last executing test programs:

33.490530112s ago: executing program 4 (id=10):
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r1, &(0x7f0000000380)={0xa, 0x14e24}, 0x1c)
connect$inet6(r1, &(0x7f00000002c0)={0xa, 0x4e24}, 0x1c)
sendmmsg$inet6(r1, &(0x7f0000002600)=[{{0x0, 0x0, &(0x7f00000025c0)=[{0x0}], 0x1}}], 0x1, 0xc8040)
sendmmsg(r1, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}], 0x1, 0x200008c1)
splice(r1, 0x0, r0, 0x0, 0x401, 0x6)

33.422590875s ago: executing program 4 (id=11):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000080)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="4800000010000507000000000000000016000000", @ANYRES32=r2, @ANYBLOB="0000000200000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000180)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
r6 = syz_io_uring_setup(0x1238, &(0x7f0000000380)={0x0, 0x80fd, 0x80, 0x3, 0xab9}, &(0x7f0000000040)=<r7=>0x0, &(0x7f0000000200)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000180)=0xfffffff4, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000001c0)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r5, 0x80, &(0x7f0000000080)=@l2tp={0x2, 0x0, @local}})
io_uring_enter(r6, 0x3532, 0x32c9, 0x45, 0x0, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000002480)=@delchain={0x30, 0x2c, 0xf31, 0x0, 0x2000, {0x0, 0x0, 0x0, r4, {}, {0xfff2, 0xffff}, {0xffff, 0x5}}, [@filter_kind_options=@f_fw={{0x7}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x4008854}, 0x4010)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SET_IO_FLUSHER(0x39, 0x1)
r10 = socket(0x15, 0x5, 0x0)
setsockopt$XDP_UMEM_REG(r10, 0x11b, 0x4, &(0x7f0000000140)={&(0x7f00000003c0)=""/74, 0x3000, 0x1800, 0x0, 0x2}, 0x20)
sendmsg$IPSET_CMD_CREATE(r9, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup.cpu/syz1\x00', 0x1ff)

32.353510148s ago: executing program 4 (id=16):
r0 = socket$kcm(0x10, 0x2, 0x10)
socket(0x2, 0x80805, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x100040, 0x4, &(0x7f0000006680))
r1 = epoll_create(0x4)
r2 = socket(0x28, 0x801, 0x0)
connect$vsock_stream(r2, &(0x7f0000000880)={0x28, 0x0, 0x0, @local}, 0x10)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000280)={0x30000010})
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r3, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0x72, 0x11cfa, 0x0, 0x8000008, 0x3, 0x4, 0x1, 0x0, 0x2})
r4 = syz_io_uring_setup(0x1bcc, &(0x7f0000000140)={0x0, 0x6005, 0x0, 0x1, 0x1cc}, &(0x7f0000000000)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r4, 0x47f6, 0x0, 0x2, 0x0, 0x0)
r7 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000380)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$read(0xb, r7, &(0x7f0000000200)=""/236, 0xec)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r3, 0x40505330, &(0x7f00000001c0)={0x800100, 0xffffffff, 0x22, 0xe1d9, 0x1101, 0xff})
r8 = socket$kcm(0xa, 0x2, 0x73)
setsockopt$sock_attach_bpf(r8, 0x29, 0x1f, 0x0, 0x19)
truncate(0x0, 0x9)
r9 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(r9, 0x89f9, &(0x7f0000000080)={'sit0\x00', &(0x7f0000000040)={@private0, @private=0xa010100, 0x19, 0x18}})
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000180)='./file2\x00', 0xa00010, &(0x7f00000001c0), 0x21, 0x4bf, &(0x7f00000009c0)="$eJzs3U9vVF0ZAPDn3nbon7fv26Is1KggomgIM+0AlbDCjcYQEiNx5QJqOzRNZzpNZ4q0sijfwUQSV7rwA7gwcWHCyr073bnBhQkq0VATF2PmzhQKnSlF2s6b3t8vObn33DOd5zyd3HPaM+2cAHLrXERsRcSpiLgXEZPd60m3xM1OaT/u5YtH89svHs0n0Wrd+UeStbevxa6vafuo+5yjEfGD70b8ONkbt7GxuTxXrVbWuvVSs7ZaamxsXl6qzS1WFisr5fLszOz09SvXyoeW69nab55/Z+nWD3//uy89++PWN3/a7tZEt213Hoepk3rhVZy24Yi4dRTBBmCom8+pQXeE/0saEZ+JiPPZ/T8ZQ9mrCQCcZK3WZLQmd9cBgJMuzdbAkrQYUeicp2mx2FnDOxPjabXeaF66X19fWeislU1FIb2/VK1Md9cKp6KQtOsz2fnrevmt+pWIOB0RPxsZy+rF+Xp1YZA/+ABAjn30ev7P3gv490hn/gcATrjRQXcAADh25n8AyB/zPwDkj/kfAPLH/A8A+WP+B4D8Mf8DQK58//btdmltdz//euHBxvpy/cHlhUpjuVhbny/O19dWi4v1+mL2mT21dz1ftV5fnbka6w9LzUqjWWpsbN6t1ddXmnezz/W+WykcS1YAwH5On3365yQitm6MZSV27eVgroaTLR10B4CBGRp0B4CBsdsX5Jff8YEeW/S+ofMnQmN7G54cTX+Ao3fx89b/Ia+s/0N+Wf+H/LL+D/nVaiX2/AeAnLHGDxzs/f8evP8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAjk1kJUmL3b3AJyJNi8WIjyNiKgrJ/aVqZToiPomIP40URtr1mUF3GgD4QOnfku7+XxcnL0y83Xoq+c9IdoyIn/zizs8fzjWbazPt6//sXP/WWMST7vXyIPoPAHk09F6P3pmnd+bxHS9fPJrfKYffx/6ef7uzuWg77na3dFqGYzg7jkYhIsb/lXTrHcl7Z97b1uOI+Fyv/JNsbWSqu/Pp2/HbsT8+1vjpG/HTrK1zbH8vPnsIfYG8edoef272uv/SOJcde9//o9kI9eF2xr/tPeNf+mr8G+oz/p07SICxX0dc/cP3+sZ/HPGF4V7xk1fxkz7xLxwwx7988cvn+7W1fhlxMXrH3x2r1Kytlhobm5eXanOLlcXKSrk8OzM7ff3KtXIpW6Mu7axU7/X3G5c+2S//8T7xR9+R/9cOmP+v/nvvR1/ZJ/43vtr79T+zT/z2nPj1A8afG/9t3+272/EX+uT/rtf/0gHjP/vr5sIBHwoAHIPGxubyXLVaWRv0yU6HPi39ceIk1yeDHZeAo/f6ph90TwAAAAAAAAAAAAAAgH6O49+JBp0jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ9f/AgAA//9gOtV4")
sendmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000040)="140000001d000b63d25a80648c2594f90524fc60", 0x14}, {&(0x7f0000000300)="25c0875b44a76cb4f7495029dc85aa840831257d6364c3543086cbfc472698e35ca63d3a307accf7804724dd88f4dfec9015932d3221b1a167fd8d7f238d28decccb3013d0c2078bc83525ab80a66798931f3fcc1c3f49a7c75b224ba3eac27f9317185ad120e907f973ea99309ded51fec99bd79fe55cc5e7f92c71", 0x7c}], 0x2, 0x0, 0x0, 0x4000}, 0x20000040)

31.929830473s ago: executing program 4 (id=19):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x18, 0xf, &(0x7f0000000280)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {0x7, 0x0, 0xb, 0x6, 0x0, 0x0, 0xffffff1f}, {0x85, 0x0, 0x0, 0x5}}, {{0x6, 0x0, 0x2}}, [], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x14, 0x3, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x9}}, 0x0, 0x2, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, @lirc_mode2=0x10, r1, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, r1, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94)
r2 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1000000004000000040000000200000000000000", @ANYRES32, @ANYBLOB="fcffffff00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000fdffffff0100786993"], 0x50)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="020000000400000008d7460001"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000140)={r3, &(0x7f0000000040), 0x0}, 0x20)
r4 = openat$urandom(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$RNDADDENTROPY(r4, 0x40085203, &(0x7f0000000380)=ANY=[@ANYRESOCT])
sync_file_range(r4, 0x6, 0xb5c, 0x5)
r5 = socket$packet(0x11, 0x3, 0x300)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file2\x00', 0x1010051, &(0x7f0000000800)={[{@errors_remount}, {@noload}, {@noblock_validity}, {@dioread_lock}, {@nouid32}, {@data_writeback}]}, 0x1, 0x546, &(0x7f0000000180)="$eJzs3dFrZFcZAPDv3mR2s7upmaoPtWAttrJbdSdJ47bBh6og+lRQKz4Ja0wmIWSSWZJJuwmLTfFVEES04Is++SL4BwjSF99FKNR3UVGkZvVBoe2VO3Onm0xmkhRncpfk94Oz9557Zu73nQlz5tyZu/cGcGE9GRE3ImIsIp6JiKlie1qU2OuU/HH39+8t5iWJLHvp7SSSYlt3X5eL5bXiaRMR8Y2vRnw3ORp3a2d3baHRqG8W9enWevJOlu3eXF1fWKmv1Dfm5mafm39+/tb8zFD6WY2IF77815/88JdfeeG3n33lT7f/fuN7eVr/zbJXo6cfw9TpeqX9WnSNR8TmKIKVZLzdw45bJecCAMDx8vn+hyPik+35/1SMtWdzAAAAwHmSfWEy3kkiMgAAAODcSiNiMpK0VpzvO1mcsXotIj4aV9NGc6v1meXm9sZS3hZRjUq6vNqoz8RE+9yBalSSvD5bnGPbrT/bU5+LiEcj4sdTV9r12mKzsVT2lx8AAABwQVzrOf7/91Sa1mpF417JyQEAAADDUy07AQAAAGDkHP8DAADA+VfN+tyh66h09JkAAAAAI/C1F1/MS9a9//XSyzvba82Xby7Vt9Zq69uLtcXm5p3aSrO50r5m3/pJ+2s0m3c+Fxvbd6db9a3W9NbO7u315vZG6/bqoVtgAwAAAGfo0U+88cckIvY+f6VdcpeKtkpENnbwweNlZAiMygc6p+cvo8sDOHsHP9+vlJgHcPZM6eHiqpSdAFC6k/4D0MCTd34//FwAAIDRuP6xwb//v71camrAiBW//yenugAIcK6MlZ0AUJrO73/vZR1lZwOcpcpxMwAHBXDupcP5/f+EUwkTAwoAAJRssl2StFYcB0xGmtZqEY+0bwtYSZZXG/WZiPhQRLw1Vbmc12fbz0zM5gEAAAAAAAAAAAAAAAAAAAAAAADglLIsiQwAAAA41yLSv3XvzHV96unJ3u8HLiX/mWovI+KVn73007sLrdbmbL79n+9vb71ebH+2jG8wAAAAgF7d4/TucTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADNP9/XuL97Msy/bvLZ5l3H98KSKqRfyidFrGY6K9nIhKRFz9VxLjB56XRMTYEOLvvRYRj/WLn+RpRbXI4lD8SxFpRFwZVvz4gPGjE//aEOLDRfZGPv58sd/7L40n28v+77/xovy/Bo9/6fvj39iA8e+RQTutHK4+/uavpwfGfy3i8fH+4083fpLvr0/8p07Zx+98c3d3UFv2i4jr/ca/5HCs6db6nemtnd2bq+sLK/WV+sbc3Oxz88/P35qfmV5ebdSLf/vG+NHHf/Peg9q7R/p/9Zjxt93/Aa//06fs/7tv3t3/SGe15y8Tlfh5lt14qv/f/7F88emj8buffZ8qPgfyev4apq9/q2/8J371hycG5Zb3f2lA/yd6+n+5p/83Ttn/Z77+/T+f8qEAwBnY2tldW2g06ptWDq5E9aFI4+FdyeedpaeRRBL5yluHmhbKT6yz8mrxHltodN9tQ9rz74qDo1EmX9J4BAAAjM6DSX9vS1JOQgAAAAAAAAAAAAAAAAAAAHABnXgZsEFNaUQ82PLtHxxzNbLemHvldBUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Fj/CwAA//8GI9aV")
r6 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r6, 0x400c6615, 0x0)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r7=>0xffffffffffffffff})
r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x1b, 0x1fffffffffffffcd, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0a"], 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$binfmt_aout(r8, &(0x7f00000001c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r8, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0xfe, "00094a0400"})
r9 = syz_open_pts(r8, 0x80)
r10 = dup3(r9, r8, 0x80000)
ioctl$sock_inet_tcp_SIOCINQ(r10, 0x541b, &(0x7f0000000000))
getpeername$packet(r7, &(0x7f0000000000)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmmsg(r5, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x0, r11}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1}}], 0x1, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@ipv4_newroute={0xf, 0x18, 0x35f32a6dfa748ddd, 0x0, 0x80, {0x2, 0x0, 0x30, 0x0, 0xfe, 0x7, 0xfd, 0x1, 0x20000200}, [@RTA_DST={0x0, 0x1, @multicast2}, @RTA_MULTIPATH={0x0, 0x9, {0x8, 0x23, 0x7, r11}}, @RTA_ENCAP_TYPE={0x0, 0x15, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4a044}, 0x8000)

30.44309832s ago: executing program 4 (id=29):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
chdir(&(0x7f0000000000)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00')
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b00)=@newtaction={0x6c, 0x30, 0x9, 0x4, 0x25dfdbfb, {}, [{0x58, 0x1, [@m_mpls={0x54, 0x3, 0x0, 0x0, {{0x9}, {0x28, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1c, 0x2, {{0x0, 0x0, 0x2, 0x200}, 0x4}}, @TCA_MPLS_LABEL={0x8, 0x5, 0x5e0e2}]}, {0x4, 0x4}, {0xc}, {0xc}}}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x4000800}, 0x0)
socket(0x2, 0xa, 0x300)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f271a76d2688634c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r3 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f00000001c0)=0x10)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
r4 = fsopen(&(0x7f0000000000)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000040)='fd', &(0x7f00000000c0)='1', 0x0)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r5)
socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f00000021c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x310, 0xe0, 0x12, 0x60a, 0xe0, 0x202, 0x240, 0x2e8, 0x2e8, 0x240, 0x2c0, 0x4, 0x0, {[{{@uncond, 0x0, 0xa8, 0xe0}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0x1, 0x6, 0x5}, {0xffffffffffffffff, 0x4, 0x1}, {0x1, 0x2, 0x1}, 0x7, 0x402}}}, {{@ipv6={@private2, @local, [], [], 'vxcan1\x00', 'veth1_to_batadv\x00', {}, {}, 0x0, 0x0, 0x1}, 0x0, 0x118, 0x160, 0x0, {}, [@common=@unspec=@ipvs={{0x48}, {@ipv4=@remote, [0xffffffff, 0xffffff00, 0xffffff00, 0xff000000], 0x4e23, 0xc, 0x0, 0x4e22, 0x4, 0x4}}, @common=@mh={{0x28}, {"f30e"}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x1, 0xc86d, 0x8, 0x1, 'snmp\x00', {0x10000}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x370)
sendmsg$NLBL_MGMT_C_ADDDEF(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000000000000000400000008000700000000000800020003000000050008"], 0x34}}, 0x0)
sendmsg$NL802154_CMD_NEW_SEC_LEVEL(r5, &(0x7f0000002180)={&(0x7f0000001000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000001080)={&(0x7f0000001040)={0x20, 0x0, 0xa24, 0x70bd26, 0x25dfdbfd, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}]}, 0x20}, 0x1, 0x0, 0x0, 0x40000}, 0x4044044)
write(r0, &(0x7f00000010c0)="1546b2000000000000008043f3526b13f78ada17aefbbfc13bc888a3a46e8f0e809292ee0739b4f20800b179aa901b5d500d639055ad16ff0ceb07b5c7c140ffda4e249c4a14771887fd7b3103361550a32f277e6aed03554b8a3e3efdf4f169f28fb0ef0571bd7aef1d7e90a5c82c2d94c5b937ff1f1e37d5c0a2c63a4e33aaa4d82667a078bfcf74909014a8324c04544615e517567a3274e8e6882c75ab4313568c5c53fd46c81132", 0xc1)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
r8 = inotify_init1(0x0)
inotify_add_watch(r8, &(0x7f0000000700)='./file1\x00', 0x2000775)
write$binfmt_elf64(r7, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x4, 0x0, 0x0, 0x0, 0x3, 0x3e, 0xffffffeb, 0x200000294, 0x40, 0x0, 0x0, 0x8f2d, 0x38, 0x1, 0xfffe, 0x7fff, 0x3}, [{0x3, 0x5, 0x8, 0xd, 0xc, 0x7, 0x7ff, 0x3}]}, 0x78)
close(r7)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_TREE_SEARCH(r4, 0xd0009411, &(0x7f0000001180)={{0x0, 0x6c, 0xa, 0x2dc, 0x5, 0x4, 0x10, 0x6, 0xffffffff, 0xf3, 0x1, 0x16e6, 0xb, 0x7fffffff, 0x2}})

30.27872113s ago: executing program 4 (id=32):
socket$inet_icmp(0x2, 0x2, 0x1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500)={<r0=>0xffffffffffffffff})
close(0x3)
socket$nl_route(0x10, 0x3, 0x0)
setsockopt$sock_int(r0, 0x1, 0x50, &(0x7f0000001740)=0x100, 0x4)
write$binfmt_script(r0, 0x0, 0x6f4000)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
setsockopt(r1, 0x4, 0x7c0, &(0x7f0000000400)="1dbfe112abdc74da9bea64f944acdb6779d47c0c4a1b80862596499f7f3b75d5c550a5bc8622da3bbb1812ce6db308d8b5d7737395f4649920d448444c1f6400fa506c1c241cecf461f765e63d2987dd75011735490f08a285057b861c5c3428a94ab5e1906cc1695b40a203165f034e7304e48bdd1c63d866dbd580fae996a8bac87790abeec8a501542e8ea6cf354ec54e6004c334f8ee21e936100426ac37e95dbf761d923d1a690b41346fdf72e7e578c091c7bff22ead5fe09be6486b56c8", 0xc1)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
ioperm(0x5, 0x8, 0x8000000000005)
perf_event_open(&(0x7f0000000000)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x241a2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x3, @perf_bp={&(0x7f0000000300), 0x1}, 0x0, 0x2, 0x3, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x4000, 0x1, 0x1fd}, &(0x7f0000000000), &(0x7f0000000300))
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10010, r3, 0xed526000)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x6)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r2, 0x8982, &(0x7f00000006c0)={0x0, 'bridge0\x00', {0x101}, 0x2})
r4 = socket$netlink(0x10, 0x3, 0x4)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$USBDEVFS_ALLOW_SUSPEND(0xffffffffffffffff, 0x5522)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000200), r4)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r4, &(0x7f00000003c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYBLOB="9e15f810a91ad7f66f64000000", @ANYRES16=r6, @ANYBLOB="00042bbd7000fddbdf250200000008000200020000000c00018005000200080000000800030005000000050005000c0000000800020001000000040006800800040008000000080004000100000008000300050000000800020002000000"], 0x64}, 0x1, 0x0, 0x0, 0x8114}, 0x40000d0)
r7 = memfd_create(&(0x7f00000005c0)='\x103q}2[\xe0\x9a\xee\xaf\x03\x97\x9et\v\"|Ma\x86\xe7\xc0\x14\x9f\xb9h\xb1\x96\xe7=I\x860S6\xb5\xa8\xc2\x95Je%\xfeG\'\b\x00\x00\x00\x00\x00\x00\x00\x1c\xa6\xab\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94k\xcd\t\x00\x90k\xd6\x05\xb6&\xd0\x9daA\xc5\x9c_\xd4\x18,\f\xd4s\xb2\x99/\xc0\x9a\xf2Oc\xc0c\x03gB!\xb0\xb8n\x01\x9bT\x95\x10\x86\xe8$\x7f\r[\xf9\x0e1v\xb1\n\x88\v\x95uy\xb5:`\x8b\nC\x18A;\xaa%\xaf\xc7\xa3\xac\xa2D\xb5\xe2\xe1\xdc(\xfd\x05\x9fB\x84O\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x1a\xa0\x17\xe3\xac\xe9\xc9\xa7\x8a\x1b\x03\"&\xac\xcap>\xccZ\x01\xbc\x18\xc1\xb9\xe9\v\x8b\x9c\xb4Q\xd4\x96EV<>\x99\xca\xb3\xe0\xc4tL\xed\xf5W\xbd#\xcf\x8a\x84\xed\x9f/\xd4\xbb\xea;-Dp\xf8\xd0F\x90\xf8\x92Ip6\xf4\x16\xe8\x14\xe0\x92!\x92-F\xe2\x14D\x91\xa8b\x04\xdd\x1d\a\xdc\xe0\x18\x85{\x80Q\xf6k\x96\xfaQ\x9fW\vO\xf0\xe4O\\\xceS\xe2\x05\x049d\x06#\x88\xc3\xdf\x85O\x1c\xc3\xad?r\xd7\x0e\x00\xd7\x83\xb0\x88\x9c\xf6Y-F\x98\xdd\x9c~\xfd\x95\xc3\xb6lC\xaa\"Y\xa2K\xecz\x84:*\xf5Y\xd1\x9b1\xbd\x9b\x15\xd4\xec\x02o\x01&\xaa\x90w\xc4\xc7\x8en\xb5\x1ag\xab&?\xbe\xcb\xe8v\xa8\xe0\xa4\x81sW\xacf\x149\xd2}\xef\x03Ga\x9a$4\x8c\xa5!p\x83\x05\x96%\x02%\xabj\n\b\xc8NC\x91}&y\xd3\xe1\xeep\'\xc5\xab\x19GsX5\x8c\n\x9fh\xee;4\xb1%V\xe0\xa9\x8e\xf30:\xd8\x18N~G\x139\xcaf2\x02F1\xc6\x82\x00E\xae\x9d\x17\x871N:\xb4\xea \x8e\xdelP\x83\x1f\'\xe2\xd6\xc0\xc3\xfc\xc9677u\xf3RUP@o>\xee\xb8\xa3\t\x02\xb7\\,\xebK\xed\x1b\xc9e\xb3\x16\xce\x9bI\xdb\xfa\x82\x85\t\x9bg\xd0s\xe2\f{\x8cp~;\xf8\x96\xf2\x91\x06\x89\xa6D\xce\xac\x03\xc1\x83\xd1\xe6 |\xa75\xd7\x80t\xfc\xf8\xd2\x12N\x1cB7^\xfd4\xae\xb0VFw\b!\xae\x1baTv\xc0z\x19\xc5\xc8w\xba\x97N\x9a`\x8f\xfc\x9ee\xf9\x00\x1cQA\x14]\r\xd4\"\xc2\x12GD\xdb{\x88\xaa\x81\xc8\xa2\xdeI\xa2\xbel\x0e\xec\x17fNI\x05\xff\x8d\xf4_\x1a\vqA\xb7\x0ed<\x98\xee\xb8\x19\xec\x9f\xee\xe1_\xacG\x8b\xa3\xc3\x13\x80\x0f\xf4I\xdeAwG\xbdkno\xa2\b\x126\x97\x9b\xf9|P\xd94\v\x15\xcb\xc0\x9d\x11\xf3\x18\xae!2\x1b\x12\xa9\xc8~\xb7S\x94\xb5\xc7;\xa90D>s\xe9\xa4N\xf8\xdb\xab\xa0\x94~\xa1]b\xa4\xe5\xe2e\x1c\x8b\xd2\xc7Md\x93\x02\xd8\xb0,\xeb\x03\xaa\v\xed\x9bR\x8a\x80\xc2\x1f\x17ej\x973wv\x83a\xe06\x96\xde\xbc%Uh;H\xf8S\xf1\xa1g\x02\xc4\xc3\xa4\xa8\x96\t\xfex\xa2?\xcb\\Y\x1e\xfe\xca\xa0i\x80O\x11\xac\xb7$\xdb\xbc\xb0\xcb\xacqU\xb5*\x00\x00\x00\x00\x00\x00\x00\f\xda\xf8oV\x89\xd3\x1f\x99+\xe5T\x8eM4\x1c\xc6\x7f\xd4\xf2\xcc\xd3\x94\xca\xd4\x00\x00\x00\x00\x00\x00\x00\x00\x00~A9\xf6IBu2L\x9e\xa2\xd0\x92\xd1\xbc\xb8\tJ\xa1\aN\x87\x95\xbb\xa9s\xab\x90\x06\xc6!p\x9e?~\xf9\xe6\xae*\v\xa3\xd9gxKN\'z]*\x93\xf7\b\x91\xd0\xff\xd9\xc6a\xb5q\x9c\xa1Go\xd58\x93\xe0,\x9f\xe4\xa9\xd9A\x9e\x95e\x98\xd0V\x9d\xed\x97\xf1\xc5\xce\xf5\x90!d\x9a\xd8\x10\xbbx\r8\xff\x8bNUK\xebA\xe5\x92f\xc4\xd1\xa8\x15\xbf\xb5iW\xdb.kbf*\x89\xf0\xecq m-~\xbbf?\xec=\xd2\xe2\x1e\x8d/o\xcd\xc8x\xdb\xe6\xd0W\xca\xc5kz\x8e9\xfa\x86\x0f\x96p', 0x3)
ioctl$FS_IOC_RESVSP(r7, 0x40305828, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000000})

15.071300178s ago: executing program 32 (id=32):
socket$inet_icmp(0x2, 0x2, 0x1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500)={<r0=>0xffffffffffffffff})
close(0x3)
socket$nl_route(0x10, 0x3, 0x0)
setsockopt$sock_int(r0, 0x1, 0x50, &(0x7f0000001740)=0x100, 0x4)
write$binfmt_script(r0, 0x0, 0x6f4000)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
setsockopt(r1, 0x4, 0x7c0, &(0x7f0000000400)="1dbfe112abdc74da9bea64f944acdb6779d47c0c4a1b80862596499f7f3b75d5c550a5bc8622da3bbb1812ce6db308d8b5d7737395f4649920d448444c1f6400fa506c1c241cecf461f765e63d2987dd75011735490f08a285057b861c5c3428a94ab5e1906cc1695b40a203165f034e7304e48bdd1c63d866dbd580fae996a8bac87790abeec8a501542e8ea6cf354ec54e6004c334f8ee21e936100426ac37e95dbf761d923d1a690b41346fdf72e7e578c091c7bff22ead5fe09be6486b56c8", 0xc1)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
ioperm(0x5, 0x8, 0x8000000000005)
perf_event_open(&(0x7f0000000000)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x241a2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x3, @perf_bp={&(0x7f0000000300), 0x1}, 0x0, 0x2, 0x3, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x4000, 0x1, 0x1fd}, &(0x7f0000000000), &(0x7f0000000300))
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10010, r3, 0xed526000)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x6)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r2, 0x8982, &(0x7f00000006c0)={0x0, 'bridge0\x00', {0x101}, 0x2})
r4 = socket$netlink(0x10, 0x3, 0x4)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$USBDEVFS_ALLOW_SUSPEND(0xffffffffffffffff, 0x5522)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000200), r4)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r4, &(0x7f00000003c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYBLOB="9e15f810a91ad7f66f64000000", @ANYRES16=r6, @ANYBLOB="00042bbd7000fddbdf250200000008000200020000000c00018005000200080000000800030005000000050005000c0000000800020001000000040006800800040008000000080004000100000008000300050000000800020002000000"], 0x64}, 0x1, 0x0, 0x0, 0x8114}, 0x40000d0)
r7 = memfd_create(&(0x7f00000005c0)='\x103q}2[\xe0\x9a\xee\xaf\x03\x97\x9et\v\"|Ma\x86\xe7\xc0\x14\x9f\xb9h\xb1\x96\xe7=I\x860S6\xb5\xa8\xc2\x95Je%\xfeG\'\b\x00\x00\x00\x00\x00\x00\x00\x1c\xa6\xab\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94k\xcd\t\x00\x90k\xd6\x05\xb6&\xd0\x9daA\xc5\x9c_\xd4\x18,\f\xd4s\xb2\x99/\xc0\x9a\xf2Oc\xc0c\x03gB!\xb0\xb8n\x01\x9bT\x95\x10\x86\xe8$\x7f\r[\xf9\x0e1v\xb1\n\x88\v\x95uy\xb5:`\x8b\nC\x18A;\xaa%\xaf\xc7\xa3\xac\xa2D\xb5\xe2\xe1\xdc(\xfd\x05\x9fB\x84O\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x1a\xa0\x17\xe3\xac\xe9\xc9\xa7\x8a\x1b\x03\"&\xac\xcap>\xccZ\x01\xbc\x18\xc1\xb9\xe9\v\x8b\x9c\xb4Q\xd4\x96EV<>\x99\xca\xb3\xe0\xc4tL\xed\xf5W\xbd#\xcf\x8a\x84\xed\x9f/\xd4\xbb\xea;-Dp\xf8\xd0F\x90\xf8\x92Ip6\xf4\x16\xe8\x14\xe0\x92!\x92-F\xe2\x14D\x91\xa8b\x04\xdd\x1d\a\xdc\xe0\x18\x85{\x80Q\xf6k\x96\xfaQ\x9fW\vO\xf0\xe4O\\\xceS\xe2\x05\x049d\x06#\x88\xc3\xdf\x85O\x1c\xc3\xad?r\xd7\x0e\x00\xd7\x83\xb0\x88\x9c\xf6Y-F\x98\xdd\x9c~\xfd\x95\xc3\xb6lC\xaa\"Y\xa2K\xecz\x84:*\xf5Y\xd1\x9b1\xbd\x9b\x15\xd4\xec\x02o\x01&\xaa\x90w\xc4\xc7\x8en\xb5\x1ag\xab&?\xbe\xcb\xe8v\xa8\xe0\xa4\x81sW\xacf\x149\xd2}\xef\x03Ga\x9a$4\x8c\xa5!p\x83\x05\x96%\x02%\xabj\n\b\xc8NC\x91}&y\xd3\xe1\xeep\'\xc5\xab\x19GsX5\x8c\n\x9fh\xee;4\xb1%V\xe0\xa9\x8e\xf30:\xd8\x18N~G\x139\xcaf2\x02F1\xc6\x82\x00E\xae\x9d\x17\x871N:\xb4\xea \x8e\xdelP\x83\x1f\'\xe2\xd6\xc0\xc3\xfc\xc9677u\xf3RUP@o>\xee\xb8\xa3\t\x02\xb7\\,\xebK\xed\x1b\xc9e\xb3\x16\xce\x9bI\xdb\xfa\x82\x85\t\x9bg\xd0s\xe2\f{\x8cp~;\xf8\x96\xf2\x91\x06\x89\xa6D\xce\xac\x03\xc1\x83\xd1\xe6 |\xa75\xd7\x80t\xfc\xf8\xd2\x12N\x1cB7^\xfd4\xae\xb0VFw\b!\xae\x1baTv\xc0z\x19\xc5\xc8w\xba\x97N\x9a`\x8f\xfc\x9ee\xf9\x00\x1cQA\x14]\r\xd4\"\xc2\x12GD\xdb{\x88\xaa\x81\xc8\xa2\xdeI\xa2\xbel\x0e\xec\x17fNI\x05\xff\x8d\xf4_\x1a\vqA\xb7\x0ed<\x98\xee\xb8\x19\xec\x9f\xee\xe1_\xacG\x8b\xa3\xc3\x13\x80\x0f\xf4I\xdeAwG\xbdkno\xa2\b\x126\x97\x9b\xf9|P\xd94\v\x15\xcb\xc0\x9d\x11\xf3\x18\xae!2\x1b\x12\xa9\xc8~\xb7S\x94\xb5\xc7;\xa90D>s\xe9\xa4N\xf8\xdb\xab\xa0\x94~\xa1]b\xa4\xe5\xe2e\x1c\x8b\xd2\xc7Md\x93\x02\xd8\xb0,\xeb\x03\xaa\v\xed\x9bR\x8a\x80\xc2\x1f\x17ej\x973wv\x83a\xe06\x96\xde\xbc%Uh;H\xf8S\xf1\xa1g\x02\xc4\xc3\xa4\xa8\x96\t\xfex\xa2?\xcb\\Y\x1e\xfe\xca\xa0i\x80O\x11\xac\xb7$\xdb\xbc\xb0\xcb\xacqU\xb5*\x00\x00\x00\x00\x00\x00\x00\f\xda\xf8oV\x89\xd3\x1f\x99+\xe5T\x8eM4\x1c\xc6\x7f\xd4\xf2\xcc\xd3\x94\xca\xd4\x00\x00\x00\x00\x00\x00\x00\x00\x00~A9\xf6IBu2L\x9e\xa2\xd0\x92\xd1\xbc\xb8\tJ\xa1\aN\x87\x95\xbb\xa9s\xab\x90\x06\xc6!p\x9e?~\xf9\xe6\xae*\v\xa3\xd9gxKN\'z]*\x93\xf7\b\x91\xd0\xff\xd9\xc6a\xb5q\x9c\xa1Go\xd58\x93\xe0,\x9f\xe4\xa9\xd9A\x9e\x95e\x98\xd0V\x9d\xed\x97\xf1\xc5\xce\xf5\x90!d\x9a\xd8\x10\xbbx\r8\xff\x8bNUK\xebA\xe5\x92f\xc4\xd1\xa8\x15\xbf\xb5iW\xdb.kbf*\x89\xf0\xecq m-~\xbbf?\xec=\xd2\xe2\x1e\x8d/o\xcd\xc8x\xdb\xe6\xd0W\xca\xc5kz\x8e9\xfa\x86\x0f\x96p', 0x3)
ioctl$FS_IOC_RESVSP(r7, 0x40305828, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000000})

11.839838708s ago: executing program 1 (id=283):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000d00)={{0x14, 0x10, 0x4}, [], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x28}}, 0x0)

11.469392449s ago: executing program 1 (id=286):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)={0x18, 0x19, 0x1, 0x0, 0x25dfdbfb, {0x1d, 0xd601, 0x9}, [@nested={0x4, 0xa}]}, 0x18}, 0x1, 0x0, 0x0, 0x5}, 0x0)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x3, 0x20132, 0xffffffffffffffff, 0xb299b000)
capset(0x0, &(0x7f0000000080))
mremap(&(0x7f0000006000/0x3000)=nil, 0x3000, 0xf000, 0x6, &(0x7f0000009000/0xf000)=nil)
r1 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r1, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r1, &(0x7f00000000c0)={&(0x7f0000000100)=@ieee802154={0x24, @long={0x3, 0x0, {0xaaaaaaaaaaaa0002}}}, 0x80, &(0x7f0000000480)=[{0x0}, {&(0x7f0000000800)="7d586d16062b1e1b9685b8", 0xb}], 0x2}, 0x24000008)
socket$inet(0xa, 0x801, 0x84)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10)
setsockopt$inet_sctp_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f0000000900)={0x0, 0x0, 0x2, 0x7, 0x1ffd, 0x2}, 0x14)
listen(r2, 0x1ff)
r3 = socket$inet_sctp(0x2, 0x5, 0x84)
sendto$inet(r3, &(0x7f0000000000)="ab", 0xff04, 0xc1, &(0x7f0000000280)={0x2, 0x4e22, @loopback}, 0x10)

11.071927463s ago: executing program 1 (id=291):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000080)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x2, 0x0, 0xfffd, 0x0, {0xa, 0x4e1c, 0x1, @dev={0xfe, 0x80, '\x00', 0x20}, 0x2}}}, 0x32)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
ioctl$TUNSETVNETHDRSZ(r3, 0x400454d8, &(0x7f0000000140)=0x5)
connect$pppl2tp(r2, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, r0, {0x2, 0x4e22, @broadcast}, 0x2, 0x9800}}, 0x2e)
ioctl$PPPIOCGL2TPSTATS(r0, 0x80487436, &(0x7f0000000540)="43210098")
bpf$MAP_CREATE(0x0, 0x0, 0x48) (async)
socket$pppl2tp(0x18, 0x1, 0x1) (async)
socket$inet6_udp(0xa, 0x2, 0x0) (async)
connect$pppl2tp(r0, &(0x7f0000000080)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x2, 0x0, 0xfffd, 0x0, {0xa, 0x4e1c, 0x1, @dev={0xfe, 0x80, '\x00', 0x20}, 0x2}}}, 0x32) (async)
socket$pppl2tp(0x18, 0x1, 0x1) (async)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) (async)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) (async)
ioctl$TUNSETVNETHDRSZ(r3, 0x400454d8, &(0x7f0000000140)=0x5) (async)
connect$pppl2tp(r2, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, r0, {0x2, 0x4e22, @broadcast}, 0x2, 0x9800}}, 0x2e) (async)
ioctl$PPPIOCGL2TPSTATS(r0, 0x80487436, &(0x7f0000000540)="43210098") (async)

10.808412478s ago: executing program 1 (id=293):
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x44, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40040, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x528, 0x0, @perf_bp={0x0, 0x1}, 0x419, 0x40000000, 0x0, 0x8, 0x103fb, 0x1ff, 0x1ff, 0x0, 0x0, 0x0, 0x400000000000007}, 0x0, 0x1, 0xffffffffffffffff, 0xb)
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r1, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f0000000380)=@req3={0x1000, 0x3a, 0x1000, 0x1, 0x3ff, 0x972, 0xb7}, 0x1c)
r2 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000140), r0)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000000100000008000100030000002c0004800500030080ff00000500030080ff00000500030000000000050003000500000005000300800000000800020003"], 0x50}, 0x1, 0x0, 0x0, 0x40}, 0x0)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), 0xffffffffffffffff)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r3, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000100), 0xffffffffffffffff)
syz_genetlink_get_family_id$nbd(&(0x7f00000000c0), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r5, &(0x7f0000000400)={0x0, 0xa7, &(0x7f00000003c0)={&(0x7f0000000300)={0x4c, r4, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x3}, {0x8, 0x8e, 0x1}}]}, 0x4c}}, 0x0)
fcntl$getownex(r3, 0x10, &(0x7f0000000340)={0x0, <r6=>0x0})
r7 = ioctl$TUNGETDEVNETNS(r3, 0x54e3, 0x0)
sendmsg$DEVLINK_CMD_RELOAD(r3, &(0x7f0000000440)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x60, r4, 0x800, 0x70bd29, 0x25dfdbfd, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r6}}, {@pci={{0x8}, {0x11}}, @DEVLINK_ATTR_NETNS_FD={0x8, 0x8a, r7}}]}, 0x60}, 0x1, 0x0, 0x0, 0x801}, 0x4000)
r8 = syz_open_procfs$pagemap(0x0, &(0x7f0000000000))
ioctl$PAGEMAP_SCAN(r8, 0xc0606610, &(0x7f0000000100)={0x60, 0x1, &(0x7f00001c9000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x2000002, 0x0, 0x0, 0x237, 0x4, 0x2, 0xf, 0x2})

10.720704463s ago: executing program 1 (id=294):
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x80, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write(r1, &(0x7f0000000340)="0a00030001f400", 0x7)

10.100602949s ago: executing program 1 (id=297):
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xe4776000)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$msdos(&(0x7f0000000000), &(0x7f00000004c0)='./file0\x00', 0x80c406, &(0x7f0000000100)=ANY=[@ANYRES16=0x0, @ANYRESHEX, @ANYRES8, @ANYRESOCT], 0xff, 0x2d3, &(0x7f0000000e80)="$eJzs3M9rE1sUwPGTH51J++iP1YP3Nj28t9HNUONShUZpQQwoaUfUhTClUw2JSZkJNhHBrF3137C4dCcU/4Hu/QPcFUG66sqRJpPpNKa1rTHR9PuBMvfOuXd6JjeFcwemuw82n5XWfGvNqUkyo5IUacq+yIwUpSMRHo1W24jOy42sNOXy3PO910sPH93J5fMLBdXF3PLV7JtpkdntjZdv//tQ++v+uynTlJ2Zx7tfsp92/t75Z/fr8tOir0VfK9WaOrpSrdaclbKhq0W/ZKka4jq+q8WK73qxuKtr5er6ekOdyurkxLrn+r46lYYmpaG1qmbCrCpqWZZOThy0M3KBGGeeYW8VCk6uZ+hCfXKjzfNyTkpExr9bU3trOBkBAIBhOr7+T0ZjOvV/srv+Fzmu/lfVqdntjVfhqKn3p6n/3U79f698WP8npHf9n5Ko/i+5rfq/5jXUeeIU4/U/TmTPFwrO2GF//lSzkr8uIZxXohnr3DwS8rzceO9J1P8AAAAAAAAAAAAAAAAAAAAAAPwJ9oNgOgiC6YNjUkSCsG+KSCrW7zGVN8RHQHz9g9iPGS7wCeuPERB7cS8j8rlZt+t2onVsxxdv5xfmtCX24t9evW6noviVdlyPxsdkIoxne8YNufR/O34Qu3U3H49v1u1xWe3KNXWk1+znxwAAAAAAwEizNDITncxItL+3LDWlO97av7caaRHpPB/o2t+n5d/0AG8EAAAAAAAcy2+8KDnlsusNppH62etsDiBVkfNNvxaYfUkjJSKxM2a4VPExhSWRs1w5LSeNMeSHt6yn+l2muJ1sB/WNajc+5s49PTOwL39fGtf7dsEgIdI+MxY+qOv6KwAAAAAwWg73A8POBAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAi2sQ/7ps2PcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/C6+BQAA///RWLCI")
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
r1 = syz_io_uring_setup(0x70ca, &(0x7f0000000080)={0x0, 0x2, 0x10000, 0x3, 0x179}, &(0x7f0000002a40)=<r2=>0x0, &(0x7f00000007c0)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x40, 0x0, @fd=r0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000580)="1a", 0x1}], 0x1})
io_uring_enter(r1, 0x2272, 0x2, 0x5, 0x0, 0x0)

10.09135299s ago: executing program 33 (id=297):
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xe4776000)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$msdos(&(0x7f0000000000), &(0x7f00000004c0)='./file0\x00', 0x80c406, &(0x7f0000000100)=ANY=[@ANYRES16=0x0, @ANYRESHEX, @ANYRES8, @ANYRESOCT], 0xff, 0x2d3, &(0x7f0000000e80)="$eJzs3M9rE1sUwPGTH51J++iP1YP3Nj28t9HNUONShUZpQQwoaUfUhTClUw2JSZkJNhHBrF3137C4dCcU/4Hu/QPcFUG66sqRJpPpNKa1rTHR9PuBMvfOuXd6JjeFcwemuw82n5XWfGvNqUkyo5IUacq+yIwUpSMRHo1W24jOy42sNOXy3PO910sPH93J5fMLBdXF3PLV7JtpkdntjZdv//tQ++v+uynTlJ2Zx7tfsp92/t75Z/fr8tOir0VfK9WaOrpSrdaclbKhq0W/ZKka4jq+q8WK73qxuKtr5er6ekOdyurkxLrn+r46lYYmpaG1qmbCrCpqWZZOThy0M3KBGGeeYW8VCk6uZ+hCfXKjzfNyTkpExr9bU3trOBkBAIBhOr7+T0ZjOvV/srv+Fzmu/lfVqdntjVfhqKn3p6n/3U79f698WP8npHf9n5Ko/i+5rfq/5jXUeeIU4/U/TmTPFwrO2GF//lSzkr8uIZxXohnr3DwS8rzceO9J1P8AAAAAAAAAAAAAAAAAAAAAAPwJ9oNgOgiC6YNjUkSCsG+KSCrW7zGVN8RHQHz9g9iPGS7wCeuPERB7cS8j8rlZt+t2onVsxxdv5xfmtCX24t9evW6noviVdlyPxsdkIoxne8YNufR/O34Qu3U3H49v1u1xWe3KNXWk1+znxwAAAAAAwEizNDITncxItL+3LDWlO97av7caaRHpPB/o2t+n5d/0AG8EAAAAAAAcy2+8KDnlsusNppH62etsDiBVkfNNvxaYfUkjJSKxM2a4VPExhSWRs1w5LSeNMeSHt6yn+l2muJ1sB/WNajc+5s49PTOwL39fGtf7dsEgIdI+MxY+qOv6KwAAAAAwWg73A8POBAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAi2sQ/7ps2PcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/C6+BQAA///RWLCI")
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
r1 = syz_io_uring_setup(0x70ca, &(0x7f0000000080)={0x0, 0x2, 0x10000, 0x3, 0x179}, &(0x7f0000002a40)=<r2=>0x0, &(0x7f00000007c0)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x40, 0x0, @fd=r0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000580)="1a", 0x1}], 0x1})
io_uring_enter(r1, 0x2272, 0x2, 0x5, 0x0, 0x0)

3.268547549s ago: executing program 2 (id=414):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000500)={0xa, 0x4e20, 0xbb6, @loopback, 0x5}, 0x28)
connect$inet6(r1, &(0x7f0000000480)={0xa, 0x4e20, 0x9, @loopback, 0x106}, 0x1c)
r2 = fcntl$dupfd(r1, 0x406, r1)
setsockopt$inet6_buf(r1, 0x29, 0x39, 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x7fffffffffe, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
newfstatat(0xffffffffffffff9c, 0x0, 0x0, 0x2000)
write$binfmt_elf64(r2, 0x0, 0xfffffdcf)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0xffffffffffffffff, 0x4)
syz_genetlink_get_family_id$SEG6(&(0x7f0000000180), r0)
sendmmsg(r0, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f00000002c0)="bc", 0x1}], 0x1, &(0x7f0000000700)=[{0x10, 0x1, 0x8}], 0x10}}], 0x2, 0x440440c4)
setrlimit(0x7, &(0x7f0000000140)={0x4, 0x100})
syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)

2.428413358s ago: executing program 2 (id=431):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r0, &(0x7f0000000400)={0x0, 0xa7, &(0x7f00000003c0)={&(0x7f0000000300)={0x4c, 0x0, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x3}, {0x8, 0x8e, 0x1}}]}, 0x4c}}, 0x0)

2.39876668s ago: executing program 2 (id=432):
syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x401)
socket$inet6(0xa, 0x2, 0x0)
perf_event_open$cgroup(&(0x7f00000003c0)={0x2, 0x80, 0x16, 0x1, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r0 = inotify_init1(0x0)
inotify_add_watch(r0, &(0x7f0000000000)='.\x00', 0x52000775)
r1 = open(&(0x7f00000000c0)='.\x00', 0x800, 0x50)
r2 = syz_io_uring_setup(0x832, &(0x7f0000000280)={0x0, 0xcd1d, 0x10100, 0x1}, &(0x7f0000000000)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f00000003c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r1, 0x0, 0x0})
io_uring_enter(r2, 0x5040, 0x7ccb, 0x4c, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x7f8, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f0000000480)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100c, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = openat$tun(0xffffffffffffff9c, 0x0, 0xc1842, 0x0)
write$cgroup_devices(r5, 0x0, 0xffdd)
socket$kcm(0x21, 0x2, 0x2)
epoll_create1(0x0)
listen(0xffffffffffffffff, 0x3)
move_pages(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, 0x0, 0x0)
r6 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r6, 0x0, 0x0)
r7 = socket$tipc(0x1e, 0x2, 0x0)
sendmsg$tipc(r7, 0x0, 0x80)
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r8=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r8, 0x1, &(0x7f0000000040), 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
prctl$PR_SET_MM_MAP(0x23, 0xe, 0x0, 0x0)
syslog(0x2, &(0x7f0000000140)=""/41, 0x29)

2.036644661s ago: executing program 2 (id=436):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmsg$unix(r1, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x2000)
shutdown(r0, 0x100000000000000)

1.824762183s ago: executing program 0 (id=444):
r0 = open(&(0x7f00000002c0)='./file0\x00', 0x1491ff, 0x22)
fcntl$setlease(r0, 0x400, 0x0)
fcntl$getownex(r0, 0x10, 0x0)

1.768352776s ago: executing program 0 (id=445):
r0 = socket$inet6(0xa, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000700)={&(0x7f0000000040)={0x2, 0x4e20, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000680)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x32}, @multicast2}}}], 0x2f}, 0x40840)
r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0x0, 0x79, 0xec, &(0x7f00000000c0)="f0d5c5b194fe96df54435387ef1438557f1b7b8538a7c4ef716e2283a891e67beda0733753685604bc9556acfbf03683fd395764a26f8ba94a71adda717943876c7f97ad25a89adfbcaa7a5154f1dd49646444006d46de3d10e5846ab16742154083c16c7cd5ee60f16ac7cb0faeea87f4523883aa5157cc52", &(0x7f0000000300)=""/236, 0x6, 0x0, 0xc9, 0x70, &(0x7f0000000800)="058c5524b4b8587ba6dac66df65081d97c7df2974427dd0b19d6c0341da7bf452dbfe3c34dd9f629d26ea81ef43767b2d5c1bdacacc08c09f5fbd2b411f1634215fd8031a009053f073f3133abb01b7496c4513d08363d5d0314370c975a84e5bcf59ebba1e9c776e33d9ccf3a7ef9a3a9709c29a9850dc2ea3a10add6722b5096b7228afcbe6722c4be30068555c7a82f34dfcb96588b575a16feb3880cc87aba90889eb4c24ee817bddcf1553eaec9ee1d31d622537b55e0ff6501635905e66d43a91661852b30c6", &(0x7f0000000140)="143b7bcef0e6ff5c07b348eb9e29ad5f17c78a4afee59c295a96789be320266547d685ea378e575eeba5a1c7254d3898b05cfc95c9facecc08165a664497cb8aaaccb24116ed941645d5a6e335ea66cc79b1a75d14a9a5aee92f19881cb920b27857377c467701aef61372aeb145409c", 0x5, 0x0, 0x2}, 0x50)
r2 = syz_mount_image$ext4(&(0x7f00000002c0)='ext3\x00', &(0x7f0000000700)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000012c0), 0xfe, 0x244, &(0x7f0000000400)="$eJzs3T9oJFUcB/DvzO565m6RUxtB/AMiooFwdoJNbBQCEoKIoEJExEZJhJhgl1jZWGitksomiJ3RUtIEG0WwipoiNoIGC4OFFiu7k0hMVqNu3Dkynw9MZibz3vzesPN9u83sBmisq0mmk7SSTCbpJCmON7i7Wq4e7q5PbM8nvd4TPxWDdtV+5ajflSRrSR5KslUWeamdrGw+s/fLzmP3vbncuff9zacnxnqRh/b3dh8/eG/2jY9mHlz54qsfZotMp/un6zp/xZD/tYvklv+j2HWiaNc9Av6Judc+/Lqf+1uT3DPIfydlqhfvraUbtjp54N2/6vv2j1/ePs6xAuev1+v03wPXekDjlEm6KcqpJNV2WU5NVZ/hv2ldLl9eXHp18sXF5YUX6p6pgPPSTXYf/eTSx1dO5P/7VpV/4OLq5//JuY1v+9sHrbpHA4zFHdWqn//J51bvj/xD48g/NJf8Q3PJPzSX/ENzyT80l/zDBdb5+8PyD80l/9Bc8g/NdTz/AECz9C7V/QQyUJe65x8AAAAAAAAAAAAAAAAAAOC09Ynt+aNlXDU/eyfZfyRJe1j91uD3iJMbB38v/1z0m/2hqLqN5Nm7RjzBiD6o+enrm76rt/7nd9Zbf3UhWXs9ybV2+/T9Vxzef//dzWcc7zw/YoF/qTix//BT461/0m8b9daf2Uk+7c8/14bNP2VuG6yHzz/ds79i+Uyv/DriCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABib3wMAAP//+kBtTA==")
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r4, r4)
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
pipe2$9p(&(0x7f00000000c0)={<r5=>0xffffffffffffffff}, 0x800)
mount$9p_fd(0x0, &(0x7f00000009c0)='./file0\x00', &(0x7f0000000080), 0x8c, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r5}})
setpgid(0x0, r4)
wait4(r4, 0x0, 0x2, 0x0)
ioprio_set$pid(0x1, r4, 0x2004)
unshare(0x6060600)
r6 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000a80)=ANY=[@ANYBLOB="120000003a000000080000000200000000000000", @ANYRES32, @ANYBLOB="0000d8e8c9e3030d7c80c3afcc3cb324f3880896857b089050b00595e4699c145bfa7b593b86748e9b070a23fffae48098af4bdb92c61f9731b48a2ffaa6aa63bc5e3077db70e344ffe9e9748e59", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$BPF_PROG_ATTACH(0x1c, &(0x7f00000002c0)=ANY=[@ANYRES32=r6, @ANYRES32, @ANYBLOB=',\x00'], 0x20)
perf_event_open(&(0x7f0000000900)={0x2, 0x80, 0x6, 0x1, 0xde, 0x6, 0x0, 0x3, 0x10, 0x8, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x4, @perf_bp={&(0x7f00000001c0), 0x2}, 0x0, 0xfffffffffffffff7, 0x6, 0x5, 0x6, 0x6, 0x1, 0x0, 0x1}, r4, 0xe, 0xffffffffffffffff, 0x2)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB="2800009fa970090003001000fdffff7f00000000000006000000000000000b00a5caf4e209f66de6"], 0x28}, 0x1, 0x0, 0x0, 0x4008018}, 0x4000080)
r7 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r7, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f0000000140)=[{0x20, 0x1, 0x0, 0xfffff034}, {0x6, 0x0, 0x0, 0x4}]}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f00000006c0)={'wg1\x00', <r8=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x3, &(0x7f0000000a40)=ANY=[@ANYRESOCT=r2], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', r8}, 0x94)
r9 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x90)
ioctl$BTRFS_IOC_DEV_REPLACE(r5, 0xca289435, &(0x7f0000001300)={0x2, 0x0, @status={[0xc, 0x7, 0x800, 0x6, 0xb40, 0x1]}, [0x100000000, 0xfff, 0x2, 0x5, 0xffffffff, 0x8, 0x3, 0x95, 0x4, 0x7, 0x10001, 0x1c8f, 0x41b, 0xc820, 0x9, 0x8, 0xfff, 0x7, 0x7, 0xb, 0x86, 0x3, 0x5, 0x4, 0xfffffffffffffff7, 0x548, 0x27, 0x7, 0x7, 0xffffffffffffc48f, 0x9, 0x2, 0x1bf06adf, 0x7, 0x2800000000000000, 0x0, 0xf286, 0xffffffffffffffff, 0xb5c, 0x10, 0x0, 0x2, 0xa0, 0x3, 0x2, 0x7fff, 0x0, 0x8000, 0x1, 0xfffffffffffffff9, 0x0, 0x2, 0x5, 0x10, 0xf, 0x3, 0x7, 0x24d0, 0xb, 0x0, 0x7fffffffffffffff, 0x31b426e6, 0x7, 0x10000]})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r9, 0x5, 0xb68, 0xf5ffffff, &(0x7f0000000000)='%', 0x0, 0xd01, 0xbe02, 0x0, 0x0, 0x0, 0x0, 0x2, 0x31}, 0x48)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
write$P9_RSETATTR(r1, &(0x7f0000000980)={0x7, 0x1b, 0x2}, 0x7)
removexattr(&(0x7f0000000080)='./file0\x00', &(0x7f0000000200)=@known='system.posix_acl_default\x00')

1.329513732s ago: executing program 0 (id=452):
r0 = socket(0x2, 0x80805, 0x0)
r1 = socket(0x40000000015, 0x5, 0x0)
bind$inet6(r1, &(0x7f0000000140)={0xa, 0x0, 0x0, @loopback={0xfec0ffff00000000}}, 0x1c)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000001c0)={'bridge0\x00', <r4=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="3800000055002f03020000000000000007000000", @ANYRES32=r4, @ANYBLOB="200001"], 0x38}}, 0x40840)
getsockopt$inet6_tcp_buf(r2, 0x6, 0xd, 0x0, &(0x7f0000000280))
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_udp(0x2, 0x2, 0x0)
r5 = syz_io_uring_setup(0x460, &(0x7f0000000480)={0x0, 0x40000020, 0x10, 0x2, 0x34f}, &(0x7f0000000040)=<r6=>0x0, &(0x7f0000000000)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000240)={0x1, &(0x7f0000000200)=[{0x2f, 0x1, 0x0, 0x4}]}, 0x8)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r6, r7, &(0x7f0000000200)=@IORING_OP_MADVISE={0x19, 0x7b, 0x0, 0x0, 0x0, &(0x7f0000011000/0x4000)=nil, 0x4000, 0xc})
io_uring_enter(r5, 0x47bc, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000001200), &(0x7f0000001240)='./file0\x00', 0x2000004, &(0x7f0000002480)=ANY=[@ANYBLOB="00e789da34e04a1ffb124b2c2fb684c70b90bbb45efd97899a16f2df4fa2e8f06ac2c5352509e3c51d882eb3ec0dd3b1c96e980163890d2d0d1b8d3d62f6d77b0209e166e2ca4c35483d49316daf522556a16cab12d75a852bc680da7ea837480feb2060a1e20a59b7745235030000004ed0351cb5b416ba1c57217be5a338392f831617ee8c35bb61f0a9eeed3b1226b18c4b455ab222d7ae1b5258d5643d70000000000000000000ae468a387d9e63008000000000000063a454d1ab8760076a893752105f030c49caf2fdfe6bc9743a68593b576e2f2f6ab69e1b974ac90855ac250f8f73e16bc593730b88d7a3346b945e276875915040ce4901262cd8ce8191ee84e3ce5526a0a43b707cc711a3311f840cad641a013c6dd783aa895227b3d50a86e15a57e26666aaa296b7ddc4c8f421cf9d76d344bf6522f5d1138659d3de84ce13b085a2ed9d66c93767378423521cc4ea440e0ac3b953e1ca1675a716a97a5c3106aba648f119eeab4747b9b53000475e0a34514ccf397ea6f170e018122a98f135beac48d2ed195e20fdd226c7f5a20000ad1fcfbee59924e161280a8b78fe34b2fa3efa7c1d4268bf090000ecb4ece3234c232659fee3ff9e6d21e008a570bb490a65b84ea8b6d6507355cb1112fae6e3456bf8da53e1df20458e59456822dbb8dbd7ce0f928d5fbd6414fe8ab5277f3fd5ce6be044993f93e697a69484cc0e65ec742443c84e21a440998c8d69c12c2db7aee2872c6e0671d639e8f6bece219dcd0f69b9867dfc3187c882c035809c81832d7416f90c734be30c2faf0c22bfc8d95dfc7b9bac96b838c98ae5a75b9dc9e967ef5edf311bbebd7ca803cea8f5b9ec5b3edd6c44d633b71bde97a3c10a468432ff3d4e63ce3ecfa640d44b70b68744d26e72389e6c61767725d2c692443bc949c28b1a374e541bd352ca2f3bf64d883862dc24d8e27d86b6e38bc269f110c3d563f8e4ec9a98016b6b58157deeefa8fa022514bdc75f794094700cb8fa2b61310cbf9058bce5f2399055929e0fc732e0d5db926fe1b09a2993ff038d8099c229bda0801f8b81719d73b4abac97f704a0942051bae38b00b69d7fa69d738f99f73b19082ec0c99442d97ddbf68a4822aa2a2673478f81f14f67beee619b9d9882f7eabfb5000000000000000000003ff8795b5ec2de11479e781396117c84449647684239c9b9475b389a6a76d36c31f39539d928d2c58f188b4bf713d0915df4cc7de48a930935dbb01c9422d604467d209fd1421c7fc503cabde4bb193ff3654377c6e4fb72dcfc835f760bae7447068c2e43433e3d77c6805b559a04f3ebb741a9bbf57274b1da7800000000000000000000000000000000000000001c4f225672f3465b2638e921d80d58dca4ee4592d8cc0c06b2e390b7b1c713a46bc8ece9be25f055a59032576bc00a844c32b46040a607eaeb886ec0cb8e90c5a4075caa8a358ab81e78ad794a20f772b73466a43cd696401521793e54b1c4aa58d506b661f393e7233337473f36c2dbb15ae673afe82ebe45cc6f776162e43b74d9b9ca6f68d6bc8261600b27431e0f6f4f1e0947f69d2d812ebc9d2a8869b14a84dbdcdc5055b97a241e2f707740bb966b6c58408aceb9f6a943f614d2a6093c60c0dfb511b02f191ef6fa6e5a1a86687a44ec6098439a2ef55a4ba07e2b0f62ae86e1458f63f6b8b2d2b9990495f17b6d1052b19472a97d41204a8be48e380be2e6885c7de0807f2c154ad4f25b16027bc4aeb85dc798e7eef25631bfd79c8e0aff725dcd4b91c61bf8d72f74e4dbae"], 0x1, 0x11f4, &(0x7f0000001280)="$eJzs3M+LG2UYB/DHbWvr1v2h1moL0he96GXo7sGLgiyyBWlAaRuhFYSpO9GQMQmZsBARV09e/TvEozdBvOllL/4N3vbisQdxxMTapsRDqXTa8Plc8pD3/cLzkjDwDvPO0ZvffNrrVFknH8fKE2/FyjAi3UqRYiVu+zJee+PnX166ev3G5Z1Wa/dKSpd2rm29nlJav/DjB59/9/JP49Pvf7/+w8k43Pzw6Pft3w7PHp47+vPaJ90qdavUH4xTnm4OBuP8ZlmkvW7Vy1J6ryzyqkjdflWM5sY75WA4nKS8v7e2OhwVVZXy/iT1ikkaD9J4NEn5x3m3n7IsS2urwYNof3urruuIuj4RT0Zd1/VTsRqn4+lYi/XYiM14Jp6N5+JMPB9n44V4Mc5NZzXdNwAAAAAAAAAAAAAAAAAAACyXBzr/f6Hh5gEAAAAAAAAAAAAAAAAAAGBJXL1+4/JOq7V7JaVTEeXX++399uxzNr7TiW6UUcTF2Ig/Ynr6f2ZWX3qntXsxTW3GV+XBP/mD/fax+fzW9HUCC/Nbs3yaz5+M1bvz27ERZxbntxfmT8Wrr9yVz2Ijfv0oBlHGXvydvZP/Yiult99t3ZM/P50HAAAAyyBL/1q4f8+y/xqf5e/j/sA9++vjcf54s2snopp81svLshg1XtzuaPbNQUQ8Io0tcXHi0Wjj/y2Ozf2Rmu/nMS2auybx8Nz50ZvuBAAAAAAAAAAAgPvxMB4nbHqNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/MUOHAsAAAAACPO3TqNjAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4KgAA//86R81g")
r8 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x389b0d52417bb201)
preadv(r8, &(0x7f0000000500)=[{0x0}, {0x0}, {&(0x7f0000000380)=""/59, 0xfdcd}], 0x3, 0x0, 0x617a)
r9 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r9, 0x8946, &(0x7f0000000180)={'wg1\x00', &(0x7f0000000000)=@ethtool_dump={0x3e, 0x7fff, 0x7}})
setsockopt(r0, 0x84, 0x80, 0x0, 0x0)

1.210385359s ago: executing program 2 (id=454):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = syz_io_uring_setup(0x460, 0x0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000240)={0x1, &(0x7f0000000200)=[{0x2f, 0x1, 0x0, 0x4}]}, 0x8)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(0x0, 0x0, 0x0)
io_uring_enter(r1, 0x47bc, 0x0, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r2, 0x8946, 0x0)
r3 = syz_open_procfs(0x0, 0x0)
getdents64(r3, 0x0, 0x0)
ioctl$PAGEMAP_SCAN(r3, 0xc0606610, 0x0)
socketpair(0x1, 0x1, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x8914, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x1c1842, 0x0)
ioctl$TUNSETSTEERINGEBPF(r0, 0x800454e0, &(0x7f0000000200))

1.19874232s ago: executing program 6 (id=455):
r0 = syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r1, &(0x7f0000000400)={0x0, 0xa7, &(0x7f00000003c0)={&(0x7f0000000300)={0x4c, r0, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x3}, {0x8, 0x8e, 0x1}}]}, 0x4c}}, 0x0)

1.143408743s ago: executing program 0 (id=456):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0xb, 0x2014, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x400000000000d07, 0x40}, 0x100b28, 0x6, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000100)={0x1ffffffffffffdb8, &(0x7f00000000c0)=[{0x200000000006, 0xf7, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, 0x0, 0x48)
ustat(0x801, &(0x7f0000000240))
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
pipe(&(0x7f0000000000)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
splice(r3, 0x0, r5, 0x0, 0xf3a, 0x0)
vmsplice(r4, &(0x7f0000001c00)=[{&(0x7f0000000b00)='s', 0x1}], 0x1, 0x6)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./file0\x00', 0x2010008, &(0x7f00000001c0), 0xff, 0x53b, &(0x7f0000000b80)="$eJzs3cFvHFcZAPBvNl7HSZzaBQ5QqaWiRUkF2Y1r2locSpEQnCohyj0Ye2NZWXste93GVgXrvwAJIUDiBBcuSPwBSCgSF44IKRKcQSoCIUhBggN0qtmdta31rL1pNt54/ftJk3nzZna+7yV5b2d2n2YDOLeej4g3IuKDNE1fioiZvL6UL9HqLNlx7z94dylbkkjTt/6RRJLXdc+V5Osr+cumIuIbX4v4dnI07tbO7p3Fer22mW9Xm2sb1a2d3Rura4srtZXa+vz83KsLry28snBzKO28GhGvf+UvP/zez7/6+q8//86fb/3t+neytKbz/Yfb8ZAmjtvZaXr54lTPCzY/YrAnUdaecnfj0mCv2XuM+QAA0F92jf+xiPhMRLwUM3Hh+MtZAAAA4AxKvzQd/0si0mKTfeoBAACAM6TUngOblCr5XIDpKJUqlc4c3k/E5VK9sdX83O3G9vpyZ67sbJRLt1frtZv5XOHZKCfZ9ly7fLD9cs/2fEQ8HRE/mLnU3q4sNerLo/7wAwAAAM6JKz33//+e6dz/AwAAAGNmdtQJAAAAAI+d+38AAAAYf+7/AQAAYKx9/c03syXt/v718ts723cab99Yrm3dqaxtL1WWGpsblZVGY6X9zL61k85XbzQ2vhDr23erzdpWs3p1Z/fWWmN7vXlrNaZOpUEAAADAEU9/+t4fk4hoffFSe8lMjjop4FRM7JeSfF3Q+//0VGf93iklBZyKCwMc897F4nrXCXC2TfRW9OnrwPgpjzoBYOSSE/b3nbzzu86qNOR8AACA4bv2qeLv/0++nm+55IczTieG86vn+/90ZlSJAKeu/f3/oBN5XCzAWCkPNAMQGGeP+v3/ydL0oRICAACGbrq9JKVK/vHedJRKlUrE1fbPApST26v12s2IeCoi/jBTvphtz7VfmZx4zwAAAAAAAAAAAAAAAAAAAAAAAAAAdKRpEikAAAAw1iJKf01+03mW/7WZF6d7Px+YTP7b/kngyYh45ydv/ejuYrO5OZfV/3O/vvnjvP7lUXyCAQAAAPTq3qe31/8ZdTYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjJv3H7y71F0GOPzSsOL+/csRMVsUfyI/YirKEXH5X8l+TSaJiAtDiN/ai4hPFsVPsrT2QxbFH8ZfQmsvaaVthfFjNqb6xr8yhPhwnt3Lxp83ivp/KZ5vr4v738ShEepR9B//upGn2uNcUf+/OmCMZ+7/sto3/l7EMxPF4183ftIn/gsDxv/WN3d3++1Lfxpxrfv+0x7xDkc4KFWbaxvVrZ3dG6triyu1ldr6/PzcqwuvLbyycLN6e7Vey/8sjPH9Z3/1wXHtv1z4/pfk2fRv/4sF5yt6T/r//bsPPt7daB2Nf/2Fgvi//Vl+xNH4pTzOZ/Nytv9at9zqlA977he/f+649i8ftL/8MP/+1/udtNeRjvLsoP91AIDHYGtn985ivV7bHNtCdpf+BKTxUQqT8USkMb6F72aF+8M6YZqmadanCnbdi4hBzpPEkFtaKs7noNB3BBj1yAQAAAzbwUX/qDMBAAAAAAAAAAAAAAAAAACA8+s0nrLWG/PgEcjJMB6hDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFB8GAAD//2cM13c=")
write(r1, &(0x7f0000000240)="94", 0x1)
tee(r0, r5, 0x8f5, 0x100000000000000)
write(r2, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[], 0x5c}, 0x1, 0x0, 0x0, 0x8c1}, 0x0)
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x23, &(0x7f0000000000), 0x0)
r6 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
mmap$usbmon(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x7, 0x100010, r6, 0x81)

1.132906964s ago: executing program 6 (id=458):
r0 = socket(0x2, 0x80805, 0x0)
setsockopt(r0, 0x84, 0x80, 0x0, 0x0)

1.120440745s ago: executing program 2 (id=459):
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
sendto$inet6(r0, &(0x7f0000000100)="15", 0x1, 0x1, &(0x7f0000000140)={0xa, 0x4e23, 0x7ff, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x3}, 0x1c)
sendmsg$inet6(r0, &(0x7f0000000380)={&(0x7f0000000180)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c, &(0x7f0000000340)=[{&(0x7f0000000480)='y', 0x1}], 0x1}, 0x0)
shutdown(r0, 0x1)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000003c0)={0x0, @in6={{0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}, 0x0, 0x0, 0x4}, &(0x7f0000000080)=0x9c)
r1 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000000206010700000000000000000000000014000300686173683a69702c706f72742c6970000900020073797a31000000000500010007000000050005000a0000000500040001000000c1590c9fe92c70409533a7acaf3d7072b144c5f5c963697b3ff9bea20eba159d251d57a146ac718289d253f3be698fed96dc6035adef29a07823dc76dea18307c0b1366c07f0145dcd4b556e3129ca"], 0x4c}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="74000000090601020000000000000000030000000900020073797a310000000005000100070000004c0007801800018014000240fe8000000000000000000000000000aa1800148014000240fc000000000000000000000000000000060004404e1f0000050007008400000006000540"], 0x74}, 0x1, 0x0, 0x0, 0x10040003}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1c0000000706010800000000000000000000000005000100060000006d40e995e83455ebebca47f17c01832bda1dd232d8f7208a5fea11e6f2bff0598eaee137247bac1a5f2983fd3d10a083677a5220b3a3b61a6ba094a831c44a42724a95fbd4e9ffcc8b229b36355965d771df20c77885d718626ade43b710889138ae1e58"], 0x1c}}, 0x0)
r5 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000300)={'bond0\x00', <r6=>0x0})
r7 = socket$netlink(0x10, 0x3, 0x0)
r8 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r9 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
modify_ldt$write2(0x11, &(0x7f0000000000)={0xffff, 0x0, 0x1000, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1}, 0x10)
sendmsg$SMC_PNETID_ADD(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010027bd7000fbd3df2502000000050004000100000005000400010000001400020076657468315f746f5f7465616d0000000900030073797a32000000000900010073797a"], 0x68}, 0x1, 0x0, 0x0, 0x4000145}, 0x0)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r10, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000800)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a5c000000090a010400000000000000000700000008000a40000000030900020073797a31000000000900010073797a3000000000080005400000000c08000340000000080800074000000031080006400000000008000f4000000004140000001000010000000000000000000084000ae6a9853f4cf46ebb0e08ff96a0651250e99027bfcc273c7e21cffdc2f877681997309c7baf0c25617e8bf90cc5c6a8ffc4cf69f7103dc546e48e77b3afaf365dcffeeb3e7f457d19419ff7d6fa145b6369f933206e75099c1d6f70b2ee073d0565395df4143d4b6b"], 0x84}}, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000ac0)=@newqdisc={0x94, 0x24, 0xf0b, 0x70bd30, 0x0, {0x0, 0x0, 0x12, r6, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x64, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], 0x0, [0x5, 0x4, 0x0, 0x0, 0x8, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee11, 0x0, 0x0, 0x3], [0x0, 0x8, 0x3]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x8, 0x2, 0x0, 0x1, [{0x4}]}]}}]}, 0x94}, 0x1, 0x0, 0x0, 0x4c845}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000600)={'wlan0\x00'})
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000080)={[{@noblock_validity}, {}, {@sysvgroups}, {@errors_remount}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nolazytime}, {@quota}, {@nomblk_io_submit}], [{@subj_role={'subj_role', 0x3d, '^#{]#@&&'}}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
close_range(r1, 0xffffffffffffffff, 0x0)
r11 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
ioctl$TIOCSETD(r11, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r11, 0x400455c8, 0x0)

1.094303276s ago: executing program 6 (id=462):
syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000d00)='./file2\x00', 0x100000000000000, &(0x7f0000001600)=ANY=[@ANYBLOB="666c7573682c756e695f786c6174653d312c6e6f6e756d7461696c3d302c726f6469722c757466383d312c6e6f6e756d7461696c3d302c756e695f786c6174653d312c6e6f6e756d7461696c3d302c756e695f786c6174653d302c757466383d312c756e695f786c6174653d302c757466383d312c756e695f786c6174653d312c6e6f6e756d7461696c3d302c646f733178666c6f7070792c726f6469722c756e695f786c6174653d312c71756965742c00aaed2e6322e12ca43d55f4e47d9fb6f319fab9c81cd7b9b508d5df5619dad30ed85701f46d5bb2b85a6aecd28cb992054878a859b15b1598ee0b05192ff4df579d2dd32fb9a6a092bb22740cfe0636a3d8ff4e975e21fc6d6e2d6ece2beac2098361fe652ea69917e6d47463ceb0b35bc7a2f8799debe5e7b6e82c84ab25d06157c08f006d90e62a8026a845835dbf4ac25eec51c3ec73c82014eee15eaaa123084415546ca2e37c23d441b343cec1f74e52bc1f21eb18053a9b98d3a304fba3751bd0121940bc9d276f1e5352b9f4e674bb80ffeaaff6843ef1c8a7a7e0d592893a77ae91e025a35840e7ff4fdb3571d1986ed6f5a23d9ee6bf1cec94fb17af0627c04bf47586ce288a466c039a1ead7fd99feacc51d9f7a2e67f46a0b86b45e5d7cb4affc1c539a764f5", @ANYRESOCT, @ANYBLOB="0d772162455e1a51d624f8d8357f21d78bfc90e3ed32a9a245806694af127d9747d414832bcbcca884d56cec6795324de91fc9e4e245db8d4e973d02ae985de9b61807605921ac2d3eca09881179e0b64872106eae24d99523b3d05b69a59c323d692953953d57c5"], 0x1, 0x318, &(0x7f0000000780)="$eJzs3c9rE1sUwPEzaX62ry9dPB6Px3twqSCKdGgC7lxYpAUxoLSNYAVhaqcaMk1KJhQiYrMQ3Lp20YVLEURw50bEbTf+Bf7addOdBYsjM5NM02RM02rtD7+fRXM6c87MnbkzzfSW3qyde7hQnLf1L05UPDERcXzL/hKpy+k3K+//n3r9h/+9UhNj05msUhERuX736fCr6sDVF3++TMjq0I219eyn1f+mRb5O35aIKtiq5G5LzZbLVc0tnivYRV2pK5Zp2KYqlGyzUlWGt96YtUw1b5UXF2vKKM0N9i9WTNtWRqmmimZNVcuqWqkp45ZRKCld19Vgv0BEhoIo0rFO61aYf7LhOLLudlCi7nZ7SHa9GcQar4kfaywOk7b+75rbcXH07WfL8CtsONGg/+M79D+OH//+//Col/sfx8/UtZlLY7nc+KRSSZGFB0v5pbz/6q9/NyAFscSUlckzM5vBo6F7qWju14mLufFR5RmSkwvLjfrlpbz/5jA236jPSNp9Tmmpl2Z9xq9X2+tj0t9an5W0/BVen1XiPZWKRFrq43LqREu9Lml5e1PKWl3mvEfcrfp7GaUuXM617T/l5bXjLQ8AAAAAAAAAcBToKrA1fq8Ff+pN6XrCG1sP1qfcxW6enxCMr49KWjbDx+dHQ8f3o/Jv9AAPHAAAAACA34hdu1M0LMus7D6QHnL6Hqe67CImIm4gcn/YbUzXDf7daHHbKncbIVVxEencTl8vbW4EqbP+/p5NNhomez1R+xhERKR1if/PGu7BW8+bOamw82NHdnUBjMRDzrxlJX/OUUjbUXwnaM0Rx3FCkyW5tws70XmAPQbaZnPJP6E5jtalXIv6OYYV85c0b8yd9n4+/HboMXB73wuS7Sdq5KO/XavLD43PwRAfAAAAgCOk5RcnAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwQHqYM6xzbrbmvP3bk6XxEfGdU7K1f2gu8/4DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOIS+BQAA//+8NrDx")

1.032230099s ago: executing program 6 (id=463):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000f00)=ANY=[@ANYRES16=r0], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94)
r2 = perf_event_open(&(0x7f0000000fc0)={0x1, 0x80, 0x7c, 0x0, 0x0, 0x0, 0x0, 0x400, 0x77907, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24000000, 0x0, @perf_bp={0x0, 0x9}, 0x0, 0x0, 0x0, 0x0, 0x7, 0x4}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(0xffffffffffffffff, &(0x7f0000001100)={0x15, 0x110, 0xfa00, {0xffffffffffffffff, 0x10, 0x0, 0x0, 0x0, @in={0x2, 0x4e24, @multicast2}, @ib={0x1b, 0x30a4, 0x3, {"6a827783271a05e39682aa40830f361c"}, 0xd, 0x2, 0x7}}}, 0x118)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_int(r4, 0x0, 0x13, 0x0, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x20000000, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
r8 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r8, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue1\x00'})
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040)=0x3, 0xac5)
syz_clone3(&(0x7f0000000900)={0x23800000, &(0x7f0000000040)=<r9=>0xffffffffffffffff, 0x0, 0x0, {0x27}, 0x0, 0x0, 0x0, 0x0}, 0x58)
io_setup(0x8, &(0x7f0000000600)=<r10=>0x0)
io_submit(r10, 0x1, &(0x7f0000001300)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x6, r9, 0x0}])
write$sndseq(r8, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32={[0x2600]}}], 0xffc8)
r11 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002e00"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r7, r11, 0x5}, 0x10)
ioctl$FICLONERANGE(r6, 0x4020940d, &(0x7f0000000c40)={{r4}, 0x4, 0x400, 0x100000001})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r7}, &(0x7f00000006c0), &(0x7f0000000700)=r6}, 0x20)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000c00)={r11, 0xe0, &(0x7f0000000b00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x3, 0x9, &(0x7f0000000580)=[0x0, 0x0, 0x0], &(0x7f0000000680)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xfa, &(0x7f00000008c0)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000940), &(0x7f00000009c0), 0x8, 0x58, 0x8, 0x8, &(0x7f0000000a00)}}, 0x10)
sendmsg$inet(r5, &(0x7f0000000980)={0x0, 0x6000, &(0x7f0000000900)=[{&(0x7f0000000640)='U', 0xa00120}], 0x1}, 0x3)
pipe2$9p(&(0x7f00000000c0), 0x80)
sendmsg$NLBL_CALIPSO_C_LIST(r0, &(0x7f0000000d40)={&(0x7f0000000c80)={0x10, 0x0, 0x0, 0x540021}, 0xc, &(0x7f0000000d00)={&(0x7f0000000cc0)={0x24, 0x0, 0x20, 0x70bd27, 0x25dfdbfc, {}, [@NLBL_CALIPSO_A_DOI={0x8}, @NLBL_CALIPSO_A_DOI={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x40801)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000840)={r11, 0x0, 0x2, 0xb6, &(0x7f0000000140)="7fa4", &(0x7f0000000280)=""/182, 0x5, 0x0, 0x6a, 0xbc, &(0x7f0000000500)="a9a73b99d5e0b99f40c8ae5541ff37cc123af33ec6bd9512b4236893f8c217635859c8cfdf84729022d51fe307d2d5852222e7de8073d4ff4346d169e3cf55c7ebf4d4c7deafdd11a8bae664f12ae99c3c38e931279541603939fb833a42a077b304ca79e25cd74c9317", &(0x7f0000000780)="632ad28418813c496da5235aac2cd9553ccf75e30a7d29d67c5868798b605cd9d333a86d50f099e2336c9e3944c6809fe29202f3b131a7619bda5497bde56dd06341ad9736ae5b1113bc815d609000c68524fbf943ee78a62f6ca253f9080857201ca2ae3e60416e978337e5ad3644f1093653f7169c5f8bd60b036b7f52575893c4f33ef0b8f04df09cf7d43f3b18f7d8c05c283d7bce6bbc193a33bcc1852a9524d06e4e1da5256d9596175d05ea9d724cf97be231ed4bcd30d143", 0x2, 0x0, 0xfff}, 0x50)

387.999887ms ago: executing program 3 (id=474):
r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
sendto$llc(r0, 0x0, 0x0, 0x20000845, &(0x7f0000006440)={0x1a, 0x300, 0x8, 0x1, 0x5, 0x7f, @broadcast}, 0x10) (fail_nth: 2)

385.505178ms ago: executing program 5 (id=475):
set_mempolicy(0x3, &(0x7f0000000000)=0x4000000ffb, 0x8)
io_setup(0x10000, &(0x7f00000014c0))
syz_clone3(&(0x7f0000000080)={0x801400, &(0x7f0000000040), 0x0, 0x0, {0xa}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000005000/0x4000)=nil)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="183f0000000000000000000003000000950000000000000095"], &(0x7f00000003c0)='GPL\x00', 0x1, 0x20, &(0x7f0000001840)=""/4066, 0x0, 0x6, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'bond0\x00', <r0=>0x0})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000140)={0x80, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x38, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT_TO={0x6, 0x5, 0x1, 0x0, 0x4e24}, @IPSET_ATTR_MARKMASK={0x8, 0xb, 0x1, 0x0, 0x10001}, @IPSET_ATTR_MARK={0x8}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @remote}}, @IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0x90}, @IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x3}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x12, 0x3, 'bitmap:ip,mac\x00'}, @IPSET_ATTR_DATA={0x4}]}, 0x80}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x1200, &(0x7f0000000100)={&(0x7f0000000200)=@newlink={0x3c, 0x10, 0x401, 0x20000, 0x0, {0x0, 0x0, 0x0, 0x0, 0x8003}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r0}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20004885}, 0x4054)

264.636245ms ago: executing program 3 (id=476):
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, &(0x7f0000000180))

264.089584ms ago: executing program 3 (id=477):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000280)={0xffffffff}, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x14, 0x12, 0xa01, 0x0, 0x0, {0x7}}, 0x14}}, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r2, 0x0, 0x60, &(0x7f00000000c0)={'filter\x00', 0x7, 0x4, 0x3d0, 0x110, 0x200, 0x200, 0x2e8, 0x110, 0x2e8, 0x4, 0x0, {[{{@arp={@loopback, @multicast1, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'ip6gretap0\x00', 'veth1_macvtap\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @broadcast, @local}}}, {{@uncond, 0xc0, 0xf0}, @unspec=@CONNMARK={0x30}}, {{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x420)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000440)=[{0x20, 0x2, 0x81, 0xfffff034}, {0x20, 0x0, 0x0, 0x80000000}, {0x6}]}, 0x10)
sendto$inet6(r0, &(0x7f0000000180)="b8", 0x1, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x8000000, @loopback, 0xffffffff}, 0x1c)

263.704405ms ago: executing program 5 (id=478):
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x5, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x5, 0x8, 0x20005, 0x7, 0x0, 0x0, 0x0, 0x20004006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) (async, rerun: 32)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800e00010069703665727370616e0000002000028006000200300000001400060000000000000000000000ffff7f00000108000a"], 0x5c}}, 0x0) (async, rerun: 32)
r0 = socket$inet6(0x10, 0x3, 0x0)
sendto$inet6(r0, &(0x7f0000000000)='s', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b)
getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f0000000080)={<r1=>0x0, 0x2}, &(0x7f0000000100)=0x8)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000140)={r1, @in={{0x2, 0x4e20, @broadcast}}, 0x0, 0x101, 0x3c79, 0xac7c, 0x73, 0xfffffff6}, &(0x7f0000000200)=0x9c)

263.546795ms ago: executing program 0 (id=479):
unshare(0x26000400)
r0 = syz_open_procfs(0x0, &(0x7f00000003c0)='net/mcfilter6\x00')
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7, 0x0, 0x0, 0x0, 0x0, 0x5, 0x800000000, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x9, 0x6}, 0x0, 0x0, 0x800000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, r0, 0x1)

249.732556ms ago: executing program 3 (id=480):
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
msgsnd(0x0, &(0x7f0000002500)=ANY=[@ANYBLOB="0300000000000000ccc038e6c1811bb93fb0fff199a17ff1d35bea8fa76c6fb3427a59f08c72c3d8cca2e18a4322791fd8b85da1b744a3b55718a0995c42fd13e67a6bf56d90dd0b93965cfd2bf2a9f519a4976f97bffd5620c77df50c8e16f43c130be1d141e8669e0c5fec20b09de2820969f0c1c8fd56a287183a431cbe0f236e2ab0b31298f44fe6a4f3b00a423134db5401084cf825e1712beb998c2766ff4e94f62daea89091093343b684154185d8751a8b0408b7b3b67a7ca64f0b17f0d11d60c8d6160948f09a7c39ae17e580edbe71ac500bf1585ae80eecd86c334e551756ad8a1a6588e9ed315a3cd88380effc5751ed448dda7ffd426a7fcbe488f57fc900e5c50cbaf36df64e943a9b2d17643b8bce34f730d06bc3c6603ccf13d4053a9127058433514b081f6d7e7b2dd20d653f3ac64f8da442b0f8e3e69791400ab667153ac6279663070aad353e5fb0b1d5006f41d78dc2d9646420cef9e55080112538004eb10975677cab1d56bfaeed2ee9680cd8edc9be87b14cf5014c46ec33b6e279e7d16132d396648f2fce87e42b072bab826351605885e05542c787d65c9e1bf66a31e3c796fdf4f48a7b05b5f66be510f7cdd8a35ee84219f3c9f338205c2588ac6e91df1a38896a8dddb2a4f9f665e94c94f7b01dbe1ed7063dd2b565c0f63e6029faa1b5074b49f26b68685a4a6268292a01c7989f9b790a538f18fd1f14d30554161f540aeebb1767e3cc68de35d3e024b4d07a382a42bd81d5d3278947fe13244fcd087f6ebab0f9ae22cf090480279b8bc5b112994a54625add85b947e96dfe42e4ea3834350efa5e3548c9b5240a11484cf84ce175483c8bd78fb47c050e97c6a89ae67fda0da9e54219b3a52ad4a99b991cd4eb5e5fd0199f79a1ac40d97bce5402a92a6bcdb9a9e7a3775a97d1ff71fb8f15937775a9397d51bbe5363f18c04f8c4a2ed56fe75ef76d1b9c721631ae03d5e998358a993cf6d6693bd9d42513e9319e87e78738544bae042cc4c40e86249cfc32e4fae85a7b2b3486cc2337f6998efc0762570c8e59383339eb6127014f0ce192d4beb2b81b20d155e53b412fb24941005e9609f2f2fa335e457e1db4ddffe2c9aaa30227cb87bccf92c6a41505ace98544953ff43f1bd0be3109284f0fc3aa3f4680779439576d0c5eb9e0eca109061004cf592369091188bd1fedea1dcb435eb12e72fed5c4ecfb854e690319be047928352d8fc1dffd7f3e9b8d877da260a0c7625de97436de03896efb234feee1af20d341b8295d25f4a4b88a52668c32de7edfb368fccd7dbe7e4de590c2fd0dc45f4fb9b221bf676379053d4ad1d6265b0f7dc1fdbcc402f124b3ad1828bbc067701da51bea2320a716557f4269a8df8bb6d0ef452d3878c3b47610048771e2e8659bdd62414c8d67596288c7266816e1326a83b711bd89949270417c441694b7ee72d9a8234d0399ebe33036ba2e4ef6f7ca7b19eac0d2d6bd2dc037a8a6f21be906c98ad43a199be9cb500ea3e25e8d7f3afa2841d41381dcef2700554d9560a50676b5f463510fc166052ade0d716e6b4f32c14d940ad8215cbb67f5715a5c5bd14346042ada0c4f8f3d251b81a2d1e2066b016fe694cef976c5cf44fe7733c850aa5bfd9886ab0b08ddb5d3499c047e29d7c2e0c5e9eaa6b651d4a6c9e60f6338279dd5fa1062a8b6811b9fbc5c430d2904debc3307b45bc6e7b2930e62fdeac4fac60b548aaa8c0b338825d2a0028123c2cff093beb9c3ea40dea23ac17f04577d2f1fa907ccc55ea17bd2411aca8cddf6753340be88f66ff6ff3cd0a29332ee4fb9f7297dd820dc9f16eb2b758c25090f4bbf55fcdd6e11f6196758b6367d2f1fc7c8eeed969accb3e5d4a4d9d715d26045b609c1e5bf21c1e99d9fe9c1e58bc95461740efee204f1770c37df6a1e57bf92d6c6b8374b0295b8731f0dd004744225bb80f250573f119866d83b04005df80fcdc0f96dd2f3a542d10407e66621fbab1d40a5c5d721c6d493ee3ebeb43fe5e4b26aa4e465ecf57fbeda5aa1d3d84d41cbf14da60a93a16f9fea27983dd637fd61c2f596b111ba9bdaa33584793bb8c6bdbab3454fe84d6555f3af296047ae6efde9581419872e83760781c1d6c2dcec2d158863714d3da76ad519405fb8bf7afd9c678619abee6378e0057a19468f18349ba3388d33bac8d6632bb111f3eb0c7ef91ba28ccef5c7d2ab93e5a9ca25f96ee0fc1232ed5460c247e36c076c744c0040b1a10daad03b56b78d3e73f335a29243701b4747e8e752b3801c2c6843da12ea08a06f2380358ea1efcdddf700e2dfda60a41a7b394fe7c215059a808e2ce58e57af7e1776b93e59f3240bc9e8cd49e65ce2382202482530918621614a3c8030c281b5ff211b21294ee3c52af5da48047a654a6b17d38c2f49c5f006999bd5d6ca6f02c5fb96e0f9478369811c3c273bce4525ee36d51d7c74188be53c28ac5288acbc14b89164cd27777a0ba2ab068395641df63d02cc120c00ebad84bcb116002e19c322e47051e47c79865595740eff0f3d9bc68e1fd42313a31e254c4b3c4ffffe75e64dd6396115760bbaf66108a3a7adc0561b9a73ae14096b9a158c2d99c0fd73ccf69b83c7e8c4859c94f6070c77ffae26a27c70811a1c696869e251cb678a3e4725b8f446b30b7b223a038fc3297d0e3a6c61032d14d6ec43c038dbb7ceb61194a0a89df89235ba47561bd224f17b32fc4a5e173109f76c0f9fd60bcb1c04fa0c9fe80ff17612eab6abb08e2fa485a7762e5300936c3a84bccba1003cc568e0238bf39a004d3a322b551bc72621ae135d616e1bfe47e16290e9fc20a9a139cb3008d92463db3a86905a68511760ce82e94c7fa28bdbb65fef5516aa68fa511275fbdc26b4e0d838ef50aeffbc0ac2ba32c1cf98e92252b084b6576aa4b021f737a13255599c4e5ce4e307ff829fe84bda3b418562c15c2479b7e0b91d"], 0x839, 0x1000000)
ioperm(0x101, 0x2, 0xf)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xeffffffb, 0x1, @perf_config_ext={0x3fffffffc, 0x2}, 0x103803, 0x0, 0x0, 0x3, 0xfff, 0x6, 0x7fff, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000100)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0xa}}, {@usrquota}, {@nodiscard}, {@noinit_itable}]}, 0xfe, 0x584, &(0x7f00000007c0)="$eJzs3d9vU1UcAPDv7TZgG8JICFEfzBIexCAd2/yBiQ/4aJRIou/YbGUh6yhZO8ImifAgL74YojFGovEP8F3fiP+AfwWJkhBDFn3wwZrb3kLZ2q0bgxX6+SQXzrnn3p3z7b3n7JzdNg2gb42n/+QiXoqIr5KIgy1lg5EVjjeOW71/dSbdkqjVPv4riSTb1zw+yf4fzTIvRsRvX0Qcz62vt7K8Ml8olYqLWX6iunBporK8cuLCQmGuOFe8ODU9ferN6al33n5r/cl7txfra2f/+e6j2++f+vLo6rc/3z10M4nTsT8ra43jMVxrzYzHePaaDMXpNQdO7kBlvSTZ7QawLQNZPx+KdAw4GANZrweef59HRA3oU4n+D32qsQJINdb2G66Da8/fKu/ee40FUDP2h/Enjb+NxL762mhkNXlkZZS+EmM7UH9axy9/3rqZbrFzf4cA2NS16xFxcnDwkfHvQLSMf9t3sotj1tZh/IOn53Y6/3l9b5v5T+7B/CfazH9G2/Td7di8/+futj9zmw+B1kjnf+9Gu/nfg4dWYwNZ7oX6nG8oOX+hVEzHtnSYPBZDe9P8Rs9zTq3eqXUqa53/pVtaf3MumLXj7uCaUGcL1cLjxNzq3vWIlzeZ/yZtrn/6epztso4jxVuvdCrbPP4nq/ZTxKttr//DtU6y8fPJifr9MNG8K9b7+8aR3zvVv9vxp9d/ZOP4x5LW57WVrdfx475/i53KxpPsoekW7/89ySf19J5s35VCtbo4GbEn+XD9/qlG+oeWfPP4NP5jR9v3/43u/+GI+LTL+G8cvtHx0F64/rNbuv4dErWkY9GdDz77vlP93Y1/b9RTx7I93Yx/7Vs6kpU+zt0MAAAAAAAAvSsXEfsjyeUfpHO5fL7x/o7DMZIrlSvV4+fLSxdno/5Z2bEYyjWfdI+2vB9iMns/bDM/tSY/HRGHIuLrgeF6Pj9TLs3udvAAAAAAAAAAAAAAAAAAAADQI0Y7fP4/9cfAbrcOeOJ85Tf0r037/0580xPQk/z+h/6l/0P/0v+hf+n/0L/0f+hf+j/0r631/+En1g7g6fP7HwAAAAAAAAAAAAAAAAAAAAAAAAAAAHbU2TNn0q22ev/qTJqfvby8NF++fGK2WJnPLyzN5GfKi5fyc+XyXKmYnykvbPbzSuXypcmpWLoyUS0m1YnK8sq5hfLSxeq5CwuFueK54n+1hqcSHAAAAAAAAAAAAAAAAAAAADwjKssr84VSqbj4fCVyWXhdn3UgO6EXGv9sJQa3cvBwb7T50cQ3v/ZEM3ossYuDEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACs8X8AAAD//2BkMxE=")
timer_create(0x0, 0x0, 0x0)
creat(&(0x7f00000002c0)='./file1\x00', 0x10)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYRESHEX=r0, @ANYRES32, @ANYRESOCT, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000000d490278e213419a3133ca1e13caa00000090cffb16ceb6d8ea5ef5fbd7657bc7715aab4d8089ee9fc94d0b7260724a880782a90c8dc364cf75d489ac2726dfac7d17ecee40c82f70b6566531734f787b2295e01ac5ae1d5fde24a0866bf2bf4aae1e6cbfabe4701ae60a26b718d4fc3b0cbdb7ccbce65d8b15a8a2205850e7a8c594e99e0775efb591e5fed25569ba42d7fe9681a06e915530768e4bef0d6945e4b4ea0a8d0d829bc6df4d35dd0e9b274622b38663b681aa1db2e7d05498a4dfce1bc167474d1a328436b3a17d0cb8ae8e327d89cb19e1cb3a59f801b2ff3a5d81211e372c9327681f6be2a9fa0cd8e046a7"], 0x50)

228.221926ms ago: executing program 5 (id=481):
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x15, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000047b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000007b00000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x1f, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94) (async)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000010c0)={0x4, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000300)={r0, 0x2000000, 0xe, 0x0, &(0x7f0000000600)="c9f7b98600"/14, 0x0, 0x7ffd, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) (async)
syz_emit_ethernet(0x86, &(0x7f00000010c0)={@broadcast, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x1, 0x0, @private=0xa010102, @local}, @redirect={0xc, 0x0, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, {0x17, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @private, @multicast2, {[@timestamp_addr={0x44, 0xc, 0x0, 0x1, 0x0, [{@remote, 0x4e210000}]}, @timestamp_addr={0x44, 0x3c, 0x0, 0x1, 0x0, [{@multicast1}, {@remote}, {@dev}, {@private}, {@empty}, {@initdev={0xac, 0x1e, 0x0, 0x0}}, {@empty}]}]}}}}}}}, 0x0) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = mq_open(&(0x7f0000000480)='!sel\x00\x00\x00\x10\x00\x00\x00\x00\xd7\\P\xc1\xde.O\xcb]0y\x00\x00\x00\x00\x00\x00\x00\x00', 0x6e93ebbbcc0884f2, 0x196, &(0x7f0000000440)={0x2000000000002000, 0x1, 0x56, 0x3})
mq_timedsend(r2, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r2, &(0x7f0000000880)=""/202, 0xca, 0x200000200009, 0x0)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_SET(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000040)={0x2c, r3, 0x601, 0x0, 0x0, {}, [@TIPC_NLA_LINK={0x18, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x2400c005}, 0x0) (async)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='statm\x00')
fcntl$setstatus(r4, 0x4, 0x40800) (async)
r5 = syz_io_uring_setup(0x6170, &(0x7f0000000780)={0x0, 0xe52d, 0x10100, 0x200, 0x1}, &(0x7f0000000380)=<r6=>0x0, &(0x7f0000000040)=<r7=>0x0) (async)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r4)
sendmsg$NL80211_CMD_DEL_TX_TS(r1, &(0x7f0000000740)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000700)={&(0x7f0000000280)={0x34, r8, 0x200, 0x70bd2b, 0x25dfdbfb, {{}, {@val={0x8}, @val={0xc, 0x99, {0x7, 0x54}}}}, [@NL80211_ATTR_MAC={0xffffffffffffffb0, 0x6, @broadcast}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x4000000) (async)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x3, 0x4, &(0x7f00000006c0)=@framed={{0x18, 0x2, 0x0, 0x0, 0xfffffffa}, [@call={0x85, 0x0, 0x0, 0x27}]}, &(0x7f0000000680)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r9, 0x0, 0xe, 0x0, &(0x7f0000000000)="5becbc0e0d7cca6073a4f11d1b00", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) (async)
syz_io_uring_submit(r6, r7, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x4000, @fd=r4, 0x792, &(0x7f0000000240)=[{&(0x7f00000004c0)=""/140, 0x8c}], 0x1, 0x0, 0x1})
io_uring_enter(r5, 0x567, 0x1000a387, 0x0, 0x0, 0x0) (async)
r10 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r10, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r10, &(0x7f00000005c0)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000580)=0x14)
sendmsg$nl_route(r10, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)=@newlink={0x4c, 0x10, 0x437, 0x70bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, r11, 0x20c89}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @ip6gre={{0xb}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_LOCAL={0x14, 0x6, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}]}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20008000}, 0x20000000)
perf_event_open$cgroup(&(0x7f0000000300)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x600, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3bfffffe, 0x2, @perf_bp={0x0, 0x2}, 0x0, 0x0, 0x0, 0x1, 0x91, 0xffff, 0x0, 0x0, 0x0, 0x0, 0xe985}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x8)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) (async)
socket(0x10, 0x3, 0x0) (async)
syz_open_procfs(0x0, &(0x7f00000018c0)='net/raw\x00')

226.703636ms ago: executing program 0 (id=482):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xd, 0x4, &(0x7f0000000c80)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7fff}, [@call={0x85, 0x0, 0x0, 0x31}]}, &(0x7f0000000000)='GPL\x00', 0x3, 0x0, 0x0, 0x41000, 0x7, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfe}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, 0xffffffffffffffff)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00"/13], 0x48)
pipe(&(0x7f00000001c0)={<r3=>0xffffffffffffffff})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000940)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
pipe(&(0x7f0000000340)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
splice(r4, 0x0, r5, 0x0, 0xf3a, 0x0)
splice(r3, 0x0, r5, 0x0, 0x80, 0x4)
read(r3, &(0x7f0000000240)=""/233, 0xe9)
r6 = bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYRES16=r2], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000380)={&(0x7f00000004c0), &(0x7f0000000280)=""/127, &(0x7f00000005c0), &(0x7f0000000300), 0x2}, 0x38)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@filter={'filter\x00', 0x4, 0x4, 0x3c8, 0xffffffff, 0x218, 0x218, 0x218, 0xfeffffff, 0xffffffff, 0x320, 0x320, 0x320, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x2f2, 0xd8, 0x120, 0x0, {}, [@common=@ah={{0x30}, {[0x4d3, 0x4d3], 0x475775ba, 0x1, 0x2}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00', 0x1, 0x35, {0x3}}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00', 0x0, {0x3}}}, {{@ipv6={@private0, @dev={0xfe, 0x80, '\x00', 0x27}, [0xff, 0x0, 0xff000000, 0xffffffff], [0x0, 0xff, 0xff000000, 0xffffff00], 'team0\x00', 'batadv_slave_0\x00', {0xff}, {}, 0xff, 0xe7, 0x4, 0x11}, 0x0, 0xa8, 0x108}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv4=@private=0xa010100, [0xffffff00, 0xff, 0x0, 0xffffff00], 0x4e24, 0x4e21, 0x4e21, 0x4e23, 0x8a, 0xffff, 0x5, 0x2, 0x3fd}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x428)

215.611557ms ago: executing program 6 (id=483):
socketpair$unix(0x1, 0x2, 0x0, 0x0)
close(0x3)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x6f4000)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioperm(0x5, 0x8, 0x8000000000005)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10010, 0xffffffffffffffff, 0xed526000)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
signalfd(r0, &(0x7f0000000500)={[0x8]}, 0x8)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a0000000500"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYBLOB="9e15f810a91ad7f66f64000000", @ANYRES16=r2, @ANYBLOB="00042bbd7000fddbdf250200000008000200020000000c00018005000200080000000800030005000000050005000c0000000800020001000000040006800800040008000000080004000100000008000300050000000800020002000000"], 0x64}, 0x1, 0x0, 0x0, 0x8114}, 0x40000d0)
r3 = memfd_create(&(0x7f00000005c0)='\x103q}2[\xe0\x9a\xee\xaf\x03\x97\x9et\v\"|Ma\x86\xe7\xc0\x14\x9f\xb9h\xb1\x96\xe7=I\x860S6\xb5\xa8\xc2\x95Je%\xfeG\'\b\x00\x00\x00\x00\x00\x00\x00\x1c\xa6\xab\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94k\xcd\t\x00\x90k\xd6\x05\xb6&\xd0\x9daA\xc5\x9c_\xd4\x18,\f\xd4s\xb2\x99/\xc0\x9a\xf2Oc\xc0c\x03gB!\xb0\xb8n\x01\x9bT\x95\x10\x86\xe8$\x7f\r[\xf9\x0e1v\xb1\n\x88\v\x95uy\xb5:`\x8b\nC\x18A;\xaa%\xaf\xc7\xa3\xac\xa2D\xb5\xe2\xe1\xdc(\xfd\x05\x9fB\x84O\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x1a\xa0\x17\xe3\xac\xe9\xc9\xa7\x8a\x1b\x03\"&\xac\xcap>\xccZ\x01\xbc\x18\xc1\xb9\xe9\v\x8b\x9c\xb4Q\xd4\x96EV<>\x99\xca\xb3\xe0\xc4tL\xed\xf5W\xbd#\xcf\x8a\x84\xed\x9f/\xd4\xbb\xea;-Dp\xf8\xd0F\x90\xf8\x92Ip6\xf4\x16\xe8\x14\xe0\x92!\x92-F\xe2\x14D\x91\xa8b\x04\xdd\x1d\a\xdc\xe0\x18\x85{\x80Q\xf6k\x96\xfaQ\x9fW\vO\xf0\xe4O\\\xceS\xe2\x05\x049d\x06#\x88\xc3\xdf\x85O\x1c\xc3\xad?r\xd7\x0e\x00\xd7\x83\xb0\x88\x9c\xf6Y-F\x98\xdd\x9c~\xfd\x95\xc3\xb6lC\xaa\"Y\xa2K\xecz\x84:*\xf5Y\xd1\x9b1\xbd\x9b\x15\xd4\xec\x02o\x01&\xaa\x90w\xc4\xc7\x8en\xb5\x1ag\xab&?\xbe\xcb\xe8v\xa8\xe0\xa4\x81sW\xacf\x149\xd2}\xef\x03Ga\x9a$4\x8c\xa5!p\x83\x05\x96%\x02%\xabj\n\b\xc8NC\x91}&y\xd3\xe1\xeep\'\xc5\xab\x19GsX5\x8c\n\x9fh\xee;4\xb1%V\xe0\xa9\x8e\xf30:\xd8\x18N~G\x139\xcaf2\x02F1\xc6\x82\x00E\xae\x9d\x17\x871N:\xb4\xea \x8e\xdelP\x83\x1f\'\xe2\xd6\xc0\xc3\xfc\xc9677u\xf3RUP@o>\xee\xb8\xa3\t\x02\xb7\\,\xebK\xed\x1b\xc9e\xb3\x16\xce\x9bI\xdb\xfa\x82\x85\t\x9bg\xd0s\xe2\f{\x8cp~;\xf8\x96\xf2\x91\x06\x89\xa6D\xce\xac\x03\xc1\x83\xd1\xe6 |\xa75\xd7\x80t\xfc\xf8\xd2\x12N\x1cB7^\xfd4\xae\xb0VFw\b!\xae\x1baTv\xc0z\x19\xc5\xc8w\xba\x97N\x9a`\x8f\xfc\x9ee\xf9\x00\x1cQA\x14]\r\xd4\"\xc2\x12GD\xdb{\x88\xaa\x81\xc8\xa2\xdeI\xa2\xbel\x0e\xec\x17fNI\x05\xff\x8d\xf4_\x1a\vqA\xb7\x0ed<\x98\xee\xb8\x19\xec\x9f\xee\xe1_\xacG\x8b\xa3\xc3\x13\x80\x0f\xf4I\xdeAwG\xbdkno\xa2\b\x126\x97\x9b\xf9|P\xd94\v\x15\xcb\xc0\x9d\x11\xf3\x18\xae!2\x1b\x12\xa9\xc8~\xb7S\x94\xb5\xc7;\xa90D>s\xe9\xa4N\xf8\xdb\xab\xa0\x94~\xa1]b\xa4\xe5\xe2e\x1c\x8b\xd2\xc7Md\x93\x02\xd8\xb0,\xeb\x03\xaa\v\xed\x9bR\x8a\x80\xc2\x1f\x17ej\x973wv\x83a\xe06\x96\xde\xbc%Uh;H\xf8S\xf1\xa1g\x02\xc4\xc3\xa4\xa8\x96\t\xfex\xa2?\xcb\\Y\x1e\xfe\xca\xa0i\x80O\x11\xac\xb7$\xdb\xbc\xb0\xcb\xacqU\xb5*\x00\x00\x00\x00\x00\x00\x00\f\xda\xf8oV\x89\xd3\x1f\x99+\xe5T\x8eM4\x1c\xc6\x7f\xd4\xf2\xcc\xd3\x94\xca\xd4\x00\x00\x00\x00\x00\x00\x00\x00\x00~A9\xf6IBu2L\x9e\xa2\xd0\x92\xd1\xbc\xb8\tJ\xa1\aN\x87\x95\xbb\xa9s\xab\x90\x06\xc6!p\x9e?~\xf9\xe6\xae*\v\xa3\xd9gxKN\'z]*\x93\xf7\b\x91\xd0\xff\xd9\xc6a\xb5q\x9c\xa1Go\xd58\x93\xe0,\x9f\xe4\xa9\xd9A\x9e\x95e\x98\xd0V\x9d\xed\x97\xf1\xc5\xce\xf5\x90!d\x9a\xd8\x10\xbbx\r8\xff\x8bNUK\xebA\xe5\x92f\xc4\xd1\xa8\x15\xbf\xb5iW\xdb.kbf*\x89\xf0\xecq m-~\xbbf?\xec=\xd2\xe2\x1e\x8d/o\xcd\xc8x\xdb\xe6\xd0W\xca\xc5kz\x8e9\xfa\x86\x0f\x96p', 0x3)
ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1000000})

140.681652ms ago: executing program 5 (id=484):
r0 = socket(0x29, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, 0x0, &(0x7f0000000180))

125.558783ms ago: executing program 5 (id=485):
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe}, 0x94)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000540)={0x3, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000140)={0x14f, @tick=0x7})
r1 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x48, '\x00', 0x0, @fallback=0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
r3 = openat$selinux_context(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$selinux_context(r3, &(0x7f0000000340)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d)
unshare(0xa030d00)
r4 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
bind$802154_raw(r4, &(0x7f0000000000)={0x24, @long}, 0x8)

81.210735ms ago: executing program 3 (id=486):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x7}, 0x8)
getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000000000)={<r1=>0x0, 0x0, 0x10}, &(0x7f0000000080)=0xc)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000040)={r1, 0x6d207ee5}, 0x8)
bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r2 = syz_io_uring_setup(0x117b, &(0x7f00000000c0)={0x0, 0x29d8, 0x10100, 0x200003, 0x60}, &(0x7f0000000140)=<r3=>0x0, &(0x7f00000006c0)=<r4=>0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r2, 0x16, &(0x7f0000000000)={&(0x7f0000001000)={[{0x0, 0x0, 0x0, 0x300}, {0x0, 0x0, 0xfffd}, {0x0, 0x0, 0x4}, {0x0}]}, 0x4}, 0x1)
r5 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f00000003c0)=@IORING_OP_SEND={0x1a, 0x20, 0x0, r5, 0x0, 0x0, 0x0, 0x20044081, 0x1})
io_uring_enter(r2, 0x27e2, 0x0, 0x0, 0x0, 0x0)
sendmmsg$inet6(r0, &(0x7f0000000200)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x1, @loopback, 0x1}, 0x70, &(0x7f0000000580)=[{&(0x7f0000001680)='\t', 0x1}], 0x1}}], 0x1, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r6 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r6, 0x29, 0x2e, &(0x7f0000000080)={0x0, {{0xa, 0x4, 0x0, @mcast1={0xff, 0x7}, 0x8a4}}, {{0xa, 0x4e20, 0xfe, @remote}}}, 0x108)
r7 = syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(r6, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000240)={&(0x7f0000000300)={0xd0, r7, 0x800, 0x70bd25, 0x25dfdbfd, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x8e, 0x2}, {0xc, 0x8f, 0x9}, {0xc, 0x90, 0x3}}, {@pci={{0x8}, {0x11}}, {0x8, 0x8e, 0x3}, {0xc, 0x8f, 0xd5}, {0xc, 0x90, 0xfff}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x8e, 0x1}, {0xc, 0x8f, 0x1000}, {0xc, 0x90, 0x4}}]}, 0xd0}, 0x1, 0x0, 0x0, 0x4000000}, 0x24000000)
setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r0, 0x84, 0x79, &(0x7f0000000140)={0x0, 0x0, 0x9}, 0x8)

59.361457ms ago: executing program 6 (id=487):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000600)='./file0\x00', 0xc8d0, &(0x7f0000000140)=ANY=[@ANYRES8=0x0], 0x1, 0x30e, &(0x7f0000000f00)="$eJzs3E1rE10UwPGTNEnTlHayeHhEQXrRjW6GNu7FIC2IAUttxBcQp81EQ8akZEIlIrZduXEhfggXpcvuCtov0I07V27cdSO4sAtxJDOTl7aJrWnSWPv/QZlD7j0z9+Y24dyBzPbdN0/zWVvPGmUJRpUERER2ROISlJqAfwy6cUSaLcvl4W+fzt++d/9mMpWanFFqKjl7JaGUGh17/+zFkN9tY1C24g+3vya+bP2/dXb75+yTnK1ytioUy8pQc8XPZWPOMlUmZ+d1paYt07BNlSvYZslrd5ZELFNlreLCQkUZhcxIbKFk2rYyChWVNyuqXFTlUkUZj41cQem6rkZigoOkV2dmjGSHyfNdHgx6pFRKGgMiMrSvJb3alwEBAIC+8uv/erUfrJb0ndT/oZb1/9qFzfLwnfVRv/7fiFTrf5Gm+v9R41ymygTr9X9URBr1f9HbH3S7/t9fEZ1sr3cvjjhOPYy06n+k+h8nRLX+j/mfX9fKg7VxN6D+BwAAAAAAAAAAAAAAAAAAAADgJNhxHM1xHM07DvivOtqgiETdX5B47X0eJnpk9/o3/lj/06Hx4I7QqIj1ajG9mPaOfodNEbHElHHR5If7/+CrxpFl5XZSVXH5YC35+UuLae+7JJmVnJs/IZrE9+Y7ztSN1OSE8uzOD0usOT8hmvzXOj+xNz9cPUbk0sWmfF00+TgvRbEk4/8yrpb/ckKp67dSe64/5PYDAAAAAOBfoKu6+v59sLld39/u7Y+9dm9/HZLW9we8/fV4y/19SM6F+jVrAAAAAABOF7vyPG9YllnqUbAiIj2+RJugNsPDZtUekNumT0AC7Zq6ENQu3ll6dWxdG0/4UO9YsKOhjkX+cFFaBrXbRu36yHQnZ3Y0kaO+h2fevvv++z7enTGRw5zw6nr0gJl2GkQOmmn42L6AAAAAABybRtFfe+VafwcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMApdByP4uv3HAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC/xa8AAAD//46ZAFE=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x12)
r2 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$sock_int(r2, 0x1, 0x29, &(0x7f0000000100)=0x3ff, 0x4)
setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x41, &(0x7f0000000040), 0x4)
bind$can_raw(0xffffffffffffffff, &(0x7f0000000200), 0x10)
r3 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r4=>0x0})
bind$can_j1939(r3, &(0x7f0000000000)={0x1d, r4, 0xffffffffffffffff, {0x1, 0xff, 0x4}, 0xfe}, 0x18)
getpeername$packet(r0, &(0x7f00000012c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000001300)=0x14)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000001340)={0x0, @multicast2, @broadcast}, &(0x7f0000001240)=0xc)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000c80)={'lo\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x48, 0x2, {{}, [@TCA_NETEM_SLOT={0x2c, 0xc, {0x0, 0x0, 0x0, 0xf1}}]}}}]}, 0xc3}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000013c0)={'macvlan0\x00'})
write(r1, &(0x7f0000000a00)="c7885a8f24f458bed7211672288cfc5eb3", 0x11)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x7)
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7ffff000)

15.115239ms ago: executing program 3 (id=488):
r0 = socket(0x29, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, 0x0, 0x0)

0s ago: executing program 5 (id=489):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = dup(r0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x5, @loopback, 0x5d96}], 0x1c)
sendmsg$inet6(r0, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0xb, @loopback, 0x52}, 0x1c, &(0x7f0000000d80)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x240480c3)
r2 = dup(r1)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000000)='bond_slave_1\x00', 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000100)) (async)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000a40)={0x0, @in={{0x2, 0x4e22, @private=0xa010102}}, 0x4, 0x1, 0xf06, 0x0, 0xac, 0xfffffff9, 0x5}, 0x9c) (async)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in6={{0xa, 0x4e60, 0xfffffff6, @empty, 0x7f}}, 0x1000000, 0x31, 0xffff1896, 0x3, 0x6, 0x8, 0x6}, 0x9c)

kernel console output (not intermixed with test programs):

28.949684][ T3547] cache 0
[   28.953479][ T3570] EXT4-fs (loop4): Cannot turn on quotas: error -22
[   28.990542][    C0] hrtimer: interrupt took 32644 ns
[   28.993571][ T3547] rss 16384
[   29.015438][ T3547] shmem 0
[   29.015446][ T3547] mapped_file 0
[   29.015452][ T3547] dirty 0
[   29.015505][ T3547] writeback 0
[   29.030792][ T3570] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.19: bg 0: block 40: padding at end of block bitmap is not set
[   29.035081][ T3547] workingset_refault_anon 4
[   29.038354][ T3570] EXT4-fs (loop4): Remounting filesystem read-only
[   29.041106][ T3547] workingset_refault_file 512
[   29.041116][ T3547] swap 172032
[   29.041124][ T3547] swapcached 16384
[   29.049200][ T3570] EXT4-fs (loop4): 1 truncate cleaned up
[   29.050817][ T3547] pgpgin 1213
[   29.096319][ T3547] pgpgout 1209
[   29.099744][ T3547] pgfault 3847
[   29.103142][ T3547] pgmajfault 9
[   29.106512][ T3547] inactive_anon 16384
[   29.110487][ T3547] active_anon 0
[   29.112852][ T3570] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   29.114144][ T3547] inactive_file 0
[   29.114154][ T3547] active_file 0
[   29.114162][ T3547] unevictable 0
[   29.137028][ T3547] hierarchical_memory_limit 314572800
[   29.142536][ T3547] hierarchical_memsw_limit 9223372036854771712
[   29.148684][ T3547] total_cache 0
[   29.152179][ T3547] total_rss 16384
[   29.155812][ T3547] total_shmem 0
[   29.159266][ T3547] total_mapped_file 0
[   29.163362][ T3547] total_dirty 0
[   29.166814][ T3547] total_writeback 0
[   29.170646][ T3547] total_workingset_refault_anon 4
[   29.175725][ T3547] total_workingset_refault_file 512
[   29.181038][ T3547] total_swap 172032
[   29.184836][ T3547] total_swapcached 16384
[   29.189101][ T3547] total_pgpgin 1213
[   29.192948][ T3547] total_pgpgout 1209
[   29.196869][ T3547] total_pgfault 3847
[   29.200809][ T3547] total_pgmajfault 9
[   29.204694][ T3547] total_inactive_anon 16384
[   29.209189][ T3547] total_active_anon 0
[   29.213204][ T3547] total_inactive_file 0
[   29.217364][ T3547] total_active_file 0
[   29.221482][ T3547] total_unevictable 0
[   29.225488][ T3547] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.14,pid=3546,uid=0
[   29.239934][ T3547] Memory cgroup out of memory: Killed process 3546 (syz.0.14) total-vm:95976kB, anon-rss:1328kB, file-rss:22476kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[   29.324533][ T3317] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   29.356718][ T3577] loop3: detected capacity change from 0 to 1024
[   29.380970][ T3581] loop1: detected capacity change from 0 to 1024
[   29.403406][ T3581] ext4: Bad value for 'resgid'
[   29.408253][ T3581] ext4: Bad value for 'resgid'
[   29.519617][ T3574] loop2: detected capacity change from 0 to 1024
[   29.561436][ T3587] netlink: 'syz.1.24': attribute type 13 has an invalid length.
[   29.590402][ T3583] infiniband 
: set down
[   29.590596][ T3587] : renamed from syz_tun (while UP)
[   29.594748][ T3583] infiniband 
: added ipvlan0
[   29.611647][ T3577] EXT4-fs error (device loop3): ext4_orphan_get:1417: comm syz.3.23: bad orphan inode 134217728
[   29.627021][ T3583] RDS/IB: 
: added
[   29.630806][ T3583] smc: adding ib device 
 with port count 1
[   29.636711][ T3583] smc:    ib device 
 port 1 has no pnetid
[   29.725778][ T3577] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   29.783470][ T3591] loop1: detected capacity change from 0 to 512
[   29.845638][ T3574] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   29.911755][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   29.946626][ T3595] tipc: Started in network mode
[   29.951638][ T3595] tipc: Node identity 7f000001, cluster identity 4711
[   29.958863][ T3595] tipc: Enabled bearer <udp:syz2>, priority 10
[   29.965782][ T3601] syz.4.29 uses obsolete (PF_INET,SOCK_PACKET)
[   29.982736][ T3601] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   30.257956][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   30.325210][ T3669] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   30.345568][ T3669] ext4 filesystem being mounted at /6/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[   30.401913][ T3317] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   30.411608][ T3692] netlink: 'syz.0.37': attribute type 10 has an invalid length.
[   30.468888][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   30.682533][ T3711] netlink: 'syz.1.46': attribute type 3 has an invalid length.
[   30.690127][ T3711] netlink: 'syz.1.46': attribute type 1 has an invalid length.
[   30.723123][ T3715] netlink: 'syz.1.46': attribute type 3 has an invalid length.
[   30.731086][ T3715] netlink: 'syz.1.46': attribute type 1 has an invalid length.
[   30.816253][ T3711] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[   30.903116][   T29] kauditd_printk_skb: 345 callbacks suppressed
[   30.903129][   T29] audit: type=1400 audit(1768984168.592:460): avc:  denied  { remount } for  pid=3689 comm="syz.2.35" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   30.903561][ T3711] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   30.998184][ T3317] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   31.071445][ T3714] Set syz1 is full, maxelem 65536 reached
[   31.077212][ T3495] tipc: Node number set to 2130706433
[   31.163195][ T3728] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   31.176537][ T3728] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   31.202415][ T3728] EXT4-fs (loop3): orphan file too big: 4294967295
[   31.209134][ T3728] EXT4-fs (loop3): mount failed
[   31.281284][   T29] audit: type=1400 audit(1768984168.972:461): avc:  denied  { append } for  pid=3734 comm="syz.0.52" name="loop9" dev="devtmpfs" ino=109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   31.361805][   T29] audit: type=1400 audit(1768984169.052:462): avc:  denied  { mount } for  pid=3742 comm="syz.0.56" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   31.461646][   T29] audit: type=1326 audit(1768984169.152:463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3755 comm="syz.3.60" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61aa03acb9 code=0x7ffc0000
[   31.500673][ T3756] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=256 sclass=netlink_route_socket pid=3756 comm=syz.3.60
[   31.518623][ T3758] netlink: 'syz.0.62': attribute type 3 has an invalid length.
[   31.558458][ T3760] FAULT_INJECTION: forcing a failure.
[   31.558458][ T3760] name failslab, interval 1, probability 0, space 0, times 1
[   31.572002][ T3760] CPU: 1 UID: 0 PID: 3760 Comm: syz.0.63 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   31.572109][ T3760] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   31.572122][ T3760] Call Trace:
[   31.572221][ T3760]  <TASK>
[   31.572228][ T3760]  __dump_stack+0x1d/0x30
[   31.572256][ T3760]  dump_stack_lvl+0x95/0xd0
[   31.572285][ T3760]  dump_stack+0x15/0x1b
[   31.572363][ T3760]  should_fail_ex+0x263/0x280
[   31.572382][ T3760]  should_failslab+0x8c/0xb0
[   31.572448][ T3760]  kmem_cache_alloc_noprof+0x68/0x490
[   31.572493][ T3760]  ? fcntl_setlk+0x53/0x950
[   31.572518][ T3760]  fcntl_setlk+0x53/0x950
[   31.572539][ T3760]  ? should_fail_ex+0xd9/0x280
[   31.572557][ T3760]  do_fcntl+0x6a1/0xf80
[   31.572595][ T3760]  __se_sys_fcntl+0xb1/0x120
[   31.572622][ T3760]  __x64_sys_fcntl+0x43/0x50
[   31.572648][ T3760]  x64_sys_call+0x2d6f/0x3000
[   31.572677][ T3760]  do_syscall_64+0xc0/0x2a0
[   31.572705][ T3760]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   31.572797][ T3760] RIP: 0033:0x7efd02afacb9
[   31.572814][ T3760] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   31.572879][ T3760] RSP: 002b:00007efd01557028 EFLAGS: 00000246 ORIG_RAX: 0000000000000048
[   31.572901][ T3760] RAX: ffffffffffffffda RBX: 00007efd02d75fa0 RCX: 00007efd02afacb9
[   31.572917][ T3760] RDX: 0000200000000100 RSI: 0000000000000025 RDI: 0000000000000004
[   31.572930][ T3760] RBP: 00007efd01557090 R08: 0000000000000000 R09: 0000000000000000
[   31.572998][ T3760] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   31.573011][ T3760] R13: 00007efd02d76038 R14: 00007efd02d75fa0 R15: 00007ffea48327c8
[   31.573027][ T3760]  </TASK>
[   31.573699][   T29] audit: type=1326 audit(1768984169.182:464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3755 comm="syz.3.60" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f61aa03acb9 code=0x7ffc0000
[   31.768477][   T29] audit: type=1326 audit(1768984169.182:465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3755 comm="syz.3.60" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61aa03acb9 code=0x7ffc0000
[   31.791608][   T29] audit: type=1326 audit(1768984169.182:466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3755 comm="syz.3.60" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61aa03acb9 code=0x7ffc0000
[   31.815522][   T29] audit: type=1326 audit(1768984169.182:467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3755 comm="syz.3.60" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f61aa03acb9 code=0x7ffc0000
[   31.838984][   T29] audit: type=1326 audit(1768984169.182:468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3755 comm="syz.3.60" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61aa03acb9 code=0x7ffc0000
[   31.862144][   T29] audit: type=1326 audit(1768984169.182:469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3755 comm="syz.3.60" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61aa03acb9 code=0x7ffc0000
[   31.967832][ T3768] __nla_validate_parse: 8 callbacks suppressed
[   31.967850][ T3768] netlink: 268 bytes leftover after parsing attributes in process `syz.0.66'.
[   32.015900][ T3772] set_capacity_and_notify: 3 callbacks suppressed
[   32.015938][ T3772] loop3: detected capacity change from 0 to 1024
[   32.043915][ T3774] capability: warning: `syz.2.69' uses 32-bit capabilities (legacy support in use)
[   32.059638][ T3772] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   32.064477][ T3774] program syz.2.69 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   32.101596][ T3772] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.68: Invalid block bitmap block 0 in block_group 0
[   32.143375][ T3779] netlink: 168 bytes leftover after parsing attributes in process `syz.1.71'.
[   32.188767][ T3787] netlink: 36 bytes leftover after parsing attributes in process `syz.2.73'.
[   32.262430][ T3772] EXT4-fs error (device loop3): ext4_acquire_dquot:6986: comm syz.3.68: Failed to acquire dquot type 0
[   32.304612][ T3772] EXT4-fs error (device loop3): ext4_free_blocks:6728: comm syz.3.68: Freeing blocks not in datazone - block = 0, count = 4096
[   32.360628][ T3772] EXT4-fs error (device loop3): ext4_read_inode_bitmap:139: comm syz.3.68: Invalid inode bitmap blk 0 in block_group 0
[   32.392042][ T2865] EXT4-fs error (device loop3): ext4_release_dquot:7022: comm kworker/u8:13: Failed to release dquot type 0
[   32.403712][ T3772] EXT4-fs error (device loop3) in ext4_free_inode:361: Corrupt filesystem
[   32.430776][ T3772] EXT4-fs (loop3): 1 orphan inode deleted
[   32.443719][ T3772] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   32.532291][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   32.550926][ T2865] EXT4-fs error (device loop3): ext4_release_dquot:7022: comm kworker/u8:13: Failed to release dquot type 0
[   32.729726][ T3807] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=260 sclass=netlink_route_socket pid=3807 comm=syz.0.81
[   32.755239][ T3806] loop3: detected capacity change from 0 to 512
[   32.765655][ T3806] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[   32.784308][ T3806] EXT4-fs (loop3): invalid journal inode
[   32.790239][ T3806] EXT4-fs (loop3): can't get journal size
[   32.818180][ T3806] EXT4-fs (loop3): 1 truncate cleaned up
[   32.841081][ T3806] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   32.885446][ T3810] nr0: tun_chr_ioctl cmd 1074025677
[   32.901279][ T3810] nr0: linktype set to 804
[   33.061262][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   33.158258][ T3823] loop1: detected capacity change from 0 to 2048
[   33.177859][ T3822] loop3: detected capacity change from 0 to 1024
[   33.191152][ T3825] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   33.205725][ T3823] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   33.221163][ T3825] FAULT_INJECTION: forcing a failure.
[   33.221163][ T3825] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   33.234280][ T3825] CPU: 0 UID: 0 PID: 3825 Comm: syz.0.88 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   33.234384][ T3825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   33.234397][ T3825] Call Trace:
[   33.234404][ T3825]  <TASK>
[   33.234411][ T3825]  __dump_stack+0x1d/0x30
[   33.234431][ T3825]  dump_stack_lvl+0x95/0xd0
[   33.234536][ T3825]  dump_stack+0x15/0x1b
[   33.234552][ T3825]  should_fail_ex+0x263/0x280
[   33.234602][ T3825]  should_fail+0xb/0x20
[   33.234680][ T3825]  should_fail_usercopy+0x1a/0x20
[   33.234698][ T3825]  _copy_from_iter+0xcf/0xea0
[   33.234717][ T3825]  ? __alloc_skb+0x397/0x4b0
[   33.234813][ T3825]  ? __alloc_skb+0x219/0x4b0
[   33.234829][ T3825]  netlink_sendmsg+0x4ae/0x6f0
[   33.234857][ T3825]  ? __pfx_netlink_sendmsg+0x10/0x10
[   33.234894][ T3825]  __sock_sendmsg+0x145/0x170
[   33.234923][ T3825]  ____sys_sendmsg+0x31e/0x4a0
[   33.234948][ T3825]  ___sys_sendmsg+0x195/0x1e0
[   33.234983][ T3825]  __x64_sys_sendmsg+0xd4/0x160
[   33.235032][ T3825]  x64_sys_call+0x17ba/0x3000
[   33.235057][ T3825]  do_syscall_64+0xc0/0x2a0
[   33.235085][ T3825]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   33.235130][ T3825] RIP: 0033:0x7efd02afacb9
[   33.235146][ T3825] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   33.235162][ T3825] RSP: 002b:00007efd01557028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   33.235180][ T3825] RAX: ffffffffffffffda RBX: 00007efd02d75fa0 RCX: 00007efd02afacb9
[   33.235195][ T3825] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000005
[   33.235208][ T3825] RBP: 00007efd01557090 R08: 0000000000000000 R09: 0000000000000000
[   33.235222][ T3825] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   33.235254][ T3825] R13: 00007efd02d76038 R14: 00007efd02d75fa0 R15: 00007ffea48327c8
[   33.235270][ T3825]  </TASK>
[   33.240203][ T3822] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   33.364889][ T3823] EXT4-fs error (device loop1): ext4_find_extent:939: inode #2: comm syz.1.86: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[   33.404420][ T3822] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.87: Invalid block bitmap block 0 in block_group 0
[   33.461060][ T3829] EXT4-fs error (device loop1): ext4_find_extent:939: inode #2: comm syz.1.86: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[   33.467010][ T3822] EXT4-fs error (device loop3): ext4_acquire_dquot:6986: comm syz.3.87: Failed to acquire dquot type 0
[   33.496862][ T3822] EXT4-fs error (device loop3): ext4_free_blocks:6728: comm syz.3.87: Freeing blocks not in datazone - block = 0, count = 4096
[   33.510539][ T3822] EXT4-fs error (device loop3): ext4_read_inode_bitmap:139: comm syz.3.87: Invalid inode bitmap blk 0 in block_group 0
[   33.523141][ T3822] EXT4-fs error (device loop3) in ext4_free_inode:361: Corrupt filesystem
[   33.531200][ T3830] netlink: 'syz.1.86': attribute type 13 has an invalid length.
[   33.539607][ T2865] EXT4-fs error (device loop3): ext4_release_dquot:7022: comm kworker/u8:13: Failed to release dquot type 0
[   33.539628][ T3822] EXT4-fs (loop3): 1 orphan inode deleted
[   33.557308][ T3830] netlink: 8 bytes leftover after parsing attributes in process `syz.1.86'.
[   33.571341][ T3832] loop7: detected capacity change from 0 to 16384
[   33.602936][ T3823] EXT4-fs error (device loop1): ext4_find_extent:939: inode #2: comm syz.1.86: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[   33.622349][ T3822] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   33.642268][ T3833] netlink: 8 bytes leftover after parsing attributes in process `syz.0.89'.
[   33.692772][ T3317] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   33.703925][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   33.713557][ T2865] EXT4-fs error (device loop3): ext4_release_dquot:7022: comm kworker/u8:13: Failed to release dquot type 0
[   33.836777][ T3838] netlink: 8 bytes leftover after parsing attributes in process `syz.1.90'.
[   34.005812][ T3832] netlink: 8 bytes leftover after parsing attributes in process `syz.0.89'.
[   34.027828][ T3832] netlink: 8 bytes leftover after parsing attributes in process `syz.0.89'.
[   34.053740][ T3832] netlink: 8 bytes leftover after parsing attributes in process `syz.0.89'.
[   34.208082][ T3793] syz.2.76 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[   34.218906][ T3793] CPU: 0 UID: 0 PID: 3793 Comm: syz.2.76 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   34.218933][ T3793] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   34.219007][ T3793] Call Trace:
[   34.219013][ T3793]  <TASK>
[   34.219020][ T3793]  __dump_stack+0x1d/0x30
[   34.219043][ T3793]  dump_stack_lvl+0x95/0xd0
[   34.219065][ T3793]  dump_stack+0x15/0x1b
[   34.219154][ T3793]  dump_header+0x80/0x240
[   34.219171][ T3793]  oom_kill_process+0x295/0x350
[   34.219229][ T3793]  out_of_memory+0x97d/0xb80
[   34.219252][ T3793]  try_charge_memcg+0x62e/0xa10
[   34.219327][ T3793]  charge_memcg+0x51/0xc0
[   34.219351][ T3793]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[   34.219436][ T3793]  __read_swap_cache_async+0x17b/0x2d0
[   34.219512][ T3793]  swap_cluster_readahead+0x362/0x3c0
[   34.219538][ T3793]  swapin_readahead+0xde/0x840
[   34.219626][ T3793]  ? __rcu_read_unlock+0x33/0x70
[   34.219645][ T3793]  ? __rcu_read_unlock+0x4e/0x70
[   34.219674][ T3793]  ? swap_cache_get_folio+0x26f/0x280
[   34.219759][ T3793]  do_swap_page+0x2f4/0x2140
[   34.219789][ T3793]  ? css_rstat_updated+0xbb/0x280
[   34.219822][ T3793]  ? __pfx_default_wake_function+0x10/0x10
[   34.219929][ T3793]  handle_mm_fault+0xb40/0x3030
[   34.219952][ T3793]  ? vma_start_read+0x1c7/0x2c0
[   34.220049][ T3793]  do_user_addr_fault+0x62f/0x1050
[   34.220084][ T3793]  ? arch_exit_to_user_mode_prepare+0x26/0x80
[   34.220105][ T3793]  ? irqentry_exit+0x3c/0x510
[   34.220124][ T3793]  exc_page_fault+0x62/0xa0
[   34.220161][ T3793]  asm_exc_page_fault+0x26/0x30
[   34.220181][ T3793] RIP: 0033:0x7f412e9ef74d
[   34.220199][ T3793] Code: 44 8d 56 04 4c 8d 0d d2 28 3b 00 89 f0 4c 8d 05 c9 08 3b 00 89 c2 81 e2 ff 1f 00 00 49 8b 0c d1 48 39 f1 74 28 48 85 c9 74 29 <45> 38 1c 10 75 23 83 c0 01 44 39 d0 75 dc 48 89 f0 25 ff 1f 00 00
[   34.220216][ T3793] RSP: 002b:00007ffc8fcd7d88 EFLAGS: 00010286
[   34.220301][ T3793] RAX: 0000000081e3c0b1 RBX: ffffffff81e3c0b0 RCX: ffffffff81fd40b1
[   34.220314][ T3793] RDX: 00000000000000b1 RSI: ffffffff81e3c0b0 RDI: 0000000000000008
[   34.220326][ T3793] RBP: 00000000000009e3 R08: 00007f412eda0000 R09: 00007f412eda2000
[   34.220340][ T3793] R10: 0000000081e3c0b4 R11: 0000000000000008 R12: 00007f412edb6038
[   34.220354][ T3793] R13: 0000000000037ca7 R14: ffffffff81e3c536 R15: 00007f412f8e5720
[   34.220369][ T3793]  ? blk_add_timer+0x16/0x1a0
[   34.220409][ T3793]  ? blk_account_io_merge_request+0xd0/0x1c0
[   34.220430][ T3793]  ? __nla_validate_parse+0x71/0x1cf0
[   34.220449][ T3793]  ? blk_account_io_merge_request+0xd0/0x1c0
[   34.220469][ T3793]  </TASK>
[   34.220476][ T3793] memory: usage 307200kB, limit 307200kB, failcnt 4764
[   34.471497][ T3793] memory+swap: usage 323780kB, limit 9007199254740988kB, failcnt 0
[   34.479393][ T3793] kmem: usage 307192kB, limit 9007199254740988kB, failcnt 0
[   34.486675][ T3793] Memory cgroup stats for /syz2:
[   34.486815][ T3793] cache 0
[   34.494848][ T3793] rss 0
[   34.497603][ T3793] shmem 0
[   34.500561][ T3793] mapped_file 0
[   34.504008][ T3793] dirty 0
[   34.506988][ T3793] writeback 4096
[   34.510536][ T3793] workingset_refault_anon 172
[   34.515204][ T3793] workingset_refault_file 938
[   34.519860][ T3793] swap 16977920
[   34.523365][ T3793] swapcached 4096
[   34.526988][ T3793] pgpgin 16925
[   34.530344][ T3793] pgpgout 16923
[   34.533807][ T3793] pgfault 8015
[   34.537260][ T3793] pgmajfault 96
[   34.540733][ T3793] inactive_anon 0
[   34.544348][ T3793] active_anon 0
[   34.547793][ T3793] inactive_file 0
[   34.551435][ T3793] active_file 4096
[   34.555139][ T3793] unevictable 0
[   34.558581][ T3793] hierarchical_memory_limit 314572800
[   34.563974][ T3793] hierarchical_memsw_limit 9223372036854771712
[   34.570130][ T3793] total_cache 0
[   34.573599][ T3793] total_rss 0
[   34.576870][ T3793] total_shmem 0
[   34.580315][ T3793] total_mapped_file 0
[   34.584358][ T3793] total_dirty 0
[   34.587803][ T3793] total_writeback 4096
[   34.591958][ T3793] total_workingset_refault_anon 172
[   34.597141][ T3793] total_workingset_refault_file 938
[   34.602418][ T3793] total_swap 16977920
[   34.606395][ T3793] total_swapcached 4096
[   34.610548][ T3793] total_pgpgin 16925
[   34.614494][ T3793] total_pgpgout 16923
[   34.618602][ T3793] total_pgfault 8015
[   34.622585][ T3793] total_pgmajfault 96
[   34.626557][ T3793] total_inactive_anon 0
[   34.630733][ T3793] total_active_anon 0
[   34.634700][ T3793] total_inactive_file 0
[   34.638841][ T3793] total_active_file 4096
[   34.643092][ T3793] total_unevictable 0
[   34.647062][ T3793] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.76,pid=3793,uid=0
[   34.661591][ T3793] Memory cgroup out of memory: Killed process 3793 (syz.2.76) total-vm:94132kB, anon-rss:1204kB, file-rss:22304kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[   35.135422][ T3879] dvmrp6: entered allmulticast mode
[   35.148760][ T3878] netlink: 8 bytes leftover after parsing attributes in process `syz.2.104'.
[   35.183808][ T3881] syzkaller0: entered promiscuous mode
[   35.189348][ T3881] syzkaller0: entered allmulticast mode
[   35.230403][ T3883] loop3: detected capacity change from 0 to 4096
[   35.257957][ T3883] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   35.305547][ T3889] FAULT_INJECTION: forcing a failure.
[   35.305547][ T3889] name failslab, interval 1, probability 0, space 0, times 0
[   35.318198][ T3889] CPU: 0 UID: 0 PID: 3889 Comm: syz.0.107 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   35.318297][ T3889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   35.318309][ T3889] Call Trace:
[   35.318315][ T3889]  <TASK>
[   35.318323][ T3889]  __dump_stack+0x1d/0x30
[   35.318346][ T3889]  dump_stack_lvl+0x95/0xd0
[   35.318388][ T3889]  dump_stack+0x15/0x1b
[   35.318405][ T3889]  should_fail_ex+0x263/0x280
[   35.318424][ T3889]  ? __pfx_cond_bools_destroy+0x10/0x10
[   35.318448][ T3889]  should_failslab+0x8c/0xb0
[   35.318465][ T3889]  kmem_cache_alloc_noprof+0x68/0x490
[   35.318485][ T3889]  ? hashtab_duplicate+0xfe/0x360
[   35.318509][ T3889]  ? __pfx_cond_bools_destroy+0x10/0x10
[   35.318579][ T3889]  hashtab_duplicate+0xfe/0x360
[   35.318601][ T3889]  ? __pfx_cond_bools_copy+0x10/0x10
[   35.318655][ T3889]  cond_policydb_dup+0xd2/0x4e0
[   35.318737][ T3889]  security_set_bools+0xa0/0x340
[   35.318870][ T3889]  sel_commit_bools_write+0x1e9/0x270
[   35.318894][ T3889]  vfs_writev+0x42b/0x900
[   35.318942][ T3889]  ? __pfx_sel_commit_bools_write+0x10/0x10
[   35.318969][ T3889]  do_writev+0xe9/0x210
[   35.318988][ T3889]  __x64_sys_writev+0x45/0x50
[   35.319081][ T3889]  x64_sys_call+0x1ba5/0x3000
[   35.319202][ T3889]  do_syscall_64+0xc0/0x2a0
[   35.319225][ T3889]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   35.319243][ T3889] RIP: 0033:0x7efd02afacb9
[   35.319259][ T3889] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   35.319337][ T3889] RSP: 002b:00007efd01557028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[   35.319354][ T3889] RAX: ffffffffffffffda RBX: 00007efd02d75fa0 RCX: 00007efd02afacb9
[   35.319366][ T3889] RDX: 0000000000000001 RSI: 00002000000025c0 RDI: 0000000000000003
[   35.319379][ T3889] RBP: 00007efd01557090 R08: 0000000000000000 R09: 0000000000000000
[   35.319392][ T3889] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   35.319405][ T3889] R13: 00007efd02d76038 R14: 00007efd02d75fa0 R15: 00007ffea48327c8
[   35.319584][ T3889]  </TASK>
[   35.973757][   T29] kauditd_printk_skb: 141 callbacks suppressed
[   35.973774][   T29] audit: type=1400 audit(1768984173.662:603): avc:  denied  { unmount } for  pid=3318 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   36.017707][ T3902] loop1: detected capacity change from 0 to 164
[   36.024052][   T29] audit: type=1400 audit(1768984173.692:604): avc:  denied  { block_suspend } for  pid=3901 comm="syz.1.112" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   36.024081][   T29] audit: type=1400 audit(1768984173.692:605): avc:  denied  { connect } for  pid=3901 comm="syz.1.112" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   36.045990][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.064746][   T29] audit: type=1400 audit(1768984173.692:606): avc:  denied  { name_connect } for  pid=3901 comm="syz.1.112" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1
[   36.093699][   T29] audit: type=1400 audit(1768984173.692:607): avc:  denied  { name_connect } for  pid=3901 comm="syz.1.112" dest=256 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=sctp_socket permissive=1
[   36.115256][   T29] audit: type=1400 audit(1768984173.692:608): avc:  denied  { create } for  pid=3903 comm="syz.2.113" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[   36.136487][   T29] audit: type=1400 audit(1768984173.692:609): avc:  denied  { getopt } for  pid=3901 comm="syz.1.112" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   36.169753][   T29] audit: type=1400 audit(1768984173.852:610): avc:  denied  { mount } for  pid=3901 comm="syz.1.112" name="/" dev="loop1" ino=1792 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1
[   36.189221][ T3902] iso9660: Corrupted directory entry in block 2 of inode 1792
[   36.201415][ T3906] loop2: detected capacity change from 0 to 512
[   36.227079][ T3906] EXT4-fs: Ignoring removed bh option
[   36.232516][ T3906] EXT4-fs: Ignoring removed mblk_io_submit option
[   36.270718][ T3916] veth0_virt_wifi: entered promiscuous mode
[   36.273543][   T29] audit: type=1400 audit(1768984173.932:611): avc:  denied  { unmount } for  pid=3317 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1
[   36.296798][   T29] audit: type=1400 audit(1768984173.942:612): avc:  denied  { name_bind } for  pid=3913 comm="syz.1.116" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[   36.362051][ T3906] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   36.374746][ T3906] ext4 filesystem being mounted at /19/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   36.402202][ T3906] EXT4-fs error (device loop2): ext4_lookup:1785: inode #15: comm syz.2.115: invalid fast symlink length 10
[   36.460552][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.502993][ T3923] program syz.2.119 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   36.599613][ T3932] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[   36.704801][ T3938] tipc: Started in network mode
[   36.709750][ T3938] tipc: Node identity 84e, cluster identity 4711
[   36.716164][ T3938] tipc: Node number set to 2126
[   36.759065][ T3940] loop3: detected capacity change from 0 to 512
[   36.769585][ T3940] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[   36.791537][ T3940] EXT4-fs (loop3): 1 truncate cleaned up
[   36.797669][ T3940] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   37.566124][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   37.595781][ T3949] loop1: detected capacity change from 0 to 1024
[   37.616568][ T3949] EXT4-fs: Ignoring removed orlov option
[   37.642648][ T3949] EXT4-fs (loop1): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   37.655282][ T3953] loop2: detected capacity change from 0 to 2048
[   37.716231][ T3949] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   37.730114][ T3953] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   37.880334][ T3971] FAULT_INJECTION: forcing a failure.
[   37.880334][ T3971] name failslab, interval 1, probability 0, space 0, times 0
[   37.893045][ T3971] CPU: 0 UID: 0 PID: 3971 Comm: syz.3.135 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   37.893117][ T3971] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   37.893127][ T3971] Call Trace:
[   37.893134][ T3971]  <TASK>
[   37.893141][ T3971]  __dump_stack+0x1d/0x30
[   37.893162][ T3971]  dump_stack_lvl+0x95/0xd0
[   37.893259][ T3971]  dump_stack+0x15/0x1b
[   37.893321][ T3971]  should_fail_ex+0x263/0x280
[   37.893341][ T3971]  should_failslab+0x8c/0xb0
[   37.893436][ T3971]  kmem_cache_alloc_noprof+0x68/0x490
[   37.893497][ T3971]  ? getname_flags+0x7f/0x3b0
[   37.893518][ T3971]  getname_flags+0x7f/0x3b0
[   37.893539][ T3971]  user_path_at+0x28/0x130
[   37.893603][ T3971]  __se_sys_mount+0x25b/0x2e0
[   37.893640][ T3971]  ? fput+0x8f/0xc0
[   37.893665][ T3971]  __x64_sys_mount+0x67/0x80
[   37.893692][ T3971]  x64_sys_call+0x2cca/0x3000
[   37.893713][ T3971]  do_syscall_64+0xc0/0x2a0
[   37.893789][ T3971]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   37.893808][ T3971] RIP: 0033:0x7f61aa03acb9
[   37.893824][ T3971] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   37.893842][ T3971] RSP: 002b:00007f61a8a97028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   37.893908][ T3971] RAX: ffffffffffffffda RBX: 00007f61aa2b5fa0 RCX: 00007f61aa03acb9
[   37.893921][ T3971] RDX: 0000200000000180 RSI: 0000200000000000 RDI: 0000000000000000
[   37.893935][ T3971] RBP: 00007f61a8a97090 R08: 0000200000000040 R09: 0000000000000000
[   37.893949][ T3971] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   37.893963][ T3971] R13: 00007f61aa2b6038 R14: 00007f61aa2b5fa0 R15: 00007ffd70a77ba8
[   37.893982][ T3971]  </TASK>
[   38.352045][  T295] Bluetooth: hci0: Frame reassembly failed (-84)
[   38.363145][ T3979] FAULT_INJECTION: forcing a failure.
[   38.363145][ T3979] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[   38.376495][ T3979] CPU: 0 UID: 0 PID: 3979 Comm: syz.0.137 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   38.376520][ T3979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   38.376532][ T3979] Call Trace:
[   38.376537][ T3979]  <TASK>
[   38.376544][ T3979]  __dump_stack+0x1d/0x30
[   38.376627][ T3979]  dump_stack_lvl+0x95/0xd0
[   38.376645][ T3979]  dump_stack+0x15/0x1b
[   38.376662][ T3979]  should_fail_ex+0x263/0x280
[   38.376680][ T3979]  should_fail_alloc_page+0xf2/0x100
[   38.376744][ T3979]  __alloc_frozen_pages_noprof+0x108/0x350
[   38.376810][ T3979]  alloc_pages_mpol+0xb3/0x260
[   38.376832][ T3979]  ? set_pte_range+0x325/0x4f0
[   38.376897][ T3979]  alloc_pages_noprof+0x8f/0x130
[   38.376974][ T3979]  pte_alloc_one+0x1e/0xd0
[   38.377003][ T3979]  __do_fault+0x7b/0x200
[   38.377027][ T3979]  handle_mm_fault+0xfa1/0x3030
[   38.377117][ T3979]  ? __rcu_read_unlock+0x4e/0x70
[   38.377136][ T3979]  ? check_vma_flags+0x26d/0x330
[   38.377242][ T3979]  __get_user_pages+0x1023/0x1ea0
[   38.377271][ T3979]  __gup_longterm_locked+0x8d7/0xe30
[   38.377360][ T3979]  ? should_fail_ex+0xd9/0x280
[   38.377378][ T3979]  pin_user_pages_remote+0x7e/0xb0
[   38.377403][ T3979]  process_vm_rw+0x49b/0x9c0
[   38.377445][ T3979]  __x64_sys_process_vm_writev+0x78/0x90
[   38.377463][ T3979]  x64_sys_call+0x27ef/0x3000
[   38.377484][ T3979]  do_syscall_64+0xc0/0x2a0
[   38.377566][ T3979]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   38.377585][ T3979] RIP: 0033:0x7efd02afacb9
[   38.377598][ T3979] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   38.377614][ T3979] RSP: 002b:00007efd01557028 EFLAGS: 00000246 ORIG_RAX: 0000000000000137
[   38.377632][ T3979] RAX: ffffffffffffffda RBX: 00007efd02d75fa0 RCX: 00007efd02afacb9
[   38.377644][ T3979] RDX: 0000000000000001 RSI: 0000200000000000 RDI: 0000000000000059
[   38.377696][ T3979] RBP: 00007efd01557090 R08: 000000000000023a R09: 0000000000000000
[   38.377707][ T3979] R10: 0000200000121000 R11: 0000000000000246 R12: 0000000000000001
[   38.377723][ T3979] R13: 00007efd02d76038 R14: 00007efd02d75fa0 R15: 00007ffea48327c8
[   38.377739][ T3979]  </TASK>
[   38.615859][ T3953] syz.2.131 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[   38.630008][ T3953] CPU: 1 UID: 0 PID: 3953 Comm: syz.2.131 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   38.630035][ T3953] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   38.630046][ T3953] Call Trace:
[   38.630053][ T3953]  <TASK>
[   38.630060][ T3953]  __dump_stack+0x1d/0x30
[   38.630156][ T3953]  dump_stack_lvl+0x95/0xd0
[   38.630176][ T3953]  dump_stack+0x15/0x1b
[   38.630197][ T3953]  dump_header+0x80/0x240
[   38.630218][ T3953]  oom_kill_process+0x295/0x350
[   38.630260][ T3953]  out_of_memory+0x97d/0xb80
[   38.630285][ T3953]  try_charge_memcg+0x62e/0xa10
[   38.630328][ T3953]  obj_cgroup_charge_pages+0xa6/0x150
[   38.630360][ T3953]  __memcg_kmem_charge_page+0x9e/0x170
[   38.630481][ T3953]  __alloc_frozen_pages_noprof+0x18a/0x350
[   38.630518][ T3953]  alloc_pages_mpol+0x1f6/0x260
[   38.630550][ T3953]  alloc_pages_noprof+0x8f/0x130
[   38.630577][ T3953]  __vmalloc_node_range_noprof+0xa46/0x12b0
[   38.630618][ T3953]  __kvmalloc_node_noprof+0x471/0x680
[   38.630640][ T3953]  ? ip_set_alloc+0x24/0x30
[   38.630740][ T3953]  ? ip_set_alloc+0x24/0x30
[   38.630769][ T3953]  ip_set_alloc+0x24/0x30
[   38.630915][ T3953]  hash_netiface_create+0x282/0x740
[   38.630942][ T3953]  ? __pfx_hash_netiface_create+0x10/0x10
[   38.630971][ T3953]  ip_set_create+0x3cf/0x970
[   38.631022][ T3953]  ? __nla_parse+0x40/0x60
[   38.631113][ T3953]  nfnetlink_rcv_msg+0x509/0x5d0
[   38.631147][ T3953]  netlink_rcv_skb+0x123/0x220
[   38.631170][ T3953]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[   38.631196][ T3953]  nfnetlink_rcv+0x167/0x1720
[   38.631220][ T3953]  ? __kfree_skb+0x109/0x150
[   38.631289][ T3953]  ? nlmon_xmit+0x4f/0x60
[   38.631309][ T3953]  ? consume_skb+0x49/0x140
[   38.631329][ T3953]  ? nlmon_xmit+0x4f/0x60
[   38.631345][ T3953]  ? dev_hard_start_xmit+0x3a8/0x3e0
[   38.631401][ T3953]  ? __dev_queue_xmit+0x139a/0x1f20
[   38.631453][ T3953]  ? __dev_queue_xmit+0x148/0x1f20
[   38.631475][ T3953]  ? __d_rehash+0x139/0x1f0
[   38.631512][ T3953]  ? ref_tracker_free+0x37d/0x3e0
[   38.631539][ T3953]  ? __netlink_deliver_tap+0x4dc/0x500
[   38.631586][ T3953]  netlink_unicast+0x5c0/0x690
[   38.631609][ T3953]  netlink_sendmsg+0x5c8/0x6f0
[   38.631634][ T3953]  ? __pfx_netlink_sendmsg+0x10/0x10
[   38.631731][ T3953]  __sock_sendmsg+0x145/0x170
[   38.631764][ T3953]  ____sys_sendmsg+0x31e/0x4a0
[   38.631793][ T3953]  ___sys_sendmsg+0x195/0x1e0
[   38.631827][ T3953]  __x64_sys_sendmsg+0xd4/0x160
[   38.631907][ T3953]  x64_sys_call+0x17ba/0x3000
[   38.631981][ T3953]  do_syscall_64+0xc0/0x2a0
[   38.632012][ T3953]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   38.632172][ T3953] RIP: 0033:0x7f412eb3acb9
[   38.632188][ T3953] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   38.632263][ T3953] RSP: 002b:00007f412d597028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   38.632308][ T3953] RAX: ffffffffffffffda RBX: 00007f412edb5fa0 RCX: 00007f412eb3acb9
[   38.632324][ T3953] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 000000000000000b
[   38.632340][ T3953] RBP: 00007f412eba8bf7 R08: 0000000000000000 R09: 0000000000000000
[   38.632355][ T3953] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   38.632369][ T3953] R13: 00007f412edb6038 R14: 00007f412edb5fa0 R15: 00007ffc8fcd7cf8
[   38.632391][ T3953]  </TASK>
[   38.952608][ T3953] memory: usage 307200kB, limit 307200kB, failcnt 5105
[   38.959459][ T3953] memory+swap: usage 308564kB, limit 9007199254740988kB, failcnt 0
[   38.968022][ T3953] kmem: usage 307172kB, limit 9007199254740988kB, failcnt 0
[   38.975325][ T3953] Memory cgroup stats for /syz2:
[   38.977605][ T3953] cache 12288
[   38.985866][ T3953] rss 0
[   38.988618][ T3953] shmem 0
[   38.991661][ T3953] mapped_file 0
[   38.995111][ T3953] dirty 0
[   38.998035][ T3953] writeback 0
[   39.001730][ T3953] workingset_refault_anon 228
[   39.006424][ T3953] workingset_refault_file 1386
[   39.011233][ T3953] swap 1396736
[   39.014627][ T3953] swapcached 12288
[   39.018365][ T3953] pgpgin 18449
[   39.021752][ T3953] pgpgout 18442
[   39.025193][ T3953] pgfault 9607
[   39.028615][ T3953] pgmajfault 132
[   39.032176][ T3953] inactive_anon 0
[   39.035797][ T3953] active_anon 4096
[   39.039501][ T3953] inactive_file 0
[   39.043199][ T3953] active_file 16384
[   39.047119][ T3953] unevictable 0
[   39.050620][ T3953] hierarchical_memory_limit 314572800
[   39.055987][ T3953] hierarchical_memsw_limit 9223372036854771712
[   39.062183][ T3953] total_cache 12288
[   39.066036][ T3953] total_rss 0
[   39.069309][ T3953] total_shmem 0
[   39.072781][ T3953] total_mapped_file 0
[   39.076792][ T3953] total_dirty 0
[   39.080246][ T3953] total_writeback 0
[   39.084163][ T3953] total_workingset_refault_anon 228
[   39.089356][ T3953] total_workingset_refault_file 1386
[   39.094694][ T3953] total_swap 1396736
[   39.098626][ T3953] total_swapcached 12288
[   39.102872][ T3953] total_pgpgin 18449
[   39.106753][ T3953] total_pgpgout 18442
[   39.110743][ T3953] total_pgfault 9607
[   39.114626][ T3953] total_pgmajfault 132
[   39.118744][ T3953] total_inactive_anon 0
[   39.122921][ T3953] total_active_anon 4096
[   39.127197][ T3953] total_inactive_file 0
[   39.131366][ T3953] total_active_file 16384
[   39.135776][ T3953] total_unevictable 0
[   39.139747][ T3953] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.131,pid=3952,uid=0
[   39.154327][ T3953] Memory cgroup out of memory: Killed process 3952 (syz.2.131) total-vm:96048kB, anon-rss:1332kB, file-rss:22452kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[   39.231615][ T3317] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.284561][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.331175][ T3986] __nla_validate_parse: 1 callbacks suppressed
[   39.331191][ T3986] netlink: 8 bytes leftover after parsing attributes in process `syz.1.139'.
[   39.348501][ T3988] FAULT_INJECTION: forcing a failure.
[   39.348501][ T3988] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   39.369612][ T3988] CPU: 1 UID: 0 PID: 3988 Comm: syz.2.140 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   39.369658][ T3988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   39.369671][ T3988] Call Trace:
[   39.369678][ T3988]  <TASK>
[   39.369687][ T3988]  __dump_stack+0x1d/0x30
[   39.369712][ T3988]  dump_stack_lvl+0x95/0xd0
[   39.369734][ T3988]  dump_stack+0x15/0x1b
[   39.369758][ T3988]  should_fail_ex+0x263/0x280
[   39.369779][ T3988]  should_fail+0xb/0x20
[   39.369795][ T3988]  should_fail_usercopy+0x1a/0x20
[   39.369816][ T3988]  _copy_from_user+0x1c/0xb0
[   39.369850][ T3988]  __sys_bpf+0x183/0x7b0
[   39.369873][ T3988]  __x64_sys_bpf+0x41/0x50
[   39.369902][ T3988]  x64_sys_call+0x28e1/0x3000
[   39.369990][ T3988]  do_syscall_64+0xc0/0x2a0
[   39.370017][ T3988]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   39.370071][ T3988] RIP: 0033:0x7f412eb3acb9
[   39.370102][ T3988] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   39.370116][ T3988] RSP: 002b:00007f412d597028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   39.370175][ T3988] RAX: ffffffffffffffda RBX: 00007f412edb5fa0 RCX: 00007f412eb3acb9
[   39.370190][ T3988] RDX: 0000000000000020 RSI: 0000200000000500 RDI: 000000000000001c
[   39.370203][ T3988] RBP: 00007f412d597090 R08: 0000000000000000 R09: 0000000000000000
[   39.370217][ T3988] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   39.370230][ T3988] R13: 00007f412edb6038 R14: 00007f412edb5fa0 R15: 00007ffc8fcd7cf8
[   39.370260][ T3988]  </TASK>
[   39.563887][ T3991] netlink: 'syz.2.141': attribute type 10 has an invalid length.
[   39.688641][ T3995] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   39.698293][ T3995] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   39.952985][ T4006] syzkaller0: entered promiscuous mode
[   39.958482][ T4006] syzkaller0: entered allmulticast mode
[   40.138451][ T4010] loop1: detected capacity change from 0 to 1024
[   40.174514][ T4010] EXT4-fs: Ignoring removed orlov option
[   40.180273][ T4010] EXT4-fs: Ignoring removed nomblk_io_submit option
[   40.222390][ T4010] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   40.247940][ T4013] mmap: syz.0.149 (4013) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   40.320857][ T4017] netlink: 8 bytes leftover after parsing attributes in process `syz.2.152'.
[   40.360687][ T3977] Bluetooth: hci0: command 0x1003 tx timeout
[   40.366842][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110
[   40.385815][ T4017] Driver unsupported XDP return value 0 on prog  (id 16) dev N/A, expect packet loss!
[   40.440380][ T4017] infiniband syz2: set active
[   40.445125][ T4017] infiniband syz2: added bond_slave_1
[   40.474932][ T4017] RDS/IB: syz2: added
[   40.480008][ T4017] smc: adding ib device syz2 with port count 1
[   40.486325][ T4017] smc:    ib device syz2 port 1 has no pnetid
[   40.704350][ T4030] loop3: detected capacity change from 0 to 764
[   40.712216][ T4030] rock: directory entry would overflow storage
[   40.718429][ T4030] rock: sig=0x5245, size=8, remaining=5
[   40.994262][ T3317] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.002905][   T29] kauditd_printk_skb: 286 callbacks suppressed
[   41.002920][   T29] audit: type=1400 audit(1768984178.682:899): avc:  denied  { map } for  pid=4041 comm="syz.0.159" path="socket:[6269]" dev="sockfs" ino=6269 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[   41.036103][ T4043] macvlan2: entered promiscuous mode
[   41.042213][ T4043] batman_adv: batadv0: Adding interface: macvlan2
[   41.048644][ T4043] batman_adv: batadv0: The MTU of interface macvlan2 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   41.074097][ T4043] batman_adv: batadv0: Not using interface macvlan2 (retrying later): interface not active
[   41.131750][   T29] audit: type=1400 audit(1768984178.822:900): avc:  denied  { search } for  pid=4052 comm="syz.3.163" name="/" dev="configfs" ino=667 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[   41.180593][   T29] audit: type=1326 audit(1768984178.852:901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4054 comm="syz.2.164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f412eb3acb9 code=0x7ffc0000
[   41.203896][   T29] audit: type=1326 audit(1768984178.852:902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4054 comm="syz.2.164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f412eb3acb9 code=0x7ffc0000
[   41.227207][   T29] audit: type=1326 audit(1768984178.852:903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4054 comm="syz.2.164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f412eb3acb9 code=0x7ffc0000
[   41.250580][   T29] audit: type=1326 audit(1768984178.852:904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4054 comm="syz.2.164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f412eb3acb9 code=0x7ffc0000
[   41.274055][   T29] audit: type=1326 audit(1768984178.852:905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4054 comm="syz.2.164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f412eb3acb9 code=0x7ffc0000
[   41.297505][   T29] audit: type=1326 audit(1768984178.852:906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4054 comm="syz.2.164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f412eb3acb9 code=0x7ffc0000
[   41.320713][   T29] audit: type=1326 audit(1768984178.852:907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4054 comm="syz.2.164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f412eb3acb9 code=0x7ffc0000
[   41.343987][   T29] audit: type=1326 audit(1768984178.852:908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4054 comm="syz.2.164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=50 compat=0 ip=0x7f412eb3acb9 code=0x7ffc0000
[   41.369400][ T4057] syz_tun: entered allmulticast mode
[   41.375794][ T4056] syz_tun: left allmulticast mode
[   41.503056][ T4066] loop3: detected capacity change from 0 to 1024
[   41.530818][ T4066] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   41.581496][ T4066] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.169: Invalid block bitmap block 0 in block_group 0
[   41.611077][ T4066] EXT4-fs error (device loop3): ext4_acquire_dquot:6986: comm syz.3.169: Failed to acquire dquot type 0
[   41.622594][ T4066] EXT4-fs error (device loop3): ext4_free_blocks:6728: comm syz.3.169: Freeing blocks not in datazone - block = 0, count = 4096
[   41.636490][ T4066] EXT4-fs error (device loop3): ext4_read_inode_bitmap:139: comm syz.3.169: Invalid inode bitmap blk 0 in block_group 0
[   41.649334][ T4066] EXT4-fs error (device loop3) in ext4_free_inode:361: Corrupt filesystem
[   41.649486][  T910] EXT4-fs error (device loop3): ext4_release_dquot:7022: comm kworker/u8:7: Failed to release dquot type 0
[   41.669446][ T4066] EXT4-fs (loop3): 1 orphan inode deleted
[   41.690863][ T4066] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   41.748393][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.769039][  T910] EXT4-fs error (device loop3): ext4_release_dquot:7022: comm kworker/u8:7: Failed to release dquot type 0
[   42.076401][ T4105] netlink: 28 bytes leftover after parsing attributes in process `syz.2.185'.
[   42.088152][ T4099] loop1: detected capacity change from 0 to 4096
[   42.095271][ T4099] EXT4-fs: Ignoring removed oldalloc option
[   42.143606][ T4099] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.158769][ T4110] netlink: 56 bytes leftover after parsing attributes in process `syz.0.188'.
[   42.196185][ T4113] loop2: detected capacity change from 0 to 1024
[   42.218849][ T3317] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.248078][ T4113] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.297323][ T4120] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   42.317247][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.363178][ T4124] random: crng reseeded on system resumption
[   42.383092][ T4120] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   42.480627][ T4120] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   42.557151][ T4120] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   42.638620][  T910] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   42.675783][  T910] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   42.706052][  T910] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   42.733912][  T910] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   42.847853][ T4160] loop1: detected capacity change from 0 to 1024
[   42.887723][ T4160] ext4: Bad value for 'resgid'
[   42.892596][ T4160] ext4: Bad value for 'resgid'
[   43.335721][ T4174] loop2: detected capacity change from 0 to 1024
[   43.367820][ T4174] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   43.420608][ T4174] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.212: Invalid block bitmap block 0 in block_group 0
[   43.440685][ T4174] EXT4-fs error (device loop2): ext4_acquire_dquot:6986: comm syz.2.212: Failed to acquire dquot type 0
[   43.452416][ T4174] EXT4-fs error (device loop2): ext4_free_blocks:6728: comm syz.2.212: Freeing blocks not in datazone - block = 0, count = 4096
[   43.479344][ T4174] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm syz.2.212: Invalid inode bitmap blk 0 in block_group 0
[   43.492470][ T2865] EXT4-fs error (device loop2): ext4_release_dquot:7022: comm kworker/u8:13: Failed to release dquot type 0
[   43.511384][ T4174] EXT4-fs error (device loop2) in ext4_free_inode:361: Corrupt filesystem
[   43.520172][ T4174] EXT4-fs (loop2): 1 orphan inode deleted
[   43.536132][ T4174] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.612155][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.621278][  T910] EXT4-fs error (device loop2): ext4_release_dquot:7022: comm kworker/u8:7: Failed to release dquot type 0
[   43.798131][ T4207] netlink: 'syz.3.223': attribute type 1 has an invalid length.
[   43.825119][ T4207] loop3: detected capacity change from 0 to 512
[   43.835939][ T4207] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities
[   43.883930][ T4211] loop2: detected capacity change from 0 to 512
[   43.890999][ T4211] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   43.919301][ T4211] EXT4-fs (loop2): 1 truncate cleaned up
[   43.940850][ T4211] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   43.981783][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.108543][ T4227] loop2: detected capacity change from 0 to 512
[   44.138390][ T4227] EXT4-fs: Ignoring removed nobh option
[   44.163836][ T4227] EXT4-fs (loop2): orphan cleanup on readonly fs
[   44.177094][ T4227] EXT4-fs warning (device loop2): ext4_xattr_inode_get:546: inode #11: comm syz.2.231: ea_inode file size=4 entry size=6
[   44.203430][ T4227] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2858: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   44.227662][ T4227] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #15: comm syz.2.231: corrupted inode contents
[   44.239759][ T4227] EXT4-fs error (device loop2): ext4_dirty_inode:6502: inode #15: comm syz.2.231: mark_inode_dirty error
[   44.251583][ T4227] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #15: comm syz.2.231: corrupted inode contents
[   44.263583][ T4227] EXT4-fs error (device loop2): ext4_xattr_delete_inode:3001: inode #15: comm syz.2.231: mark_inode_dirty error
[   44.276134][ T4227] EXT4-fs error (device loop2): ext4_xattr_delete_inode:3004: inode #15: comm syz.2.231: mark inode dirty (error -117)
[   44.288909][ T4227] EXT4-fs warning (device loop2): ext4_evict_inode:273: xattr delete (err -117)
[   44.321824][ T4227] EXT4-fs (loop2): 1 orphan inode deleted
[   44.346598][ T4231] loop3: detected capacity change from 0 to 1024
[   44.353154][ T4227] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   44.365806][ T4231] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   44.382477][ T4231] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.232: Invalid block bitmap block 0 in block_group 0
[   44.402843][ T4231] EXT4-fs error (device loop3): ext4_acquire_dquot:6986: comm syz.3.232: Failed to acquire dquot type 0
[   44.424132][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.433353][ T4231] EXT4-fs error (device loop3): ext4_free_blocks:6728: comm syz.3.232: Freeing blocks not in datazone - block = 0, count = 4096
[   44.447073][ T4231] EXT4-fs error (device loop3): ext4_read_inode_bitmap:139: comm syz.3.232: Invalid inode bitmap blk 0 in block_group 0
[   44.461301][ T1719] EXT4-fs error (device loop3): ext4_release_dquot:7022: comm kworker/u8:9: Failed to release dquot type 0
[   44.472811][ T4231] EXT4-fs error (device loop3) in ext4_free_inode:361: Corrupt filesystem
[   44.490703][ T4231] EXT4-fs (loop3): 1 orphan inode deleted
[   44.496790][ T4231] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   44.541755][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.625318][ T4246] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   44.637409][ T4246] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   45.047110][ T4257] loop2: detected capacity change from 0 to 164
[   45.060401][ T4257] Unable to read rock-ridge attributes
[   45.069166][ T4257] Unable to read rock-ridge attributes
[   45.076873][ T4257] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8 sclass=netlink_route_socket pid=4257 comm=syz.2.242
[   45.301779][ T4269] netlink: 8 bytes leftover after parsing attributes in process `syz.2.245'.
[   45.674210][ T4298] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4298 comm=syz.2.252
[   45.706713][ T4271] chnl_net:caif_netlink_parms(): no params data found
[   45.738191][  T910] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   45.784625][ T4306] loop2: detected capacity change from 0 to 128
[   45.798662][ T4271] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.805775][ T4271] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.819286][ T4306] FAT-fs (loop2): error, clusters badly computed (4 != 3)
[   45.826512][ T4306] FAT-fs (loop2): Filesystem has been set read-only
[   45.837687][ T4306] FAT-fs (loop2): error, clusters badly computed (5 != 4)
[   45.845184][ T4306] FAT-fs (loop2): error, clusters badly computed (6 != 5)
[   45.881361][ T4314] loop3: detected capacity change from 0 to 128
[   45.889304][ T4271] bridge_slave_0: entered allmulticast mode
[   45.896671][ T4314] FAT-fs (loop3): error, clusters badly computed (4 != 3)
[   45.903877][ T4314] FAT-fs (loop3): Filesystem has been set read-only
[   45.921135][ T4314] FAT-fs (loop3): error, clusters badly computed (5 != 4)
[   45.929742][ T4271] bridge_slave_0: entered promiscuous mode
[   45.938102][ T4314] FAT-fs (loop3): error, clusters badly computed (6 != 5)
[   45.939785][ T4317] loop2: detected capacity change from 0 to 128
[   45.952527][  T910] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   45.963914][ T4314] FAULT_INJECTION: forcing a failure.
[   45.963914][ T4314] name failslab, interval 1, probability 0, space 0, times 0
[   45.976575][ T4314] CPU: 0 UID: 0 PID: 4314 Comm: syz.3.256 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   45.976600][ T4314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   45.976669][ T4314] Call Trace:
[   45.976674][ T4314]  <TASK>
[   45.976680][ T4314]  __dump_stack+0x1d/0x30
[   45.976701][ T4314]  dump_stack_lvl+0x95/0xd0
[   45.976788][ T4314]  dump_stack+0x15/0x1b
[   45.976806][ T4314]  should_fail_ex+0x263/0x280
[   45.976828][ T4314]  should_failslab+0x8c/0xb0
[   45.976850][ T4314]  kmem_cache_alloc_noprof+0x68/0x490
[   45.976891][ T4314]  ? getname_flags+0x7f/0x3b0
[   45.976916][ T4314]  getname_flags+0x7f/0x3b0
[   45.976938][ T4314]  user_path_at+0x28/0x130
[   45.976965][ T4314]  do_sys_truncate+0x5c/0x130
[   45.977002][ T4314]  __x64_sys_truncate+0x31/0x40
[   45.977020][ T4314]  x64_sys_call+0x1864/0x3000
[   45.977045][ T4314]  do_syscall_64+0xc0/0x2a0
[   45.977068][ T4314]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   45.977153][ T4314] RIP: 0033:0x7f61aa03acb9
[   45.977168][ T4314] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   45.977262][ T4314] RSP: 002b:00007f61a8a97028 EFLAGS: 00000246 ORIG_RAX: 000000000000004c
[   45.977283][ T4314] RAX: ffffffffffffffda RBX: 00007f61aa2b5fa0 RCX: 00007f61aa03acb9
[   45.977297][ T4314] RDX: 0000000000000000 RSI: 0000000000000f62 RDI: 0000200000000080
[   45.977308][ T4314] RBP: 00007f61a8a97090 R08: 0000000000000000 R09: 0000000000000000
[   45.977319][ T4314] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   45.977407][ T4314] R13: 00007f61aa2b6038 R14: 00007f61aa2b5fa0 R15: 00007ffd70a77ba8
[   45.977422][ T4314]  </TASK>
[   46.156506][ T4320] netlink: 'syz.0.259': attribute type 10 has an invalid length.
[   46.175531][   T29] kauditd_printk_skb: 73 callbacks suppressed
[   46.175546][   T29] audit: type=1400 audit(1768984183.862:971): avc:  denied  { create } for  pid=4321 comm="syz.3.260" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=atmpvc_socket permissive=1
[   46.212288][ T4313] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.219472][ T4313] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.227034][ T4322] netlink: 'syz.3.260': attribute type 1 has an invalid length.
[   46.257349][   T29] audit: type=1400 audit(1768984183.942:972): avc:  denied  { nlmsg_write } for  pid=4312 comm="syz.2.257" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1
[   46.258359][ T4326] FAT-fs (loop2): error, clusters badly computed (4 != 3)
[   46.285378][ T4326] FAT-fs (loop2): Filesystem has been set read-only
[   46.296288][ T4325] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.308206][   T29] audit: type=1400 audit(1768984183.992:973): avc:  denied  { watch watch_reads } for  pid=4319 comm="syz.0.259" path="/79/file0" dev="tmpfs" ino=431 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1
[   46.308951][ T4325] ext4 filesystem being mounted at /46/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   46.340782][ T4326] FAT-fs (loop2): error, clusters badly computed (5 != 4)
[   46.363139][ T3317] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.378517][ T4326] FAT-fs (loop2): error, clusters badly computed (6 != 5)
[   46.379090][   T29] audit: type=1400 audit(1768984184.032:974): avc:  denied  { map } for  pid=4324 comm="syz.1.261" path="/46/file1/file1" dev="loop1" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   46.408526][   T29] audit: type=1400 audit(1768984184.032:975): avc:  denied  { execute } for  pid=4324 comm="syz.1.261" path="/46/file1/file1" dev="loop1" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   46.431551][   T29] audit: type=1400 audit(1768984184.042:976): avc:  denied  { read } for  pid=4324 comm="syz.1.261" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   46.479249][ T4332] netlink: 28 bytes leftover after parsing attributes in process `syz.3.260'.
[   46.483946][ T4313] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   46.498201][ T4313] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   46.510406][   T29] audit: type=1400 audit(1768984184.202:977): avc:  denied  { mounton } for  pid=4337 comm="syz.1.263" path="/syzcgroup/unified/syz1" dev="cgroup2" ino=77 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[   46.510414][ T4338] tmpfs: Bad value for 'mpol'
[   46.548559][ T4271] bridge0: port 2(bridge_slave_1) entered blocking state
[   46.555738][ T4271] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.557805][   T29] audit: type=1400 audit(1768984184.242:978): avc:  denied  { connect } for  pid=4321 comm="syz.3.260" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   46.570075][ T4271] bridge_slave_1: entered allmulticast mode
[   46.589358][ T4271] bridge_slave_1: entered promiscuous mode
[   46.595105][   T29] audit: type=1400 audit(1768984184.282:979): avc:  denied  { setopt } for  pid=4321 comm="syz.3.260" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   46.607012][ T4271] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   46.626262][  T910] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   46.641602][ T4320] bond0: (slave netdevsim1): Enslaving as an active interface with an up link
[   46.641929][ T4338] process 'syz.1.263' launched './file0' with NULL argv: empty string added
[   46.661630][   T29] audit: type=1400 audit(1768984184.342:980): avc:  denied  { execute_no_trans } for  pid=4337 comm="syz.1.263" path="/48/file0" dev="tmpfs" ino=278 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   46.710651][  T910] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   46.729078][ T3664] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   46.739361][ T4271] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   46.748975][ T4344] tipc: Started in network mode
[   46.753973][ T4344] tipc: Node identity 84e, cluster identity 4711
[   46.760327][ T4344] tipc: Node number set to 2126
[   46.772331][ T3664] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   46.786168][ T3664] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   46.809092][ T3664] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   46.825532][ T4271] team0: Port device team_slave_0 added
[   46.863649][ T4271] team0: Port device team_slave_1 added
[   46.897654][  T910] bridge_slave_1: left allmulticast mode
[   46.903483][  T910] bridge_slave_1: left promiscuous mode
[   46.909156][  T910] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.951975][  T910] bridge_slave_0: left allmulticast mode
[   46.957667][  T910] bridge_slave_0: left promiscuous mode
[   46.963429][  T910] bridge0: port 1(bridge_slave_0) entered disabled state
[   47.081958][ T4380] netlink: 8 bytes leftover after parsing attributes in process `syz.2.273'.
[   47.090773][ T4380] netlink: 24 bytes leftover after parsing attributes in process `syz.2.273'.
[   47.123253][  T910] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   47.133895][  T910] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   47.144023][  T910] bond0 (unregistering): Released all slaves
[   47.152606][ T4384] netlink: 24 bytes leftover after parsing attributes in process `syz.0.274'.
[   47.175068][ T4271] batman_adv: batadv0: Adding interface: batadv_slave_0
[   47.182177][ T4271] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   47.208092][ T4271] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   47.567188][ T4271] batman_adv: batadv0: Adding interface: batadv_slave_1
[   47.574235][ T4271] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   47.600249][ T4271] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   47.630614][ T4397] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   47.649684][ T4397] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.278: Invalid block bitmap block 0 in block_group 0
[   47.674995][ T4397] EXT4-fs error (device loop3): ext4_acquire_dquot:6986: comm syz.3.278: Failed to acquire dquot type 0
[   47.799736][ T4390] syz.0.274 invoked oom-killer: gfp_mask=0x402d02(GFP_NOIO|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN|__GFP_ACCOUNT), order=0, oom_score_adj=1000
[   47.814135][ T4390] CPU: 0 UID: 0 PID: 4390 Comm: syz.0.274 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   47.814184][ T4390] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   47.814198][ T4390] Call Trace:
[   47.814205][ T4390]  <TASK>
[   47.814214][ T4390]  __dump_stack+0x1d/0x30
[   47.814241][ T4390]  dump_stack_lvl+0x95/0xd0
[   47.814281][ T4390]  dump_stack+0x15/0x1b
[   47.814303][ T4390]  dump_header+0x80/0x240
[   47.814322][ T4390]  oom_kill_process+0x295/0x350
[   47.814342][ T4390]  out_of_memory+0x97d/0xb80
[   47.814364][ T4390]  try_charge_memcg+0x62e/0xa10
[   47.814472][ T4390]  obj_cgroup_charge_pages+0xa6/0x150
[   47.814504][ T4390]  __memcg_kmem_charge_page+0x9e/0x170
[   47.814532][ T4390]  __alloc_frozen_pages_noprof+0x18a/0x350
[   47.814609][ T4390]  alloc_pages_mpol+0xb3/0x260
[   47.814665][ T4390]  alloc_pages_noprof+0x8f/0x130
[   47.814698][ T4390]  __vmalloc_node_range_noprof+0xa46/0x12b0
[   47.814837][ T4390]  __kvmalloc_node_noprof+0x471/0x680
[   47.814865][ T4390]  ? ip_set_alloc+0x24/0x30
[   47.814892][ T4390]  ? ip_set_alloc+0x24/0x30
[   47.814955][ T4390]  ip_set_alloc+0x24/0x30
[   47.815030][ T4390]  hash_netiface_create+0x282/0x740
[   47.815097][ T4390]  ? __pfx_hash_netiface_create+0x10/0x10
[   47.815123][ T4390]  ip_set_create+0x3cf/0x970
[   47.815160][ T4390]  ? __nla_parse+0x40/0x60
[   47.815267][ T4390]  nfnetlink_rcv_msg+0x509/0x5d0
[   47.815318][ T4390]  netlink_rcv_skb+0x123/0x220
[   47.815346][ T4390]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[   47.815387][ T4390]  nfnetlink_rcv+0x167/0x1720
[   47.815412][ T4390]  ? __kfree_skb+0x109/0x150
[   47.815434][ T4390]  ? nlmon_xmit+0x4f/0x60
[   47.815453][ T4390]  ? consume_skb+0x49/0x140
[   47.815490][ T4390]  ? nlmon_xmit+0x4f/0x60
[   47.815510][ T4390]  ? dev_hard_start_xmit+0x3a8/0x3e0
[   47.815538][ T4390]  ? __dev_queue_xmit+0x139a/0x1f20
[   47.815586][ T4390]  ? __dev_queue_xmit+0x148/0x1f20
[   47.815613][ T4390]  ? ref_tracker_free+0x37d/0x3e0
[   47.815673][ T4390]  ? __netlink_deliver_tap+0x4dc/0x500
[   47.815705][ T4390]  netlink_unicast+0x5c0/0x690
[   47.815798][ T4390]  netlink_sendmsg+0x5c8/0x6f0
[   47.815893][ T4390]  ? __pfx_netlink_sendmsg+0x10/0x10
[   47.815935][ T4390]  __sock_sendmsg+0x145/0x170
[   47.815963][ T4390]  ____sys_sendmsg+0x31e/0x4a0
[   47.815988][ T4390]  ___sys_sendmsg+0x195/0x1e0
[   47.816144][ T4390]  __x64_sys_sendmsg+0xd4/0x160
[   47.816245][ T4390]  x64_sys_call+0x17ba/0x3000
[   47.816326][ T4390]  do_syscall_64+0xc0/0x2a0
[   47.816424][ T4390]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   47.816495][ T4390] RIP: 0033:0x7efd02afacb9
[   47.816510][ T4390] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   47.816527][ T4390] RSP: 002b:00007efd010f2028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   47.816545][ T4390] RAX: ffffffffffffffda RBX: 00007efd02d76270 RCX: 00007efd02afacb9
[   47.816558][ T4390] RDX: 0000000000000800 RSI: 0000200000000200 RDI: 0000000000000006
[   47.816590][ T4390] RBP: 00007efd02b68bf7 R08: 0000000000000000 R09: 0000000000000000
[   47.816605][ T4390] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   47.816619][ T4390] R13: 00007efd02d76308 R14: 00007efd02d76270 R15: 00007ffea48327c8
[   47.816640][ T4390]  </TASK>
[   47.816648][ T4390] memory: usage 307200kB, limit 307200kB, failcnt 4472
[   47.980592][ T4389] slcan: can't register candev
[   47.982472][ T4390] memory+swap: usage 213252kB, limit 9007199254740988kB, failcnt 0
[   48.110663][ T4397] EXT4-fs error (device loop3): ext4_free_blocks:6728: comm syz.3.278: Freeing blocks not in datazone - block = 0, count = 4096
[   48.114106][ T4390] kmem: usage 190476kB, limit 9007199254740988kB, failcnt 0
[   48.130819][ T4397] EXT4-fs error (device loop3): ext4_read_inode_bitmap:139: comm syz.3.278: Invalid inode bitmap blk 0 in block_group 0
[   48.133162][ T4390] Memory cgroup stats for /syz0:
[   48.140734][ T4390] cache 90112
[   48.156069][ T4397] EXT4-fs error (device loop3) in ext4_free_inode:361: Corrupt filesystem
[   48.165949][ T4390] rss 225280
[   48.193609][ T4397] EXT4-fs (loop3): 1 orphan inode deleted
[   48.194116][ T4390] shmem 0
[   48.214572][ T4390] mapped_file 90112
[   48.218370][ T4390] dirty 4096
[   48.220939][ T4397] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   48.221577][ T4390] writeback 0
[   48.237235][ T4390] workingset_refault_anon 110
[   48.241948][ T4390] workingset_refault_file 1854
[   48.246729][ T4390] swap 4096
[   48.249835][ T4390] swapcached 0
[   48.253297][ T4390] pgpgin 32309
[   48.256655][ T4390] pgpgout 32232
[   48.260102][ T4390] pgfault 39040
[   48.263655][ T4390] pgmajfault 98
[   48.267167][ T4390] inactive_anon 212992
[   48.271247][ T4390] active_anon 12288
[   48.275043][ T4390] inactive_file 0
[   48.278724][ T4390] active_file 90112
[   48.282650][ T4390] unevictable 0
[   48.286102][ T4390] hierarchical_memory_limit 314572800
[   48.291488][ T4390] hierarchical_memsw_limit 9223372036854771712
[   48.297634][ T4390] total_cache 90112
[   48.301473][ T4390] total_rss 225280
[   48.305186][ T4390] total_shmem 0
[   48.308643][ T4390] total_mapped_file 90112
[   48.312994][ T4390] total_dirty 4096
[   48.316706][ T4390] total_writeback 0
[   48.320605][ T4390] total_workingset_refault_anon 110
[   48.325821][ T4390] total_workingset_refault_file 1854
[   48.331120][ T4390] total_swap 4096
[   48.334746][ T4390] total_swapcached 0
[   48.338702][ T4390] total_pgpgin 32309
[   48.342634][ T4390] total_pgpgout 32232
[   48.346686][ T4390] total_pgfault 39040
[   48.350692][ T4390] total_pgmajfault 98
[   48.354918][ T4390] total_inactive_anon 212992
[   48.359674][ T4390] total_active_anon 12288
[   48.364068][ T4390] total_inactive_file 0
[   48.368215][ T4390] total_active_file 90112
[   48.372562][ T4390] total_unevictable 0
[   48.376534][ T4390] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.274,pid=4383,uid=0
[   48.391073][ T4390] Memory cgroup out of memory: Killed process 4390 (syz.0.274) total-vm:102736kB, anon-rss:1332kB, file-rss:30752kB, shmem-rss:0kB, UID:0 pgtables:144kB oom_score_adj:1000
[   48.427393][  T910] hsr_slave_0: left promiscuous mode
[   48.437680][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.450997][   T31] EXT4-fs error (device loop3): ext4_release_dquot:7022: comm kworker/u8:1: Failed to release dquot type 0
[   48.467722][  T910] hsr_slave_1: left promiscuous mode
[   48.477545][  T910] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   48.485026][  T910] batman_adv: batadv0: Removing interface: batadv_slave_0
[   48.498469][ T4408] FAULT_INJECTION: forcing a failure.
[   48.498469][ T4408] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   48.511907][ T4408] CPU: 1 UID: 0 PID: 4408 Comm: syz.0.282 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   48.511932][ T4408] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   48.511942][ T4408] Call Trace:
[   48.511949][ T4408]  <TASK>
[   48.511965][ T4408]  __dump_stack+0x1d/0x30
[   48.511985][ T4408]  dump_stack_lvl+0x95/0xd0
[   48.512002][ T4408]  dump_stack+0x15/0x1b
[   48.512025][ T4408]  should_fail_ex+0x263/0x280
[   48.512044][ T4408]  should_fail_alloc_page+0xf2/0x100
[   48.512118][ T4408]  __alloc_frozen_pages_noprof+0x108/0x350
[   48.512198][ T4408]  alloc_pages_mpol+0xb3/0x260
[   48.512223][ T4408]  alloc_pages_noprof+0x8f/0x130
[   48.512313][ T4408]  __pmd_alloc+0x47/0x480
[   48.512343][ T4408]  handle_mm_fault+0x1ed8/0x3030
[   48.512459][ T4408]  ? mt_find+0x291/0x3b0
[   48.512488][ T4408]  do_user_addr_fault+0x3fd/0x1050
[   48.512553][ T4408]  exc_page_fault+0x62/0xa0
[   48.512573][ T4408]  asm_exc_page_fault+0x26/0x30
[   48.512661][ T4408] RIP: 0010:rep_movs_alternative+0xf/0x90
[   48.512691][ T4408] Code: c4 10 c3 cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 2e
[   48.512713][ T4408] RSP: 0018:ffffc9000257fe08 EFLAGS: 00050202
[   48.512816][ T4408] RAX: ffff888104acab90 RBX: 0000000000000004 RCX: 0000000000000004
[   48.512827][ T4408] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffc9000257fe44
[   48.512839][ T4408] RBP: 0000000000000000 R08: 0000000000000478 R09: 0000000000000000
[   48.512868][ T4408] R10: 0001c9000257fe44 R11: 0001c9000257fe47 R12: 0000000000000000
[   48.512912][ T4408] R13: ffff88811b029a00 R14: ffffc9000257fe44 R15: 0000200000000000
[   48.512931][ T4408]  _copy_from_user+0x6f/0xb0
[   48.512956][ T4408]  do_sock_getsockopt+0xf1/0x210
[   48.513025][ T4408]  __x64_sys_getsockopt+0x11d/0x1a0
[   48.513055][ T4408]  x64_sys_call+0x2dc7/0x3000
[   48.513153][ T4408]  do_syscall_64+0xc0/0x2a0
[   48.513175][ T4408]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   48.513219][ T4408] RIP: 0033:0x7efd02afacb9
[   48.513232][ T4408] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   48.513247][ T4408] RSP: 002b:00007efd01557028 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[   48.513264][ T4408] RAX: ffffffffffffffda RBX: 00007efd02d75fa0 RCX: 00007efd02afacb9
[   48.513278][ T4408] RDX: 0000000000000084 RSI: 0000000000000084 RDI: 0000000000000003
[   48.513289][ T4408] RBP: 00007efd01557090 R08: 0000200000000000 R09: 0000000000000000
[   48.513301][ T4408] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   48.513335][ T4408] R13: 00007efd02d76038 R14: 00007efd02d75fa0 R15: 00007ffea48327c8
[   48.513351][ T4408]  </TASK>
[   48.835812][  T910] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   48.843407][  T910] batman_adv: batadv0: Removing interface: batadv_slave_1
[   48.865230][  T910] veth1_macvtap: left promiscuous mode
[   48.875307][ T4416] set_capacity_and_notify: 2 callbacks suppressed
[   48.875394][ T4416] loop3: detected capacity change from 0 to 2048
[   48.883513][  T910] veth0_macvtap: left promiscuous mode
[   48.921803][  T910] veth1_vlan: left promiscuous mode
[   48.927720][ T4424] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   48.938516][ T4424] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   48.946348][  T910] veth0_vlan: left promiscuous mode
[   49.030922][ T3310]  loop3: p2 < > p4
[   49.034749][ T3310] loop3: partition table partially beyond EOD, truncated
[   49.042229][ T3310] loop3: p2 start 4278190080 is beyond EOD, truncated
[   49.049080][ T3310] loop3: p4 size 8192 extends beyond EOD, truncated
[   49.061876][ T4416]  loop3: p2 < > p4
[   49.065761][ T4416] loop3: partition table partially beyond EOD, truncated
[   49.073243][ T4416] loop3: p2 start 4278190080 is beyond EOD, truncated
[   49.080033][ T4416] loop3: p4 size 8192 extends beyond EOD, truncated
[   49.148143][  T910] team0 (unregistering): Port device team_slave_1 removed
[   49.163206][ T4441] loop2: detected capacity change from 0 to 512
[   49.182790][  T910] team0 (unregistering): Port device team_slave_0 removed
[   49.189902][ T3310] udevd[3310]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[   49.219878][ T4441] EXT4-fs error (device loop2): ext4_orphan_get:1417: comm syz.2.289: bad orphan inode 15
[   49.233916][ T4421] netlink: 'syz.1.286': attribute type 10 has an invalid length.
[   49.270031][ T4449] netlink: 52 bytes leftover after parsing attributes in process `syz.3.290'.
[   49.344290][ T4441] ext4_test_bit(bit=14, block=5) = 0
[   49.349990][ T4441] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   49.371171][ T4271] hsr_slave_0: entered promiscuous mode
[   49.377410][ T4271] hsr_slave_1: entered promiscuous mode
[   49.383404][ T4271] debugfs: 'hsr0' already exists in 'hsr'
[   49.389138][ T4271] Cannot create hsr debugfs directory
[   49.396401][ T4441] EXT4-fs error (device loop2): __ext4_new_inode:1073: comm syz.2.289: reserved inode found cleared - inode=1
[   49.411335][ T3310] udevd[3310]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[   49.451249][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.569864][ T4470] netlink: 24 bytes leftover after parsing attributes in process `syz.1.293'.
[   49.589539][ T4271] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   49.604123][ T4271] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   49.620125][ T4271] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   49.633606][ T4271] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   49.815781][ T4271] 8021q: adding VLAN 0 to HW filter on device bond0
[   49.846512][ T4271] 8021q: adding VLAN 0 to HW filter on device team0
[   49.877379][  T295] bridge0: port 1(bridge_slave_0) entered blocking state
[   49.884512][  T295] bridge0: port 1(bridge_slave_0) entered forwarding state
[   49.976446][  T295] bridge0: port 2(bridge_slave_1) entered blocking state
[   49.983550][  T295] bridge0: port 2(bridge_slave_1) entered forwarding state
[   50.076653][ T4271] 8021q: adding VLAN 0 to HW filter on device batadv0
[   50.203795][  T910] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   50.254984][  T910] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   50.303310][ T4271] veth0_vlan: entered promiscuous mode
[   50.315140][  T910] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   50.354238][ T4271] veth1_vlan: entered promiscuous mode
[   50.380410][ T4271] veth0_macvtap: entered promiscuous mode
[   50.387963][ T4271] veth1_macvtap: entered promiscuous mode
[   50.396410][  T910] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   50.412625][ T4271] batman_adv: batadv0: Interface activated: batadv_slave_0
[   50.428150][ T4271] batman_adv: batadv0: Interface activated: batadv_slave_1
[   50.503106][  T910] bridge_slave_1: left allmulticast mode
[   50.508779][  T910] bridge_slave_1: left promiscuous mode
[   50.514439][  T910] bridge0: port 2(bridge_slave_1) entered disabled state
[   50.530465][  T910] bridge_slave_0: left allmulticast mode
[   50.536386][  T910] bridge_slave_0: left promiscuous mode
[   50.542011][  T910] bridge0: port 1(bridge_slave_0) entered disabled state
[   50.623335][  T910] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   50.633361][  T910] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   50.643307][  T910] bond0 (unregistering): Released all slaves
[   50.650391][   T49] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   50.659305][   T49] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   50.668158][   T49] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   50.701367][  T910] tipc: Left network mode
[   50.710691][   T49] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   50.732276][ T4544] loop5: detected capacity change from 0 to 1024
[   50.739285][ T4544] EXT4-fs: Ignoring removed orlov option
[   50.745070][ T4544] EXT4-fs: Ignoring removed nomblk_io_submit option
[   50.763124][ T4544] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   50.797825][ T4271] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.929990][ T4570] netlink: 8 bytes leftover after parsing attributes in process `syz.0.305'.
[   50.947389][  T910] hsr_slave_0: left promiscuous mode
[   50.954573][  T910] hsr_slave_1: left promiscuous mode
[   50.964152][  T910] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   50.971707][  T910] batman_adv: batadv0: Removing interface: batadv_slave_0
[   50.985957][  T910] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   50.993419][  T910] batman_adv: batadv0: Removing interface: batadv_slave_1
[   51.003150][ T4576] netlink: 8 bytes leftover after parsing attributes in process `syz.0.305'.
[   51.011945][ T4576] netlink: 4 bytes leftover after parsing attributes in process `syz.0.305'.
[   51.021927][  T910] veth1_macvtap: left promiscuous mode
[   51.027506][  T910] veth0_macvtap: left promiscuous mode
[   51.035483][  T910] veth1_vlan: left promiscuous mode
[   51.040959][  T910] veth0_vlan: left promiscuous mode
[   51.054244][ T4578] netlink: 'syz.0.305': attribute type 10 has an invalid length.
[   51.110128][  T910] team0 (unregistering): Port device team_slave_1 removed
[   51.120209][  T910] team0 (unregistering): Port device team_slave_0 removed
[   51.167023][ T4570] 8021q: adding VLAN 0 to HW filter on device bond1
[   51.180315][ T4522] chnl_net:caif_netlink_parms(): no params data found
[   51.188122][   T29] kauditd_printk_skb: 62 callbacks suppressed
[   51.188189][   T29] audit: type=1400 audit(1768984188.872:1040): avc:  denied  { firmware_load } for  pid=4573 comm="syz.5.306" path="/lib/firmware/regulatory.db" dev="sda1" ino=448 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:lib_t tclass=system permissive=1
[   51.255206][ T4588] loop2: detected capacity change from 0 to 1024
[   51.265368][ T4588] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[   51.267295][ T4578] bridge0: port 2(bridge_slave_1) entered disabled state
[   51.280743][ T4588] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[   51.282257][ T4578] bridge0: port 1(bridge_slave_0) entered disabled state
[   51.304783][ T4588] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   51.306486][ T4578] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.324243][ T4578] bridge0: port 2(bridge_slave_1) entered forwarding state
[   51.331593][ T4578] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.338689][ T4578] bridge0: port 1(bridge_slave_0) entered forwarding state
[   51.357696][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.364158][ T4578] bond0: (slave bridge0): Enslaving as an active interface with an up link
[   51.375528][ T4579] bridge0: port 3(syz_tun) entered blocking state
[   51.382008][ T4579] bridge0: port 3(syz_tun) entered disabled state
[   51.408084][ T4579] syz_tun: entered allmulticast mode
[   51.414079][ T4579] syz_tun: entered promiscuous mode
[   51.415809][ T4593] loop2: detected capacity change from 0 to 1024
[   51.419518][ T4579] bridge0: port 3(syz_tun) entered blocking state
[   51.432123][ T4579] bridge0: port 3(syz_tun) entered forwarding state
[   51.435828][ T4593] EXT4-fs: Ignoring removed orlov option
[   51.444510][ T4593] EXT4-fs: Ignoring removed nomblk_io_submit option
[   51.452302][ T4583] __ib_cache_gid_add: unable to add gid fe80:0000:0000:0000:a8aa:aaff:feaa:aa17 error=-28
[   51.472890][ T4593] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   51.554015][ T4606] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   51.566660][ T4606] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   51.619072][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.622758][ T4522] bridge0: port 1(bridge_slave_0) entered blocking state
[   51.635149][ T4522] bridge0: port 1(bridge_slave_0) entered disabled state
[   51.646119][ T4583] infiniband syz1: set active
[   51.650919][ T4583] infiniband syz1: added syz_tun
[   51.656505][ T4522] bridge_slave_0: entered allmulticast mode
[   51.671240][ T4583] RDS/IB: syz1: added
[   51.675258][ T4583] smc: adding ib device syz1 with port count 1
[   51.705082][ T4522] bridge_slave_0: entered promiscuous mode
[   51.718035][ T4620] netlink: 'syz.2.315': attribute type 10 has an invalid length.
[   51.753868][ T4633] netlink: 24 bytes leftover after parsing attributes in process `syz.2.317'.
[   51.789274][ T4522] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.796422][ T4522] bridge0: port 2(bridge_slave_1) entered disabled state
[   51.810942][ T4583] smc:    ib device syz1 port 1 has no pnetid
[   51.817200][   T29] audit: type=1400 audit(1768984189.502:1041): avc:  denied  { write } for  pid=4637 comm="syz.2.318" name="001" dev="devtmpfs" ino=150 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   51.819406][ T4522] bridge_slave_1: entered allmulticast mode
[   51.847293][ T4522] bridge_slave_1: entered promiscuous mode
[   51.896675][ T4522] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   51.911368][ T4522] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   51.949240][ T4522] team0: Port device team_slave_0 added
[   51.967046][ T4522] team0: Port device team_slave_1 added
[   51.988324][ T4522] batman_adv: batadv0: Adding interface: batadv_slave_0
[   51.995358][ T4522] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   52.021480][ T4522] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   52.042700][ T4522] batman_adv: batadv0: Adding interface: batadv_slave_1
[   52.049661][ T4522] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   52.076210][ T4522] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   52.096243][ T4658] netlink: 148 bytes leftover after parsing attributes in process `syz.2.321'.
[   52.105301][ T4658] A link change request failed with some changes committed already. Interface gre0 may have been left with an inconsistent configuration, please check.
[   52.203032][ T4522] hsr_slave_0: entered promiscuous mode
[   52.218484][ T4522] hsr_slave_1: entered promiscuous mode
[   52.226056][ T4522] debugfs: 'hsr0' already exists in 'hsr'
[   52.231906][ T4522] Cannot create hsr debugfs directory
[   52.241433][ T4671] macsec1: entered promiscuous mode
[   52.246680][ T4671] ip6gretap0: entered promiscuous mode
[   52.261129][ T4671] ip6gretap0: left promiscuous mode
[   52.315428][ T4683] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   52.331121][ T4683] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   52.428243][ T4522] netdevsim netdevsim6 netdevsim0: renamed from eth0
[   52.443119][ T4522] netdevsim netdevsim6 netdevsim1: renamed from eth1
[   52.453116][ T4522] netdevsim netdevsim6 netdevsim2: renamed from eth2
[   52.469582][ T4522] netdevsim netdevsim6 netdevsim3: renamed from eth3
[   52.495743][ T4695] pimreg: entered allmulticast mode
[   52.504053][ T4695] pimreg: left allmulticast mode
[   52.543727][ T4522] 8021q: adding VLAN 0 to HW filter on device bond0
[   52.555859][ T4704] netlink: 12 bytes leftover after parsing attributes in process `syz.0.329'.
[   52.561783][ T4522] 8021q: adding VLAN 0 to HW filter on device team0
[   52.576812][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.583910][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[   52.602991][ T4522] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   52.613389][ T4522] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   52.627528][   T29] audit: type=1400 audit(1768984190.322:1042): avc:  denied  { read } for  pid=4708 comm="syz.0.331" name="usbmon9" dev="devtmpfs" ino=169 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   52.650889][   T29] audit: type=1400 audit(1768984190.322:1043): avc:  denied  { open } for  pid=4708 comm="syz.0.331" path="/dev/usbmon9" dev="devtmpfs" ino=169 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[   52.668839][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.681643][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[   52.706340][ T4715] FAULT_INJECTION: forcing a failure.
[   52.706340][ T4715] name failslab, interval 1, probability 0, space 0, times 0
[   52.718967][ T4715] CPU: 1 UID: 0 PID: 4715 Comm: syz.3.330 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   52.719026][ T4715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   52.719087][ T4715] Call Trace:
[   52.719091][ T4715]  <TASK>
[   52.719096][ T4715]  __dump_stack+0x1d/0x30
[   52.719111][ T4715]  dump_stack_lvl+0x95/0xd0
[   52.719191][ T4715]  dump_stack+0x15/0x1b
[   52.719252][ T4715]  should_fail_ex+0x263/0x280
[   52.719265][ T4715]  should_failslab+0x8c/0xb0
[   52.719276][ T4715]  __kmalloc_noprof+0xb8/0x580
[   52.719289][ T4715]  ? kobject_get_path+0x92/0x1c0
[   52.719387][ T4715]  kobject_get_path+0x92/0x1c0
[   52.719403][ T4715]  kobject_uevent_env+0x1da/0x570
[   52.719421][ T4715]  kobject_uevent+0x1d/0x30
[   52.719432][ T4715]  __kobject_del+0x88/0x190
[   52.719526][ T4715]  kobject_put+0x124/0x180
[   52.719541][ T4715]  net_rx_queue_update_kobjects+0x49b/0x540
[   52.719640][ T4715]  netdev_unregister_kobject+0xbf/0x270
[   52.719652][ T4715]  unregister_netdevice_many_notify+0x1346/0x1710
[   52.719670][ T4715]  unregister_netdevice_queue+0x1cd/0x200
[   52.719684][ T4715]  ip6_tnl_siocdevprivate+0x330/0xb30
[   52.719778][ T4715]  dev_ifsioc+0x8f8/0xaa0
[   52.719793][ T4715]  dev_ioctl+0x78c/0x960
[   52.719806][ T4715]  sock_ioctl+0x593/0x610
[   52.719862][ T4715]  ? __pfx_sock_ioctl+0x10/0x10
[   52.719875][ T4715]  __se_sys_ioctl+0xce/0x140
[   52.719899][ T4715]  __x64_sys_ioctl+0x43/0x50
[   52.719914][ T4715]  x64_sys_call+0x14b0/0x3000
[   52.719927][ T4715]  do_syscall_64+0xc0/0x2a0
[   52.719949][ T4715]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   52.720066][ T4715] RIP: 0033:0x7f61aa03acb9
[   52.720075][ T4715] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   52.720085][ T4715] RSP: 002b:00007f61a8a76028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   52.720178][ T4715] RAX: ffffffffffffffda RBX: 00007f61aa2b6090 RCX: 00007f61aa03acb9
[   52.720185][ T4715] RDX: 0000200000000680 RSI: 00000000000089f2 RDI: 0000000000000004
[   52.720193][ T4715] RBP: 00007f61a8a76090 R08: 0000000000000000 R09: 0000000000000000
[   52.720262][ T4715] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   52.720269][ T4715] R13: 00007f61aa2b6128 R14: 00007f61aa2b6090 R15: 00007ffd70a77ba8
[   52.720280][ T4715]  </TASK>
[   52.959574][ T4719] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   52.968713][ T4719] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   52.987113][ T4522] 8021q: adding VLAN 0 to HW filter on device batadv0
[   53.085207][ T4737] netlink: 'syz.0.337': attribute type 15 has an invalid length.
[   53.092979][ T4737] netlink: 25 bytes leftover after parsing attributes in process `syz.0.337'.
[   53.113356][   T29] audit: type=1400 audit(1768984190.792:1044): avc:  denied  { read write } for  pid=4728 comm="syz.3.335" name="rdma_cm" dev="devtmpfs" ino=251 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[   53.137631][   T29] audit: type=1400 audit(1768984190.792:1045): avc:  denied  { open } for  pid=4728 comm="syz.3.335" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=251 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[   53.182996][ T4522] veth0_vlan: entered promiscuous mode
[   53.192462][ T4522] veth1_vlan: entered promiscuous mode
[   53.217354][ T4522] veth0_macvtap: entered promiscuous mode
[   53.232046][ T4522] veth1_macvtap: entered promiscuous mode
[   53.238488][ T4746] netlink: 'syz.2.338': attribute type 10 has an invalid length.
[   53.250667][ T4522] batman_adv: batadv0: Interface activated: batadv_slave_0
[   53.264220][ T4522] batman_adv: batadv0: Interface activated: batadv_slave_1
[   53.285657][   T49] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   53.296128][   T49] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   53.311706][   T49] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   53.333180][ T4748] loop2: detected capacity change from 0 to 1024
[   53.339954][   T49] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   53.356229][ T4748] EXT4-fs (loop2): bad geometry: block count 4294901760 exceeds size of device (512 blocks)
[   53.411359][ T4751] netlink: 16 bytes leftover after parsing attributes in process `syz.6.298'.
[   53.430585][   T29] audit: type=1400 audit(1768984191.112:1046): avc:  denied  { getopt } for  pid=4750 comm="syz.6.298" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[   53.473885][ T4753] loop2: detected capacity change from 0 to 1024
[   53.481790][ T4753] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   53.507845][ T4755] FAULT_INJECTION: forcing a failure.
[   53.507845][ T4755] name failslab, interval 1, probability 0, space 0, times 0
[   53.520582][ T4755] CPU: 0 UID: 0 PID: 4755 Comm: syz.6.341 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   53.520614][ T4755] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   53.520686][ T4755] Call Trace:
[   53.520744][ T4755]  <TASK>
[   53.520751][ T4755]  __dump_stack+0x1d/0x30
[   53.520848][ T4755]  dump_stack_lvl+0x95/0xd0
[   53.520869][ T4755]  dump_stack+0x15/0x1b
[   53.520887][ T4755]  should_fail_ex+0x263/0x280
[   53.520943][ T4755]  should_failslab+0x8c/0xb0
[   53.520963][ T4755]  kmem_cache_alloc_lru_noprof+0x6c/0x490
[   53.520996][ T4755]  ? __d_alloc+0x37/0x340
[   53.521077][ T4755]  __d_alloc+0x37/0x340
[   53.521143][ T4755]  ? default_pointer+0xf2/0x5e0
[   53.521163][ T4755]  d_alloc+0x2e/0x100
[   53.521220][ T4755]  lookup_one_qstr_excl+0x99/0x250
[   53.521244][ T4755]  start_dirop+0x3e/0x70
[   53.521340][ T4755]  simple_start_creating+0xa2/0xd0
[   53.521363][ T4755]  debugfs_start_creating+0xda/0x150
[   53.521384][ T4755]  __debugfs_create_file+0x70/0x2b0
[   53.521402][ T4755]  debugfs_create_file_full+0x3f/0x60
[   53.521443][ T4755]  ? __pfx_hsr_dev_setup+0x10/0x10
[   53.521469][ T4755]  ref_tracker_dir_debugfs+0x10e/0x220
[   53.521501][ T4755]  alloc_netdev_mqs+0x1a7/0xa40
[   53.521555][ T4755]  rtnl_create_link+0x239/0x720
[   53.521580][ T4755]  rtnl_newlink_create+0x174/0x650
[   53.521627][ T4755]  rtnl_newlink+0xf5b/0x1370
[   53.521660][ T4755]  ? __memcg_slab_free_hook+0x135/0x230
[   53.521741][ T4755]  ? __rcu_read_unlock+0x4e/0x70
[   53.521757][ T4755]  ? avc_has_perm_noaudit+0xab/0x130
[   53.521868][ T4755]  ? cred_has_capability+0x224/0x290
[   53.521894][ T4755]  ? selinux_capable+0x31/0x40
[   53.521912][ T4755]  ? security_capable+0x7b/0x90
[   53.522007][ T4755]  ? ns_capable+0x7c/0xb0
[   53.522087][ T4755]  ? __pfx_rtnl_newlink+0x10/0x10
[   53.522130][ T4755]  rtnetlink_rcv_msg+0x64b/0x720
[   53.522160][ T4755]  netlink_rcv_skb+0x123/0x220
[   53.522180][ T4755]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   53.522217][ T4755]  rtnetlink_rcv+0x1c/0x30
[   53.522243][ T4755]  netlink_unicast+0x5c0/0x690
[   53.522265][ T4755]  netlink_sendmsg+0x5c8/0x6f0
[   53.522367][ T4755]  ? __pfx_netlink_sendmsg+0x10/0x10
[   53.522394][ T4755]  __sock_sendmsg+0x145/0x170
[   53.522420][ T4755]  ____sys_sendmsg+0x31e/0x4a0
[   53.522465][ T4755]  ___sys_sendmsg+0x195/0x1e0
[   53.522496][ T4755]  __x64_sys_sendmsg+0xd4/0x160
[   53.522521][ T4755]  x64_sys_call+0x17ba/0x3000
[   53.522597][ T4755]  do_syscall_64+0xc0/0x2a0
[   53.522656][ T4755]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   53.522678][ T4755] RIP: 0033:0x7fc4e9dfacb9
[   53.522696][ T4755] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   53.522713][ T4755] RSP: 002b:00007fc4e8857028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   53.522788][ T4755] RAX: ffffffffffffffda RBX: 00007fc4ea075fa0 RCX: 00007fc4e9dfacb9
[   53.522802][ T4755] RDX: 00000000000080c0 RSI: 00002000000002c0 RDI: 0000000000000003
[   53.522813][ T4755] RBP: 00007fc4e8857090 R08: 0000000000000000 R09: 0000000000000000
[   53.522824][ T4755] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   53.522868][ T4755] R13: 00007fc4ea076038 R14: 00007fc4ea075fa0 R15: 00007fffab5ae6d8
[   53.522886][ T4755]  </TASK>
[   53.853700][ T4755] macvlan1: entered promiscuous mode
[   53.859819][ T4755] dummy0: entered promiscuous mode
[   53.865702][ T4755] hsr1: entered promiscuous mode
[   53.870737][ T4755] hsr1: entered allmulticast mode
[   53.875931][ T4755] macvlan1: entered allmulticast mode
[   53.881440][ T4755] veth1_vlan: entered allmulticast mode
[   53.886988][   T29] audit: type=1400 audit(1768984191.222:1047): avc:  denied  { name_bind } for  pid=4756 comm="syz.5.342" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[   53.913864][ T4753] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.340: Invalid block bitmap block 0 in block_group 0
[   53.928886][ T4753] Quota error (device loop2): write_blk: dquota write failed
[   53.932778][ T4755] dummy0: entered allmulticast mode
[   53.936347][ T4753] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[   53.936557][ T4753] EXT4-fs error (device loop2): ext4_acquire_dquot:6986: comm syz.2.340: Failed to acquire dquot type 0
[   53.969106][ T4753] EXT4-fs error (device loop2): ext4_free_blocks:6728: comm syz.2.340: Freeing blocks not in datazone - block = 0, count = 4096
[   53.984266][ T4753] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm syz.2.340: Invalid inode bitmap blk 0 in block_group 0
[   54.000624][   T49] EXT4-fs error (device loop2): ext4_release_dquot:7022: comm kworker/u8:3: Failed to release dquot type 0
[   54.012349][ T4753] EXT4-fs error (device loop2) in ext4_free_inode:361: Corrupt filesystem
[   54.021908][ T4753] EXT4-fs (loop2): 1 orphan inode deleted
[   54.028162][ T4753] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   54.064642][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.127968][ T4772] FAULT_INJECTION: forcing a failure.
[   54.127968][ T4772] name failslab, interval 1, probability 0, space 0, times 0
[   54.140639][ T4772] CPU: 1 UID: 0 PID: 4772 Comm: syz.3.346 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   54.140679][ T4772] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   54.140743][ T4772] Call Trace:
[   54.140751][ T4772]  <TASK>
[   54.140758][ T4772]  __dump_stack+0x1d/0x30
[   54.140783][ T4772]  dump_stack_lvl+0x95/0xd0
[   54.140805][ T4772]  dump_stack+0x15/0x1b
[   54.140837][ T4772]  should_fail_ex+0x263/0x280
[   54.140858][ T4772]  should_failslab+0x8c/0xb0
[   54.140879][ T4772]  kmem_cache_alloc_noprof+0x68/0x490
[   54.140899][ T4772]  ? alloc_empty_file+0x76/0x200
[   54.140975][ T4772]  alloc_empty_file+0x76/0x200
[   54.141000][ T4772]  alloc_file_pseudo+0xf6/0x190
[   54.141027][ T4772]  __shmem_file_setup+0x1dd/0x210
[   54.141105][ T4772]  shmem_file_setup+0x3b/0x50
[   54.141123][ T4772]  __se_sys_memfd_create+0x2f6/0x6c0
[   54.141216][ T4772]  __x64_sys_memfd_create+0x31/0x40
[   54.141322][ T4772]  x64_sys_call+0x28cb/0x3000
[   54.141395][ T4772]  do_syscall_64+0xc0/0x2a0
[   54.141421][ T4772]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   54.141464][ T4772] RIP: 0033:0x7f61aa03acb9
[   54.141479][ T4772] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   54.141496][ T4772] RSP: 002b:00007f61a8a96e08 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[   54.141515][ T4772] RAX: ffffffffffffffda RBX: 000000000000062c RCX: 00007f61aa03acb9
[   54.141604][ T4772] RDX: 00007f61a8a96ee0 RSI: 0000000000000000 RDI: 00007f61aa0a730b
[   54.141635][ T4772] RBP: 00002000000000c0 R08: 00000000ffffffff R09: 0000000000000000
[   54.141655][ T4772] R10: 0000000000000001 R11: 0000000000000202 R12: 0000200000000000
[   54.141668][ T4772] R13: 00007f61a8a96ee0 R14: 00007f61a8a96ea0 R15: 0000200000000040
[   54.141686][ T4772]  </TASK>
[   54.355288][ T4778] netlink: 180 bytes leftover after parsing attributes in process `syz.2.350'.
[   54.414365][ T4787] FAULT_INJECTION: forcing a failure.
[   54.414365][ T4787] name failslab, interval 1, probability 0, space 0, times 0
[   54.427273][ T4787] CPU: 0 UID: 0 PID: 4787 Comm: syz.0.355 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   54.427297][ T4787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   54.427308][ T4787] Call Trace:
[   54.427314][ T4787]  <TASK>
[   54.427321][ T4787]  __dump_stack+0x1d/0x30
[   54.427344][ T4787]  dump_stack_lvl+0x95/0xd0
[   54.427366][ T4787]  dump_stack+0x15/0x1b
[   54.427382][ T4787]  should_fail_ex+0x263/0x280
[   54.427472][ T4787]  should_failslab+0x8c/0xb0
[   54.427493][ T4787]  __kmalloc_cache_noprof+0x64/0x4a0
[   54.427516][ T4787]  ? alloc_fs_context+0x46/0x590
[   54.427538][ T4787]  alloc_fs_context+0x46/0x590
[   54.427604][ T4787]  fs_context_for_mount+0x22/0x30
[   54.427624][ T4787]  do_new_mount+0xea/0x700
[   54.427642][ T4787]  ? security_capable+0x7b/0x90
[   54.427673][ T4787]  path_mount+0x4c0/0xb90
[   54.427723][ T4787]  ? user_path_at+0xbf/0x130
[   54.427821][ T4787]  __se_sys_mount+0x28c/0x2e0
[   54.427837][ T4787]  ? fput+0x8f/0xc0
[   54.427858][ T4787]  __x64_sys_mount+0x67/0x80
[   54.427908][ T4787]  x64_sys_call+0x2cca/0x3000
[   54.427986][ T4787]  do_syscall_64+0xc0/0x2a0
[   54.428018][ T4787]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   54.428039][ T4787] RIP: 0033:0x7efd02afacb9
[   54.428053][ T4787] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   54.428113][ T4787] RSP: 002b:00007efd01557028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   54.428134][ T4787] RAX: ffffffffffffffda RBX: 00007efd02d75fa0 RCX: 00007efd02afacb9
[   54.428152][ T4787] RDX: 0000200000000140 RSI: 0000200000000000 RDI: 0000000000000000
[   54.428165][ T4787] RBP: 00007efd01557090 R08: 0000200000000380 R09: 0000000000000000
[   54.428187][ T4787] R10: 0000000003200841 R11: 0000000000000246 R12: 0000000000000001
[   54.428200][ T4787] R13: 00007efd02d76038 R14: 00007efd02d75fa0 R15: 00007ffea48327c8
[   54.428236][ T4787]  </TASK>
[   54.651880][ T4794] loop3: detected capacity change from 0 to 1024
[   54.659257][ T4794] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   54.675947][ T4794] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.356: Invalid block bitmap block 0 in block_group 0
[   54.692707][ T4794] EXT4-fs error (device loop3): ext4_acquire_dquot:6986: comm syz.3.356: Failed to acquire dquot type 0
[   54.704356][ T4794] EXT4-fs error (device loop3): ext4_free_blocks:6728: comm syz.3.356: Freeing blocks not in datazone - block = 0, count = 4096
[   54.718037][ T4794] EXT4-fs error (device loop3): ext4_read_inode_bitmap:139: comm syz.3.356: Invalid inode bitmap blk 0 in block_group 0
[   54.731420][ T1785] EXT4-fs error (device loop3): ext4_release_dquot:7022: comm kworker/u8:10: Failed to release dquot type 0
[   54.745064][ T4794] EXT4-fs error (device loop3) in ext4_free_inode:361: Corrupt filesystem
[   54.753770][ T4794] EXT4-fs (loop3): 1 orphan inode deleted
[   54.759920][ T4794] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   54.800664][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   54.812377][ T4801] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4801 comm=syz.2.359
[   55.062818][ T4833] FAULT_INJECTION: forcing a failure.
[   55.062818][ T4833] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   55.076035][ T4833] CPU: 1 UID: 0 PID: 4833 Comm: syz.0.370 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   55.076116][ T4833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   55.076126][ T4833] Call Trace:
[   55.076132][ T4833]  <TASK>
[   55.076139][ T4833]  __dump_stack+0x1d/0x30
[   55.076162][ T4833]  dump_stack_lvl+0x95/0xd0
[   55.076179][ T4833]  dump_stack+0x15/0x1b
[   55.076207][ T4833]  should_fail_ex+0x263/0x280
[   55.076224][ T4833]  should_fail+0xb/0x20
[   55.076238][ T4833]  should_fail_usercopy+0x1a/0x20
[   55.076259][ T4833]  _copy_from_user+0x1c/0xb0
[   55.076332][ T4833]  __se_sys_mount+0x10d/0x2e0
[   55.076348][ T4833]  ? fput+0x8f/0xc0
[   55.076368][ T4833]  ? ksys_write+0x194/0x1a0
[   55.076384][ T4833]  __x64_sys_mount+0x67/0x80
[   55.076411][ T4833]  x64_sys_call+0x2cca/0x3000
[   55.076466][ T4833]  do_syscall_64+0xc0/0x2a0
[   55.076494][ T4833]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   55.076562][ T4833] RIP: 0033:0x7efd02afacb9
[   55.076577][ T4833] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   55.076592][ T4833] RSP: 002b:00007efd01557028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   55.076680][ T4833] RAX: ffffffffffffffda RBX: 00007efd02d75fa0 RCX: 00007efd02afacb9
[   55.076751][ T4833] RDX: 0000200000000480 RSI: 0000200000000200 RDI: 0000000000000000
[   55.076764][ T4833] RBP: 00007efd01557090 R08: 0000200000000180 R09: 0000000000000000
[   55.076831][ T4833] R10: 0000000000000084 R11: 0000000000000246 R12: 0000000000000001
[   55.076842][ T4833] R13: 00007efd02d76038 R14: 00007efd02d75fa0 R15: 00007ffea48327c8
[   55.076858][ T4833]  </TASK>
[   55.290357][ T4832] loop2: detected capacity change from 0 to 1024
[   55.302001][ T4829] bond1: (slave bond_slave_1): Device is not our slave
[   55.308169][ T4832] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   55.308866][ T4829] bond1: option active_slave: invalid value (bond_slave_1)
[   55.331642][ T4829] bond1 (unregistering): Released all slaves
[   55.403369][ T4832] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.372: Invalid block bitmap block 0 in block_group 0
[   55.426174][ T4845] loop5: detected capacity change from 0 to 512
[   55.432603][ T4832] EXT4-fs error (device loop2): ext4_acquire_dquot:6986: comm syz.2.372: Failed to acquire dquot type 0
[   55.444484][ T4832] EXT4-fs error (device loop2): ext4_free_blocks:6728: comm syz.2.372: Freeing blocks not in datazone - block = 0, count = 4096
[   55.458218][ T4832] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm syz.2.372: Invalid inode bitmap blk 0 in block_group 0
[   55.471527][ T4832] EXT4-fs error (device loop2) in ext4_free_inode:361: Corrupt filesystem
[   55.480087][ T3659] EXT4-fs error (device loop2): ext4_release_dquot:7022: comm kworker/u8:17: Failed to release dquot type 0
[   55.480481][ T4832] EXT4-fs (loop2): 1 orphan inode deleted
[   55.498064][ T4845] EXT4-fs error (device loop5): ext4_expand_extra_isize_ea:2808: inode #11: comm syz.5.375: corrupted xattr block 95: invalid header
[   55.512976][ T4845] EXT4-fs warning (device loop5): ext4_expand_extra_isize_ea:2858: Unable to expand inode 11. Delete some EAs or run e2fsck.
[   55.527802][ T4832] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   55.542025][ T4850] loop6: detected capacity change from 0 to 128
[   55.549022][ T4850] FAT-fs (loop6): error, fat_get_cluster: invalid start cluster (i_pos 1, start 04000002)
[   55.558978][ T4850] FAT-fs (loop6): Filesystem has been set read-only
[   55.595589][ T4845] EXT4-fs error (device loop5): ext4_validate_block_bitmap:432: comm syz.5.375: bg 0: block 7: invalid block bitmap
[   55.635326][ T4845] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6689: Corrupt filesystem
[   55.662702][ T4854] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[   55.664286][ T4845] EXT4-fs error (device loop5): ext4_xattr_delete_inode:2972: inode #11: comm syz.5.375: corrupted xattr block 95: invalid header
[   55.687315][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.698281][ T4845] EXT4-fs warning (device loop5): ext4_evict_inode:273: xattr delete (err -117)
[   55.720832][ T4845] EXT4-fs (loop5): 1 orphan inode deleted
[   55.727449][ T4845] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   55.755022][ T4858] cgroup: Invalid name
[   55.806887][ T4271] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.972997][ T4871] Process accounting resumed
[   56.018075][ T4885] loop3: detected capacity change from 0 to 1024
[   56.025011][ T4885] ext4: Bad value for 'max_dir_size_kb'
[   56.043699][ T4879] loop2: detected capacity change from 0 to 1024
[   56.043851][ T4885] futex_wake_op: syz.3.392 tries to shift op by -1; fix this program
[   56.058992][ T4879] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   56.077645][ T4890] netlink: 'syz.5.395': attribute type 3 has an invalid length.
[   56.085397][ T4890] netlink: 'syz.5.395': attribute type 7 has an invalid length.
[   56.093176][ T4890] netlink: 'syz.5.395': attribute type 8 has an invalid length.
[   56.100851][ T4890] netlink: 'syz.5.395': attribute type 7 has an invalid length.
[   56.108467][ T4890] netlink: 198788 bytes leftover after parsing attributes in process `syz.5.395'.
[   56.142079][ T4879] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.391: Invalid block bitmap block 0 in block_group 0
[   56.156091][ T4879] EXT4-fs error (device loop2): ext4_acquire_dquot:6986: comm syz.2.391: Failed to acquire dquot type 0
[   56.179759][ T4879] EXT4-fs error (device loop2): ext4_free_blocks:6728: comm syz.2.391: Freeing blocks not in datazone - block = 0, count = 4096
[   56.211942][ T4879] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm syz.2.391: Invalid inode bitmap blk 0 in block_group 0
[   56.229702][ T4902] netlink: 2 bytes leftover after parsing attributes in process `syz.5.399'.
[   56.238600][ T4902] netlink: 2 bytes leftover after parsing attributes in process `syz.5.399'.
[   56.247910][ T2865] __quota_error: 125 callbacks suppressed
[   56.247924][ T2865] Quota error (device loop2): do_check_range: Getting block 0 out of range 1-7
[   56.262677][ T2865] EXT4-fs error (device loop2): ext4_release_dquot:7022: comm kworker/u8:13: Failed to release dquot type 0
[   56.263367][   T29] audit: type=1326 audit(1768984193.962:1164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4897 comm="syz.0.396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd02afacb9 code=0x7ffc0000
[   56.294877][ T4907] loop3: detected capacity change from 0 to 1764
[   56.304087][ T4879] EXT4-fs error (device loop2) in ext4_free_inode:361: Corrupt filesystem
[   56.319850][ T4910] netlink: 20 bytes leftover after parsing attributes in process `syz.6.402'.
[   56.329048][ T4910] netlink: 152 bytes leftover after parsing attributes in process `syz.6.402'.
[   56.338359][ T4879] EXT4-fs (loop2): 1 orphan inode deleted
[   56.346818][ T4909] loop6: detected capacity change from 0 to 512
[   56.353265][   T29] audit: type=1326 audit(1768984194.012:1165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4897 comm="syz.0.396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd02afacb9 code=0x7ffc0000
[   56.377137][   T29] audit: type=1326 audit(1768984194.012:1166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4897 comm="syz.0.396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd02afacb9 code=0x7ffc0000
[   56.400604][   T29] audit: type=1326 audit(1768984194.012:1167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4897 comm="syz.0.396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efd02afacb9 code=0x7ffc0000
[   56.423950][   T29] audit: type=1326 audit(1768984194.012:1168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4897 comm="syz.0.396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd02afacb9 code=0x7ffc0000
[   56.447360][   T29] audit: type=1326 audit(1768984194.012:1169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4897 comm="syz.0.396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd02afacb9 code=0x7ffc0000
[   56.449623][ T4879] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   56.470740][   T29] audit: type=1326 audit(1768984194.012:1170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4897 comm="syz.0.396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd02afacb9 code=0x7ffc0000
[   56.506560][   T29] audit: type=1326 audit(1768984194.012:1171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4897 comm="syz.0.396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7efd02afacb9 code=0x7ffc0000
[   56.507784][ T4909] EXT4-fs: Ignoring removed nobh option
[   56.529828][   T29] audit: type=1326 audit(1768984194.012:1172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4897 comm="syz.0.396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd02afacb9 code=0x7ffc0000
[   56.584498][ T4909] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   56.598151][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.641277][ T4909] ext4 filesystem being mounted at /16/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   56.744975][ T4922] loop5: detected capacity change from 0 to 1024
[   56.745356][ T4922] EXT4-fs: inline encryption not supported
[   56.779349][ T4522] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.793341][ T4922] EXT4-fs (loop5): orphan cleanup on readonly fs
[   56.805580][ T4926] netlink: 8 bytes leftover after parsing attributes in process `syz.2.403'.
[   56.823324][ T4922] EXT4-fs (loop5): 1 truncate cleaned up
[   56.832924][ T4922] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   56.981560][ T4943] ip6gre1: entered promiscuous mode
[   56.986793][ T4943] ip6gre1: entered allmulticast mode
[   56.995963][ T4943] netlink: 16 bytes leftover after parsing attributes in process `syz.3.412'.
[   57.116906][ T4953] bridge0: entered promiscuous mode
[   57.133744][ T4953] bridge0: port 4(vlan2) entered blocking state
[   57.140105][ T4953] bridge0: port 4(vlan2) entered disabled state
[   57.147173][ T4953] vlan2: entered allmulticast mode
[   57.152332][ T4953] bridge0: entered allmulticast mode
[   57.252232][ T4953] vlan2: left allmulticast mode
[   57.257141][ T4953] bridge0: left allmulticast mode
[   57.264211][ T4953] bridge0: left promiscuous mode
[   57.405671][ T4959] netlink: 8 bytes leftover after parsing attributes in process `syz.3.418'.
[   57.405984][ T4962] netlink: 16 bytes leftover after parsing attributes in process `syz.0.420'.
[   57.553995][ T4969] netlink: 24 bytes leftover after parsing attributes in process `syz.0.423'.
[   57.564320][ T4969] ip6_vti0: mtu less than device minimum
[   57.885140][ T4271] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   58.155855][ T4998] loop5: detected capacity change from 0 to 512
[   58.192498][ T4998] EXT4-fs error (device loop5): ext4_iget_extra_inode:5073: inode #15: comm syz.5.434: corrupted in-inode xattr: e_value size too large
[   58.231580][ T4998] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.434: couldn't read orphan inode 15 (err -117)
[   58.261649][ T4998] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   58.285268][ T4271] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   58.597877][ T5038] 9p: Bad value for 'wfdno'
[   58.740446][ T5060] FAULT_INJECTION: forcing a failure.
[   58.740446][ T5060] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   58.753610][ T5060] CPU: 0 UID: 0 PID: 5060 Comm: syz.5.451 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   58.753639][ T5060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   58.753651][ T5060] Call Trace:
[   58.753660][ T5060]  <TASK>
[   58.753668][ T5060]  __dump_stack+0x1d/0x30
[   58.753772][ T5060]  dump_stack_lvl+0x95/0xd0
[   58.753789][ T5060]  dump_stack+0x15/0x1b
[   58.753808][ T5060]  should_fail_ex+0x263/0x280
[   58.753882][ T5060]  should_fail+0xb/0x20
[   58.753897][ T5060]  should_fail_usercopy+0x1a/0x20
[   58.753915][ T5060]  _copy_from_iter+0xcf/0xea0
[   58.753966][ T5060]  ? __alloc_frozen_pages_noprof+0x18a/0x350
[   58.753996][ T5060]  copy_page_from_iter+0x178/0x2a0
[   58.754087][ T5060]  ? anon_pipe_write+0x41/0xb30
[   58.754110][ T5060]  anon_pipe_write+0x53f/0xb30
[   58.754202][ T5060]  ? anon_pipe_write+0x41/0xb30
[   58.754224][ T5060]  ? __pfx_anon_pipe_write+0x10/0x10
[   58.754241][ T5060]  vfs_write+0x5a6/0x9f0
[   58.754370][ T5060]  ksys_write+0xdc/0x1a0
[   58.754386][ T5060]  __x64_sys_write+0x40/0x50
[   58.754403][ T5060]  x64_sys_call+0x2847/0x3000
[   58.754439][ T5060]  do_syscall_64+0xc0/0x2a0
[   58.754464][ T5060]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   58.754486][ T5060] RIP: 0033:0x7f711e2dacb9
[   58.754552][ T5060] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   58.754581][ T5060] RSP: 002b:00007f711cd37028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   58.754602][ T5060] RAX: ffffffffffffffda RBX: 00007f711e555fa0 RCX: 00007f711e2dacb9
[   58.754615][ T5060] RDX: 00000000200002e6 RSI: 0000200000000640 RDI: 0000000000000004
[   58.754626][ T5060] RBP: 00007f711cd37090 R08: 0000000000000000 R09: 0000000000000000
[   58.754636][ T5060] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   58.754654][ T5060] R13: 00007f711e556038 R14: 00007f711e555fa0 R15: 00007ffe581ddc28
[   58.754669][ T5060]  </TASK>
[   59.016420][ T5068] RDS: rds_bind could not find a transport for fec0:ffff::1, load rds_tcp or rds_rdma?
[   59.395521][ T5122] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   59.413569][ T5122] ext4 filesystem being mounted at /43/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   59.451146][ T5122] EXT4-fs error (device loop5): ext4_lookup:1785: inode #12: comm syz.5.466: iget: bad i_size value: 2533274857506816
[   59.467479][ T5122] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   59.501674][ T5096] smc: ib device syz2 ibport 1 applied user defined pnetid SYZ
[   59.546610][ T5096] EXT4-fs: Ignoring removed orlov option
[   59.552347][ T5096] EXT4-fs: Ignoring removed nomblk_io_submit option
[   59.559025][ T5096] ext4: Unknown parameter 'subj_role'
[   59.575362][   T31] Bluetooth: hci0: Frame reassembly failed (-84)
[   59.737858][ T5140] FAULT_INJECTION: forcing a failure.
[   59.737858][ T5140] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   59.750957][ T5140] CPU: 1 UID: 0 PID: 5140 Comm: syz.3.472 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   59.750993][ T5140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   59.751005][ T5140] Call Trace:
[   59.751059][ T5140]  <TASK>
[   59.751067][ T5140]  __dump_stack+0x1d/0x30
[   59.751110][ T5140]  dump_stack_lvl+0x95/0xd0
[   59.751206][ T5140]  dump_stack+0x15/0x1b
[   59.751225][ T5140]  should_fail_ex+0x263/0x280
[   59.751293][ T5140]  should_fail+0xb/0x20
[   59.751311][ T5140]  should_fail_usercopy+0x1a/0x20
[   59.751333][ T5140]  strncpy_from_user+0x27/0x250
[   59.751407][ T5140]  getname_flags+0xad/0x3b0
[   59.751430][ T5140]  user_path_at+0x28/0x130
[   59.751457][ T5140]  do_utimes+0xce/0x200
[   59.751479][ T5140]  __x64_sys_utime+0xbc/0x160
[   59.751501][ T5140]  x64_sys_call+0x2776/0x3000
[   59.751573][ T5140]  do_syscall_64+0xc0/0x2a0
[   59.751595][ T5140]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   59.751614][ T5140] RIP: 0033:0x7f61aa03acb9
[   59.751669][ T5140] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   59.751686][ T5140] RSP: 002b:00007f61a8a76028 EFLAGS: 00000246 ORIG_RAX: 0000000000000084
[   59.751703][ T5140] RAX: ffffffffffffffda RBX: 00007f61aa2b6090 RCX: 00007f61aa03acb9
[   59.751714][ T5140] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00002000000000c0
[   59.751725][ T5140] RBP: 00007f61a8a76090 R08: 0000000000000000 R09: 0000000000000000
[   59.751766][ T5140] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   59.751783][ T5140] R13: 00007f61aa2b6128 R14: 00007f61aa2b6090 R15: 00007ffd70a77ba8
[   59.751808][ T5140]  </TASK>
[   59.828996][ T5142] netlink: 'syz.5.473': attribute type 10 has an invalid length.
[   60.070234][ T5155] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=144 sclass=netlink_route_socket pid=5155 comm=syz.5.478
[   60.163955][ T5159] set_capacity_and_notify: 5 callbacks suppressed
[   60.163980][ T5159] loop3: detected capacity change from 0 to 1024
[   60.219950][ T5159] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   60.253735][ T3318] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   60.280318][ T5180] loop6: detected capacity change from 0 to 128
[   60.374119][ T5180] ==================================================================
[   60.382215][ T5180] BUG: KCSAN: data-race in xas_find_marked / xas_set_mark
[   60.389344][ T5180] 
[   60.391665][ T5180] write to 0xffff88811b199714 of 4 bytes by task 5187 on cpu 1:
[   60.399297][ T5180]  xas_set_mark+0x12b/0x140
[   60.403810][ T5180]  __folio_start_writeback+0x17b/0x370
[   60.409275][ T5180]  __block_write_full_folio+0x53a/0x8f0
[   60.414816][ T5180]  block_write_full_folio+0x2c1/0x2e0
[   60.420187][ T5180]  mpage_writepages+0x710/0x1310
[   60.425131][ T5180]  fat_writepages+0x24/0x30
[   60.429650][ T5180]  do_writepages+0x1c6/0x310
[   60.434276][ T5180]  file_write_and_wait_range+0x178/0x2f0
[   60.439917][ T5180]  __generic_file_fsync+0x46/0x160
[   60.445020][ T5180]  fat_file_fsync+0x49/0x100
[   60.449610][ T5180]  vfs_fsync_range+0x10d/0x130
[   60.454386][ T5180]  generic_file_write_iter+0x1ba/0x310
[   60.459840][ T5180]  iter_file_splice_write+0x6bc/0xa80
[   60.465212][ T5180]  direct_splice_actor+0x156/0x2a0
[   60.470323][ T5180]  splice_direct_to_actor+0x311/0x670
[   60.475701][ T5180]  do_splice_direct+0x119/0x1a0
[   60.480553][ T5180]  do_sendfile+0x380/0x650
[   60.484962][ T5180]  __x64_sys_sendfile64+0x105/0x150
[   60.490149][ T5180]  x64_sys_call+0x2db1/0x3000
[   60.494822][ T5180]  do_syscall_64+0xc0/0x2a0
[   60.499318][ T5180]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   60.505197][ T5180] 
[   60.507504][ T5180] read to 0xffff88811b199714 of 4 bytes by task 5180 on cpu 0:
[   60.515029][ T5180]  xas_find_marked+0x5d7/0x620
[   60.519786][ T5180]  find_get_entry+0x5d/0x380
[   60.524365][ T5180]  filemap_get_folios_tag+0xb6/0x230
[   60.529692][ T5180]  writeback_iter+0x4bb/0x810
[   60.534373][ T5180]  mpage_writepages+0x87/0x1310
[   60.539218][ T5180]  fat_writepages+0x24/0x30
[   60.543712][ T5180]  do_writepages+0x1c6/0x310
[   60.548296][ T5180]  file_write_and_wait_range+0x178/0x2f0
[   60.553933][ T5180]  __generic_file_fsync+0x46/0x160
[   60.559033][ T5180]  fat_file_fsync+0x49/0x100
[   60.563615][ T5180]  vfs_fsync_range+0x10d/0x130
[   60.568366][ T5180]  generic_file_write_iter+0x1ba/0x310
[   60.573817][ T5180]  iter_file_splice_write+0x6bc/0xa80
[   60.579188][ T5180]  direct_splice_actor+0x156/0x2a0
[   60.584298][ T5180]  splice_direct_to_actor+0x311/0x670
[   60.589683][ T5180]  do_splice_direct+0x119/0x1a0
[   60.594533][ T5180]  do_sendfile+0x380/0x650
[   60.598938][ T5180]  __x64_sys_sendfile64+0x105/0x150
[   60.604127][ T5180]  x64_sys_call+0x2db1/0x3000
[   60.608805][ T5180]  do_syscall_64+0xc0/0x2a0
[   60.613308][ T5180]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   60.619189][ T5180] 
[   60.621497][ T5180] value changed: 0x0a000021 -> 0x04000021
[   60.627195][ T5180] 
[   60.629499][ T5180] Reported by Kernel Concurrency Sanitizer on:
[   60.635631][ T5180] CPU: 0 UID: 0 PID: 5180 Comm: syz.6.487 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   60.645248][ T5180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   60.655293][ T5180] ==================================================================
[   60.824754][ T5180] syz.6.487: attempt to access beyond end of device
[   60.824754][ T5180] loop6: rw=8390657, sector=128, nr_sectors = 1 limit=128
[   60.838438][ T5180] Buffer I/O error on dev loop6, logical block 128, lost async page write
[   60.847132][ T5187] syz.6.487: attempt to access beyond end of device
[   60.847132][ T5187] loop6: rw=8390657, sector=128, nr_sectors = 1 limit=128
[   60.860742][ T5187] Buffer I/O error on dev loop6, logical block 128, lost async page write
[   61.640614][ T3977] Bluetooth: hci0: command 0x1003 tx timeout
[   61.640621][   T44] Bluetooth: hci0: Opcode 0x1003 failed: -110