last executing test programs:

11m15.913122737s ago: executing program 2 (id=74):
sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)={0x104, 0x0, 0x520, 0x70bd29, 0x25dfdbfe, {}, [@ETHTOOL_A_STRSET_STRINGSETS={0xf0, 0x2, 0x0, 0x1, [{0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x9}, @ETHTOOL_A_STRINGSET_ID={0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}]}, {0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x5}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0xe}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}]}, {0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x1}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x9}]}]}]}, 0x104}, 0x1, 0x0, 0x0, 0x40004000}, 0x800)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f0000000180)=[{0x28, 0x0, 0x73, 0xfffff034}, {0x6, 0x0, 0x2, 0xffffffff}]}, 0x10)
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000440)={@val={0x70}, @void, @eth={@broadcast, @remote, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x452c, 0x0, 0x0, 0x0, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, {0x0, 0x6558, 0x18, 0x0, @wg=@data={0x4, 0x0, 0xffffdd86}}}}}}}, 0xfdef)

11m13.883892306s ago: executing program 2 (id=77):
socket$packet(0x11, 0x3, 0x300)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet(0x2, 0x2, 0x1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0x12, 0x5, 0x4, 0x3}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x1e, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000640)={r2, r1, 0x25, 0x0, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6fc}}, 0x40)
syz_emit_ethernet(0x82, &(0x7f0000002940)={@remote, @empty, @val={@val={0x88a8, 0x5, 0x0, 0x4}, {0x8100, 0x7, 0x1, 0x4}}, {@ipv6={0x86dd, @gre_packet={0x9, 0x6, "896df4", 0x44, 0x2f, 0xff, @private0, @private0={0xfc, 0x0, '\x00', 0x1}, {[], {{0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, {0x1, 0x0, 0x1}, {0x1, 0x0, 0x0, 0x1}, {0x8, 0x88be, 0x1, {{0x4, 0x1, 0xfb, 0x0, 0x0, 0x3, 0x0, 0x1}, 0x1, {0x3}}}, {0x8, 0x22eb, 0x4, {{0x1, 0x2, 0x8, 0x1, 0x0, 0x0, 0x7, 0x4}, 0x2, {0x3, 0xff, 0x0, 0x1a, 0x1, 0x1, 0x3, 0x1}}}, {0x8, 0x6558, 0x1}}}}}}}, 0x0)

11m13.674902293s ago: executing program 2 (id=79):
openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/devices.allow\x00', 0x2, 0x118)
ioprio_set$uid(0x3, 0x0, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x2, @perf_bp={0x0, 0x8}, 0x2, 0x0, 0x10ffe, 0x0, 0x2, 0x80000011, 0x6, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0xb)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="18000000000012000000000000000000"], &(0x7f0000000c00)='GPL\x00'}, 0x94)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000540)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc010000000000000000000000000001ac1414bb00000000000000000000000000000400100000000200201084000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000000008836791de14e4d470000000000000000000000000000000000000000000000000000000000000000000000000000000000ff0000000004000000000000332d6f1cef03ba6d2949efe800"/112, @ANYRES8=r0, @ANYRES8=0x0], 0xb8}}, 0x2404c040)
sendmsg$nl_xfrm(r5, &(0x7f0000000480)={0x0, 0x2500, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="6501000014"], 0x188}, 0x1, 0x300}, 0x0)
io_uring_enter(0xffffffffffffffff, 0x47ba, 0x3e82, 0x60, 0x0, 0x0)
r6 = syz_open_dev$usbfs(&(0x7f0000000480), 0x76, 0x160341)
ioctl$USBDEVFS_IOCTL(r6, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r6, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000500)={'veth1\x00', &(0x7f0000000200)=@ethtool_per_queue_op={0x4b, 0xf, [0x1, 0x1, 0x107fff, 0x10, 0x4, 0x9, 0xa1, 0xffb, 0x7, 0xb6b, 0x800c1, 0x4, 0x1, 0x3, 0x9, 0xff, 0x1000, 0xc, 0x3, 0x3, 0x80000001, 0xfffffffa, 0x10, 0x1, 0x9, 0x4, 0x7, 0x5, 0x100000, 0x762, 0x3, 0x63c, 0xe, 0x6, 0x1, 0x6, 0x1bfe, 0xb, 0x40, 0x40bed4, 0x8, 0x8000100, 0x3, 0x0, 0x11000, 0x8, 0x5, 0x79b, 0x5, 0x5, 0x7f, 0x4, 0xa, 0x7, 0xf, 0x101, 0x889, 0x1fa0860b, 0x7, 0xa9, 0x83, 0x2, 0x180000, 0x4003, 0x8b, 0x5, 0x2af, 0x6, 0x5, 0x2, 0x1, 0x9, 0x4, 0x7, 0x4009, 0x0, 0x2, 0x100002, 0x8, 0x752, 0x0, 0x3, 0x0, 0x10000, 0x3f6, 0xffffffff, 0x6, 0x6, 0x9, 0x80000000, 0xfdffffff, 0x2, 0xfffffffe, 0x84, 0x100, 0x5, 0x252, 0x81, 0xb, 0x4, 0x20006, 0xc50, 0x2, 0x9, 0x2, 0xd9a, 0xc8, 0x6, 0xfffffffd, 0x3, 0x2, 0x5, 0x8, 0x0, 0x4, 0x5, 0x40, 0x8, 0x4, 0x4, 0x401, 0x66cd, 0x8, 0x8, 0x5, 0x1fc, 0x1ff]}})
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="640000001000030528bd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000700000000440012800b0001006272696467650000340002800c00230006000000000000000c002100030000000000000005002500010000000500170001000000080024"], 0x64}}, 0x0)
sendmsg$kcm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000340)="2e00000010008188e6b6ffffff7fcc9f0ba1f848390000005e7b034c635600000e000a00100000000280000094", 0x69}], 0x1}, 0x24048800)
r7 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=@newtaction={0x74, 0x30, 0x1, 0x0, 0x0, {}, [{0x60, 0x1, [@m_mpls={0x5c, 0x1, 0x0, 0x0, {{0x9}, {0x30, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1c, 0x2, {{0x9d, 0x9, 0x7, 0x8, 0x4e19}, 0x1}}, @TCA_MPLS_PROTO={0x6, 0x4, 0x809b}, @TCA_MPLS_TC={0x5, 0x6, 0x3}]}, {0x4, 0x4}, {0xc}, {0xc}}}]}]}, 0x74}}, 0x0)

11m12.614795387s ago: executing program 2 (id=83):
socket$kcm(0xa, 0x3, 0x87)
socket$netlink(0x10, 0x3, 0x14)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
clock_settime(0xffffffea, 0x0)
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xe, 0x6}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x17, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000afcd48d6493790710000000000080000b2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f21caf5adcf920569c00cc1199684fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c987d669f381faca0f9d9924be41a9169bdfaf16da915b2e249f21c6eee84309e7a23c19a394830f2539fcb4e0b6eab1aa7d55545a34effa077faa55c59e88254f54077f799bf168301000000bfb1c0e6b1244d35b213bda84cc172afcc2e47a7d8b85a5e3d77ac463920e231b7ae0da8616d2b7958f91f5da6c025d060ab186d94af98af1da2b5952eb15855933a212304e035f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbb888b0255f347160ec83070000000000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab2e4b380a00d72bc0480f94479757306720399379d9271cf555c14d56b51c2298237bebfc08e0d5976a942b844139f1111f2dc5e46ac1c60a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d570ecb5e8cddbed65ff702000000a3ff4f8a4cf796b07a6ff61c5552417fd703f7f14d8b78a602ca3cdf6a662d8bc9c89c9120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e558d17879570c8ad943e392955f4f979ea13201bafe4f0f6ea508000000a0c548552b571bed5647323478a996810000000571cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151fcda6cb799c6e924966a7f90bf8fd1e75ee76bd72346cfbb526894aa7fe5e68949a3b304723177d356c4604bca492ecec37e83efceefd78a2533659edc8bef9cb85451c6a145074343caea5c4bf690441974b155f5adc681a03c0bbb8358856175e2ce8b0cbbbe3c033e54ffcebde1d9d3d350000000000000000e0f209150a07682c4e14e3a83558df6f3fc97f1730a136bdee07e98cb984b2e2304a1b63afefdb636e56bbaae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ea9e12b3025f43e7e08ccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b658a56008948e5a61561a9845e4ff29e2bd43b5b923b272341c5e093fd66a2946501559335781092cf8ce987c56cd31121624d7455f2a3666276c3c0e812b28e2f30d035cee5d0e77a3c72208ec651cc0ae637fa474816bc59d2e2a00092419304b338a987e9d3044d856ce24f370030be3b5f79f030b8d3ebcef5af469abe753314fae31a09c3a041a1e7b55c4e81dba1e12289ee34463aaf28345bde0c195bc9f022ca8ce37ed85464c31679053e7f9d04bb5cb51da0b7958989fd70f241262d0af3246eb4fc4bda345360200000001fbddeacd3adaa4d2715e21c772ccd44341f7fd53df58ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d419de1a7b5c9dc22c96295a0600adf59d44e58eb1c60b3475be31a9b7cf42b6402312d2725b8d9fa7000008000000000000117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adecae50fdb408c8a80f7f02f750d6c977a1919f9f69a6cfefdf879d447df53f3b9b70d10355b07466d1ef0056b5af553d18a6cd50feeb7bfad9b7be3283b6450d34264e7712d2f1d7004548b19162cef04d18d4f5987baab97a9bfbd8f185b5a71e0d7696caba172745c7dd919ffb631820420b75b6522c0e21c882c66f4f25ffb6d95e07e068000000000000eb5b63e45d5d80fe52734093ae5aa3c0b4f3f45bfff201000000000000002e31560e5b741445ea2a1acee2e98c9f3427834ba0a765d20b30f87af976a46f9a9a1ac7dea1ea6845f9aa66237e0dacc107f532348cc2116473381e961f3d9c8c21578fe3245097c280abe51427b9f6cd72b5da6d0252803c66730cd5eac907f09b9695906313f8873522608c6f0100000000000000f721303e6b89e5c54d680ac66d09af90dbf50ee69a39265964279d174b0000000000000000000000fa08ad0731ba49fbf981f8265e7f1f4c2d97f4680b135f87c228ce69418a282b6caa2481a0df1774fa7d94944bb92d2b89f73f0e8b63f6316c5762f3288bc970720f48b5647dd177db6810fae0533496b6d58da50ee80a6b9a7438978c5465113f668eb4484350048289d07dbef325d3221a7cb35f812f257941a9781e3214c2a3dcf89d99844b762a9cf17548c54fccad2c7ae8072b82e0880815daf966bd5343c1635e123f868a7167cfcff33320253af570f4ef9c0254afdd89ac3943562b530dd88da8a94013bbaf204bebc38055adc39f07f7c22711f4d1f6dcc928d1578a093c072e0b92babc76f47ee367e745a024a2278319d9a4d1378482b74c516647652bfb6e93002494a5cd74e2a9a4734487062437da23e1efa6ef7674108aaa3ffac859c3577c2637bb3bdc69bc365b1f20dba96b8acca62f3f80045318de0facf2ed44b814e842c2a520159bb6c320cec0910c0b8bd3d547bdfba2e09d24d117ed0388afd37affbad2f9c77c9c1314a16ffe64f5e3744a2fffd7039670f5706e589a4c3868db06fd892d68a547477f8ef686ff0dba7b8c18c94d5a89b0567a851750a35d9cc2217db890d89385fcaa00f0f2e524672e6f4c8bedfd5da5b157709b8265cf511dc5846ab1d85916c4a6b2d1b408575982e11230cbac0a9c6eaa03c945645581f678403c2a936c53ae72940aa92bcf22b82c6bc028e0acdddf9fef595f0f7a9f80c0e4c659ced769ec463d26a81e468846761a8e1efd6a031ab7adc8665e267be0065cc315aa23012423ec8b8492d9b50fa4d8c5891959b761eec6dc988532782fda13239c63737039350db59e25c796b79cc04f3d1a5a13000000001e301d82"], &(0x7f0000000000)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
syz_clone(0xe50c1700, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = dup(0xffffffffffffffff)
ioctl$TCSETS(r2, 0x40045431, &(0x7f0000000dc0)={0x0, 0x4, 0x0, 0x0, 0x1b, "0062ba7d820700000000000000000000096304"})
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000c80)={&(0x7f00000005c0)=ANY=[], 0x0, 0x4a, 0x4a, 0x0, 0x0, 0x10000, @value=r2}, 0x28)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xfffffffd, 0x1, @perf_config_ext={0x3fffffffc}, 0x0, 0x4, 0x0, 0x3, 0xfff, 0x8001, 0x8000}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
iopl(0x3)
r4 = syz_open_dev$vcsn(&(0x7f00000000c0), 0x86, 0x509e03)
fsopen(&(0x7f0000000080)='securityfs\x00', 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, 0x0)
getpid()
ioctl$XFS_IOC_ERROR_INJECTION(r3, 0x40085874, &(0x7f0000000140)={r4})
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./bus\x00', 0x1210010, &(0x7f0000000340)=ANY=[@ANYBLOB="696f636861727365743d69736f383835392d372c757466383d312c696f636861727365743d63703835372c73686f72746e616d653d6c6f7765722c6e6f6e756d7461696c3d302c7379735f696d6d757461626c652c73686f72746e616d653d6c6f7765722c696f636861727365743d61736369692c73686f72746e616d653d6c6f7765722c756e695f786c6174653d312c757466383d312c71756965742c756e695f786c6174653d312c756e695f786c6174653d3100000000000000026d653d6d697865642c72736469722c756e695f786c6174653d302c757466383d302c00"], 0x1, 0x379, &(0x7f0000000880)="$eJzs3U1oI1UcAPB/OmnSLmh7EwUhehO0bPemF1ukC4u9qAQ/DmJwuypJFVostodN60HxKHjUkzcFPXgQjyII4s2DV1cQP/Cge1vZxSfJ5GOapN2u2ErZ3w+avL73/u//JjMk02Hy+sJSNC9Ox6WrV3+OmZlSlJceW4prpZiPLPp2Y1xlQh0AcDpcSyn+TLnRtpnJIaUTmBYAcIy6n/8vRUQt5vOaN78+rH/y6Q8Ap17v7//Zw/occB0g4rVjmRIAcMzGrv/fv6+50v0p938tF+4KAABOq6eefe7x5dWIJ2u1mYj1t7fqW/V4ZNi+fCleiVasxdmYixsR+YlC56HUfTx/YXXlbK1Wa8cv81GPiKleYD0/U1jOuvHVWIy5mO/F9842UkrZ+c9WVxZrXRGx2+7mj/XSVn06zvTy/3Am1oYnHv1Buk8RF1ZXztV6A9TX+/HtiL3hjQqd+S/EXHz34mCYlPp3MK6uXF7sT3oYv1WvxsXBqzB+BeTQCyYAAAAAAAAAAAAAAAAAAAAAAHATC7WB+cH6OanznK+Us7Awob27Pk4e31sfaC9fHyhVU6T0xxsP1d/JYt/6QKPr82xZSBAAAAAAAAAAAAAAAAAAAAAGNrcr0Wi11jY2t3eaxUJ7Y3N7KiI6Na9+88lXszHe5yaFcp6iGjFIUeul3Wk2UtbvnLKI8fCsk7xf89HngxkX+1QHWzFxGtWDm1qtO+776f1hzb1Zf+S/h32ymLyBWWEaj46MvH5nPqVbeaEGhXPFmup49isppULNW8Xwy8+PDxiliPKt77id5lQc3Cd1CtfTy3f3X/3Glyn3wINzT19578Pfmo1WJ3N092BlY/NGajZK/c5HyN4bLnV3wfDYKEVeKBWPhPJhA+7tr2lk3//+zD3vfntw9igPa1Kx6fXO8TzSOcs359PRcSp5oTPNkabZYfh0byNaa9MjB/+E/T5W+Bf79K4Pvvg4pR9/PWpU4U1iauxto/TfvPsAAAAAAAAAAAAAAAAAAABFhe+K97503c4bpg+LeviJE5oeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJyI4f//LxT2dmOk5iiF6+0JUdW1jc2IyoTMf/0PWwsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwO3qnwAAAP//7gFmJg==")
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000000)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0xfffffdab)
unlinkat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x0)
linkat(0xffffffffffffff9c, &(0x7f0000000c00)='./file1\x00', 0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x400)
getdents64(0xffffffffffffffff, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0)
semctl$SETVAL(0x0, 0x0, 0x10, 0x0)
r5 = syz_clone(0x2280, 0x0, 0x0, 0x0, 0x0, 0x0)
rt_sigqueueinfo(r5, 0x13, &(0x7f0000000000)={0x24, 0xfe81, 0xffffffff})
tkill(r5, 0x12)
waitid(0x1, r5, 0x0, 0x8100000e, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x40000020, 0x0)

11m10.981702459s ago: executing program 2 (id=103):
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x70bd2c, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xffff}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x75, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0xa, 0x7f61, 0x1, 0xc5, 0xe23, 0x3, 0x1, 0x7fff, 0x1}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20008001}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000b40)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0x80000, {0x0, 0x0, 0x0, r3, {0x0, 0x9}, {0x5, 0xb}, {0xffe0, 0x3}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x200a, 0x1, 0x406, 0x10, 0xffffffff, 0x9}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4008000)
r4 = socket$unix(0x1, 0x1, 0x0)
r5 = socket$kcm(0x11, 0x3, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r6)
socket$unix(0x1, 0x2, 0x0)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$kcm(r5, &(0x7f0000000280)={&(0x7f0000000380)=@xdp={0x2c, 0xdd86, r7, 0x3e}, 0x80, &(0x7f00000001c0)=[{&(0x7f0000000180)='\'', 0x1}], 0x1}, 0x5)

11m10.313433173s ago: executing program 2 (id=107):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={<r1=>0x0, 0x10, &(0x7f0000000040)=[@in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x20}}]}, &(0x7f0000000100)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x85, &(0x7f0000000240)={0x0, @in={{0x2, 0x0, @empty}}, 0xff, 0x3}, 0x90)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000840)={r1, @in6={{0xa, 0x4e20, 0x3ae, @empty, 0x129}}, 0x2, 0x2, 0x614, 0x1, 0xa5, 0x6, 0x4}, 0x9c)

11m10.312197673s ago: executing program 32 (id=107):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={<r1=>0x0, 0x10, &(0x7f0000000040)=[@in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x20}}]}, &(0x7f0000000100)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x85, &(0x7f0000000240)={0x0, @in={{0x2, 0x0, @empty}}, 0xff, 0x3}, 0x90)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000840)={r1, @in6={{0xa, 0x4e20, 0x3ae, @empty, 0x129}}, 0x2, 0x2, 0x614, 0x1, 0xa5, 0x6, 0x4}, 0x9c)

2m6.032571425s ago: executing program 3 (id=4662):
openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/bus/input/devices\x00', 0x0, 0x0)
io_setup(0x2, &(0x7f0000000000)=<r0=>0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040)=0x3, 0x1)
syz_clone3(&(0x7f0000000300)={0x23800000, &(0x7f0000000040)=<r1=>0xffffffffffffffff, 0x0, 0x0, {0x27}, 0x0, 0x0, 0x0, 0x0}, 0x58)
io_submit(r0, 0x1, &(0x7f0000001300)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x6, r1, 0x0}])
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000002e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000140)={'wpan1\x00'})
sendmsg$NL802154_CMD_SET_SEC_PARAMS(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)={0x3c, r3, 0xa07, 0x70bd2c, 0x25dfdbff, {}, [@NL802154_ATTR_SEC_ENABLED={0x5}, @NL802154_ATTR_SEC_OUT_KEY_ID={0x20, 0x2b, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x1}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x3}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x2}]}]}, 0xffffff71}, 0x1, 0x0, 0x0, 0x40010}, 0x20008840)

2m5.772008054s ago: executing program 3 (id=4670):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000040)={0x0, 0x6d207ee5}, 0x8)
bind$inet6(r0, 0x0, 0x0)
sendmmsg$inet6(r0, &(0x7f0000000200)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x1, @loopback, 0x1}, 0x70, &(0x7f0000000580)=[{&(0x7f0000001680)='\t', 0x1}], 0x1}}], 0x1, 0x0)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000000)={0x0, 0x3}, 0x8)

2m4.866221961s ago: executing program 3 (id=4676):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c"], 0x38}}, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r4)
socket$unix(0x1, 0x1, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="440000004ec6"})

2m3.78204345s ago: executing program 3 (id=4683):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000340)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$sock_int(r0, 0x1, 0x10, &(0x7f0000000000)=0x40000009, 0x4)
process_vm_writev(0x0, &(0x7f0000000240)=[{0x0}, {0x0}, {&(0x7f0000000400)=""/134, 0xbd}], 0x3, 0x0, 0x0, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r2 = io_uring_setup(0x1562, &(0x7f0000000040)={0x0, 0x36d, 0xc000, 0xc, 0xa0002f5})
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x80000000, 0xfffffffffffffda2, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmmsg$inet(r1, &(0x7f0000000d40)=[{{0x0, 0x0, &(0x7f0000001e80)=[{&(0x7f0000000d80)="28c373ce03", 0x5}], 0x1}}], 0x1, 0x64088081)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x24, &(0x7f0000000000)=0xa, 0x4)
io_uring_enter(r2, 0x2219, 0x7721, 0x16, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
add_key(&(0x7f00000001c0)='ceph\x00', 0x0, &(0x7f0000000340)="0be7e7139e9bf2e612364ab4a70ccfe916a925c4f3e6", 0x16, 0xffffffffffffffff)

2m3.619914215s ago: executing program 3 (id=4685):
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30)
mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080), 0x1c0002, 0x0)
r0 = open(&(0x7f0000000140)='./file0\x00', 0x149442, 0x0)
ftruncate(r0, 0x200002)
r1 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000100)='./file0\x00', &(0x7f00000001c0)='./file0\x00')
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
sendfile(r2, r1, 0x0, 0x80001d00c0d0)
r3 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885}, &(0x7f0000000340)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r3, 0x3516, 0x0, 0x0, 0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x2050061, &(0x7f0000000600)=ANY=[@ANYBLOB="1866f41a8a726d6586aba0af9d313c9e94413465efd31b017d6e8a6c9d39dbf5e9a7858194253cb9b7440ea204a5bc1db686f5f3a4f51ee67df32035d38fc410dc37a7a52ac0de110af57270aeb6d985b64293529402a94f9649951d72d68c03327b5a0a0f6914cb32d90795bd9daf598d7deac5e843ceead90e3b42482baf5eaabe2136a868b06b741ef5f05737f9ede500000000000010006a30e1f455cbce0aff44f4a91b9e60f7323d38ff1d31dab2a1ec2d01630dc8f0e3d55c558e6b3a377e60335d1bb859b760fc49d9c7ed7ee2162a3230ec4c325aaf7d8ed829c8cdade8d48ba574a58a9efd4ce5b258e634d34ad056c9042c6a55b3b0540e89fcc37805baa5d4d59d367c716d3040ab0bfd8c76cda834cec91b004a9e12b06c82cedb2dcdce51d40eaf1665e847a5d3e98228408d55f5409697b7127adae37adec9266963efba6d02275ddd9f7e995cdc1e8705d0ebbf47becf2e03520815f69ff98c54db4026a2786c45fec4d77dff2d02000000000024e9289e4247ac5ad7043b0b7ee0906c9770c38a17694f9ff9f008840e1a7d179580a9733510aa73d8f6495da3797d066e8862de69c2b99597cb099a00741796bba23511db96ba5376cb298b67341a9795b878d7347cdaf1bb0fdd407eaa6b354bd6fc330476e5da22e43d39da5ed583720811663c6a9630a485dcb8a66289704a81428f7c254a0eaf8fbf7fcb32a63b2ea1abea4db0e2a85642319a60a9c496"])

2m3.477405572s ago: executing program 3 (id=4687):
perf_event_open(&(0x7f0000000000)={0x2, 0x93, 0x28, 0x1, 0x0, 0x0, 0x0, 0x3, 0x40000, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x2, 0xffffffffffffffff}, 0x6025, 0x4005, 0xb, 0x0, 0x1, 0x1, 0xb, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000014c0)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000702000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff6d6405000000000065040400010000000404000001000000b7050000400000006a0a80fe000000008500000053000000b7000000000000009500001000000000a80501363034fdb117168bd07ba00af739d1a1ee35fe163a255c33282044b32495ef8ab9adc67ccc945f105d802f5132143c0a9fc7a84452569957c1002ed7d4d8e17f791f4798c8eb483e9973320d046c3126c6afcfd84de03352c69b3edff5be26f8ffa5f8f2879021c2ea53ea79acd7fb38dd1abb75aa393cea26d465637d11f705000000473e7b7c4ae7dd5e4dee88518ddf12dddd4bfc6a4dd3b6beba51074229b0d4b504516c4c3e5d1aa044d8d00728141cd67bcd68f253288e655c6b34e02e90637ef2912ba7de26ff2357ef17f95a25780c3a057844f226ef4e912f01a201e694e3806e8c70e8b69524cd19f7525d8d66bb766f7f3f918c86a70252236800001897133af94a5a4cfc794d8b9d7c33632152c48eaf302f0b2e0c252b00000000000000006f1bbefbe08de65e3762e194ba4cae8b13535d7d11ee917bca4885bbf597a14ab2458efce78510d86272d88e0c8088f404f011289ebc5623faa1182632161e073af1d69a2e36bed435000025ecd201d2ffb0a7fa4f5d11060cdcf071defd0a8be3b69ce3e4f361aca75827426dde87fdf4617222674280f55e98107450c19b9d86329bd5b4697336112b0b8754ce3574046bf6114d1a88597850b77378fa8edfff8faf8b8ec039bab385cac0535373bb8fab90539b1a65ddff841eb671f3faf37ebdfccea0c002ad2b42047c9ec43193ccf617dbf8a12b4f189edbf9fb7c42b1f435ccd4d96822e6b70100912c92e3943e9c4f45d8bcd528fa8a3ea847f10e9b2506f3bb506f1d7fbde8010000000000a073d0de5538ab42e170b3baae34c35987b0dda497ac3f5e97e6e6aeea15c6d5ed24310100000003bb6030f84b63aaf8690db0221b1705c501f802ff59b4e683efa4b6e77e042072bd2ac37d413008ec9eb8166f6e28b49a77ed91befc65315896f88a8fb1dd679fb4c515f8b7a5b7aca6a251a89d47b728502f7e621cc0e3ba04000000c149ee6601728c750d304197c22da8650579475afd96187d881e93b42a5fdfd686d8900c44c67133dad58037fda65885a15a429edfe3027a5ebf95254744f10fd607bc3300b94932b8d944e0b083bbd86b19cb074577a25ff581d92af08a06f857310a2f14326b0b290205e91a682e00c8762cbc6b904c980eef6e6a1def886c95676dce6a8194479700a02b92bdc8d05eae1f24fdd7b80d1bb404c22f681594de2ebb9687219de8d73ac83823feb402a2415a9850d5f0183ec67be96dc0e4c2d7acf1dfe79d6771903b76e21190c22d641030e1ddacf006c3116e1803af20a5f2b5f7ba58aca5bcabbbab24414a3810788e5503e4be66d683daac5f0001000077339b4200000000108a3c87b19d5b9a00c75d84a92d6dcf00ba96edf35ede0e2b57c26e94801b498924166bde57d5f24258d9fd028096cc15a8b912b494d4bbe609031ea1ca65a548971d5d16296dd08e020000007a27310d5d01f8a8a0f5212d7f628f554afea715ccbc66cbb1016490f5d579308cb3188cf2fcaf67e0c16443d526ba4b968f07ae362c2133c168313e84beb871203880dd453c45d0a137d7f5a8b039dbfa62fb2b4214f8e69f967bf1fbd89e77fcca110000000800000000000000f8877994ebdc35f7efd41e3babd9b3782edd6776d5b6cb4ecd72c9de9b5503747d71440378cf2c2c7ea2dc5febb654a867f853713cf4c0bb322fbbe446d18dee4c821275ef18259cafc346c8b3b9fb0f3adcf6ea310a6b9a3f59e29a5909ea047fb61affb4bc8bbea1fb761b8933795b1a91358a7791aa843d07020e8bb6fc18458c49ac6313e7165b7d9f65e94a62b69f1011b94340cdb7303f01e5cdb5682ddf73d65c3de1d88dd7496d6345d5b9de0223988056a53e19a8b96b9640bc6c09d3c2ff894d626b57c776ed53f94d5e22ff148061b37f72bd92924cb1d0a725e19b264346b7cae0251a850de78316503f3c3d395c7e3f04fc8d52583327cd2341ce4b2d092815376299686f41353b2823814563011a2223b9dd00000000000000000000003a131374a3371cb3e2a9bb4d798b91cefa444501f40b7c9589e8c0bb6c82123d2b45ce905d0903b32ecf30e828c71a07a83f3275f3d661d1af0ffbd5d7f0"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r0, 0xfeffff, 0x113, 0x0, &(0x7f0000000700)="c45c57ce395de5b289f07d637a223920f181c2e57d71483cfb2d075a3ff07258e080a194805cdb0c26d3f7ffb1e0d9cf4fa36dcb2168b72de48ac8f93e6804f1c4d70898d0810e044d7e1778eaac5dfdcc9f1208905522025bcfdf1b6f969b094d5c022c2b7ffefde71e0627b9a2069cc1e0175c4b8860aad4b0a103c589f676b6c4e85eb3950c533b6e62c39ccf9ae9bfe54ee5887358d44f46337fbe090d7c7e55847edee8130ffd3d1e719e01a68b0e691c0d35b0b56e0b514036342fd56f08ac0083f3c2fe41a1295a3d23cf3d160d4fd90f66beba68860456ed41272e1e68d16c2564c85f5556e18784113c493d13253e14d6eb891707fba3c30d07d5ee8619e4426cafec4cf6a3723c455d09b586b248", 0x0, 0xf0, 0x0, 0x0, 0x99, &(0x7f0000000000), &(0x7f0000000140)="f3a21479b3d8548229ab2f09d83398224cd1e1ed251009006600990f9156cf234965a2ed940a331db3cebebeb21b89e50e90b7be13a72a5307081bc02a81c20fca827c1087e22af347030daa8c13e0c1836f8640d5f6afe1c0f72f5daf9d627d8c52556c71895d85b2910ed3748b47db7c0d8ca49a438c7cffa76f1a32fc43879d64805a3f01aaad02cfcabce255065e70579ee4a2f8ea9b79"}, 0x50)

1m48.428511399s ago: executing program 33 (id=4687):
perf_event_open(&(0x7f0000000000)={0x2, 0x93, 0x28, 0x1, 0x0, 0x0, 0x0, 0x3, 0x40000, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x2, 0xffffffffffffffff}, 0x6025, 0x4005, 0xb, 0x0, 0x1, 0x1, 0xb, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000014c0)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000702000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff6d6405000000000065040400010000000404000001000000b7050000400000006a0a80fe000000008500000053000000b7000000000000009500001000000000a80501363034fdb117168bd07ba00af739d1a1ee35fe163a255c33282044b32495ef8ab9adc67ccc945f105d802f5132143c0a9fc7a84452569957c1002ed7d4d8e17f791f4798c8eb483e9973320d046c3126c6afcfd84de03352c69b3edff5be26f8ffa5f8f2879021c2ea53ea79acd7fb38dd1abb75aa393cea26d465637d11f705000000473e7b7c4ae7dd5e4dee88518ddf12dddd4bfc6a4dd3b6beba51074229b0d4b504516c4c3e5d1aa044d8d00728141cd67bcd68f253288e655c6b34e02e90637ef2912ba7de26ff2357ef17f95a25780c3a057844f226ef4e912f01a201e694e3806e8c70e8b69524cd19f7525d8d66bb766f7f3f918c86a70252236800001897133af94a5a4cfc794d8b9d7c33632152c48eaf302f0b2e0c252b00000000000000006f1bbefbe08de65e3762e194ba4cae8b13535d7d11ee917bca4885bbf597a14ab2458efce78510d86272d88e0c8088f404f011289ebc5623faa1182632161e073af1d69a2e36bed435000025ecd201d2ffb0a7fa4f5d11060cdcf071defd0a8be3b69ce3e4f361aca75827426dde87fdf4617222674280f55e98107450c19b9d86329bd5b4697336112b0b8754ce3574046bf6114d1a88597850b77378fa8edfff8faf8b8ec039bab385cac0535373bb8fab90539b1a65ddff841eb671f3faf37ebdfccea0c002ad2b42047c9ec43193ccf617dbf8a12b4f189edbf9fb7c42b1f435ccd4d96822e6b70100912c92e3943e9c4f45d8bcd528fa8a3ea847f10e9b2506f3bb506f1d7fbde8010000000000a073d0de5538ab42e170b3baae34c35987b0dda497ac3f5e97e6e6aeea15c6d5ed24310100000003bb6030f84b63aaf8690db0221b1705c501f802ff59b4e683efa4b6e77e042072bd2ac37d413008ec9eb8166f6e28b49a77ed91befc65315896f88a8fb1dd679fb4c515f8b7a5b7aca6a251a89d47b728502f7e621cc0e3ba04000000c149ee6601728c750d304197c22da8650579475afd96187d881e93b42a5fdfd686d8900c44c67133dad58037fda65885a15a429edfe3027a5ebf95254744f10fd607bc3300b94932b8d944e0b083bbd86b19cb074577a25ff581d92af08a06f857310a2f14326b0b290205e91a682e00c8762cbc6b904c980eef6e6a1def886c95676dce6a8194479700a02b92bdc8d05eae1f24fdd7b80d1bb404c22f681594de2ebb9687219de8d73ac83823feb402a2415a9850d5f0183ec67be96dc0e4c2d7acf1dfe79d6771903b76e21190c22d641030e1ddacf006c3116e1803af20a5f2b5f7ba58aca5bcabbbab24414a3810788e5503e4be66d683daac5f0001000077339b4200000000108a3c87b19d5b9a00c75d84a92d6dcf00ba96edf35ede0e2b57c26e94801b498924166bde57d5f24258d9fd028096cc15a8b912b494d4bbe609031ea1ca65a548971d5d16296dd08e020000007a27310d5d01f8a8a0f5212d7f628f554afea715ccbc66cbb1016490f5d579308cb3188cf2fcaf67e0c16443d526ba4b968f07ae362c2133c168313e84beb871203880dd453c45d0a137d7f5a8b039dbfa62fb2b4214f8e69f967bf1fbd89e77fcca110000000800000000000000f8877994ebdc35f7efd41e3babd9b3782edd6776d5b6cb4ecd72c9de9b5503747d71440378cf2c2c7ea2dc5febb654a867f853713cf4c0bb322fbbe446d18dee4c821275ef18259cafc346c8b3b9fb0f3adcf6ea310a6b9a3f59e29a5909ea047fb61affb4bc8bbea1fb761b8933795b1a91358a7791aa843d07020e8bb6fc18458c49ac6313e7165b7d9f65e94a62b69f1011b94340cdb7303f01e5cdb5682ddf73d65c3de1d88dd7496d6345d5b9de0223988056a53e19a8b96b9640bc6c09d3c2ff894d626b57c776ed53f94d5e22ff148061b37f72bd92924cb1d0a725e19b264346b7cae0251a850de78316503f3c3d395c7e3f04fc8d52583327cd2341ce4b2d092815376299686f41353b2823814563011a2223b9dd00000000000000000000003a131374a3371cb3e2a9bb4d798b91cefa444501f40b7c9589e8c0bb6c82123d2b45ce905d0903b32ecf30e828c71a07a83f3275f3d661d1af0ffbd5d7f0"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r0, 0xfeffff, 0x113, 0x0, &(0x7f0000000700)="c45c57ce395de5b289f07d637a223920f181c2e57d71483cfb2d075a3ff07258e080a194805cdb0c26d3f7ffb1e0d9cf4fa36dcb2168b72de48ac8f93e6804f1c4d70898d0810e044d7e1778eaac5dfdcc9f1208905522025bcfdf1b6f969b094d5c022c2b7ffefde71e0627b9a2069cc1e0175c4b8860aad4b0a103c589f676b6c4e85eb3950c533b6e62c39ccf9ae9bfe54ee5887358d44f46337fbe090d7c7e55847edee8130ffd3d1e719e01a68b0e691c0d35b0b56e0b514036342fd56f08ac0083f3c2fe41a1295a3d23cf3d160d4fd90f66beba68860456ed41272e1e68d16c2564c85f5556e18784113c493d13253e14d6eb891707fba3c30d07d5ee8619e4426cafec4cf6a3723c455d09b586b248", 0x0, 0xf0, 0x0, 0x0, 0x99, &(0x7f0000000000), &(0x7f0000000140)="f3a21479b3d8548229ab2f09d83398224cd1e1ed251009006600990f9156cf234965a2ed940a331db3cebebeb21b89e50e90b7be13a72a5307081bc02a81c20fca827c1087e22af347030daa8c13e0c1836f8640d5f6afe1c0f72f5daf9d627d8c52556c71895d85b2910ed3748b47db7c0d8ca49a438c7cffa76f1a32fc43879d64805a3f01aaad02cfcabce255065e70579ee4a2f8ea9b79"}, 0x50)

8.353880997s ago: executing program 0 (id=5376):
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = io_uring_setup(0xce2, &(0x7f0000000100)={0x0, 0x9cb8, 0x200, 0x2, 0x126})
r1 = io_uring_setup(0x724c, &(0x7f0000000180)={0x0, 0x40002c3f, 0x4000, 0x21, 0xe5, 0x0, r0})
r2 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000300), 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYRESOCT=r1], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x40f00, 0x0, '\x00', 0x0, @sk_msg, r2}, 0x94)
setreuid(0xffffffffffffffff, 0x0)
close(r3)
socket(0x28, 0x5, 0x0)
unshare(0x2040400)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x6)

8.18332316s ago: executing program 0 (id=5378):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/82, 0x2000, 0x1800, 0x3, 0x3}, 0x20)
sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="a00000001000010427bd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000008000128009000100626f6e64000000007000028005001100010000000800030004000000080013000e00000014000880640100020a010100ac141435ac1e0001080012"], 0xa0}, 0x1, 0x0, 0x0, 0x48000}, 0x0)

7.703801074s ago: executing program 0 (id=5380):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
unshare(0x22020400)
connect$bt_l2cap(r0, &(0x7f0000000680)={0x1f, 0x20, @none}, 0xe)

7.443926783s ago: executing program 0 (id=5382):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
unshare(0x22020400)
connect$bt_l2cap(r0, &(0x7f0000000680)={0x1f, 0x20, @none}, 0xe) (fail_nth: 1)

6.373180685s ago: executing program 0 (id=5387):
capset(&(0x7f0000000080)={0x20071026}, &(0x7f00000000c0)={0x200000, 0x200000, 0xffffeffc, 0x3, 0x3ffffd})
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f000000c640)={0x0, 0x0, &(0x7f000000c600)={&(0x7f00000007c0)=@ipv4_newrule={0x24, 0x20, 0x1, 0x70bd2d, 0x25dfdbfb, {0x2, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4, 0xf}, [@FRA_SRC={0x8, 0x2, @loopback}]}, 0x24}, 0x1, 0x0, 0x0, 0x40841}, 0x40080c0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x14)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x1)

5.433409806s ago: executing program 4 (id=5391):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr', 0x3)
sendmmsg$inet(r0, &(0x7f0000001240)=[{{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000ac0)="f77d2b5dd5f7d74f0748cf3d2cf218d644566a14103b1c7dd35fd2951bd022f10f2dc7f4ce0d8ac5f4abaca4b97b706153756913b7dd48248b5bfb10460019248bf238743fa2aeb5bef21ce832db670920dc5e911ef2ad63e849901d1001129dbacbfd4924d7545517fd18b5d29978f32a5b5c81755cb89cc0490958ba3211eb99df5cdbbc0f9c941aaa1495893dada02d8188acd26b5afd7476413f322c8f79de769debb56343f3eded2dca93ed6641e50fe595e1e0dbe84ed0f70abb4ed2dfb6648df7dbbd18fa5533a6b0acc138c81a8acbcb2fb79a7d7857d41bca238e0548c5e955d74bbb106fe965274cbb3a29b895df0b4e028b6d65c115b81328e0b660253f1c9a359dde67917fa232e2f566483ddbb93ff9b103c1cac356c9f0f6ab5fe77ea4610f71ec6dc988fddf29b8d0b6aaa82752580b62b5f51800d10077f07319b6ffeff06e4dea184fd7a0a0f4d441763e30d1bc475502a1de1ffbc0e30cb1", 0x161}, {&(0x7f0000000e80)="31cef842d9c50636f60fc0cfdac56c75f1687f0c56287423f5eed69f117e766bdbad0c2171ad6227e1173ab6efa2fcb1c420a51a0917861009000000f049c606ccab7cda1f0e3490fbe385ea3822948825e11e7557f9c9c810bd8a1420e33eb1be6f10cfb24eb7cccdf1528ef33b34ab07cdb0909a9ba9547e1e343b451d9025c4e153612d4674b9411fb4de295599abbcb388d291aa839ab0954e6a8dfc19c3c1533a11d81e03a4879bd736f1caacc2bbf1194598a652677efb930a5b6ee292c57402e0cc07a9a26ee794e46e604a9aec550d12af09f782e1f6a996f0756604847689d37ee3047e61531a8672447cb501b2560bc0e0c5fb2c9f341ed3972b30190e930af94642ab1557e286442cfa6a84ad931e99549640705cd6261ca7094910df055747e2e2ae170e7850093bf0aa3370e03222b5de4597ca76f3193d4a45e424b540f29287411ed8430a0154cb04be18c214e5a6f37f478b6a83659c4a504cd77fe592bfd717fe19e8f5bc47d75d9ca4e1c467a857e41e51539d16e1ea8762a60e30a2e2d3bc061112321024ad09d3029752d341055db5247c5706959def1d3ab6fd5d8463652000f5f265c633380362d34d4a49bc763dcf36633d0d0e1abe3d0dc446368d1f67cbbba75b390cc2be44b6df03469d4c5c025d274b1c0bf4dd0157fa35852de37b35374298a43b1dbfef0d732e389fb8ea31891ee2aee16df147216d41f9c889", 0x208}], 0x2}}], 0x1, 0x50)
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000001380)="bc263d7f455169251dc0ac2707d978a06fffc49727783f1a8f7bc38262c61dd060fbfb2a86865578be93be281bb71fd035896c85e9179a87deaced2a55ecb9217cfa7c3b41b7f7b2c726933e601290c97b9984fb7d6ef6ff2bdfc1ad457199e99d7170b5322bd085aeaa786e365ed06082e58ccda390fd046d907dc982517001636335d7dfa35262cde7f2b76e48c0b2b4411235b8b8ec9a566d2f75a4611a2244460b7ca85a3cefe43ba6ef2a60ddb86917fe6a60d3008e226ccaba38a6aa23d2b3631a7a9180f5ba459bcb5169f71888ea04eb18448e91057e7f81ea37dd6ce155b2bf1fc8e3404fcf22d89367d7cef2c25e862fa8f4728a7114d5a40cfee57991a0947001d0da71e9655db1902543dc809b17ec87e64b64903dcf7cc4ae863804f717ab9503ddb1e5e02afb25e394dbac3cef0a4f115bd179b06493c44c16d957cf1c34eccfbfc8c6227c89e8b93ffdca5f8c1ed36d6a4963ed8d8dbbb1a72e8ebd9a6901022940c3370b3a7d553e888be3a4c657af30669c389040afac5000b9af28581ac89538c04a925a3caf66962a74d4100a6f6f7d97b21044ae2676b1188934b080269df35b83e1bbe1aa4ea6246332d3bc9f1550fd9d373ec196a5309f91990f201ba8e1afd05c52eb8d7f8ad2fac0a60df98563fbcecf8f4af32392df213fe9956fe7950a629c15c20a579198eea5dcdfa415309107ad8ee9819981e655a7fca8be1e7b83c51255b1cb83e10a2ae9c0ddb9d970429681e85da618aeb7b0860f84fb7782e8c28c44e87b99062186750731cd1810d306723b7c1106550246474a767aaa69c88c4c65dc842dd6cd6031ca62a4817ceae30f752dd876653a49a4dd88f88a2bf68bf466065b21a6f226e413a91b92a4044699d1574db63a83b66a2b1cd06dc425c45348607fe1da6c3e983ff2a2a74225eb9f7e145d2b601265b58c08bd369511d61322d478a210361306a3a67f517cb409c95255cb47bf16d9965da3414dbfc86bd3950f22188bbc6c352a0c2489385e7953aec2edf0e3c0a9da64f870c76c55b23c174ffca865a415d9f7d62fc555c57f07fd30e54f9e9c1496ff19ce8950d781310d6ca2ebb17f51b57afc37e18a453efeb8ffd59e374425a47b40d3741e0b0de8eadf752e02b3a3c9cb9d1501f6026aacc422555defb9e1a63eeb721ce833ab9ad9134b03c9b38875ef3ee8051c7e9e305964c2fdbf7661d0329a3d166ae148949f9b70b4f70052352bc4d45d1b69c508b9148c94269e0ad17a1686cd77852e41bfb5ec29627673c0ba3c78a1e77489571894765939a98972850eb26b6d64a1758838535af6c09e8489fa73069a839e63ced47ba730cdd17d08a5cfc015b4c04347a89453d3a3bb9fee0dd4a8eaf859ac83425f22d13ae4c550f3a25c4a82f0d4905d29831b5794bae5d367ee5e1f65f6eb3ec6aec1eed9c6591d742321d9a73be8a87e8b7302cee7529f2f1f86ed0ebff3a411d28a431961d696a418905ba290ea457f60713205cbb275c6366feddb9d33de03080e23f28d5e3a85ab0c589e7f6fcf7ae6f5dd5ebd85e200a2aeefe039845aacccea1e5b841eae5c6389e290f3e225e8a407ea6022aeec74ad58016230f145b31f6c", 0xfdef}], 0x1)

5.318441288s ago: executing program 4 (id=5392):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000080)=ANY=[@ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x20004880}, 0x40000)
r0 = socket(0x15, 0x5, 0x0)
connect$unix(r0, &(0x7f0000000080)=@abs={0xa}, 0x6e)

5.217916262s ago: executing program 4 (id=5393):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x7}, 0x0, 0x10000, 0x0, 0x5, 0x5, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000008}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=@newqdisc={0xb4, 0x24, 0xf0b, 0x70bd26, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0xffff}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x1, [0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1], 0x0, [0x1, 0x2, 0xfffe, 0x1d0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c4, 0x8000, 0x0, 0x0, 0x3dc], [0x0, 0x4, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]}}}}, @TCA_STAB={0x2c, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x2, 0xa, 0xfc00, 0x139, 0x1, 0x2, 0x401, 0x4}}, {0xc, 0x2, [0x7f, 0x3, 0x1050, 0x200]}}]}]}, 0xb4}}, 0x20000000)

5.080492841s ago: executing program 4 (id=5395):
syz_clone(0x0, &(0x7f0000000200)="fd3579949ed0df416617d5eac8e81e72d2ba3bc76f42fe6a1d2e21c9d983b6b3aadf17ce92c3ea8ed72a7daa40f1b455f2eb861e3636e5c58e23c5c8db3a0aada195f7b00a9a369d2be15bc67875d2bf186897a8beb10995c86e320ed69fc7db5eccaa27035c6797a0f5c99b2478f3ab8e0bbfaf4b13b99984e2d6089d4dc1cb025cdc41fabeba27fdac59426319307677ec6c6762337b93aa68777b35d1b7d61dd2489f7c41e06277c6a5877d1c6485f92a506de3d463eb6e159fa619deee3f9e139b2eafb1a7699348782c3aff2e8802af347418d63eb3a34a43138edfa67be38caa", 0xe3, &(0x7f0000000080), &(0x7f0000000140), &(0x7f00000003c0)="269d23220a2e7392bf68be32180e9f7a85e83f96bed1653895f3640961bf942b39cc556095b33604a11a31973733a83cb7f190cf561ffd7a35487dd843300db2edb95a2d9dfe26834d08c338a7bd16e0fb43b3f5b0902f0eb39bc6a50000000000000000b5183cfc46e2ebf4eaeebc48af8b84575bc5e05ce32ae150cf80c6cea7b42bc59e33b1e2804d199e3fbdd31b254a2beaf8fc97347bb0750ae8ef29b95fca650f13c949c1a8b447f5a32466568dfd4cc27d931f832856879b8f6d844eb5f2db3f3637")
r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000005c0), 0x2, 0x0)
r1 = openat$selinux_policy(0xffffff9c, &(0x7f00000000c0), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r1, 0x0)
write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x190ec)

4.852267065s ago: executing program 0 (id=5396):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x42901, 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x8, 0x40008, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f9cf02e, 0x2, @perf_bp={0x0, 0x2}, 0xd4, 0x5bd20d9e, 0x800000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
write(r1, &(0x7f0000000340)="0a000300010000", 0x7)
recvmmsg(r1, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}, 0x5}], 0x40001af, 0x12122, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r2 = socket$kcm(0x2, 0xa, 0x2)
r3 = socket$packet(0x11, 0x3, 0x300)
syz_io_uring_setup(0x3ecc, &(0x7f0000000040)={0x0, 0x3a26, 0x2, 0x0, 0x208}, &(0x7f00000000c0), &(0x7f0000000100))
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_int(r4, 0x0, 0xf, &(0x7f0000000140)=0x400030, 0x4)
bind$inet(r4, &(0x7f0000000140)={0x2, 0x4e64, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10)
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000240)={0x3, &(0x7f0000000280)=[{0x20, 0x2, 0x81, 0xfffff034}, {0x20, 0xfc, 0x8, 0xfffff00c}, {0x6, 0xb8, 0x2, 0xffff}]}, 0x10)
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x2a, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x1}, 0x106200, 0x10004, 0x20da, 0x5, 0xa, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000240)={@val={0x8, 0x800}, @val={0x3, 0x0, 0x0, 0x0, 0x14}, @ipv4=@generic={{0x5, 0x4, 0x1, 0x2b, 0x17, 0x68, 0x0, 0x60, 0x6, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast}, "11f330"}}, 0x25)

4.794864815s ago: executing program 4 (id=5398):
r0 = syz_clone(0x0, &(0x7f0000000200)="fd3579949ed0df416617d5eac8e81e72d2ba3bc76f42fe6a1d2e21c9d983b6b3aadf17ce92c3ea8ed72a7daa40f1b455f2eb861e3636e5c58e23c5c8db3a0aada195f7b00a9a369d2be15bc67875d2bf186897a8beb10995c86e320ed69fc7db5eccaa27035c6797a0f5c99b2478f3ab8e0bbfaf4b13b99984e2d6089d4dc1cb025cdc41fabeba27fdac59426319307677ec6c6762337b93aa68777b35d1b7d61dd2489f7c41e06277c6a5877d1c6485f92a506de3d463eb6e159fa619deee3f9e139b2eafb1a7699348782c3aff2e8802af347418d63eb3a34a43138edfa67be38caa", 0xe3, &(0x7f0000000080), &(0x7f0000000140), &(0x7f00000003c0)="269d23220a2e7392bf68be32180e9f7a85e83f96bed1653895f3640961bf942b39cc556095b33604a11a31973733a83cb7f190cf561ffd7a35487dd843300db2edb95a2d9dfe26834d08c338a7bd16e0fb43b3f5b0902f0eb39bc6a50000000000000000b5183cfc46e2ebf4eaeebc48af8b84575bc5e05ce32ae150cf80c6cea7b42bc59e33b1e2804d199e3fbdd31b254a2beaf8fc97347bb0750ae8ef29b95fca650f13c949c1a8b447f5a32466568dfd4cc27d931f832856879b8f6d844eb5f2db3f3637")
r1 = getpgid(r0)
r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000005c0), 0x2, 0x0)
r3 = openat$selinux_policy(0xffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r4 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x8, 0x3, 0x4c8, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x3f8, 0xffffffff, 0xffffffff, 0x3f8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'bridge0\x00'}, 0x0, 0x148, 0x170, 0x0, {}, [@common=@unspec=@helper={{0x48}}, @common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x10001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00', {0xff}, {}, 0x0, 0x0, 0x0, 0x4b}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0x3, 0x0, 0x41, 0xfffffffe, 0x2, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x528)
syz_emit_ethernet(0x4e, &(0x7f0000000180)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x18, 0x6, 0x0, @dev={0xfe, 0x80, '\x00', 0x1d}, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0xc2, 0x11, 0x0, 0x2, {[@generic={0x4, 0x2}]}}}}}}}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r3, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000004c0)='./bus\x00', 0x221081e, &(0x7f0000000440), 0x1, 0x51c, &(0x7f0000001240)="$eJzs3c9vI1cdAPDvOHF+bdqkpQdA0C5tYUGrdRJvG1U9QDkhhCohegRpGxJvFMWOo9gpTdhD9swViUqc4MgfwLkn7lwQ3LiUAxI/IlCDxMFoxuPUTewk3WziYH8+0mjmzZv6+16teW/n69gvgJF1OyIOImIiIt6NiLn8fJJv8VZ7S6/7+PDR6tHho9UkWq13/pFk9em56PpvUrfy15yKiB98J+LHyem4jb39zZVqtbKTlxeate2Fxt7+vY3aynplvbJVLi8vLS++cf/18lPr60u1ifzoyx/9/uAbP02bNZuf6e7Hk0jaXe543HU+IorHcVLjEfG9ywS7Qcby/kwMuiE8kUJEPB8RL2f3/1yMZe8mADDMWq25aM11lwGAYVfIcmBJoZTnAmajUCiV2jm8F2KmUK03mncf1ne31tq5svkoFh5uVCuLea5wPopJWl7Kjj8pl9vlyU75fkQ8FxE/n5zOyqXVenVtkP/wAYARduvE/P/vyfb8DwAMuanPdvn0VbUDALg+n3H+BwCGwHnzv68EAMDw8fwPAKOnPf/7WB8ARsmZz/+S/wAwlOT/AWCkfP/tt9OtdZT//vXae3u7m/X37q1VGpul2u5qabW+s11ar9fXs9/sqZ33etV6fXvptdh9f/6b243mQmNv/0GtvrvVfJD9rveDSjG76uAaegYA9PPcSx/+KUln5Densy261nIoDrRlwFUrDLoBwMCMDboBwMD46x4YXZd4xpcegCHRY4neLu1b/dQXhFqtVuvqmgRcsTtfkP+HUdWV//dXwDBi5P9hdMn/w+hqtZKLrvkfF70QALjZ5PiBPp//P5/vf5N/OPCjtZNXfHCVrQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICbrbP+bylfC3w2CoVSKeKZiJiPYvJwo1pZjIhnI+KPk8XJtLw04DYDAJdV+GuSr/91Z+7V2U9VvXjr+HAiIn7yy3d+8f5Ks7nzh4iJ5J+TnfPND/Lz5etvPQBwtvRZvzNPZ/uuB/mPDx+tdrbrbNPfvh0RU+34R4cTcXQcfzzGs/1UFCNi5l9JXm5LunIXl3HwOCI+36v/ScxmOZD2yqcn46exn7nW+IVPxS9kde19+v/ic0+hLTBqPkzHn7d63X+FuJ3te9//U9kIdXn5+Je+1OpRNgZ+Er8z/o31Gf9uXzTGa7/7bvto+nTd44gvjkd0Yh91jT+d+Emf+K9eMP6fv/Tiy/3qWr+KuBO943fHWmjWthcae/v3Nmor65X1yla5vLy0vPjG/dfLC1mOeqH/bPD3N+8+268u7f9Mn/hT5/T/qxfs/6//++4Pv3JG/K+/0it+IV44I346J37tgvFXZn471a8ujb/Wp//nvf93Lxj/o7/sn1o2HAAYnMbe/uZKtVrZ+X8/mC22O3RT2uPgKg7Sd/gGNKPnwbeuK9ZE9K762SvtW+BEVav1RLH6jRhPI+sG3ATHN31E/GfQjQEAAAAAAAAAAAAAAHq6jm8sDbqPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADK//BQAA//8vjMzn")
quotactl$Q_SETQUOTA(0xffffffff80000800, &(0x7f0000000240)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f00000001c0)={0x1, 0x2, 0x0, 0x6, 0x2, 0x4, 0x6, 0x7ffffffe, 0x4})
write$selinux_load(r2, &(0x7f0000000000)=ANY=[], 0x190ec)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@ipv4_newrule={0x30, 0x20, 0x1, 0x0, 0x1000000, {0x2, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x2, 0x10}, [@FRA_GENERIC_POLICY=@FRA_GOTO={0x8, 0x4, 0xfffffffb}, @FRA_TUN_ID={0xc, 0xc, 0x1, 0x0, 0x1}]}, 0x30}}, 0x8008)
kcmp(r1, r1, 0x4, 0xffffffffffffffff, r5)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42031, 0xffffffffffffffff, 0x0)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$sock_attach_bpf(r6, 0x1, 0x32, &(0x7f0000000100)=r3, 0x4)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210000, &(0x7f0000000200)={[{@jqfmt_vfsv1}, {@errors_remount}, {@quota}, {@noauto_da_alloc}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nodelalloc}, {@noauto_da_alloc}, {@stripe={'stripe', 0x3d, 0x85}}, {@orlov}]}, 0xfc, 0x57e, &(0x7f0000000cc0)="$eJzs3V1rW2UcAPD/SV/2qutgDPVCBrtwMpeurS8TBOel6HCg9zOkWRlNl9GkY60Dtwt3440MQcSB+AG893L4BfwUAx0MGUUvRIic9KRL26RZu8xky+8HaZ/nvPQ5/zznf/o8OQkJYGgdS3/kIl6OiG+SiEMt60YjW3lsbbvVh9eL6SOJev3TP5NIsmXN7ZPs94Gs8lJE/PpVxMnc1naryyvzhXK5tJjVJ2sLVyaryyunLi0U5kpzpcvTMzNn3pqZfvedt3sW6+vn//7+k7sfnvn6+Op3P98/fDuJs3EwW9caxxO40Vo5Vvg3K43F2U0bTvWgsUGS9PsA2JWRLM/HIr0GHIqRLOuB59+XEVEHhlQi/2FINccBzbl9j+bBz4wHH6xNgBqxj7fGP7r22kjsbcyN9q8mG2ZG6Xx3ogftp2388sed2+kjtn8dYl+XOsCO3LgZEadHR7de/5Ps+rd7pxsvHm9vcxvD9v8H+uluOv55o934L7c+/ok2458DbXJ3N7rnf+5+D5rpKB3/vdd2/Lt+6ZoYyWovNMZ8Y8nFS+XS6Yh4MSJORL3rrY8zq/fqnda1jv/WxoDXi82xYHYc90f3bNxntlArRMT4LkPe4MHNiFdG28WfrPd/0qb/0+fj/GO2cbR059VO6zbHn7a/Mf6nq/5TxGtt+/9Rtybb35+cbJwPk82zYqu/bh39rVP7/Y4/7f/928c/kbTer63uvI0f9/5T6rSue/ztz//x5LNGuZkE1wq12uJUxHjy8dbl04/2bdab26fxnzi+/fWv3fmfTr4+f8z4bx251XHTQej/2R31f0shfZI3LmlbuPfRFz90av/x+v/NRulEtiS7/rWXnSvbHM6GwpM+fwAAAAAAADBIchFxMJJcfr2cy+Xza+/vOBL7c+VKtXbyYmXp8mw0Pis7EWO55p3uQy3vh5jK3g/brE9vqs9ExOGI+HZkX6OeL1bKs/0OHgAAAAAAAAAAAAAAAAAAAAbEgQ6f/0/9PtLvowOeusYXG+zp91EA/dD1K/978U1PwEDqmv/Ac0v+w/CS/zC85D8ML/kPw0v+w/CS/zC85D8AAAAAAAAAAAAAAAAAAAAAAAAAAAD01Plz59JHffXh9WJan726vDRfuXpqtlSdzy8sFfPFyuKV/FylMlcu5YuVhW5/r1ypXJmajqVrk7VStTZZXV65sFBZuly7cGmhMFe6UBr7X6ICAAAAAAAAAAAAAAAAAACAZ0t1eWW+UC6XFhU6Ft6PgTiMpxngml3tPjooUSh0KNzMundne/XxogQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAm/wXAAD//zjKLhg=")
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r7, 0x89f1, &(0x7f0000000600)={'ip6gre0\x00', 0x0})
syz_pidfd_open(0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0200000004000000089dfc0001"], 0x50)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000440)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], &(0x7f0000000840)=""/254, 0x37, 0xfe, 0x1}, 0x28)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000240)={0xffffffffffffffff, &(0x7f0000000500), &(0x7f0000000200)=""/21}, 0x20)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x5, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3ffd, 0x0, 0x0, 0x0, 0x9}, [@call={0x85, 0x0, 0x0, 0x2e}, @call={0x85, 0x0, 0x0, 0x11}]}, &(0x7f0000000080)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r8, 0x0, 0xe40, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
shutdown(r6, 0x1)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(r6, 0x8982, &(0x7f00000000c0)={0x3, 'nr0\x00', {0x5}, 0x800})

4.63731745s ago: executing program 6 (id=5401):
mbind(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x4, &(0x7f0000000000)=0x1, 0x9, 0x1)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @mcast1}, 0x80, 0x0, 0x0, 0x0, 0x5c8}, 0x0)
syz_emit_ethernet(0x86, &(0x7f0000000000)={@local, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x1, 0x0, @private=0xa010102, @local}, @redirect={0x5, 0x0, 0x0, @broadcast=0x1000000, {0x17, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback, @broadcast, {[@timestamp_addr={0x44, 0xc, 0x3, 0x1, 0x0, [{@private=0xa010101, 0x4e210000}]}, @timestamp_addr={0x44, 0x3c, 0xbc, 0x1, 0x0, [{@multicast1}, {}, {@dev}, {@private, 0x8}, {@empty}, {@initdev={0xac, 0x1e, 0x0, 0x0}}, {@empty, 0xfffffffc}]}]}}}}}}}, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce620300fe"], 0xfe1b)
socket$kcm(0x10, 0x2, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
pread64(r0, &(0x7f00000024c0)=""/209, 0xd1, 0x8)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x1)
getcwd(0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
syz_extract_tcp_res$synack(&(0x7f00000000c0), 0x1, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000080)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '-Z\x00', 0x14, 0x3c, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @local, {[], {{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x20}}}}}}}, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f00000002c0)={{0x12, 0x1, 0x0, 0xe5, 0x87, 0x6e, 0x40, 0x2040, 0x1605, 0xa94, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x58, 0x83, 0xb2}}]}}]}}, 0x0)
r1 = syz_io_uring_setup(0xb5c, &(0x7f0000000640)={0x0, 0x8926, 0x0, 0x3, 0x164}, &(0x7f0000000040)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000600)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1})
io_uring_enter(r1, 0xf23, 0x0, 0xc, 0x0, 0x0)

3.832497594s ago: executing program 6 (id=5403):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000080)=ANY=[@ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x20004880}, 0x40000)
r0 = socket(0x15, 0x5, 0x0)
connect$unix(r0, &(0x7f0000000080)=@abs={0xa}, 0x6e)

3.768739324s ago: executing program 6 (id=5404):
r0 = syz_clone(0x0, &(0x7f0000000200)="fd3579949ed0df416617d5eac8e81e72d2ba3bc76f42fe6a1d2e21c9d983b6b3aadf17ce92c3ea8ed72a7daa40f1b455f2eb861e3636e5c58e23c5c8db3a0aada195f7b00a9a369d2be15bc67875d2bf186897a8beb10995c86e320ed69fc7db5eccaa27035c6797a0f5c99b2478f3ab8e0bbfaf4b13b99984e2d6089d4dc1cb025cdc41fabeba27fdac59426319307677ec6c6762337b93aa68777b35d1b7d61dd2489f7c41e06277c6a5877d1c6485f92a506de3d463eb6e159fa619deee3f9e139b2eafb1a7699348782c3aff2e8802af347418d63eb3a34a43138edfa67be38caa", 0xe3, &(0x7f0000000080), &(0x7f0000000140), &(0x7f00000003c0)="269d23220a2e7392bf68be32180e9f7a85e83f96bed1653895f3640961bf942b39cc556095b33604a11a31973733a83cb7f190cf561ffd7a35487dd843300db2edb95a2d9dfe26834d08c338a7bd16e0fb43b3f5b0902f0eb39bc6a50000000000000000b5183cfc46e2ebf4eaeebc48af8b84575bc5e05ce32ae150cf80c6cea7b42bc59e33b1e2804d199e3fbdd31b254a2beaf8fc97347bb0750ae8ef29b95fca650f13c949c1a8b447f5a32466568dfd4cc27d931f832856879b8f6d844eb5f2db3f3637")
r1 = getpgid(r0)
r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000005c0), 0x2, 0x0)
r3 = openat$selinux_policy(0xffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r4 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x8, 0x3, 0x4c8, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x3f8, 0xffffffff, 0xffffffff, 0x3f8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'bridge0\x00'}, 0x0, 0x148, 0x170, 0x0, {}, [@common=@unspec=@helper={{0x48}}, @common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x10001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00', {0xff}, {}, 0x0, 0x0, 0x0, 0x4b}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0x3, 0x0, 0x41, 0xfffffffe, 0x2, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x528)
syz_emit_ethernet(0x4e, &(0x7f0000000180)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x18, 0x6, 0x0, @dev={0xfe, 0x80, '\x00', 0x1d}, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0xc2, 0x11, 0x0, 0x2, {[@generic={0x4, 0x2}]}}}}}}}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r3, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000004c0)='./bus\x00', 0x221081e, &(0x7f0000000440), 0x1, 0x51c, &(0x7f0000001240)="$eJzs3c9vI1cdAPDvOHF+bdqkpQdA0C5tYUGrdRJvG1U9QDkhhCohegRpGxJvFMWOo9gpTdhD9swViUqc4MgfwLkn7lwQ3LiUAxI/IlCDxMFoxuPUTewk3WziYH8+0mjmzZv6+16teW/n69gvgJF1OyIOImIiIt6NiLn8fJJv8VZ7S6/7+PDR6tHho9UkWq13/pFk9em56PpvUrfy15yKiB98J+LHyem4jb39zZVqtbKTlxeate2Fxt7+vY3aynplvbJVLi8vLS++cf/18lPr60u1ifzoyx/9/uAbP02bNZuf6e7Hk0jaXe543HU+IorHcVLjEfG9ywS7Qcby/kwMuiE8kUJEPB8RL2f3/1yMZe8mADDMWq25aM11lwGAYVfIcmBJoZTnAmajUCiV2jm8F2KmUK03mncf1ne31tq5svkoFh5uVCuLea5wPopJWl7Kjj8pl9vlyU75fkQ8FxE/n5zOyqXVenVtkP/wAYARduvE/P/vyfb8DwAMuanPdvn0VbUDALg+n3H+BwCGwHnzv68EAMDw8fwPAKOnPf/7WB8ARsmZz/+S/wAwlOT/AWCkfP/tt9OtdZT//vXae3u7m/X37q1VGpul2u5qabW+s11ar9fXs9/sqZ33etV6fXvptdh9f/6b243mQmNv/0GtvrvVfJD9rveDSjG76uAaegYA9PPcSx/+KUln5Densy261nIoDrRlwFUrDLoBwMCMDboBwMD46x4YXZd4xpcegCHRY4neLu1b/dQXhFqtVuvqmgRcsTtfkP+HUdWV//dXwDBi5P9hdMn/w+hqtZKLrvkfF70QALjZ5PiBPp//P5/vf5N/OPCjtZNXfHCVrQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICbrbP+bylfC3w2CoVSKeKZiJiPYvJwo1pZjIhnI+KPk8XJtLw04DYDAJdV+GuSr/91Z+7V2U9VvXjr+HAiIn7yy3d+8f5Ks7nzh4iJ5J+TnfPND/Lz5etvPQBwtvRZvzNPZ/uuB/mPDx+tdrbrbNPfvh0RU+34R4cTcXQcfzzGs/1UFCNi5l9JXm5LunIXl3HwOCI+36v/ScxmOZD2yqcn46exn7nW+IVPxS9kde19+v/ic0+hLTBqPkzHn7d63X+FuJ3te9//U9kIdXn5+Je+1OpRNgZ+Er8z/o31Gf9uXzTGa7/7bvto+nTd44gvjkd0Yh91jT+d+Emf+K9eMP6fv/Tiy/3qWr+KuBO943fHWmjWthcae/v3Nmor65X1yla5vLy0vPjG/dfLC1mOeqH/bPD3N+8+268u7f9Mn/hT5/T/qxfs/6//++4Pv3JG/K+/0it+IV44I346J37tgvFXZn471a8ujb/Wp//nvf93Lxj/o7/sn1o2HAAYnMbe/uZKtVrZ+X8/mC22O3RT2uPgKg7Sd/gGNKPnwbeuK9ZE9K762SvtW+BEVav1RLH6jRhPI+sG3ATHN31E/GfQjQEAAAAAAAAAAAAAAHq6jm8sDbqPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADK//BQAA//8vjMzn")
quotactl$Q_SETQUOTA(0xffffffff80000800, &(0x7f0000000240)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f00000001c0)={0x1, 0x2, 0x0, 0x6, 0x2, 0x4, 0x6, 0x7ffffffe, 0x4})
write$selinux_load(r2, &(0x7f0000000000)=ANY=[], 0x190ec)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@ipv4_newrule={0x30, 0x20, 0x1, 0x0, 0x1000000, {0x2, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x2, 0x10}, [@FRA_GENERIC_POLICY=@FRA_GOTO={0x8, 0x4, 0xfffffffb}, @FRA_TUN_ID={0xc, 0xc, 0x1, 0x0, 0x1}]}, 0x30}}, 0x8008)
kcmp(r1, r1, 0x4, 0xffffffffffffffff, r5)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42031, 0xffffffffffffffff, 0x0)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$sock_attach_bpf(r6, 0x1, 0x32, &(0x7f0000000100)=r3, 0x4)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210000, &(0x7f0000000200)={[{@jqfmt_vfsv1}, {@errors_remount}, {@quota}, {@noauto_da_alloc}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nodelalloc}, {@noauto_da_alloc}, {@stripe={'stripe', 0x3d, 0x85}}, {@orlov}]}, 0xfc, 0x57e, &(0x7f0000000cc0)="$eJzs3V1rW2UcAPD/SV/2qutgDPVCBrtwMpeurS8TBOel6HCg9zOkWRlNl9GkY60Dtwt3440MQcSB+AG893L4BfwUAx0MGUUvRIic9KRL26RZu8xky+8HaZ/nvPQ5/zznf/o8OQkJYGgdS3/kIl6OiG+SiEMt60YjW3lsbbvVh9eL6SOJev3TP5NIsmXN7ZPs94Gs8lJE/PpVxMnc1naryyvzhXK5tJjVJ2sLVyaryyunLi0U5kpzpcvTMzNn3pqZfvedt3sW6+vn//7+k7sfnvn6+Op3P98/fDuJs3EwW9caxxO40Vo5Vvg3K43F2U0bTvWgsUGS9PsA2JWRLM/HIr0GHIqRLOuB59+XEVEHhlQi/2FINccBzbl9j+bBz4wHH6xNgBqxj7fGP7r22kjsbcyN9q8mG2ZG6Xx3ogftp2388sed2+kjtn8dYl+XOsCO3LgZEadHR7de/5Ps+rd7pxsvHm9vcxvD9v8H+uluOv55o934L7c+/ok2458DbXJ3N7rnf+5+D5rpKB3/vdd2/Lt+6ZoYyWovNMZ8Y8nFS+XS6Yh4MSJORL3rrY8zq/fqnda1jv/WxoDXi82xYHYc90f3bNxntlArRMT4LkPe4MHNiFdG28WfrPd/0qb/0+fj/GO2cbR059VO6zbHn7a/Mf6nq/5TxGtt+/9Rtybb35+cbJwPk82zYqu/bh39rVP7/Y4/7f/928c/kbTer63uvI0f9/5T6rSue/ztz//x5LNGuZkE1wq12uJUxHjy8dbl04/2bdab26fxnzi+/fWv3fmfTr4+f8z4bx251XHTQej/2R31f0shfZI3LmlbuPfRFz90av/x+v/NRulEtiS7/rWXnSvbHM6GwpM+fwAAAAAAADBIchFxMJJcfr2cy+Xza+/vOBL7c+VKtXbyYmXp8mw0Pis7EWO55p3uQy3vh5jK3g/brE9vqs9ExOGI+HZkX6OeL1bKs/0OHgAAAAAAAAAAAAAAAAAAAAbEgQ6f/0/9PtLvowOeusYXG+zp91EA/dD1K/978U1PwEDqmv/Ac0v+w/CS/zC85D8ML/kPw0v+w/CS/zC85D8AAAAAAAAAAAAAAAAAAAAAAAAAAAD01Plz59JHffXh9WJan726vDRfuXpqtlSdzy8sFfPFyuKV/FylMlcu5YuVhW5/r1ypXJmajqVrk7VStTZZXV65sFBZuly7cGmhMFe6UBr7X6ICAAAAAAAAAAAAAAAAAACAZ0t1eWW+UC6XFhU6Ft6PgTiMpxngml3tPjooUSh0KNzMundne/XxogQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAm/wXAAD//zjKLhg=")
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r7, 0x89f1, &(0x7f0000000600)={'ip6gre0\x00', 0x0})
syz_pidfd_open(0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0200000004000000089dfc0001"], 0x50)
r8 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000440)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], &(0x7f0000000840)=""/254, 0x37, 0xfe, 0x1}, 0x28)
bpf$MAP_CREATE(0xe4ffffff00000000, &(0x7f0000004440)=@base={0x14, 0x4, 0x4, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r8, 0x2, 0x1}, 0x50)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x5, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3ffd, 0x0, 0x0, 0x0, 0x9}, [@call={0x85, 0x0, 0x0, 0x2e}, @call={0x85, 0x0, 0x0, 0x11}]}, &(0x7f0000000080)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r9, 0x0, 0xe40, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
shutdown(r6, 0x1)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(r6, 0x8982, &(0x7f00000000c0)={0x3, 'nr0\x00', {0x5}, 0x800})

3.732764778s ago: executing program 5 (id=5405):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x7}, 0x0, 0x10000, 0x0, 0x5, 0x5, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000008}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=@newqdisc={0xb4, 0x24, 0xf0b, 0x70bd26, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0xffff}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x1, [0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1], 0x0, [0x1, 0x2, 0xfffe, 0x1d0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c4, 0x8000, 0x0, 0x0, 0x3dc], [0x0, 0x4, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]}}}}, @TCA_STAB={0x2c, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x2, 0xa, 0xfc00, 0x139, 0x1, 0x2, 0x401, 0x4}}, {0xc, 0x2, [0x7f, 0x3, 0x1050, 0x200]}}]}]}, 0xb4}}, 0x20000000)

3.686077661s ago: executing program 4 (id=5406):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$TOKEN_CREATE(0x24, &(0x7f0000001080)={0x0, r0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000001140)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x3d, '\x00', 0x0, @sk_reuseport=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
r1 = socket$kcm(0x10, 0x2, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000002c0)="2e00000011008b88040f80ee59acbc04130800480f0000005e2900421803001825800000000000000280000c0012", 0x2e}], 0x1}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x1, @perf_config_ext={0x8, 0x2}, 0x6000, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r2)
syz_open_dev$sg(&(0x7f0000000040), 0x4, 0x400)
syz_usb_connect$hid(0x4, 0x36, &(0x7f0000000140)={{0x12, 0x1, 0x300, 0x0, 0x0, 0x0, 0x10, 0x56a, 0x90, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x28, 0x80, 0xb, [{{0x9, 0x4, 0x0, 0x9, 0x2, 0x3, 0x1, 0x1, 0x80, {0x9, 0x21, 0x1, 0x8, 0x1, {0x22, 0xd4e}}, {{{0x9, 0x5, 0x81, 0x3, 0x400, 0x0, 0x0, 0x6}}}}}]}}]}}, &(0x7f00000010c0)={0xa, &(0x7f0000000180)={0xa, 0x6, 0x201, 0x3, 0xc, 0x4, 0x10, 0xc}, 0xc, &(0x7f0000000f80)={0x5, 0xf, 0xc, 0x1, [@ext_cap={0x7, 0x10, 0x2, 0x8, 0x1, 0x6, 0x4bdb}]}, 0x4, [{0x4, &(0x7f0000000fc0)=@lang_id={0x4, 0x3, 0x42d}}, {0x4, &(0x7f0000001000)=@lang_id={0x4, 0x3, 0x43f}}, {0x4, &(0x7f0000001040)=@lang_id={0x4, 0x3, 0x424}}, {0x0, 0x0}]})
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000006000000bca30000000000002403000020feffff620af8fff8ffffff71a4f2ff000000000f03000000000000e5000300000000002604fdffff02000016010000033800001d13f8ff000000007a0a30ff0000001f0f14000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff61623604000000000000006a89adaf17b0a6041bdeebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564163427afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101a3062cd54f9ff51d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a90144022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab540b8d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb11883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcd857ab15e355713767c536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ced301efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0981000000000000ff0f40b1888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fc08001011e32f80fb60e14b9eee094277bbc170882c8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e3f753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bb25b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b6ef9d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec035d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da740800000000000000c55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2740000000000000000000000000000000000000000000a0009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4100260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb0000000000000005375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d34d3757b1450fdb0a9a69f432e277f3a0386eb2bd3305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07618b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e040000003c3ffad44d2a376def42e41e9fc31678257e040fa7cf32c221aaac08000000000000001a00000000000000000000173570f0c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d641ef02e4d5295d756e110522a7a945b93fb705b95b6aae27a8fb33732ce1da1c0b1af8eb9222a06e984ab1e6984c8bdc12360627137ab67b6b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481efe46a4ce86be0b1d8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0c6cb4bed8594a39bd76d3ef8a7ab014e787596db796bd93a36c2880423291e3bccc86f66ba792ff4d87b3f80e5908779e51c5e9055fc5b23605cd000c723187ef09dcf4b07b06a9342f3f62ee7acddff292082c1f4d8eb9561f80873a09a1ae0c9af1121175e5600f43a1179484502009759264a5729f07c2b218fa36ba2316a99aaad0130df83d0bda1e711290f78c143ea143967b00adcd77e6ad5e48d839ea61aadb83e4d071c54691924a3830d3e7b5c198bb0ed623153590000000000000000004b985ea1702f34f2f85b168c083e810ed567e3f1979b9ed1a4bf6a10dac825c96a0828b335de445a4880bb6474157efd1a72ca46ae4cbe3ab648c9bc4867a5a4cb87d7d6d55475b34b3cb6aa9e2337d4e04a37e35109752522ac9b186ddd80c47da6a2f4ef7bb909c975520000000000000000000000219cf5c1376ab33786f6b856d354e90a2733f78f2d188057cead3480eade49d55b770fad7fa000d23da6275768810b6b2df91d3a991ea98d929d271696c258d5b735d5db11df434e7dd1b7c1ca05cea3977df564115f4ec6ffab1d2ff8a642ca50934b3fbe44b0abeba9df209566984a29dfc0466e439a94e177b3c4d5f6e92b8176b9d6ddeeeb196fa964217f88e1acc180aaa4"], &(0x7f00000001c0)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000080)={0x0, 0x0, 0x7}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x43)

3.271977375s ago: executing program 5 (id=5407):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
r1 = syz_io_uring_setup(0x315b, &(0x7f0000000080)={0x0, 0xcfca, 0x1040, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000100), &(0x7f0000000040))
io_uring_register$IORING_REGISTER_RESTRICTIONS(r1, 0xb, &(0x7f0000000380), 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x2000000, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x3af4701e)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28012, r2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
ioctl$FS_IOC_RESVSP(r0, 0x4030582b, &(0x7f0000000c00)={0x0, 0x1, 0x4, 0x40000000000000, 0x0, 0xf0})

1.958173918s ago: executing program 1 (id=5409):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000bc0)=ANY=[@ANYBLOB="1808000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000001801000000082c2500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f00000000c0)=r3, 0x4)
socket$unix(0x1, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000740)=ANY=[@ANYBLOB="61124c00000000006113660000000000bf200000000000000703000008ff0200ad0301000000000095000000000000006916000000000000bf67000000000000170600000fff07006706000002000000070600000ee60000bf050000000000001f650000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070500000419311f2d3001000000000095000000000000000500000000000000950000000000000032ed3c5be95e76b67754bb12dc8c27df8ecf264e0f84f9f17d3c30e3c72fe9751f008554bb4f2278af6d71d79a5e12810a089dc1d4681d295c45a674f888a08034b7dd399703d6c4f633a9a4f16d0a3e1282ee45a010fb94fa9de56c9d8a814261bdb94a65f78238b89dc6c60bf70d742a81b72bab8395fa64810b5b1bfd3782519518c505000000b8fab4d4d897db2c544c0e0895a9044f50c50b8eac8c63d2b1cd06a39702bd547f5ebaa69520bbb15f4f01cef3c9bacec15e2e3b2bd352e93a22adfe8efe33ff2f8ee5476d4ef7a6f0c4704403b9bad2b648e90fff24f69a5ef05f5408ea197ed09a9510ee6063229de2984abdd46ea3ec78e3127002ed37c2564bd98a621483fb2a5ff221e0d831f24759d17b8c59d0f2b0727f6b7958fb5b939af4be5e55a95f8c6d785a91c7c3f0c17ae7f9ac5ff05f5ecddf0cef90d50e763be96496661c749e21ab63a1f50b30a65a9027ba357bf8c614497ee59b68bf6a5d45c81c567e347d54574164bbea3e7b7f8a13cce7014137f250370b8a70ae3eaf6d6f17759c3886871e97d063b7f26eed3226bb0b9ee6320a2b02fea7a06a0e37182adf4b1be6f29358d4f5dfec405bde000000000000000000000000000000902e647cc5962eccaad64429335f3ce2a10ce72da82875427c1d16db24dca08487ba41a3fb337f8432d8176a515229e32ee11a1dd23dac038f989eafdd67f60b63f7be4d1bf325b57335b9973c73bfa89517a98b1fc15f8a2713718feb01059d570a0000e3b2a93bd745a74f9bf7f7abc5d15d56331055cc0820c5c9d676d92557c4e47cfbe27f91e0eb18e21dfdab3c84ec11377fbb00000000848060962bcbc47cefd1a2a7bd3b646614bf7cd3495663de5b63f6b5910daee8ebb7ba84a8b5b6f2d1fbc22a51a500f94c871d5e1d31ab5d7a89965bbdbf355a8544e1688a61f459f3618b3a5416eb143180d3d2c5f4e0b1a556422038801703e109e23944e53f230a3537a5412c7d0bf278c6c1684dd8de90aaa33f47dc2c7b5e4f73784fd31aa2f9d1b1623734f9cf84718b2bad31f651e3607f3ac6c427cb6c0652d21ecd4b29e96c0a3781ee820faab71040768f6b08a69fdfd0b2b7be25f19500c1b8330994efb57a53c1a67bda909630f75738ab40e7ab63d527d6c1e8cf611f05c1b6d0da1ba84d405b4d834162c88022a4625a5f7c431c39f3f9a7789f9b668ec4da9f1a981086dcf4c5a940691f9638ce34dba904483f2ed4e7a713b7eac29c5e122f1b6acd6f1da2"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
sendmsg$inet(r1, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000040)={&(0x7f0000000180)={0x58, 0x2, 0x6, 0x401, 0x0, 0x0, {0x0, 0x0, 0x3}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0x3}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x5}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x8}, @IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0xd37}, @IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0x7fff}, @IPSET_ATTR_PORT_TO={0x6, 0x5, 0x1, 0x0, 0x4e20}, @IPSET_ATTR_PROTO={0x5, 0x7, 0xc}]}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x58}, 0x1, 0x0, 0x0, 0x10}, 0x48840)

1.798852403s ago: executing program 5 (id=5410):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r0, &(0x7f0000000000)='D', 0x1, 0x28004044, &(0x7f0000000140)={0xa, 0x4001, 0xfffc, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x2b}}, 0xfffffffd}, 0x1c)

1.745489524s ago: executing program 1 (id=5411):
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = io_uring_setup(0xce2, &(0x7f0000000100)={0x0, 0x9cb8, 0x200, 0x2, 0x126})
r1 = io_uring_setup(0x724c, &(0x7f0000000180)={0x0, 0x40002c3f, 0x4000, 0x21, 0xe5, 0x0, r0})
r2 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000300), 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYRESOCT=r1], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x40f00, 0x0, '\x00', 0x0, @sk_msg, r2}, 0x94)
setreuid(0xffffffffffffffff, 0x0)
close(r3)
r4 = socket(0x28, 0x5, 0x0)
unshare(0x2040400)
fcntl$setlease(r4, 0x400, 0x6)

1.665636832s ago: executing program 1 (id=5412):
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
bind$nfc_llcp(r0, &(0x7f0000000880)={0x27, 0x0, 0x0, 0x6, 0x0, 0x0, "d92984bd1ca44c226af5160e961711a077609475b78411e879918d20000000f2170e65e3f50327080e000000000000001900", 0x3c}, 0x60)

1.595352441s ago: executing program 5 (id=5413):
socket$inet6_sctp(0xa, 0x1, 0x84)
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x2c, 0x0, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}]}, 0x2c}}, 0x0)

1.488227134s ago: executing program 1 (id=5414):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000080)=ANY=[@ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x20004880}, 0x40000)
r0 = socket(0x15, 0x5, 0x0)
connect$unix(r0, &(0x7f0000000080)=@abs={0xa}, 0x6e)

1.487766834s ago: executing program 5 (id=5415):
r0 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000100)={{0x1, <r1=>0xffffffffffffffff}, &(0x7f0000000040), &(0x7f00000000c0)='%pK    \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000180)={r1}, 0x4)
bind$llc(r0, &(0x7f0000000140)={0x1a, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000800)=ANY=[@ANYBLOB="5401000018000100299d7000fddbdf251d0104001e01060003fcfefeff71ec6d721744cd5200080000f8cfcad4c4ec6511ec028c5028564abce83afe14c93e15e556c2baed7f897fe841c155a2b2a4b9f3052995cdf66a9c7922ff0300005b6c67281f1519cd7c32c2bf7563b9452575505da99ea128d37616896be8764a2c78edbad5bde7a5e405bdc893770338925f824bd24689c0d11a5568fc3aaa9ad0d7766d8ea8d3bf1006e3df494e2f373148ecb4adafdd39874e9808b118301f1e76054a64c6d243523f5de7b347f3b740e105d0ed18fae7289635301ebd8949268090b3bcd4cbed5f1cfe93cff41a9630802f96defe9e8ea850529827c5e301953a8abaafa1f121e590f74e28233f4129d4587eee87ec5d42c3ef0619022c025c8d586b2a88d818b56d2a5e15c8a95d29e5b2ea000015000400030000a004050000508b276597b6c58b0100000008000500f850"], 0x154}, 0x1, 0x0, 0x0, 0x404a0c4}, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.swap.events\x00', 0x275a, 0x0)
write$cgroup_int(r3, &(0x7f0000000000), 0xffffff6a)
sendfile(r0, r3, 0x0, 0xffffffff000)
recvmmsg(r0, &(0x7f0000000640), 0x3fffffffffffce3, 0x0, 0x0)

1.101348953s ago: executing program 1 (id=5416):
socket(0x28, 0x5, 0x0)
r0 = socket(0x28, 0x5, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, 0x0, 0x2000400c)
listen(r0, 0x4)
socket$vsock_stream(0x28, 0x1, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000fc0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$inet(r2, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001400)=[{&(0x7f0000000080)="3bfdd75fa5717852d59a9367444a2130e72cd4dabc8854532cca0c32a5b9f844a4610c7525650ce3d3b76b15026d93e6dee896115e9364066aa3d14e33ef732b4681335c576902153114bdb9c74b538a71115fb1d1a63d1b04129661b29aab89d0be999a6b7c9bea755adedbf305a79f70b71d3d4c98577b49db4963ce89b0def5e840f459659cb6f86d56b069a5de11d601d348ff88ca6e5e2cfe40176880b33e9e8dbc32ba2e6a99b1b50276dc4f06166000d7069a3cc76f", 0xb9}, {&(0x7f0000000180)="892950e2405ee8629d9384a91c16d1706a3e61f305119f95cac0f1927f4c205b971eb41147cb1f86883d6910e68ac3996551800b3ec64b77f8444b18345a2c8b178eeeba0cde7319a5a46bfe7f5770e019efd9d52069edcced33a758c4e657f3a792dc193a1911b4e82ea800ad7afe03c851a8", 0x73}, {&(0x7f0000000200)="a68cde0d56b170df7710b54f17d9a39c4f98f3547190", 0x16}, {&(0x7f0000000240)="45e04400f2b383517a08c397dd0a76e67ecfc8e74573c24dedd3a48fb62418c1412fdcd15e888cb0f5d02e77bfecefda6b064c0bb2b66a9a522e63873dde02330510255eec7dfa1af708cdab59fb71eca786a359a2c3b0cbad35144ec5b069c53f90e43339845dc7fd140c55b0149ab38eb27c140f374bcc2c95b0b121d1a9302f3a01b888243b3fc0d46f0de0", 0x8d}, {&(0x7f0000000300)="87fb74cf4d67adbbd062637f514c1f5eb18d7b442e6457a356c6cb1f71a43dfae773c8489cce5145f92615d4bdb13ef54d6ae90ec7733180fcf5adf3e13fdb05b57b748bd14eda042a97fdd84498304a504a0a159b972e8200c2d0f536a3465ec498ed12b924bd134057df36129d3ebe3dd3ce9f0671e5278143e4afa3d43f444681de1b5f9725fca34fa357fe2154981666fb9dc202fc17a0199eb1c25bdd1005e590e84783ee9894c888998dc25a83c14aeee31d114acfa0bcd235d571cd765f4b9259ba43e6fc30291d8a642146c4771898030b736aeee6b247abb0784b154e104e7dcda401f9b1736fea30a41a4153fe6a9a525bd0a3487571f914f05b590e242341ade289d8f5b842c6be4a93c2755dfd47174def782a2f8f61c068b5a012f02c0801601e860def788121e8808c01fed4c920a3698d0d684920918c95b17f76bbcb4f265c931d8f79560ff8114b70f4dd6791e2ed70cfeb89905791b88be26efe1c5c66b7b50b3d2be0dbc066dfc31618f9507f6f340b85a2f76a6dcac9d6ccc289ace5e5fecd25afe22ffa451f5e365ab33cc985f2e9d7f7fb1be4794740a94215d7db14b0ffcec19e5e3c5ae0d8578ef3b65d2a7a77a11e390a6c3a6b391061c886b961e3c2f42d62047bfe1356a44b840d3d956105f4c0fa95db08c4933f00de77cdc057c28b41fecfc8398c442be1ad065954f6c9dfeb2fd7207e8548a00a1d50bdf522d2abfdafd71723616a34830fbfa8fc81e0c2639cc12f363a4919b7a00ac8189dad3e7e54122a2ef430f623658d5e281c9a19442995bb9b0e3f7d13e3016b6f9523be196bf23bbcc5ec802f43ef8b651d688d9d5a44f35c9847e4c32bce3e9ebed2326adadc76f06a195db32c80b3090d7cd65c9d8518ba4e528c5eb5c7a1c5695b21595fa8a8621734bfda8afddd65e1f37a1990220a00fa9bd2c22b0117ceb08ae6af3c944c2eca924abfddad065d1472d0c3f742a49b1e78c669471873706ad157d831d7482b773f07b0673a6ce1e227a7a4d13744bf459434c0ab1c323a38b1a84cbf1ce9741f2b8fdcc2e073e56171603d035aacd83e71d5132831f4f1e8bf517979f132a33fd03783272e9b8c96dfa4e1d320a58d82acfc8d3d53a5a52daafe4dc8be08f4ad53e11cc21374b6ff4ff5ea2ecc5d3f7c057f74f0098e57d990090475cdaffdef0da917653ed10fb70b94b72e5b4d95cbea0fc1dd2579635ad6ab545ba4d7b6d2f5442bdb78beb6c8ed62942a439117025b4566b48d9f3a17fdf4577e8606a4bc4c26557e58312fd2d1a541ebec3e5ae28eef8b2ab0597083716dd12889335570ee7839530eee879d9b137606cd4dd7103991671b4464bb68529eb19fb7a8845e3491bfbac688a87cf0744f429ea112014402915c4c1f6bae08d689d3cb7d641d7befe8fc74a2242310a9a367a39531b4c86da5b39df524e52f33ff9c40b48cb196ffc9ca855b6e698ade8a83e52b9ddc5031ff09e1907e4f8b0d07e64e1fb8e427f8819a7be907aa216bf8e2a4c7cc87ed53bf9490d4cc788b91f3b9f705e984a7e62c7a495e8421b97c39dc954b35468f17c6682334f4e16308448f457faeffff6d1f818522fa441d3a48168bdb12ffebace436a3915b63076cb6a655718647f87eaaf313b5bbd430421eed3a2215e439600a56eac8c65291eb103326a8034662bd337ab51577d9110ec7151be5cc9c54b2a30891acac5ad006ed537dbeb8f16eecbde7cf4e71373faf3c36b772f6d7ea9346875c8cf1049d49d4f8eb01b946c11e8c8e3ab2015f282167acddcc77fff03e1be9134252af0abfe538b4d25fc4ff874b52b9fb0996b5f32b4141dbd30578ff46e13ef6c63fc1620f62cb11a3dce401993976c272a5f62fde3f2a0e654d19e7a39dcdb622b9526d2a15cc18e6f817c916a00775353dd9c8954e66d0445b59bb0f5e6e3b46447232f52a0e398b057d123ef503afcbd48544db6434d2025bfc8dab72262a4fa5426a03061e7f8966e0086ff8ab5a91ab59f19b830394ee8bc76d6fb4816b8f4cde35b7eb9d3811228d51c54828f97fd1e648196c81bc73ed56249a59f318704e84656a6cedd2b8c1e1808d1cc648749abc643131e494c01336d4a14b8609656f2c972dc23c5c2e43fe40119fb88b5ec2aade35c03646e347354c493de8ab3672ccf94af0df333c6678299129d79be0eec281c5b3858ce3995566a390b674635b356692e3e9c53a089638ba0d69e772b7b410a5ae03de12e7de755ee559e1707b7b8003aabc8e2ce03c01e3183ff2d93262f6d5ceaafecdae66bc7cb3952c5a6571d864d502f281db5a228695badca5d022fdb6da56ab15dc377d1c1f8581ff56e28c2b2a84edb629547d28275c2ed571103b4ca7cdeb0776ba9f9dffcd78d21c3d4caa9289ed199672f4e7b912068c49c817114c37d37ea03954bae87d1ddae3da2ad85feb2fbb735b75a51f7bee5c8d88cc7bf64700d1a46ec6b631ae22ac7b06730a86a26bdcb992e1c7b50142de96b14a8468e4514068a30896fc677fddefaebb125c693a8d460469c7fe535f844781940f66d6abd091191c3122d584f5b0f5b0d443713d7d5186124d73de28aca30b719d4a55e09d259bddbf16995aeb1000880890afbd24d4066b0398985a40999de22ce176348e1c1f57eaf75b92a1e4f1482e89a00ac2cc36b20e36af9ec310599c19a5b1d6f8fadba104c58c801c6633315f82ebfa88faddd0b693e2f827f586c1cc5538e93bcf10f81af6dd7ee727df3b5018c0b4e31e40d040a47503b6ace4d29a1162ce487351825255f5584aff7cbd421f85c3d9fbb3784abd9848f16028b68f0d32ed8bb80106e8cc4acb939ff88bd39976d166b2addebf628b3fcd056da2f60e1b90f7a32702954921908ebccb683622a1f574ceba6951bef5e751c338c8279318dc28e36b9fc2bb17c3ad08aceb00fc388e6db112a738f86a4a1eb11526e1b9d73250b326285ed47c4398d93a3933d9a784249b65ad7d78a1f81d96ef36493ed693045a2150a8eb43cecc0c93e7d20b15b39a0646b081c2923b816365b7fbb41683a41732d942c5aa12faf876ec7f036becde8f3295af6dacff38d076d8e06260fee167703bb610745374a2758a6b88e465ca77d1f3105ae8b6b04a1eb509fb178d6249dbbc84d5d1d069278449a89d03e4a9a395d8170c329a296cfc329798cb9b9f1078d098cf3f989fd4ec53e013fbe917df35292d44fb1f3da4da4432a1847d4721514ade8cda5e5c0b51183580fc35266a970ebba74faeda56d4dcb56df51f96ad237452cedbd0cb2bee112713c3d450835811bf3da9745136d428e148fd0932dc77c8d8e61a16c625241fad8425b4ece394eedd5f165bd94923bfa1172be8edc8a4fcaae5f77ee8cc510192b27964da09c3e84efb4bc7154da1a24da8b7e544b42278d2574687ec76143afa6cf193d52a2a7f4c20ee57b6056a1337d5e408117a6cf1ab49c8980f39597f69902085d3e8d374d44e6ab4ed1185a26be2bc7281e9cfbbeb6bed899aa1924d3faa06d95999fbeaf2337494e0c2c39eef5a73fcde84459a9ea48d4e015d9e5bb5839354967ce02f637bc8678d2595b9a918fc36b927d7501f0ac2e3471ce02b5df355689c87f191ef5390900a41deec29984e45a878ece964b0009aad561316fc3b30ce1b49266d32eb17cd30f3e17e1f59014e8c518940dd0a093d1349c1a7c2581963bbe0ba372b6426e81c33c71b2ec8141c5713e52a37fff0a417a5b259e1420d9fb6a731f5baa0cc494221947895aa8fa14745a986a366bff9d0c239a19f85372497565b5b703da16439019df5f3d29f4247fb528854c9648630f03e9dedde5a08a47728ea6a4d42e62eff6fa3bd402325e0f4387b60171c37c180f958ad80955779c899517e7ea76eed00598e01552eaaf08b723daf9d466e8c57af43a15a46528b1119f5074aa3c51f77357ebe158275bc06b89640d7ce3c0a03af01418d7dc6ae8a1be8ab08c1722d66d1e9277480b8b178447667c024f9b78f8a878a2d7cf8e83e5104f6964b2907a989abafc7d7d0df941abf3d7283b6a11d46c2911a42182ec27ab785d92946e1ee8ef44846d561850d2a98c305c382f36d4cfc9b2bfd3b86ef21a0d187adcafbec8268c7d662a34dda1c83c4967097743133bc8c587edf249f5668c34ddb112fa4eb1bea9c8f6a000f1f34428b54688a5e214a7919868b25dbe930e86a243ecf54afe0b518c647d04873d2cf62cb2ab27f00015537a4fd2ea3dc8777abdf3284622347016566da0b9c406ca8c40694e4013a53fbf2e803d51b0bbe5e9df5fc74f66be618856357ccf803c53ed0e3b3fe79f69f0ede9b565d8f7a8ce5aa8cbb4e8fa61be3fd00ffb07e45065498925c14c0b311942d4ed951ad6237aadb5405bc7b2d79e1fd295b7c2ed8efa883e44c86a5053e2f421c6d4dc0c47d3a05d911db37d6efdb8e50fb3f06139ac147bc7162c21aece79eaf72e9779f19eb5395cec3d15a7594ea70a6b373d98651d2215b210f037ea3f8a57ded74474f6fdb64a08b56af52168da70b30aee03472cd8bee5af04cad7303004a4aba464b99", 0xcb3}], 0x5}, 0x0)
recvmsg$unix(r3, &(0x7f0000001140)={0x0, 0x0, &(0x7f0000001040)=[{&(0x7f00000015c0)=""/4096, 0x7ffff000}], 0x1, 0x0, 0x2}, 0x40000300)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

988.379325ms ago: executing program 6 (id=5417):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x7}, 0x0, 0x10000, 0x0, 0x5, 0x5, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x20000008}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'bridge_slave_1\x00'})
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, 0x0, 0x20000000)

310.161778ms ago: executing program 6 (id=5418):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_MSG_GETSETELEM(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)={0x2c, 0xd, 0xa, 0x301, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24000801}, 0x8000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000002c0), r3)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r3, &(0x7f0000000080)={0x0, 0x6c, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01000000000000000000047400062c00070073797352656d5f753a6f626a6563745f723a756465765f68656c7065725f657865635f743a7330000800020000000000080007002609090914000600626f6e64300000000000000000000000080003"], 0x78}, 0x1, 0xffffffff00000003}, 0x0)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000540), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_MAX_FRAME_RETRIES(r3, &(0x7f0000000600)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x28, r5, 0x100, 0x70bd2a, 0x6, {}, [@NL802154_ATTR_MAX_FRAME_RETRIES={0x5}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}]}, 0x28}, 0x1, 0x0, 0x0, 0x4040004}, 0x20000000)
sendmsg$TIPC_NL_KEY_SET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB='h\x00', @ANYRES16=r2, @ANYBLOB="0100000000000000000017000000540006803c00040067636d286165732900000000000000000000000000000000000000000000000014000000e3de3d7b4cd07ec3ee777de774fc7987cca41989140003"], 0x68}, 0x1, 0x0, 0x0, 0x4}, 0x4008014)

110.861707ms ago: executing program 6 (id=5419):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x42901, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$XFS_IOC_ATTRMULTI_BY_HANDLE(0xffffffffffffffff, 0x4048587b, 0x0)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/arp\x00')
preadv(r2, &(0x7f00000001c0)=[{&(0x7f0000000340)=""/127, 0x7f}], 0x1, 0x6, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
r4 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r4, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0x0, 0xfffffffe, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r4, 0x29, 0x30, &(0x7f0000000700)={0x1, {{0xa, 0x4e20, 0x1, @mcast2, 0x3}}, 0x1}, 0x90)
sendmsg$nl_xfrm(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xb8, 0x19, 0x1, 0x70bd2d, 0x0, {{@in6=@empty, @in=@local, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x2, 0xc, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa00, 0x407ffffffffffe, 0x800000000000002}, 0x0, 0x0, 0x1}}, 0xb8}}, 0x0)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0x1, 0x0, 0x0)
r5 = socket$inet6(0xa, 0x80002, 0x0)
sendto$inet6(r5, 0x0, 0x0, 0x200c8004, &(0x7f0000000280)={0xa, 0xe20, 0x0, @dev={0xfe, 0x80, '\x00', 0x36}}, 0x1c)
ioctl$HIDIOCGFEATURE(0xffffffffffffffff, 0xc0404807, &(0x7f0000000240)={0x5, "ba605fef31c52c69422db4c407fba00b6ae42a9fe9f62a4696e353668eb1ea2e9ab5bfe3cedeb261f41b1c718adca220a45be15eb8a36fa1a759521a05d0f228"})
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000080)={r1, 0x8000, 0xffffffffffffffff, 0xfffffffffffffffe})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4)
mincore(&(0x7f0000000000/0x800000)=nil, 0x800000, &(0x7f0000000000)=""/188)
writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000080), 0xfffffebe}], 0x1)
socket$kcm(0x2, 0xa, 0x2)
socket$packet(0x11, 0x3, 0x300)

8.936181ms ago: executing program 1 (id=5420):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x208810, &(0x7f0000000100), 0xff, 0x4c4, &(0x7f00000001c0)="$eJzs3MtrXFUYAPDvTh59N7HWamtro1UsPpImrdqFCxUFQQVBFxXcxCSttWkrTQRbgqYidSkF9+JS8C9w50bUhQhuFVxKoWgQmnY1cl9tMp1MHk0yaeb3g8mcc5/nu+eemTP35N4AWlZP+ieJ2BoRf0REV56dvUBP/jY9NTF0fWpiKIlq9a1/kmy5a1MTQ+Wi5XpbiszBSkTl8yReSGp2uiFi7PyFU4OjoyPnikl946c/7Bs7f+Hpk6cHT4ycGDkzcPTokcP9zz078MyyxJnGdW3PJ2f37n71nctvDB27/N7P36XF2rUvnz8zjnldrw2ovp70qP1bzdTOe2wRZb8bbJuRTtqbWBAWpS0i0urqyNp/V7TFrcrrilc+a2rhgBWVfjdtmHv2ZBVYx5KoO/m1VS8IsMrKL/r092/5WqWux5pw9cWIziI9PTUxNH0z/vaoFNM7VnD/PRFxbPLG1+krFnsdAgBgCbK+zVP1+n+V2JW952Md24sxlO6IuCcidkTEvRGxMyLui8iWvT8644F85WrXAvffU5O/vf9TuVK3zMsk7f89P6PvNz0j/uKtu63Ibcvi70iOnxwdOVQck4PRsSHN9zfYxw8v//7lXPNm9v/SV7r/si9YFOBKe80FuuHB8cHlOghXL0bsaa8Xf3JzJCA9A3ZHxJ7FbXp7mTj5xLd751po/vgbWIZxpuo3EY/n9T8ZNfGXksbjk30bY3TkUF95Vtzul98uvVkkO2vn3VH8yyCt/82zz/9izsXiveu/NP6x8xc6YnR05NxYOm3zovZx6c8v5vxNs9TzvzN5Oxuz/vX9fNrHg+Pj5/ojOpPXs3x5oLPpA7fWLfPl8mn8Bw/Ub/87inXS+B+MiPQk3hcRD0XE/qLsD0fEIxFxoEH8P7306AcN4k8iiabW/3Ddz78kYmOW6C7qPx+vX0Ki7dSP3881Yr6w+j8Sk9lnbS77/JtH43K1Rznlzo8gAAAArH2ViNgaSaU3T/dsjUqltzf/H/6dcaNarY6NP3n87EdnhvN7BLqjo1Je6eqacT20P5kstpjnB4prxeX8w8V146/aNmX53qGzo8NNjh1a3ZbZ7T/K9p/6u63ZpQNWnPu1oHXVtv9Kk8oBrL6FfP/7LQDrU532v6kZ5QBWn9//0Lrqtf9Pa/L6/7A+3d7+/6rzyDpgPdL/h9al/UPr0v6hJS30Lv7yeQpLfgjArER5s8DSt7Nxnjv813KiZ0W2XNbQsm55/3S+0WLKprg1KyoNVq8sal+TC1743c5Z5Zl9iq6Jyl2hRNpilrJ6bJ/vWRhzJeo8rAYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAu9H8AAAD//0N93Y4=")
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x45, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0xff, 0x4}, 0x12122, 0x10000, 0xfffffffe, 0x5, 0x8, 0x3, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = perf_event_open(&(0x7f00000000c0)={0x5, 0x80, 0xec, 0x7, 0x40, 0x6, 0x0, 0x38159f4e, 0xd25f, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x2000004, 0x2, @perf_bp={0x0, 0x2}, 0x10088a, 0x7ff, 0x4, 0x0, 0xb, 0x2, 0x3ff, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x100000b, 0x12011, r0, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x47, 0x1, 0x0, 0x0, 0x0, 0x8000, 0x30040, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x182, 0x6}, 0x6025, 0x4005, 0x4, 0x0, 0x80000000, 0x1, 0xa, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
socket$nl_route(0x10, 0x3, 0x0)
r1 = semget$private(0x0, 0x4, 0x0)
semop(r1, &(0x7f0000000380)=[{0x0, 0xffff}], 0x1)
semtimedop(r1, &(0x7f0000000000)=[{0x0, 0x9, 0x800}, {0x2, 0x1, 0x1800}], 0x2, 0x0)
shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x4000)
msync(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x6)

0s ago: executing program 5 (id=5421):
creat(0x0, 0x0)
open$dir(0x0, 0x0, 0x0)
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0xc402, 0x80)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000100)={'vxcan0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=@getchain={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r4}}, 0x24}}, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000003bc0)={0x2, 0x4, &(0x7f0000000200)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401800}, 0x94)
r6 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x2, 0xf4261, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x147b7e, 0x2, @perf_config_ext={0x1, 0xf60e}, 0xba92, 0x0, 0x43a1bd76, 0x2, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x200b}, 0x0, 0x4000000000, 0xffffffffffffffff, 0x8)
unshare(0x8040600)
mknod(&(0x7f0000000000)='./file0\x00', 0x6000, 0x77b)
r7 = open_tree(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x89901)
fstat(r7, &(0x7f0000001440))
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x5, &(0x7f0000001d80)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000c3707bf4000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x48, '\x00', 0x0, @fallback=0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r6, 0x40042408, r8)
syz_clone(0x20008200, 0x0, 0x0, 0x0, 0x0, 0x0)
semop(0x0, 0x0, 0x0)
syz_clone(0xc30e3400, 0x0, 0x0, 0x0, 0x0, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
r10 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000200)={'veth0_macvtap\x00', <r11=>0x0})
sendmsg$nl_route(r10, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=ANY=[@ANYBLOB="680000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000400012800c0001006d6163766c616e00300002800800010010000000100005800a000400aaaaaaaaaabb000008000300030000000a000400aaaaaaaab1aa000008000500", @ANYRES32=r11], 0x68}, 0x1, 0x0, 0x0, 0x4048000}, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x839, 0x70bd2d, 0x25dfdbfb, {0x0, 0x0, 0x0, r11, {0x1, 0x2}, {0xe, 0x10}, {0x1, 0x10}}}, 0x24}, 0x1, 0x0, 0x0, 0x845}, 0x0)
write$P9_RVERSION(r0, &(0x7f0000000c40)=ANY=[], 0x13)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000003c0)={r5, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000280)='./file0\x00', &(0x7f0000000300)=[0x5], &(0x7f0000000180)=[0x2], 0x0, 0x1, 0x1}}, 0x40)
r12 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_PASTESEL(r12, 0x541c, &(0x7f0000000000))

kernel console output (not intermixed with test programs):

][   T28] audit: type=1326 audit(1772076008.353:26015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30713 comm="syz.1.4969" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fbc74efc629 code=0x0
[  640.523652][T18327] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  640.599752][T30725] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4970'.
[  640.782058][T30729] lo speed is unknown, defaulting to 1000
[  640.788694][T30729] lo speed is unknown, defaulting to 1000
[  640.888451][T30729] loop1: detected capacity change from 0 to 512
[  640.910651][T30729] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  640.928526][T30729] __find_get_block_slow() failed. block=144115188075855873, b_blocknr=1, b_state=0x00000011, b_size=4096, device loop1 blocksize: 4096
[  640.942802][T30729] grow_buffers: requested out-of-range block 144115188075855873 for device loop1
[  640.952153][T30729] EXT4-fs warning (device loop1): ext4_resize_fs:2018: can't read last block, resize aborted
[  641.058832][T18327] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  641.095492][T30574] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  641.146076][T30770] netlink: 15670 bytes leftover after parsing attributes in process `syz.1.4973'.
[  641.190500][T30770] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4973'.
[  641.211226][T30770] netlink: 'syz.1.4973': attribute type 1 has an invalid length.
[  641.234174][T30770] netlink: 44 bytes leftover after parsing attributes in process `syz.1.4973'.
[  641.260532][T30778] loop0: detected capacity change from 0 to 8192
[  641.272183][T30770] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  641.286991][T30778] netlink: 14601 bytes leftover after parsing attributes in process `syz.0.4974'.
[  641.309559][T30770] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  641.319300][T30801] loop6: detected capacity change from 0 to 512
[  641.399149][T30801] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  641.416767][T30810] netlink: 40 bytes leftover after parsing attributes in process `syz.5.4981'.
[  641.434630][   T28] audit: type=1326 audit(1772076010.063:26016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30800 comm="syz.6.4980" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb8d609c629 code=0x0
[  641.630493][   T28] audit: type=1400 audit(1772076010.263:26017): avc:  denied  { listen } for  pid=30821 comm="syz.0.4983" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  641.652695][   T28] audit: type=1400 audit(1772076010.293:26018): avc:  denied  { bind } for  pid=30821 comm="syz.0.4983" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  641.834517][T30851] loop5: detected capacity change from 0 to 512
[  641.841789][T30851] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  641.853827][T30851] EXT4-fs (loop5): 1 truncate cleaned up
[  641.860339][T30851] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  641.874593][T30851] EXT4-fs warning (device loop5): ext4_group_add:1735: No reserved GDT blocks, can't resize
[  641.895513][T19038] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  642.168144][T28785] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  642.186829][T30879] loop1: detected capacity change from 0 to 2048
[  642.195967][T30879] EXT4-fs: Ignoring removed orlov option
[  642.215932][T30879] EXT4-fs: Ignoring removed oldalloc option
[  642.223477][T30879] EXT4-fs (loop1): filesystem too large to mount safely on this system
[  642.233811][T30886] FAULT_INJECTION: forcing a failure.
[  642.233811][T30886] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  642.256460][T30886] CPU: 0 UID: 0 PID: 30886 Comm: syz.6.4996 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  642.256501][T30886] Tainted: [W]=WARN
[  642.256511][T30886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  642.256526][T30886] Call Trace:
[  642.256573][T30886]  <TASK>
[  642.256583][T30886]  __dump_stack+0x1d/0x30
[  642.256636][T30886]  dump_stack_lvl+0x95/0xd0
[  642.256733][T30886]  dump_stack+0x15/0x1b
[  642.256761][T30886]  should_fail_ex+0x263/0x280
[  642.256790][T30886]  should_fail+0xb/0x20
[  642.256854][T30886]  should_fail_usercopy+0x1a/0x20
[  642.256887][T30886]  _copy_from_user+0x1c/0xb0
[  642.257003][T30886]  bpf_test_init+0xb9/0x130
[  642.257050][T30886]  bpf_prog_test_run_xdp+0x306/0xa10
[  642.257087][T30886]  ? __rcu_read_unlock+0x4e/0x70
[  642.257143][T30886]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  642.257180][T30886]  bpf_prog_test_run+0x204/0x340
[  642.257213][T30886]  __sys_bpf+0x52e/0x7e0
[  642.257250][T30886]  __x64_sys_bpf+0x41/0x50
[  642.257347][T30886]  x64_sys_call+0x10cb/0x3020
[  642.257385][T30886]  do_syscall_64+0x12c/0x370
[  642.257425][T30886]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  642.257489][T30886] RIP: 0033:0x7fb8d609c629
[  642.257512][T30886] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  642.257591][T30886] RSP: 002b:00007fb8d4af7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  642.257619][T30886] RAX: ffffffffffffffda RBX: 00007fb8d6315fa0 RCX: 00007fb8d609c629
[  642.257639][T30886] RDX: 0000000000000050 RSI: 0000200000002300 RDI: 000000000000000a
[  642.257658][T30886] RBP: 00007fb8d4af7090 R08: 0000000000000000 R09: 0000000000000000
[  642.257676][T30886] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  642.257691][T30886] R13: 00007fb8d6316038 R14: 00007fb8d6315fa0 R15: 00007ffce6f5ce08
[  642.257733][T30886]  </TASK>
[  642.474288][T30879] 9p: Bad value for 'rfdno'
[  642.493157][T30879] xfrm0 speed is unknown, defaulting to 1000
[  642.512199][T30879] xfrm0 speed is unknown, defaulting to 1000
[  642.522220][ T3473] usb 1-1: enqueue for inactive port 0
[  642.532658][ T3473] usb 1-1: enqueue for inactive port 0
[  642.537883][T30879] xfrm0 speed is unknown, defaulting to 1000
[  642.616405][ T3473] vhci_hcd vhci_hcd.0: vhci_device speed not set
[  642.824182][T30909] loop5: detected capacity change from 0 to 512
[  642.836775][T30909] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  642.849211][T30909] EXT4-fs (loop5): 1 truncate cleaned up
[  642.858314][T30909] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  642.872628][T30909] EXT4-fs warning (device loop5): ext4_group_add:1735: No reserved GDT blocks, can't resize
[  642.900381][T19038] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  642.961514][T30917] lo speed is unknown, defaulting to 1000
[  642.968086][T30917] lo speed is unknown, defaulting to 1000
[  643.082726][T30879] infiniband syz1: set active
[  643.087572][ T5156] xfrm0 speed is unknown, defaulting to 1000
[  643.088924][T30879] infiniband syz1: added xfrm0
[  643.099574][T30879] workqueue: Failed to create a rescuer kthread for wq "ib_mad1": -EINTR
[  643.100030][T30879] infiniband syz1: Couldn't open port 1
[  643.120088][T30879] RDS/IB: syz1: added
[  643.127477][T30879] smc: adding ib device syz1 with port count 1
[  643.134176][T30879] smc:    ib device syz1 port 1 has no pnetid
[  643.141400][T23561] xfrm0 speed is unknown, defaulting to 1000
[  643.148186][T30879] xfrm0 speed is unknown, defaulting to 1000
[  643.190576][T30952] __nla_validate_parse: 2 callbacks suppressed
[  643.190603][T30952] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5002'.
[  643.209696][T30879] xfrm0 speed is unknown, defaulting to 1000
[  643.243926][T30952] lo speed is unknown, defaulting to 1000
[  643.250425][T30952] lo speed is unknown, defaulting to 1000
[  643.262289][T30879] xfrm0 speed is unknown, defaulting to 1000
[  643.296893][T30959] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5002'.
[  643.310861][T30952] xfrm0 speed is unknown, defaulting to 1000
[  643.384045][T30879] xfrm0 speed is unknown, defaulting to 1000
[  643.444045][T30879] xfrm0 speed is unknown, defaulting to 1000
[  643.501752][T30983] FAULT_INJECTION: forcing a failure.
[  643.501752][T30983] name failslab, interval 1, probability 0, space 0, times 0
[  643.515136][T30983] CPU: 0 UID: 0 PID: 30983 Comm: syz.1.5003 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  643.515177][T30983] Tainted: [W]=WARN
[  643.515185][T30983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  643.515198][T30983] Call Trace:
[  643.515205][T30983]  <TASK>
[  643.515215][T30983]  __dump_stack+0x1d/0x30
[  643.515325][T30983]  dump_stack_lvl+0x95/0xd0
[  643.515351][T30983]  dump_stack+0x15/0x1b
[  643.515443][T30983]  should_fail_ex+0x263/0x280
[  643.515541][T30983]  should_failslab+0x8c/0xb0
[  643.515568][T30983]  kmem_cache_alloc_node_noprof+0x6d/0x460
[  643.515598][T30983]  ? __alloc_skb+0x2d6/0x690
[  643.515626][T30983]  __alloc_skb+0x2d6/0x690
[  643.515677][T30983]  ? __alloc_skb+0x200/0x690
[  643.515704][T30983]  netlink_alloc_large_skb+0xbf/0xf0
[  643.515772][T30983]  netlink_sendmsg+0x40c/0x6f0
[  643.515888][T30983]  ? __pfx_netlink_sendmsg+0x10/0x10
[  643.516005][T30983]  ____sys_sendmsg+0x5af/0x600
[  643.516054][T30983]  ___sys_sendmsg+0x195/0x1e0
[  643.516106][T30983]  __x64_sys_sendmsg+0xd4/0x160
[  643.516243][T30983]  x64_sys_call+0x194c/0x3020
[  643.516276][T30983]  do_syscall_64+0x12c/0x370
[  643.516321][T30983]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  643.516415][T30983] RIP: 0033:0x7fbc74efc629
[  643.516434][T30983] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  643.516465][T30983] RSP: 002b:00007fbc73957028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  643.516488][T30983] RAX: ffffffffffffffda RBX: 00007fbc75175fa0 RCX: 00007fbc74efc629
[  643.516503][T30983] RDX: 0000000020000000 RSI: 0000200000000140 RDI: 0000000000000003
[  643.516521][T30983] RBP: 00007fbc73957090 R08: 0000000000000000 R09: 0000000000000000
[  643.516592][T30983] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  643.516609][T30983] R13: 00007fbc75176038 R14: 00007fbc75175fa0 R15: 00007ffe6cc485d8
[  643.516636][T30983]  </TASK>
[  643.794166][T30993] loop1: detected capacity change from 0 to 8192
[  643.811582][T30993] netlink: 14601 bytes leftover after parsing attributes in process `syz.1.5005'.
[  644.750373][T30835] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  644.824040][T31018] netlink: 14 bytes leftover after parsing attributes in process `syz.6.5012'.
[  644.870659][T31030] loop1: detected capacity change from 0 to 512
[  644.887616][T31030] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  644.927334][T31030] EXT4-fs (loop1): 1 truncate cleaned up
[  644.934002][T31030] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  644.949171][T31030] EXT4-fs warning (device loop1): ext4_group_add:1735: No reserved GDT blocks, can't resize
[  644.982882][T18327] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  645.021552][T31047] loop1: detected capacity change from 0 to 764
[  645.033025][T31049] lo speed is unknown, defaulting to 1000
[  645.043044][T31047] rock: directory entry would overflow storage
[  645.050181][T31047] rock: sig=0x5245, size=8, remaining=5
[  645.056180][T31049] lo speed is unknown, defaulting to 1000
[  645.112541][T31049] xfrm0 speed is unknown, defaulting to 1000
[  645.133976][T31059] netlink: 15670 bytes leftover after parsing attributes in process `syz.1.5018'.
[  645.157374][   T28] kauditd_printk_skb: 2 callbacks suppressed
[  645.157395][   T28] audit: type=1400 audit(1772076013.784:26021): avc:  denied  { read } for  pid=31058 comm="syz.4.5019" path="socket:[68708]" dev="sockfs" ino=68708 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  645.234639][T31059] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5018'.
[  645.244218][T31059] netlink: 'syz.1.5018': attribute type 1 has an invalid length.
[  645.276033][T31059] netlink: 44 bytes leftover after parsing attributes in process `syz.1.5018'.
[  645.299507][T31059] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  645.330415][T31059] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  645.861465][T31096] lo speed is unknown, defaulting to 1000
[  645.868267][T31096] lo speed is unknown, defaulting to 1000
[  645.874820][T31096] xfrm0 speed is unknown, defaulting to 1000
[  646.675036][T31146] loop1: detected capacity change from 0 to 512
[  646.683450][T31146] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  646.697128][T31146] EXT4-fs (loop1): 1 truncate cleaned up
[  646.708461][T31146] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  646.722971][T31146] EXT4-fs warning (device loop1): ext4_group_add:1735: No reserved GDT blocks, can't resize
[  646.745929][T18327] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  646.962571][T31166] loop6: detected capacity change from 0 to 512
[  646.990198][T31166] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  647.004049][T31166] ext4 filesystem being mounted at /33/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  647.018568][T31166] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1315: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  647.033411][T31166] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 33 with error 28
[  647.047385][T31166] EXT4-fs (loop6): This should not happen!! Data will be lost
[  647.047385][T31166] 
[  647.057281][T31166] EXT4-fs (loop6): Total free blocks count 0
[  647.063477][T31166] EXT4-fs (loop6): Free/Dirty block details
[  647.069661][T31166] EXT4-fs (loop6): free_blocks=65280
[  647.075011][   T28] audit: type=1400 audit(1772076015.704:26022): avc:  denied  { execute } for  pid=31165 comm="syz.6.5030" path="/33/file1/file1" dev="loop6" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  647.075268][T31166] EXT4-fs (loop6): dirty_blocks=33
[  647.106314][T31166] EXT4-fs (loop6): Block reservation details
[  647.112475][T31166] EXT4-fs (loop6): i_reserved_data_blocks=33
[  647.868337][   T12] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 1 with error 28
[  647.901436][T31176] netlink: 16 bytes leftover after parsing attributes in process `syz.6.5031'.
[  648.854547][T31188] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(5)
[  648.861388][T31188] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  648.869132][T31188] vhci_hcd vhci_hcd.0: Device attached
[  649.045456][ T5156] vhci_hcd vhci_hcd.6: vhci_device speed not set
[  649.105452][ T5156] usb 13-1: new full-speed USB device number 2 using vhci_hcd
[  649.144033][T31122] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  649.228169][T31202] loop5: detected capacity change from 0 to 512
[  649.291329][T31202] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  649.326511][T31202] EXT4-fs (loop5): 1 truncate cleaned up
[  649.332749][T31202] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  649.476125][T31202] EXT4-fs warning (device loop5): ext4_group_add:1735: No reserved GDT blocks, can't resize
[  649.519176][T31215] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=31215 comm=syz.0.5039
[  649.726851][T31215] lo speed is unknown, defaulting to 1000
[  649.739248][T31215] lo speed is unknown, defaulting to 1000
[  649.749627][T31215] xfrm0 speed is unknown, defaulting to 1000
[  649.883845][T19038] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  649.932779][T31217] tun0: tun_chr_ioctl cmd 1074025675
[  649.972539][T31217] tun0: persist enabled
[  650.057760][T31217] tun0: tun_chr_ioctl cmd 1074025675
[  650.103963][T31217] tun0: persist disabled
[  650.404777][   T28] audit: type=1400 audit(1772076019.034:26023): avc:  denied  { create } for  pid=31237 comm="syz.1.5043" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=netlink_xfrm_socket permissive=1
[  650.434464][T31250] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5043'.
[  650.508036][   T28] audit: type=1400 audit(1772076019.034:26024): avc:  denied  { create } for  pid=31237 comm="syz.1.5043" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=netlink_netfilter_socket permissive=1
[  650.582062][   T28] audit: type=1400 audit(1772076019.034:26025): avc:  denied  { write } for  pid=31237 comm="syz.1.5043" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=netlink_netfilter_socket permissive=1
[  650.636834][T31266] loop1: detected capacity change from 0 to 512
[  650.653976][T31189] vhci_hcd: connection reset by peer
[  650.684568][ T4370] vhci_hcd vhci_hcd.6: stop threads
[  650.692799][T31271] loop0: detected capacity change from 0 to 8192
[  650.707314][T31266] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  650.714530][ T4370] vhci_hcd vhci_hcd.6: release socket
[  650.733882][   T28] audit: type=1326 audit(1772076019.364:26026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31265 comm="syz.1.5045" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fbc74efc629 code=0x0
[  650.739118][T31271] netlink: 14601 bytes leftover after parsing attributes in process `syz.0.5046'.
[  650.805831][ T4370] vhci_hcd vhci_hcd.6: disconnect device
[  650.918688][   T28] audit: type=1400 audit(1772076019.554:26027): avc:  denied  { mount } for  pid=31294 comm="syz.6.5049" name="/" dev="mqueue" ino=65552 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  651.194741][T31315] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[  651.201453][T31315] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  651.231915][T31318] bond0: option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0)
[  651.259538][T31315] vhci_hcd vhci_hcd.0: Device attached
[  651.280594][T31318] bond0 (unregistering): Released all slaves
[  651.346086][T31387] loop5: detected capacity change from 0 to 8192
[  651.370201][T31387] netlink: 14601 bytes leftover after parsing attributes in process `syz.5.5055'.
[  651.435182][ T5161] vhci_hcd vhci_hcd.0: vhci_device speed not set
[  651.466370][T31318] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  651.545331][T18327] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  651.641023][T31318] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  651.790455][T31394] loop4: detected capacity change from 0 to 8192
[  651.949303][T31408] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5057'.
[  652.028938][ T5161] usb 1-1: new full-speed USB device number 3 using vhci_hcd
[  652.060579][T31394] netlink: 14601 bytes leftover after parsing attributes in process `syz.4.5054'.
[  652.082971][T31405] lo speed is unknown, defaulting to 1000
[  652.089672][T31405] lo speed is unknown, defaulting to 1000
[  652.106068][T31405] xfrm0 speed is unknown, defaulting to 1000
[  652.125971][T31420] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5057'.
[  652.510980][T31316] vhci_hcd: connection reset by peer
[  652.525453][   T12] vhci_hcd vhci_hcd.0: stop threads
[  652.544585][   T12] vhci_hcd vhci_hcd.0: release socket
[  652.594695][   T12] vhci_hcd vhci_hcd.0: disconnect device
[  652.794700][T31467] netlink: 14 bytes leftover after parsing attributes in process `syz.0.5063'.
[  652.869055][   T28] audit: type=1400 audit(1772076021.505:26028): avc:  denied  { ioctl } for  pid=31466 comm="syz.5.5064" path="socket:[68960]" dev="sockfs" ino=68960 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  652.926429][   T28] audit: type=1400 audit(1772076021.505:26029): avc:  denied  { lock } for  pid=31466 comm="syz.5.5064" path="socket:[68961]" dev="sockfs" ino=68961 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1
[  654.114989][ T5156] usb 13-1: enqueue for inactive port 0
[  654.127877][ T5156] usb 13-1: enqueue for inactive port 0
[  654.214850][ T5156] vhci_hcd vhci_hcd.6: vhci_device speed not set
[  654.221330][   T28] audit: type=1326 audit(1772076022.855:26030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31477 comm="syz.6.5066" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb8d609c629 code=0x0
[  654.381785][T31482] netlink: 15670 bytes leftover after parsing attributes in process `syz.0.5067'.
[  654.393284][T31482] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5067'.
[  654.402468][T31482] netlink: 'syz.0.5067': attribute type 1 has an invalid length.
[  654.410808][T31482] netlink: 44 bytes leftover after parsing attributes in process `syz.0.5067'.
[  654.423221][T31482] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  654.433564][T31482] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  654.559808][   T28] audit: type=1400 audit(1772076023.195:26031): avc:  denied  { ioctl } for  pid=31486 comm="syz.5.5068" path="socket:[68987]" dev="sockfs" ino=68987 ioctlcmd=0x48c8 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  655.198589][T31424] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  655.403878][T31504] lo speed is unknown, defaulting to 1000
[  655.431643][T31504] lo speed is unknown, defaulting to 1000
[  655.445546][T31504] xfrm0 speed is unknown, defaulting to 1000
[  655.452352][T31516] loop5: detected capacity change from 0 to 512
[  655.468330][T31511] __nla_validate_parse: 2 callbacks suppressed
[  655.468349][T31511] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5073'.
[  655.491124][T31511] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5073'.
[  655.535275][T31516] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  655.647364][T19038] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  655.996108][T31552] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=31552 comm=syz.4.5076
[  656.216029][T31552] lo speed is unknown, defaulting to 1000
[  656.229647][T31552] lo speed is unknown, defaulting to 1000
[  656.242696][T31552] xfrm0 speed is unknown, defaulting to 1000
[  656.564787][T31565] loop1: detected capacity change from 0 to 8192
[  656.604055][T31565] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  656.687419][   T28] audit: type=1400 audit(1772076025.325:26032): avc:  denied  { remount } for  pid=31563 comm="syz.1.5080" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[  657.360897][ T5161] usb 1-1: enqueue for inactive port 0
[  657.366561][ T5161] usb 1-1: enqueue for inactive port 0
[  657.434522][ T5161] vhci_hcd vhci_hcd.0: vhci_device speed not set
[  657.448616][T31601] loop4: detected capacity change from 0 to 8192
[  657.471916][T31601] netlink: 14601 bytes leftover after parsing attributes in process `syz.4.5083'.
[  657.544180][   T28] audit: type=1400 audit(1772078586.159:26033): avc:  denied  { ioctl } for  pid=31607 comm="syz.1.5084" path="socket:[69092]" dev="sockfs" ino=69092 ioctlcmd=0x8915 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  657.721925][T31617] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=31617 comm=syz.6.5086
[  657.911670][T31630] netlink: 15670 bytes leftover after parsing attributes in process `syz.1.5090'.
[  657.925731][T31617] lo speed is unknown, defaulting to 1000
[  657.935478][T31630] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5090'.
[  657.938168][T31617] lo speed is unknown, defaulting to 1000
[  657.951773][T31630] netlink: 'syz.1.5090': attribute type 1 has an invalid length.
[  657.955478][T31617] xfrm0 speed is unknown, defaulting to 1000
[  657.967833][T31630] netlink: 44 bytes leftover after parsing attributes in process `syz.1.5090'.
[  657.986769][T31630] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  657.996050][T31630] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  658.636310][T31662] FAULT_INJECTION: forcing a failure.
[  658.636310][T31662] name failslab, interval 1, probability 0, space 0, times 0
[  658.649075][T31662] CPU: 0 UID: 0 PID: 31662 Comm: syz.1.5092 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  658.649138][T31662] Tainted: [W]=WARN
[  658.649144][T31662] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  658.649157][T31662] Call Trace:
[  658.649163][T31662]  <TASK>
[  658.649170][T31662]  __dump_stack+0x1d/0x30
[  658.649195][T31662]  dump_stack_lvl+0x95/0xd0
[  658.649253][T31662]  dump_stack+0x15/0x1b
[  658.649274][T31662]  should_fail_ex+0x263/0x280
[  658.649313][T31662]  should_failslab+0x8c/0xb0
[  658.649332][T31662]  __kmalloc_node_track_caller_noprof+0xc3/0x560
[  658.649357][T31662]  ? sidtab_sid2str_get+0xa0/0x130
[  658.649376][T31662]  kmemdup_noprof+0x2b/0x70
[  658.649502][T31662]  sidtab_sid2str_get+0xa0/0x130
[  658.649597][T31662]  security_sid_to_context_core+0x1eb/0x2e0
[  658.649632][T31662]  security_sid_to_context+0x27/0x40
[  658.649722][T31662]  avc_audit_post_callback+0x9d/0x540
[  658.649744][T31662]  ? audit_log_lsm_data+0x756/0xbb0
[  658.649774][T31662]  ? __pfx_avc_audit_post_callback+0x10/0x10
[  658.649838][T31662]  common_lsm_audit+0x1ba/0x230
[  658.649867][T31662]  ? __pfx_avc_audit_post_callback+0x10/0x10
[  658.649962][T31662]  slow_avc_audit+0x14c/0x190
[  658.649985][T31662]  avc_has_perm+0x144/0x190
[  658.650009][T31662]  sel_write_member+0xfe/0x370
[  658.650035][T31662]  selinux_transaction_write+0xc6/0x110
[  658.650063][T31662]  vfs_writev+0x42b/0x900
[  658.650198][T31662]  ? __pfx_selinux_transaction_write+0x10/0x10
[  658.650229][T31662]  do_writev+0xe9/0x210
[  658.650296][T31662]  __x64_sys_writev+0x45/0x50
[  658.650325][T31662]  x64_sys_call+0x1c0c/0x3020
[  658.650352][T31662]  do_syscall_64+0x12c/0x370
[  658.650386][T31662]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  658.650406][T31662] RIP: 0033:0x7fbc74efc629
[  658.650430][T31662] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  658.650446][T31662] RSP: 002b:00007fbc73957028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  658.650464][T31662] RAX: ffffffffffffffda RBX: 00007fbc75175fa0 RCX: 00007fbc74efc629
[  658.650477][T31662] RDX: 0000000000000001 RSI: 0000200000000a40 RDI: 0000000000000003
[  658.650489][T31662] RBP: 00007fbc73957090 R08: 0000000000000000 R09: 0000000000000000
[  658.650501][T31662] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  658.650512][T31662] R13: 00007fbc75176038 R14: 00007fbc75175fa0 R15: 00007ffe6cc485d8
[  658.650537][T31662]  </TASK>
[  658.650596][   T28] audit: type=1400 audit(1772078587.269:26034): avc:  denied  { compute_member } for  pid=31661 comm="syz.1.5092" ssid=137 tcontext=system_u:object_r:security_t tclass=security permissive=1
[  658.791284][T31669] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5093'.
[  658.962175][T31666] lo speed is unknown, defaulting to 1000
[  658.968704][T31666] lo speed is unknown, defaulting to 1000
[  658.975510][T31666] xfrm0 speed is unknown, defaulting to 1000
[  659.021654][T31669] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5093'.
[  659.111475][T31699] FAULT_INJECTION: forcing a failure.
[  659.111475][T31699] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  659.125172][T31699] CPU: 0 UID: 0 PID: 31699 Comm: syz.1.5094 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  659.125213][T31699] Tainted: [W]=WARN
[  659.125221][T31699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  659.125236][T31699] Call Trace:
[  659.125245][T31699]  <TASK>
[  659.125256][T31699]  __dump_stack+0x1d/0x30
[  659.125329][T31699]  dump_stack_lvl+0x95/0xd0
[  659.125353][T31699]  dump_stack+0x15/0x1b
[  659.125385][T31699]  should_fail_ex+0x263/0x280
[  659.125408][T31699]  should_fail+0xb/0x20
[  659.125427][T31699]  should_fail_usercopy+0x1a/0x20
[  659.125533][T31699]  _copy_to_user+0x20/0xa0
[  659.125643][T31699]  simple_read_from_buffer+0xb5/0x130
[  659.125667][T31699]  proc_fail_nth_read+0x10e/0x150
[  659.125767][T31699]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  659.125805][T31699]  vfs_read+0x1ab/0x7f0
[  659.125843][T31699]  ? __rcu_read_unlock+0x4e/0x70
[  659.125941][T31699]  ? __fget_files+0x184/0x1c0
[  659.125970][T31699]  ? mutex_lock+0x57/0x90
[  659.126028][T31699]  ksys_read+0xdc/0x1a0
[  659.126071][T31699]  __x64_sys_read+0x40/0x50
[  659.126133][T31699]  x64_sys_call+0x2886/0x3020
[  659.126169][T31699]  do_syscall_64+0x12c/0x370
[  659.126216][T31699]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  659.126277][T31699] RIP: 0033:0x7fbc74ebcece
[  659.126295][T31699] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  659.126313][T31699] RSP: 002b:00007fbc73956fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  659.126334][T31699] RAX: ffffffffffffffda RBX: 00007fbc739576c0 RCX: 00007fbc74ebcece
[  659.126398][T31699] RDX: 000000000000000f RSI: 00007fbc739570a0 RDI: 0000000000000004
[  659.126415][T31699] RBP: 00007fbc73957090 R08: 0000000000000000 R09: 0000000000000000
[  659.126427][T31699] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  659.126440][T31699] R13: 00007fbc75176038 R14: 00007fbc75175fa0 R15: 00007ffe6cc485d8
[  659.126460][T31699]  </TASK>
[  659.982406][T31580] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  660.054511][   T28] audit: type=1400 audit(1772078588.679:26035): avc:  denied  { shutdown } for  pid=31728 comm="syz.0.5100" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  660.092433][T31722] lo speed is unknown, defaulting to 1000
[  660.099665][   T28] audit: type=1400 audit(1772078588.719:26036): avc:  denied  { ioctl } for  pid=31728 comm="syz.0.5100" path="socket:[69196]" dev="sockfs" ino=69196 ioctlcmd=0x8982 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  660.105991][T31735] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5099'.
[  660.129756][T31722] lo speed is unknown, defaulting to 1000
[  660.141262][T31722] xfrm0 speed is unknown, defaulting to 1000
[  660.165882][T31740] netlink: 16 bytes leftover after parsing attributes in process `syz.5.5098'.
[  660.200623][T31744] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=256 sclass=netlink_route_socket pid=31744 comm=syz.0.5102
[  660.224134][   T28] audit: type=1400 audit(1772078588.849:26037): avc:  denied  { execmod } for  pid=31742 comm="syz.0.5102" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  660.265258][T31741] loop1: detected capacity change from 0 to 8192
[  660.290255][   T28] audit: type=1400 audit(1772078588.849:26038): avc:  denied  { execute } for  pid=31742 comm="syz.0.5102" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  660.424755][T31768] lo speed is unknown, defaulting to 1000
[  660.432163][T31761] loop0: detected capacity change from 0 to 1024
[  660.448864][T31768] lo speed is unknown, defaulting to 1000
[  660.456642][T31768] xfrm0 speed is unknown, defaulting to 1000
[  660.478815][T31761] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  660.554244][T31761] ext4 filesystem being mounted at /75/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  660.601576][T31761] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.5103: bg 0: block 112: padding at end of block bitmap is not set
[  660.636575][   T28] audit: type=1400 audit(1772078589.269:26039): avc:  denied  { getopt } for  pid=31793 comm="syz.5.5104" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  660.677404][T31761] EXT4-fs (loop0): Remounting filesystem read-only
[  660.701898][   T28] audit: type=1400 audit(1772078589.269:26040): avc:  denied  { listen } for  pid=31793 comm="syz.5.5104" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  660.786674][   T28] audit: type=1326 audit(1772078589.419:26041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31818 comm="syz.5.5108" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe7767cc629 code=0x0
[  660.828123][T27531] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  660.838276][T31835] __nla_validate_parse: 2 callbacks suppressed
[  660.838366][T31835] netlink: 40 bytes leftover after parsing attributes in process `syz.1.5105'.
[  660.893791][T31820] netlink: 52 bytes leftover after parsing attributes in process `syz.5.5108'.
[  660.926708][T31820] netlink: 24 bytes leftover after parsing attributes in process `syz.5.5108'.
[  660.987503][T31843] loop0: detected capacity change from 0 to 8192
[  661.013009][T31843] netlink: 14601 bytes leftover after parsing attributes in process `syz.0.5110'.
[  661.117248][T31856] netlink: 9 bytes leftover after parsing attributes in process `syz.1.5112'.
[  661.132625][T31856] netlink: 9 bytes leftover after parsing attributes in process `syz.1.5112'.
[  661.186719][T31860] loop1: detected capacity change from 0 to 256
[  661.201540][T31860] FAULT_INJECTION: forcing a failure.
[  661.201540][T31860] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  661.215538][T31860] CPU: 1 UID: 0 PID: 31860 Comm: syz.1.5113 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  661.215598][T31860] Tainted: [W]=WARN
[  661.215651][T31860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  661.215668][T31860] Call Trace:
[  661.215676][T31860]  <TASK>
[  661.215684][T31860]  __dump_stack+0x1d/0x30
[  661.215731][T31860]  dump_stack_lvl+0x95/0xd0
[  661.215764][T31860]  dump_stack+0x15/0x1b
[  661.215795][T31860]  should_fail_ex+0x263/0x280
[  661.215877][T31860]  should_fail+0xb/0x20
[  661.215903][T31860]  should_fail_usercopy+0x1a/0x20
[  661.215940][T31860]  _copy_to_iter+0x251/0xea0
[  661.215974][T31860]  ? neigh_seq_stop+0x36/0x40
[  661.216074][T31860]  ? traverse+0x379/0x3a0
[  661.216166][T31860]  seq_read_iter+0x1d5/0x940
[  661.216207][T31860]  ? _parse_integer_limit+0x170/0x190
[  661.216336][T31860]  seq_read+0x279/0x2c0
[  661.216397][T31860]  ? __pfx_seq_read+0x10/0x10
[  661.216484][T31860]  proc_reg_read+0x128/0x1c0
[  661.216574][T31860]  ? __pfx_proc_reg_read+0x10/0x10
[  661.216616][T31860]  vfs_readv+0x432/0x6e0
[  661.216645][T31860]  ? __pfx_proc_reg_read+0x10/0x10
[  661.216729][T31860]  __x64_sys_preadv+0xfd/0x1c0
[  661.216758][T31860]  x64_sys_call+0x2915/0x3020
[  661.216796][T31860]  do_syscall_64+0x12c/0x370
[  661.216879][T31860]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  661.216910][T31860] RIP: 0033:0x7fbc74efc629
[  661.216932][T31860] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  661.216956][T31860] RSP: 002b:00007fbc73957028 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  661.216978][T31860] RAX: ffffffffffffffda RBX: 00007fbc75175fa0 RCX: 00007fbc74efc629
[  661.217004][T31860] RDX: 0000000000000002 RSI: 00002000000001c0 RDI: 0000000000000004
[  661.217020][T31860] RBP: 00007fbc73957090 R08: 0000000000000000 R09: 0000000000000000
[  661.217037][T31860] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000001
[  661.217054][T31860] R13: 00007fbc75176038 R14: 00007fbc75175fa0 R15: 00007ffe6cc485d8
[  661.217114][T31860]  </TASK>
[  661.472034][T31870] netlink: 60 bytes leftover after parsing attributes in process `syz.1.5115'.
[  661.481920][T31870] FAULT_INJECTION: forcing a failure.
[  661.481920][T31870] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  661.495259][T31870] CPU: 1 UID: 0 PID: 31870 Comm: syz.1.5115 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  661.495325][T31870] Tainted: [W]=WARN
[  661.495334][T31870] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  661.495347][T31870] Call Trace:
[  661.495355][T31870]  <TASK>
[  661.495363][T31870]  __dump_stack+0x1d/0x30
[  661.495393][T31870]  dump_stack_lvl+0x95/0xd0
[  661.495494][T31870]  dump_stack+0x15/0x1b
[  661.495519][T31870]  should_fail_ex+0x263/0x280
[  661.495544][T31870]  should_fail+0xb/0x20
[  661.495589][T31870]  should_fail_usercopy+0x1a/0x20
[  661.495613][T31870]  _copy_to_iter+0x387/0xea0
[  661.495644][T31870]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  661.495733][T31870]  __skb_datagram_iter+0xc6/0x680
[  661.495765][T31870]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  661.495798][T31870]  skb_copy_datagram_iter+0x3f/0x120
[  661.495869][T31870]  netlink_recvmsg+0x1a8/0x550
[  661.495905][T31870]  ? __pfx_netlink_recvmsg+0x10/0x10
[  661.496038][T31870]  sock_recvmsg+0x139/0x160
[  661.496123][T31870]  ____sys_recvmsg+0xf5/0x280
[  661.496163][T31870]  ___sys_recvmsg+0x11f/0x3b0
[  661.496289][T31870]  __x64_sys_recvmsg+0xd1/0x160
[  661.496387][T31870]  x64_sys_call+0x2b1a/0x3020
[  661.496417][T31870]  do_syscall_64+0x12c/0x370
[  661.496455][T31870]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  661.496488][T31870] RIP: 0033:0x7fbc74efc629
[  661.496506][T31870] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  661.496527][T31870] RSP: 002b:00007fbc73957028 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  661.496549][T31870] RAX: ffffffffffffffda RBX: 00007fbc75175fa0 RCX: 00007fbc74efc629
[  661.496621][T31870] RDX: 0000000040002060 RSI: 0000200000000000 RDI: 0000000000000003
[  661.496636][T31870] RBP: 00007fbc73957090 R08: 0000000000000000 R09: 0000000000000000
[  661.496650][T31870] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  661.496664][T31870] R13: 00007fbc75176038 R14: 00007fbc75175fa0 R15: 00007ffe6cc485d8
[  661.496685][T31870]  </TASK>
[  661.496745][T31870] netlink: 60 bytes leftover after parsing attributes in process `syz.1.5115'.
[  663.770183][T31825] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  663.844089][T31884] FAULT_INJECTION: forcing a failure.
[  663.844089][T31884] name failslab, interval 1, probability 0, space 0, times 0
[  663.857019][T31884] CPU: 1 UID: 0 PID: 31884 Comm: syz.6.5118 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  663.857182][T31884] Tainted: [W]=WARN
[  663.857200][T31884] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  663.857217][T31884] Call Trace:
[  663.857227][T31884]  <TASK>
[  663.857236][T31884]  __dump_stack+0x1d/0x30
[  663.857281][T31884]  dump_stack_lvl+0x95/0xd0
[  663.857312][T31884]  dump_stack+0x15/0x1b
[  663.857337][T31884]  should_fail_ex+0x263/0x280
[  663.857430][T31884]  should_failslab+0x8c/0xb0
[  663.857473][T31884]  kmem_cache_alloc_noprof+0x66/0x400
[  663.857499][T31884]  ? do_getname+0x2e/0x1c0
[  663.857526][T31884]  do_getname+0x2e/0x1c0
[  663.857618][T31884]  __se_sys_rmdir+0x1b/0xe0
[  663.857732][T31884]  __x64_sys_rmdir+0x1f/0x30
[  663.857800][T31884]  x64_sys_call+0x2448/0x3020
[  663.857835][T31884]  do_syscall_64+0x12c/0x370
[  663.857872][T31884]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  663.857894][T31884] RIP: 0033:0x7fb8d609c629
[  663.857935][T31884] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  663.857954][T31884] RSP: 002b:00007fb8d4af7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000054
[  663.858025][T31884] RAX: ffffffffffffffda RBX: 00007fb8d6315fa0 RCX: 00007fb8d609c629
[  663.858175][T31884] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000
[  663.858195][T31884] RBP: 00007fb8d4af7090 R08: 0000000000000000 R09: 0000000000000000
[  663.858212][T31884] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  663.858229][T31884] R13: 00007fb8d6316038 R14: 00007fb8d6315fa0 R15: 00007ffce6f5ce08
[  663.858392][T31884]  </TASK>
[  664.039659][T31883] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=256 sclass=netlink_route_socket pid=31883 comm=syz.4.5119
[  664.061300][   T28] audit: type=1326 audit(1772078592.690:26042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31881 comm="syz.4.5119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75fad2c629 code=0x7ffc0000
[  664.087176][   T28] audit: type=1326 audit(1772078592.720:26043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31881 comm="syz.4.5119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f75fad2c629 code=0x7ffc0000
[  664.111439][   T28] audit: type=1326 audit(1772078592.720:26044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31881 comm="syz.4.5119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75fad2c629 code=0x7ffc0000
[  664.139143][   T28] audit: type=1326 audit(1772078592.720:26045): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31881 comm="syz.4.5119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f75fad2c629 code=0x7ffc0000
[  664.188240][   T28] audit: type=1400 audit(1772078592.720:26046): avc:  denied  { lock } for  pid=31881 comm="syz.4.5119" path="socket:[70515]" dev="sockfs" ino=70515 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=udp_socket permissive=1
[  664.239779][   T28] audit: type=1326 audit(1772078592.720:26047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31881 comm="syz.4.5119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75fad2c629 code=0x7ffc0000
[  664.245811][T31909] netlink: 'syz.1.5126': attribute type 21 has an invalid length.
[  664.265742][   T28] audit: type=1326 audit(1772078592.720:26048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31881 comm="syz.4.5119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=59 compat=0 ip=0x7f75fad2c629 code=0x7ffc0000
[  664.281882][T31909] netlink: 128 bytes leftover after parsing attributes in process `syz.1.5126'.
[  664.307028][T31909] netlink: 'syz.1.5126': attribute type 4 has an invalid length.
[  664.315677][T31909] netlink: 'syz.1.5126': attribute type 5 has an invalid length.
[  664.326181][T31909] netlink: 3 bytes leftover after parsing attributes in process `syz.1.5126'.
[  664.343992][   T28] audit: type=1326 audit(1772078592.720:26049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31881 comm="syz.4.5119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75fad2c629 code=0x7ffc0000
[  664.368167][   T28] audit: type=1326 audit(1772078592.720:26050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31881 comm="syz.4.5119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f75fad2c629 code=0x7ffc0000
[  664.390576][T31899] loop6: detected capacity change from 0 to 512
[  664.393379][   T28] audit: type=1326 audit(1772078592.720:26051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31881 comm="syz.4.5119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75fad2c629 code=0x7ffc0000
[  664.456240][T31899] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  664.484266][T31899] __find_get_block_slow() failed. block=144115188075855873, b_blocknr=1, b_state=0x00000019, b_size=4096, device loop6 blocksize: 4096
[  664.498590][T31899] grow_buffers: requested out-of-range block 144115188075855873 for device loop6
[  664.526816][T31899] EXT4-fs warning (device loop6): ext4_resize_fs:2018: can't read last block, resize aborted
[  664.582694][T28785] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  664.613992][T31938] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[  664.620602][T31938] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  664.643582][T31938] vhci_hcd vhci_hcd.0: Device attached
[  664.833173][T23078] vhci_hcd vhci_hcd.4: vhci_device speed not set
[  664.893203][T23078] usb 9-1: new full-speed USB device number 8 using vhci_hcd
[  664.937047][T31952] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=1549 sclass=netlink_tcpdiag_socket pid=31952 comm=syz.5.5132
[  665.799250][T31975] loop5: detected capacity change from 0 to 512
[  665.862301][T31975] EXT4-fs (loop5): orphan cleanup on readonly fs
[  665.872129][T31975] EXT4-fs warning (device loop5): ext4_enable_quotas:7236: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  665.890495][T31975] EXT4-fs (loop5): Cannot turn on quotas: error -117
[  665.906171][T31975] EXT4-fs error (device loop5): ext4_orphan_get:1417: comm syz.5.5139: bad orphan inode 14
[  665.917557][T31975] loop5: lost filesystem error report for type 5 error -117
[  665.919683][T31975] ext4_test_bit(bit=13, block=18) = 1
[  665.928064][    C0] EXT4-fs (loop5): error count since last fsck: 1
[  665.928123][    C0] EXT4-fs (loop5): last error at time 1772078594: ext4_orphan_get:1417
[  665.952037][T31942] vhci_hcd: connection reset by peer
[  665.957568][T31975] is_bad_inode(inode)=0
[  665.957638][   T30] vhci_hcd vhci_hcd.4: stop threads
[  665.967670][T31975] NEXT_ORPHAN(inode)=0
[  665.972659][T31975] max_ino=32
[  665.976806][   T30] vhci_hcd vhci_hcd.4: release socket
[  665.982355][T31975] i_nlink=1
[  666.006773][   T30] vhci_hcd vhci_hcd.4: disconnect device
[  666.016698][T31975] EXT4-fs (loop5): 1 truncate cleaned up
[  666.051497][T31975] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  666.075930][T31984] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3)
[  666.082595][T31984] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  666.103415][T31984] vhci_hcd vhci_hcd.0: Device attached
[  666.121516][T19038] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  666.255822][T31992] loop5: detected capacity change from 0 to 512
[  666.314439][T31992] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  666.328753][T31992] __find_get_block_slow() failed. block=144115188075855873, b_blocknr=1, b_state=0x00000019, b_size=4096, device loop5 blocksize: 4096
[  666.342932][T31992] grow_buffers: requested out-of-range block 144115188075855873 for device loop5
[  666.353127][T31992] EXT4-fs warning (device loop5): ext4_resize_fs:2018: can't read last block, resize aborted
[  666.406962][T19038] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  666.462439][T32001] lo speed is unknown, defaulting to 1000
[  666.469042][T32001] lo speed is unknown, defaulting to 1000
[  666.475591][T32001] xfrm0 speed is unknown, defaulting to 1000
[  666.874029][T32039] loop5: detected capacity change from 0 to 128
[  667.099260][T32038] bio_check_eod: 38 callbacks suppressed
[  667.099289][T32038] syz.5.5145: attempt to access beyond end of device
[  667.099289][T32038] loop5: rw=2049, sector=145, nr_sectors = 896 limit=128
[  667.146979][T32038] syz.5.5145: attempt to access beyond end of device
[  667.146979][T32038] loop5: rw=524288, sector=145, nr_sectors = 224 limit=128
[  667.165482][T32038] syz.5.5145: attempt to access beyond end of device
[  667.165482][T32038] loop5: rw=8388608, sector=145, nr_sectors = 8 limit=128
[  667.185125][T32051] IPVS: length: 24 != 3445080
[  667.190361][T32038] syz.5.5145: attempt to access beyond end of device
[  667.190361][T32038] loop5: rw=8388608, sector=145, nr_sectors = 8 limit=128
[  667.344639][T31985] vhci_hcd: connection closed
[  667.345401][   T12] vhci_hcd vhci_hcd.4: stop threads
[  667.375910][   T12] vhci_hcd vhci_hcd.4: release socket
[  667.386256][   T12] vhci_hcd vhci_hcd.4: disconnect device
[  667.548810][T31932] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  667.612222][T32084] __nla_validate_parse: 2 callbacks suppressed
[  667.612303][T32084] netlink: 15670 bytes leftover after parsing attributes in process `syz.6.5152'.
[  667.657443][T32084] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5152'.
[  667.667101][T32084] netlink: 'syz.6.5152': attribute type 1 has an invalid length.
[  667.675886][T32084] netlink: 44 bytes leftover after parsing attributes in process `syz.6.5152'.
[  667.690279][T32084] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  667.710300][T32084] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  667.721327][T32088] lo speed is unknown, defaulting to 1000
[  667.731945][T32088] lo speed is unknown, defaulting to 1000
[  667.743194][T32088] xfrm0 speed is unknown, defaulting to 1000
[  667.756962][T32097] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5154'.
[  667.767436][T32097] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5154'.
[  667.867037][T32080] loop5: detected capacity change from 0 to 512
[  667.911287][T32103] netlink: 'syz.0.5156': attribute type 2 has an invalid length.
[  667.919913][T32103] netlink: 16 bytes leftover after parsing attributes in process `syz.0.5156'.
[  667.975428][T32080] EXT4-fs (loop5): orphan cleanup on readonly fs
[  667.986969][T32080] EXT4-fs warning (device loop5): ext4_enable_quotas:7236: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  668.013055][T32080] EXT4-fs (loop5): Cannot turn on quotas: error -117
[  668.038440][T32080] EXT4-fs error (device loop5): ext4_orphan_get:1417: comm syz.5.5151: bad orphan inode 14
[  668.053375][T32080] loop5: lost filesystem error report for type 5 error -117
[  668.054317][T32080] ext4_test_bit(bit=13, block=18) = 1
[  668.062823][    C1] EXT4-fs (loop5): error count since last fsck: 1
[  668.063054][    C1] EXT4-fs (loop5): last error at time 1772078596: ext4_orphan_get:1417
[  668.086510][T32080] is_bad_inode(inode)=0
[  668.091378][T32080] NEXT_ORPHAN(inode)=0
[  668.096721][T32080] max_ino=32
[  668.101161][T32080] i_nlink=1
[  668.106071][T32080] EXT4-fs (loop5): 1 truncate cleaned up
[  668.113845][T32133] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[  668.117263][T32080] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  668.120512][T32133] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  668.131772][T32133] vhci_hcd vhci_hcd.0: Device attached
[  668.233101][T19038] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  668.328402][ T5151] vhci_hcd vhci_hcd.0: vhci_device speed not set
[  668.337673][T32139] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=32139 comm=syz.1.5159
[  668.505339][T32139] lo speed is unknown, defaulting to 1000
[  668.511744][ T5151] usb 1-1: new full-speed USB device number 4 using vhci_hcd
[  668.521875][T32139] lo speed is unknown, defaulting to 1000
[  668.536103][T32139] xfrm0 speed is unknown, defaulting to 1000
[  668.584160][T32152] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5162'.
[  669.819739][T32163] loop5: detected capacity change from 0 to 512
[  669.890614][T32163] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843c02c, mo2=0002]
[  669.908935][T32163] System zones: 1-12
[  669.933057][T32163] EXT4-fs error (device loop5): ext4_xattr_inode_iget:446: comm syz.5.5165: error while reading EA inode 32 err=-116
[  669.962388][T32163] loop5: lost filesystem error report for type 5 error -117
[  669.962467][T23078] usb 9-1: enqueue for inactive port 0
[  669.962492][T23078] usb 9-1: enqueue for inactive port 0
[  670.028730][T32163] EXT4-fs (loop5): Remounting filesystem read-only
[  670.035452][    C0] EXT4-fs (loop5): error count since last fsck: 1
[  670.035472][    C0] EXT4-fs (loop5): initial error at time 1772078598: ext4_xattr_inode_iget:446
[  670.035524][    C0] EXT4-fs (loop5): last error at time 1772078598: ext4_xattr_inode_iget:446
[  670.064905][T23078] vhci_hcd vhci_hcd.4: vhci_device speed not set
[  670.096186][T32134] vhci_hcd: connection reset by peer
[  670.122821][ T4373] vhci_hcd vhci_hcd.0: stop threads
[  670.128154][ T4373] vhci_hcd vhci_hcd.0: release socket
[  670.136500][ T4373] vhci_hcd vhci_hcd.0: disconnect device
[  670.136844][T32202] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5168'.
[  670.151383][T32163] EXT4-fs warning (device loop5): ext4_evict_inode:258: couldn't mark inode dirty (err -30)
[  670.187903][T32163] EXT4-fs (loop5): 1 orphan inode deleted
[  670.198528][T32163] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  670.199633][T32199] lo speed is unknown, defaulting to 1000
[  670.223286][T32199] lo speed is unknown, defaulting to 1000
[  670.249072][T32199] xfrm0 speed is unknown, defaulting to 1000
[  670.272997][T32209] lo speed is unknown, defaulting to 1000
[  670.282281][   T28] kauditd_printk_skb: 15 callbacks suppressed
[  670.282306][   T28] audit: type=1400 audit(1772078598.911:26065): avc:  denied  { audit_read } for  pid=32162 comm="syz.5.5165" capability=37  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  670.309510][T32219] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5168'.
[  670.315710][T32209] lo speed is unknown, defaulting to 1000
[  670.327465][T19038] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  670.389091][T32220] netlink: 16 bytes leftover after parsing attributes in process `syz.0.5169'.
[  670.441086][   T28] audit: type=1107 audit(1772078599.071:26066): pid=32225 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg=''
[  670.492228][T32209] xfrm0 speed is unknown, defaulting to 1000
[  670.664021][T32263] loop1: detected capacity change from 0 to 8192
[  670.810858][   T28] audit: type=1400 audit(1772078599.441:26067): avc:  denied  { create } for  pid=32277 comm="syz.0.5173" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  670.834419][T32216] loop6: detected capacity change from 0 to 512
[  670.883506][T32216] EXT4-fs (loop6): orphan cleanup on readonly fs
[  670.911790][T32216] Quota error (device loop6): v2_read_file_info: Block with free entry 9 out of range (1, 6).
[  670.923988][T32216] EXT4-fs warning (device loop6): ext4_enable_quotas:7236: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  670.958249][T32216] EXT4-fs (loop6): Cannot turn on quotas: error -117
[  670.988324][T32216] EXT4-fs error (device loop6): ext4_orphan_get:1417: comm syz.6.5170: bad orphan inode 14
[  671.039493][T32216] loop6: lost filesystem error report for type 5 error -117
[  671.041931][T32216] ext4_test_bit(bit=13, block=18) = 1
[  671.042196][    C0] EXT4-fs (loop6): error count since last fsck: 1
[  671.042415][    C0] EXT4-fs (loop6): last error at time 1772078599: ext4_orphan_get:1417
[  671.085004][T32216] is_bad_inode(inode)=0
[  671.089935][T32216] NEXT_ORPHAN(inode)=0
[  671.112408][T32216] max_ino=32
[  671.116698][T32216] i_nlink=1
[  671.120648][T32216] EXT4-fs (loop6): 1 truncate cleaned up
[  671.153226][T32216] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  671.455186][T32311] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(3)
[  671.461866][T32311] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  671.502575][T28785] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  671.619482][T32314] xt_hashlimit: size too large, truncated to 1048576
[  671.629395][T32311] vhci_hcd vhci_hcd.0: Device attached
[  671.795497][T32309] loop1: detected capacity change from 0 to 512
[  671.822025][   T23] vhci_hcd vhci_hcd.5: vhci_device speed not set
[  671.853181][T32320] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=4 sclass=netlink_route_socket pid=32320 comm=syz.6.5181
[  671.881999][   T23] usb 11-1: new full-speed USB device number 4 using vhci_hcd
[  671.907795][T32309] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  671.969466][T32309] ext4 filesystem being mounted at /447/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  671.982881][T32309] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  671.992692][T32309] SELinux: failed to load policy
[  672.349547][T32352] all: renamed from bridge_slave_1 (while UP)
[  672.400702][   T28] audit: type=1107 audit(1772078601.031:26068): pid=32348 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg=''
[  672.490440][T18327] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  672.579293][T32363] loop1: detected capacity change from 0 to 4096
[  672.587458][T32363] EXT4-fs: test_dummy_encryption option not supported
[  672.671904][T32312] vhci_hcd: connection reset by peer
[  672.711975][ T4370] vhci_hcd vhci_hcd.5: stop threads
[  672.721844][ T4370] vhci_hcd vhci_hcd.5: release socket
[  672.761047][ T4370] vhci_hcd vhci_hcd.5: disconnect device
[  672.873168][T32374] loop4: detected capacity change from 0 to 512
[  672.882160][T32373] netlink: 'syz.0.5192': attribute type 13 has an invalid length.
[  672.946259][T32374] EXT4-fs (loop4): orphan cleanup on readonly fs
[  673.484184][T32374] Quota error (device loop4): v2_read_file_info: Block with free entry 9 out of range (1, 6).
[  673.497795][T32374] EXT4-fs warning (device loop4): ext4_enable_quotas:7236: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  673.519552][T32374] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  673.536868][T32374] EXT4-fs error (device loop4): ext4_orphan_get:1417: comm syz.4.5191: bad orphan inode 14
[  673.547866][T32374] loop4: lost filesystem error report for type 5 error -117
[  673.548097][T32374] ext4_test_bit(bit=13, block=18) = 1
[  673.555994][    C1] EXT4-fs (loop4): error count since last fsck: 1
[  673.556014][    C1] EXT4-fs (loop4): last error at time 1772078602: ext4_orphan_get:1417
[  673.566018][ T5151] usb 1-1: enqueue for inactive port 0
[  673.570898][T32374] is_bad_inode(inode)=0
[  673.588665][T32374] NEXT_ORPHAN(inode)=0
[  673.593538][T32374] max_ino=32
[  673.596956][T32374] i_nlink=1
[  673.600397][T32374] EXT4-fs (loop4): 1 truncate cleaned up
[  673.607196][T32374] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  673.617142][ T5151] usb 1-1: enqueue for inactive port 0
[  673.636428][T32393] loop6: detected capacity change from 0 to 512
[  673.701415][T17504] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  673.705539][T32373] bridge0: port 2(bridge_slave_1) entered disabled state
[  673.718778][T32373] bridge0: port 1(bridge_slave_0) entered disabled state
[  673.734493][T32393] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  673.751649][ T5151] vhci_hcd vhci_hcd.0: vhci_device speed not set
[  673.772076][T28785] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  673.816174][T32416] __nla_validate_parse: 5 callbacks suppressed
[  673.816193][T32416] netlink: 14 bytes leftover after parsing attributes in process `syz.4.5198'.
[  673.913088][T32373] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  673.934501][T32373] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  673.959690][T23561] IPVS: starting estimator thread 0...
[  674.111761][T32422] IPVS: using max 2208 ests per chain, 110400 per kthread
[  674.222081][   T30] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  674.236623][T32426] syzkaller0: entered promiscuous mode
[  674.242405][T32426] syzkaller0: entered allmulticast mode
[  674.251286][T32426] tipc: Started in network mode
[  674.256457][T32426] tipc: Node identity de28135b525e, cluster identity 4711
[  674.264180][T32426] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  674.273376][T32423] tipc: Resetting bearer <eth:syzkaller0>
[  674.283599][T32423] tipc: Disabling bearer <eth:syzkaller0>
[  674.296367][   T30] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  674.311620][   T30] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  674.325077][   T30] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  674.500212][   T28] audit: type=1326 audit(1772078603.131:26069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32448 comm="syz.6.5204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8d609c629 code=0x7ffc0000
[  674.569176][   T28] audit: type=1326 audit(1772078603.131:26070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32448 comm="syz.6.5204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8d609c629 code=0x7ffc0000
[  674.610622][   T28] audit: type=1326 audit(1772078603.131:26071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32448 comm="syz.6.5204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=237 compat=0 ip=0x7fb8d609c629 code=0x7ffc0000
[  674.663495][T32456] netlink: 40 bytes leftover after parsing attributes in process `syz.5.5205'.
[  674.673761][   T28] audit: type=1326 audit(1772078603.171:26072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32448 comm="syz.6.5204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8d609c629 code=0x7ffc0000
[  675.034739][T32466] loop6: detected capacity change from 0 to 512
[  675.061990][T32466] EXT4-fs (loop6): orphan cleanup on readonly fs
[  675.073932][T32466] EXT4-fs warning (device loop6): ext4_enable_quotas:7236: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  675.091644][T32466] EXT4-fs (loop6): Cannot turn on quotas: error -117
[  675.177150][T32466] EXT4-fs error (device loop6): ext4_orphan_get:1417: comm syz.6.5208: bad orphan inode 14
[  675.187886][T32466] loop6: lost filesystem error report for type 5 error -117
[  675.188047][T32466] ext4_test_bit(bit=13, block=18) = 1
[  675.195459][    C0] EXT4-fs (loop6): error count since last fsck: 1
[  675.195485][    C0] EXT4-fs (loop6): last error at time 1772078603: ext4_orphan_get:1417
[  675.216624][T32466] is_bad_inode(inode)=0
[  675.222930][T32466] NEXT_ORPHAN(inode)=0
[  675.227049][T32466] max_ino=32
[  675.230544][T32466] i_nlink=1
[  675.234666][T32466] EXT4-fs (loop6): 1 truncate cleaned up
[  675.241668][T32466] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  675.313204][T28785] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  675.505558][T32497] netlink: 15670 bytes leftover after parsing attributes in process `syz.4.5215'.
[  675.526924][T32497] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5215'.
[  675.540683][T32497] netlink: 'syz.4.5215': attribute type 1 has an invalid length.
[  675.548893][T32497] netlink: 44 bytes leftover after parsing attributes in process `syz.4.5215'.
[  675.565777][T32497] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  675.575968][T32497] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  675.741716][T32405] loop1: detected capacity change from 0 to 512
[  675.832345][T32405] EXT4-fs (loop1): orphan cleanup on readonly fs
[  675.843661][T32405] __quota_error: 3 callbacks suppressed
[  675.843782][T32405] Quota error (device loop1): v2_read_file_info: Block with free entry 9 out of range (1, 6).
[  675.861228][T32405] EXT4-fs warning (device loop1): ext4_enable_quotas:7236: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  675.879163][T32405] EXT4-fs (loop1): Cannot turn on quotas: error -117
[  675.891921][T32405] EXT4-fs error (device loop1): ext4_orphan_get:1417: comm syz.1.5196: bad orphan inode 14
[  675.902755][T32405] loop1: lost filesystem error report for type 5 error -117
[  675.904001][T32405] ext4_test_bit(bit=13, block=18) = 1
[  675.911545][    C0] EXT4-fs (loop1): error count since last fsck: 1
[  675.911605][    C0] EXT4-fs (loop1): last error at time 1772078604: ext4_orphan_get:1417
[  675.940273][T32405] is_bad_inode(inode)=0
[  675.944403][   T28] audit: type=1400 audit(1772078604.582:26075): avc:  denied  { append } for  pid=32503 comm="syz.0.5216" name="001" dev="devtmpfs" ino=168 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  675.946470][T32405] NEXT_ORPHAN(inode)=0
[  675.976450][T32405] max_ino=32
[  675.980370][T32405] i_nlink=1
[  675.984501][T32405] EXT4-fs (loop1): 1 truncate cleaned up
[  675.997641][T32405] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  675.998396][   T28] audit: type=1400 audit(1772078604.632:26076): avc:  denied  { create } for  pid=32503 comm="syz.0.5216" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[  676.042393][   T28] audit: type=1400 audit(1772078604.632:26077): avc:  denied  { write } for  pid=32503 comm="syz.0.5216" path="socket:[70957]" dev="sockfs" ino=70957 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[  676.085194][   T28] audit: type=1400 audit(1772078604.652:26078): avc:  denied  { read } for  pid=32503 comm="syz.0.5216" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[  676.200354][T32516] FAULT_INJECTION: forcing a failure.
[  676.200354][T32516] name failslab, interval 1, probability 0, space 0, times 0
[  676.218231][T32516] CPU: 1 UID: 0 PID: 32516 Comm: syz.5.5219 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  676.218273][T32516] Tainted: [W]=WARN
[  676.218282][T32516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  676.218300][T32516] Call Trace:
[  676.218309][T32516]  <TASK>
[  676.218318][T32516]  __dump_stack+0x1d/0x30
[  676.218371][T32516]  dump_stack_lvl+0x95/0xd0
[  676.218468][T32516]  dump_stack+0x15/0x1b
[  676.218519][T32516]  should_fail_ex+0x263/0x280
[  676.218542][T32516]  should_failslab+0x8c/0xb0
[  676.218563][T32516]  __kmalloc_noprof+0xb8/0x4e0
[  676.218590][T32516]  ? bm_init+0x4c/0x6f0
[  676.218625][T32516]  ? pcpu_block_refresh_hint+0x10b/0x170
[  676.218684][T32516]  bm_init+0x4c/0x6f0
[  676.218731][T32516]  ? pcpu_chunk_relocate+0x17a/0x2a0
[  676.218828][T32516]  ? pcpu_alloc_area+0x4ad/0x4d0
[  676.218861][T32516]  textsearch_prepare+0x195/0x200
[  676.218940][T32516]  string_mt_check+0x119/0x170
[  676.218966][T32516]  xt_check_match+0x2ad/0x4f0
[  676.219043][T32516]  ? mutex_unlock+0x4e/0x90
[  676.219227][T32516]  ? xt_find_match+0x1d1/0x210
[  676.219334][T32516]  ? xt_find_match+0x1b5/0x210
[  676.219418][T32516]  translate_table+0xb12/0x10d0
[  676.219525][T32516]  ? _copy_from_user+0x89/0xb0
[  676.219701][T32516]  do_ipt_set_ctl+0x6d0/0x8e0
[  676.219795][T32516]  ? _raw_spin_unlock_bh+0x18/0x20
[  676.219826][T32516]  ? _raw_spin_lock_bh+0x56/0xb0
[  676.220010][T32516]  nf_setsockopt+0x199/0x1b0
[  676.220258][T32516]  ip_setsockopt+0x102/0x110
[  676.220338][T32516]  udp_setsockopt+0x99/0xb0
[  676.220416][T32516]  sock_common_setsockopt+0x69/0x80
[  676.220499][T32516]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  676.220586][T32516]  __sys_setsockopt+0x184/0x200
[  676.220723][T32516]  __x64_sys_setsockopt+0x64/0x80
[  676.220811][T32516]  x64_sys_call+0x2327/0x3020
[  676.220908][T32516]  do_syscall_64+0x12c/0x370
[  676.221077][T32516]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  676.221161][T32516] RIP: 0033:0x7fe7767cc629
[  676.221226][T32516] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  676.221290][T32516] RSP: 002b:00007fe77521f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  676.221432][T32516] RAX: ffffffffffffffda RBX: 00007fe776a45fa0 RCX: 00007fe7767cc629
[  676.221477][T32516] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000004
[  676.221519][T32516] RBP: 00007fe77521f090 R08: 00000000000002e8 R09: 0000000000000000
[  676.221563][T32516] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  676.221607][T32516] R13: 00007fe776a46038 R14: 00007fe776a45fa0 R15: 00007ffd0f86a9e8
[  676.221713][T32516]  </TASK>
[  676.501927][T18327] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  676.727932][T32544] loop4: detected capacity change from 0 to 2048
[  676.738988][T32547] netlink: 40 bytes leftover after parsing attributes in process `syz.1.5220'.
[  676.766607][T32544] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  676.835100][   T28] audit: type=1400 audit(1772078605.472:26079): avc:  denied  { name_connect } for  pid=32543 comm="syz.4.5227" dest=8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=sctp_socket permissive=1
[  676.911255][   T23] usb 11-1: enqueue for inactive port 0
[  676.919563][   T23] usb 11-1: enqueue for inactive port 0
[  676.956990][   T28] audit: type=1400 audit(1772078605.532:26080): avc:  denied  { name_connect } for  pid=32543 comm="syz.4.5227" dest=1023 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hi_reserved_port_t tclass=sctp_socket permissive=1
[  676.991075][   T23] vhci_hcd vhci_hcd.5: vhci_device speed not set
[  677.006488][T32563] bridge_slave_0: vlans aren't supported yet for dev_uc|mc_add()
[  677.025980][T32524] loop6: detected capacity change from 0 to 512
[  677.068517][T32524] EXT4-fs (loop6): orphan cleanup on readonly fs
[  677.079837][T32524] Quota error (device loop6): v2_read_file_info: Block with free entry 9 out of range (1, 6).
[  677.082310][   T28] audit: type=1400 audit(1772078605.712:26081): avc:  denied  { read } for  pid=32568 comm="syz.0.5232" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  677.096829][T32524] EXT4-fs warning (device loop6): ext4_enable_quotas:7236: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  677.131743][T32524] EXT4-fs (loop6): Cannot turn on quotas: error -117
[  677.140111][   T28] audit: type=1400 audit(1772078605.762:26082): avc:  denied  { mounton } for  pid=32568 comm="syz.0.5232" path="/syzcgroup/cpu/syz0/cgroup.procs" dev="cgroup" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=file permissive=1
[  677.172986][T32524] EXT4-fs error (device loop6): ext4_orphan_get:1417: comm syz.6.5222: bad orphan inode 14
[  677.184939][T32524] loop6: lost filesystem error report for type 5 error -117
[  677.187496][T32524] ext4_test_bit(bit=13, block=18) = 1
[  677.195564][    C0] EXT4-fs (loop6): error count since last fsck: 1
[  677.195728][    C0] EXT4-fs (loop6): last error at time 1772078605: ext4_orphan_get:1417
[  677.218216][T32524] is_bad_inode(inode)=0
[  677.222701][T32524] NEXT_ORPHAN(inode)=0
[  677.227444][T32524] max_ino=32
[  677.232905][T32524] i_nlink=1
[  677.237825][T32524] EXT4-fs (loop6): 1 truncate cleaned up
[  677.248971][T32524] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  677.287658][T28785] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  677.679302][T17504] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  677.741789][T32592] x_tables: ip6_tables: icmp6 match: only valid for protocol 58
[  677.832177][T32600] bond1: option miimon: invalid value (18446744073709551615)
[  677.842826][T32600] bond1: option miimon: allowed values 0 - 2147483647
[  677.852842][T32600] bond1 (unregistering): Released all slaves
[  677.921481][T32666] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5233'.
[  677.981712][T32677] netlink: 'syz.4.5242': attribute type 3 has an invalid length.
[  678.068725][T32688] netlink: 'syz.0.5243': attribute type 12 has an invalid length.
[  678.090060][T32688] netlink: 'syz.0.5243': attribute type 29 has an invalid length.
[  678.106990][T32688] netlink: 148 bytes leftover after parsing attributes in process `syz.0.5243'.
[  678.125330][T32690] netlink: 40 bytes leftover after parsing attributes in process `syz.0.5243'.
[  678.138450][T32688] netlink: 59 bytes leftover after parsing attributes in process `syz.0.5243'.
[  700.285137][T32726] __nla_validate_parse: 2 callbacks suppressed
[  700.285155][T32726] netlink: 15670 bytes leftover after parsing attributes in process `syz.4.5256'.
[  700.314176][ T3639] Bluetooth: hci0: Frame reassembly failed (-84)
[  700.335129][T32726] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  700.338295][T32728] xt_hashlimit: size too large, truncated to 1048576
[  700.364211][T32726] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  700.434537][T32722] lo speed is unknown, defaulting to 1000
[  700.449103][T32742] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5255'.
[  700.478022][T32722] lo speed is unknown, defaulting to 1000
[  700.550016][T32722] xfrm0 speed is unknown, defaulting to 1000
[  700.564581][   T28] kauditd_printk_skb: 1 callbacks suppressed
[  700.564597][   T28] audit: type=1400 audit(1772078629.206:26084): avc:  denied  { remount } for  pid=32720 comm="syz.0.5252" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  700.598286][T32741] SELinux: failed to load policy
[  700.987429][  T328] xt_hashlimit: size too large, truncated to 1048576
[  701.116358][  T331] loop6: detected capacity change from 0 to 512
[  701.167478][  T331] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  701.240254][  T331] ext4 filesystem being mounted at /84/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  701.359551][  T346] netlink: 40 bytes leftover after parsing attributes in process `syz.1.5260'.
[  701.441348][  T331] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  701.525141][  T331] SELinux: failed to load policy
[  701.615371][  T354] netlink: 14 bytes leftover after parsing attributes in process `syz.4.5262'.
[  702.177284][T28785] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  702.346678][   T43] Bluetooth: hci0: command 0x1003 tx timeout
[  702.346721][T21169] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  702.479946][  T375] loop6: detected capacity change from 0 to 512
[  702.499207][  T380] netlink: 104 bytes leftover after parsing attributes in process `syz.5.5269'.
[  702.516804][   T28] audit: type=1400 audit(1772078631.136:26085): avc:  denied  { setcurrent } for  pid=377 comm="syz.5.5269" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  702.590947][  T375] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  702.613734][   T28] audit: type=1401 audit(1772078631.136:26086): op=security_bounded_transition seresult=denied oldcontext=root:sysadm_r:sysadm_t newcontext=system_u:object_r:hugetlbfs_t
[  702.620214][  T386] lo speed is unknown, defaulting to 1000
[  702.654353][  T386] lo speed is unknown, defaulting to 1000
[  702.695738][  T386] xfrm0 speed is unknown, defaulting to 1000
[  702.790924][T28785] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  702.994578][  T405] loop4: detected capacity change from 0 to 8192
[  703.056564][  T405] netlink: 14601 bytes leftover after parsing attributes in process `syz.4.5274'.
[  703.081851][  T419] xt_hashlimit: size too large, truncated to 1048576
[  703.142695][  T432] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  703.274377][  T432] SELinux: failed to load policy
[  703.426189][  T437] netlink: 'syz.6.5275': attribute type 12 has an invalid length.
[  703.503336][  T437] netlink: 'syz.6.5275': attribute type 29 has an invalid length.
[  703.546626][  T443] netlink: 40 bytes leftover after parsing attributes in process `syz.6.5275'.
[  703.586783][  T437] netlink: 148 bytes leftover after parsing attributes in process `syz.6.5275'.
[  703.674557][  T437] netlink: 59 bytes leftover after parsing attributes in process `syz.6.5275'.
[  703.768669][ T5161] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  703.777808][ T5161] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  704.036543][  T449] lo speed is unknown, defaulting to 1000
[  704.042735][  T449] lo speed is unknown, defaulting to 1000
[  704.144379][  T449] xfrm0 speed is unknown, defaulting to 1000
[  704.255665][   T28] audit: type=1400 audit(1772078632.897:26087): avc:  denied  { bind } for  pid=474 comm="syz.5.5279" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  704.508680][  T501] loop1: detected capacity change from 0 to 128
[  704.645415][  T520] FAULT_INJECTION: forcing a failure.
[  704.645415][  T520] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  704.783381][  T520] CPU: 0 UID: 0 PID: 520 Comm: syz.5.5285 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  704.783414][  T520] Tainted: [W]=WARN
[  704.783423][  T520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  704.783437][  T520] Call Trace:
[  704.783446][  T520]  <TASK>
[  704.783456][  T520]  __dump_stack+0x1d/0x30
[  704.783514][  T520]  dump_stack_lvl+0x95/0xd0
[  704.783580][  T520]  dump_stack+0x15/0x1b
[  704.783609][  T520]  should_fail_ex+0x263/0x280
[  704.783633][  T520]  should_fail+0xb/0x20
[  704.783657][  T520]  should_fail_usercopy+0x1a/0x20
[  704.783705][  T520]  _copy_from_user+0x1c/0xb0
[  704.783738][  T520]  ___sys_sendmsg+0xc1/0x1e0
[  704.783797][  T520]  __x64_sys_sendmsg+0xd4/0x160
[  704.783835][  T520]  x64_sys_call+0x194c/0x3020
[  704.783927][  T520]  do_syscall_64+0x12c/0x370
[  704.783972][  T520]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  704.784078][  T520] RIP: 0033:0x7fe7767cc629
[  704.784098][  T520] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  704.784121][  T520] RSP: 002b:00007fe77521f028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  704.784152][  T520] RAX: ffffffffffffffda RBX: 00007fe776a45fa0 RCX: 00007fe7767cc629
[  704.784174][  T520] RDX: 0000000008000000 RSI: 0000200000001100 RDI: 0000000000000005
[  704.784193][  T520] RBP: 00007fe77521f090 R08: 0000000000000000 R09: 0000000000000000
[  704.784207][  T520] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  704.784222][  T520] R13: 00007fe776a46038 R14: 00007fe776a45fa0 R15: 00007ffd0f86a9e8
[  704.784288][  T520]  </TASK>
[  704.979437][  T527] loop4: detected capacity change from 0 to 512
[  705.060957][  T527] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #15: comm syz.4.5286: inode has both inline data and extents flags
[  705.076341][  T527] loop4: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  705.076600][  T527] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.5286: couldn't read orphan inode 15 (err -117)
[  705.086183][    C1] EXT4-fs (loop4): error count since last fsck: 1
[  705.086204][    C1] EXT4-fs (loop4): initial error at time 1772078633: ext4_orphan_get:1391: inode 15
[  705.086248][    C1] EXT4-fs (loop4): last error at time 1772078633: ext4_orphan_get:1391: inode 15
[  705.212248][  T534] smc: ib device syz1 ibport 1 applied user defined pnetid SYZ0
[  705.256380][  T527] loop4: lost filesystem error report for type 5 error -117
[  705.256943][  T527] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000070000 r/w without journal. Quota mode: writeback.
[  705.342038][  T541] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  705.346308][   T28] audit: type=1400 audit(1772078633.987:26088): avc:  denied  { mount } for  pid=540 comm="syz.0.5289" name="/" dev="hugetlbfs" ino=72637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[  705.389682][  T541] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  705.398369][  T534] netlink: 27 bytes leftover after parsing attributes in process `syz.6.5287'.
[  705.486210][  T376] syz.1.5267: attempt to access beyond end of device
[  705.486210][  T376] loop1: rw=2049, sector=145, nr_sectors = 8 limit=128
[  705.501526][  T376] syz.1.5267: attempt to access beyond end of device
[  705.501526][  T376] loop1: rw=2049, sector=161, nr_sectors = 8 limit=128
[  705.526167][  T376] syz.1.5267: attempt to access beyond end of device
[  705.526167][  T376] loop1: rw=2049, sector=177, nr_sectors = 8 limit=128
[  705.536732][  T547] FAULT_INJECTION: forcing a failure.
[  705.536732][  T547] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  705.540689][  T376] syz.1.5267: attempt to access beyond end of device
[  705.540689][  T376] loop1: rw=2049, sector=193, nr_sectors = 8 limit=128
[  705.596293][  T376] syz.1.5267: attempt to access beyond end of device
[  705.596293][  T376] loop1: rw=2049, sector=209, nr_sectors = 8 limit=128
[  705.616218][  T376] syz.1.5267: attempt to access beyond end of device
[  705.616218][  T376] loop1: rw=2049, sector=225, nr_sectors = 8 limit=128
[  705.650050][T17504] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000070000.
[  705.661703][  T547] CPU: 0 UID: 0 PID: 547 Comm: syz.5.5290 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  705.661754][  T547] Tainted: [W]=WARN
[  705.661827][  T547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  705.661843][  T547] Call Trace:
[  705.661853][  T547]  <TASK>
[  705.661865][  T547]  __dump_stack+0x1d/0x30
[  705.661900][  T547]  dump_stack_lvl+0x95/0xd0
[  705.661928][  T547]  dump_stack+0x15/0x1b
[  705.661951][  T547]  should_fail_ex+0x263/0x280
[  705.662008][  T547]  should_fail+0xb/0x20
[  705.662028][  T547]  should_fail_usercopy+0x1a/0x20
[  705.662055][  T547]  _copy_from_iter+0xcf/0xea0
[  705.662090][  T547]  ? __rcu_read_unlock+0x4e/0x70
[  705.662150][  T547]  ? terminate_walk+0x1e6/0x210
[  705.662185][  T547]  ? path_openat+0x1ab2/0x2050
[  705.662274][  T547]  tun_get_user+0x15f/0x27c0
[  705.662309][  T547]  ? ref_tracker_alloc+0x1eb/0x2f0
[  705.662342][  T547]  tun_chr_write_iter+0x15e/0x210
[  705.662368][  T547]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  705.662468][  T547]  vfs_write+0x5a6/0x9f0
[  705.662642][  T547]  ksys_write+0xdc/0x1a0
[  705.662687][  T547]  __x64_sys_write+0x40/0x50
[  705.662724][  T547]  x64_sys_call+0x27e1/0x3020
[  705.662752][  T547]  do_syscall_64+0x12c/0x370
[  705.662812][  T547]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  705.662876][  T547] RIP: 0033:0x7fe7767cc629
[  705.662896][  T547] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  705.663012][  T547] RSP: 002b:00007fe77521f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  705.663035][  T547] RAX: ffffffffffffffda RBX: 00007fe776a45fa0 RCX: 00007fe7767cc629
[  705.663054][  T547] RDX: 0000000000000078 RSI: 0000200000000380 RDI: 0000000000000003
[  705.663071][  T547] RBP: 00007fe77521f090 R08: 0000000000000000 R09: 0000000000000000
[  705.663094][  T547] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  705.663107][  T547] R13: 00007fe776a46038 R14: 00007fe776a45fa0 R15: 00007ffd0f86a9e8
[  705.663194][  T547]  </TASK>
[  705.665706][  T376] syz.1.5267: attempt to access beyond end of device
[  705.665706][  T376] loop1: rw=2049, sector=241, nr_sectors = 8 limit=128
[  705.890802][  T376] syz.1.5267: attempt to access beyond end of device
[  705.890802][  T376] loop1: rw=2049, sector=257, nr_sectors = 8 limit=128
[  705.904556][  T376] syz.1.5267: attempt to access beyond end of device
[  705.904556][  T376] loop1: rw=2049, sector=273, nr_sectors = 8 limit=128
[  705.918598][  T376] syz.1.5267: attempt to access beyond end of device
[  705.918598][  T376] loop1: rw=2049, sector=289, nr_sectors = 8 limit=128
[  706.490062][  T575] loop4: detected capacity change from 0 to 128
[  706.721546][  T586] xt_hashlimit: size too large, truncated to 1048576
[  706.842718][  T580] SELinux: failed to load policy
[  706.888854][   T28] audit: type=1400 audit(1772078635.537:26089): avc:  denied  { append } for  pid=589 comm="syz.1.5298" name="mISDNtimer" dev="devtmpfs" ino=250 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  707.089795][  T580] loop5: detected capacity change from 0 to 1024
[  707.209425][  T580] EXT4-fs: Ignoring removed orlov option
[  707.238207][  T617] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5301'.
[  707.295086][  T609] lo speed is unknown, defaulting to 1000
[  707.316765][  T609] lo speed is unknown, defaulting to 1000
[  707.323482][  T609] xfrm0 speed is unknown, defaulting to 1000
[  707.337053][  T580] EXT4-fs (loop5): stripe (133) is not aligned with cluster size (16), stripe is disabled
[  707.401427][  T625] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5301'.
[  707.566549][  T580] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  707.711215][  T653] FAULT_INJECTION: forcing a failure.
[  707.711215][  T653] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  707.725076][  T653] CPU: 0 UID: 0 PID: 653 Comm: syz.4.5304 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  707.725122][  T653] Tainted: [W]=WARN
[  707.725130][  T653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  707.725145][  T653] Call Trace:
[  707.725153][  T653]  <TASK>
[  707.725178][  T653]  __dump_stack+0x1d/0x30
[  707.725209][  T653]  dump_stack_lvl+0x95/0xd0
[  707.725353][  T653]  dump_stack+0x15/0x1b
[  707.725382][  T653]  should_fail_ex+0x263/0x280
[  707.725411][  T653]  should_fail+0xb/0x20
[  707.725501][  T653]  should_fail_usercopy+0x1a/0x20
[  707.725533][  T653]  _copy_from_user+0x1c/0xb0
[  707.725572][  T653]  ___sys_sendmsg+0xc1/0x1e0
[  707.725699][  T653]  __x64_sys_sendmsg+0xd4/0x160
[  707.725788][  T653]  x64_sys_call+0x194c/0x3020
[  707.725865][  T653]  do_syscall_64+0x12c/0x370
[  707.725902][  T653]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  707.725963][  T653] RIP: 0033:0x7f75fad2c629
[  707.725984][  T653] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  707.726044][  T653] RSP: 002b:00007f75f977f028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  707.726108][  T653] RAX: ffffffffffffffda RBX: 00007f75fafa5fa0 RCX: 00007f75fad2c629
[  707.726122][  T653] RDX: 0000000000000000 RSI: 0000200000000980 RDI: 0000000000000004
[  707.726139][  T653] RBP: 00007f75f977f090 R08: 0000000000000000 R09: 0000000000000000
[  707.726155][  T653] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  707.726169][  T653] R13: 00007f75fafa6038 R14: 00007f75fafa5fa0 R15: 00007ffd47b1ac88
[  707.726189][  T653]  </TASK>
[  708.592992][T19038] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  709.698055][  T682] netlink: 15670 bytes leftover after parsing attributes in process `syz.4.5310'.
[  709.709648][  T682] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  709.720073][  T682] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  709.901693][  T692] loop1: detected capacity change from 0 to 4096
[  709.936527][  T692] EXT4-fs: Ignoring removed bh option
[  709.986086][  T692] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  710.063454][  T704] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5314'.
[  710.214728][  T713] lo speed is unknown, defaulting to 1000
[  710.221389][T18327] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  710.256095][  T713] lo speed is unknown, defaulting to 1000
[  710.296729][  T704] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5314'.
[  710.330102][  T713] xfrm0 speed is unknown, defaulting to 1000
[  710.589799][  T735] loop5: detected capacity change from 0 to 512
[  710.855471][  T735] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  710.871636][  T766] loop4: detected capacity change from 0 to 128
[  710.899086][  T735] EXT4-fs (loop5): orphan cleanup on readonly fs
[  710.906702][  T735] Quota error (device loop5): do_check_range: Getting dqdh_prev_free 4294967295 out of range 0-7
[  710.923208][  T735] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[  710.934580][  T735] EXT4-fs error (device loop5): ext4_acquire_dquot:7001: comm syz.5.5307: Failed to acquire dquot type 1
[  710.948200][  T735] loop5: lost filesystem error report for type 5 error -117
[  710.965146][    C0] EXT4-fs (loop5): error count since last fsck: 1
[  710.979377][    C0] EXT4-fs (loop5): initial error at time 1772078639: ext4_acquire_dquot:7001
[  710.985559][  T735] EXT4-fs error (device loop5): ext4_do_update_inode:5569: inode #16: comm syz.5.5307: corrupted inode contents
[  710.988363][    C0] EXT4-fs (loop5): last error at time 1772078639: ext4_acquire_dquot:7001
[  711.075178][  T735] loop5: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[  711.079151][  T735] EXT4-fs error (device loop5): ext4_dirty_inode:6450: inode #16: comm syz.5.5307: mark_inode_dirty error
[  711.105736][  T775] loop6: detected capacity change from 0 to 1024
[  711.183409][  T780] loop1: detected capacity change from 0 to 512
[  711.231112][  T735] loop5: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[  711.237160][  T735] EXT4-fs error (device loop5): ext4_do_update_inode:5569: inode #16: comm syz.5.5307: corrupted inode contents
[  711.279793][  T766] bio_check_eod: 3086 callbacks suppressed
[  711.279833][  T766] syz.4.5317: attempt to access beyond end of device
[  711.279833][  T766] loop4: rw=2049, sector=145, nr_sectors = 896 limit=128
[  711.315602][  T780] EXT4-fs (loop1): orphan cleanup on readonly fs
[  711.320946][  T735] loop5: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[  711.322752][  T735] EXT4-fs error (device loop5): __ext4_ext_dirty:207: inode #16: comm syz.5.5307: mark_inode_dirty error
[  711.331098][  T780] Quota error (device loop1): v2_read_file_info: Block with free entry 9 out of range (1, 6).
[  711.465258][  T780] EXT4-fs warning (device loop1): ext4_enable_quotas:7236: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  711.484020][  T780] EXT4-fs (loop1): Cannot turn on quotas: error -117
[  711.490687][  T735] loop5: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[  711.491607][  T735] EXT4-fs error (device loop5): ext4_do_update_inode:5569: inode #16: comm syz.5.5307: corrupted inode contents
[  711.496903][  T780] EXT4-fs error (device loop1): ext4_orphan_get:1417: comm syz.1.5323: bad orphan inode 14
[  711.539138][  T780] loop1: lost filesystem error report for type 5 error -117
[  711.539389][  T780] ext4_test_bit(bit=13, block=18) = 1
[  711.547396][    C1] EXT4-fs (loop1): error count since last fsck: 1
[  711.547498][    C1] EXT4-fs (loop1): last error at time 1772078640: ext4_orphan_get:1417
[  711.572816][  T780] is_bad_inode(inode)=0
[  711.575685][  T735] loop5: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[  711.579660][  T780] NEXT_ORPHAN(inode)=0
[  711.605973][  T735] EXT4-fs error (device loop5) in ext4_orphan_del:303: Corrupt filesystem
[  711.651661][  T735] loop5: lost filesystem error report for type 5 error -117
[  711.651898][  T735] EXT4-fs error (device loop5): ext4_do_update_inode:5569: inode #16: comm syz.5.5307: corrupted inode contents
[  711.715131][  T780] max_ino=32
[  711.718589][  T780] i_nlink=1
[  711.726950][  T780] EXT4-fs (loop1): 1 truncate cleaned up
[  711.747807][  T780] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  711.805380][  T735] loop5: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[  711.805596][  T735] EXT4-fs error (device loop5): ext4_truncate:4587: inode #16: comm syz.5.5307: mark_inode_dirty error
[  711.826390][  T735] loop5: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[  711.827662][  T735] EXT4-fs error (device loop5) in ext4_process_orphan:345: Corrupt filesystem
[  711.861261][  T735] loop5: lost filesystem error report for type 5 error -117
[  711.861767][  T735] EXT4-fs (loop5): 1 truncate cleaned up
[  711.893792][  T735] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-0000002a0000 ro without journal. Quota mode: writeback.
[  711.938819][T18327] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  712.019286][T19038] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-0000002a0000.
[  712.081884][  T806] loop6: detected capacity change from 0 to 8192
[  712.115260][  T806] netlink: 14601 bytes leftover after parsing attributes in process `syz.6.5328'.
[  712.215655][  T828] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  712.222574][  T828] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  712.255117][  T828] vhci_hcd vhci_hcd.0: Device attached
[  712.435157][ T3473] vhci_hcd vhci_hcd.1: vhci_device speed not set
[  712.447310][  T849] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=849 comm=syz.4.5326
[  712.626760][  T849] lo speed is unknown, defaulting to 1000
[  712.638873][  T849] lo speed is unknown, defaulting to 1000
[  712.653580][  T849] xfrm0 speed is unknown, defaulting to 1000
[  712.837160][ T3473] usb 3-1: new full-speed USB device number 5 using vhci_hcd
[  712.957412][  T857] loop6: detected capacity change from 0 to 8192
[  712.997247][  T857] netlink: 14601 bytes leftover after parsing attributes in process `syz.6.5336'.
[  713.177579][  T829] vhci_hcd: connection closed
[  713.184911][   T30] vhci_hcd vhci_hcd.1: stop threads
[  713.215470][   T30] vhci_hcd vhci_hcd.1: release socket
[  713.221707][   T30] vhci_hcd vhci_hcd.1: disconnect device
[  713.239645][  T866] IPv6: NLM_F_REPLACE set, but no existing node found!
[  713.413136][  T876] loop1: detected capacity change from 0 to 2048
[  713.586514][  T876] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  713.651792][  T913] netlink: 'syz.0.5344': attribute type 1 has an invalid length.
[  713.660909][  T876] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1315: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[  713.749688][  T913] 8021q: adding VLAN 0 to HW filter on device bond0
[  713.783615][   T28] audit: type=1400 audit(1772078642.418:26090): avc:  denied  { create } for  pid=865 comm="syz.1.5337" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=rawip_socket permissive=1
[  713.920875][  T964] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  713.941998][  T965] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(5)
[  713.948593][  T965] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  713.951038][  T964] SELinux: failed to load policy
[  714.054204][  T963] netlink: 14601 bytes leftover after parsing attributes in process `syz.0.5349'.
[  714.082012][  T965] vhci_hcd vhci_hcd.0: Device attached
[  714.113625][T18327] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  714.254636][T23561] vhci_hcd vhci_hcd.5: vhci_device speed not set
[  714.301516][   T28] audit: type=1400 audit(1772078642.938:26091): avc:  denied  { setopt } for  pid=988 comm="syz.6.5353" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  714.332843][T23561] usb 11-1: new full-speed USB device number 5 using vhci_hcd
[  714.495755][  T990] xt_hashlimit: size too large, truncated to 1048576
[  714.589621][  T999] SELinux: failed to load policy
[  714.643967][ T1004] loop1: detected capacity change from 0 to 1024
[  714.711473][ T1004] EXT4-fs: Ignoring removed orlov option
[  714.843495][ T1004] EXT4-fs (loop1): stripe (133) is not aligned with cluster size (16), stripe is disabled
[  714.887590][ T1013] loop4: detected capacity change from 0 to 128
[  715.059622][ T1013] syz.4.5358: attempt to access beyond end of device
[  715.059622][ T1013] loop4: rw=2049, sector=145, nr_sectors = 896 limit=128
[  715.177943][ T1020] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  715.216338][ T1004] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  715.251624][ T1020] SELinux: failed to load policy
[  715.259314][  T967] vhci_hcd: connection reset by peer
[  715.281613][   T30] vhci_hcd vhci_hcd.5: stop threads
[  715.287126][   T30] vhci_hcd vhci_hcd.5: release socket
[  715.296952][   T30] vhci_hcd vhci_hcd.5: disconnect device
[  715.423361][ T1026] FAULT_INJECTION: forcing a failure.
[  715.423361][ T1026] name failslab, interval 1, probability 0, space 0, times 0
[  715.494618][ T1026] CPU: 0 UID: 0 PID: 1026 Comm: syz.6.5361 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  715.494658][ T1026] Tainted: [W]=WARN
[  715.494667][ T1026] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  715.494683][ T1026] Call Trace:
[  715.494690][ T1026]  <TASK>
[  715.494699][ T1026]  __dump_stack+0x1d/0x30
[  715.494736][ T1026]  dump_stack_lvl+0x95/0xd0
[  715.494765][ T1026]  dump_stack+0x15/0x1b
[  715.494792][ T1026]  should_fail_ex+0x263/0x280
[  715.494820][ T1026]  should_failslab+0x8c/0xb0
[  715.494844][ T1026]  kmem_cache_alloc_noprof+0x66/0x400
[  715.494869][ T1026]  ? vm_area_dup+0x33/0x2c0
[  715.494915][ T1026]  vm_area_dup+0x33/0x2c0
[  715.494948][ T1026]  __split_vma+0xe9/0x640
[  715.494969][ T1026]  ? raw_irqentry_exit_cond_resched+0x3d/0x60
[  715.494998][ T1026]  ? irqentry_exit+0x91/0x520
[  715.495034][ T1026]  ? __rb_reserve_next+0x43a/0x6f0
[  715.495062][ T1026]  vms_gather_munmap_vmas+0x184/0x850
[  715.495105][ T1026]  ? mas_find+0x608/0x700
[  715.495129][ T1026]  mmap_region+0x718/0x2050
[  715.495164][ T1026]  ? __rcu_read_unlock+0x33/0x70
[  715.495190][ T1026]  ? perf_output_begin_forward+0x58a/0x610
[  715.495220][ T1026]  ? from_kuid+0x151/0x340
[  715.495251][ T1026]  ? trace_event_raw_event_bpf_trace_printk+0x117/0x190
[  715.495277][ T1026]  ? perf_prepare_sample+0xdf/0x1280
[  715.495335][ T1026]  do_mmap+0x9b2/0xbd0
[  715.495370][ T1026]  __se_sys_remap_file_pages+0x54d/0x5e0
[  715.495407][ T1026]  ? hrtimer_interrupt+0x705/0x810
[  715.495442][ T1026]  __x64_sys_remap_file_pages+0x67/0x80
[  715.495480][ T1026]  x64_sys_call+0x2e53/0x3020
[  715.495509][ T1026]  do_syscall_64+0x12c/0x370
[  715.495547][ T1026]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  715.495575][ T1026] RIP: 0033:0x7fb8d609c629
[  715.495592][ T1026] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  715.495613][ T1026] RSP: 002b:00007fb8d4af7028 EFLAGS: 00000246 ORIG_RAX: 00000000000000d8
[  715.495635][ T1026] RAX: ffffffffffffffda RBX: 00007fb8d6315fa0 RCX: 00007fb8d609c629
[  715.495650][ T1026] RDX: 0000000000000000 RSI: 0000000000003000 RDI: 0000200000ffc000
[  715.495663][ T1026] RBP: 00007fb8d4af7090 R08: 0000200000ffc000 R09: 0000000000000000
[  715.495678][ T1026] R10: 0000000000000348 R11: 0000000000000246 R12: 0000000000000001
[  715.495691][ T1026] R13: 00007fb8d6316038 R14: 00007fb8d6315fa0 R15: 00007ffce6f5ce08
[  715.495713][ T1026]  </TASK>
[  715.862091][T18327] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  715.929172][ T1040] netlink: 14 bytes leftover after parsing attributes in process `syz.1.5363'.
[  715.955495][   T28] audit: type=1400 audit(1772078644.599:26092): avc:  denied  { mounton } for  pid=1041 comm="syz.4.5365" path="/494/file0" dev="tmpfs" ino=2614 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1
[  716.365183][ T1065] loop6: detected capacity change from 0 to 512
[  716.397384][ T1065] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  716.429646][ T1061] loop4: detected capacity change from 0 to 8192
[  716.579815][ T1065] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5371'.
[  716.619922][ T1065] netlink: 16 bytes leftover after parsing attributes in process `syz.6.5371'.
[  717.237728][ T1061] netlink: 14601 bytes leftover after parsing attributes in process `syz.4.5370'.
[  717.334892][ T1079] netlink: 'syz.0.5373': attribute type 21 has an invalid length.
[  717.343488][ T1079] netlink: 'syz.0.5373': attribute type 1 has an invalid length.
[  717.379286][ T1079] netlink: 144 bytes leftover after parsing attributes in process `syz.0.5373'.
[  717.414528][ T1084] netlink: 14 bytes leftover after parsing attributes in process `syz.5.5374'.
[  717.688483][ T1094] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  717.746588][ T1094] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  717.816819][ T1097] netlink: 56 bytes leftover after parsing attributes in process `syz.0.5378'.
[  717.903727][ T1040] syz.1.5363 (1040) used greatest stack depth: 5000 bytes left
[  718.064454][ T1135] loop6: detected capacity change from 0 to 128
[  718.323930][   T28] audit: type=1400 audit(1772078646.849:26093): avc:  denied  { connect } for  pid=1138 comm="syz.0.5380" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  718.394289][ T3473] usb 3-1: enqueue for inactive port 0
[  718.400075][ T3473] usb 3-1: enqueue for inactive port 0
[  718.484099][ T3473] vhci_hcd vhci_hcd.1: vhci_device speed not set
[  718.505218][ T1142] FAULT_INJECTION: forcing a failure.
[  718.505218][ T1142] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  718.716577][ T1149] FAULT_INJECTION: forcing a failure.
[  718.716577][ T1149] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  718.776243][ T1142] CPU: 0 UID: 0 PID: 1142 Comm: syz.0.5382 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  718.776458][ T1142] Tainted: [W]=WARN
[  718.776468][ T1142] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  718.776484][ T1142] Call Trace:
[  718.776492][ T1142]  <TASK>
[  718.776502][ T1142]  __dump_stack+0x1d/0x30
[  718.776538][ T1142]  dump_stack_lvl+0x95/0xd0
[  718.776642][ T1142]  dump_stack+0x15/0x1b
[  718.776792][ T1142]  should_fail_ex+0x263/0x280
[  718.776840][ T1142]  should_fail+0xb/0x20
[  718.776863][ T1142]  should_fail_usercopy+0x1a/0x20
[  718.776933][ T1142]  _copy_from_user+0x1c/0xb0
[  718.776986][ T1142]  __sys_connect+0xd0/0x2a0
[  718.777021][ T1142]  __x64_sys_connect+0x3f/0x50
[  718.777053][ T1142]  x64_sys_call+0x2df0/0x3020
[  718.777116][ T1142]  do_syscall_64+0x12c/0x370
[  718.777161][ T1142]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  718.777190][ T1142] RIP: 0033:0x7f802806c629
[  718.777211][ T1142] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  718.777302][ T1142] RSP: 002b:00007f8026ac7028 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  718.777336][ T1142] RAX: ffffffffffffffda RBX: 00007f80282e5fa0 RCX: 00007f802806c629
[  718.777488][ T1142] RDX: 000000000000000e RSI: 0000200000000680 RDI: 0000000000000004
[  718.777511][ T1142] RBP: 00007f8026ac7090 R08: 0000000000000000 R09: 0000000000000000
[  718.777528][ T1142] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  718.777544][ T1142] R13: 00007f80282e6038 R14: 00007f80282e5fa0 R15: 00007ffeec93fa28
[  718.777570][ T1142]  </TASK>
[  719.104274][ T1149] CPU: 1 UID: 0 PID: 1149 Comm: syz.4.5383 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  719.104326][ T1149] Tainted: [W]=WARN
[  719.104336][ T1149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  719.104372][ T1149] Call Trace:
[  719.104381][ T1149]  <TASK>
[  719.104391][ T1149]  __dump_stack+0x1d/0x30
[  719.104439][ T1149]  dump_stack_lvl+0x95/0xd0
[  719.104611][ T1149]  dump_stack+0x15/0x1b
[  719.104643][ T1149]  should_fail_ex+0x263/0x280
[  719.104695][ T1149]  should_fail+0xb/0x20
[  719.104720][ T1149]  should_fail_usercopy+0x1a/0x20
[  719.104827][ T1149]  _copy_to_user+0x20/0xa0
[  719.104864][ T1149]  simple_read_from_buffer+0xb5/0x130
[  719.104894][ T1149]  proc_fail_nth_read+0x10e/0x150
[  719.104950][ T1149]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  719.104981][ T1149]  vfs_read+0x1ab/0x7f0
[  719.105091][ T1149]  ? __rcu_read_unlock+0x4e/0x70
[  719.105112][ T1149]  ? __fget_files+0x184/0x1c0
[  719.105135][ T1149]  ? mutex_lock+0x57/0x90
[  719.105199][ T1149]  ksys_read+0xdc/0x1a0
[  719.105241][ T1149]  __x64_sys_read+0x40/0x50
[  719.105276][ T1149]  x64_sys_call+0x2886/0x3020
[  719.105356][ T1149]  do_syscall_64+0x12c/0x370
[  719.105397][ T1149]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  719.105426][ T1149] RIP: 0033:0x7f75facecece
[  719.105468][ T1149] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  719.105573][ T1149] RSP: 002b:00007f75f975dfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  719.105599][ T1149] RAX: ffffffffffffffda RBX: 00007f75f975e6c0 RCX: 00007f75facecece
[  719.105617][ T1149] RDX: 000000000000000f RSI: 00007f75f975e0a0 RDI: 0000000000000003
[  719.105634][ T1149] RBP: 00007f75f975e090 R08: 0000000000000000 R09: 0000000000000000
[  719.105676][ T1149] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  719.105741][ T1149] R13: 00007f75fafa6128 R14: 00007f75fafa6090 R15: 00007ffd47b1ac88
[  719.105764][ T1149]  </TASK>
[  719.393892][T23561] usb 11-1: enqueue for inactive port 0
[  719.399668][T23561] usb 11-1: enqueue for inactive port 0
[  719.464788][ T4372] kworker/u8:23: attempt to access beyond end of device
[  719.464788][ T4372] loop6: rw=1, sector=145, nr_sectors = 728 limit=128
[  719.473869][T23561] vhci_hcd vhci_hcd.5: vhci_device speed not set
[  719.734906][ T1165] netlink: 'syz.6.5385': attribute type 3 has an invalid length.
[  719.874066][ T1169] FAULT_INJECTION: forcing a failure.
[  719.874066][ T1169] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  719.958903][ T1169] CPU: 1 UID: 0 PID: 1169 Comm: syz.4.5389 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  719.958981][ T1169] Tainted: [W]=WARN
[  719.958988][ T1169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  719.959001][ T1169] Call Trace:
[  719.959007][ T1169]  <TASK>
[  719.959015][ T1169]  __dump_stack+0x1d/0x30
[  719.959113][ T1169]  dump_stack_lvl+0x95/0xd0
[  719.959145][ T1169]  dump_stack+0x15/0x1b
[  719.959177][ T1169]  should_fail_ex+0x263/0x280
[  719.959209][ T1169]  should_fail+0xb/0x20
[  719.959248][ T1169]  should_fail_usercopy+0x1a/0x20
[  719.959340][ T1169]  _copy_to_user+0x20/0xa0
[  719.959370][ T1169]  simple_read_from_buffer+0xb5/0x130
[  719.959398][ T1169]  proc_fail_nth_read+0x10e/0x150
[  719.959540][ T1169]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  719.959578][ T1169]  vfs_read+0x1ab/0x7f0
[  719.959615][ T1169]  ? __rcu_read_unlock+0x4e/0x70
[  719.959641][ T1169]  ? __fget_files+0x184/0x1c0
[  719.959710][ T1169]  ? mutex_lock+0x57/0x90
[  719.959748][ T1169]  ksys_read+0xdc/0x1a0
[  719.959789][ T1169]  __x64_sys_read+0x40/0x50
[  719.959899][ T1169]  x64_sys_call+0x2886/0x3020
[  719.959939][ T1169]  do_syscall_64+0x12c/0x370
[  719.959986][ T1169]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  719.960032][ T1169] RIP: 0033:0x7f75facecece
[  719.960048][ T1169] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  719.960067][ T1169] RSP: 002b:00007f75f975dfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  719.960110][ T1169] RAX: ffffffffffffffda RBX: 00007f75f975e6c0 RCX: 00007f75facecece
[  719.960124][ T1169] RDX: 000000000000000f RSI: 00007f75f975e0a0 RDI: 0000000000000003
[  719.960221][ T1169] RBP: 00007f75f975e090 R08: 0000000000000000 R09: 0000000000000000
[  719.960234][ T1169] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  719.960246][ T1169] R13: 00007f75fafa6128 R14: 00007f75fafa6090 R15: 00007ffd47b1ac88
[  719.960269][ T1169]  </TASK>
[  720.689957][ T1186] netlink: 'syz.1.5390': attribute type 3 has an invalid length.
[  720.951460][ T1206] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  720.995647][ T1206] SELinux: failed to load policy
[  721.295098][ T1227] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  721.305011][ T1227] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  721.405815][ T1221] xt_hashlimit: size too large, truncated to 1048576
[  721.440984][ T1213] SELinux: failed to load policy
[  721.484582][ T1230] loop4: detected capacity change from 0 to 1024
[  721.542494][ T1230] EXT4-fs: Ignoring removed orlov option
[  721.613193][ T1230] EXT4-fs (loop4): stripe (133) is not aligned with cluster size (16), stripe is disabled
[  721.625355][ T1236] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  721.631928][ T1236] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  721.728008][ T1236] vhci_hcd vhci_hcd.0: Device attached
[  721.821388][ T1230] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  721.903342][T23561] vhci_hcd vhci_hcd.1: vhci_device speed not set
[  721.963273][T23561] usb 3-1: new full-speed USB device number 6 using vhci_hcd
[  722.187136][T17504] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  722.201517][ T1248] xt_hashlimit: size too large, truncated to 1048576
[  722.271178][ T1255] netlink: 14 bytes leftover after parsing attributes in process `syz.4.5406'.
[  722.288327][ T1256] loop6: detected capacity change from 0 to 512
[  722.787019][ T1256] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  722.833513][ T1280] bridge_slave_0: left allmulticast mode
[  722.863172][ T1237] vhci_hcd: connection reset by peer
[  722.874324][ T1280] bridge_slave_0: left promiscuous mode
[  722.878856][ T1256] ext4 filesystem being mounted at /123/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  722.882621][ T1280] bridge0: port 1(bridge_slave_0) entered disabled state
[  722.923456][ T4373] vhci_hcd vhci_hcd.1: stop threads
[  722.933099][ T4373] vhci_hcd vhci_hcd.1: release socket
[  723.033183][ T4373] vhci_hcd vhci_hcd.1: disconnect device
[  723.274007][ T1280] bridge_slave_1: left allmulticast mode
[  723.483050][ T1280] bridge_slave_1: left promiscuous mode
[  723.535271][ T1280] bridge0: port 2(bridge_slave_1) entered disabled state
[  723.546694][ T1248] SELinux:  policydb magic number 0x1c0 does not match expected magic number 0xf97cff8c
[  723.568820][ T1248] SELinux: failed to load policy
[  723.624236][ T1294] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  723.770454][ T1294] SELinux: failed to load policy
[  724.091487][ T1280] team0: Port device team_slave_0 removed
[  724.303334][ T1280] team0: Port device team_slave_1 removed
[  724.309446][ T1280] batman_adv: batadv0: Removing interface: batadv_slave_0
[  724.559658][ T1280] batman_adv: batadv0: Removing interface: batadv_slave_1
[  724.660120][ T1280] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  724.887259][  T581] syz.5.5296 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  724.943327][T28785] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  724.969139][  T581] CPU: 1 UID: 0 PID: 581 Comm: syz.5.5296 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  724.969180][  T581] Tainted: [W]=WARN
[  724.969188][  T581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  724.969202][  T581] Call Trace:
[  724.969209][  T581]  <TASK>
[  724.969218][  T581]  __dump_stack+0x1d/0x30
[  724.969266][  T581]  dump_stack_lvl+0x95/0xd0
[  724.969295][  T581]  dump_stack+0x15/0x1b
[  724.969400][  T581]  dump_header+0x80/0x240
[  724.969427][  T581]  oom_kill_process+0x295/0x350
[  724.969456][  T581]  out_of_memory+0x97d/0xb80
[  724.969483][  T581]  try_charge_memcg+0x62e/0xa10
[  724.969552][  T581]  __mem_cgroup_charge+0x65/0x150
[  724.969587][  T581]  shmem_get_folio_gfp+0x47b/0xd60
[  724.969624][  T581]  shmem_write_begin+0xfc/0x1f0
[  724.969717][  T581]  generic_perform_write+0x183/0x490
[  724.969796][  T581]  ? current_time+0x188/0x240
[  724.969904][  T581]  shmem_file_write_iter+0xc5/0xf0
[  724.970004][  T581]  __kernel_write_iter+0x319/0x590
[  724.970042][  T581]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  724.970121][  T581]  dump_user_range+0xa7d/0xdb0
[  724.970158][  T581]  elf_core_dump+0x21a2/0x2330
[  724.970193][  T581]  ? 0xffffffffff600000
[  724.970233][  T581]  coredump_write+0xacc/0xdd0
[  724.970320][  T581]  vfs_coredump+0x26c7/0x3130
[  724.970364][  T581]  ? __memcg_slab_free_hook+0xc4/0x250
[  724.970397][  T581]  ? __sigqueue_free+0xf4/0x130
[  724.970430][  T581]  ? proc_coredump_connector+0x160/0x2b0
[  724.970496][  T581]  ? __sigqueue_free+0xf4/0x130
[  724.970555][  T581]  ? kmem_cache_free+0xc8/0x380
[  724.970588][  T581]  get_signal+0xd80/0xf60
[  724.970662][  T581]  arch_do_signal_or_restart+0x96/0x450
[  724.970798][  T581]  irqentry_exit+0xf7/0x520
[  724.970846][  T581]  asm_exc_page_fault+0x26/0x30
[  724.970898][  T581] RIP: 0033:0xaa8ce3
[  724.970923][  T581] Code: Unable to access opcode bytes at 0xaa8cb9.
[  724.970933][  T581] RSP: 002b:00002000000002e8 EFLAGS: 00010217
[  724.970951][  T581] RAX: 0000000000000000 RBX: 00007fe776a45fa0 RCX: 00007fe7767cc629
[  724.970965][  T581] RDX: 0000200000000080 RSI: 00002000000002e0 RDI: 0000000000000000
[  724.970979][  T581] RBP: 00007fe776862b39 R08: 00002000000003c0 R09: 00002000000003c0
[  724.970997][  T581] R10: 0000200000000140 R11: 0000000000000246 R12: 0000000000000000
[  724.971042][  T581] R13: 00007fe776a46038 R14: 00007fe776a45fa0 R15: 00007ffd0f86a9e8
[  724.971067][  T581]  </TASK>
[  725.224890][  T581] memory: usage 307200kB, limit 307200kB, failcnt 19187
[  725.282770][  T581] memory+swap: usage 382668kB, limit 9007199254740988kB, failcnt 0
[  725.291008][  T581] kmem: usage 266736kB, limit 9007199254740988kB, failcnt 0
[  725.342921][  T581] Memory cgroup stats for /syz5:
[  725.343260][  T581] cache 41156608
[  725.353177][  T581] rss 233472
[  725.357090][  T581] shmem 41156608
[  725.366297][  T581] mapped_file 0
[  725.370972][  T581] dirty 0
[  725.374217][  T581] writeback 0
[  725.377849][  T581] workingset_refault_anon 728
[  725.383089][  T581] workingset_refault_file 6446
[  725.388625][  T581] swap 77279232
[  725.393141][  T581] swapcached 86163456
[  725.397534][  T581] pgpgin 403192
[  725.401257][  T581] pgpgout 393076
[  725.410336][  T581] pgfault 539993
[  725.442706][  T581] pgmajfault 261
[  725.446352][  T581] inactive_anon 39616512
[  725.450635][  T581] active_anon 1814528
[  725.482720][  T581] inactive_file 0
[  725.494783][  T581] active_file 0
[  725.498737][  T581] unevictable 0
[  725.522687][  T581] hierarchical_memory_limit 314572800
[  725.532647][  T581] hierarchical_memsw_limit 9223372036854771712
[  725.566790][  T581] total_cache 41156608
[  725.571016][  T581] total_rss 233472
[  725.587577][  T581] total_shmem 41156608
[  725.591824][  T581] total_mapped_file 0
[  725.615840][  T581] total_dirty 0
[  725.619461][  T581] total_writeback 0
[  725.635526][ T1334] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5418'.
[  725.652811][  T581] total_workingset_refault_anon 728
[  725.707596][  T581] total_workingset_refault_file 6446
[  725.725698][  T581] total_swap 77279232
[  725.729853][  T581] total_swapcached 86163456
[  725.758737][  T581] total_pgpgin 403192
[  725.774412][  T581] total_pgpgout 393076
[  725.778660][  T581] total_pgfault 539993
[  725.798790][  T581] total_pgmajfault 261
[  725.818844][  T581] total_inactive_anon 39616512
[  725.839633][  T581] total_active_anon 1814528
[  725.848295][  T581] total_inactive_file 0
[  726.008214][  T581] total_active_file 0
[  726.012490][  T581] total_unevictable 0
[  726.043987][  T581] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz5,task_memcg=/syz5,task=syz.5.5296,pid=581,uid=0
[  726.100832][ T1348] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5421'.
[  726.121682][  T581] Memory cgroup out of memory: Killed process 581 (syz.5.5296) total-vm:96076kB, anon-rss:1256kB, file-rss:24004kB, shmem-rss:0kB, UID:0 pgtables:204kB oom_score_adj:1000
[  726.169564][ T1215] syz.4.5398 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  726.201295][ T1215] CPU: 1 UID: 0 PID: 1215 Comm: syz.4.5398 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  726.201379][ T1215] Tainted: [W]=WARN
[  726.201388][ T1215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  726.201401][ T1215] Call Trace:
[  726.201409][ T1215]  <TASK>
[  726.201417][ T1215]  __dump_stack+0x1d/0x30
[  726.201476][ T1215]  dump_stack_lvl+0x95/0xd0
[  726.201503][ T1215]  dump_stack+0x15/0x1b
[  726.201530][ T1215]  dump_header+0x80/0x240
[  726.201591][ T1215]  oom_kill_process+0x295/0x350
[  726.201615][ T1215]  out_of_memory+0x97d/0xb80
[  726.201645][ T1215]  try_charge_memcg+0x62e/0xa10
[  726.201693][ T1215]  __mem_cgroup_charge+0x65/0x150
[  726.201805][ T1215]  shmem_get_folio_gfp+0x47b/0xd60
[  726.201839][ T1215]  shmem_write_begin+0xfc/0x1f0
[  726.201868][ T1215]  generic_perform_write+0x183/0x490
[  726.201895][ T1215]  ? current_time+0x188/0x240
[  726.202015][ T1215]  shmem_file_write_iter+0xc5/0xf0
[  726.202052][ T1215]  __kernel_write_iter+0x319/0x590
[  726.202145][ T1215]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  726.202181][ T1215]  dump_user_range+0xa7d/0xdb0
[  726.202215][ T1215]  elf_core_dump+0x21a2/0x2330
[  726.202326][ T1215]  ? 0xffffffffff600000
[  726.202367][ T1215]  coredump_write+0xacc/0xdd0
[  726.202410][ T1215]  vfs_coredump+0x26c7/0x3130
[  726.202457][ T1215]  ? __memcg_slab_free_hook+0xc4/0x250
[  726.202504][ T1215]  ? __sigqueue_free+0xf4/0x130
[  726.202556][ T1215]  ? proc_coredump_connector+0x160/0x2b0
[  726.202586][ T1215]  ? __sigqueue_free+0xf4/0x130
[  726.202614][ T1215]  ? kmem_cache_free+0xc8/0x380
[  726.202661][ T1215]  get_signal+0xd80/0xf60
[  726.202705][ T1215]  arch_do_signal_or_restart+0x96/0x450
[  726.202805][ T1215]  irqentry_exit+0xf7/0x520
[  726.202920][ T1215]  asm_exc_page_fault+0x26/0x30
[  726.202945][ T1215] RIP: 0033:0xaa8ce3
[  726.202966][ T1215] Code: Unable to access opcode bytes at 0xaa8cb9.
[  726.202977][ T1215] RSP: 002b:00002000000002e8 EFLAGS: 00010217
[  726.202999][ T1215] RAX: 0000000000000000 RBX: 00007f75fafa5fa0 RCX: 00007f75fad2c629
[  726.203019][ T1215] RDX: 0000200000000080 RSI: 00002000000002e0 RDI: 0000000000000000
[  726.203038][ T1215] RBP: 00007f75fadc2b39 R08: 00002000000003c0 R09: 00002000000003c0
[  726.203128][ T1215] R10: 0000200000000140 R11: 0000000000000246 R12: 0000000000000000
[  726.203184][ T1215] R13: 00007f75fafa6038 R14: 00007f75fafa5fa0 R15: 00007ffd47b1ac88
[  726.203210][ T1215]  </TASK>
[  726.479577][ T1345] lo speed is unknown, defaulting to 1000
[  726.502957][ T1350] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5421'.
[  726.543000][ T1345] lo speed is unknown, defaulting to 1000
[  726.549265][ T1345] xfrm0 speed is unknown, defaulting to 1000
[  726.649960][ T1215] memory: usage 307200kB, limit 307200kB, failcnt 19280
[  726.657375][ T1215] memory+swap: usage 320516kB, limit 9007199254740988kB, failcnt 0
[  726.666459][ T1215] kmem: usage 270832kB, limit 9007199254740988kB, failcnt 0
[  726.676041][ T1215] Memory cgroup stats for /syz4:
[  726.676576][ T1215] cache 37199872
[  726.685438][ T1215] rss 36864
[  726.689064][ T1215] shmem 37199872
[  726.693228][ T1215] mapped_file 0
[  726.696738][ T1215] dirty 0
[  726.699858][ T1215] writeback 0
[  726.703218][ T1215] workingset_refault_anon 626
[  726.707930][ T1215] workingset_refault_file 4305
[  726.712803][ T1215] swap 13635584
[  726.716526][ T1215] swapcached 60207104
[  726.720669][ T1215] pgpgin 422076
[  726.724198][ T1215] pgpgout 412984
[  726.727919][ T1215] pgfault 580818
[  726.731503][ T1215] pgmajfault 420
[  726.735236][ T1215] inactive_anon 29126656
[  726.739548][ T1215] active_anon 8110080
[  726.746822][ T1215] inactive_file 0
[  726.750520][ T1215] active_file 4096
[  726.754337][ T1215] unevictable 0
[  726.757912][ T1215] hierarchical_memory_limit 314572800
[  726.763436][ T1215] hierarchical_memsw_limit 9223372036854771712
[  726.769729][ T1215] total_cache 37199872
[  726.773854][ T1215] total_rss 36864
[  726.777601][ T1215] total_shmem 37199872
[  726.781785][ T1215] total_mapped_file 0
[  726.809263][ T1215] total_dirty 0
[  726.815518][ T1215] total_writeback 0
[  726.824679][ T1215] total_workingset_refault_anon 626
[  726.840395][ T1215] total_workingset_refault_file 4305
[  726.850554][ T1215] total_swap 13635584
[  726.854731][ T1215] total_swapcached 60207104
[  726.867548][ T1215] total_pgpgin 422076
[  726.875570][ T1215] total_pgpgout 412984
[  726.885755][ T1215] total_pgfault 580818
[  726.889880][ T1215] total_pgmajfault 420
[  726.902508][ T1215] total_inactive_anon 29126656
[  726.912594][ T1215] total_active_anon 8110080
[  726.917288][ T1215] total_inactive_file 0
[  726.932107][ T1215] total_active_file 4096
[  726.936676][ T1215] total_unevictable 0
[  726.940688][ T1215] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.5395,pid=1205,uid=0
[  726.965842][ T1215] Memory cgroup out of memory: Killed process 1205 (syz.4.5395) total-vm:94028kB, anon-rss:1228kB, file-rss:22080kB, shmem-rss:0kB, UID:0 pgtables:164kB oom_score_adj:1000
[  727.009746][T23561] usb 3-1: enqueue for inactive port 0
[  727.032441][T23561] usb 3-1: enqueue for inactive port 0
[  727.038158][  T992] syz.1.5354 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  727.048964][  T992] CPU: 1 UID: 0 PID: 992 Comm: syz.1.5354 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  727.049032][  T992] Tainted: [W]=WARN
[  727.049042][  T992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  727.049059][  T992] Call Trace:
[  727.049068][  T992]  <TASK>
[  727.049079][  T992]  __dump_stack+0x1d/0x30
[  727.049113][  T992]  dump_stack_lvl+0x95/0xd0
[  727.049205][  T992]  dump_stack+0x15/0x1b
[  727.049236][  T992]  dump_header+0x80/0x240
[  727.049268][  T992]  oom_kill_process+0x295/0x350
[  727.049298][  T992]  out_of_memory+0x97d/0xb80
[  727.049328][  T992]  try_charge_memcg+0x62e/0xa10
[  727.049437][  T992]  __mem_cgroup_charge+0x65/0x150
[  727.049521][  T992]  shmem_get_folio_gfp+0x47b/0xd60
[  727.049633][  T992]  shmem_write_begin+0xfc/0x1f0
[  727.049672][  T992]  generic_perform_write+0x183/0x490
[  727.049762][  T992]  ? current_time+0x188/0x240
[  727.049804][  T992]  shmem_file_write_iter+0xc5/0xf0
[  727.049837][ T2990] ==================================================================
[  727.049845][  T992]  __kernel_write_iter+0x319/0x590
[  727.050033][  T992]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  727.050212][  T992]  dump_user_range+0xa7d/0xdb0
[  727.050321][  T992]  elf_core_dump+0x21a2/0x2330
[  727.050431][  T992]  ? 0xffffffffff600000
[  727.050588][  T992]  coredump_write+0xacc/0xdd0
[  727.050911][  T992]  vfs_coredump+0x26c7/0x3130
[  727.051086][  T992]  ? __memcg_slab_free_hook+0xc4/0x250
[  727.051187][  T992]  ? __sigqueue_free+0xf4/0x130
[  727.051283][  T992]  ? proc_coredump_connector+0x160/0x2b0
[  727.051407][  T992]  ? __sigqueue_free+0xf4/0x130
[  727.051504][  T992]  ? kmem_cache_free+0xc8/0x380
[  727.051634][  T992]  get_signal+0xd80/0xf60
[  727.051779][  T992]  arch_do_signal_or_restart+0x96/0x450
[  727.051937][  T992]  irqentry_exit+0xf7/0x520
[  727.052117][  T992]  asm_exc_page_fault+0x26/0x30
[  727.052302][  T992] RIP: 0033:0xaa8ce3
[  727.052380][  T992] Code: Unable to access opcode bytes at 0xaa8cb9.
[  727.052413][  T992] RSP: 002b:00002000000002e8 EFLAGS: 00010217
[  727.052475][  T992] RAX: 0000000000000000 RBX: 00007fbc75175fa0 RCX: 00007fbc74efc629
[  727.052574][  T992] RDX: 0000200000000080 RSI: 00002000000002e0 RDI: 0000000000000000
[  727.052624][  T992] RBP: 00007fbc74f92b39 R08: 00002000000003c0 R09: 00002000000003c0
[  727.052688][  T992] R10: 0000200000000140 R11: 0000000000000246 R12: 0000000000000000
[  727.052733][  T992] R13: 00007fbc75176038 R14: 00007fbc75175fa0 R15: 00007ffe6cc485d8
[  727.052892][  T992]  </TASK>
[  727.058084][  T992] memory: usage 307200kB, limit 307200kB, failcnt 25863
[  727.061556][ T2990] BUG: KCSAN: data-race in _prb_read_valid / data_alloc
[  727.085182][  T992] memory+swap: usage 320636kB, limit 9007199254740988kB, failcnt 0
[  727.088432][ T2990] 
[  727.088443][ T2990] write to 0xffffffff86c813c0 of 8 bytes by task 992 on cpu 1:
[  727.112884][  T992] kmem: usage 266424kB, limit 9007199254740988kB, failcnt 0
[  727.116992][ T2990]  data_alloc+0x310/0x390
[  727.122127][  T992] Memory cgroup stats for /syz1
[  727.127525][ T2990]  prb_reserve+0x8d7/0xae0
[  727.142626][T23561] vhci_hcd vhci_hcd.1: vhci_device speed not set
[  727.147643][ T2990]  vprintk_store+0x54a/0x910
[  727.182636][  T992] :
[  727.186379][ T2990]  vprintk_emit+0x1a4/0x600
[  727.192042][  T992] cache 41664512
[  727.196651][ T2990]  vprintk_default+0x26/0x30
[  727.196686][ T2990]  vprintk+0x1d/0x30
[  727.196717][ T2990]  _printk+0x79/0xa0
[  727.196740][ T2990]  __show_trace_log_lvl+0x460/0x560
[  727.224001][  T992] rss 81920
[  727.227486][ T2990]  __dump_stack+0x1d/0x30
[  727.232091][  T992] shmem 41664512
[  727.232104][  T992] mapped_file 0
[  727.236952][ T2990]  dump_stack_lvl+0x95/0xd0
[  727.236984][ T2990]  dump_stack+0x15/0x1b
[  727.237011][ T2990]  dump_header+0x80/0x240
[  727.237033][ T2990]  oom_kill_process+0x295/0x350
[  727.237052][ T2990]  out_of_memory+0x97d/0xb80
[  727.267218][  T992] dirty 0
[  727.269845][ T2990]  try_charge_memcg+0x62e/0xa10
[  727.269889][ T2990]  __mem_cgroup_charge+0x65/0x150
[  727.269918][ T2990]  shmem_get_folio_gfp+0x47b/0xd60
[  727.304961][  T992] writeback 0
[  727.311017][ T2990]  shmem_write_begin+0xfc/0x1f0
[  727.341100][  T992] workingset_refault_anon 263
[  727.345532][ T2990]  generic_perform_write+0x183/0x490
[  727.345571][ T2990]  shmem_file_write_iter+0xc5/0xf0
[  727.345605][ T2990]  __kernel_write_iter+0x319/0x590
[  727.366982][  T992] workingset_refault_file 15201
[  727.368165][ T2990]  dump_user_range+0xa7d/0xdb0
[  727.379077][  T992] swap 13758464
[  727.380279][ T2990]  elf_core_dump+0x21a2/0x2330
[  727.393933][  T992] swapcached 85307392
[  727.397377][ T2990]  coredump_write+0xacc/0xdd0
[  727.500735][ T2990]  vfs_coredump+0x26c7/0x3130
[  727.505460][ T2990]  get_signal+0xd80/0xf60
[  727.509834][ T2990]  arch_do_signal_or_restart+0x96/0x450
[  727.515430][ T2990]  irqentry_exit+0xf7/0x520
[  727.520071][ T2990]  asm_exc_page_fault+0x26/0x30
[  727.525128][ T2990] 
[  727.527481][ T2990] read to 0xffffffff86c813c0 of 16 bytes by task 2990 on cpu 0:
[  727.535139][ T2990]  _prb_read_valid+0x1bc/0x950
[  727.539962][ T2990]  prb_read_valid+0x3c/0x60
[  727.544525][ T2990]  syslog_print+0x258/0x560
[  727.549142][ T2990]  do_syslog+0x52b/0x7f0
[  727.553427][ T2990]  __x64_sys_syslog+0x41/0x50
[  727.558128][ T2990]  x64_sys_call+0x2b9e/0x3020
[  727.562854][ T2990]  do_syscall_64+0x12c/0x370
[  727.567506][ T2990]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  727.573524][ T2990] 
[  727.575884][ T2990] Reported by Kernel Concurrency Sanitizer on:
[  727.582291][ T2990] CPU: 0 UID: 0 PID: 2990 Comm: klogd Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  727.592854][ T2990] Tainted: [W]=WARN
[  727.597121][ T2990] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  727.607567][ T2990] ==================================================================
[  727.634977][  T992] pgpgin 451846
[  727.638627][  T992] pgpgout 441652
[  727.642236][  T992] pgfault 574801
[  727.648765][  T992] pgmajfault 216
[  727.662295][  T992] inactive_anon 1945600
[  727.666501][  T992] active_anon 39641088
[  727.670646][  T992] inactive_file 0
[  727.674480][  T992] active_file 4096
[  727.678267][  T992] unevictable 163840
[  727.682789][  T992] hierarchical_memory_limit 314572800
[  727.688440][  T992] hierarchical_memsw_limit 9223372036854771712
[  727.694662][  T992] total_cache 41664512
[  727.699134][  T992] total_rss 81920
[  727.703245][  T992] total_shmem 41664512
[  727.707873][  T992] total_mapped_file 0
[  727.712472][  T992] total_dirty 0
[  727.716146][  T992] total_writeback 0
[  727.719994][  T992] total_workingset_refault_anon 263
[  727.732283][  T992] total_workingset_refault_file 15201
[  727.738130][  T992] total_swap 13758464
[  727.742686][  T992] total_swapcached 85307392
[  727.747225][  T992] total_pgpgin 451846
[  727.751413][  T992] total_pgpgout 441652
[  727.755697][  T992] total_pgfault 574801
[  727.759817][  T992] total_pgmajfault 216
[  727.764087][  T992] total_inactive_anon 1945600
[  727.768942][  T992] total_active_anon 39641088
[  727.774001][  T992] total_inactive_file 0
[  727.778232][  T992] total_active_file 4096
[  727.782613][  T992] total_unevictable 163840
[  727.787162][  T992] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.5354,pid=992,uid=0
[  727.802161][  T992] Memory cgroup out of memory: Killed process 992 (syz.1.5354) total-vm:96076kB, anon-rss:1256kB, file-rss:22848kB, shmem-rss:0kB, UID:0 pgtables:204kB oom_score_adj:1000
[  727.853009][ T1068] syz.0.5372 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  727.876878][ T1068] CPU: 1 UID: 0 PID: 1068 Comm: syz.0.5372 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  727.876948][ T1068] Tainted: [W]=WARN
[  727.876958][ T1068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  727.876976][ T1068] Call Trace:
[  727.876983][ T1068]  <TASK>
[  727.876990][ T1068]  __dump_stack+0x1d/0x30
[  727.877021][ T1068]  dump_stack_lvl+0x95/0xd0
[  727.877051][ T1068]  dump_stack+0x15/0x1b
[  727.877118][ T1068]  dump_header+0x80/0x240
[  727.877142][ T1068]  oom_kill_process+0x295/0x350
[  727.877164][ T1068]  out_of_memory+0x97d/0xb80
[  727.877185][ T1068]  try_charge_memcg+0x62e/0xa10
[  727.877256][ T1068]  __mem_cgroup_charge+0x65/0x150
[  727.877289][ T1068]  shmem_get_folio_gfp+0x47b/0xd60
[  727.877322][ T1068]  shmem_write_begin+0xfc/0x1f0
[  727.877350][ T1068]  generic_perform_write+0x183/0x490
[  727.877430][ T1068]  shmem_file_write_iter+0xc5/0xf0
[  727.877495][ T1068]  __kernel_write_iter+0x319/0x590
[  727.877534][ T1068]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  727.877636][ T1068]  dump_user_range+0xa7d/0xdb0
[  727.877673][ T1068]  elf_core_dump+0x21a2/0x2330
[  727.877810][ T1068]  ? 0xffffffffff600000
[  727.877840][ T1068]  coredump_write+0xacc/0xdd0
[  727.877918][ T1068]  vfs_coredump+0x26c7/0x3130
[  727.877959][ T1068]  ? __memcg_slab_free_hook+0xc4/0x250
[  727.877994][ T1068]  ? __sigqueue_free+0xf4/0x130
[  727.878023][ T1068]  ? proc_coredump_connector+0x160/0x2b0
[  727.878053][ T1068]  ? __sigqueue_free+0xf4/0x130
[  727.878077][ T1068]  ? kmem_cache_free+0xc8/0x380
[  727.878155][ T1068]  get_signal+0xd80/0xf60
[  727.878204][ T1068]  arch_do_signal_or_restart+0x96/0x450
[  727.878252][ T1068]  irqentry_exit+0xf7/0x520
[  727.878309][ T1068]  asm_exc_page_fault+0x26/0x30
[  727.878410][ T1068] RIP: 0033:0xaa8ce3
[  727.878433][ T1068] Code: Unable to access opcode bytes at 0xaa8cb9.
[  727.878445][ T1068] RSP: 002b:00002000000002e8 EFLAGS: 00010217
[  727.878468][ T1068] RAX: 0000000000000000 RBX: 00007f80282e5fa0 RCX: 00007f802806c629
[  727.878487][ T1068] RDX: 0000200000000080 RSI: 00002000000002e0 RDI: 0000000000000000
[  727.878549][ T1068] RBP: 00007f8028102b39 R08: 00002000000003c0 R09: 00002000000003c0
[  727.878564][ T1068] R10: 0000200000000140 R11: 0000000000000246 R12: 0000000000000000
[  727.878578][ T1068] R13: 00007f80282e6038 R14: 00007f80282e5fa0 R15: 00007ffeec93fa28
[  727.878605][ T1068]  </TASK>
[  727.882180][ T1068] memory: usage 307200kB, limit 307200kB, failcnt 14033
[  728.154099][ T1068] memory+swap: usage 329812kB, limit 9007199254740988kB, failcnt 0
[  728.175685][ T1068] kmem: usage 266232kB, limit 9007199254740988kB, failcnt 0
[  728.238825][ T1068] Memory cgroup stats for /syz0:
[  728.239112][ T1068] cache 40349696
[  728.255634][ T1068] rss 1495040
[  728.259617][ T1068] shmem 40341504
[  728.272258][ T1068] mapped_file 0
[  728.276153][ T1068] dirty 0
[  728.279207][ T1068] writeback 0
[  728.282806][ T1068] workingset_refault_anon 147
[  728.287704][ T1068] workingset_refault_file 6150
[  728.292860][ T1068] swap 23154688
[  728.296454][ T1068] swapcached 57892864
[  728.300653][ T1068] pgpgin 439464
[  728.317889][ T1068] pgpgout 429225
[  728.321564][ T1068] pgfault 574716
[  728.332357][ T1068] pgmajfault 187
[  728.336620][ T1068] inactive_anon 8032256
[  728.343088][ T1068] active_anon 33898496
[  728.348175][ T1068] inactive_file 8192
[  728.352489][ T1068] active_file 0
[  728.356532][ T1068] unevictable 0
[  728.361111][ T1068] hierarchical_memory_limit 314572800
[  728.368503][ T1068] hierarchical_memsw_limit 9223372036854771712
[  728.375668][ T1068] total_cache 40349696
[  728.380223][ T1068] total_rss 1495040
[  728.386120][ T1068] total_shmem 40341504
[  728.390500][ T1068] total_mapped_file 0
[  728.394903][ T1068] total_dirty 0
[  728.398487][ T1068] total_writeback 0
[  728.402750][ T1068] total_workingset_refault_anon 147
[  728.408304][ T1068] total_workingset_refault_file 6150
[  728.414076][ T1068] total_swap 23154688
[  728.418196][ T1068] total_swapcached 57892864
[  728.442374][ T1068] total_pgpgin 439464
[  728.446549][ T1068] total_pgpgout 429225
[  728.452757][ T1068] total_pgfault 574716
[  728.456961][ T1068] total_pgmajfault 187
[  728.461245][ T1068] total_inactive_anon 8032256
[  728.472170][ T1068] total_active_anon 33898496
[  728.477206][ T1068] total_inactive_file 8192
[  728.481884][ T1068] total_active_file 0
[  728.493893][ T1068] total_unevictable 0
[  728.498293][ T1068] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.5360,pid=1021,uid=0
[  728.522321][ T1068] Memory cgroup out of memory: Killed process 1021 (syz.0.5360) total-vm:94028kB, anon-rss:1232kB, file-rss:22592kB, shmem-rss:0kB, UID:0 pgtables:192kB oom_score_adj:1000
[  728.585296][ T1382] loop1: detected capacity change from 0 to 512
[  728.683518][ T1382] EXT4-fs error (device loop1): ext4_orphan_get:1391: inode #15: comm syz.1.5420: inode has both inline data and extents flags
[  728.757621][ T1382] loop1: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  728.757772][ T1382] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.5420: couldn't read orphan inode 15 (err -117)
[  728.767405][    C0] EXT4-fs (loop1): error count since last fsck: 1
[  728.767427][    C0] EXT4-fs (loop1): initial error at time 1772078657: ext4_orphan_get:1391: inode 15
[  728.767471][    C0] EXT4-fs (loop1): last error at time 1772078657: ext4_orphan_get:1391: inode 15
[  728.876592][ T1382] loop1: lost filesystem error report for type 5 error -117
[  728.877097][ T1382] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000070000 r/w without journal. Quota mode: writeback.
[  729.072595][T18327] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000070000.