x40008, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, 0x2, @perf_config_ext={0x9, 0x6}, 0x0, 0x0, 0x800001, 0x6, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x2501, 0x0) (fail_nth: 2)
ioctl$SNAPSHOT_FREE(r1, 0x3305)
ioctl$BTRFS_IOC_BALANCE_V2(r0, 0xc4009420, 0x0)

305.481552ms ago: executing program 3 (id=7373):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="4400000010000104a5270b7357000000925e4a44", @ANYRES32], 0x44}, 0x1, 0x0, 0x0, 0x40010}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[], 0x48}, 0x1, 0x0, 0x0, 0x20004810}, 0x0)
sendmmsg(r0, 0x0, 0x0, 0x0)

31.581788ms ago: executing program 3 (id=7374):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000580)=ANY=[@ANYBLOB="b40000001800090000000000000000001c"], 0xb4}}, 0x24040810)
syz_emit_ethernet(0x107, &(0x7f0000000240)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xf9, 0x0, 0x0, 0x7, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0xe5, 0x0, @gue={{0x1, 0x0, 0x1, 0x5, 0xbd0b785f081246da, @void}, "888805051d857c1e9288b08142241e6fb7e16a7dacda9fb5b31b080322618aa545424db7c5e543d6fc348a40ad96c28ae7623b2949c072c120db9e3fee0e0b8ed79d1879518c471a8ef296ce8fc0ebc319d5057d10f1f4c7b9d7cd059fc8caedd4cdc22f54bbe6afe6c00cda8b3eecbbf7992b978bc2e9eae9e1be8e13594b8ad889e006c6c832bdc76402fb1f50707d27082db317bbf1425d19c0837a6261e8163c41a99470d908d3a1aa93c603f0abc15b96246d104cc3d5bb1d1d277c686fb4f4ccc6ae981b1f64ad0fa9041bf2c8ed910b195ca6256bd5"}}}}}}, 0x0)
syz_emit_ethernet(0x9e, &(0x7f0000000180)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x90, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e22, 0x7c, 0x0, @wg=@data={0x4, 0x0, 0x0, '\x00'/100}}}}}}, 0x0)

31.439998ms ago: executing program 0 (id=7375):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000015c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x1, 0x0, 0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWCHAIN={0x20, 0x3, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0xffff}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0x68}, 0x1, 0x0, 0x0, 0x2000c091}, 0x800)

0s ago: executing program 6 (id=7376):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x7}, 0x8)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x844)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000040)={0x0, 0x6d207ee5}, 0x8)
bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000000200), 0x0, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r0, 0x84, 0x79, &(0x7f0000000140)={0x0, 0x0, 0x9}, 0x8)

kernel console output (not intermixed with test programs):

yond end of device
[  423.482099][T21729] loop6: rw=2049, sector=169, nr_sectors = 8 limit=128
[  423.493221][T21749] sock: sock_set_timeout: `syz.0.6326' (pid 21749) tries to set negative timeout
[  423.511899][T21729] syz.6.6316: attempt to access beyond end of device
[  423.511899][T21729] loop6: rw=2049, sector=185, nr_sectors = 8 limit=128
[  423.545781][T21729] syz.6.6316: attempt to access beyond end of device
[  423.545781][T21729] loop6: rw=2049, sector=201, nr_sectors = 8 limit=128
[  423.594243][T21729] syz.6.6316: attempt to access beyond end of device
[  423.594243][T21729] loop6: rw=2049, sector=217, nr_sectors = 16 limit=128
[  423.614915][T21756] loop3: detected capacity change from 0 to 512
[  423.628663][T21729] syz.6.6316: attempt to access beyond end of device
[  423.628663][T21729] loop6: rw=2049, sector=241, nr_sectors = 8 limit=128
[  423.641945][T21756] EXT4-fs: Ignoring removed nobh option
[  423.678945][T21756] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2
[  423.689611][T21763] sg_write: data in/out 327903/28 bytes for SCSI command 0xe4-- guessing data in;
[  423.689611][T21763]    program syz.8.6331 not setting count and/or reply_len properly
[  423.707195][T21756] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.6328: invalid indirect mapped block 256 (level 1)
[  423.720892][T21729] syz.6.6316: attempt to access beyond end of device
[  423.720892][T21729] loop6: rw=2049, sector=257, nr_sectors = 8 limit=128
[  423.734739][T21756] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.6328: invalid indirect mapped block 2683928664 (level 1)
[  423.751841][T21729] syz.6.6316: attempt to access beyond end of device
[  423.751841][T21729] loop6: rw=2049, sector=273, nr_sectors = 8 limit=128
[  423.766022][T21756] EXT4-fs (loop3): 1 truncate cleaned up
[  423.783044][T21756] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  423.795756][T21729] syz.6.6316: attempt to access beyond end of device
[  423.795756][T21729] loop6: rw=2049, sector=289, nr_sectors = 8 limit=128
[  423.811447][T21765] bond20: entered promiscuous mode
[  423.828515][T21756] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.6328: Invalid block bitmap block 3 in block_group 0
[  423.842348][T21756] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.6328: Invalid block bitmap block 3 in block_group 0
[  423.850645][T21765] 8021q: adding VLAN 0 to HW filter on device bond20
[  423.862796][T21756] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.6328: Invalid block bitmap block 3 in block_group 0
[  423.873455][T21729] syz.6.6316: attempt to access beyond end of device
[  423.873455][T21729] loop6: rw=2049, sector=305, nr_sectors = 8 limit=128
[  423.893444][T21758] loop8: detected capacity change from 0 to 512
[  423.910451][T21767] 8021q: adding VLAN 0 to HW filter on device bond20
[  423.910412][T21758] EXT4-fs: Ignoring removed oldalloc option
[  423.918969][T21767] bond20: (slave wireguard1): The slave device specified does not support setting the MAC address
[  423.935080][T21767] bond20: (slave wireguard1): Error -95 calling set_mac_address
[  423.942851][T21765] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  423.942868][T21765] IPv6: NLM_F_CREATE should be set when creating new route
[  423.942881][T21765] IPv6: NLM_F_CREATE should be set when creating new route
[  423.943035][T21765] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  424.002635][T14990] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  424.028248][T21765] bond20: (slave wireguard1): The slave device specified does not support setting the MAC address
[  424.042436][T21758] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  424.071064][T21780] netlink: 'syz.6.6336': attribute type 1 has an invalid length.
[  424.081018][T21765] bond20: (slave wireguard1): Error -95 calling set_mac_address
[  424.101423][T21780] bond13: entered promiscuous mode
[  424.107036][T21780] 8021q: adding VLAN 0 to HW filter on device bond13
[  424.138016][T21786] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=0 sclass=netlink_xfrm_socket pid=21786 comm=syz.3.6335
[  424.141257][T21780] 8021q: adding VLAN 0 to HW filter on device bond13
[  424.156925][   T29] audit: type=1400 audit(680.113:6706): avc:  denied  { setopt } for  pid=21781 comm="syz.7.6339" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  424.174265][T21780] bond13: (slave wireguard0): The slave device specified does not support setting the MAC address
[  424.187213][T21780] bond13: (slave wireguard0): Setting fail_over_mac to active for active-backup mode
[  424.204105][T16846] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  424.217230][T21780] bond13: (slave wireguard0): making interface the new active one
[  424.225190][T21780] wireguard0: entered promiscuous mode
[  424.247221][T21780] bond13: (slave wireguard0): Enslaving as an active interface with an up link
[  424.264003][   T29] audit: type=1400 audit(680.243:6707): avc:  denied  { accept } for  pid=21781 comm="syz.7.6339" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  424.300664][T21780] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket pid=21780 comm=syz.6.6336
[  424.369728][   T29] audit: type=1400 audit(680.343:6708): avc:  denied  { read } for  pid=21796 comm="syz.0.6345" name="autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  424.421149][T21799] 8021q: adding VLAN 0 to HW filter on device bond4
[  424.435101][T21801] loop8: detected capacity change from 0 to 128
[  424.566758][T21812] veth26: entered promiscuous mode
[  424.571997][T21812] veth26: entered allmulticast mode
[  424.594080][T21816] random: crng reseeded on system resumption
[  424.623466][T21816] Restarting kernel threads ...
[  424.639263][T21816] Done restarting kernel threads.
[  424.644611][   T12] tipc: Subscription rejected, illegal request
[  424.851787][T21842] loop6: detected capacity change from 0 to 764
[  424.882524][T21842] rock: directory entry would overflow storage
[  424.888724][T21842] rock: sig=0x4654, size=5, remaining=4
[  424.908884][T21846] netlink: 'syz.8.6368': attribute type 2 has an invalid length.
[  424.963442][T21851] loop3: detected capacity change from 0 to 256
[  424.979443][T21854] ip6gre1: entered promiscuous mode
[  424.984858][T21854] ip6gre1: entered allmulticast mode
[  425.066298][T21859] xt_TCPMSS: Only works on TCP SYN packets
[  425.337012][T21886] loop8: detected capacity change from 0 to 256
[  425.443483][T21899] FAULT_INJECTION: forcing a failure.
[  425.443483][T21899] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  425.456719][T21899] CPU: 0 UID: 0 PID: 21899 Comm: syz.6.6390 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  425.456817][T21899] Tainted: [W]=WARN
[  425.456826][T21899] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  425.456840][T21899] Call Trace:
[  425.456854][T21899]  <TASK>
[  425.456862][T21899]  __dump_stack+0x1d/0x30
[  425.456888][T21899]  dump_stack_lvl+0x95/0xd0
[  425.456954][T21899]  dump_stack+0x15/0x1b
[  425.456982][T21899]  should_fail_ex+0x263/0x280
[  425.457012][T21899]  should_fail+0xb/0x20
[  425.457030][T21899]  should_fail_usercopy+0x1a/0x20
[  425.457055][T21899]  _copy_from_user+0x1c/0xb0
[  425.457090][T21899]  ___sys_sendmsg+0xc1/0x1e0
[  425.457193][T21899]  __x64_sys_sendmsg+0xd4/0x160
[  425.457279][T21899]  x64_sys_call+0x17ba/0x3000
[  425.457371][T21899]  do_syscall_64+0xc0/0x2a0
[  425.457451][T21899]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  425.457483][T21899] RIP: 0033:0x7f9a3939acb9
[  425.457548][T21899] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  425.457574][T21899] RSP: 002b:00007f9a37df7028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  425.457599][T21899] RAX: ffffffffffffffda RBX: 00007f9a39615fa0 RCX: 00007f9a3939acb9
[  425.457618][T21899] RDX: 000000000000c010 RSI: 0000200000000040 RDI: 0000000000000003
[  425.457652][T21899] RBP: 00007f9a37df7090 R08: 0000000000000000 R09: 0000000000000000
[  425.457668][T21899] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  425.457685][T21899] R13: 00007f9a39616038 R14: 00007f9a39615fa0 R15: 00007fff42a7c008
[  425.457713][T21899]  </TASK>
[  425.756195][T21911] x_tables: ip_tables: osf match: used from hooks POSTROUTING, but only valid from PREROUTING/INPUT/FORWARD
[  425.857595][T21919] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  425.967849][T21927] xt_TCPMSS: Only works on TCP SYN packets
[  426.002656][T21927] __nla_validate_parse: 21 callbacks suppressed
[  426.002679][T21927] netlink: 24 bytes leftover after parsing attributes in process `syz.0.6402'.
[  426.147275][T21942] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6408'.
[  426.212492][T21952] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6413'.
[  426.222400][T21952] netlink: 104 bytes leftover after parsing attributes in process `syz.0.6413'.
[  426.227225][T21942] team1: entered promiscuous mode
[  426.236675][T21942] team1: entered allmulticast mode
[  426.244458][T21942] 8021q: adding VLAN 0 to HW filter on device team1
[  426.304611][T21957] netlink: 132 bytes leftover after parsing attributes in process `syz.0.6413'.
[  426.418486][T21963] netlink: 132 bytes leftover after parsing attributes in process `syz.6.6417'.
[  426.609069][T21970] loop6: detected capacity change from 0 to 128
[  426.760676][T21953] Set syz1 is full, maxelem 65536 reached
[  426.800813][T21977] netlink: 12 bytes leftover after parsing attributes in process `syz.8.6424'.
[  426.847908][T21977] 8021q: adding VLAN 0 to HW filter on device bond7
[  426.857174][T21983] loop7: detected capacity change from 0 to 128
[  426.881770][T21977] netlink: 16 bytes leftover after parsing attributes in process `syz.8.6424'.
[  426.890772][T21977] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6424'.
[  426.919989][T21990] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6428'.
[  427.002413][   T29] kauditd_printk_skb: 4 callbacks suppressed
[  427.002431][   T29] audit: type=1326 audit(682.983:6713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21991 comm="syz.6.6429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a3939acb9 code=0x7ffc0000
[  427.092188][   T29] audit: type=1326 audit(682.983:6714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21991 comm="syz.6.6429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a3939acb9 code=0x7ffc0000
[  427.092236][   T29] audit: type=1326 audit(682.983:6715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21991 comm="syz.6.6429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a3939acb9 code=0x7ffc0000
[  427.092273][   T29] audit: type=1326 audit(683.013:6716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21991 comm="syz.6.6429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f9a3939acb9 code=0x7ffc0000
[  427.092333][   T29] audit: type=1326 audit(683.013:6717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21991 comm="syz.6.6429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a3939acb9 code=0x7ffc0000
[  427.092414][   T29] audit: type=1326 audit(683.013:6718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21991 comm="syz.6.6429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a3939acb9 code=0x7ffc0000
[  427.092449][   T29] audit: type=1326 audit(683.023:6719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21991 comm="syz.6.6429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a3939acb9 code=0x7ffc0000
[  427.092484][   T29] audit: type=1326 audit(683.023:6720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21991 comm="syz.6.6429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=102 compat=0 ip=0x7f9a3939acb9 code=0x7ffc0000
[  427.092562][   T29] audit: type=1326 audit(683.023:6721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21991 comm="syz.6.6429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a3939acb9 code=0x7ffc0000
[  427.092621][   T29] audit: type=1326 audit(683.023:6723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21991 comm="syz.6.6429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a3939acb9 code=0x7ffc0000
[  427.290250][T22019] 8021q: VLANs not supported on ip6tnl0
[  427.458262][T22030] FAULT_INJECTION: forcing a failure.
[  427.458262][T22030] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  427.471551][T22030] CPU: 1 UID: 0 PID: 22030 Comm: syz.3.6445 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  427.471592][T22030] Tainted: [W]=WARN
[  427.471601][T22030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  427.471619][T22030] Call Trace:
[  427.471627][T22030]  <TASK>
[  427.471637][T22030]  __dump_stack+0x1d/0x30
[  427.471725][T22030]  dump_stack_lvl+0x95/0xd0
[  427.471755][T22030]  dump_stack+0x15/0x1b
[  427.471783][T22030]  should_fail_ex+0x263/0x280
[  427.471853][T22030]  should_fail+0xb/0x20
[  427.471878][T22030]  should_fail_usercopy+0x1a/0x20
[  427.471907][T22030]  _copy_from_user+0x1c/0xb0
[  427.471942][T22030]  ___sys_sendmsg+0xc1/0x1e0
[  427.471996][T22030]  __x64_sys_sendmsg+0xd4/0x160
[  427.472033][T22030]  x64_sys_call+0x17ba/0x3000
[  427.472126][T22030]  do_syscall_64+0xc0/0x2a0
[  427.472157][T22030]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  427.472184][T22030] RIP: 0033:0x7f57595bacb9
[  427.472269][T22030] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  427.472289][T22030] RSP: 002b:00007f5758017028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  427.472314][T22030] RAX: ffffffffffffffda RBX: 00007f5759835fa0 RCX: 00007f57595bacb9
[  427.472334][T22030] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000003
[  427.472412][T22030] RBP: 00007f5758017090 R08: 0000000000000000 R09: 0000000000000000
[  427.472429][T22030] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  427.472444][T22030] R13: 00007f5759836038 R14: 00007f5759835fa0 R15: 00007ffc39310198
[  427.472465][T22030]  </TASK>
[  427.911881][ T7185] tipc: Subscription rejected, illegal request
[  428.065638][T22078] 8021q: adding VLAN 0 to HW filter on device bond8
[  428.129056][T22083] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check.
[  428.173412][ T3474] IPVS: starting estimator thread 0...
[  428.200839][T22089] loop8: detected capacity change from 0 to 512
[  428.218125][T22089] EXT4-fs (loop8): 1 truncate cleaned up
[  428.226317][T22089] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  428.240798][T22089] EXT4-fs error (device loop8): htree_dirblock_to_tree:1080: inode #2: block 13: comm syz.8.6467: bad entry in directory: directory entry overrun - offset=76, inode=0, rec_len=1024, size=1024 fake=0
[  428.261164][T22087] IPVS: using max 2256 ests per chain, 112800 per kthread
[  428.279387][T16846] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  428.354299][T22097] xt_TCPMSS: Only works on TCP SYN packets
[  428.451668][T22107] loop8: detected capacity change from 0 to 512
[  428.460970][T22107] EXT4-fs error (device loop8): ext4_orphan_get:1391: inode #15: comm syz.8.6475: inode has both inline data and extents flags
[  428.474648][T22107] EXT4-fs error (device loop8): ext4_orphan_get:1396: comm syz.8.6475: couldn't read orphan inode 15 (err -117)
[  428.487687][T22107] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  428.511146][ T9827] tipc: Subscription rejected, illegal request
[  428.520560][T16846] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  428.629438][T22126] netlink: 'syz.8.6482': attribute type 10 has an invalid length.
[  428.648239][T22126] macvlan1: entered promiscuous mode
[  428.763622][T22141] loop3: detected capacity change from 0 to 256
[  428.775026][T22144] loop8: detected capacity change from 0 to 256
[  428.864375][T22151] xt_TCPMSS: Only works on TCP SYN packets
[  429.026365][T22181] loop8: detected capacity change from 0 to 128
[  429.147409][T22201] xt_TCPMSS: Only works on TCP SYN packets
[  429.656041][T22261] netlink: 'syz.0.6538': attribute type 29 has an invalid length.
[  429.895761][ T9827] bio_check_eod: 132 callbacks suppressed
[  429.895782][ T9827] kworker/u8:24: attempt to access beyond end of device
[  429.895782][ T9827] loop8: rw=1, sector=145, nr_sectors = 16 limit=128
[  430.000882][ T9827] kworker/u8:24: attempt to access beyond end of device
[  430.000882][ T9827] loop8: rw=1, sector=169, nr_sectors = 8 limit=128
[  430.021020][T22288] set_capacity_and_notify: 1 callbacks suppressed
[  430.021104][T22288] loop3: detected capacity change from 0 to 512
[  430.044343][T22298] 8021q: adding VLAN 0 to HW filter on device bond14
[  430.055776][ T9827] kworker/u8:24: attempt to access beyond end of device
[  430.055776][ T9827] loop8: rw=1, sector=185, nr_sectors = 8 limit=128
[  430.088893][T22288] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  430.100983][ T9827] kworker/u8:24: attempt to access beyond end of device
[  430.100983][ T9827] loop8: rw=1, sector=201, nr_sectors = 8 limit=128
[  430.116842][T22288] FAULT_INJECTION: forcing a failure.
[  430.116842][T22288] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  430.130068][T22288] CPU: 1 UID: 0 PID: 22288 Comm: syz.3.6552 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  430.130111][T22288] Tainted: [W]=WARN
[  430.130117][T22288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  430.130130][T22288] Call Trace:
[  430.130136][T22288]  <TASK>
[  430.130143][T22288]  __dump_stack+0x1d/0x30
[  430.130218][T22288]  dump_stack_lvl+0x95/0xd0
[  430.130239][T22288]  dump_stack+0x15/0x1b
[  430.130257][T22288]  should_fail_ex+0x263/0x280
[  430.130277][T22288]  should_fail+0xb/0x20
[  430.130308][T22288]  should_fail_usercopy+0x1a/0x20
[  430.130362][T22288]  strncpy_from_user+0x27/0x250
[  430.130393][T22288]  getname_flags+0xad/0x3b0
[  430.130480][T22288]  __x64_sys_mkdirat+0x40/0x60
[  430.130510][T22288]  x64_sys_call+0x30c/0x3000
[  430.130608][T22288]  do_syscall_64+0xc0/0x2a0
[  430.130635][T22288]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  430.130713][T22288] RIP: 0033:0x7f57595b9b97
[  430.130736][T22288] Code: 00 66 90 48 89 f2 b9 00 01 00 00 48 89 fe bf 9c ff ff ff e9 db f7 ff ff 66 2e 0f 1f 84 00 00 00 00 00 90 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  430.130752][T22288] RSP: 002b:00007f5758016e58 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[  430.130770][T22288] RAX: ffffffffffffffda RBX: 00007f5758016ee0 RCX: 00007f57595b9b97
[  430.130840][T22288] RDX: 00000000000001ff RSI: 0000200000000340 RDI: 00000000ffffff9c
[  430.130858][T22288] RBP: 00002000000003c0 R08: 0000200000000000 R09: 0000000000000000
[  430.130872][T22288] R10: 00002000000003c0 R11: 0000000000000246 R12: 0000200000000340
[  430.130888][T22288] R13: 00007f5758016ea0 R14: 0000000000000000 R15: 0000200000004140
[  430.130914][T22288]  </TASK>
[  430.281152][ T9827] kworker/u8:24: attempt to access beyond end of device
[  430.281152][ T9827] loop8: rw=1, sector=217, nr_sectors = 16 limit=128
[  430.309457][ T9827] kworker/u8:24: attempt to access beyond end of device
[  430.309457][ T9827] loop8: rw=1, sector=241, nr_sectors = 8 limit=128
[  430.323214][ T9827] kworker/u8:24: attempt to access beyond end of device
[  430.323214][ T9827] loop8: rw=1, sector=257, nr_sectors = 8 limit=128
[  430.337858][ T9827] kworker/u8:24: attempt to access beyond end of device
[  430.337858][ T9827] loop8: rw=1, sector=273, nr_sectors = 8 limit=128
[  430.377927][ T9827] kworker/u8:24: attempt to access beyond end of device
[  430.377927][ T9827] loop8: rw=1, sector=289, nr_sectors = 8 limit=128
[  430.398208][T22312] loop6: detected capacity change from 0 to 512
[  430.406042][T22312] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  430.418494][ T9827] kworker/u8:24: attempt to access beyond end of device
[  430.418494][ T9827] loop8: rw=1, sector=305, nr_sectors = 8 limit=128
[  430.447189][T14990] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  430.464609][T22312] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  430.514731][ T4404] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  430.546238][T22319] vlan0: entered promiscuous mode
[  430.551586][T22319] vlan0: entered allmulticast mode
[  430.556782][T22319] veth0_vlan: entered allmulticast mode
[  430.592840][T22323] loop3: detected capacity change from 0 to 128
[  430.661927][T20390] tipc: Subscription rejected, illegal request
[  430.684348][T22326] loop6: detected capacity change from 0 to 512
[  430.739094][T22326] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  430.815415][T22326] tmpfs: Bad value for 'mpol'
[  430.841470][ T4404] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  431.030853][T22502] __nla_validate_parse: 21 callbacks suppressed
[  431.030872][T22502] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6570'.
[  431.239174][T22512] loop7: detected capacity change from 0 to 512
[  431.259573][T22512] EXT4-fs: Ignoring removed bh option
[  431.285322][T22322] Set syz1 is full, maxelem 65536 reached
[  431.315506][T22512] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  431.380950][T22526] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6581'.
[  431.502347][T22539] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=22539 comm=syz.3.6586
[  431.515451][T22512] xt_hashlimit: size too large, truncated to 1048576
[  431.522268][T22512] xt_hashlimit: max too large, truncated to 1048576
[  431.691917][T22554] loop3: detected capacity change from 0 to 128
[  431.812775][ T4576] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  431.843291][T22567] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=57 sclass=netlink_route_socket pid=22567 comm=syz.6.6600
[  431.958423][T22567] loop6: detected capacity change from 0 to 4096
[  431.983724][T22567] EXT4-fs: Ignoring removed mblk_io_submit option
[  431.990534][T22567] EXT4-fs: test_dummy_encryption option not supported
[  432.148912][T22590] netlink: 4 bytes leftover after parsing attributes in process `syz.6.6609'.
[  432.254578][T22595] netlink: 12 bytes leftover after parsing attributes in process `syz.6.6611'.
[  432.346299][T22587] ip6_vti0 speed is unknown, defaulting to 1000
[  432.526741][T22588] team_slave_1: entered allmulticast mode
[  432.702755][T22623] loop3: detected capacity change from 0 to 128
[  432.731044][T22623] vfat: Unknown parameter '0x0000000000000000'
[  432.883242][T22631] sg_write: data in/out 327903/28 bytes for SCSI command 0xe4-- guessing data in;
[  432.883242][T22631]    program syz.3.6624 not setting count and/or reply_len properly
[  432.983438][T22631] loop3: detected capacity change from 0 to 512
[  433.030953][T22631] EXT4-fs: Ignoring removed oldalloc option
[  433.053972][T22631] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  433.161153][T14990] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  433.325958][   T29] kauditd_printk_skb: 214 callbacks suppressed
[  433.325977][   T29] audit: type=1326 audit(689.304:6937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22649 comm="syz.7.6634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fede3faacb9 code=0x7ffc0000
[  433.370537][   T29] audit: type=1326 audit(689.314:6938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22649 comm="syz.7.6634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fede3faacb9 code=0x7ffc0000
[  433.393926][   T29] audit: type=1326 audit(689.374:6939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22649 comm="syz.7.6634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fede3faacb9 code=0x7ffc0000
[  433.416969][   T29] audit: type=1326 audit(689.374:6940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22649 comm="syz.7.6634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fede3faacb9 code=0x7ffc0000
[  433.419355][T22650] netlink: 28 bytes leftover after parsing attributes in process `syz.7.6634'.
[  433.439926][   T29] audit: type=1326 audit(689.374:6941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22649 comm="syz.7.6634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=114 compat=0 ip=0x7fede3faacb9 code=0x7ffc0000
[  433.471878][   T29] audit: type=1326 audit(689.374:6942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22649 comm="syz.7.6634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fede3faacb9 code=0x7ffc0000
[  433.494789][   T29] audit: type=1326 audit(689.374:6943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22649 comm="syz.7.6634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fede3faacb9 code=0x7ffc0000
[  433.521173][   T29] audit: type=1326 audit(689.374:6944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22649 comm="syz.7.6634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7fede3f6b58e code=0x7ffc0000
[  433.544811][   T29] audit: type=1326 audit(689.374:6945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22649 comm="syz.7.6634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7fede3f6b58e code=0x7ffc0000
[  433.558497][T22655] loop3: detected capacity change from 0 to 1024
[  433.567651][   T29] audit: type=1326 audit(689.374:6946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22649 comm="syz.7.6634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7fede3f6b58e code=0x7ffc0000
[  433.652574][T22655] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: writeback.
[  433.701314][T22662] sg_write: data in/out 327903/28 bytes for SCSI command 0xe4-- guessing data in;
[  433.701314][T22662]    program syz.6.6637 not setting count and/or reply_len properly
[  433.794606][T20390] tipc: Subscription rejected, illegal request
[  433.878246][T22672] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  433.900953][T22659] EXT4-fs: Ignoring removed oldalloc option
[  433.962826][T22659] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  434.043120][ T4404] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  434.081753][ T4576] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  434.124054][T22684] xt_TCPMSS: Only works on TCP SYN packets
[  434.141763][T22686] xt_TCPMSS: Only works on TCP SYN packets
[  434.164378][T22684] netlink: 24 bytes leftover after parsing attributes in process `syz.6.6646'.
[  434.194017][T22689] netlink: 24 bytes leftover after parsing attributes in process `syz.7.6647'.
[  434.206818][T14990] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  434.407064][T17506] tipc: Subscription rejected, illegal request
[  434.424817][T22708] netlink: 'syz.8.6655': attribute type 3 has an invalid length.
[  434.432736][T22708] netlink: 132 bytes leftover after parsing attributes in process `syz.8.6655'.
[  434.633116][T22720] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=57 sclass=netlink_route_socket pid=22720 comm=syz.6.6660
[  434.649143][T22724] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=22724 comm=syz.8.6663
[  434.718349][T22720] EXT4-fs: Ignoring removed mblk_io_submit option
[  434.725073][T22720] EXT4-fs: test_dummy_encryption option not supported
[  434.736636][T22727] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6664'.
[  434.749431][T22728] netlink: 132 bytes leftover after parsing attributes in process `syz.7.6665'.
[  434.771300][T22727] veth1_macvtap: left promiscuous mode
[  434.871871][T22733] random: crng reseeded on system resumption
[  435.053106][T22749] sg_write: data in/out 327903/28 bytes for SCSI command 0xe4-- guessing data in;
[  435.053106][T22749]    program syz.8.6672 not setting count and/or reply_len properly
[  435.103252][T22749] set_capacity_and_notify: 4 callbacks suppressed
[  435.103272][T22749] loop8: detected capacity change from 0 to 512
[  435.143192][T22749] EXT4-fs: Ignoring removed oldalloc option
[  435.197253][T22757] loop6: detected capacity change from 0 to 128
[  435.206782][T22749] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  435.342092][T16846] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  435.373127][T22775] team2: entered promiscuous mode
[  435.378423][T22775] team2: entered allmulticast mode
[  435.385319][T22775] 8021q: adding VLAN 0 to HW filter on device team2
[  435.424778][T22785] loop8: detected capacity change from 0 to 512
[  435.450628][T22785] EXT4-fs: Ignoring removed bh option
[  435.486116][T22785] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  435.557385][T22807] loop7: detected capacity change from 0 to 512
[  435.592093][T22807] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  435.615762][T22813] sg_write: data in/out 327903/28 bytes for SCSI command 0xe4-- guessing data in;
[  435.615762][T22813]    program syz.6.6697 not setting count and/or reply_len properly
[  435.648119][ T4576] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  435.702711][T22813] loop6: detected capacity change from 0 to 512
[  435.722960][T22813] EXT4-fs: Ignoring removed oldalloc option
[  435.736471][T16846] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  435.756460][T22813] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  435.773583][T22825] FAULT_INJECTION: forcing a failure.
[  435.773583][T22825] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  435.786847][T22825] CPU: 1 UID: 0 PID: 22825 Comm: syz.0.6705 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  435.786881][T22825] Tainted: [W]=WARN
[  435.786890][T22825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  435.786906][T22825] Call Trace:
[  435.786915][T22825]  <TASK>
[  435.786925][T22825]  __dump_stack+0x1d/0x30
[  435.787030][T22825]  dump_stack_lvl+0x95/0xd0
[  435.787057][T22825]  dump_stack+0x15/0x1b
[  435.787082][T22825]  should_fail_ex+0x263/0x280
[  435.787109][T22825]  should_fail+0xb/0x20
[  435.787144][T22825]  should_fail_usercopy+0x1a/0x20
[  435.787237][T22825]  _copy_from_user+0x1c/0xb0
[  435.787325][T22825]  ___sys_sendmsg+0xc1/0x1e0
[  435.787378][T22825]  __x64_sys_sendmsg+0xd4/0x160
[  435.787414][T22825]  x64_sys_call+0x17ba/0x3000
[  435.787449][T22825]  do_syscall_64+0xc0/0x2a0
[  435.787536][T22825]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  435.787566][T22825] RIP: 0033:0x7f96c429acb9
[  435.787587][T22825] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  435.787618][T22825] RSP: 002b:00007f96c2cf7028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  435.787669][T22825] RAX: ffffffffffffffda RBX: 00007f96c4515fa0 RCX: 00007f96c429acb9
[  435.787684][T22825] RDX: 0000000000008080 RSI: 00002000000006c0 RDI: 0000000000000005
[  435.787697][T22825] RBP: 00007f96c2cf7090 R08: 0000000000000000 R09: 0000000000000000
[  435.787745][T22825] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  435.787763][T22825] R13: 00007f96c4516038 R14: 00007f96c4515fa0 R15: 00007ffd06895a28
[  435.787790][T22825]  </TASK>
[  435.993154][T20390] Bluetooth: hci0: Frame reassembly failed (-84)
[  436.038015][ T4404] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  436.130202][T22831] loop3: detected capacity change from 0 to 8192
[  436.159214][T22840] loop6: detected capacity change from 0 to 128
[  436.172319][T16592]  loop3: p1 < > p3 p4 < >
[  436.177442][T16592] loop3: p3 size 33554432 extends beyond EOD, truncated
[  436.188057][T22831]  loop3: p1 < > p3 p4 < >
[  436.214386][T22831] loop3: p3 size 33554432 extends beyond EOD, truncated
[  436.330417][T22847] loop6: detected capacity change from 0 to 8192
[  436.338307][T22847] msdos: Unknown parameter 'nodots
'
[  436.436436][T22859] sg_write: data in/out 327903/28 bytes for SCSI command 0xe4-- guessing data in;
[  436.436436][T22859]    program syz.0.6717 not setting count and/or reply_len properly
[  436.537633][T22867] loop6: detected capacity change from 0 to 128
[  436.579670][T22873] __nla_validate_parse: 5 callbacks suppressed
[  436.579691][T22873] netlink: 132 bytes leftover after parsing attributes in process `syz.7.6726'.
[  436.622093][T22876] netlink: 12 bytes leftover after parsing attributes in process `syz.8.6727'.
[  436.632832][T22876] netlink: 104 bytes leftover after parsing attributes in process `syz.8.6727'.
[  436.670703][T22876] netlink: 132 bytes leftover after parsing attributes in process `syz.8.6727'.
[  436.907612][T22889] loop7: detected capacity change from 0 to 8192
[  436.918469][T22889] msdos: Unknown parameter 'nodots
'
[  437.073464][T22907] netlink: 'syz.8.6741': attribute type 39 has an invalid length.
[  437.304539][T22928] FAULT_INJECTION: forcing a failure.
[  437.304539][T22928] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  437.318429][T22928] CPU: 1 UID: 0 PID: 22928 Comm: syz.0.6749 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  437.318459][T22928] Tainted: [W]=WARN
[  437.318466][T22928] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  437.318536][T22928] Call Trace:
[  437.318543][T22928]  <TASK>
[  437.318551][T22928]  __dump_stack+0x1d/0x30
[  437.318574][T22928]  dump_stack_lvl+0x95/0xd0
[  437.318594][T22928]  dump_stack+0x15/0x1b
[  437.318613][T22928]  should_fail_ex+0x263/0x280
[  437.318680][T22928]  should_fail+0xb/0x20
[  437.318702][T22928]  should_fail_usercopy+0x1a/0x20
[  437.318734][T22928]  _copy_to_user+0x20/0xa0
[  437.318759][T22928]  simple_read_from_buffer+0xb5/0x130
[  437.318793][T22928]  proc_fail_nth_read+0x10e/0x150
[  437.318889][T22928]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  437.318951][T22928]  vfs_read+0x1ab/0x7f0
[  437.318981][T22928]  ? __rcu_read_unlock+0x4e/0x70
[  437.319076][T22928]  ? __fget_files+0x184/0x1c0
[  437.319097][T22928]  ? mutex_lock+0x57/0x90
[  437.319117][T22928]  ksys_read+0xdc/0x1a0
[  437.319168][T22928]  __x64_sys_read+0x40/0x50
[  437.319198][T22928]  x64_sys_call+0x2889/0x3000
[  437.319262][T22928]  do_syscall_64+0xc0/0x2a0
[  437.319289][T22928]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  437.319356][T22928] RIP: 0033:0x7f96c425b58e
[  437.319371][T22928] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  437.319388][T22928] RSP: 002b:00007f96c2cf6fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  437.319406][T22928] RAX: ffffffffffffffda RBX: 00007f96c2cf76c0 RCX: 00007f96c425b58e
[  437.319419][T22928] RDX: 000000000000000f RSI: 00007f96c2cf70a0 RDI: 0000000000000005
[  437.319431][T22928] RBP: 00007f96c2cf7090 R08: 0000000000000000 R09: 0000000000000000
[  437.319448][T22928] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  437.319460][T22928] R13: 00007f96c4516038 R14: 00007f96c4515fa0 R15: 00007ffd06895a28
[  437.319479][T22928]  </TASK>
[  437.591978][T22939] netlink: 12 bytes leftover after parsing attributes in process `syz.7.6753'.
[  437.607762][T22925] msdos: Unknown parameter 'nodots
'
[  437.612042][T22939] netlink: 104 bytes leftover after parsing attributes in process `syz.7.6753'.
[  437.624027][T22939] netlink: 132 bytes leftover after parsing attributes in process `syz.7.6753'.
[  437.695661][T22947] sg_write: data in/out 327903/28 bytes for SCSI command 0xe4-- guessing data in;
[  437.695661][T22947]    program syz.6.6754 not setting count and/or reply_len properly
[  437.719270][T22947] EXT4-fs: Ignoring removed oldalloc option
[  437.744722][T22948] netlink: 14 bytes leftover after parsing attributes in process `syz.0.6757'.
[  437.755526][T22947] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  437.775381][T22952] netlink: 16 bytes leftover after parsing attributes in process `syz.8.6758'.
[  437.829089][ T4404] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  437.985033][T22971] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6766'.
[  438.050185][ T3974] Bluetooth: hci0: command 0x1003 tx timeout
[  438.050269][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  438.063792][T22975] 8021q: adding VLAN 0 to HW filter on device bond9
[  438.081157][T22980] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  438.190213][T22989] sg_write: data in/out 327903/28 bytes for SCSI command 0xe4-- guessing data in;
[  438.190213][T22989]    program syz.8.6772 not setting count and/or reply_len properly
[  438.216667][T22980] syzkaller0: entered promiscuous mode
[  438.222255][T22980] syzkaller0: entered allmulticast mode
[  438.250497][T22980] tipc: Resetting bearer <eth:syzkaller0>
[  438.270825][T22977] tipc: Resetting bearer <eth:syzkaller0>
[  438.329766][T22992] EXT4-fs: Ignoring removed oldalloc option
[  438.339153][T22977] tipc: Disabling bearer <eth:syzkaller0>
[  438.375976][T22992] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  438.488640][T23012] 8021q: adding VLAN 0 to HW filter on device bond15
[  438.530953][T16846] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  438.727186][T23046] sg_write: data in/out 327903/28 bytes for SCSI command 0xe4-- guessing data in;
[  438.727186][T23046]    program syz.6.6797 not setting count and/or reply_len properly
[  438.748262][T23046] EXT4-fs: Ignoring removed oldalloc option
[  438.768446][T23046] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  438.796423][T23052] 8021q: adding VLAN 0 to HW filter on device bond10
[  438.832321][ T4404] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  438.942773][T23063] bridge1: entered promiscuous mode
[  438.948099][T23063] bridge1: entered allmulticast mode
[  438.992635][T23073] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  439.021888][   T29] kauditd_printk_skb: 9 callbacks suppressed
[  439.021915][   T29] audit: type=1400 audit(695.004:6956): avc:  denied  { ioctl } for  pid=23065 comm="syz.3.6806" path="socket:[81496]" dev="sockfs" ino=81496 ioctlcmd=0x6611 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  439.029087][T23063] team0: Port device bridge1 added
[  439.088210][T23066] netlink: 'syz.3.6806': attribute type 21 has an invalid length.
[  439.128679][T23074] bridge0: port 3(team0) entered blocking state
[  439.135138][T23074] bridge0: port 3(team0) entered disabled state
[  439.178577][T16846] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  439.194778][T23074] team0: entered allmulticast mode
[  439.200057][T23074] C: entered allmulticast mode
[  439.205070][T23074] team_slave_1: entered allmulticast mode
[  439.212965][T23074] team0: entered promiscuous mode
[  439.218042][T23074] C: entered promiscuous mode
[  439.222881][T23074] team_slave_1: entered promiscuous mode
[  439.257456][T23098] EXT4-fs (loop8): 1 orphan inode deleted
[  439.269842][ T9827] Quota error (device loop8): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  439.279642][ T9827] EXT4-fs error (device loop8): ext4_release_dquot:7022: comm kworker/u8:24: Failed to release dquot type 1
[  439.280660][T23098] EXT4-fs error (device loop8): ext4_add_entry:2415: inode #2: comm syz.8.6813: Directory hole found for htree leaf block 0
[  439.294257][T23101] sg_write: data in/out 327903/28 bytes for SCSI command 0xe4-- guessing data in;
[  439.294257][T23101]    program syz.6.6814 not setting count and/or reply_len properly
[  439.333905][T23098] dummy0: entered promiscuous mode
[  439.339599][T23098] hsr1: Slave A (macvlan1) is not up; please bring it up to get a fully working HSR network
[  439.349877][T23098] hsr1: entered promiscuous mode
[  439.355004][T23098] hsr1: entered allmulticast mode
[  439.360215][T23098] macvlan1: entered allmulticast mode
[  439.366296][T23098] dummy0: entered allmulticast mode
[  439.400082][  T123] Quota error (device loop8): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  439.409955][  T123] EXT4-fs error (device loop8): ext4_release_dquot:7022: comm kworker/u8:4: Failed to release dquot type 1
[  439.436563][T23095] EXT4-fs: Ignoring removed oldalloc option
[  439.500392][T23108] 8021q: adding VLAN 0 to HW filter on device bond5
[  439.631644][T23127] FAULT_INJECTION: forcing a failure.
[  439.631644][T23127] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  439.644918][T23127] CPU: 1 UID: 0 PID: 23127 Comm: syz.8.6824 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  439.644956][T23127] Tainted: [W]=WARN
[  439.644965][T23127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  439.645050][T23127] Call Trace:
[  439.645058][T23127]  <TASK>
[  439.645066][T23127]  __dump_stack+0x1d/0x30
[  439.645091][T23127]  dump_stack_lvl+0x95/0xd0
[  439.645120][T23127]  dump_stack+0x15/0x1b
[  439.645145][T23127]  should_fail_ex+0x263/0x280
[  439.645208][T23127]  should_fail+0xb/0x20
[  439.645232][T23127]  should_fail_usercopy+0x1a/0x20
[  439.645264][T23127]  _copy_from_user+0x1c/0xb0
[  439.645400][T23127]  do_ip_getsockopt+0x12a/0x1050
[  439.645436][T23127]  ? _parse_integer+0x27/0x40
[  439.645477][T23127]  ? __rcu_read_unlock+0x4e/0x70
[  439.645530][T23127]  ? avc_has_perm_noaudit+0xab/0x130
[  439.645569][T23127]  ? avc_has_perm+0x101/0x190
[  439.645607][T23127]  ip_getsockopt+0x5c/0x180
[  439.645651][T23127]  ? selinux_socket_getsockopt+0xd0/0x1c0
[  439.645684][T23127]  ? selinux_socket_getsockopt+0xd0/0x1c0
[  439.645713][T23127]  tcp_getsockopt+0xad/0xe0
[  439.645751][T23127]  sock_common_getsockopt+0x60/0x70
[  439.645827][T23127]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  439.645870][T23127]  do_sock_getsockopt+0x1c4/0x210
[  439.645983][T23127]  __x64_sys_getsockopt+0x11d/0x1a0
[  439.646010][T23127]  x64_sys_call+0x2dc7/0x3000
[  439.646040][T23127]  do_syscall_64+0xc0/0x2a0
[  439.646080][T23127]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  439.646146][T23127] RIP: 0033:0x7f08782aacb9
[  439.646166][T23127] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  439.646186][T23127] RSP: 002b:00007f0876d07028 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  439.646260][T23127] RAX: ffffffffffffffda RBX: 00007f0878525fa0 RCX: 00007f08782aacb9
[  439.646278][T23127] RDX: 0000000000000484 RSI: 0000000000000000 RDI: 0000000000000003
[  439.646295][T23127] RBP: 00007f0876d07090 R08: 0000200000000340 R09: 0000000000000000
[  439.646389][T23127] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000001
[  439.646404][T23127] R13: 00007f0878526038 R14: 00007f0878525fa0 R15: 00007ffdf924a148
[  439.646425][T23127]  </TASK>
[  439.873288][T23137] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  439.878126][   T29] audit: type=1326 audit(695.854:6957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23123 comm="syz.7.6822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fede3faacb9 code=0x7ffc0000
[  439.906929][   T29] audit: type=1326 audit(695.854:6958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23123 comm="syz.7.6822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7fede3faacb9 code=0x7ffc0000
[  439.930223][   T29] audit: type=1326 audit(695.854:6959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23123 comm="syz.7.6822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fede3faacb9 code=0x7ffc0000
[  439.953338][   T29] audit: type=1326 audit(695.854:6960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23123 comm="syz.7.6822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fede3faacb9 code=0x7ffc0000
[  439.976346][   T29] audit: type=1326 audit(695.854:6961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23123 comm="syz.7.6822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fede3faacb9 code=0x7ffc0000
[  440.007398][T23141] netlink: 'syz.6.6826': attribute type 2 has an invalid length.
[  440.015254][T23141] netlink: 'syz.6.6826': attribute type 11 has an invalid length.
[  440.023573][   T29] audit: type=1326 audit(695.894:6962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23123 comm="syz.7.6822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fede3faacb9 code=0x7ffc0000
[  440.046542][   T29] audit: type=1326 audit(695.894:6963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23123 comm="syz.7.6822" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fede3faacb9 code=0x7ffc0000
[  440.091969][T23137] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  440.143981][T23137] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  440.179362][T23155] sg_write: data in/out 327903/28 bytes for SCSI command 0xe4-- guessing data in;
[  440.179362][T23155]    program syz.3.6830 not setting count and/or reply_len properly
[  440.220197][T23148] set_capacity_and_notify: 9 callbacks suppressed
[  440.220222][T23148] loop3: detected capacity change from 0 to 512
[  440.233658][T23148] EXT4-fs: Ignoring removed oldalloc option
[  440.252529][T23137] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  440.274171][T23148] EXT4-fs mount: 4 callbacks suppressed
[  440.274191][T23148] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  440.327038][T14990] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  440.391160][   T31] netdevsim netdevsim7 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  440.400337][T23167] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=57 sclass=netlink_route_socket pid=23167 comm=syz.6.6838
[  440.442310][ T9577] netdevsim netdevsim7 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  440.458707][T23167] loop6: detected capacity change from 0 to 4096
[  440.475099][T23171] team1: entered promiscuous mode
[  440.480248][T23171] team1: entered allmulticast mode
[  440.486013][T23167] EXT4-fs: Ignoring removed mblk_io_submit option
[  440.492681][T23167] EXT4-fs: test_dummy_encryption option not supported
[  440.498007][T23171] 8021q: adding VLAN 0 to HW filter on device team1
[  440.527763][ T9577] netdevsim netdevsim7 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  440.569653][ T9577] netdevsim netdevsim7 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  440.845015][T23207] team2: entered promiscuous mode
[  440.850274][T23207] team2: entered allmulticast mode
[  440.869718][T23207] 8021q: adding VLAN 0 to HW filter on device team2
[  441.000549][T17506] tipc: Subscription rejected, illegal request
[  441.073553][T23233] loop6: detected capacity change from 0 to 128
[  441.208177][T23247] FAULT_INJECTION: forcing a failure.
[  441.208177][T23247] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  441.221316][T23247] CPU: 1 UID: 0 PID: 23247 Comm: syz.8.6871 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  441.221366][T23247] Tainted: [W]=WARN
[  441.221376][T23247] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  441.221393][T23247] Call Trace:
[  441.221403][T23247]  <TASK>
[  441.221413][T23247]  __dump_stack+0x1d/0x30
[  441.221473][T23247]  dump_stack_lvl+0x95/0xd0
[  441.221502][T23247]  dump_stack+0x15/0x1b
[  441.221529][T23247]  should_fail_ex+0x263/0x280
[  441.221558][T23247]  should_fail+0xb/0x20
[  441.221648][T23247]  should_fail_usercopy+0x1a/0x20
[  441.221695][T23247]  strncpy_from_user+0x27/0x250
[  441.221738][T23247]  getname_flags+0xad/0x3b0
[  441.221771][T23247]  do_sys_openat2+0x60/0x150
[  441.221810][T23247]  __x64_sys_openat+0xf2/0x120
[  441.221863][T23247]  x64_sys_call+0x2b07/0x3000
[  441.221897][T23247]  do_syscall_64+0xc0/0x2a0
[  441.221936][T23247]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  441.221965][T23247] RIP: 0033:0x7f08782aacb9
[  441.221986][T23247] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  441.222040][T23247] RSP: 002b:00007f0876d07028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  441.222067][T23247] RAX: ffffffffffffffda RBX: 00007f0878525fa0 RCX: 00007f08782aacb9
[  441.222086][T23247] RDX: 0000000000000000 RSI: 0000200000000380 RDI: ffffffffffffff9c
[  441.222104][T23247] RBP: 00007f0876d07090 R08: 0000000000000000 R09: 0000000000000000
[  441.222122][T23247] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  441.222181][T23247] R13: 00007f0878526038 R14: 00007f0878525fa0 R15: 00007ffdf924a148
[  441.222210][T23247]  </TASK>
[  441.575488][T23274] loop6: detected capacity change from 0 to 256
[  441.643921][T23280] __nla_validate_parse: 33 callbacks suppressed
[  441.643972][T23280] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6885'.
[  441.659206][T23280] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6885'.
[  441.765075][T23291] loop8: detected capacity change from 0 to 2048
[  441.776909][T23287] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6889'.
[  441.820150][T23291] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  441.834305][T23291] netlink: 80 bytes leftover after parsing attributes in process `syz.8.6890'.
[  441.852258][T23300] netlink: 56 bytes leftover after parsing attributes in process `syz.0.6891'.
[  441.894771][T23291] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=23291 comm=syz.8.6890
[  441.923920][T23291] netlink: 12 bytes leftover after parsing attributes in process `syz.8.6890'.
[  441.948672][T16846] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  442.033551][T23315] netlink: 8 bytes leftover after parsing attributes in process `syz.8.6898'.
[  442.042529][T23315] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6898'.
[  442.146398][T23320] loop8: detected capacity change from 0 to 8192
[  442.154352][T23324] FAULT_INJECTION: forcing a failure.
[  442.154352][T23324] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  442.161297][T23320] msdos: Unknown parameter 'nodots
'
[  442.167762][T23324] CPU: 0 UID: 0 PID: 23324 Comm: syz.3.6902 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  442.167958][T23324] Tainted: [W]=WARN
[  442.167980][T23324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  442.168025][T23324] Call Trace:
[  442.168095][T23324]  <TASK>
[  442.168119][T23324]  __dump_stack+0x1d/0x30
[  442.168204][T23324]  dump_stack_lvl+0x95/0xd0
[  442.168284][T23324]  dump_stack+0x15/0x1b
[  442.168356][T23324]  should_fail_ex+0x263/0x280
[  442.168429][T23324]  should_fail+0xb/0x20
[  442.168503][T23324]  should_fail_usercopy+0x1a/0x20
[  442.168579][T23324]  _copy_from_user+0x1c/0xb0
[  442.168665][T23324]  ____sys_sendmsg+0x1c5/0x4a0
[  442.168760][T23324]  ___sys_sendmsg+0x195/0x1e0
[  442.168932][T23324]  __x64_sys_sendmsg+0xd4/0x160
[  442.169032][T23324]  x64_sys_call+0x17ba/0x3000
[  442.169149][T23324]  do_syscall_64+0xc0/0x2a0
[  442.169285][T23324]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  442.169438][T23324] RIP: 0033:0x7f57595bacb9
[  442.169500][T23324] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  442.169568][T23324] RSP: 002b:00007f5758017028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  442.169633][T23324] RAX: ffffffffffffffda RBX: 00007f5759835fa0 RCX: 00007f57595bacb9
[  442.169748][T23324] RDX: 000000000000ff00 RSI: 0000200000001180 RDI: 0000000000000003
[  442.169798][T23324] RBP: 00007f5758017090 R08: 0000000000000000 R09: 0000000000000000
[  442.169842][T23324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  442.169885][T23324] R13: 00007f5759836038 R14: 00007f5759835fa0 R15: 00007ffc39310198
[  442.170027][T23324]  </TASK>
[  442.465299][T23338] ip6t_rpfilter: unknown options
[  442.476447][T23342] netlink: 8 bytes leftover after parsing attributes in process `syz.8.6910'.
[  442.485645][T23342] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6910'.
[  442.576175][T23352] sg_write: data in/out 327903/28 bytes for SCSI command 0xe4-- guessing data in;
[  442.576175][T23352]    program syz.6.6911 not setting count and/or reply_len properly
[  442.664143][T23361] loop3: detected capacity change from 0 to 8192
[  442.673218][T23361] msdos: Unknown parameter 'nodots
'
[  442.696204][T23364] loop8: detected capacity change from 0 to 256
[  442.767939][T23369] loop6: detected capacity change from 0 to 1024
[  442.777719][T23370] team3: entered promiscuous mode
[  442.782925][T23370] team3: entered allmulticast mode
[  442.789505][T23369] EXT4-fs: Ignoring removed bh option
[  442.795141][T23369] EXT4-fs: inline encryption not supported
[  442.801759][T23370] 8021q: adding VLAN 0 to HW filter on device team3
[  442.809111][T23369] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  442.822481][T23369] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[  442.831934][T23369] EXT4-fs error (device loop6): ext4_map_blocks:783: inode #3: block 2: comm syz.6.6920: lblock 2 mapped to illegal pblock 2 (length 1)
[  442.846478][T23369] EXT4-fs error (device loop6): ext4_map_blocks:783: inode #3: block 48: comm syz.6.6920: lblock 0 mapped to illegal pblock 48 (length 1)
[  442.860926][T23369] EXT4-fs error (device loop6): ext4_acquire_dquot:6986: comm syz.6.6920: Failed to acquire dquot type 0
[  442.872891][T23369] EXT4-fs error (device loop6) in ext4_reserve_inode_write:6298: Corrupt filesystem
[  442.883648][T23369] EXT4-fs error (device loop6): ext4_evict_inode:253: inode #11: comm syz.6.6920: mark_inode_dirty error
[  442.895237][T23369] EXT4-fs warning (device loop6): ext4_evict_inode:256: couldn't mark inode dirty (err -117)
[  442.905962][T23369] EXT4-fs (loop6): 1 orphan inode deleted
[  442.912312][T23369] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  442.924937][  T837] EXT4-fs error (device loop6): ext4_map_blocks:783: inode #3: block 1: comm kworker/u8:6: lblock 1 mapped to illegal pblock 1 (length 1)
[  442.957642][  T837] EXT4-fs error (device loop6): ext4_release_dquot:7022: comm kworker/u8:6: Failed to release dquot type 0
[  443.119456][T23390] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  443.142569][T23390] syzkaller0: entered promiscuous mode
[  443.148098][T23390] syzkaller0: entered allmulticast mode
[  443.171528][T23396] loop3: detected capacity change from 0 to 256
[  443.199711][T23398] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=257 sclass=netlink_route_socket pid=23398 comm=syz.6.6920
[  443.218751][T23389] tipc: Resetting bearer <eth:syzkaller0>
[  443.251371][T23389] tipc: Disabling bearer <eth:syzkaller0>
[  443.268909][T23400] msdos: Unknown parameter 'nodots
'
[  443.400904][ T4404] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  443.413073][ T4404] EXT4-fs error (device loop6): __ext4_get_inode_loc:4830: comm syz-executor: Invalid inode table block 1 in block_group 0
[  443.446764][ T4404] EXT4-fs error (device loop6) in ext4_reserve_inode_write:6298: Corrupt filesystem
[  443.469552][ T4404] EXT4-fs error (device loop6): ext4_quota_off:7270: inode #3: comm syz-executor: mark_inode_dirty error
[  443.570703][ T4971] tipc: Subscription rejected, illegal request
[  443.625140][T23426] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=23426 comm=syz.0.6942
[  443.710543][T23445] netlink: 'syz.0.6949': attribute type 3 has an invalid length.
[  443.851701][T15166] tipc: Subscription rejected, illegal request
[  444.215467][T23513] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=57 sclass=netlink_route_socket pid=23513 comm=syz.3.6980
[  444.285580][T23513] EXT4-fs: Ignoring removed mblk_io_submit option
[  444.292281][T23513] EXT4-fs: test_dummy_encryption option not supported
[  444.340742][T23524] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=23524 comm=syz.7.6984
[  444.355213][T23522] netlink: 'syz.6.6983': attribute type 6 has an invalid length.
[  444.456850][   T29] kauditd_printk_skb: 180 callbacks suppressed
[  444.456942][   T29] audit: type=1326 audit(700.435:7141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23532 comm="syz.7.6987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fede3faacb9 code=0x7ffc0000
[  444.502746][   T29] audit: type=1326 audit(700.435:7142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23532 comm="syz.7.6987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fede3faacb9 code=0x7ffc0000
[  444.525809][   T29] audit: type=1326 audit(700.435:7143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23532 comm="syz.7.6987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fede3faacb9 code=0x7ffc0000
[  444.549626][   T29] audit: type=1326 audit(700.435:7144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23532 comm="syz.7.6987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fede3faacb9 code=0x7ffc0000
[  444.572599][   T29] audit: type=1326 audit(700.435:7145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23532 comm="syz.7.6987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fede3faacb9 code=0x7ffc0000
[  444.595860][   T29] audit: type=1326 audit(700.435:7146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23532 comm="syz.7.6987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7fede3faacb9 code=0x7ffc0000
[  444.618890][   T29] audit: type=1326 audit(700.435:7147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23532 comm="syz.7.6987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fede3faacb9 code=0x7ffc0000
[  444.642054][   T29] audit: type=1326 audit(700.445:7148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23532 comm="syz.7.6987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fede3faacb9 code=0x7ffc0000
[  444.665052][   T29] audit: type=1326 audit(700.445:7149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23532 comm="syz.7.6987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fede3faacb9 code=0x7ffc0000
[  444.688140][   T29] audit: type=1326 audit(700.445:7150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23532 comm="syz.7.6987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fede3faacb9 code=0x7ffc0000
[  444.851707][T23551] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=57 sclass=netlink_route_socket pid=23551 comm=syz.0.6996
[  444.880007][T23554] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=23554 comm=syz.6.6997
[  445.007501][T23560] EXT4-fs (loop6): 1 orphan inode deleted
[  445.022092][   T37] EXT4-fs error (device loop6): ext4_release_dquot:7022: comm kworker/u8:2: Failed to release dquot type 1
[  445.043238][T23560] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  445.080404][T23560] EXT4-fs error (device loop6): ext4_add_entry:2415: inode #2: comm syz.6.7000: Directory hole found for htree leaf block 0
[  445.150584][ T4404] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  445.165955][T15166] EXT4-fs error (device loop6): ext4_release_dquot:7022: comm kworker/u8:28: Failed to release dquot type 1
[  445.185528][T23575] EXT4-fs: Ignoring removed mblk_io_submit option
[  445.196803][T23575] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  445.242881][T23585] netem: change failed
[  445.279210][T23587] netlink: 'syz.6.7007': attribute type 9 has an invalid length.
[  445.287204][T23587] netlink: 'syz.6.7007': attribute type 7 has an invalid length.
[  445.295009][T23587] netlink: 'syz.6.7007': attribute type 8 has an invalid length.
[  445.399798][T23597] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=57 sclass=netlink_route_socket pid=23597 comm=syz.0.7011
[  445.565612][T23607] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=23607 comm=syz.0.7014
[  445.728207][T23624] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=57 sclass=netlink_route_socket pid=23624 comm=syz.0.7022
[  445.825776][T23626] ip6_vti0 speed is unknown, defaulting to 1000
[  445.898199][T16846] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  445.930494][T23635] FAULT_INJECTION: forcing a failure.
[  445.930494][T23635] name failslab, interval 1, probability 0, space 0, times 0
[  445.943314][T23635] CPU: 0 UID: 0 PID: 23635 Comm: syz.8.7025 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  445.943349][T23635] Tainted: [W]=WARN
[  445.943359][T23635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  445.943400][T23635] Call Trace:
[  445.943422][T23635]  <TASK>
[  445.943430][T23635]  __dump_stack+0x1d/0x30
[  445.943456][T23635]  dump_stack_lvl+0x95/0xd0
[  445.943522][T23635]  dump_stack+0x15/0x1b
[  445.943620][T23635]  should_fail_ex+0x263/0x280
[  445.943644][T23635]  should_failslab+0x8c/0xb0
[  445.943702][T23635]  kmem_cache_alloc_noprof+0x68/0x490
[  445.943725][T23635]  ? getname_flags+0x7f/0x3b0
[  445.943754][T23635]  ? fput+0x8f/0xc0
[  445.943839][T23635]  getname_flags+0x7f/0x3b0
[  445.943864][T23635]  __x64_sys_mkdirat+0x40/0x60
[  445.943952][T23635]  x64_sys_call+0x30c/0x3000
[  445.943986][T23635]  do_syscall_64+0xc0/0x2a0
[  445.944073][T23635]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  445.944170][T23635] RIP: 0033:0x7f08782aacb9
[  445.944191][T23635] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  445.944210][T23635] RSP: 002b:00007f0876d07028 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[  445.944293][T23635] RAX: ffffffffffffffda RBX: 00007f0878525fa0 RCX: 00007f08782aacb9
[  445.944307][T23635] RDX: 00000000000001ff RSI: 0000200000000000 RDI: ffffffffffffff9c
[  445.944324][T23635] RBP: 00007f0876d07090 R08: 0000000000000000 R09: 0000000000000000
[  445.944341][T23635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  445.944359][T23635] R13: 00007f0878526038 R14: 00007f0878525fa0 R15: 00007ffdf924a148
[  445.944407][T23635]  </TASK>
[  446.212746][T23626] hub 6-0:1.0: USB hub found
[  446.229153][T23626] hub 6-0:1.0: 8 ports detected
[  446.277255][T23648] set_capacity_and_notify: 6 callbacks suppressed
[  446.277275][T23648] loop7: detected capacity change from 0 to 128
[  446.314784][T23652] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=57 sclass=netlink_route_socket pid=23652 comm=syz.6.7033
[  446.335302][T23654] FAULT_INJECTION: forcing a failure.
[  446.335302][T23654] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  446.348584][T23654] CPU: 0 UID: 0 PID: 23654 Comm: syz.3.7034 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  446.348702][T23654] Tainted: [W]=WARN
[  446.348747][T23654] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  446.348764][T23654] Call Trace:
[  446.348772][T23654]  <TASK>
[  446.348781][T23654]  __dump_stack+0x1d/0x30
[  446.348806][T23654]  dump_stack_lvl+0x95/0xd0
[  446.348875][T23654]  dump_stack+0x15/0x1b
[  446.348901][T23654]  should_fail_ex+0x263/0x280
[  446.348936][T23654]  should_fail+0xb/0x20
[  446.348960][T23654]  should_fail_usercopy+0x1a/0x20
[  446.349006][T23654]  _copy_from_user+0x1c/0xb0
[  446.349039][T23654]  __copy_msghdr+0x244/0x300
[  446.349068][T23654]  ___sys_sendmsg+0x10c/0x1e0
[  446.349106][T23654]  __sys_sendmmsg+0x185/0x320
[  446.349151][T23654]  __x64_sys_sendmmsg+0x57/0x70
[  446.349227][T23654]  x64_sys_call+0x1e28/0x3000
[  446.349252][T23654]  do_syscall_64+0xc0/0x2a0
[  446.349366][T23654]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  446.349424][T23654] RIP: 0033:0x7f57595bacb9
[  446.349488][T23654] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  446.349515][T23654] RSP: 002b:00007f5758017028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  446.349561][T23654] RAX: ffffffffffffffda RBX: 00007f5759835fa0 RCX: 00007f57595bacb9
[  446.349576][T23654] RDX: 0000000000000001 RSI: 0000200000003300 RDI: 0000000000000003
[  446.349590][T23654] RBP: 00007f5758017090 R08: 0000000000000000 R09: 0000000000000000
[  446.349603][T23654] R10: 0000000000000800 R11: 0000000000000246 R12: 0000000000000001
[  446.349621][T23654] R13: 00007f5759836038 R14: 00007f5759835fa0 R15: 00007ffc39310198
[  446.349650][T23654]  </TASK>
[  446.377660][T23652] loop6: detected capacity change from 0 to 4096
[  446.555789][T23652] EXT4-fs: Ignoring removed mblk_io_submit option
[  446.562349][T23652] EXT4-fs: test_dummy_encryption option not supported
[  446.721833][T23666] loop3: detected capacity change from 0 to 512
[  446.751421][T23672] loop8: detected capacity change from 0 to 512
[  446.770692][T23666] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  446.786464][T23672] EXT4-fs error (device loop8): ext4_orphan_get:1417: comm syz.8.7042: bad orphan inode 13
[  446.797656][T23670] FAULT_INJECTION: forcing a failure.
[  446.797656][T23670] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  446.810848][T23670] CPU: 1 UID: 0 PID: 23670 Comm: syz.6.7041 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  446.810989][T23670] Tainted: [W]=WARN
[  446.810999][T23670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  446.811016][T23670] Call Trace:
[  446.811026][T23670]  <TASK>
[  446.811037][T23670]  __dump_stack+0x1d/0x30
[  446.811068][T23670]  dump_stack_lvl+0x95/0xd0
[  446.811121][T23670]  dump_stack+0x15/0x1b
[  446.811163][T23670]  should_fail_ex+0x263/0x280
[  446.811188][T23670]  should_fail+0xb/0x20
[  446.811208][T23670]  should_fail_usercopy+0x1a/0x20
[  446.811240][T23670]  _copy_to_user+0x20/0xa0
[  446.811275][T23670]  simple_read_from_buffer+0xb5/0x130
[  446.811404][T23670]  proc_fail_nth_read+0x10e/0x150
[  446.811515][T23670]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  446.811545][T23670]  vfs_read+0x1ab/0x7f0
[  446.811578][T23670]  ? pick_next_task_fair+0x5c/0x6d0
[  446.811682][T23670]  ? __rcu_read_unlock+0x4e/0x70
[  446.811704][T23670]  ? __fget_files+0x184/0x1c0
[  446.811733][T23670]  ? mutex_lock+0x57/0x90
[  446.811763][T23670]  ksys_read+0xdc/0x1a0
[  446.811824][T23670]  __x64_sys_read+0x40/0x50
[  446.811940][T23670]  x64_sys_call+0x2889/0x3000
[  446.811973][T23670]  do_syscall_64+0xc0/0x2a0
[  446.812029][T23670]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  446.812057][T23670] RIP: 0033:0x7f9a3935b58e
[  446.812079][T23670] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  446.812144][T23670] RSP: 002b:00007f9a37df6fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  446.812171][T23670] RAX: ffffffffffffffda RBX: 00007f9a37df76c0 RCX: 00007f9a3935b58e
[  446.812188][T23670] RDX: 000000000000000f RSI: 00007f9a37df70a0 RDI: 0000000000000004
[  446.812201][T23670] RBP: 00007f9a37df7090 R08: 0000000000000000 R09: 0000000000000000
[  446.812214][T23670] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  446.812229][T23670] R13: 00007f9a39616038 R14: 00007f9a39615fa0 R15: 00007fff42a7c008
[  446.812291][T23670]  </TASK>
[  447.021813][T23672] ext4_test_bit(bit=12, block=4) = 1
[  447.027136][T23672] is_bad_inode(inode)=0
[  447.031361][T23672] NEXT_ORPHAN(inode)=0
[  447.035454][T23672] max_ino=32
[  447.038891][T23672] i_nlink=1
[  447.043527][T23672] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  447.052840][T23666] EXT4-fs error (device loop3): ext4_iget_extra_inode:5073: inode #15: comm syz.3.7039: corrupted in-inode xattr: e_value out of bounds
[  447.094263][T16846] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  447.115623][T23666] EXT4-fs (loop3): Remounting filesystem read-only
[  447.140194][T23666] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  447.165706][T14990] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  447.255438][T23687] __nla_validate_parse: 13 callbacks suppressed
[  447.255460][T23687] netlink: 12 bytes leftover after parsing attributes in process `syz.8.7047'.
[  447.286426][T23687] netlink: 104 bytes leftover after parsing attributes in process `syz.8.7047'.
[  447.311596][T23687] netlink: 132 bytes leftover after parsing attributes in process `syz.8.7047'.
[  447.358910][T23690] netlink: 132 bytes leftover after parsing attributes in process `syz.6.7049'.
[  447.406978][T23696] loop8: detected capacity change from 0 to 512
[  447.460459][T23696] EXT4-fs (loop8): 1 orphan inode deleted
[  447.470033][T15151] tipc: Subscription rejected, illegal request
[  447.476852][T23696] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  447.493662][ T7879] EXT4-fs error (device loop8): ext4_release_dquot:7022: comm kworker/u8:20: Failed to release dquot type 1
[  447.542115][T16846] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  447.602954][T23713] FAULT_INJECTION: forcing a failure.
[  447.602954][T23713] name failslab, interval 1, probability 0, space 0, times 0
[  447.615741][T23713] CPU: 1 UID: 0 PID: 23713 Comm: syz.8.7058 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  447.615846][T23713] Tainted: [W]=WARN
[  447.615856][T23713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  447.615871][T23713] Call Trace:
[  447.615878][T23713]  <TASK>
[  447.615888][T23713]  __dump_stack+0x1d/0x30
[  447.615978][T23713]  dump_stack_lvl+0x95/0xd0
[  447.616007][T23713]  dump_stack+0x15/0x1b
[  447.616054][T23713]  should_fail_ex+0x263/0x280
[  447.616083][T23713]  should_failslab+0x8c/0xb0
[  447.616188][T23713]  kmem_cache_alloc_node_noprof+0x6a/0x4a0
[  447.616237][T23713]  ? __alloc_skb+0x2f0/0x4b0
[  447.616261][T23713]  __alloc_skb+0x2f0/0x4b0
[  447.616283][T23713]  tipc_buf_acquire+0x2c/0xb0
[  447.616315][T23713]  tipc_named_withdraw+0x13b/0x360
[  447.616367][T23713]  tipc_nametbl_withdraw+0x114/0x200
[  447.616392][T23713]  tipc_release+0x198/0xd00
[  447.616428][T23713]  sock_close+0x6b/0x150
[  447.616508][T23713]  ? __pfx_sock_close+0x10/0x10
[  447.616536][T23713]  __fput+0x29b/0x650
[  447.616568][T23713]  ____fput+0x1c/0x30
[  447.616602][T23713]  task_work_run+0x130/0x1a0
[  447.616693][T23713]  exit_to_user_mode_loop+0x1f7/0x6f0
[  447.616744][T23713]  do_syscall_64+0x1d3/0x2a0
[  447.616794][T23713]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  447.616866][T23713] RIP: 0033:0x7f08782aacb9
[  447.616888][T23713] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  447.616913][T23713] RSP: 002b:00007f0876d07028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  447.617091][T23713] RAX: 0000000000000000 RBX: 00007f0878525fa0 RCX: 00007f08782aacb9
[  447.617111][T23713] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000000000000
[  447.617129][T23713] RBP: 00007f0876d07090 R08: 0000000000000000 R09: 0000000000000000
[  447.617148][T23713] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  447.617165][T23713] R13: 00007f0878526038 R14: 00007f0878525fa0 R15: 00007ffdf924a148
[  447.617205][T23713]  </TASK>
[  447.617224][T23713] tipc: Withdrawal distribution failure
[  447.933503][T23726] loop8: detected capacity change from 0 to 128
[  447.958498][T23730] xt_TCPMSS: Only works on TCP SYN packets
[  447.965371][T23730] netlink: 24 bytes leftover after parsing attributes in process `syz.7.7064'.
[  448.055714][T23740] loop6: detected capacity change from 0 to 512
[  448.087624][T23744] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=23744 comm=syz.7.7071
[  448.117348][T23740] EXT4-fs (loop6): 1 orphan inode deleted
[  448.129260][T19564] EXT4-fs error (device loop6): ext4_release_dquot:7022: comm kworker/u8:34: Failed to release dquot type 1
[  448.136428][T23740] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  448.145488][T23742] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  448.175079][T23748] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7072'.
[  448.191553][ T4404] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  448.221599][T23751] xt_TCPMSS: Only works on TCP SYN packets
[  448.240105][T23751] netlink: 24 bytes leftover after parsing attributes in process `syz.6.7073'.
[  448.353012][T23761] loop7: detected capacity change from 0 to 128
[  448.425973][T23763] binfmt_misc: register: failed to install interpreter file ./file0
[  448.445240][T23770] loop6: detected capacity change from 0 to 128
[  448.504491][T23776] netlink: 4 bytes leftover after parsing attributes in process `syz.7.7085'.
[  448.666170][T23790] netlink: 132 bytes leftover after parsing attributes in process `syz.0.7089'.
[  448.851662][T23808] bridge2: entered promiscuous mode
[  448.856955][T23808] bridge2: entered allmulticast mode
[  448.868720][T23811] xt_TCPMSS: Only works on TCP SYN packets
[  448.879801][T23811] netlink: 24 bytes leftover after parsing attributes in process `syz.8.7100'.
[  448.895136][T23808] team0: Port device bridge2 added
[  448.900797][T23812] C: entered promiscuous mode
[  448.905532][T23812] team_slave_1: entered promiscuous mode
[  448.916074][T23802] loop7: detected capacity change from 0 to 8192
[  448.928922][T23802] msdos: Unknown parameter 'nodots
'
[  448.940458][T23802] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=23802 comm=syz.7.7096
[  449.154278][T23836] bridge3: entered promiscuous mode
[  449.159642][T23836] bridge3: entered allmulticast mode
[  449.186727][T23838] bridge2: entered promiscuous mode
[  449.192047][T23838] bridge2: entered allmulticast mode
[  449.205953][T23838] team0: Port device bridge2 added
[  449.390711][T23861] EXT4-fs (loop7): 1 orphan inode deleted
[  449.400274][T23861] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  449.413251][T19564] EXT4-fs error (device loop7): ext4_release_dquot:7022: comm kworker/u8:34: Failed to release dquot type 1
[  449.488212][T23855] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  449.506006][T23861] EXT4-fs error (device loop7): ext4_add_entry:2415: inode #2: comm syz.7.7124: Directory hole found for htree leaf block 0
[  449.569436][ T4576] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  449.590860][ T7879] __quota_error: 82 callbacks suppressed
[  449.590878][ T7879] Quota error (device loop7): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  449.606753][ T7879] EXT4-fs error (device loop7): ext4_release_dquot:7022: comm kworker/u8:20: Failed to release dquot type 1
[  449.698062][T16846] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  449.947851][T23904] FAULT_INJECTION: forcing a failure.
[  449.947851][T23904] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  449.961220][T23904] CPU: 0 UID: 0 PID: 23904 Comm: syz.3.7141 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  449.961340][T23904] Tainted: [W]=WARN
[  449.961350][T23904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  449.961426][T23904] Call Trace:
[  449.961435][T23904]  <TASK>
[  449.961443][T23904]  __dump_stack+0x1d/0x30
[  449.961470][T23904]  dump_stack_lvl+0x95/0xd0
[  449.961495][T23904]  dump_stack+0x15/0x1b
[  449.961530][T23904]  should_fail_ex+0x263/0x280
[  449.961558][T23904]  should_fail+0xb/0x20
[  449.961580][T23904]  should_fail_usercopy+0x1a/0x20
[  449.961648][T23904]  _copy_from_user+0x1c/0xb0
[  449.961683][T23904]  ___sys_sendmsg+0xc1/0x1e0
[  449.961723][T23904]  __x64_sys_sendmsg+0xd4/0x160
[  449.961764][T23904]  x64_sys_call+0x17ba/0x3000
[  449.961800][T23904]  do_syscall_64+0xc0/0x2a0
[  449.961914][T23904]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  449.961959][T23904] RIP: 0033:0x7f57595bacb9
[  449.961979][T23904] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  449.961998][T23904] RSP: 002b:00007f5758017028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  449.962018][T23904] RAX: ffffffffffffffda RBX: 00007f5759835fa0 RCX: 00007f57595bacb9
[  449.962115][T23904] RDX: 0000000000004000 RSI: 0000200000000140 RDI: 0000000000000003
[  449.962133][T23904] RBP: 00007f5758017090 R08: 0000000000000000 R09: 0000000000000000
[  449.962151][T23904] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  449.962168][T23904] R13: 00007f5759836038 R14: 00007f5759835fa0 R15: 00007ffc39310198
[  449.962197][T23904]  </TASK>
[  450.133756][T23902] iso9660: Corrupted directory entry in block 2 of inode 1920
[  450.223928][T23914] FAULT_INJECTION: forcing a failure.
[  450.223928][T23914] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  450.237174][T23914] CPU: 0 UID: 0 PID: 23914 Comm: syz.6.7149 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  450.237286][T23914] Tainted: [W]=WARN
[  450.237295][T23914] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  450.237311][T23914] Call Trace:
[  450.237324][T23914]  <TASK>
[  450.237333][T23914]  __dump_stack+0x1d/0x30
[  450.237366][T23914]  dump_stack_lvl+0x95/0xd0
[  450.237396][T23914]  dump_stack+0x15/0x1b
[  450.237421][T23914]  should_fail_ex+0x263/0x280
[  450.237443][T23914]  should_fail+0xb/0x20
[  450.237537][T23914]  should_fail_usercopy+0x1a/0x20
[  450.237567][T23914]  strncpy_from_user+0x27/0x250
[  450.237618][T23914]  getname_flags+0xad/0x3b0
[  450.237647][T23914]  do_sys_openat2+0x60/0x150
[  450.237711][T23914]  __x64_sys_openat+0xf2/0x120
[  450.237748][T23914]  x64_sys_call+0x2b07/0x3000
[  450.237782][T23914]  do_syscall_64+0xc0/0x2a0
[  450.237863][T23914]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  450.237930][T23914] RIP: 0033:0x7f9a3935b58e
[  450.237950][T23914] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  450.237970][T23914] RSP: 002b:00007f9a37df6b28 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  450.237990][T23914] RAX: ffffffffffffffda RBX: 00007f9a37df76c0 RCX: 00007f9a3935b58e
[  450.238005][T23914] RDX: 0000000000000002 RSI: 00007f9a37df6c00 RDI: ffffffffffffff9c
[  450.238018][T23914] RBP: 00007f9a37df7090 R08: 0000000000000000 R09: 0000000000000000
[  450.238036][T23914] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  450.238078][T23914] R13: 00007f9a39616038 R14: 00007f9a39615fa0 R15: 00007fff42a7c008
[  450.238144][T23914]  </TASK>
[  450.471081][T23912] msdos: Unknown parameter 'nodots
'
[  450.488638][T23912] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=23912 comm=syz.3.7145
[  450.529409][   T29] audit: type=1400 audit(706.516:7228): avc:  denied  { connect } for  pid=23915 comm="syz.7.7147" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  450.574170][T23922] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  450.622186][   T29] audit: type=1400 audit(706.596:7229): avc:  denied  { shutdown } for  pid=23915 comm="syz.7.7147" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  450.686613][T23933] xt_TCPMSS: Only works on TCP SYN packets
[  450.790742][T15151] tipc: Subscription rejected, illegal request
[  451.022707][T23955] msdos: Unknown parameter 'nodots
'
[  451.064159][T23955] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=23955 comm=syz.8.7164
[  451.091969][ T4576] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  451.223876][T15151] tipc: Subscription rejected, illegal request
[  451.313429][T23986] A link change request failed with some changes committed already. Interface wg1 may have been left with an inconsistent configuration, please check.
[  451.404607][T23998] SELinux:  Context system_u:object_r:hwdata_t:s0 is not valid (left unmapped).
[  451.416420][   T29] audit: type=1400 audit(707.396:7230): avc:  denied  { relabelto } for  pid=23997 comm="syz.3.7183" name="" dev="pipefs" ino=85052 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=fifo_file permissive=1 trawcon="system_u:object_r:hwdata_t:s0"
[  451.473151][T23995] set_capacity_and_notify: 7 callbacks suppressed
[  451.473172][T23995] loop7: detected capacity change from 0 to 128
[  451.622174][T15192] tipc: Subscription rejected, illegal request
[  451.729796][T24026] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=24026 comm=syz.3.7194
[  451.866951][   T29] audit: type=1400 audit(707.836:7231): avc:  denied  { relabelfrom } for  pid=24027 comm="syz.8.7196" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  451.886390][   T29] audit: type=1400 audit(707.836:7232): avc:  denied  { relabelto } for  pid=24027 comm="syz.8.7196" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  451.954323][  T852] tipc: Subscription rejected, illegal request
[  452.128456][T24061] netlink: 'syz.7.7211': attribute type 4 has an invalid length.
[  452.139482][T24064] hub 6-0:1.0: USB hub found
[  452.167902][T24064] hub 6-0:1.0: 8 ports detected
[  452.192693][T24061] netlink: 'syz.7.7211': attribute type 4 has an invalid length.
[  452.234180][   T29] audit: type=1326 audit(708.216:7233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24060 comm="syz.7.7211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fede3faacb9 code=0x7ffc0000
[  452.257580][   T29] audit: type=1326 audit(708.216:7234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24060 comm="syz.7.7211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fede3faacb9 code=0x7ffc0000
[  452.280719][   T29] audit: type=1326 audit(708.216:7235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24060 comm="syz.7.7211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fede3faacb9 code=0x7ffc0000
[  452.285364][T24069] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=24069 comm=syz.0.7208
[  452.303740][   T29] audit: type=1326 audit(708.216:7236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24060 comm="syz.7.7211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=71 compat=0 ip=0x7fede3faacb9 code=0x7ffc0000
[  452.316423][T24046] ip6_vti0 speed is unknown, defaulting to 1000
[  452.431468][T24063] ip6_vti0 speed is unknown, defaulting to 1000
[  452.545496][T24077] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=24077 comm=syz.7.7217
[  452.691264][T24094] __nla_validate_parse: 12 callbacks suppressed
[  452.691281][T24094] netlink: 164 bytes leftover after parsing attributes in process `syz.0.7222'.
[  452.888432][T24114] netlink: 36 bytes leftover after parsing attributes in process `syz.3.7228'.
[  452.917548][T24114] bridge0: port 1(bridge_slave_0) entered disabled state
[  453.033482][T24080] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  453.085458][T24114] bridge_slave_0 (unregistering): left allmulticast mode
[  453.092646][T24114] bridge_slave_0 (unregistering): left promiscuous mode
[  453.099745][T24114] bridge0: port 1(bridge_slave_0) entered disabled state
[  453.233143][T24128] loop6: detected capacity change from 0 to 4096
[  453.267759][T24128] EXT4-fs: Ignoring removed bh option
[  453.273323][T24128] EXT4-fs: Ignoring removed mblk_io_submit option
[  453.328494][T24128] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  453.392107][ T4404] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  453.455763][T24145] loop6: detected capacity change from 0 to 1024
[  453.546253][T24145] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  453.701385][ T4404] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  453.768923][T24147] loop8: detected capacity change from 0 to 8192
[  453.813751][T24147] msdos: Unknown parameter 'nodots
'
[  453.849312][T24147] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=24147 comm=syz.8.7241
[  453.888370][T24166] loop6: detected capacity change from 0 to 128
[  453.889074][T24165] netlink: 12 bytes leftover after parsing attributes in process `syz.7.7248'.
[  453.947145][T24158] ip6_vti0 speed is unknown, defaulting to 1000
[  454.029457][T24171] netlink: 132 bytes leftover after parsing attributes in process `syz.7.7248'.
[  454.053995][T24170] hub 6-0:1.0: USB hub found
[  454.064624][T24170] hub 6-0:1.0: 8 ports detected
[  454.211851][T24177] xt_TCPMSS: Only works on TCP SYN packets
[  454.242394][T24177] netlink: 24 bytes leftover after parsing attributes in process `syz.7.7253'.
[  454.376208][T24185] loop6: detected capacity change from 0 to 128
[  454.385115][T24185] FAULT_INJECTION: forcing a failure.
[  454.385115][T24185] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  454.385152][T24185] CPU: 1 UID: 0 PID: 24185 Comm: syz.6.7255 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  454.385260][T24185] Tainted: [W]=WARN
[  454.385268][T24185] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  454.385283][T24185] Call Trace:
[  454.385292][T24185]  <TASK>
[  454.385309][T24185]  __dump_stack+0x1d/0x30
[  454.385378][T24185]  dump_stack_lvl+0x95/0xd0
[  454.385404][T24185]  dump_stack+0x15/0x1b
[  454.385499][T24185]  should_fail_ex+0x263/0x280
[  454.385527][T24185]  should_fail+0xb/0x20
[  454.385545][T24185]  should_fail_usercopy+0x1a/0x20
[  454.385573][T24185]  _copy_from_user+0x1c/0xb0
[  454.385706][T24185]  __sys_bpf+0x183/0x7b0
[  454.385736][T24185]  __x64_sys_bpf+0x41/0x50
[  454.385836][T24185]  x64_sys_call+0x28e1/0x3000
[  454.385871][T24185]  do_syscall_64+0xc0/0x2a0
[  454.385907][T24185]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  454.385929][T24185] RIP: 0033:0x7f9a3939acb9
[  454.386019][T24185] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  454.386044][T24185] RSP: 002b:00007f9a37df7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  454.386069][T24185] RAX: ffffffffffffffda RBX: 00007f9a39615fa0 RCX: 00007f9a3939acb9
[  454.386126][T24185] RDX: 0000000000000038 RSI: 0000200000000800 RDI: 0000000000000019
[  454.386143][T24185] RBP: 00007f9a37df7090 R08: 0000000000000000 R09: 0000000000000000
[  454.386161][T24185] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  454.386178][T24185] R13: 00007f9a39616038 R14: 00007f9a39615fa0 R15: 00007fff42a7c008
[  454.386203][T24185]  </TASK>
[  454.425290][T24187] netlink: 12 bytes leftover after parsing attributes in process `syz.0.7256'.
[  454.461161][T24190] loop6: detected capacity change from 0 to 128
[  454.621542][T15192] tipc: Subscription rejected, illegal request
[  454.665690][T24198] loop6: detected capacity change from 0 to 8192
[  454.666171][T24198] msdos: Unknown parameter 'nodots
'
[  454.674344][T24198] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=24198 comm=syz.6.7261
[  454.675936][T24204] netlink: 4 bytes leftover after parsing attributes in process `syz.8.7264'.
[  454.685370][T24204] erspan0: entered promiscuous mode
[  454.685489][T24204] macvtap1: entered promiscuous mode
[  454.685719][T24204] macvtap1: entered allmulticast mode
[  454.685738][T24204] erspan0: entered allmulticast mode
[  454.705464][T24204] erspan0: left allmulticast mode
[  454.705549][T24204] erspan0: left promiscuous mode
[  455.089203][T24226] netlink: 40 bytes leftover after parsing attributes in process `syz.8.7273'.
[  455.442218][T24219] ip6_vti0 speed is unknown, defaulting to 1000
[  455.450824][   T29] kauditd_printk_skb: 35 callbacks suppressed
[  455.450840][   T29] audit: type=1400 audit(711.436:7272): avc:  denied  { getopt } for  pid=24239 comm="syz.0.7277" lport=55888 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  455.544348][T24246] loop7: detected capacity change from 0 to 512
[  455.552922][T24247] FAULT_INJECTION: forcing a failure.
[  455.552922][T24247] name failslab, interval 1, probability 0, space 0, times 0
[  455.565660][T24247] CPU: 1 UID: 0 PID: 24247 Comm: syz.8.7278 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  455.565693][T24247] Tainted: [W]=WARN
[  455.565719][T24247] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  455.565736][T24247] Call Trace:
[  455.565747][T24247]  <TASK>
[  455.565757][T24247]  __dump_stack+0x1d/0x30
[  455.565851][T24247]  dump_stack_lvl+0x95/0xd0
[  455.565920][T24247]  dump_stack+0x15/0x1b
[  455.565948][T24247]  should_fail_ex+0x263/0x280
[  455.565977][T24247]  should_failslab+0x8c/0xb0
[  455.566042][T24247]  kmem_cache_alloc_node_noprof+0x6a/0x4a0
[  455.566091][T24247]  ? __alloc_skb+0x2f0/0x4b0
[  455.566118][T24247]  __alloc_skb+0x2f0/0x4b0
[  455.566142][T24247]  ? __alloc_skb+0x219/0x4b0
[  455.566189][T24247]  netlink_alloc_large_skb+0xbf/0xf0
[  455.566221][T24247]  netlink_sendmsg+0x40c/0x6f0
[  455.566260][T24247]  ? __pfx_netlink_sendmsg+0x10/0x10
[  455.566324][T24247]  __sock_sendmsg+0x145/0x170
[  455.566364][T24247]  ____sys_sendmsg+0x31e/0x4a0
[  455.566391][T24247]  ___sys_sendmsg+0x195/0x1e0
[  455.566436][T24247]  __x64_sys_sendmsg+0xd4/0x160
[  455.566522][T24247]  x64_sys_call+0x17ba/0x3000
[  455.566549][T24247]  do_syscall_64+0xc0/0x2a0
[  455.566660][T24247]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  455.566685][T24247] RIP: 0033:0x7f08782aacb9
[  455.566707][T24247] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  455.566743][T24247] RSP: 002b:00007f0876d07028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  455.566785][T24247] RAX: ffffffffffffffda RBX: 00007f0878525fa0 RCX: 00007f08782aacb9
[  455.566829][T24247] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000003
[  455.566843][T24247] RBP: 00007f0876d07090 R08: 0000000000000000 R09: 0000000000000000
[  455.566861][T24247] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  455.566878][T24247] R13: 00007f0878526038 R14: 00007f0878525fa0 R15: 00007ffdf924a148
[  455.566906][T24247]  </TASK>
[  455.865872][T24246] EXT4-fs (loop7): 1 orphan inode deleted
[  455.878674][  T852] Quota error (device loop7): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  455.888531][  T852] EXT4-fs error (device loop7): ext4_release_dquot:7022: comm kworker/u8:8: Failed to release dquot type 1
[  455.889363][T24246] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  455.948034][T24246] EXT4-fs error (device loop7): ext4_add_entry:2415: inode #2: comm syz.7.7280: Directory hole found for htree leaf block 0
[  455.965976][T24219] chnl_net:caif_netlink_parms(): no params data found
[  456.021814][ T4576] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  456.037946][  T837] Quota error (device loop7): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  456.047856][  T837] EXT4-fs error (device loop7): ext4_release_dquot:7022: comm kworker/u8:6: Failed to release dquot type 1
[  456.213691][ T7879] team0: Port device gtp18 removed
[  456.221905][ T7879] team0: Port device gtp17 removed
[  456.229676][ T7879] team0: Port device gtp16 removed
[  456.237264][ T7879] team0: Port device gtp15 removed
[  456.246715][ T7879] team0: Port device gtp14 removed
[  456.254208][ T7879] team0: Port device gtp13 removed
[  456.261516][ T7879] team0: Port device gtp12 removed
[  456.269270][ T7879] team0: Port device gtp11 removed
[  456.276557][ T7879] team0: Port device gtp10 removed
[  456.284340][ T7879] team0: Port device gtp9 removed
[  456.292064][ T7879] team0: Port device gtp8 removed
[  456.299432][ T7879] team0: Port device gtp7 removed
[  456.306818][ T7879] team0: Port device gtp6 removed
[  456.314533][ T7879] team0: Port device gtp5 removed
[  456.322327][ T7879] team0: Port device gtp4 removed
[  456.329897][ T7879] team0: Port device gtp3 removed
[  456.337185][ T7879] team0: Port device gtp2 removed
[  456.344666][ T7879] team0: Port device gtp1 removed
[  456.352172][ T7879] team0: Port device gtp0 removed
[  456.489424][ T7879] bond1 (unregistering): Released all slaves
[  456.498752][ T7879] bond2 (unregistering): Released all slaves
[  456.508053][ T7879] bond3 (unregistering): Released all slaves
[  456.517255][ T7879] bond4 (unregistering): Released all slaves
[  456.526173][ T7879] bond5 (unregistering): Released all slaves
[  456.537533][ T7879] bond0 (unregistering): Released all slaves
[  456.548735][ T7879] bond6 (unregistering): Released all slaves
[  456.558092][ T7879] bond7 (unregistering): Released all slaves
[  456.567166][ T7879] bond8 (unregistering): Released all slaves
[  456.577269][ T7879] bond9 (unregistering): Released all slaves
[  456.586619][ T7879] bond10 (unregistering): Released all slaves
[  456.595511][ T7879] bond11 (unregistering): Released all slaves
[  456.606605][ T7879] bond12 (unregistering): Released all slaves
[  456.616806][ T7879] bond13 (unregistering): (slave wireguard0): Releasing backup interface
[  456.625962][ T7879] wireguard0: left promiscuous mode
[  456.632998][ T7879] bond13 (unregistering): Released all slaves
[  456.642367][ T7879] bond14 (unregistering): Released all slaves
[  456.652391][ T7879] bond15 (unregistering): Released all slaves
[  456.697108][T24219] bridge0: port 1(bridge_slave_0) entered blocking state
[  456.704537][T24219] bridge0: port 1(bridge_slave_0) entered disabled state
[  456.715344][T24219] bridge_slave_0: entered allmulticast mode
[  456.722167][T24219] bridge_slave_0: entered promiscuous mode
[  456.729369][ T7879] IPVS: stopping backup sync thread 10357 ...
[  456.736047][T24219] bridge0: port 2(bridge_slave_1) entered blocking state
[  456.743266][T24219] bridge0: port 2(bridge_slave_1) entered disabled state
[  456.751033][T24219] bridge_slave_1: entered allmulticast mode
[  456.763774][T24219] bridge_slave_1: entered promiscuous mode
[  456.786061][T24219] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  456.798552][T24219] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  456.830441][T24219] team0: Port device team_slave_0 added
[  456.839895][T24219] team0: Port device team_slave_1 added
[  456.845680][ T7879] macvlan1: left promiscuous mode
[  456.852959][ T7879] dummy0: left promiscuous mode
[  456.863174][ T7879] hsr_slave_0: left promiscuous mode
[  456.869860][ T7879] hsr_slave_1: left promiscuous mode
[  456.875573][ T7879] batman_adv: batadv0: Interface deactivated: veth1_vlan
[  456.883063][ T7879] batman_adv: batadv0: Removing interface: veth1_vlan
[  457.020308][T24219] batman_adv: batadv0: Adding interface: batadv_slave_0
[  457.027294][T24219] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  457.053486][T24219] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  457.065125][T24219] batman_adv: batadv0: Adding interface: batadv_slave_1
[  457.072257][T24219] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  457.098427][T24219] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  457.128207][T24219] hsr_slave_0: entered promiscuous mode
[  457.134606][T24219] hsr_slave_1: entered promiscuous mode
[  457.140732][T24219] debugfs: 'hsr0' already exists in 'hsr'
[  457.146464][T24219] Cannot create hsr debugfs directory
[  457.507626][ T7879] IPVS: stop unused estimator thread 0...
[  457.553446][T24219] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  457.562790][T24219] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  457.585559][T24219] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  457.594903][T24219] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  457.618393][T24219] bridge0: port 2(bridge_slave_1) entered blocking state
[  457.625540][T24219] bridge0: port 2(bridge_slave_1) entered forwarding state
[  457.699160][T24219] 8021q: adding VLAN 0 to HW filter on device bond0
[  457.711563][  T123] bridge0: port 2(bridge_slave_1) entered disabled state
[  457.727927][T24219] 8021q: adding VLAN 0 to HW filter on device team0
[  457.737584][T15151] bridge0: port 1(bridge_slave_0) entered blocking state
[  457.744636][T15151] bridge0: port 1(bridge_slave_0) entered forwarding state
[  457.756290][  T850] bridge0: port 2(bridge_slave_1) entered blocking state
[  457.763454][  T850] bridge0: port 2(bridge_slave_1) entered forwarding state
[  457.836894][T24219] 8021q: adding VLAN 0 to HW filter on device batadv0
[  457.948437][T24219] veth0_vlan: entered promiscuous mode
[  457.957080][T24219] veth1_vlan: entered promiscuous mode
[  457.974167][T24219] veth0_macvtap: entered promiscuous mode
[  457.982782][T24219] veth1_macvtap: entered promiscuous mode
[  457.994274][T24219] batman_adv: batadv0: Interface activated: batadv_slave_0
[  458.006315][T24219] batman_adv: batadv0: Interface activated: batadv_slave_1
[  458.017708][T15151] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  458.026730][T15151] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  458.037874][T15151] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  458.046883][T15151] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  458.096787][T24364] bpf: Bad value for 'uid'
[  468.134915][T24373] xt_TCPMSS: Only works on TCP SYN packets
[  468.153008][T24373] netlink: 24 bytes leftover after parsing attributes in process `syz.3.7289'.
[  468.156164][T24372] netlink: 52 bytes leftover after parsing attributes in process `syz.6.7288'.
[  468.360719][T24378] ip6_vti0 speed is unknown, defaulting to 1000
[  468.476900][T24378] chnl_net:caif_netlink_parms(): no params data found
[  468.498432][T24402] netlink: 16 bytes leftover after parsing attributes in process `syz.3.7294'.
[  468.526970][T24405] loop6: detected capacity change from 0 to 128
[  468.595859][T24378] bridge0: port 1(bridge_slave_0) entered blocking state
[  468.603108][T24378] bridge0: port 1(bridge_slave_0) entered disabled state
[  468.611503][T24378] bridge_slave_0: entered allmulticast mode
[  468.618407][T24378] bridge_slave_0: entered promiscuous mode
[  468.625462][T24378] bridge0: port 2(bridge_slave_1) entered blocking state
[  468.632634][T24378] bridge0: port 2(bridge_slave_1) entered disabled state
[  468.640056][T24378] bridge_slave_1: entered allmulticast mode
[  468.647047][T24378] bridge_slave_1: entered promiscuous mode
[  468.666620][T24378] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  468.677526][T24378] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  468.727117][T24414] netlink: 152 bytes leftover after parsing attributes in process `syz.3.7297'.
[  468.734938][T24416] netlink: 8 bytes leftover after parsing attributes in process `syz.6.7299'.
[  468.746917][T24416] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  468.755364][T24416] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  468.781149][T24378] team0: Port device team_slave_0 added
[  468.806338][T24378] team0: Port device team_slave_1 added
[  468.838769][T24378] batman_adv: batadv0: Adding interface: batadv_slave_0
[  468.845885][T24378] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  468.871903][T24378] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  468.899287][T24378] batman_adv: batadv0: Adding interface: batadv_slave_1
[  468.906455][T24378] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  468.932705][T24378] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  468.962160][T24424] loop3: detected capacity change from 0 to 512
[  468.975519][ T7067] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  469.010129][T24378] hsr_slave_0: entered promiscuous mode
[  469.018175][T24378] hsr_slave_1: entered promiscuous mode
[  469.024636][T24378] debugfs: 'hsr0' already exists in 'hsr'
[  469.028291][T24424] EXT4-fs (loop3): 1 orphan inode deleted
[  469.030601][T24378] Cannot create hsr debugfs directory
[  469.042620][ T7067] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  469.052523][  T837] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  469.062377][  T837] EXT4-fs error (device loop3): ext4_release_dquot:7022: comm kworker/u8:6: Failed to release dquot type 1
[  469.067356][T24424] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  469.089091][T24431] netlink: 52 bytes leftover after parsing attributes in process `syz.8.7304'.
[  469.129990][T24424] EXT4-fs error (device loop3): ext4_add_entry:2415: inode #2: comm syz.3.7302: Directory hole found for htree leaf block 0
[  469.131931][ T7067] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  469.178524][T24433] bridge2: entered promiscuous mode
[  469.183777][T24433] bridge2: entered allmulticast mode
[  469.208687][ T7067] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  469.222345][T14990] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  469.232334][  T837] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  469.242218][  T837] EXT4-fs error (device loop3): ext4_release_dquot:7022: comm kworker/u8:6: Failed to release dquot type 1
[  469.280147][   T29] audit: type=1400 audit(725.268:7273): avc:  denied  { ioctl } for  pid=24435 comm="syz.7.7307" path="socket:[87147]" dev="sockfs" ino=87147 ioctlcmd=0xf508 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  469.375672][T24440] loop6: detected capacity change from 0 to 512
[  469.390867][T24439] loop3: detected capacity change from 0 to 2048
[  469.424482][T24440] EXT4-fs: Ignoring removed orlov option
[  469.430254][T24440] EXT4-fs: Ignoring removed i_version option
[  469.445531][ T7067] team0: left allmulticast mode
[  469.450511][ T7067] C: left allmulticast mode
[  469.455085][ T7067] team_slave_1: left allmulticast mode
[  469.460659][ T7067] team0: left promiscuous mode
[  469.465455][ T7067] C: left promiscuous mode
[  469.470056][ T7067] team_slave_1: left promiscuous mode
[  469.475853][ T7067] bridge0: port 3(team0) entered disabled state
[  469.483776][T24440] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  469.519891][T24440] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  469.543376][T24439] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  469.563351][ T7067] bridge_slave_1: left allmulticast mode
[  469.569814][ T7067] bridge_slave_1: left promiscuous mode
[  469.575545][ T7067] bridge0: port 2(bridge_slave_1) entered disabled state
[  469.640534][T24440] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #2: comm syz.6.7308: corrupted inode contents
[  469.653204][T24440] EXT4-fs (loop6): Remounting filesystem read-only
[  469.660032][ T7067] bridge_slave_0: left allmulticast mode
[  469.661174][T24439] netlink: 24 bytes leftover after parsing attributes in process `syz.3.7306'.
[  469.665762][ T7067] bridge_slave_0: left promiscuous mode
[  469.680370][ T7067] bridge0: port 1(bridge_slave_0) entered disabled state
[  469.709226][T24219] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  469.720935][ T9827] Quota error (device loop6): dquot_write_dquot: Can't write quota structure (error -30). Quota may get out of sync!
[  469.738901][ T7067] bond1 (unregistering): (slave ip6gretap1): Releasing active interface
[  469.747590][ T7067] bond1 (unregistering): (slave ip6gretap1): the permanent HWaddr of slave - 62:fc:3b:67:ab:a1 - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts
[  469.780371][ T7067] bond0 (unregistering): (slave erspan0): Releasing active interface
[  469.788618][ T7067] erspan0 (unregistering): left promiscuous mode
[  469.795045][ T7067] erspan0 (unregistering): left allmulticast mode
[  469.805537][ T7067] bond12 (unregistering): (slave erspan1): Releasing active interface
[  469.813896][ T7067] erspan1 (unregistering): left promiscuous mode
[  469.823813][ T7067] gretap0 (unregistering): left promiscuous mode
[  469.836993][ T7067] bond11 (unregistering): (slave geneve2): Releasing active interface
[  469.847538][T24460] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7313'.
[  469.856500][T24460] netlink: 20 bytes leftover after parsing attributes in process `syz.6.7313'.
[  469.888111][ T7067] team0: Port device bridge1 removed
[  469.913837][T24455] netlink: 'syz.3.7306': attribute type 10 has an invalid length.
[  469.927816][ T7067] team0: Port device bridge2 removed
[  469.998158][ T7067] bond1 (unregistering): (slave veth5): Releasing active interface
[  470.006931][ T7067] bond1 (unregistering): Released all slaves
[  470.016640][ T7067] bond2 (unregistering): Released all slaves
[  470.026286][ T7067] bond3 (unregistering): Released all slaves
[  470.036228][ T7067] bond4 (unregistering): Released all slaves
[  470.045738][ T7067] bond5 (unregistering): Released all slaves
[  470.055426][ T7067] bond6 (unregistering): Released all slaves
[  470.065832][ T7067] bond7 (unregistering): Released all slaves
[  470.075826][ T7067] bond8 (unregistering): Released all slaves
[  470.086785][ T7067] bond9 (unregistering): Released all slaves
[  470.097130][ T7067] bond10 (unregistering): Released all slaves
[  470.110405][ T7067] bond0 (unregistering): Released all slaves
[  470.119921][ T7067] bond11 (unregistering): Released all slaves
[  470.129639][ T7067] bond12 (unregistering): Released all slaves
[  470.139977][ T7067] bond13 (unregistering): Released all slaves
[  470.149825][ T7067] bond14 (unregistering): Released all slaves
[  470.159984][ T7067] bond15 (unregistering): Released all slaves
[  470.169441][ T7067] bond16 (unregistering): Released all slaves
[  470.181150][ T7067] bond17 (unregistering): Released all slaves
[  470.191353][ T7067] bond18 (unregistering): Released all slaves
[  470.211492][ T7067] bond19 (unregistering): Released all slaves
[  470.221565][ T7067] bond20 (unregistering): Released all slaves
[  470.230927][T24443] ip6_vti0 speed is unknown, defaulting to 1000
[  470.259079][T24455] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  470.305564][T14990] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  470.334464][ T7067] tipc: Left network mode
[  470.353985][T24469] xt_TCPMSS: Only works on TCP SYN packets
[  470.380667][T24469] netlink: 24 bytes leftover after parsing attributes in process `syz.6.7314'.
[  470.543082][T24489] program syz.8.7319 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  470.555083][ T7067] macvlan1: left promiscuous mode
[  470.560366][T24487] loop6: detected capacity change from 0 to 256
[  470.590125][T24487] FAULT_INJECTION: forcing a failure.
[  470.590125][T24487] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  470.603382][T24487] CPU: 1 UID: 0 PID: 24487 Comm: syz.6.7318 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  470.603457][T24487] Tainted: [W]=WARN
[  470.603465][T24487] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  470.603505][T24487] Call Trace:
[  470.603515][T24487]  <TASK>
[  470.603525][T24487]  __dump_stack+0x1d/0x30
[  470.603571][T24487]  dump_stack_lvl+0x95/0xd0
[  470.603627][T24487]  dump_stack+0x15/0x1b
[  470.603654][T24487]  should_fail_ex+0x263/0x280
[  470.603682][T24487]  should_fail+0xb/0x20
[  470.603735][T24487]  should_fail_usercopy+0x1a/0x20
[  470.603764][T24487]  strncpy_from_user+0x27/0x250
[  470.603802][T24487]  getname_flags+0xad/0x3b0
[  470.603905][T24487]  __x64_sys_mkdirat+0x40/0x60
[  470.603947][T24487]  x64_sys_call+0x30c/0x3000
[  470.604001][T24487]  do_syscall_64+0xc0/0x2a0
[  470.604040][T24487]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  470.604068][T24487] RIP: 0033:0x7f517b40acb9
[  470.604088][T24487] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  470.604141][T24487] RSP: 002b:00007f5179e67028 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[  470.604218][T24487] RAX: ffffffffffffffda RBX: 00007f517b685fa0 RCX: 00007f517b40acb9
[  470.604240][T24487] RDX: 00000000000001c0 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  470.604261][T24487] RBP: 00007f5179e67090 R08: 0000000000000000 R09: 0000000000000000
[  470.604279][T24487] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  470.604363][T24487] R13: 00007f517b686038 R14: 00007f517b685fa0 R15: 00007ffcf74d1d58
[  470.604391][T24487]  </TASK>
[  470.604458][ T7067] dummy0: left promiscuous mode
[  470.796176][ T7067] hsr_slave_0: left promiscuous mode
[  470.802303][ T7067] hsr_slave_1: left promiscuous mode
[  470.808267][ T7067] batman_adv: batadv0: Removing interface: batadv_slave_0
[  470.815971][ T7067] batman_adv: batadv0: Removing interface: batadv_slave_1
[  470.823652][ T7067] batman_adv: batadv0: Interface deactivated: veth1_vlan
[  470.830951][ T7067] batman_adv: batadv0: Removing interface: veth1_vlan
[  470.902586][   T29] audit: type=1326 audit(726.888:7274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24499 comm="syz.6.7323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f517b40acb9 code=0x7ffc0000
[  470.984633][   T29] audit: type=1326 audit(726.888:7275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24499 comm="syz.6.7323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f517b40acb9 code=0x7ffc0000
[  471.007757][   T29] audit: type=1326 audit(726.888:7276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24499 comm="syz.6.7323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f517b40acb9 code=0x7ffc0000
[  471.030874][   T29] audit: type=1326 audit(726.918:7277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24499 comm="syz.6.7323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f517b40acb9 code=0x7ffc0000
[  471.053864][   T29] audit: type=1326 audit(726.918:7278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24499 comm="syz.6.7323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f517b40acb9 code=0x7ffc0000
[  471.077195][   T29] audit: type=1326 audit(726.918:7279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24499 comm="syz.6.7323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f517b40acb9 code=0x7ffc0000
[  471.085378][T24498] loop8: detected capacity change from 0 to 8192
[  471.139167][T24498] msdos: Unknown parameter 'nodots
'
[  471.157682][ T7067] team0 (unregistering): Port device team_slave_1 removed
[  471.181930][ T7067] team0 (unregistering): Port device C removed
[  471.206935][T24498] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=24498 comm=syz.8.7322
[  471.223527][T24503] netlink: 'syz.3.7316': attribute type 14 has an invalid length.
[  471.298691][T24378] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  471.318229][T24378] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  471.337953][T24378] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  471.378247][T24378] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  471.414685][T24509] loop7: detected capacity change from 0 to 128
[  471.441088][T24515] xt_TCPMSS: Only works on TCP SYN packets
[  471.459563][T24518] loop3: detected capacity change from 0 to 512
[  471.494503][T24518] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  471.563385][T24518] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  471.589589][T24378] 8021q: adding VLAN 0 to HW filter on device bond0
[  471.622000][T24518] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.7329: bg 0: block 217: padding at end of block bitmap is not set
[  471.687511][T24378] 8021q: adding VLAN 0 to HW filter on device team0
[  471.706186][T24518] EXT4-fs (loop3): Remounting filesystem read-only
[  471.728765][T15184] bridge0: port 1(bridge_slave_0) entered blocking state
[  471.735898][T15184] bridge0: port 1(bridge_slave_0) entered forwarding state
[  471.780061][T19564] bridge0: port 2(bridge_slave_1) entered blocking state
[  471.786158][T14990] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  471.787278][T19564] bridge0: port 2(bridge_slave_1) entered forwarding state
[  471.877691][T24558] loop8: detected capacity change from 0 to 128
[  471.959676][T24566] xt_TCPMSS: Only works on TCP SYN packets
[  472.029223][T24572] loop8: detected capacity change from 0 to 128
[  472.123592][T24378] 8021q: adding VLAN 0 to HW filter on device batadv0
[  472.295242][T24378] veth0_vlan: entered promiscuous mode
[  472.304181][T24378] veth1_vlan: entered promiscuous mode
[  472.327996][T24378] veth0_macvtap: entered promiscuous mode
[  472.337782][T24378] veth1_macvtap: entered promiscuous mode
[  472.366534][T24378] batman_adv: batadv0: Interface activated: batadv_slave_0
[  472.383065][T24378] batman_adv: batadv0: Interface activated: batadv_slave_1
[  472.394964][T19564] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  472.417162][T19564] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  472.436690][T19564] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  472.458088][T19564] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  472.588379][T24609] xt_TCPMSS: Only works on TCP SYN packets
[  472.838254][T24633] FAULT_INJECTION: forcing a failure.
[  472.838254][T24633] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  472.851862][T24633] CPU: 1 UID: 0 PID: 24633 Comm: syz.0.7360 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  472.851903][T24633] Tainted: [W]=WARN
[  472.851912][T24633] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  472.851929][T24633] Call Trace:
[  472.851937][T24633]  <TASK>
[  472.851947][T24633]  __dump_stack+0x1d/0x30
[  472.851986][T24633]  dump_stack_lvl+0x95/0xd0
[  472.852013][T24633]  dump_stack+0x15/0x1b
[  472.852104][T24633]  should_fail_ex+0x263/0x280
[  472.852130][T24633]  should_fail+0xb/0x20
[  472.852220][T24633]  should_fail_usercopy+0x1a/0x20
[  472.852247][T24633]  _copy_from_user+0x1c/0xb0
[  472.852280][T24633]  ___sys_sendmsg+0xc1/0x1e0
[  472.852391][T24633]  __x64_sys_sendmsg+0xd4/0x160
[  472.852426][T24633]  x64_sys_call+0x17ba/0x3000
[  472.852515][T24633]  do_syscall_64+0xc0/0x2a0
[  472.852556][T24633]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  472.852580][T24633] RIP: 0033:0x7ff708f9acb9
[  472.852600][T24633] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  472.852620][T24633] RSP: 002b:00007ff7079f7028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  472.852651][T24633] RAX: ffffffffffffffda RBX: 00007ff709215fa0 RCX: 00007ff708f9acb9
[  472.852741][T24633] RDX: 0000000000000000 RSI: 0000200000000340 RDI: 0000000000000003
[  472.852756][T24633] RBP: 00007ff7079f7090 R08: 0000000000000000 R09: 0000000000000000
[  472.852772][T24633] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  472.852785][T24633] R13: 00007ff709216038 R14: 00007ff709215fa0 R15: 00007ffca44b2078
[  472.852805][T24633]  </TASK>
[  473.102455][T24616] ip6_vti0 speed is unknown, defaulting to 1000
[  473.152737][T24648] bridge1: entered promiscuous mode
[  473.158165][T24648] bridge1: entered allmulticast mode
[  473.170224][T24650] random: crng reseeded on system resumption
[  473.192970][T24650] Restarting kernel threads ...
[  473.207495][T24652] FAULT_INJECTION: forcing a failure.
[  473.207495][T24652] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  473.216428][T24650] Done restarting kernel threads.
[  473.221132][T24652] CPU: 0 UID: 0 PID: 24652 Comm: syz.8.7367 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  473.221240][T24652] Tainted: [W]=WARN
[  473.221268][T24652] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  473.221312][T24652] Call Trace:
[  473.221333][T24652]  <TASK>
[  473.221425][T24652]  __dump_stack+0x1d/0x30
[  473.221501][T24652]  dump_stack_lvl+0x95/0xd0
[  473.221575][T24652]  dump_stack+0x15/0x1b
[  473.221647][T24652]  should_fail_ex+0x263/0x280
[  473.221721][T24652]  should_fail+0xb/0x20
[  473.221783][T24652]  should_fail_usercopy+0x1a/0x20
[  473.221877][T24652]  _copy_from_user+0x1c/0xb0
[  473.221964][T24652]  do_ip6t_set_ctl+0x3b2/0x8f0
[  473.222129][T24652]  ? kstrtoull+0x111/0x140
[  473.222281][T24652]  ? __rcu_read_unlock+0x4e/0x70
[  473.222374][T24652]  nf_setsockopt+0x199/0x1b0
[  473.222571][T24652]  ipv6_setsockopt+0x11a/0x130
[  473.222726][T24652]  tcp_setsockopt+0x98/0xb0
[  473.222844][T24652]  sock_common_setsockopt+0x69/0x80
[  473.222969][T24652]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  473.223017][T24652]  __sys_setsockopt+0x184/0x200
[  473.223063][T24652]  __x64_sys_setsockopt+0x64/0x80
[  473.223213][T24652]  x64_sys_call+0x21d5/0x3000
[  473.223318][T24652]  do_syscall_64+0xc0/0x2a0
[  473.223414][T24652]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  473.223488][T24652] RIP: 0033:0x7f08782aacb9
[  473.223549][T24652] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  473.223634][T24652] RSP: 002b:00007f0876d07028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  473.223755][T24652] RAX: ffffffffffffffda RBX: 00007f0878525fa0 RCX: 00007f08782aacb9
[  473.223806][T24652] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000004
[  473.223848][T24652] RBP: 00007f0876d07090 R08: 0000000000000248 R09: 0000000000000000
[  473.223974][T24652] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  473.224018][T24652] R13: 00007f0878526038 R14: 00007f0878525fa0 R15: 00007ffdf924a148
[  473.224082][T24652]  </TASK>
[  473.533604][T24659] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=24659 comm=syz.8.7369
[  473.564895][T24662] __nla_validate_parse: 8 callbacks suppressed
[  473.564918][T24662] netlink: 152 bytes leftover after parsing attributes in process `syz.3.7370'.
[  473.580978][T24663] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16519 sclass=netlink_tcpdiag_socket pid=24663 comm=syz.8.7369
[  473.616315][T24616] chnl_net:caif_netlink_parms(): no params data found
[  473.660953][  T852] netdevsim netdevsim7 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  473.674271][T24669] FAULT_INJECTION: forcing a failure.
[  473.674271][T24669] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  473.687425][T24669] CPU: 0 UID: 0 PID: 24669 Comm: syz.0.7372 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  473.687468][T24669] Tainted: [W]=WARN
[  473.687477][T24669] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  473.687494][T24669] Call Trace:
[  473.687502][T24669]  <TASK>
[  473.687510][T24669]  __dump_stack+0x1d/0x30
[  473.687566][T24669]  dump_stack_lvl+0x95/0xd0
[  473.687592][T24669]  dump_stack+0x15/0x1b
[  473.687617][T24669]  should_fail_ex+0x263/0x280
[  473.687640][T24669]  should_fail+0xb/0x20
[  473.687724][T24669]  should_fail_usercopy+0x1a/0x20
[  473.687748][T24669]  strncpy_from_user+0x27/0x250
[  473.687787][T24669]  getname_flags+0xad/0x3b0
[  473.687851][T24669]  do_sys_openat2+0x60/0x150
[  473.687887][T24669]  __x64_sys_openat+0xf2/0x120
[  473.687998][T24669]  x64_sys_call+0x2b07/0x3000
[  473.688028][T24669]  do_syscall_64+0xc0/0x2a0
[  473.688172][T24669]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  473.688263][T24669] RIP: 0033:0x7ff708f9acb9
[  473.688284][T24669] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  473.688304][T24669] RSP: 002b:00007ff7079f7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  473.688325][T24669] RAX: ffffffffffffffda RBX: 00007ff709215fa0 RCX: 00007ff708f9acb9
[  473.688339][T24669] RDX: 0000000000002501 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  473.688355][T24669] RBP: 00007ff7079f7090 R08: 0000000000000000 R09: 0000000000000000
[  473.688389][T24669] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  473.688402][T24669] R13: 00007ff709216038 R14: 00007ff709215fa0 R15: 00007ffca44b2078
[  473.688468][T24669]  </TASK>
[  473.880456][T24616] bridge0: port 1(bridge_slave_0) entered blocking state
[  473.887699][T24616] bridge0: port 1(bridge_slave_0) entered disabled state
[  473.900587][T24616] bridge_slave_0: entered allmulticast mode
[  473.923588][T24616] bridge_slave_0: entered promiscuous mode
[  473.936963][T24675] netlink: 152 bytes leftover after parsing attributes in process `syz.3.7374'.
[  473.947933][T24616] bridge0: port 2(bridge_slave_1) entered blocking state
[  473.955170][T24616] bridge0: port 2(bridge_slave_1) entered disabled state
[  474.077821][T24658] ==================================================================
[  474.086068][T24658] BUG: KCSAN: data-race in __filemap_remove_folio / folio_mapping
[  474.093901][T24658] 
[  474.096668][T24658] write to 0xffffea00047b8a98 of 8 bytes by task 24659 on cpu 1:
[  474.104380][T24658]  __filemap_remove_folio+0x201/0x300
[  474.109769][T24658]  filemap_remove_folio+0x6d/0x1d0
[  474.114894][T24658]  truncate_inode_folio+0x42/0x50
[  474.119946][T24658]  shmem_undo_range+0x28a/0xb10
[  474.124801][T24658]  shmem_fallocate+0x881/0x920
[  474.129574][T24658]  vfs_fallocate+0x3b6/0x400
[  474.134255][T24658]  file_ioctl+0x4e3/0x5c0
[  474.138621][T24658]  do_vfs_ioctl+0x7c9/0xe70
[  474.143137][T24658]  __se_sys_ioctl+0x82/0x140
[  474.147912][T24658]  __x64_sys_ioctl+0x43/0x50
[  474.152513][T24658]  x64_sys_call+0x14b0/0x3000
[  474.157198][T24658]  do_syscall_64+0xc0/0x2a0
[  474.161714][T24658]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  474.167610][T24658] 
[  474.169935][T24658] read to 0xffffea00047b8a98 of 8 bytes by task 24658 on cpu 0:
[  474.177579][T24658]  folio_mapping+0xa1/0xe0
[  474.182014][T24658]  move_folios_to_lru+0x128/0x6d0
[  474.187065][T24658]  evict_folios+0x31e6/0x35b0
[  474.191766][T24658]  try_to_shrink_lruvec+0x5f6/0x960
[  474.196985][T24658]  shrink_lruvec+0x24e/0x1bc0
[  474.201674][T24658]  shrink_node+0x68e/0x2000
[  474.206202][T24658]  do_try_to_free_pages+0x404/0xcc0
[  474.211673][T24658]  try_to_free_mem_cgroup_pages+0x222/0x470
[  474.217586][T24658]  try_charge_memcg+0x37e/0xa10
[  474.222453][T24658]  obj_cgroup_charge_pages+0xa6/0x150
[  474.227837][T24658]  __memcg_kmem_charge_page+0x9e/0x170
[  474.233318][T24658]  __alloc_frozen_pages_noprof+0x18a/0x350
[  474.239167][T24658]  alloc_pages_mpol+0xb3/0x260
[  474.243980][T24658]  alloc_pages_noprof+0x8f/0x130
[  474.248942][T24658]  __vmalloc_node_range_noprof+0xa46/0x12b0
[  474.254859][T24658]  __kvmalloc_node_noprof+0x471/0x680
[  474.260247][T24658]  ip_set_alloc+0x24/0x30
[  474.264594][T24658]  hash_netiface_create+0x282/0x740
[  474.269805][T24658]  ip_set_create+0x3cf/0x970
[  474.274441][T24658]  nfnetlink_rcv_msg+0x509/0x5d0
[  474.279399][T24658]  netlink_rcv_skb+0x123/0x220
[  474.284193][T24658]  nfnetlink_rcv+0x167/0x1720
[  474.288894][T24658]  netlink_unicast+0x5c0/0x690
[  474.293672][T24658]  netlink_sendmsg+0x5c8/0x6f0
[  474.298536][T24658]  __sock_sendmsg+0x145/0x170
[  474.303367][T24658]  ____sys_sendmsg+0x31e/0x4a0
[  474.308255][T24658]  ___sys_sendmsg+0x195/0x1e0
[  474.312960][T24658]  __x64_sys_sendmsg+0xd4/0x160
[  474.317816][T24658]  x64_sys_call+0x17ba/0x3000
[  474.322509][T24658]  do_syscall_64+0xc0/0x2a0
[  474.327113][T24658]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  474.333026][T24658] 
[  474.335349][T24658] value changed: 0xffff8881320c07c0 -> 0x0000000000000000
[  474.342452][T24658] 
[  474.344778][T24658] Reported by Kernel Concurrency Sanitizer on:
[  474.351035][T24658] CPU: 0 UID: 0 PID: 24658 Comm: syz.8.7369 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  474.362418][T24658] Tainted: [W]=WARN
[  474.366231][T24658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  474.376384][T24658] ==================================================================
SYZFAIL: failed to send rpc
fd=3 want=56 sent=0 n=-1 (errno 32: Broken pipe)
[  474.459586][   T29] kauditd_printk_skb: 136 callbacks suppressed
[  474.459605][   T29] audit: type=1400 audit(730.449:7416): avc:  denied  { write } for  pid=3304 comm="syz-executor" path="pipe:[2387]" dev="pipefs" ino=2387 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
[  474.502200][T24616] bridge_slave_1: entered allmulticast mode
[  474.556097][T24616] bridge_slave_1: entered promiscuous mode
[  474.588257][  T852] netdevsim netdevsim7 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  474.739441][  T852] netdevsim netdevsim7 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  474.828471][  T852] netdevsim netdevsim7 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  475.096687][T15192] smc: removing ib device syz2
[  475.121007][  T852] bond6 (unregistering): (slave geneve2): Releasing active interface
[  475.135444][T24599] SELinux: failure in sel_netif_sid_slow(), invalid network interface (13)
[  475.189212][T24658] syz.8.7369 (24658) used greatest stack depth: 5920 bytes left
[  475.311849][  T852] bond1 (unregistering): (slave lo): Releasing backup interface
[  475.325887][  T852] bond1 (unregistering): (slave lo): last VLAN challenged slave left bond - VLAN blocking is removed
[  475.346649][  T852] bond1 (unregistering): Released all slaves
[  475.365423][  T852] bond2 (unregistering): Released all slaves
[  475.374366][  T852] bond3 (unregistering): Released all slaves
[  475.383495][  T852] bond4 (unregistering): Released all slaves
[  475.393880][  T852] bond0 (unregistering): Released all slaves
[  475.403379][  T852] bond5 (unregistering): Released all slaves
[  475.414755][  T852] bond6 (unregistering): Released all slaves
[  475.424248][  T852] bond7 (unregistering): Released all slaves
[  475.433310][  T852] bond8 (unregistering): Released all slaves
[  475.442398][  T852] bond9 (unregistering): Released all slaves
[  475.451593][  T852] bond10 (unregistering): Released all slaves
[  475.460495][  T852] bond11 (unregistering): Released all slaves
[  475.471884][  T852] bond12 (unregistering): Released all slaves
[  475.481347][ T3500] ip6_vti0 speed is unknown, defaulting to 1000
[  475.487669][ T3500] syz2: Port: 1 Link DOWN
[  475.566035][  T852] tipc: Disabling bearer <udp:s>
[  475.571055][  T852] tipc: Left network mode
[  475.601024][  T852] hsr_slave_0: left promiscuous mode
[  475.626885][  T852] hsr_slave_1: left promiscuous mode
[  475.637732][  T852] batman_adv: batadv0: Interface deactivated: veth1_vlan
[  475.644801][  T852] batman_adv: batadv0: Removing interface: veth1_vlan
[  476.009030][  T852] IPVS: stop unused estimator thread 0...
[  476.107914][  T852] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  476.168599][  T852] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  476.230508][  T852] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  476.300335][  T852] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  476.407174][  T852] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  476.479097][  T852] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  476.538315][  T852] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  476.588683][  T852] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  476.670217][  T852] netdevsim netdevsim8 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  476.716961][  T852] netdevsim netdevsim8 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  476.776928][  T852] netdevsim netdevsim8 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  476.847199][  T852] netdevsim netdevsim8 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  476.933462][  T852] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  476.976745][  T852] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  477.016855][  T852] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  477.087033][  T852] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  477.217512][  T852] bridge_slave_1: left allmulticast mode
[  477.223348][  T852] bridge_slave_1: left promiscuous mode
[  477.229128][  T852] bridge0: port 2(bridge_slave_1) entered disabled state
[  477.238429][  T852] bridge_slave_0: left allmulticast mode
[  477.244175][  T852] bridge_slave_0: left promiscuous mode
[  477.250675][  T852] bridge0: port 1(bridge_slave_0) entered disabled state
[  477.260010][  T852] bridge_slave_1: left allmulticast mode
[  477.265878][  T852] bridge_slave_1: left promiscuous mode
[  477.271584][  T852] bridge0: port 2(bridge_slave_1) entered disabled state
[  477.280264][  T852] bridge_slave_0: left allmulticast mode
[  477.286171][  T852] bridge_slave_0: left promiscuous mode
[  477.291950][  T852] bridge0: port 1(bridge_slave_0) entered disabled state
[  477.302827][  T852] bridge_slave_1: left allmulticast mode
[  477.308663][  T852] bridge_slave_1: left promiscuous mode
[  477.314513][  T852] bridge0: port 2(bridge_slave_1) entered disabled state
[  477.323702][  T852] bridge_slave_0: left allmulticast mode
[  477.329784][  T852] bridge_slave_0: left promiscuous mode
[  477.335711][  T852] bridge0: port 1(bridge_slave_0) entered disabled state
[  477.345446][  T852] bridge_slave_1: left allmulticast mode
[  477.351166][  T852] bridge_slave_1: left promiscuous mode
[  477.356931][  T852] bridge0: port 2(bridge_slave_1) entered disabled state
[  477.365286][  T852] bridge_slave_0: left allmulticast mode
[  477.370958][  T852] bridge_slave_0: left promiscuous mode
[  477.376735][  T852] bridge0: port 1(bridge_slave_0) entered disabled state
[  477.386111][  T852] bridge_slave_1: left allmulticast mode
[  477.391797][  T852] bridge_slave_1: left promiscuous mode
[  477.397668][  T852] bridge0: port 2(bridge_slave_1) entered disabled state
[  477.608315][  T852] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  477.619127][  T852] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  477.629286][  T852] bond0 (unregistering): Released all slaves
[  477.708000][  T852] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  477.718118][  T852] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  477.728566][  T852] bond0 (unregistering): Released all slaves
[  477.846928][  T852] bond1 (unregistering): Released all slaves
[  477.855849][  T852] bond0 (unregistering): Released all slaves
[  477.864911][  T852] bond2 (unregistering): Released all slaves
[  477.878081][  T852] bond3 (unregistering): Released all slaves
[  477.889664][  T852] bond4 (unregistering): Released all slaves
[  477.900844][  T852] bond5 (unregistering): Released all slaves
[  477.912294][  T852] bond6 (unregistering): Released all slaves
[  477.921219][  T852] bond7 (unregistering): Released all slaves
[  477.930509][  T852] bond8 (unregistering): Released all slaves
[  477.940124][  T852] bond9 (unregistering): Released all slaves
[  477.949923][  T852] bond10 (unregistering): Released all slaves
[  478.017068][  T852] bond0 (unregistering): Released all slaves
[  478.036629][  T852] bond2 (unregistering): (slave erspan0): Releasing active interface
[  478.062050][  T852] bond0 (unregistering): (slave bridge0): Releasing backup interface
[  478.156786][  T852] team0: Port device bridge2 removed
[  478.199217][  T852] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  478.211839][  T852] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  478.222114][  T852] bond0 (unregistering): Released all slaves
[  478.230101][  T852] bond1 (unregistering): Released all slaves
[  478.239314][  T852] bond2 (unregistering): Released all slaves
[  478.248062][  T852] bond3 (unregistering): Released all slaves
[  478.257472][  T852] bond4 (unregistering): Released all slaves
[  478.266128][  T852] bond5 (unregistering): Released all slaves
[  478.459095][  T852] hsr_slave_0: left promiscuous mode
[  478.464913][  T852] hsr_slave_1: left promiscuous mode
[  478.472555][  T852] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  478.480071][  T852] batman_adv: batadv0: Removing interface: batadv_slave_0
[  478.490260][  T852] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  478.497740][  T852] batman_adv: batadv0: Removing interface: batadv_slave_1
[  478.512943][  T852] hsr_slave_0: left promiscuous mode
[  478.519166][  T852] hsr_slave_1: left promiscuous mode
[  478.524944][  T852] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  478.532408][  T852] batman_adv: batadv0: Removing interface: batadv_slave_0
[  478.541441][  T852] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  478.548979][  T852] batman_adv: batadv0: Removing interface: batadv_slave_1
[  478.559095][  T852] dummy0: left promiscuous mode
[  478.566155][  T852] hsr_slave_0: left promiscuous mode
[  478.581485][  T852] hsr_slave_1: left promiscuous mode
[  478.595574][  T852] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  478.602984][  T852] batman_adv: batadv0: Removing interface: batadv_slave_0
[  478.613652][  T852] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  478.621159][  T852] batman_adv: batadv0: Removing interface: batadv_slave_1
[  478.629705][  T852] batman_adv: batadv0: Interface deactivated: veth1_vlan
[  478.637378][  T852] batman_adv: batadv0: Removing interface: veth1_vlan
[  478.644689][  T852] macvlan1: left promiscuous mode
[  478.650297][  T852] dummy0: left promiscuous mode
[  478.657573][  T852] hsr_slave_0: left promiscuous mode
[  478.663306][  T852] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  478.670830][  T852] batman_adv: batadv0: Removing interface: batadv_slave_0
[  478.680220][  T852] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  478.687677][  T852] batman_adv: batadv0: Removing interface: batadv_slave_1
[  478.696140][  T852] batman_adv: batadv0: Interface deactivated: veth1_vlan
[  478.703264][  T852] batman_adv: batadv0: Removing interface: veth1_vlan
[  478.722531][  T852] veth1_macvtap: left promiscuous mode
[  478.728138][  T852] veth0_macvtap: left promiscuous mode
[  478.733745][  T852] veth1_vlan: left promiscuous mode
[  478.739324][  T852] veth0_vlan: left promiscuous mode
[  478.745628][  T852] veth1_macvtap: left promiscuous mode
[  478.751116][  T852] veth0_macvtap: left promiscuous mode
[  478.756815][  T852] veth1_vlan: left promiscuous mode
[  478.762101][  T852] veth0_vlan: left promiscuous mode
[  478.768486][  T852] veth0_macvtap: left promiscuous mode
[  478.774101][  T852] veth1_vlan: left promiscuous mode
[  478.780250][  T852] veth1_macvtap: left promiscuous mode
[  478.787686][  T852] veth0_macvtap: left promiscuous mode
[  478.793272][  T852] veth1_vlan: left allmulticast mode
[  478.798709][  T852] veth1_vlan: left promiscuous mode
[  479.017111][  T852] team0 (unregistering): Port device team_slave_1 removed
[  479.028657][  T852] team0 (unregistering): Port device team_slave_0 removed
[  479.098222][  T852] team0 (unregistering): Port device team_slave_1 removed
[  479.109482][  T852] team0 (unregistering): Port device team_slave_0 removed
[  479.155696][  T852] pimreg (unregistering): left allmulticast mode
[  479.203655][  T852] team0 (unregistering): Port device team_slave_1 removed
[  479.215555][  T852] team0 (unregistering): Port device team_slave_0 removed
[  479.223026][ T7879] smc: removing ib device !yz!
[  479.337635][  T852] team0 (unregistering): Port device team_slave_1 removed
[  479.347647][  T852] team0 (unregistering): Port device C removed
[  480.387580][  T852] IPVS: stop unused estimator thread 0...