last executing test programs:

1m41.498721034s ago: executing program 2 (id=2222):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x40, 0x9, 0x6, 0x3, 0x0, 0x0, {0x5}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x24, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e21}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @private=0xa010101}}, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x10004893}, 0x80)

1m41.481488745s ago: executing program 2 (id=2223):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0))
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000000)={'syzkaller0\x00', @broadcast})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x4d, 0xfffffffb, 0x7fffffff}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040084)
sendmsg$nl_route_sched(r3, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000001f80)=@newqdisc={0x434, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdf8, {0x0, 0x0, 0x0, r5, {0x10}, {}, {0xa, 0x3}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x408, 0x2, [@TCA_TBF_RTAB={0x404, 0x2, [0x1, 0x1, 0x9, 0x8000, 0x3, 0x5, 0x5, 0xb762, 0x6, 0x7, 0x8, 0xf, 0x2, 0x80000001, 0x400, 0x7fc, 0xffff8000, 0x6, 0x401, 0x9, 0xb89, 0xffffe4f5, 0xd6, 0x4, 0xffff, 0x7, 0x0, 0x2, 0x101, 0x1, 0xfffffffc, 0x4, 0x1, 0x1, 0x9, 0xc, 0x20001000, 0x4, 0x2, 0x7, 0x4, 0x99, 0x9, 0x5, 0x6, 0x7, 0xfffffff7, 0x1, 0x2, 0x9, 0x9, 0x44, 0x8, 0x8, 0x1, 0x4, 0x7ff, 0x8, 0x7, 0x80000001, 0x400, 0x8, 0xfffffa72, 0xcd, 0xffffff80, 0x80000000, 0xc, 0x4, 0x65, 0x91, 0x659, 0x9, 0xf, 0x9, 0xc28, 0x9, 0x7, 0x3, 0x401, 0x3, 0x2, 0xfffffffa, 0x1, 0x10001, 0x3, 0x1, 0x4, 0x8, 0x8, 0x7, 0x1, 0x1, 0x1, 0x7, 0x40, 0x7, 0x12, 0x8000, 0x1, 0x4dc, 0x80, 0x3, 0x7fffffff, 0xff, 0x9, 0xa7, 0xf, 0x2, 0x0, 0x3, 0x1000, 0x4, 0x401, 0x7, 0x80000000, 0xffff, 0x6, 0x5, 0x4, 0xffffffff, 0x80000000, 0x1966f9ab, 0x200, 0x20200, 0xed5, 0xfffffc00, 0x6, 0x4, 0x8, 0x485e, 0xa85, 0x80000040, 0x2, 0x7, 0x7, 0x102, 0x2d5421e8, 0x7, 0x10000, 0xffffffff, 0x6, 0x3ff, 0xf04, 0x0, 0x2, 0x5, 0xfffffc00, 0x5, 0x8d, 0x4, 0x401, 0x4, 0x9, 0x3, 0xfffffffb, 0x1, 0x0, 0x0, 0x2, 0x5, 0x8, 0x3, 0x0, 0x800, 0x2, 0x8, 0x7ff, 0x1, 0x9, 0x6, 0x5, 0x5, 0x4d15, 0x1ff, 0xfffff060, 0x3, 0x469, 0x3, 0x0, 0x200, 0x10000005, 0x7, 0x1, 0x8, 0x42ba, 0x4, 0x9, 0x3, 0x8, 0x8, 0x53, 0x6, 0x4, 0x400, 0x8000, 0x0, 0x2c310b18, 0xfff, 0x0, 0x3, 0xcd34, 0x9, 0x81, 0xdf3, 0x2, 0x7, 0x8, 0xfff, 0x1ff, 0x8000, 0x3, 0x8, 0x3, 0x9, 0x9a6, 0xe4cb, 0x402, 0x1, 0x1ff, 0x3e, 0x9b4, 0x1, 0x8, 0x0, 0x8, 0x0, 0x9, 0x0, 0x4, 0x10, 0x901, 0x5, 0x2, 0x7b, 0xfffffeff, 0x6, 0x6, 0xc, 0x1000, 0x9, 0x9, 0xe6, 0xab, 0x400, 0x7fffffff, 0xed, 0x7ff, 0xd83, 0x68, 0x80000001, 0x4, 0x1, 0x6, 0x200, 0x2]}]}}]}, 0x434}, 0x1, 0x0, 0x0, 0x40098}, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
r7 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r7, &(0x7f0000000200)="2478546ca4fa3b0bfe4ddf", 0xb, 0x4000050, &(0x7f00000001c0)={0x11, 0xf7, r6, 0x1, 0xd8, 0x6, @multicast}, 0x14)

1m41.313719315s ago: executing program 2 (id=2225):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x21800, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
keyctl$dh_compute(0x17, 0x0, &(0x7f0000000480)=""/82, 0x52, 0x0)
r2 = socket(0x1d, 0x2, 0x6)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r3, 0x0, 0x4014)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000002e80), 0xffffffffffffffff)
sendmsg$NL802154_CMD_NEW_INTERFACE(r4, &(0x7f0000002f40)={0x0, 0x0, &(0x7f0000002f00)={&(0x7f0000000640)={0x38, r5, 0x1, 0x30bd2a, 0x25dfdbfd, {}, [@NL802154_ATTR_IFNAME={0xa, 0x4, 'wpan3\x00'}, @NL802154_ATTR_IFTYPE={0x8}, @NL802154_ATTR_IFTYPE={0x8}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x38}, 0x1, 0x0, 0x0, 0x4048044}, 0x20004014)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={0x0}}, 0x4000800)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000980)=@delchain={0x34, 0x64, 0xf31, 0xfffffffb, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x9}, {0xfff3, 0xffff}, {0x0, 0x1b}}, [@filter_kind_options=@f_flower={{0x9}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x0)
getsockopt$PNPIPE_IFINDEX(r2, 0x113, 0x2, &(0x7f0000000340)=<r9=>0x0, &(0x7f0000000380)=0x4)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000140), 0xc, &(0x7f00000003c0)={&(0x7f0000000680)=@dellink={0x188, 0x11, 0x20, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x41085}, [@IFLA_VF_PORTS={0xd4, 0x18, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, [@IFLA_PORT_PROFILE={0xf, 0x2, '/dev/ttyS3\x00'}, @IFLA_PORT_VF={0x8, 0x1, 0x3}, @IFLA_PORT_REQUEST={0x5, 0x6, 0xa}, @IFLA_PORT_VF={0x8, 0x1, 0x2}]}, {0x4}, {0x3c, 0x1, 0x0, 0x1, [@IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "8b2e6d63808b74c9abacc43cd5278956"}, @IFLA_PORT_REQUEST={0x5, 0x6, 0x1}, @IFLA_PORT_VF={0x8, 0x1, 0x7f}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "f63d72c474da2e4ce168c8ec8e9df1c1"}]}, {0x28, 0x1, 0x0, 0x1, [@IFLA_PORT_REQUEST={0x5, 0x6, 0x6}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "22c56f6a7976894ddda37d769c59e5d9"}, @IFLA_PORT_VF={0x8, 0x1, 0x7}]}, {0x3c, 0x1, 0x0, 0x1, [@IFLA_PORT_PROFILE={0x6, 0x2, '\'\x00'}, @IFLA_PORT_PROFILE={0x6, 0x2, ')\x00'}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "02191ee998fb8dd40534db114b3e67f8"}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "3759e1dad0e4d3cde82fa96fb4d0b984"}]}]}, @IFLA_PROP_LIST={0x54, 0x34, 0x0, 0x1, [{0x14, 0x35, 'bond_slave_1\x00'}, {0x14, 0x35, 'veth0\x00'}, {0x14, 0x35, 'geneve1\x00'}, {0x14, 0x35, 'caif0\x00'}]}, @IFLA_LINKMODE={0x5, 0x11, 0x2}, @IFLA_MASTER={0x8, 0xa, r9}, @IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @vti={{0x8}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_VTI_REMOTE={0x8, 0x5, @empty}, @IFLA_VTI_REMOTE={0x8, 0x5, @rand_addr=0x64010101}, @IFLA_VTI_REMOTE={0x8, 0x5, @broadcast}]}}}, @IFLA_NUM_RX_QUEUES={0x8, 0x20, 0x5}]}, 0x188}, 0x1, 0x0, 0x0, 0x20000000}, 0x810)
sendmsg$TIPC_NL_BEARER_ENABLE(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x54, r8, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @local}}, {0x14, 0x2, @in={0x2, 0x0, @multicast1}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}}, 0x0)
sendmsg$TIPC_NL_KEY_SET(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x54, r8, 0x1, 0xfffffffe, 0x10000, {}, [@TIPC_NLA_NODE={0x40, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "e3de3d7b4cd07ec3ee777de774fc7987cca41989"}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x4}, 0x0)

1m40.117443624s ago: executing program 2 (id=2235):
r0 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0xcdd1dff97325e36a, &(0x7f00000003c0)={[{@block_validity}, {@nodiscard}, {@sysvgroups}, {@barrier_val={'barrier', 0x3d, 0x40000000071b3}}, {@grpjquota}, {@orlov}, {@bsdgroups}, {@noauto_da_alloc}, {@usrjquota_path={'usrjquota', 0x3d, './file0/file0'}}]}, 0x7, 0x580, &(0x7f0000001b40)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQk5e6JNNQsumW7KY0sdD2YC9epAgiFsQ/wLvH4j/gX1HQQpES9OBlZTaz7TbJJpt02127nw9M+97M7L558+Y9vm9mwgYwsMayfwoRr0bEt0nEwZZtw5FvHFvdb+XhtelsSaJe/+yvJJJ8XXP/JP9/f555JSJ++zrieGF9udWl5blSuZwu5Pnx2vzl8erS8omL86XZdDa9NDk1deqdqcn333u3a3V989w/P3x696NT3xxd+f6X+4duJ3EmDuTbWuvxFG60ZsZiLD8nI3FmzY4TXSisnyS9PgB2ZCjv5yORjQEHYyjv9cCL73pE1IEBlej/MKCacUBzbr9mHvzCT+sefLg6AVpf/+HVeyOxpzE32reSPDEzyk7MaBfKz8r49c87t7MltrgPcb0L5QE03bgZESeHh9ePf0k+/q1xoPPvPtm4eby5tWV06T4s0IG7Wfzz1kbxT+FR/BMbxD/7N+i7O7F1/y/c70IxbWXx3wcbxr+Phq7RoTz3UiPmG0kuXCynJyPi5Yg4FiO7s/xmz3NOrdyrt9vWGv9lS1Z+MxbMj+P+8O4nPzNTqpWeps6tHtyMeO1x/JvEuvF/TyPWXdv+2fk412EZR9I7r7fbtnX9W3U/Aq7/HPHGhu3/eOqTbP58crxxPYw3r4r1/r515Pd25W+v/t2Xtf++zes/mrQ+r61uv4yf9vybttu20+t/V/J5I70rX3e1VKstTETsSj5Zv37y8Web+eb+Wf2PHd18/Nvo+t8bEV92WP9bh2+13bUf2n9mW+2//cS9j7/6sV35nbX/243UsXxNJ+Nfpwf4NOcOAAAAAAAA+k2h8UpXUig+ShcKxeLq+x2HY1+hXKnWjl+oLF6aWX31azRGCs0n3Qdb3oeYyN+HbeYn1+SnIuJQRHw3tLeRL05XyjO9rjwAAAAAAAAAAAAAAAAAAAD0if1t/v4/88dQr48OeOb85DcMri37fzd+6QnoS5v0/y+e53EAz5/4HwaX/g+DS/+HwaX/w+DS/2Fw6f8wuPR/AAAAAAAAAAAAAAAAAAAAAAAAAAAA6KpzZ89mS33l4bXpLD9zZWlxrnLlxExanSvOL04XpysLl4uzlcpsOS1OV+a3+r5ypXJ5YjIWr47X0mptvLq0fH6+snipdv7ifGk2PZ+OPJdaAQAAAAAAAAAAAAAAAAAAwP9LdWl5rlQupwv9nNjb28M4HTv7+FD0/tRliWSrVj6dXww7KmK49xUc8EQ9eRbf3OOBCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABa/BcAAP//7uAzCw==")
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$TIPC_CMD_RESET_LINK_STATS(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)={0x28, 0x0, 0x1, 0x70bd23, 0x0, {{}, {}, {0xc, 0x14, 'syz0\x00'}}}, 0x28}}, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000040)='timerslack_ns\x00')
pread64(r2, 0x0, 0x0, 0xc9)
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000080)={[{@i_version}, {@nogrpid}, {@bh}]}, 0x1, 0x523, &(0x7f0000000c00)="$eJzs3c9vHFcdAPDvTLK2k7h1WnoABG1oCwFFWceb1qp6gHJCCFVC9AgiNfbGsrzrtbzrUptIuGeuSFTiBEf+AM49ceeC4MalHJD4YYFqJA5TzezY2di79qaJvZb385FG89688X7fizPvzbxd7wtgbN2IiJ2ImIiIdyNipjyelFu81d3y8z7ZfbC4t/tgMYkse+dfSVGeH4uen8ldK19zKiJ+8J2InyRH47a3tlcXGo36Rpmf7TTXZ9tb27dXmgvL9eX6Wq02Pzd/5427r9ceozVTx5a+1JwoU1/++I873/hZXq3p8khvO56mbtMrB3FylyPie6cRbAQule2ZGHVF+EzSiHg+Il4urv+ZuFT8NgGAiyzLZiKb6c0DABddWsyBJWm1nAuYjjStVrtzeC/E1bTRandu3W9tri1158quRyW9v9Ko3ynnCq9HJcnzc0X6Yb52KH83Ip6LiF9OXiny1cVWY2mUNz4AMMauHRr//zvZHf8BgAvu+I/NAAAXkfEfAMaP8R8Axo/xHwDGT3f8v/K4P5Zl2c9PozoAwBnw/A8A48f4DwBj5ftvv51v2V75/ddL721trrbeu71Ub69Wm5uL1cXWxnp1udVaLr6zp3nS6zVarfW512Lz/evfXG93Zttb2/earc21zr3ie73v1SvFWTtn0DIAYJDnXvroL0k+Ir95pdiiZy2HykhrBpy2dNQVAEbm0qgrAIyM1b5gfD18xn/sDwGYHoALos8SvY+Y6vcHQlmWZadXJeCU3fyC+X8YVz3z/z4FDGPmpPn/Ym1gbxLChWT+H8ZXliXDrvkfw54IAJxvx8zxXz/L+xBgdAa8//98uf9d+ebAj5YOn/HhadYKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzrf99X+r5TK/05Gm1WrEM8UCQJXk/kqjficino2IP09WJvP83IjrDAA8qfTvSbn+182ZV6cfKXrx2kFyIiJ++ut3fvX+Qqez8aeIieTfk/vHOx+Wx2snBps6jRYAAMfbH6eLfc+D/Ce7Dxb3t7Oszz++3b0ryOPu7U7E3kH8y3G52E9FJSKu/icp811Jz9zFk9j5ICI+36/9SUwXcyDdW5bD8fPYz5xp/PSR+Gm5QHNa/lt87inUBcbNR3n/81a/6y+NG8W+//U/VfRQT67s//KXWtwr+sCH8ff7v0sD+r8bw8Z47Q/f7aauHC37IOKLlyP2Y+/19D/78ZMB8V8dMv5fv/Tiy4PKst9E3Iz+8XtjzXaa67Ptre3bK82F5fpyfa1Wm5+bv/PG3ddrs8Uc9ezg0eCfb956dlBZ3v6rA+JPndD+rw7Z/t/+/90ffuWY+F9/pV/8NF44Jn4+Jn5tyPgLV38/8Lk7j790tP3JML//W0PG//hv20eWDQcARqe9tb260GjUNyTGNPHjOBfVGC6R/5c9B9Xom/jWWcWaiP5Fv3ile00fKsqyzxRrUI/xNGbdgPPg4KKPiP+NujIAAAAAAAAAAAAAAEBfZ/EXS6NuIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABfXpwEAAP//+E3TQw==")
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x143142, 0x40)
pwritev2(r3, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5405, 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x4842, 0x1cb)
writev(r4, &(0x7f0000000140)=[{&(0x7f0000001200)="10", 0x64000}], 0x1)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = openat$cgroup_procs(r5, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r6, &(0x7f00000000c0), 0x12)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r8, 0x321, 0x70bd27, 0x25dfdbfd}, 0x14}}, 0x4000000)
r9 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r9, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_group_source_req(r9, 0x29, 0x2b, &(0x7f0000000200)={0x1, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x1}}, {{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}}}, 0x108)
preadv(r6, 0x0, 0x0, 0x611, 0x1)
r10 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000540), r2)
sendmsg$TIPC_NL_NAME_TABLE_GET(r3, &(0x7f0000000740)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000700)={&(0x7f0000000780)=ANY=[@ANYBLOB="200100004a610c17", @ANYRES16=r10, @ANYBLOB="000125bd7000ffdbdf2510000000d8000280540003800800010000000000080002000000008008000200000008200800010004000000080001000800000008000100310000000800010080ffffff0800010002000000080001000400000008000100de6dffff0800020009000000440003800800020002000000080002000d0000000800020005000000080002000400000008000100090000000800020001000000080001000f00000008000200000000003400038008000100030000000800020001000000080002000600000008000200fdffffff08000200040000000800020000020000340001800d0001007564703a73797a32000000000d0001007564703a73797a32000000000d0001007564703a73797a3000000000"], 0x120}, 0x1, 0x0, 0x0, 0x40000c0}, 0x4000)
sync()
r11 = syz_clone(0x80000, &(0x7f0000000080)="7dca73150da927b243f9450e515ba38ad3da6ec165af66ff0938c092b85c0ae73e", 0x21, &(0x7f0000000100), &(0x7f0000000280), &(0x7f0000000480)="8c9baacb53fb9ce6ad24a1ed536ad4bd1f0533b90103410e0cfbd2b7e986e079b7cc2aea2a8ed845183acac2264aaa3c07c862f00ed74e26dc644ebc5ee76f2bd28e39186d47e865721895621a56aff494a174c458402f964713f8fe21822b9ccd7a48dac61782745e9a858fbb5a6b62cbce48942a999bd44ad5f588c90a5a7225f0ed22e116df651189d9c392854997963b2cb6")
write$cgroup_pid(r2, &(0x7f00000002c0)=r11, 0x12)
signalfd4(r0, &(0x7f0000000000)={[0x4]}, 0x8, 0x400)

1m39.404891866s ago: executing program 2 (id=2239):
r0 = syz_open_dev$sg(0x0, 0x0, 0x200)
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000000)={0xc, {"a2e3ad2107c752f91b25470987f70e06d038e7ff7fc6e5539b3264078b089b3b083468060890e0878f0e1ac6e70a9b3365959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31350d095d0636cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4040d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7dafbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a4d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194ba6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3df8fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f5f71d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810930500ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab974c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc660db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d154d8a5ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21e5ec68cb068ea88067d905ea917bb03eefdaebdeabf2c0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000000000000000000000000000001b0700", 0x1000}}, 0x1006)
r1 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_SET_PATH_EMPTY(r1, 0x4, &(0x7f0000000180)='!\x00', &(0x7f00000001c0)='./file0\x00', 0xffffffffffffffff)
r2 = syz_io_uring_setup(0x339a, &(0x7f0000000300)={0x0, 0x2, 0x1, 0x1}, 0x0, &(0x7f0000000400))
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r2, 0x10, &(0x7f0000004f40)={0x0, 0x0, &(0x7f0000004f00)=[{0x0}], 0xfffffffffffffffe, 0x1}, 0x20)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000240), 0x3af4701e)
syz_mount_image$ext4(&(0x7f00000005c0)='ext4\x00', &(0x7f0000000600)='./file1\x00', 0x0, &(0x7f00000000c0)={[{@nojournal_checksum}]}, 0xfd, 0x5bc, &(0x7f0000001440)="$eJzs3V2IXGcdB+D/md1N87E1H7Zqa2xWQ20gdGez2YREvLDEj1qTWlG8CIWwZKe7IbM7a3YD3algizeiIII3IggVe2FFNJCbSqntRYs3Ckr9oKIxoIIIRSsFEdSRdz620+akCe7uHJrzPHBm3/Oe2X3f2eE355w57zkngNIaSw9ZxGhEXIyI7Z3Z1z9hrPOjefDCXJqyaLU+/bes/byZgxfmek/t/d629DAcsTkidh3LYu/Ile0urTTPTtfrtXPd+ery/GJ1aaV595n56dnabG3h0JGpo5OHp45Mrd9rnfjZ1lv/fOf9l594/p///tZvDv8g9Xe0u6z/dayXsRjr/k9GYmdf/XAWcd96N1aQoc5bHXf21WXDBXaI69Zq7fp+ev/eHhF72/nfHkPRefNeevrBf2yPX91bdB+BjdPqyV/8Sgu4YVXa28BZZTwiOuVKZXy8sw1/S2yt1BtLy/sfapxfmOlsK++IkcpDZ+q1ie6+wo4YydL8gXb5tfnJN8wfjGhvA39paEt7fvx0oz4z6A87oG004tLFz53etO0N+f/LUCf/wI0r5f+XLzz1bCq/OlR0b4BBSvn/3qvznwj5h9KRfygv+Yfykn8oL/mH8pJ/KC/5h/KSfygv+Yfykn8or17+HzhxIh44caLV7J7/vtCYPXN2bvHo5MT4/PnT46cb5xbHZxuN2fYZO/PX/rv1RmPxwGScf7i6XFtari6tNE/NN84vLJ9qn9d/qpZzKQCgACcvb75v557nXsoi4tEPbGlPyabuclmFG1urlUXR5yADxbDrD+XlUm1QXvbxgewayzdfbUF9/fsCDEal6A4AhbnrNsf/oKx8/w/l5ft/KC/b+IDv/6F8fP8P5TV6lft/3dx3766JiHhbRPx0aOSm3r2+gLeU1+3qj0ZcuvSdz1ZX78OtoKCgsFoo7oMKGIzXQl90T4CizBy8MNebBtXmM7ODagnI8/I9nUFAKffN7tRZMrx6bGBkg8YJ7bwjPf7o94/vmxtKU3Q/hzagKSDHo49FxLvy1v9Z+9jAju7zdnWeFrdExK0R8Y6IeOca2/7GpyLG4oVaf538w+Bcb/5vi4i0ur49It4dEbsj4j1rbPsXF1P+f72lv07+oRw+/3zRPQCK8vGniu4BUJSTxhhAaX33kaJ7ABTl6R8W3QOgKF99segeQLk9d09ETOQd/6u0j/f3jHSvC3hT91oAWyJia0Rs655DeHP3HMHtfccMr+XUJyPG4o4f99c5/geD0xv/17xi/F9ldfzfUETsWUMbz3xw9Ct59dO7U/6feKQ3/i9Nqf3eWEBgY738WMTtufnPVsf8ZpFyGvHe/7ONsS9cfjKv/sX7098d+bn8QzFa3454f+TnvyeVqsvzi9Wllebd7ft4z9YWDh2ZOjp5eOrIVLV9iZBq70IhOY7//ZX9efW/m0z5/+Yh+YdipPX/1qvkv3/7/31raOPY1798Mq9+9I8p/7ufffP8V/66KftMe753X4KHp5eXzx2I2JQdv7J+cg0dhRtcLyO9DKX879ubv/+/q/s7af1/LCI+nLYXIuI/EfHfiPhIRHw0Ij4WEfe+SZtfu2v2cl79H55M+X/8rPU/FCPlf+Ya6//0819raGP/vp98Ma/+Q3tS/sd/+6fjDw6nSf4BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1t/SSvPsdL1eO7eBhaJfIwAAAAAAAJTF/wIAAP//d8Uzog==")
timer_create(0x0, 0x0, 0x0)
timer_settime(0x0, 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c000780080012400500000005"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
write$selinux_attr(0xffffffffffffffff, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28012, 0xffffffffffffffff, 0x0)
ioctl$SG_GET_VERSION_NUM(r0, 0x2284, 0x0)
lseek(0xffffffffffffffff, 0x1, 0x0)
getdents(0xffffffffffffffff, 0x0, 0x48)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000001080)='blkio.bfq.io_queued_recursive\x00', 0x275a, 0x0)

1m39.222086516s ago: executing program 2 (id=2241):
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x800}, 0x4040)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10000094}, 0xc800)

1m39.221907046s ago: executing program 32 (id=2241):
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x800}, 0x4040)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10000094}, 0xc800)

1.503353393s ago: executing program 4 (id=3480):
perf_event_open(&(0x7f0000000040)={0x4, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_bp={0x0, 0x8}, 0x80b0, 0x2, 0x800020, 0x6, 0x0, 0x2, 0x1, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
write$UHID_INPUT(r0, &(0x7f0000001640)={0xfc, {"fce3ad0eed0d07f91b25091887f70706d038e7ff7fc6e5539b0d3c0a8b089b3f383163030890e0879b0af8c6e70a9b334a959b669a240d0a0af3988f7ef319520100ffe8d178708c523c921b1b5b3107200773090acd3b78130daa61d8e8040040005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a91e0dad47f36fd9f73c152a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e1c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df11847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e30400f7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddba02635478d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f79400000000ddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df04b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e785419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd502ac8044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88e4facfd4c735a20307c737afa2d60399473296b831dbd933d93990f00064279b10ea0c5833f41f157ea2302993dbe97fb1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea10c00a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeee964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e42df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed62480ec43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e069160f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df076f0ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f87296ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef869c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1066)

1.152857384s ago: executing program 5 (id=3488):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x24008840}, 0x8000002)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="440000001000ffff27bd7000fadbdf2500000000", @ANYRES32=0x0, @ANYBLOB="000000002b9201002400128009000100626f6e640000000014000280050001000500000008000b"], 0x44}, 0x1, 0x0, 0x0, 0x40000}, 0x4000)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x2f, &(0x7f0000000140)=0x32, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b00)={0x1f, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x19}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0xd, 0xfffffffb, 0x7fffffff}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040084)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=@newqdisc={0x44, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r4, {0x3}, {0x7, 0xfff1}, {0xffff, 0x1}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0x0, 0x5, 0x1}}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x40098}, 0x4000000)
r5 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_udp_int(r5, 0x11, 0x68, &(0x7f0000000080)=0xa40, 0x4)
sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0xfc)
setsockopt$inet_int(r0, 0x0, 0x17, &(0x7f0000000040)=0x5, 0x4)
socket(0x10, 0x3, 0x0) (async)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x24008840}, 0x8000002) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="440000001000ffff27bd7000fadbdf2500000000", @ANYRES32=0x0, @ANYBLOB="000000002b9201002400128009000100626f6e640000000014000280050001000500000008000b"], 0x44}, 0x1, 0x0, 0x0, 0x40000}, 0x4000) (async)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x2f, &(0x7f0000000140)=0x32, 0x4) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b00)={0x1f, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x19}, 0x94) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) (async)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) (async)
socket$unix(0x1, 0x1, 0x0) (async)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'}) (async)
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0xd, 0xfffffffb, 0x7fffffff}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040084) (async)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=@newqdisc={0x44, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r4, {0x3}, {0x7, 0xfff1}, {0xffff, 0x1}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0x0, 0x5, 0x1}}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x40098}, 0x4000000) (async)
socket$inet6(0xa, 0x2, 0x0) (async)
setsockopt$inet6_udp_int(r5, 0x11, 0x68, &(0x7f0000000080)=0xa40, 0x4) (async)
sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0xfc) (async)
setsockopt$inet_int(r0, 0x0, 0x17, &(0x7f0000000040)=0x5, 0x4) (async)

1.131915855s ago: executing program 0 (id=3489):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@func_proto={0x0, 0x0, 0x0, 0x9, 0x3}, @func_proto, @const={0x0, 0x0, 0x0, 0xa, 0x2}]}}, 0x0, 0x3e, 0x0, 0x1}, 0x28)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000080)={0x1a, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x6, '\x00', 0x0, r0, 0x1, 0x5}, 0x50)

1.107707486s ago: executing program 4 (id=3490):
r0 = open(&(0x7f0000000740)='./bus\x00', 0x143c62, 0x0)
ioctl$FICLONERANGE(r0, 0x4020940d, &(0x7f0000000200)={{r0}, 0xc1, 0x9, 0x8})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040))
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="09000000020000006d0500000200000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000013008000"], 0x48)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000009a40)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000040900010073797a30000000002c000000030a01080000000000000000010000000900030073797a32000000000900010073797a300000000050000000060a010400000000000000000100000008000b40000000000900010073797a30000000002800048024000180090001006d6574610000000014000280080001400000001208000240000000", @ANYRES64=r1], 0xc4}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r3 = open$dir(&(0x7f0000000040)='./bus\x00', 0x0, 0x82a72809e8a818b4)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg$inet(r4, &(0x7f0000000e00)=[{{&(0x7f00000002c0)={0x2, 0x4e22, @local}, 0x10, 0x0}}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000100)="9db2094e11", 0x5}], 0x1}}], 0x2, 0x2400c8a0)
pipe2(&(0x7f0000000000)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x80000)
splice(r5, 0x0, r4, 0x0, 0x7fffffffffffffff, 0x0)
move_mount(r3, &(0x7f0000000080)='./bus\x00', r5, &(0x7f00000000c0)='./bus\x00', 0x24)
r7 = fcntl$getown(r5, 0x9)
sched_setscheduler(r7, 0x5, &(0x7f0000000140)=0x7c2)
io_setup(0xa, &(0x7f0000000000))
mount(&(0x7f0000000000), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000300)='trans=rdma,')
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000003c0))
ioctl$TUNSETVNETLE(r6, 0x400454dc, &(0x7f0000000380)=0x1)

1.058549859s ago: executing program 0 (id=3491):
perf_event_open(&(0x7f0000000300)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x561e, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x0, 0x9, 0x8, 0x2020006, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0xf132, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd\x00')
perf_event_open(&(0x7f0000000300)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x561e, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x0, 0x9, 0x8, 0x2020006, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) (async)
mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0) (async)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0xf132, 0xffffffffffffffff, 0x0) (async)
syz_open_procfs(0x0, &(0x7f0000000000)='fd\x00') (async)

1.000422842s ago: executing program 5 (id=3493):
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0xe459d, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_bp={0x0, 0x2}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0xa007ca, &(0x7f00000000c0)={[{@nojournal_checksum}, {@journal_dev={'journal_dev', 0x3d, 0xff}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x40}}, {@max_batch_time}, {@resuid}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0xad55}}]}, 0x0, 0x483, &(0x7f0000001040)="$eJzs28tvVNUfAPDvvX0APx7tD/EBolaJSaOxpQWVhRuNJsZgNNEFLms7kIaBGlqNIJFiDG5MDImujUujf4E7Y2LUlYlb3bgyJETZALqpuXfuLdNpp1A6ZWrn80lue869Z+ac79zXuefMBNCxBrI/ScS2iPg1Ivpq2YUFBmr/rl05O379ytnxJObmXvszyctdvXJ2vCxavm5rkRlMI9IPk6KShaZPnzk+Vq1WThX54ZkTbw1Pnz7zxDsnxo5VjlVOjh46dPDAyNNPjT7ZkjizuK7ueX9q7+4X37j48viRi2/++HXW3m3F9vo4WmUgC/yvuVzd6vxjerTVlbXZ9rp00t3GhrAiXRGR7a6e/Pzvi664sfP64oUP2to4YE1l96ZNzTfPzgEbWBLtbgHQHuWNPnv+LZc71PVYFy4/W3sAyuK+Viy1Ld2RFmV6Gp5vW2kgIo7M/v15tsQajUMAANT7ePyzw70R8d71r17K+h5981vSuCf//3v+d0cxh9IfEf+PiJ0RcVdE7IqIuyPysvdGxH2rbM/i/k96aZVvuays//dMMbe1sP9X9v6iv6vIbc/j70mOTlYr+4vPZDB6NmX5kWXq+Pb5Xz5ptq2+/5ctWf1lX7Box6XuhgG6ibGZsbxT2gKXz0fs6V4q/mR+JiCJiN0RsWdlb72jTEw+9uXeZoVuHv8yWjDPNPdFFt5sFv9sNMRfSurnJycXzU8Ob45qZf9weVQs9tPPF15tVv9AzN1+/C1wuRL/xMLjv7FIf1I/Xzu98jou/PZR02ea2zz+097k9XyeubdY9+7YzMypkYje5HCeX7B+9MZry3xZPjv+B/ctff7vLF6TxX9/RGQH8QMR8WBEPFS0/eGIeCQi9i0T/w/PNd9Wxh9pm/b/+YiJJa9/88d/w/5feaLr+PffNKv/1vb/wTw1WKzJr383sVRzsstFYwNX89kBAADAf0Wafwc+SYfm02k6NFT7Dv+u+F9anZqeefzo1NsnJ2rfle+PnrQc6eorxkOrk9XKSDJbvGNtfHS0GCsux0sPFOPGn3ZtyfND41PViTbHDp1ua5PzP/NHV7tbB6yxLUuuHe294w0B2qBxHj1dmD33SrgYwEbl99rQuZqf/5tjcXcA2Ejc/6FzLXX+n2vImwuAjcn9HzqX8x86VPpdu1sAtJH7P3Sk1fyufw0Tm9dHM9qTWK87JU9ElIl0XbRHYqWJLbdWuN1XJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNb4NwAA///Xm+pu")

1.000254593s ago: executing program 0 (id=3494):
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0xe459d, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_bp={0x0, 0x2}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0xa007ca, &(0x7f00000000c0)={[{@nojournal_checksum}, {@journal_dev={'journal_dev', 0x3d, 0xff}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x40}}, {@max_batch_time}, {@resuid}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0xad55}}]}, 0x0, 0x483, &(0x7f0000001040)="$eJzs28tvVNUfAPDvvX0APx7tD/EBolaJSaOxpQWVhRuNJsZgNNEFLms7kIaBGlqNIJFiDG5MDImujUujf4E7Y2LUlYlb3bgyJETZALqpuXfuLdNpp1A6ZWrn80lue869Z+ac79zXuefMBNCxBrI/ScS2iPg1Ivpq2YUFBmr/rl05O379ytnxJObmXvszyctdvXJ2vCxavm5rkRlMI9IPk6KShaZPnzk+Vq1WThX54ZkTbw1Pnz7zxDsnxo5VjlVOjh46dPDAyNNPjT7ZkjizuK7ueX9q7+4X37j48viRi2/++HXW3m3F9vo4WmUgC/yvuVzd6vxjerTVlbXZ9rp00t3GhrAiXRGR7a6e/Pzvi664sfP64oUP2to4YE1l96ZNzTfPzgEbWBLtbgHQHuWNPnv+LZc71PVYFy4/W3sAyuK+Viy1Ld2RFmV6Gp5vW2kgIo7M/v15tsQajUMAANT7ePyzw70R8d71r17K+h5981vSuCf//3v+d0cxh9IfEf+PiJ0RcVdE7IqIuyPysvdGxH2rbM/i/k96aZVvuays//dMMbe1sP9X9v6iv6vIbc/j70mOTlYr+4vPZDB6NmX5kWXq+Pb5Xz5ptq2+/5ctWf1lX7Box6XuhgG6ibGZsbxT2gKXz0fs6V4q/mR+JiCJiN0RsWdlb72jTEw+9uXeZoVuHv8yWjDPNPdFFt5sFv9sNMRfSurnJycXzU8Ob45qZf9weVQs9tPPF15tVv9AzN1+/C1wuRL/xMLjv7FIf1I/Xzu98jou/PZR02ea2zz+097k9XyeubdY9+7YzMypkYje5HCeX7B+9MZry3xZPjv+B/ctff7vLF6TxX9/RGQH8QMR8WBEPFS0/eGIeCQi9i0T/w/PNd9Wxh9pm/b/+YiJJa9/88d/w/5feaLr+PffNKv/1vb/wTw1WKzJr383sVRzsstFYwNX89kBAADAf0Wafwc+SYfm02k6NFT7Dv+u+F9anZqeefzo1NsnJ2rfle+PnrQc6eorxkOrk9XKSDJbvGNtfHS0GCsux0sPFOPGn3ZtyfND41PViTbHDp1ua5PzP/NHV7tbB6yxLUuuHe294w0B2qBxHj1dmD33SrgYwEbl99rQuZqf/5tjcXcA2Ejc/6FzLXX+n2vImwuAjcn9HzqX8x86VPpdu1sAtJH7P3Sk1fyufw0Tm9dHM9qTWK87JU9ElIl0XbRHYqWJLbdWuN1XJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNb4NwAA///Xm+pu") (fail_nth: 1)

727.326018ms ago: executing program 0 (id=3495):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="5c00400002060108000000000000000000000000050005000a000000050001000700000005000400000000000900020073797a310000000015000300686173683a69702c706f72742c6e6574000000000c0007"], 0x5c}}, 0x20084884)

709.227789ms ago: executing program 0 (id=3496):
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x45, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0xff, 0x30000000000}, 0x0, 0x10000, 0xfffffffe, 0x5, 0x8, 0x5, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x1)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x8)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$binfmt_elf64(r0, &(0x7f0000002600)=ANY=[], 0x1820)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=[0x7, 0x5], &(0x7f0000000240), 0x0, 0x12}}, 0x40)

586.231626ms ago: executing program 0 (id=3501):
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x2, @perf_config_ext={0x100000001, 0xdd1}, 0x0, 0x0, 0x10000, 0x2, 0x2, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r3, 0x84, 0x6b, &(0x7f0000000140)=[@in6={0xa, 0x4e21, 0xffffffff, @remote, 0x8}], 0x1c)
getsockopt$sock_buf(r3, 0x1, 0x1c, 0x0, &(0x7f0000000240))
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000640)=ANY=[@ANYBLOB="60000000020603000000000000830000000000000900020073797a31000000000500010007000000050005000a00000014000780080013400000000008001240ffffffff12000300686173683a6e65742c706f7274000000050004"], 0x60}, 0x1, 0x0, 0x0, 0x400c005}, 0x0)
bind$unix(r0, &(0x7f0000000040)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r1, 0x0)
connect$unix(r0, &(0x7f0000932000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
connect$unix(r0, &(0x7f00000005c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r4 = dup3(r0, r1, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r5 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$P9_RMKNOD(r4, &(0x7f0000000200)={0x14, 0x13, 0x1, {0x8, 0x2, 0x4}}, 0x14)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x4)
socket$nl_route(0x10, 0x3, 0x0)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r7, 0x400448e2, 0x0)
r8 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000a80)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, 0x0)
setsockopt$bt_hci_HCI_FILTER(r6, 0x0, 0x2, &(0x7f0000000180)={0xb93, [0xa], 0x2}, 0x10)
ioctl$sock_inet_SIOCGIFADDR(r8, 0x8915, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000000))
fcntl$F_SET_FILE_RW_HINT(r5, 0x40e, &(0x7f00000001c0))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x6, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000100000000000000000000018000000040000000000000007000000851000005401fbffdfff950000000000"], &(0x7f0000000080)='syzkaller\x00', 0x3, 0x72, &(0x7f0000000000)=""/114}, 0x94)

584.306377ms ago: executing program 5 (id=3502):
syz_io_uring_setup(0x6454, &(0x7f0000000040)={0x0, 0x8900, 0x0, 0x3, 0x27e}, &(0x7f00000000c0), &(0x7f0000000100)=<r0=>0x0)
r1 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r0, &(0x7f0000000140)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x22, 0x4000, @fd_index=0x6, 0x57af, 0x0, 0x0, 0x19, 0x0, {0x3, r1}})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000100)=0x100000001, 0x4)
connect$inet6(r3, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f00000003c0), 0x3)
getsockopt$bt_hci(r3, 0x11a, 0x1, 0x0, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010100000000000000000a0000000900010073797a300000000048000000030a010200000000000000000a0000000900010073797a3000000000090003007379"], 0x190}}, 0x0)

462.480784ms ago: executing program 1 (id=3505):
syz_emit_ethernet(0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000800)='./file2\x00', 0x125042, 0x144)
mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x2, 0x11, r0, 0x0)
read(r0, &(0x7f0000001400)=""/4096, 0x1000)
socket$rxrpc(0x21, 0x2, 0xa)
r1 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0)
write$selinux_attr(r1, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d)
socket$vsock_stream(0x28, 0x1, 0x0)
socket$unix(0x1, 0x2, 0x0)
r2 = socket$unix(0x1, 0x2, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r3 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1600000004"], 0x50)
io_uring_enter(r3, 0x2219, 0x7721, 0x16, 0x0, 0x0)
ioctl$int_in(r2, 0x5421, &(0x7f0000000000)=0x5)
connect$unix(r2, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)

458.634994ms ago: executing program 5 (id=3506):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x45, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0xff, 0x30000000000}, 0x0, 0x10000, 0xfffffffe, 0x5, 0x8, 0x5, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
listxattr(&(0x7f0000000040)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x1)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x8)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mprotect(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0xa)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
process_vm_readv(0x0, 0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000001600)=""/4096, 0x1000}], 0x1, 0x0)
write$binfmt_elf64(r0, &(0x7f0000002600)=ANY=[], 0x1820)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=[0x7, 0x5], &(0x7f0000000240), 0x0, 0x12}}, 0x40)

420.281566ms ago: executing program 3 (id=3507):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_ERR_FILTER(r0, 0x65, 0x7, &(0x7f00000001c0)=0x8, 0x4)
setsockopt$CAN_RAW_FD_FRAMES(r0, 0x65, 0x5, &(0x7f0000000200), 0x4)

387.998778ms ago: executing program 5 (id=3508):
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="0100000004000000080000000b00000000000000"], 0x50)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42202)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick=0xffffff3f, {}, {}, @raw32}], 0xffc8)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f00000001c0)={0x292, @tick=0x65757100, 0x2, {0x1, 0xfc}, 0x0, 0x1})

387.551608ms ago: executing program 1 (id=3509):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @any, 0x0, 0x1}, 0xe) (async)
getsockopt$bt_BT_RCVMTU(r0, 0x112, 0xd, 0x0, &(0x7f0000000100))
mount(&(0x7f00000000c0)=@md0, &(0x7f0000000100)='./cgroup\x00', &(0x7f0000000140)='sysfs\x00', 0x0, 0x0)

343.236001ms ago: executing program 3 (id=3510):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x12, 0x7, 0x8, 0x22}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000080), 0x0}, 0x20)

342.802331ms ago: executing program 3 (id=3511):
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x45, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0xff, 0x30000000000}, 0x0, 0x10000, 0xfffffffe, 0x5, 0x8, 0x5, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x1)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x8)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$binfmt_elf64(r0, &(0x7f0000002600)=ANY=[], 0x1820)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=[0x7, 0x5], &(0x7f0000000240), 0x0, 0x12}}, 0x40)

333.111201ms ago: executing program 1 (id=3512):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, 0x0, 0x800)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x60, 0x9, 0x6, 0x3, 0x0, 0x0, {0x5}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x38, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e21}, @IPSET_ATTR_PROTO={0x5, 0x7, 0x6}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @private=0xa010101}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @empty=0x20000000}}, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x10004893}, 0x80)

307.474973ms ago: executing program 5 (id=3513):
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x0, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
io_setup(0x800, &(0x7f0000000440)=<r2=>0x0)
r3 = eventfd(0x0)
io_submit(r2, 0x1, &(0x7f0000000940)=[&(0x7f0000000240)={0x0, 0x0, 0x8, 0x0, 0x0, r3, 0x0, 0x4f}])
syz_io_uring_setup(0xe37, &(0x7f0000004080)={0x0, 0xb6bf, 0x40, 0x2, 0x3b}, &(0x7f0000004100), 0x0)
syz_read_part_table(0x4080, &(0x7f0000000000)="$eJzszz9KA0EcBeC3JpEoUbAWxEWwFO2scotcQDyCjY0G03kMwSZ4AG/gkUwjI2GX1cRWQeX7in37e/tnZsKvcP/a3lwuL5td/3K9+t5Om88XT3tJDuu8lVIyTNJf++WiJKdnGWwPNzJKcvV11cn8e08BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8JdP1orc6Pra5n9nNOOelcXvXS9U+qU+S3Y8PFiXZ6qZ+E5P5D2wdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPjvSillmdWnbpCk35RVMu36UR6OMhsfVBkm9fE7+3NoAwAIAwEwwTAh87A3CvEJoQPU3ama/uf/lP3Omf/qpGWNphUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXHbgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwAwckAAAAAIL+v25HoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBGAQAA//88nie/")

294.263993ms ago: executing program 1 (id=3514):
syz_open_dev$tty20(0xc, 0x4, 0x1) (async)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014fa0000b7030000000000008500000083000000bf09"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x34, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb010789005e107538e486dd6317ce22000000fffe80000000000000101000007f0600080000000000000071273fa7b49301641184a907"], 0xfdef) (async)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb010789005e107538e486dd6317ce22000000fffe80000000000000101000007f0600080000000000000071273fa7b49301641184a907"], 0xfdef)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000280)={&(0x7f0000000040)="58db1d", 0x0, 0x0, 0x0, 0x40}, 0x38)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x49}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x739, &(0x7f0000000000)="ff", 0x0, 0x149c, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe, 0x3000000}, 0x48)
r2 = syz_open_procfs(0x0, &(0x7f0000000240)='mountinfo\x00')
r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB="2c7767646e6f3d112aa91d3d0d7a26fa84e46ec8d3ae95897cd107a37698d996288e902726174f6afa7d8dc17554f93cdf5993fab45e3e7f5637456abb802e6f1029c657f13b6551f8bc87499e3e33d3af1381848996e4efc67dbc8bad5c29f4356d0489e25b86099615209d3efc816c641850797378df199559c27d71142bbb0c56ac47e656864abbb2500aafeea3327f72f778f2eb6826dd15983eceb85e60aff13ea68a79da3f977e8b2607e5c6e3eee55f11f95450f392fb56957b5ce7c61b09297ac924e4f5199a7b96b255b1819fa1bf7e87ca3f929da455f54aff353be21d70b724f1726499fa0eba5f5e64140f7420b281c90126bdb8980423a2727c3dfd76967005", @ANYRESHEX=r2, @ANYBLOB=',\x00'])
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000040)={0x4, 0x5, 0xfffffffd, 0xc6cf, 0xfd, "00060801f60900000000000600", 0x240001, 0x1fd}) (async)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000040)={0x4, 0x5, 0xfffffffd, 0xc6cf, 0xfd, "00060801f60900000000000600", 0x240001, 0x1fd})
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x80, &(0x7f00000003c0)=ANY=[@ANYBLOB='nr_inodes']) (async)
mount$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x80, &(0x7f00000003c0)=ANY=[@ANYBLOB='nr_inodes'])

294.017663ms ago: executing program 3 (id=3515):
r0 = syz_open_procfs(0x0, 0x0)
pread64(r0, 0x0, 0x0, 0x4eb)
syz_open_dev$tty1(0xc, 0x4, 0x4)
open(&(0x7f00000000c0)='./file0\x00', 0x108843, 0xca)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000280)='net/ip_mr_cache\x00')
preadv(r1, 0x0, 0x0, 0x10000009, 0xffffffff)

247.185636ms ago: executing program 4 (id=3516):
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x2, 0xf4261, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x147b7e, 0x0, @perf_config_ext={0x1, 0xf60e}, 0x9092, 0x0, 0x43a1bd76, 0x2, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x200b}, 0x0, 0x4000000000, 0xffffffffffffffff, 0x8)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x5, 0x5, &(0x7f0000001d80)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000c3707bf4000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x2, @perf_bp={0x0, 0x8}, 0x4, 0x0, 0x10000, 0x0, 0x2, 0x6, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0x1)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c45, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x80)
dup3(r3, r2, 0x0) (fail_nth: 6)

234.485367ms ago: executing program 3 (id=3517):
syz_emit_ethernet(0x3e, &(0x7f00000000c0)={@link_local, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "02adf7", 0x8, 0x3a, 0x0, @empty, @local, {[], @echo_request={0x80, 0x0, 0x0, 0xf800, 0x7}}}}}}, 0x0)
r0 = perf_event_open(0x0, 0x0, 0x4000000000, 0xffffffffffffffff, 0x8)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000002c0)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)

168.91714ms ago: executing program 1 (id=3518):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x45, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0xff, 0x30000000000}, 0x0, 0x10000, 0xfffffffe, 0x5, 0x8, 0x5, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
listxattr(&(0x7f0000000040)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x1)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x8)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
mprotect(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0xa)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
process_vm_readv(0x0, 0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000001600)=""/4096, 0x1000}], 0x1, 0x0)
write$binfmt_elf64(r0, &(0x7f0000002600)=ANY=[], 0x1820)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=[0x7, 0x5], &(0x7f0000000240), 0x0, 0x12}}, 0x40)

107.206124ms ago: executing program 4 (id=3519):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000000c0), r0)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000100)={'wpan0\x00'})
sendmsg$IEEE802154_LLSEC_DEL_SECLEVEL(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={0x0, 0x34}, 0x1, 0x0, 0x0, 0x40111}, 0x20000004)

106.609544ms ago: executing program 3 (id=3520):
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x29, 0x1, 0x6, 0x0, 0x0, 0x2, 0xf4b79, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x147b7e, 0x0, @perf_config_ext={0x1, 0xf60e}, 0x9092, 0x0, 0x43a1bd76, 0x2, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x200b}, 0x0, 0x4000000000, 0xffffffffffffffff, 0xaefbd1eacb493b2b)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x5, 0x5, &(0x7f0000001d80)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000c3707bf4000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r2 = creat(&(0x7f0000000200)='./file1\x00', 0x12e)
close(r2)
r3 = socket$unix(0x1, 0x5, 0x0)
bind$unix(r3, &(0x7f0000003000)=@file={0x1}, 0xc)
r4 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
pread64(r4, &(0x7f0000001480)=""/4122, 0x101a, 0x9a)
listen(r3, 0x0)
syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f00000001c0)={0x3, [0x0, 0x0, 0x0]}, &(0x7f0000000240)=0x10)
perf_event_open(&(0x7f0000000000)={0x5, 0x80, 0x3, 0x40, 0xb, 0x5, 0x0, 0x7, 0x0, 0x8, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x3, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff33, 0x1, @perf_config_ext={0x9, 0xfffffffffffff1af}, 0x2018, 0x3, 0xa247, 0x0, 0x3, 0x4, 0xfff, 0x0, 0x1, 0x0, 0x7fff}, 0xffffffffffffffff, 0x8, 0xffffffffffffffff, 0x19)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x1c0)
socket(0xa, 0x3, 0xff)
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @broadcast, @void, {@ipv6={0x86dd, @generic={0xc, 0x6, "370c89", 0x8, 0x2b, 0x1, @private2={0xfc, 0x2, '\x00', 0x1}, @local, {[@hopopts={0xff}]}}}}}, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ff1000/0x3000)=nil, &(0x7f0000ff3000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffc000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0xc89f, 0xc000, 0x2, 0x20002f7})
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x9400, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, @perf_config_ext={0x9, 0x7}, 0x100, 0xa88, 0x8406, 0x5, 0x0, 0x3c, 0x0, 0x0, 0x0, 0x0, 0x46}, 0x0, 0xffbfffffffffffff, 0xffffffffffffffff, 0x1)
r5 = syz_open_procfs(0x0, &(0x7f00000008c0)='wchan\x00')
pread64(r5, &(0x7f0000000680)=""/252, 0xfc, 0x7ffffffffffffffe)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {}, {0x0, 0xffff}}}, 0x24}}, 0x0)
r6 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r6, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000300)=0x8)
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffffb)

99.208235ms ago: executing program 4 (id=3521):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f00000003c0)=0x2, 0x4)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000000)=@req={0x9, 0x4f, 0x0, 0x3ff}, 0x10)

52.779337ms ago: executing program 1 (id=3522):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x10000800)
readv(0xffffffffffffffff, &(0x7f00000001c0)=[{&(0x7f0000000200)=""/4082, 0xff2}, {&(0x7f0000001ac0)=""/14, 0xe}, {0x0, 0x18}], 0x3)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, 0x0, 0x0)
sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000030601020000ffffffff00000a00000105000180"], 0x1c}, 0x1, 0x0, 0x0, 0x4004810}, 0x840)

0s ago: executing program 4 (id=3523):
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x14, 0x4, 0x4, 0xffffffff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x200000}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="010000000500000006000000ffff000005000000", @ANYRES32, @ANYBLOB='\x00'/15, @ANYRES32=0x0, @ANYRES32], 0x50)
socket$packet(0x11, 0x2, 0x300)
unshare(0x6a040000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r0 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r0, &(0x7f0000000040)={0x2, 0x4e22, @loopback}, 0x10)
sendmsg$rds(r0, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000780)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0, 0x2c}, &(0x7f00000006c0)=[{&(0x7f0000000100)=""/44, 0x410200}], 0x1}}], 0x48}, 0x0)

kernel console output (not intermixed with test programs):

13164] team0: Port device team_slave_1 added
[  343.496728][T13164] batman_adv: batadv0: Adding interface: batadv_slave_0
[  343.503938][T13164] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  343.529888][T13164] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  343.568723][   T29] kauditd_printk_skb: 69 callbacks suppressed
[  343.568742][   T29] audit: type=1400 audit(1769513368.751:2371): avc:  denied  { read write } for  pid=13277 comm="syz.3.3006" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  343.599818][   T29] audit: type=1400 audit(1769513368.751:2372): avc:  denied  { open } for  pid=13277 comm="syz.3.3006" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  343.629639][T13164] batman_adv: batadv0: Adding interface: batadv_slave_1
[  343.636695][T13164] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  343.662943][T13164] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  343.703416][T13164] hsr_slave_0: entered promiscuous mode
[  343.733290][T13164] hsr_slave_1: entered promiscuous mode
[  343.744433][T13164] debugfs: 'hsr0' already exists in 'hsr'
[  343.750244][T13164] Cannot create hsr debugfs directory
[  343.809122][T13301] tipc: Started in network mode
[  343.814098][T13301] tipc: Node identity ee79b3a2cc29, cluster identity 4711
[  343.821442][T13301] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  343.842048][T13301] syzkaller0: entered promiscuous mode
[  343.847687][T13301] syzkaller0: entered allmulticast mode
[  343.865627][T13301] tipc: Resetting bearer <eth:syzkaller0>
[  344.190688][T13164] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  344.200566][T13164] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  344.278674][T13309] loop3: detected capacity change from 0 to 32768
[  344.281721][T13164] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  344.292283][T13164] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  344.295650][ T3304]  loop3: p1 p2 p3 < p5 p6 >
[  344.297124][ T3304] loop3: p2 size 16775168 extends beyond EOD, truncated
[  344.299618][ T3304] loop3: p5 start 4294970168 is beyond EOD, truncated
[  344.320565][T13309]  loop3: p1 p2 p3 < p5 p6 >
[  344.321603][T13309] loop3: p2 size 16775168 extends beyond EOD, truncated
[  344.322619][T13309] loop3: p5 start 4294970168 is beyond EOD, truncated
[  344.452898][T13164] 8021q: adding VLAN 0 to HW filter on device bond0
[  344.460744][T13348] netlink: 256 bytes leftover after parsing attributes in process `syz.3.3017'.
[  344.460764][T13348] netlink: 72 bytes leftover after parsing attributes in process `syz.3.3017'.
[  344.468932][T13164] 8021q: adding VLAN 0 to HW filter on device team0
[  344.531788][ T4669] bridge0: port 1(bridge_slave_0) entered blocking state
[  344.531829][ T4669] bridge0: port 1(bridge_slave_0) entered forwarding state
[  344.540482][ T4216] bridge0: port 2(bridge_slave_1) entered blocking state
[  344.540537][ T4216] bridge0: port 2(bridge_slave_1) entered forwarding state
[  344.558150][T13164] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  344.558175][T13164] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  344.596978][T13300] tipc: Resetting bearer <eth:syzkaller0>
[  344.598494][T13300] tipc: Disabling bearer <eth:syzkaller0>
[  344.658743][T13164] 8021q: adding VLAN 0 to HW filter on device batadv0
[  344.712927][T11345] udevd[11345]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[  344.714606][T11109] udevd[11109]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[  344.715522][ T3306] udevd[3306]: inotify_add_watch(7, /dev/loop3p6, 10) failed: No such file or directory
[  344.718310][ T3304] udevd[3304]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  344.982838][T13395] loop1: detected capacity change from 0 to 1024
[  344.985441][T13397] xt_CT: You must specify a L4 protocol and not use inversions on it
[  344.998618][T13395] EXT4-fs: Ignoring removed orlov option
[  345.001142][   T29] audit: type=1400 audit(1769513370.253:2373): avc:  denied  { ioctl } for  pid=13394 comm="syz.3.3025" path="socket:[37389]" dev="sockfs" ino=37389 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  345.031472][T13397] can-isotp: isotp_sendmsg: can_send_ret -ENETDOWN
[  345.051350][T13397] loop3: detected capacity change from 0 to 1024
[  345.065452][T13164] veth0_vlan: entered promiscuous mode
[  345.077882][T13404] tipc: Enabled bearer <udp:syz2>, priority 10
[  345.085887][T13164] veth1_vlan: entered promiscuous mode
[  345.153222][   T29] audit: type=1400 audit(1769513370.295:2374): avc:  denied  { write } for  pid=13394 comm="syz.3.3025" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  345.172845][   T29] audit: type=1400 audit(1769513370.389:2375): avc:  denied  { setattr } for  pid=13394 comm="syz.3.3025" name="file1" dev="loop3" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  345.209659][T13164] veth0_macvtap: entered promiscuous mode
[  345.217794][T13164] veth1_macvtap: entered promiscuous mode
[  345.230149][T13164] batman_adv: batadv0: Interface activated: batadv_slave_0
[  345.239255][T13164] batman_adv: batadv0: Interface activated: batadv_slave_1
[  345.266952][ T4211] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  345.293783][ T4211] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  345.328867][ T4211] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  345.374466][   T52] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  345.565881][T13439] FAULT_INJECTION: forcing a failure.
[  345.565881][T13439] name failslab, interval 1, probability 0, space 0, times 0
[  345.578623][T13439] CPU: 0 UID: 0 PID: 13439 Comm: syz.3.3031 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  345.578671][T13439] Tainted: [W]=WARN
[  345.578722][T13439] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  345.578773][T13439] Call Trace:
[  345.578782][T13439]  <TASK>
[  345.578791][T13439]  __dump_stack+0x1d/0x30
[  345.578824][T13439]  dump_stack_lvl+0x95/0xd0
[  345.578852][T13439]  dump_stack+0x15/0x1b
[  345.578930][T13439]  should_fail_ex+0x263/0x280
[  345.578961][T13439]  should_failslab+0x8c/0xb0
[  345.579052][T13439]  __kvmalloc_node_noprof+0x148/0x680
[  345.579086][T13439]  ? file_tty_write+0x1a3/0x690
[  345.579168][T13439]  ? mutex_trylock+0x81/0xc0
[  345.579220][T13439]  file_tty_write+0x1a3/0x690
[  345.579249][T13439]  ? __pfx_tty_write+0x10/0x10
[  345.579271][T13439]  tty_write+0x25/0x30
[  345.579357][T13439]  vfs_write+0x5a6/0x9f0
[  345.579381][T13439]  ksys_write+0xdc/0x1a0
[  345.579407][T13439]  __x64_sys_write+0x40/0x50
[  345.579429][T13439]  x64_sys_call+0x2847/0x3000
[  345.579459][T13439]  do_syscall_64+0xc0/0x2a0
[  345.579498][T13439]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  345.579522][T13439] RIP: 0033:0x7fe05efcaeb9
[  345.579537][T13439] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  345.579588][T13439] RSP: 002b:00007fe05da27028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  345.579622][T13439] RAX: ffffffffffffffda RBX: 00007fe05f245fa0 RCX: 00007fe05efcaeb9
[  345.579637][T13439] RDX: 0000000000000375 RSI: 0000200000001040 RDI: 0000000000000003
[  345.579650][T13439] RBP: 00007fe05da27090 R08: 0000000000000000 R09: 0000000000000000
[  345.579686][T13439] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  345.579703][T13439] R13: 00007fe05f246038 R14: 00007fe05f245fa0 R15: 00007ffdf4d066d8
[  345.579729][T13439]  </TASK>
[  345.902969][T13456] loop4: detected capacity change from 0 to 1024
[  345.910627][T13459] netlink: 256 bytes leftover after parsing attributes in process `syz.3.3036'.
[  345.919814][T13459] netlink: 72 bytes leftover after parsing attributes in process `syz.3.3036'.
[  345.944798][T13456] EXT4-fs: Ignoring removed orlov option
[  346.053215][ T3372] tipc: Node number set to 3758096385
[  346.102895][T13467] netlink: 72 bytes leftover after parsing attributes in process `syz.0.3034'.
[  346.152710][   T52] bond1 (unregistering): (slave ip6gretap1): Releasing backup interface
[  346.195866][T13477] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[  346.202464][T13477] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  346.210142][T13477] vhci_hcd vhci_hcd.0: Device attached
[  346.224449][T13485] FAULT_INJECTION: forcing a failure.
[  346.224449][T13485] name failslab, interval 1, probability 0, space 0, times 0
[  346.224639][T13478] netlink: 'syz.0.3034': attribute type 13 has an invalid length.
[  346.237128][T13485] CPU: 1 UID: 0 PID: 13485 Comm: syz.3.3039 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  346.237173][T13485] Tainted: [W]=WARN
[  346.237227][T13485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  346.237286][T13485] Call Trace:
[  346.237321][T13485]  <TASK>
[  346.237332][T13485]  __dump_stack+0x1d/0x30
[  346.237426][T13485]  dump_stack_lvl+0x95/0xd0
[  346.237479][T13485]  dump_stack+0x15/0x1b
[  346.237603][T13485]  should_fail_ex+0x263/0x280
[  346.237708][T13485]  should_failslab+0x8c/0xb0
[  346.237792][T13485]  kmem_cache_alloc_node_noprof+0x6a/0x4a0
[  346.237935][T13485]  ? __alloc_skb+0x2f0/0x4b0
[  346.238037][T13485]  __alloc_skb+0x2f0/0x4b0
[  346.238130][T13485]  ? __alloc_skb+0x219/0x4b0
[  346.238232][T13485]  netlink_alloc_large_skb+0xbf/0xf0
[  346.238349][T13485]  netlink_sendmsg+0x40c/0x6f0
[  346.238434][T13485]  ? __pfx_netlink_sendmsg+0x10/0x10
[  346.238517][T13485]  ____sys_sendmsg+0x5af/0x600
[  346.238592][T13485]  ___sys_sendmsg+0x195/0x1e0
[  346.238708][T13485]  __x64_sys_sendmsg+0xd4/0x160
[  346.238820][T13485]  x64_sys_call+0x17ba/0x3000
[  346.238904][T13485]  do_syscall_64+0xc0/0x2a0
[  346.239069][T13485]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  346.239191][T13485] RIP: 0033:0x7fe05efcaeb9
[  346.239244][T13485] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  346.239309][T13485] RSP: 002b:00007fe05da06028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  346.239380][T13485] RAX: ffffffffffffffda RBX: 00007fe05f246090 RCX: 00007fe05efcaeb9
[  346.239453][T13485] RDX: 0000000020004000 RSI: 0000200000000040 RDI: 0000000000000006
[  346.239492][T13485] RBP: 00007fe05da06090 R08: 0000000000000000 R09: 0000000000000000
[  346.239535][T13485] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  346.239577][T13485] R13: 00007fe05f246128 R14: 00007fe05f246090 R15: 00007ffdf4d066d8
[  346.239681][T13485]  </TASK>
[  346.271132][T13480] vhci_hcd: connection closed
[  346.408492][    T9] vhci_hcd vhci_hcd.3: vhci_device speed not set
[  346.485435][ T4669] vhci_hcd vhci_hcd.3: stop threads
[  346.490746][ T4669] vhci_hcd vhci_hcd.3: release socket
[  346.496309][ T4669] vhci_hcd vhci_hcd.3: disconnect device
[  346.551570][    T9] usb 7-1: new low-speed USB device number 8 using vhci_hcd
[  346.567837][    T9] usb 7-1: enqueue for inactive port 0
[  346.569443][T13503] loop5: detected capacity change from 0 to 1024
[  346.573509][    T9] usb 7-1: enqueue for inactive port 0
[  346.583499][T13503] EXT4-fs: Ignoring removed orlov option
[  346.595625][    T9] usb 7-1: enqueue for inactive port 0
[  346.665924][    T9] vhci_hcd vhci_hcd.3: vhci_device speed not set
[  346.735483][   T52] bond0 (unregistering): Released all slaves
[  346.743752][   T52] bond1 (unregistering): Released all slaves
[  346.752194][   T52] bond2 (unregistering): Released all slaves
[  346.760111][   T52] bond3 (unregistering): Released all slaves
[  346.768318][   T52] bond4 (unregistering): Released all slaves
[  346.777007][   T52] bond5 (unregistering): Released all slaves
[  346.800824][T13509] syzkaller0: entered promiscuous mode
[  346.806400][T13509] syzkaller0: entered allmulticast mode
[  346.848087][   T52] tipc: Disabling bearer <udp:syz2>
[  346.853373][   T52] tipc: Left network mode
[  346.900868][   T52] hsr_slave_0: left promiscuous mode
[  346.910751][T13516] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3046'.
[  346.916845][   T52] hsr_slave_1: left promiscuous mode
[  346.938188][   T52] pimreg (unregistering): left allmulticast mode
[  347.053449][T13516] 8021q: adding VLAN 0 to HW filter on device bond0
[  347.061856][T13516] 8021q: adding VLAN 0 to HW filter on device team0
[  347.071498][T13516] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  347.090115][T13524] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  347.097695][T13515] syzkaller0: entered promiscuous mode
[  347.103201][T13515] syzkaller0: entered allmulticast mode
[  347.107946][T13520] netlink: 72 bytes leftover after parsing attributes in process `syz.4.3047'.
[  347.122546][T13520] netlink: 'syz.4.3047': attribute type 13 has an invalid length.
[  347.130714][T13515] tipc: Resetting bearer <eth:syzkaller0>
[  347.162226][T13527] loop5: detected capacity change from 0 to 512
[  347.172445][T13527] EXT4-fs: Ignoring removed mblk_io_submit option
[  347.180680][T13527] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  347.193033][T13527] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c842e028, mo2=0002]
[  347.201506][T13527] EXT4-fs (loop5): orphan cleanup on readonly fs
[  347.208387][T13527] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.3049: bg 0: block 361: padding at end of block bitmap is not set
[  347.209838][T13520] bridge0: port 2(bridge_slave_1) entered disabled state
[  347.224856][T13527] EXT4-fs (loop5): Remounting filesystem read-only
[  347.230138][T13520] bridge0: port 1(bridge_slave_0) entered disabled state
[  347.237527][T13527] EXT4-fs (loop5): 1 truncate cleaned up
[  347.255205][T13527] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3049'.
[  347.291230][T13520] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  347.301599][T13520] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  347.358928][T13531] EXT4-fs warning (device loop5): dx_probe:861: inode #2: comm syz.5.3049: dx entry: limit 0 != root limit 125
[  347.370916][T13531] EXT4-fs warning (device loop5): dx_probe:934: inode #2: comm syz.5.3049: Corrupt directory, running e2fsck is recommended
[  347.394856][   T31] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  347.426697][   T31] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  347.453575][T13434] chnl_net:caif_netlink_parms(): no params data found
[  347.481182][T13527] netlink: 'syz.5.3049': attribute type 2 has an invalid length.
[  347.489479][   T31] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  347.509841][   T29] audit: type=1400 audit(1769513372.888:2376): avc:  denied  { map } for  pid=13543 comm="syz.4.3050" path="socket:[38241]" dev="sockfs" ino=38241 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  347.536788][   T31] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  347.555579][   T29] audit: type=1400 audit(1769513372.888:2377): avc:  denied  { read } for  pid=13543 comm="syz.4.3050" path="socket:[38241]" dev="sockfs" ino=38241 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  347.579090][   T29] audit: type=1400 audit(1769513372.899:2378): avc:  denied  { create } for  pid=13543 comm="syz.4.3050" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  347.599501][   T29] audit: type=1400 audit(1769513372.909:2379): avc:  denied  { map } for  pid=13543 comm="syz.4.3050" path="socket:[38242]" dev="sockfs" ino=38242 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  347.623476][   T29] audit: type=1400 audit(1769513372.909:2380): avc:  denied  { read } for  pid=13543 comm="syz.4.3050" path="socket:[38242]" dev="sockfs" ino=38242 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  347.689369][T13514] tipc: Resetting bearer <eth:syzkaller0>
[  347.696020][T13514] tipc: Disabling bearer <eth:syzkaller0>
[  347.705973][T13434] bridge0: port 1(bridge_slave_0) entered blocking state
[  347.713078][T13434] bridge0: port 1(bridge_slave_0) entered disabled state
[  347.720310][T13434] bridge_slave_0: entered allmulticast mode
[  347.727649][T13434] bridge_slave_0: entered promiscuous mode
[  347.750275][T13434] bridge0: port 2(bridge_slave_1) entered blocking state
[  347.757694][T13434] bridge0: port 2(bridge_slave_1) entered disabled state
[  347.765525][T13434] bridge_slave_1: entered allmulticast mode
[  347.780418][T13434] bridge_slave_1: entered promiscuous mode
[  347.808402][T13559] loop4: detected capacity change from 0 to 1024
[  347.850711][T13563] loop0: detected capacity change from 0 to 1024
[  347.865136][T13563] loop0: detected capacity change from 0 to 512
[  347.872243][T13563] EXT4-fs: Ignoring removed i_version option
[  347.878361][T13563] EXT4-fs: Ignoring removed bh option
[  347.878694][T13559] EXT4-fs: Ignoring removed orlov option
[  347.903675][T13434] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  347.944010][T13563] ext4 filesystem being mounted at /11/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  347.976451][T13434] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  348.100261][T13557] loop5: detected capacity change from 0 to 32768
[  348.121324][T13434] team0: Port device team_slave_0 added
[  348.130303][T13578] RDS: rds_bind could not find a transport for fc01::, load rds_tcp or rds_rdma?
[  348.140411][T13434] team0: Port device team_slave_1 added
[  348.149045][T11345]  loop5: p1 p2 p3 < p5 p6 >
[  348.155093][T11345] loop5: p2 size 16775168 extends beyond EOD, truncated
[  348.179845][T11345] loop5: p5 start 4294970168 is beyond EOD, truncated
[  348.188516][T13434] batman_adv: batadv0: Adding interface: batadv_slave_0
[  348.195663][T13434] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  348.206795][T13588] loop4: detected capacity change from 0 to 512
[  348.221709][T13434] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  348.239471][T13434] batman_adv: batadv0: Adding interface: batadv_slave_1
[  348.242107][T13557]  loop5: p1 p2 p3 < p5 p6 >
[  348.246541][T13434] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  348.277206][T13434] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  348.288997][T13588] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #15: comm syz.4.3058: corrupted inode contents
[  348.289259][T13557] loop5: p2 size 16775168 extends beyond EOD, truncated
[  348.306815][T13588] EXT4-fs error (device loop4): ext4_dirty_inode:6502: inode #15: comm syz.4.3058: mark_inode_dirty error
[  348.323922][T13557] loop5: p5 start 4294970168 is beyond EOD, truncated
[  348.338025][T13588] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #15: comm syz.4.3058: corrupted inode contents
[  348.371289][T13588] EXT4-fs error (device loop4): ext4_xattr_delete_inode:3001: inode #15: comm syz.4.3058: mark_inode_dirty error
[  348.399454][T13588] EXT4-fs error (device loop4): ext4_xattr_delete_inode:3004: inode #15: comm syz.4.3058: mark inode dirty (error -117)
[  348.425363][T13434] hsr_slave_0: entered promiscuous mode
[  348.447868][T13588] EXT4-fs warning (device loop4): ext4_evict_inode:273: xattr delete (err -117)
[  348.457159][T13597] 9p: Bad value for 'source'
[  348.469912][T13588] EXT4-fs (loop4): 1 orphan inode deleted
[  348.486704][T13434] hsr_slave_1: entered promiscuous mode
[  348.540032][T13608] loop3: detected capacity change from 0 to 128
[  348.563183][T13608] FAT-fs (loop3): bogus number of FAT sectors
[  348.569447][T13608] FAT-fs (loop3): Can't find a valid FAT filesystem
[  348.663885][T11345] udevd[11345]: inotify_add_watch(7, /dev/loop5p2, 10) failed: No such file or directory
[  348.673946][T11109] udevd[11109]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory
[  348.677297][ T3306] udevd[3306]: inotify_add_watch(7, /dev/loop5p6, 10) failed: No such file or directory
[  348.695531][ T3304] udevd[3304]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory
[  348.729256][T11345] udevd[11345]: inotify_add_watch(7, /dev/loop5p2, 10) failed: No such file or directory
[  348.739897][T11109] udevd[11109]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory
[  348.785511][T13621] loop4: detected capacity change from 0 to 1024
[  348.813274][T13621] EXT4-fs: Ignoring removed orlov option
[  348.966956][T13434] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  348.979670][T13434] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  348.985308][T13434] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  349.026511][T13434] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  349.098804][T13434] 8021q: adding VLAN 0 to HW filter on device bond0
[  349.107961][T13434] 8021q: adding VLAN 0 to HW filter on device team0
[  349.117195][ T4669] bridge0: port 1(bridge_slave_0) entered blocking state
[  349.117232][ T4669] bridge0: port 1(bridge_slave_0) entered forwarding state
[  349.123506][ T8856] bridge0: port 2(bridge_slave_1) entered blocking state
[  349.123552][ T8856] bridge0: port 2(bridge_slave_1) entered forwarding state
[  349.351357][T13662] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  349.365297][T13662] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  349.377422][T13434] 8021q: adding VLAN 0 to HW filter on device batadv0
[  349.575830][T13434] veth0_vlan: entered promiscuous mode
[  349.588351][T13673] EXT4-fs: Ignoring removed nomblk_io_submit option
[  349.595135][T13673] EXT4-fs: Ignoring removed bh option
[  349.621394][T13434] veth1_vlan: entered promiscuous mode
[  349.636694][T13673] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  349.646286][T13673] EXT4-fs error (device loop5): mb_free_blocks:2037: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[  349.686199][T13434] veth0_macvtap: entered promiscuous mode
[  349.693910][T13434] veth1_macvtap: entered promiscuous mode
[  349.700617][T13673] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #11: comm syz.5.3073: corrupted inode contents
[  349.717472][T13434] batman_adv: batadv0: Interface activated: batadv_slave_0
[  349.726797][T13673] EXT4-fs error (device loop5): ext4_dirty_inode:6502: inode #11: comm syz.5.3073: mark_inode_dirty error
[  349.739528][T13673] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.3073: invalid indirect mapped block 1 (level 1)
[  349.753586][T13673] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #11: comm syz.5.3073: corrupted inode contents
[  349.766129][T13673] EXT4-fs error (device loop5) in ext4_orphan_del:303: Corrupt filesystem
[  349.775787][T13673] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #11: comm syz.5.3073: corrupted inode contents
[  349.790156][T13673] EXT4-fs error (device loop5): ext4_truncate:4635: inode #11: comm syz.5.3073: mark_inode_dirty error
[  349.795864][T13434] batman_adv: batadv0: Interface activated: batadv_slave_1
[  349.839954][ T4669] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  349.850737][T13673] EXT4-fs error (device loop5) in ext4_process_orphan:345: Corrupt filesystem
[  349.860130][ T4669] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  349.877192][ T4669] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  349.885900][T13692] EXT4-fs: Ignoring removed orlov option
[  349.902849][T13673] EXT4-fs (loop5): 1 truncate cleaned up
[  349.915694][ T4669] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  349.995625][   T29] kauditd_printk_skb: 12 callbacks suppressed
[  349.995643][   T29] audit: type=1400 audit(1769513375.502:2393): avc:  denied  { mount } for  pid=13705 comm="syz.0.3078" name="/" dev="configfs" ino=1049 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  350.024817][   T29] audit: type=1400 audit(1769513375.502:2394): avc:  denied  { search } for  pid=13705 comm="syz.0.3078" name="/" dev="configfs" ino=1049 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  350.065913][   T29] audit: type=1400 audit(1769513375.565:2395): avc:  denied  { search } for  pid=13705 comm="syz.0.3078" name="/" dev="configfs" ino=1049 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  350.088538][   T29] audit: type=1400 audit(1769513375.565:2396): avc:  denied  { read open } for  pid=13705 comm="syz.0.3078" path="/" dev="configfs" ino=1049 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  350.111144][   T29] audit: type=1326 audit(1769513375.565:2397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13705 comm="syz.0.3078" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a5dc6aeb9 code=0x7ffc0000
[  350.134994][   T29] audit: type=1326 audit(1769513375.565:2398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13705 comm="syz.0.3078" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a5dc6aeb9 code=0x7ffc0000
[  350.158657][   T29] audit: type=1326 audit(1769513375.565:2399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13705 comm="syz.0.3078" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f5a5dc6aeb9 code=0x7ffc0000
[  350.182594][   T29] audit: type=1326 audit(1769513375.565:2400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13705 comm="syz.0.3078" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5a5dc64cd7 code=0x7ffc0000
[  350.206109][   T29] audit: type=1326 audit(1769513375.565:2401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13705 comm="syz.0.3078" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5a5dc0c2d9 code=0x7ffc0000
[  350.229790][   T29] audit: type=1326 audit(1769513375.565:2402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13705 comm="syz.0.3078" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5a5dc64cd7 code=0x7ffc0000
[  350.284659][T13713] EXT4-fs: Ignoring removed orlov option
[  350.290601][T13713] EXT4-fs: inline encryption not supported
[  350.504669][T11345]  loop3: p1 p2 p3 < p5 >
[  350.510322][T11345] loop3: p1 size 242222080 extends beyond EOD, truncated
[  350.518544][T13740] FAULT_INJECTION: forcing a failure.
[  350.518544][T13740] name failslab, interval 1, probability 0, space 0, times 0
[  350.531316][T13740] CPU: 1 UID: 0 PID: 13740 Comm: syz.0.3083 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  350.531349][T13740] Tainted: [W]=WARN
[  350.531356][T13740] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  350.531369][T13740] Call Trace:
[  350.531450][T13740]  <TASK>
[  350.531459][T13740]  __dump_stack+0x1d/0x30
[  350.531491][T13740]  dump_stack_lvl+0x95/0xd0
[  350.531576][T13740]  dump_stack+0x15/0x1b
[  350.531625][T13740]  should_fail_ex+0x263/0x280
[  350.531667][T13740]  should_failslab+0x8c/0xb0
[  350.531764][T13740]  kmem_cache_alloc_node_noprof+0x6a/0x4a0
[  350.531798][T13740]  ? __alloc_skb+0x2f0/0x4b0
[  350.531913][T13740]  __alloc_skb+0x2f0/0x4b0
[  350.531951][T13740]  ? __alloc_skb+0x219/0x4b0
[  350.531997][T13740]  virtual_ncidev_write+0x3b/0x110
[  350.532104][T13740]  vfs_writev+0x42b/0x900
[  350.532129][T13740]  ? __pfx_virtual_ncidev_write+0x10/0x10
[  350.532248][T13740]  do_writev+0xe9/0x210
[  350.532274][T13740]  __x64_sys_writev+0x45/0x50
[  350.532336][T13740]  x64_sys_call+0x1ba5/0x3000
[  350.532384][T13740]  do_syscall_64+0xc0/0x2a0
[  350.532428][T13740]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  350.532456][T13740] RIP: 0033:0x7f5a5dc6aeb9
[  350.532476][T13740] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  350.532498][T13740] RSP: 002b:00007f5a5c6a6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  350.532543][T13740] RAX: ffffffffffffffda RBX: 00007f5a5dee6090 RCX: 00007f5a5dc6aeb9
[  350.532562][T13740] RDX: 0000000000000001 RSI: 00002000000006c0 RDI: 0000000000000003
[  350.532579][T13740] RBP: 00007f5a5c6a6090 R08: 0000000000000000 R09: 0000000000000000
[  350.532596][T13740] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  350.532629][T13740] R13: 00007f5a5dee6128 R14: 00007f5a5dee6090 R15: 00007ffc533d2f58
[  350.532718][T13740]  </TASK>
[  350.578493][T13743] netlink: 'syz.4.3080': attribute type 11 has an invalid length.
[  350.593305][T13739] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4215: comm syz.4.3080: Allocating blocks 497-513 which overlap fs metadata
[  350.597441][T13741] netlink: 72 bytes leftover after parsing attributes in process `syz.5.3079'.
[  350.619436][T11345] loop3: p2 start 16777215 is beyond EOD, 
[  350.647646][T13739] EXT4-fs (loop4): Remounting filesystem read-only
[  350.650423][T11345] truncated
[  350.771782][T13685]  loop3: p1 p2 p3 < >
[  350.775951][T13685] loop3: p1 size 242222080 extends beyond EOD, truncated
[  350.784851][T13739] EXT4-fs (loop4): pa ffff888107e71b60: logic 256, phys. 385, len 8
[  350.803911][T13685] loop3: p2 start 16777215 is beyond EOD, truncated
[  350.878953][T11109] udevd[11109]: inotify_add_watch(7, /dev/loop3p5, 10) failed: No such file or directory
[  350.920675][T13720] set_capacity_and_notify: 4 callbacks suppressed
[  350.920710][T13720] loop1: detected capacity change from 0 to 32768
[  350.945473][T13726] netlink: 'syz.5.3079': attribute type 13 has an invalid length.
[  351.001295][T11345]  loop1: p1 p2 p3 < p5 >
[  351.005932][T11345] loop1: p1 size 242222080 extends beyond EOD, truncated
[  351.023552][T11345] loop1: p2 start 16777215 is beyond EOD, truncated
[  351.053337][T13720]  loop1: p1 p2 p3 < p5 >
[  351.060948][T13720] loop1: p1 size 242222080 extends beyond EOD, truncated
[  351.081010][T13720] loop1: p2 start 16777215 is beyond EOD, truncated
[  351.106221][T11109] udevd[11109]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[  351.118278][ T3304] udevd[3304]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  351.134162][ T4211] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  351.150951][T11109] udevd[11109]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[  351.165220][ T3304] udevd[3304]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  351.191507][ T4211] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  351.248855][ T4211] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  351.302478][T13779] loop0: detected capacity change from 0 to 512
[  351.370412][ T4211] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  351.383837][T13779] ext4 filesystem being mounted at /18/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  351.452931][T13779] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #2: comm syz.0.3085: corrupted inode contents
[  351.478659][T13779] EXT4-fs error (device loop0): ext4_dirty_inode:6502: inode #2: comm syz.0.3085: mark_inode_dirty error
[  351.533807][T11109] udevd[11109]: inotify_add_watch(7, /dev/loop1p5, 10) failed: No such file or directory
[  351.534237][T11345] udevd[11345]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[  351.560069][T13779] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #2: comm syz.0.3085: corrupted inode contents
[  351.563340][ T4211] bond2 (unregistering): (slave ip6gretap1): Releasing backup interface
[  351.584097][ T3304] udevd[3304]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[  351.612363][T11109] udevd[11109]: inotify_add_watch(7, /dev/loop1p5, 10) failed: No such file or directory
[  351.616922][ T3304] udevd[3304]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[  351.636457][T13779] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #2: comm syz.0.3085: mark_inode_dirty error
[  351.657329][T13797] loop5: detected capacity change from 0 to 8192
[  351.696130][T13797] random: crng reseeded on system resumption
[  351.782310][ T4211] bond0 (unregistering): Released all slaves
[  351.790762][ T4211] bond1 (unregistering): (slave veth3): Releasing backup interface
[  351.799453][ T4211] bond1 (unregistering): Released all slaves
[  351.808805][ T4211] bond2 (unregistering): Released all slaves
[  351.817549][ T4211] bond3 (unregistering): Released all slaves
[  351.826697][ T4211] bond4 (unregistering): Released all slaves
[  351.835448][ T4211] bond5 (unregistering): Released all slaves
[  351.845578][ T4211] bond6 (unregistering): Released all slaves
[  351.854987][ T4211] bond7 (unregistering): Released all slaves
[  351.864536][ T4211] bond8 (unregistering): Released all slaves
[  351.873740][ T4211] bond9 (unregistering): (slave veth13): Releasing backup interface
[  351.883083][ T4211] bond9 (unregistering): Released all slaves
[  351.892298][ T4211] bond10 (unregistering): (slave veth15): Releasing backup interface
[  351.901911][ T4211] bond10 (unregistering): Released all slaves
[  351.916471][T13802] pimreg: entered allmulticast mode
[  351.953773][ T4211] tipc: Disabling bearer <udp:syz2>
[  351.959174][ T4211] tipc: Left network mode
[  351.972318][T12901] EXT4-fs unmount: 25 callbacks suppressed
[  351.972348][T12901] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  352.010582][ T4211] hsr_slave_0: left promiscuous mode
[  352.037242][ T4211] hsr_slave_1: left promiscuous mode
[  352.047193][T13822] xt_CT: You must specify a L4 protocol and not use inversions on it
[  352.090634][T13826] loop0: detected capacity change from 0 to 512
[  352.118169][T13826] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  352.141297][T13826] EXT4-fs (loop0): warning: checktime reached, running e2fsck is recommended
[  352.150739][T13826] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c01c, mo2=0002]
[  352.159916][T13826] System zones: 0-2, 18-18, 34-34
[  352.165839][T13826] EXT4-fs error (device loop0): ext4_orphan_get:1417: comm syz.0.3092: bad orphan inode 15
[  352.195478][T13826] ext4_test_bit(bit=14, block=18) = 1
[  352.201097][T13826] is_bad_inode(inode)=0
[  352.205296][T13826] NEXT_ORPHAN(inode)=2264924160
[  352.210261][T13826] max_ino=32
[  352.213478][T13826] i_nlink=0
[  352.233005][T13826] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #15: comm syz.0.3092: corrupted inode contents
[  352.246314][T13826] EXT4-fs error (device loop0): ext4_dirty_inode:6502: inode #15: comm syz.0.3092: mark_inode_dirty error
[  352.250723][T13762] chnl_net:caif_netlink_parms(): no params data found
[  352.275826][T13826] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #15: comm syz.0.3092: corrupted inode contents
[  352.295071][T13826] EXT4-fs error (device loop0): ext4_xattr_delete_inode:3001: inode #15: comm syz.0.3092: mark_inode_dirty error
[  352.345296][T13826] EXT4-fs error (device loop0): ext4_xattr_delete_inode:3004: inode #15: comm syz.0.3092: mark inode dirty (error -117)
[  352.363755][T13838] xt_CT: You must specify a L4 protocol and not use inversions on it
[  352.406148][T13762] bridge0: port 1(bridge_slave_0) entered blocking state
[  352.413401][T13762] bridge0: port 1(bridge_slave_0) entered disabled state
[  352.428006][T13826] EXT4-fs warning (device loop0): ext4_evict_inode:273: xattr delete (err -117)
[  352.447347][T13826] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  352.466928][T13762] bridge_slave_0: entered allmulticast mode
[  352.476718][T13762] bridge_slave_0: entered promiscuous mode
[  352.492968][T13762] bridge0: port 2(bridge_slave_1) entered blocking state
[  352.500251][T13762] bridge0: port 2(bridge_slave_1) entered disabled state
[  352.510222][T13826] netlink: 'syz.0.3092': attribute type 20 has an invalid length.
[  352.526044][T13762] bridge_slave_1: entered allmulticast mode
[  352.534930][T13762] bridge_slave_1: entered promiscuous mode
[  352.553935][T13762] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  352.570446][T13762] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  352.619103][T13762] team0: Port device team_slave_0 added
[  352.630153][T13762] team0: Port device team_slave_1 added
[  352.687435][T13762] batman_adv: batadv0: Adding interface: batadv_slave_0
[  352.694426][T13762] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  352.720696][T13762] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  352.765423][T13861] 8021q: adding VLAN 0 to HW filter on device bond0
[  352.784600][T13861] 8021q: adding VLAN 0 to HW filter on device team0
[  352.796518][T13861] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  352.812810][T13762] batman_adv: batadv0: Adding interface: batadv_slave_1
[  352.819890][T13762] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  352.845899][T13762] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  352.884785][T13875] loop4: detected capacity change from 0 to 512
[  352.921641][T13762] hsr_slave_0: entered promiscuous mode
[  352.923367][T13875] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  352.940635][T13762] hsr_slave_1: entered promiscuous mode
[  352.946779][T13762] debugfs: 'hsr0' already exists in 'hsr'
[  352.952615][T13762] Cannot create hsr debugfs directory
[  352.970600][T13875] ext4 filesystem being mounted at /21/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  352.981154][ T3510] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  353.054245][T13875] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #2: comm syz.4.3101: corrupted inode contents
[  353.085259][T13885] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3103'.
[  353.094531][T13875] EXT4-fs error (device loop4): ext4_dirty_inode:6502: inode #2: comm syz.4.3101: mark_inode_dirty error
[  353.106071][T13885] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  353.109582][T13875] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #2: comm syz.4.3101: corrupted inode contents
[  353.122930][   T23] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  353.164611][T13886] pimreg: entered allmulticast mode
[  353.215651][T13888] tipc: Started in network mode
[  353.220741][T13888] tipc: Node identity ac1414aa, cluster identity 4711
[  353.252444][T13888] tipc: Enabled bearer <udp:syz2>, priority 10
[  353.259446][T13890] netlink: 40 bytes leftover after parsing attributes in process `syz.5.3104'.
[  353.277306][T13875] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #2: comm syz.4.3101: mark_inode_dirty error
[  353.313578][T13164] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  353.356877][T13895] loop5: detected capacity change from 0 to 512
[  353.382094][T13895] EXT4-fs: Ignoring removed nobh option
[  353.390544][T13895] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  353.408834][T13895] EXT4-fs (loop5): 1 truncate cleaned up
[  353.416169][T13895] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  353.540296][T12901] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  353.589105][T13901] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=272 sclass=netlink_route_socket pid=13901 comm=syz.4.3105
[  353.688136][T13762] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  353.746601][T13762] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  353.756673][T13762] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  353.834786][T13762] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  353.867484][ T8856] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  353.956501][T13926] loop4: detected capacity change from 0 to 1024
[  353.967865][T13762] 8021q: adding VLAN 0 to HW filter on device bond0
[  353.974018][T13926] EXT4-fs: Ignoring removed orlov option
[  353.976129][ T3372] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  353.993623][T13926] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  354.039504][T13762] 8021q: adding VLAN 0 to HW filter on device team0
[  354.055857][T13164] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  354.076597][   T52] bridge0: port 1(bridge_slave_0) entered blocking state
[  354.083833][   T52] bridge0: port 1(bridge_slave_0) entered forwarding state
[  354.132167][   T52] bridge0: port 2(bridge_slave_1) entered blocking state
[  354.139416][   T52] bridge0: port 2(bridge_slave_1) entered forwarding state
[  354.172505][T13948] xt_CT: You must specify a L4 protocol and not use inversions on it
[  354.214373][ T3372] tipc: Node number set to 2886997162
[  354.322990][T13965] loop4: detected capacity change from 0 to 512
[  354.338403][T13762] 8021q: adding VLAN 0 to HW filter on device batadv0
[  354.393533][T13965] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  354.459993][T13965] ext4 filesystem being mounted at /26/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  354.476202][T10660] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  354.531600][T13965] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #2: comm syz.4.3115: corrupted inode contents
[  354.572194][T13965] EXT4-fs error (device loop4): ext4_dirty_inode:6502: inode #2: comm syz.4.3115: mark_inode_dirty error
[  354.594422][T13762] veth0_vlan: entered promiscuous mode
[  354.604433][T13965] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #2: comm syz.4.3115: corrupted inode contents
[  354.618372][T13762] veth1_vlan: entered promiscuous mode
[  354.624530][T13965] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #2: comm syz.4.3115: mark_inode_dirty error
[  354.677580][T13762] veth0_macvtap: entered promiscuous mode
[  354.696089][T13762] veth1_macvtap: entered promiscuous mode
[  354.738669][T13762] batman_adv: batadv0: Interface activated: batadv_slave_0
[  354.755031][T13164] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  354.765940][   T29] kauditd_printk_skb: 84 callbacks suppressed
[  354.765957][   T29] audit: type=1400 audit(1769513380.510:2487): avc:  denied  { write } for  pid=13998 comm="syz.0.3118" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  354.769742][T13762] batman_adv: batadv0: Interface activated: batadv_slave_1
[  354.830490][ T3658] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  354.839450][ T3658] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  354.874738][ T3658] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  354.891374][ T4669] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  354.899319][ T4669] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  354.908728][ T3658] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  354.922496][T14009] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  355.091427][T14026] loop0: detected capacity change from 0 to 1024
[  355.131478][T14026] loop0: detected capacity change from 0 to 512
[  355.214040][T14026] EXT4-fs: Ignoring removed i_version option
[  355.220317][T14026] EXT4-fs: Ignoring removed bh option
[  355.305674][T14026] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  355.427136][T14026] ext4 filesystem being mounted at /23/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  355.452844][    T9] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  355.506330][T14019] netlink: 72 bytes leftover after parsing attributes in process `syz.1.3123'.
[  355.572321][T14019] netlink: 'syz.1.3123': attribute type 13 has an invalid length.
[  355.661660][T12901] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  355.690175][   T29] audit: type=1400 audit(1769513381.476:2488): avc:  denied  { open } for  pid=14040 comm="syz.0.3127" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  355.745019][T14041] FAULT_INJECTION: forcing a failure.
[  355.745019][T14041] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  355.759473][T14041] CPU: 1 UID: 0 PID: 14041 Comm: syz.0.3127 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  355.759516][T14041] Tainted: [W]=WARN
[  355.759526][T14041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  355.759540][T14041] Call Trace:
[  355.759548][T14041]  <TASK>
[  355.759558][T14041]  __dump_stack+0x1d/0x30
[  355.759610][T14041]  dump_stack_lvl+0x95/0xd0
[  355.759636][T14041]  dump_stack+0x15/0x1b
[  355.759661][T14041]  should_fail_ex+0x263/0x280
[  355.759704][T14041]  should_fail+0xb/0x20
[  355.759843][T14041]  should_fail_usercopy+0x1a/0x20
[  355.759880][T14041]  _copy_from_user+0x1c/0xb0
[  355.759901][T14041]  __x64_sys_epoll_ctl+0x92/0x100
[  355.759985][T14041]  x64_sys_call+0x745/0x3000
[  355.760035][T14041]  do_syscall_64+0xc0/0x2a0
[  355.760068][T14041]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  355.760125][T14041] RIP: 0033:0x7f5a5dc6aeb9
[  355.760147][T14041] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  355.760168][T14041] RSP: 002b:00007f5a5c6c7028 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[  355.760195][T14041] RAX: ffffffffffffffda RBX: 00007f5a5dee5fa0 RCX: 00007f5a5dc6aeb9
[  355.760215][T14041] RDX: ffffffffffffffff RSI: 0000000000000001 RDI: ffffffffffffffff
[  355.760235][T14041] RBP: 00007f5a5c6c7090 R08: 0000000000000000 R09: 0000000000000000
[  355.760294][T14041] R10: 0000200000000240 R11: 0000000000000246 R12: 0000000000000001
[  355.760383][T14041] R13: 00007f5a5dee6038 R14: 00007f5a5dee5fa0 R15: 00007ffc533d2f58
[  355.760407][T14041]  </TASK>
[  355.767079][   T29] audit: type=1400 audit(1769513381.476:2489): avc:  denied  { kernel } for  pid=14040 comm="syz.0.3127" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  355.780443][T14043] delete_channel: no stack
[  355.843205][T14019] bridge0: port 2(bridge_slave_1) entered disabled state
[  355.890803][T14043] delete_channel: no stack
[  355.893224][T14019] bridge0: port 1(bridge_slave_0) entered disabled state
[  355.990891][   T29] audit: type=1400 audit(1769513381.802:2490): avc:  denied  { tracepoint } for  pid=14047 comm="syz.0.3129" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  356.033342][   T29] audit: type=1400 audit(1769513381.844:2491): avc:  denied  { create } for  pid=14047 comm="syz.0.3129" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  356.052912][   T29] audit: type=1400 audit(1769513381.844:2492): avc:  denied  { write } for  pid=14047 comm="syz.0.3129" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  356.103629][T14019] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  356.114492][T14019] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  356.197579][   T29] audit: type=1400 audit(1769513382.012:2493): avc:  denied  { map } for  pid=14027 comm="syz.4.3125" path="socket:[39987]" dev="sockfs" ino=39987 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  356.231117][ T8856] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  356.262550][ T8856] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  356.302450][ T8856] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  356.331062][ T8856] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  356.409433][   T29] audit: type=1400 audit(1769513382.232:2494): avc:  denied  { write } for  pid=14055 comm="syz.0.3132" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  356.410870][T14056] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  356.429104][   T29] audit: type=1400 audit(1769513382.232:2495): avc:  denied  { write } for  pid=14055 comm="syz.0.3132" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  356.458821][T14056] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  356.483736][T14059] loop1: detected capacity change from 0 to 512
[  356.498641][T14059] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  356.515768][T14059] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  356.550532][T14059] EXT4-fs (loop1): 1 truncate cleaned up
[  356.578130][T14059] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  356.605450][T14059] EXT4-fs error (device loop1): ext4_inlinedir_to_tree:1324: inode #12: block 7: comm syz.1.3133: path /13/bus/file0: bad entry in directory: directory entry overrun - offset=80, inode=2147483648, rec_len=1024, size=60 fake=0
[  356.638632][T14064] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3135'.
[  356.664335][T14066] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3136'.
[  356.674505][T14066] netlink: 80 bytes leftover after parsing attributes in process `syz.5.3136'.
[  356.734641][T13434] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  356.746911][T14069] xt_CT: You must specify a L4 protocol and not use inversions on it
[  356.788451][T14075] loop0: detected capacity change from 0 to 512
[  356.813493][T14075] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  356.826458][T14075] ext4 filesystem being mounted at /29/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  356.842209][   T29] audit: type=1326 audit(1769513382.694:2496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14078 comm="syz.3.3141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde1576aeb9 code=0x7ffc0000
[  356.871254][T14075] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #2: comm syz.0.3140: corrupted inode contents
[  356.871442][T14075] EXT4-fs error (device loop0): ext4_dirty_inode:6502: inode #2: comm syz.0.3140: mark_inode_dirty error
[  356.871609][T14075] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #2: comm syz.0.3140: corrupted inode contents
[  356.906737][T14075] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #2: comm syz.0.3140: mark_inode_dirty error
[  356.963127][T12901] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  357.091432][T14096] program syz.0.3148 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  357.455661][T14112] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3154'.
[  357.621928][T14117] loop0: detected capacity change from 0 to 512
[  357.657675][T14117] EXT4-fs: Ignoring removed i_version option
[  357.663779][T14117] EXT4-fs: Ignoring removed bh option
[  357.696047][T14117] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  357.716858][T14117] ext4 filesystem being mounted at /41/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  357.866036][T14125] loop3: detected capacity change from 0 to 32768
[  357.889132][T14130] xt_CT: You must specify a L4 protocol and not use inversions on it
[  357.920183][ T3304]  loop3: p1 p2 p3 < p5 p6 >
[  357.946348][ T3304] loop3: p2 size 16775168 extends beyond EOD, truncated
[  357.972399][ T3304] loop3: p5 start 4294970168 is beyond EOD, truncated
[  357.988432][T14125]  loop3: p1 p2 p3 < p5 p6 >
[  357.994110][T14125] loop3: p2 size 16775168 extends beyond EOD, truncated
[  358.003652][T14125] loop3: p5 start 4294970168 is beyond EOD, truncated
[  358.032112][T14134] loop1: detected capacity change from 0 to 1024
[  358.053344][T12901] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  358.079436][T14138] loop5: detected capacity change from 0 to 1024
[  358.081844][T14134] EXT4-fs: Ignoring removed orlov option
[  358.115595][T14138] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  358.124400][T14138] EXT4-fs (loop5): The Hurd can't support 64-bit file systems
[  358.151147][T14134] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  358.298474][T14145] loop4: detected capacity change from 0 to 1024
[  358.305490][T14145] EXT4-fs: Ignoring removed orlov option
[  358.316823][T14145] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  358.359397][T14142] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  358.412614][T14153] tipc: Started in network mode
[  358.417544][T14153] tipc: Node identity 86faa2db172e, cluster identity 4711
[  358.424823][T14153] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  358.436156][T14155] loop5: detected capacity change from 0 to 1024
[  358.443437][T14155] EXT4-fs: Ignoring removed orlov option
[  358.454064][T14155] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  358.470662][T14153] syzkaller0: entered promiscuous mode
[  358.476305][T14153] syzkaller0: entered allmulticast mode
[  358.501550][T13164] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  358.525546][T14153] tipc: Resetting bearer <eth:syzkaller0>
[  358.534029][T11109] udevd[11109]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[  358.545289][ T3304] udevd[3304]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  358.545528][ T3306] udevd[3306]: inotify_add_watch(7, /dev/loop3p6, 10) failed: No such file or directory
[  358.567373][T11345] udevd[11345]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[  358.579213][T10660] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  358.712162][T14165] netlink: 32 bytes leftover after parsing attributes in process `syz.5.3173'.
[  358.786672][T14174] loop5: detected capacity change from 0 to 1024
[  358.803634][T14174] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  358.826034][T14174] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4215: comm syz.5.3177: Allocating blocks 481-513 which overlap fs metadata
[  358.852852][T14174] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4215: comm syz.5.3177: Allocating blocks 497-513 which overlap fs metadata
[  358.886863][T14174] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4215: comm syz.5.3177: Allocating blocks 497-513 which overlap fs metadata
[  358.901718][T14174] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 117
[  358.914153][T14174] EXT4-fs (loop5): This should not happen!! Data will be lost
[  358.914153][T14174] 
[  358.926520][T13434] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  358.938563][T14174] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4215: comm syz.5.3177: Allocating blocks 497-513 which overlap fs metadata
[  358.965536][ T4211] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4215: comm kworker/u8:12: Allocating blocks 497-513 which overlap fs metadata
[  358.980172][ T4211] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 4 with max blocks 12 with error 117
[  358.992592][ T4211] EXT4-fs (loop5): This should not happen!! Data will be lost
[  358.992592][ T4211] 
[  359.022377][T10660] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  359.076299][    C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  359.093010][T14188] loop1: detected capacity change from 0 to 1024
[  359.099866][T14188] EXT4-fs: Ignoring removed orlov option
[  359.107506][T14189] IPVS: set_ctl: invalid protocol: 1 113.137.89.30:37427
[  359.140437][T14188] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  359.190859][T14152] tipc: Resetting bearer <eth:syzkaller0>
[  359.205064][T14152] tipc: Disabling bearer <eth:syzkaller0>
[  359.221638][T13434] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  359.296308][T14197] xt_CT: You must specify a L4 protocol and not use inversions on it
[  359.362406][T14195]  loop1: p1 p3 p4
[  359.373577][T14195] loop1: p3 start 2147483648 is beyond EOD, truncated
[  359.380514][T14195] loop1: p4 size 33555456 extends beyond EOD, truncated
[  359.614062][   T29] kauditd_printk_skb: 124 callbacks suppressed
[  359.614081][   T29] audit: type=1400 audit(1769513385.603:2621): avc:  denied  { sys_module } for  pid=14200 comm="syz.3.3188" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  359.773908][ T3304] udevd[3304]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[  359.785345][T11109] udevd[11109]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[  359.819880][T11345]  loop5: p1 p2 p3 < p5 p6 >
[  359.828209][T11345] loop5: p2 size 16775168 extends beyond EOD, truncated
[  359.864447][T11345] loop5: p5 start 4294970168 is beyond EOD, truncated
[  359.900654][T14214]  loop5: p1 p2 p3 < p5 p6 >
[  359.906075][T14214] loop5: p2 size 16775168 extends beyond EOD, truncated
[  359.914319][T14214] loop5: p5 start 4294970168 is beyond EOD, truncated
[  359.957257][   T29] audit: type=1400 audit(1769513385.960:2622): avc:  denied  { wake_alarm } for  pid=14222 comm="syz.3.3196" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  360.006050][T11345] udevd[11345]: inotify_add_watch(7, /dev/loop5p2, 10) failed: No such file or directory
[  360.012845][ T3304] udevd[3304]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory
[  360.027288][T11109] udevd[11109]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory
[  360.038736][ T3306] udevd[3306]: inotify_add_watch(7, /dev/loop5p6, 10) failed: No such file or directory
[  360.153038][T14230] xt_CT: You must specify a L4 protocol and not use inversions on it
[  360.222836][T14234] sch_tbf: burst 6 is lower than device ip6gre0 mtu (1448) !
[  360.449558][   T29] audit: type=1326 audit(1769513386.474:2623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14235 comm="syz.5.3202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57cc18aeb9 code=0x7ffc0000
[  360.473272][   T29] audit: type=1326 audit(1769513386.474:2624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14235 comm="syz.5.3202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57cc18aeb9 code=0x7ffc0000
[  360.496850][   T29] audit: type=1326 audit(1769513386.474:2625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14235 comm="syz.5.3202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f57cc18aeb9 code=0x7ffc0000
[  360.520563][   T29] audit: type=1326 audit(1769513386.474:2626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14235 comm="syz.5.3202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57cc18aeb9 code=0x7ffc0000
[  360.544149][   T29] audit: type=1326 audit(1769513386.474:2627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14235 comm="syz.5.3202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57cc18aeb9 code=0x7ffc0000
[  360.567728][   T29] audit: type=1326 audit(1769513386.474:2628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14235 comm="syz.5.3202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f57cc18aeb9 code=0x7ffc0000
[  360.591291][   T29] audit: type=1400 audit(1769513386.474:2629): avc:  denied  { mounton } for  pid=14235 comm="syz.5.3202" path="/197/file0" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:devpts_t tclass=dir permissive=1
[  360.613595][   T29] audit: type=1326 audit(1769513386.474:2630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14235 comm="syz.5.3202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57cc18aeb9 code=0x7ffc0000
[  360.742231][T14250] FAULT_INJECTION: forcing a failure.
[  360.742231][T14250] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  360.755497][T14250] CPU: 1 UID: 0 PID: 14250 Comm: syz.1.3207 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  360.755537][T14250] Tainted: [W]=WARN
[  360.755545][T14250] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  360.755558][T14250] Call Trace:
[  360.755566][T14250]  <TASK>
[  360.755577][T14250]  __dump_stack+0x1d/0x30
[  360.755608][T14250]  dump_stack_lvl+0x95/0xd0
[  360.755709][T14250]  dump_stack+0x15/0x1b
[  360.755731][T14250]  should_fail_ex+0x263/0x280
[  360.755773][T14250]  should_fail+0xb/0x20
[  360.755809][T14250]  should_fail_usercopy+0x1a/0x20
[  360.755851][T14250]  _copy_from_iter+0xcf/0xea0
[  360.755898][T14250]  ? __alloc_skb+0x397/0x4b0
[  360.755938][T14250]  ? __alloc_skb+0x219/0x4b0
[  360.756048][T14250]  netlink_sendmsg+0x4ae/0x6f0
[  360.756071][T14250]  ? __pfx_netlink_sendmsg+0x10/0x10
[  360.756091][T14250]  ____sys_sendmsg+0x5af/0x600
[  360.756141][T14250]  ___sys_sendmsg+0x195/0x1e0
[  360.756177][T14250]  __x64_sys_sendmsg+0xd4/0x160
[  360.756201][T14250]  x64_sys_call+0x17ba/0x3000
[  360.756227][T14250]  do_syscall_64+0xc0/0x2a0
[  360.756291][T14250]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  360.756315][T14250] RIP: 0033:0x7ff79a00aeb9
[  360.756335][T14250] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  360.756357][T14250] RSP: 002b:00007ff798a67028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  360.756385][T14250] RAX: ffffffffffffffda RBX: 00007ff79a285fa0 RCX: 00007ff79a00aeb9
[  360.756435][T14250] RDX: 0000000004008804 RSI: 0000200000000040 RDI: 0000000000000003
[  360.756456][T14250] RBP: 00007ff798a67090 R08: 0000000000000000 R09: 0000000000000000
[  360.756470][T14250] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  360.756483][T14250] R13: 00007ff79a286038 R14: 00007ff79a285fa0 R15: 00007fff240e40b8
[  360.756504][T14250]  </TASK>
[  361.168843][T14265] EXT4-fs (loop1): failed to initialize system zone (-117)
[  361.183954][T14265] EXT4-fs (loop1): mount failed
[  361.192065][T14271] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3211'.
[  361.201951][T14271] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3211'.
[  361.210935][T14271] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3211'.
[  361.264999][T14273] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  361.278039][T14273] ext4 filesystem being mounted at /46/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  361.290756][T14273] ieee802154 phy0 wpan0: encryption failed: -22
[  361.309157][T12901] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  361.320931][T14277] sch_tbf: burst 6 is lower than device ip6gre0 mtu (1448) !
[  361.336631][T14283] set_capacity_and_notify: 5 callbacks suppressed
[  361.336649][T14283] loop4: detected capacity change from 0 to 1024
[  361.358488][T14283] loop4: detected capacity change from 0 to 512
[  361.368985][T14283] EXT4-fs: Ignoring removed i_version option
[  361.375169][T14283] EXT4-fs: Ignoring removed bh option
[  361.401745][T14283] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  361.436089][T14283] ext4 filesystem being mounted at /39/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  361.599635][T14303] loop1: detected capacity change from 0 to 128
[  361.809627][T13164] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  361.870056][T14306] loop3: detected capacity change from 0 to 1024
[  361.906678][T14306] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  361.915448][T14306] EXT4-fs (loop3): The Hurd can't support 64-bit file systems
[  361.995287][T14306] loop3: detected capacity change from 0 to 1024
[  362.030379][T14306] EXT4-fs error (device loop3): ext4_ext_check_inode:523: inode #4: comm syz.3.3225: pblk 98 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  362.065728][T14306] EXT4-fs error (device loop3): ext4_quota_enable:7180: comm syz.3.3225: Bad quota inode: 4, type: 1
[  362.077198][T14306] EXT4-fs warning (device loop3): ext4_enable_quotas:7221: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  362.101839][T14306] EXT4-fs (loop3): mount failed
[  362.126876][T14309] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3226'.
[  362.135847][T14309] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3226'.
[  362.188270][T14313] loop1: detected capacity change from 0 to 512
[  362.197587][T14313] EXT4-fs (loop1): #clusters per group too big: 1000000
[  362.329908][T14318] sch_tbf: burst 6 is lower than device ip6gre0 mtu (1448) !
[  362.360759][T14326] netlink: 356 bytes leftover after parsing attributes in process `syz.1.3232'.
[  362.473583][T14338] loop4: detected capacity change from 0 to 1024
[  362.497535][T14338] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  362.538093][T14338] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4215: comm syz.4.3237: Allocating blocks 481-513 which overlap fs metadata
[  362.605388][T14348] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3241'.
[  362.619185][T14338] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4215: comm syz.4.3237: Allocating blocks 497-513 which overlap fs metadata
[  362.682040][T14351] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4215: comm syz.4.3237: Allocating blocks 497-513 which overlap fs metadata
[  362.717389][T14338] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4215: comm syz.4.3237: Allocating blocks 497-513 which overlap fs metadata
[  362.796780][T14338] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 117
[  362.809244][T14338] EXT4-fs (loop4): This should not happen!! Data will be lost
[  362.809244][T14338] 
[  362.938362][T14354] loop3: detected capacity change from 0 to 1024
[  362.960520][T14354] EXT4-fs: Ignoring removed orlov option
[  362.991382][   T52] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4215: comm kworker/u8:3: Allocating blocks 497-513 which overlap fs metadata
[  363.016798][T14354] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  363.039116][   T52] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 4 with max blocks 12 with error 117
[  363.051555][   T52] EXT4-fs (loop4): This should not happen!! Data will be lost
[  363.051555][   T52] 
[  363.079504][T14359] FAULT_INJECTION: forcing a failure.
[  363.079504][T14359] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  363.092760][T14359] CPU: 0 UID: 0 PID: 14359 Comm: syz.0.3244 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  363.092802][T14359] Tainted: [W]=WARN
[  363.092866][T14359] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  363.092880][T14359] Call Trace:
[  363.092888][T14359]  <TASK>
[  363.092951][T14359]  __dump_stack+0x1d/0x30
[  363.093052][T14359]  dump_stack_lvl+0x95/0xd0
[  363.093082][T14359]  dump_stack+0x15/0x1b
[  363.093106][T14359]  should_fail_ex+0x263/0x280
[  363.093236][T14359]  should_fail+0xb/0x20
[  363.093264][T14359]  should_fail_usercopy+0x1a/0x20
[  363.093327][T14359]  _copy_from_user+0x1c/0xb0
[  363.093432][T14359]  do_ipv6_setsockopt+0x124/0x21d0
[  363.093608][T14359]  ? kstrtoull+0x111/0x140
[  363.093638][T14359]  ? avc_has_perm_noaudit+0xab/0x130
[  363.093679][T14359]  ? selinux_netlbl_socket_setsockopt+0x20d/0x2f0
[  363.093722][T14359]  ipv6_setsockopt+0x59/0x130
[  363.093759][T14359]  udpv6_setsockopt+0x99/0xb0
[  363.093791][T14359]  sock_common_setsockopt+0x69/0x80
[  363.093895][T14359]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  363.093932][T14359]  __sys_setsockopt+0x184/0x200
[  363.094007][T14359]  __x64_sys_setsockopt+0x64/0x80
[  363.094052][T14359]  x64_sys_call+0x21d5/0x3000
[  363.094079][T14359]  do_syscall_64+0xc0/0x2a0
[  363.094169][T14359]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  363.094199][T14359] RIP: 0033:0x7f5a5dc6aeb9
[  363.094220][T14359] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  363.094296][T14359] RSP: 002b:00007f5a5c6c7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  363.094317][T14359] RAX: ffffffffffffffda RBX: 00007f5a5dee5fa0 RCX: 00007f5a5dc6aeb9
[  363.094334][T14359] RDX: 000000000000002b RSI: 0000000000000029 RDI: 0000000000000003
[  363.094352][T14359] RBP: 00007f5a5c6c7090 R08: 0000000000000108 R09: 0000000000000000
[  363.094376][T14359] R10: 0000200000000200 R11: 0000000000000246 R12: 0000000000000001
[  363.094394][T14359] R13: 00007f5a5dee6038 R14: 00007f5a5dee5fa0 R15: 00007ffc533d2f58
[  363.094443][T14359]  </TASK>
[  363.311746][T13164] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  363.360428][T14363] netlink: 356 bytes leftover after parsing attributes in process `syz.0.3245'.
[  363.377016][T14365] 9p: Bad value for 'rfdno'
[  363.418775][T14373] FAULT_INJECTION: forcing a failure.
[  363.418775][T14373] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  363.431991][T14373] CPU: 1 UID: 0 PID: 14373 Comm: syz.4.3249 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  363.432033][T14373] Tainted: [W]=WARN
[  363.432040][T14373] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  363.432053][T14373] Call Trace:
[  363.432059][T14373]  <TASK>
[  363.432076][T14373]  __dump_stack+0x1d/0x30
[  363.432110][T14373]  dump_stack_lvl+0x95/0xd0
[  363.432151][T14373]  dump_stack+0x15/0x1b
[  363.432171][T14373]  should_fail_ex+0x263/0x280
[  363.432203][T14373]  should_fail+0xb/0x20
[  363.432234][T14373]  should_fail_usercopy+0x1a/0x20
[  363.432273][T14373]  _copy_to_user+0x20/0xa0
[  363.432299][T14373]  simple_read_from_buffer+0xb5/0x130
[  363.432447][T14373]  proc_fail_nth_read+0x10e/0x150
[  363.432484][T14373]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  363.432516][T14373]  vfs_read+0x1ab/0x7f0
[  363.432534][T14373]  ? __fput+0x555/0x650
[  363.432637][T14373]  ? __rcu_read_unlock+0x4e/0x70
[  363.432674][T14373]  ? __fget_files+0x184/0x1c0
[  363.432700][T14373]  ? mutex_lock+0x57/0x90
[  363.432730][T14373]  ksys_read+0xdc/0x1a0
[  363.432785][T14373]  __x64_sys_read+0x40/0x50
[  363.432809][T14373]  x64_sys_call+0x2889/0x3000
[  363.432874][T14373]  do_syscall_64+0xc0/0x2a0
[  363.432905][T14373]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  363.432948][T14373] RIP: 0033:0x7f3382eeb78e
[  363.433030][T14373] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  363.433051][T14373] RSP: 002b:00007f3381986fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  363.433072][T14373] RAX: ffffffffffffffda RBX: 00007f33819876c0 RCX: 00007f3382eeb78e
[  363.433097][T14373] RDX: 000000000000000f RSI: 00007f33819870a0 RDI: 0000000000000005
[  363.433111][T14373] RBP: 00007f3381987090 R08: 0000000000000000 R09: 0000000000000000
[  363.433125][T14373] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  363.433205][T14373] R13: 00007f33831a6038 R14: 00007f33831a5fa0 R15: 00007ffc4b5ab298
[  363.433268][T14373]  </TASK>
[  363.706422][T14378] loop0: detected capacity change from 0 to 1024
[  363.713332][T14378] EXT4-fs: Ignoring removed orlov option
[  363.735286][T14380] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  363.754362][T14378] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  363.778741][T14382] loop1: detected capacity change from 0 to 1024
[  363.871035][T12901] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  363.890632][T14392] vlan2: entered allmulticast mode
[  363.895942][T14392] bond0: entered allmulticast mode
[  363.901087][T14392] bond_slave_0: entered allmulticast mode
[  363.906880][T14392] bond_slave_1: entered allmulticast mode
[  363.912997][T14388] EXT4-fs: Ignoring removed i_version option
[  363.919193][T14388] EXT4-fs: Ignoring removed bh option
[  363.926049][T13762] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  363.951460][T14397] netlink: 14 bytes leftover after parsing attributes in process `syz.4.3257'.
[  363.966368][T14388] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  363.988523][T14401] netlink: 348 bytes leftover after parsing attributes in process `syz.3.3258'.
[  363.999389][T14397] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  364.008438][T14388] ext4 filesystem being mounted at /43/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  364.019145][T14397] bond_slave_0: left allmulticast mode
[  364.025852][T14397] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  364.036914][T14397] bond_slave_1: left allmulticast mode
[  364.047138][T14397] bond0 (unregistering): Released all slaves
[  364.117474][T14404] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3260'.
[  364.193064][T13434] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  364.220889][T14412] EXT4-fs (loop0): orphan cleanup on readonly fs
[  364.237872][T14412] EXT4-fs error (device loop0): ext4_map_blocks:783: inode #11: block 1: comm syz.0.3264: lblock 0 mapped to illegal pblock 1 (length 1)
[  364.252387][T14412] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2858: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  364.281505][T14412] EXT4-fs error (device loop0): ext4_xattr_inode_update_ref:1037: inode #11: comm syz.0.3264: EA inode 11 ref wraparound: ref_count=0 ref_change=-1
[  364.301538][T14415] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3266'.
[  364.343690][T14417] EXT4-fs: Ignoring removed orlov option
[  364.361566][T14412] EXT4-fs warning (device loop0): ext4_xattr_inode_dec_ref_all:1231: inode #11: comm syz.0.3264: ea_inode dec ref err=-117
[  364.394998][T14417] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  364.407240][T14412] EXT4-fs (loop0): 1 orphan inode deleted
[  364.425276][T14412] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  364.457581][   T29] kauditd_printk_skb: 31 callbacks suppressed
[  364.457601][   T29] audit: type=1400 audit(1769513390.684:2662): avc:  denied  { watch_reads } for  pid=14411 comm="syz.0.3264" path="/60" dev="tmpfs" ino=338 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  364.507693][T13434] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  364.527857][T14421] IPVS: length: 24 != 3445080
[  364.565517][T14425] EXT4-fs: Ignoring removed orlov option
[  364.588975][T14427] FAULT_INJECTION: forcing a failure.
[  364.588975][T14427] name failslab, interval 1, probability 0, space 0, times 0
[  364.602029][T14427] CPU: 0 UID: 0 PID: 14427 Comm: syz.5.3269 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  364.602391][T14427] Tainted: [W]=WARN
[  364.602420][T14427] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  364.602438][T14427] Call Trace:
[  364.602447][T14427]  <TASK>
[  364.602525][T14427]  __dump_stack+0x1d/0x30
[  364.602632][T14427]  dump_stack_lvl+0x95/0xd0
[  364.602663][T14427]  dump_stack+0x15/0x1b
[  364.602691][T14427]  should_fail_ex+0x263/0x280
[  364.602735][T14427]  should_failslab+0x8c/0xb0
[  364.602828][T14427]  __kmalloc_cache_noprof+0x64/0x4a0
[  364.602865][T14427]  ? __se_sys_memfd_create+0x1d5/0x6c0
[  364.602986][T14427]  ? mutex_unlock+0x4e/0x90
[  364.603046][T14427]  __se_sys_memfd_create+0x1d5/0x6c0
[  364.603096][T14427]  __x64_sys_memfd_create+0x31/0x40
[  364.603207][T14427]  x64_sys_call+0x28cb/0x3000
[  364.603306][T14427]  do_syscall_64+0xc0/0x2a0
[  364.603369][T14427]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  364.603425][T14427] RIP: 0033:0x7f57cc18aeb9
[  364.603448][T14427] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  364.603475][T14427] RSP: 002b:00007f57cabe6e08 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  364.603503][T14427] RAX: ffffffffffffffda RBX: 0000000000000532 RCX: 00007f57cc18aeb9
[  364.603520][T14427] RDX: 00007f57cabe6ee0 RSI: 0000000000000000 RDI: 00007f57cc1f7333
[  364.603538][T14427] RBP: 0000200000000480 R08: 00000000ffffffff R09: 0000000000000000
[  364.603573][T14427] R10: 0000000000000001 R11: 0000000000000202 R12: 0000200000000080
[  364.603591][T14427] R13: 00007f57cabe6ee0 R14: 00007f57cabe6ea0 R15: 00002000000009c0
[  364.603620][T14427]  </TASK>
[  364.798721][T14425] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  364.857524][T13434] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  364.922263][T14439] program syz.5.3275 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  364.973123][T14437] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3272'.
[  365.016465][T14445] EXT4-fs error (device loop3): ext4_ext_check_inode:523: inode #4: comm syz.3.3277: pblk 98 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  365.036621][T14445] EXT4-fs error (device loop3): ext4_quota_enable:7180: comm syz.3.3277: Bad quota inode: 4, type: 1
[  365.110329][T12901] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  365.122889][T14445] EXT4-fs warning (device loop3): ext4_enable_quotas:7221: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  365.138531][T14445] EXT4-fs (loop3): mount failed
[  365.187071][T14451] EXT4-fs: Ignoring removed orlov option
[  365.217562][T14453] FAULT_INJECTION: forcing a failure.
[  365.217562][T14453] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  365.220665][T14451] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  365.230863][T14453] CPU: 0 UID: 0 PID: 14453 Comm: syz.0.3279 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  365.231044][T14453] Tainted: [W]=WARN
[  365.231073][T14453] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  365.231120][T14453] Call Trace:
[  365.231141][T14453]  <TASK>
[  365.231170][T14453]  __dump_stack+0x1d/0x30
[  365.231280][T14453]  dump_stack_lvl+0x95/0xd0
[  365.231354][T14453]  dump_stack+0x15/0x1b
[  365.231424][T14453]  should_fail_ex+0x263/0x280
[  365.231607][T14453]  should_fail_alloc_page+0xf2/0x100
[  365.231690][T14453]  __alloc_frozen_pages_noprof+0x108/0x350
[  365.231881][T14453]  alloc_pages_mpol+0xb3/0x260
[  365.232004][T14453]  alloc_frozen_pages_noprof+0x8f/0x110
[  365.232108][T14453]  ___kmalloc_large_node+0x3f/0xe0
[  365.232265][T14453]  __kmalloc_large_node_noprof+0x16/0xa0
[  365.232364][T14453]  __kmalloc_noprof+0x342/0x580
[  365.232491][T14453]  ? iovec_from_user+0x84/0x200
[  365.232576][T14453]  iovec_from_user+0x84/0x200
[  365.232646][T14453]  __import_iovec+0xf3/0x530
[  365.232726][T14453]  ? __kmalloc_noprof+0x2a3/0x580
[  365.232807][T14453]  ? io_cache_alloc_new+0x2a/0xb0
[  365.232894][T14453]  io_import_rw_buffer+0x245/0x380
[  365.233058][T14453]  io_prep_rwv+0xae/0x260
[  365.233149][T14453]  io_prep_writev+0x22/0x30
[  365.233231][T14453]  io_submit_sqes+0x70e/0x11b0
[  365.233332][T14453]  __se_sys_io_uring_enter+0x1bf/0x1c70
[  365.233489][T14453]  ? __rcu_read_unlock+0x4e/0x70
[  365.233587][T14453]  ? get_pid_task+0x96/0xd0
[  365.233689][T14453]  ? proc_fail_nth_write+0x13b/0x160
[  365.233796][T14453]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  365.233930][T14453]  ? vfs_write+0x86e/0x9f0
[  365.234000][T14453]  ? __rcu_read_unlock+0x4e/0x70
[  365.234052][T14453]  ? __fget_files+0x184/0x1c0
[  365.234162][T14453]  ? mutex_lock+0x57/0x90
[  365.234229][T14453]  ? mutex_unlock+0x4e/0x90
[  365.234287][T14453]  ? fput+0x8f/0xc0
[  365.234380][T14453]  __x64_sys_io_uring_enter+0x78/0x90
[  365.234513][T14453]  x64_sys_call+0x27e4/0x3000
[  365.234588][T14453]  do_syscall_64+0xc0/0x2a0
[  365.234702][T14453]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  365.234840][T14453] RIP: 0033:0x7f5a5dc6aeb9
[  365.234899][T14453] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  365.234970][T14453] RSP: 002b:00007f5a5c6c7028 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  365.235033][T14453] RAX: ffffffffffffffda RBX: 00007f5a5dee5fa0 RCX: 00007f5a5dc6aeb9
[  365.235158][T14453] RDX: 000000000000d480 RSI: 00000000000029ab RDI: 0000000000000004
[  365.235224][T14453] RBP: 00007f5a5c6c7090 R08: 0000000000000000 R09: 0000000000000000
[  365.235289][T14453] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  365.235331][T14453] R13: 00007f5a5dee6038 R14: 00007f5a5dee5fa0 R15: 00007ffc533d2f58
[  365.235405][T14453]  </TASK>
[  365.268678][T14447]  loop5: p1 p2 p3 < p5 p6 >
[  365.488952][T14459] EXT4-fs: Ignoring removed orlov option
[  365.518678][T14447] loop5: p2 size 16775168 extends beyond EOD, truncated
[  365.544109][T14447] loop5: p5 start 4294970168 is beyond EOD, truncated
[  365.557314][T13164] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  365.583740][T14459] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  365.584365][ T3000]  loop5: p1 p2 p3 < p5 p6 >
[  365.618735][ T3000] loop5: p2 size 16775168 extends beyond EOD, truncated
[  365.626825][ T3000] loop5: p5 start 4294970168 is beyond EOD, truncated
[  365.675714][T14469] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3284'.
[  365.704594][T12901] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  365.875171][T14478] EXT4-fs: Ignoring removed i_version option
[  365.881321][T14478] EXT4-fs: Ignoring removed bh option
[  365.923740][   T29] audit: type=1400 audit(1769513392.217:2663): avc:  denied  { create } for  pid=14488 comm="syz.1.3294" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  365.958352][T14487] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  365.959032][T14478] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  365.991433][   T29] audit: type=1400 audit(1769513392.217:2664): avc:  denied  { ioctl } for  pid=14488 comm="syz.1.3294" path="socket:[41988]" dev="sockfs" ino=41988 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  366.015912][T14478] ext4 filesystem being mounted at /50/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  366.016282][   T29] audit: type=1400 audit(1769513392.217:2665): avc:  denied  { bind } for  pid=14488 comm="syz.1.3294" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  366.045883][   T29] audit: type=1400 audit(1769513392.217:2666): avc:  denied  { write } for  pid=14488 comm="syz.1.3294" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  366.065695][T14487] ext4 filesystem being mounted at /212/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  366.093271][T14487] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #2: comm syz.5.3293: corrupted inode contents
[  366.106069][T14496] FAULT_INJECTION: forcing a failure.
[  366.106069][T14496] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  366.119260][T14496] CPU: 0 UID: 0 PID: 14496 Comm: syz.1.3295 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  366.119300][T14496] Tainted: [W]=WARN
[  366.119309][T14496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  366.119397][T14496] Call Trace:
[  366.119403][T14496]  <TASK>
[  366.119411][T14496]  __dump_stack+0x1d/0x30
[  366.119438][T14496]  dump_stack_lvl+0x95/0xd0
[  366.119465][T14496]  dump_stack+0x15/0x1b
[  366.119550][T14496]  should_fail_ex+0x263/0x280
[  366.119623][T14496]  should_fail+0xb/0x20
[  366.119659][T14496]  should_fail_usercopy+0x1a/0x20
[  366.119779][T14496]  _copy_from_user+0x1c/0xb0
[  366.119809][T14496]  io_submit_one+0x52/0x1350
[  366.119911][T14496]  __se_sys_io_submit+0xfb/0x280
[  366.119970][T14496]  __x64_sys_io_submit+0x43/0x50
[  366.120028][T14496]  x64_sys_call+0x2e40/0x3000
[  366.120063][T14496]  do_syscall_64+0xc0/0x2a0
[  366.120153][T14496]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  366.120246][T14496] RIP: 0033:0x7ff79a00aeb9
[  366.120266][T14496] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  366.120289][T14496] RSP: 002b:00007ff798a67028 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[  366.120387][T14496] RAX: ffffffffffffffda RBX: 00007ff79a285fa0 RCX: 00007ff79a00aeb9
[  366.120406][T14496] RDX: 0000200000000940 RSI: 0000000000000001 RDI: 00007ff798a26000
[  366.120422][T14496] RBP: 00007ff798a67090 R08: 0000000000000000 R09: 0000000000000000
[  366.120485][T14496] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  366.120498][T14496] R13: 00007ff79a286038 R14: 00007ff79a285fa0 R15: 00007fff240e40b8
[  366.120522][T14496]  </TASK>
[  366.293797][T14487] EXT4-fs error (device loop5): ext4_dirty_inode:6502: inode #2: comm syz.5.3293: mark_inode_dirty error
[  366.321309][T14487] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #2: comm syz.5.3293: corrupted inode contents
[  366.330161][T14499] set_capacity_and_notify: 11 callbacks suppressed
[  366.330335][T14499] loop0: detected capacity change from 0 to 1024
[  366.346490][T14487] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #2: comm syz.5.3293: mark_inode_dirty error
[  366.365315][T14499] EXT4-fs: Ignoring removed orlov option
[  366.404326][T10660] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  366.414098][T14499] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  366.478197][T11109] udevd[11109]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory
[  366.490064][ T3306] udevd[3306]: inotify_add_watch(7, /dev/loop5p6, 10) failed: No such file or directory
[  366.490158][T11345] udevd[11345]: inotify_add_watch(7, /dev/loop5p2, 10) failed: No such file or directory
[  366.511538][ T3304] udevd[3304]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory
[  366.531400][T14509] netlink: 256 bytes leftover after parsing attributes in process `syz.1.3299'.
[  366.554178][T13164] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  366.590373][T12901] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  366.633998][T14513] loop4: detected capacity change from 0 to 512
[  366.646309][T14519] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3302'.
[  366.656597][   T29] audit: type=1400 audit(1769513392.984:2667): avc:  denied  { connect } for  pid=14516 comm="syz.0.3302" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  366.688127][T14513] EXT4-fs: Ignoring removed nomblk_io_submit option
[  366.699905][T14513] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  366.708445][T14513] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  366.730897][T14513] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4215: comm syz.4.3300: Allocating blocks 41-42 which overlap fs metadata
[  366.745853][T14513] EXT4-fs (loop4): Remounting filesystem read-only
[  366.763004][T14513] Quota error (device loop4): write_blk: dquota write failed
[  366.770446][T14513] Quota error (device loop4): find_free_dqentry: Can't write quota data block 5
[  366.811311][T14513] Quota error (device loop4): write_blk: dquota write failed
[  366.862621][T14513] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  366.923585][T14536] loop1: detected capacity change from 0 to 512
[  366.930437][T14536] EXT4-fs: Ignoring removed i_version option
[  366.939945][T14536] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  366.947838][T14513] EXT4-fs (loop4): 1 truncate cleaned up
[  366.974853][T14536] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  366.999513][T14513] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  367.012429][T14536] EXT4-fs (loop1): failed to initialize system zone (-117)
[  367.028404][T14536] EXT4-fs (loop1): mount failed
[  367.074171][T13164] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  367.084031][T14544] loop3: detected capacity change from 0 to 1024
[  367.139460][T14544] loop3: detected capacity change from 0 to 512
[  367.168033][T14544] EXT4-fs: Ignoring removed i_version option
[  367.174244][T14544] EXT4-fs: Ignoring removed bh option
[  367.198494][T14549] tipc: Enabled bearer <udp:syz2>, priority 10
[  367.306212][    C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  367.323575][T14544] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  367.365461][T14544] ext4 filesystem being mounted at /32/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  367.543253][T14567] loop1: detected capacity change from 0 to 128
[  367.604265][T13762] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  367.821320][T14588] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3326'.
[  367.851656][T14592] netlink: 340 bytes leftover after parsing attributes in process `syz.3.3327'.
[  367.875972][T14588] team1: entered promiscuous mode
[  367.881146][T14588] team1: entered allmulticast mode
[  367.890186][T14588] 8021q: adding VLAN 0 to HW filter on device team1
[  368.017393][T14601] FAULT_INJECTION: forcing a failure.
[  368.017393][T14601] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  368.032780][T14601] CPU: 0 UID: 0 PID: 14601 Comm: syz.1.3332 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  368.032825][T14601] Tainted: [W]=WARN
[  368.032852][T14601] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  368.032889][T14601] Call Trace:
[  368.032896][T14601]  <TASK>
[  368.032905][T14601]  __dump_stack+0x1d/0x30
[  368.032974][T14601]  dump_stack_lvl+0x95/0xd0
[  368.033050][T14601]  dump_stack+0x15/0x1b
[  368.033075][T14601]  should_fail_ex+0x263/0x280
[  368.033118][T14601]  should_fail+0xb/0x20
[  368.033305][T14601]  should_fail_usercopy+0x1a/0x20
[  368.033409][T14601]  _copy_to_user+0x20/0xa0
[  368.033464][T14601]  simple_read_from_buffer+0xb5/0x130
[  368.033540][T14601]  proc_fail_nth_read+0x10e/0x150
[  368.033662][T14601]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  368.033717][T14601]  vfs_read+0x1ab/0x7f0
[  368.033741][T14601]  ? __rcu_read_unlock+0x4e/0x70
[  368.033773][T14601]  ? __fget_files+0x184/0x1c0
[  368.033803][T14601]  ? mutex_lock+0x57/0x90
[  368.033857][T14601]  ksys_read+0xdc/0x1a0
[  368.033961][T14601]  __x64_sys_read+0x40/0x50
[  368.034037][T14601]  x64_sys_call+0x2889/0x3000
[  368.034070][T14601]  do_syscall_64+0xc0/0x2a0
[  368.034107][T14601]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  368.034137][T14601] RIP: 0033:0x7ff799fcb78e
[  368.034157][T14601] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  368.034256][T14601] RSP: 002b:00007ff798a66fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  368.034313][T14601] RAX: ffffffffffffffda RBX: 00007ff798a676c0 RCX: 00007ff799fcb78e
[  368.034369][T14601] RDX: 000000000000000f RSI: 00007ff798a670a0 RDI: 0000000000000004
[  368.034386][T14601] RBP: 00007ff798a67090 R08: 0000000000000000 R09: 0000000000000000
[  368.034403][T14601] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  368.034419][T14601] R13: 00007ff79a286038 R14: 00007ff79a285fa0 R15: 00007fff240e40b8
[  368.034444][T14601]  </TASK>
[  368.235329][ T3390] tipc: Node number set to 575714210
[  368.238492][T14602] loop0: detected capacity change from 0 to 1024
[  368.272693][T14602] EXT4-fs error (device loop0): ext4_ext_check_inode:523: inode #4: comm syz.0.3330: pblk 98 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  368.292194][T14607] loop3: detected capacity change from 0 to 128
[  368.341874][T14607] workqueue: Failed to create a rescuer kthread for wq "ext4-rsv-conversion": -EINTR
[  368.341908][T14607] EXT4-fs: failed to create workqueue
[  368.357058][T14607] EXT4-fs (loop3): mount failed
[  368.362684][T14602] EXT4-fs error (device loop0): ext4_quota_enable:7180: comm syz.0.3330: Bad quota inode: 4, type: 1
[  368.392399][T14618] loop1: detected capacity change from 0 to 1764
[  368.398054][T14602] EXT4-fs warning (device loop0): ext4_enable_quotas:7221: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  368.434318][T14602] EXT4-fs (loop0): mount failed
[  368.446077][T14625] loop3: detected capacity change from 0 to 1024
[  368.452883][T14625] EXT4-fs: Ignoring removed orlov option
[  368.463372][T14625] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  368.608659][T14642] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  368.636781][T14646] EXT4-fs: Ignoring removed orlov option
[  368.667202][T14648] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  368.716160][T14646] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  368.756407][T14652] workqueue: Failed to create a rescuer kthread for wq "dio/loop4": -EINTR
[  368.756524][T14653] workqueue: Failed to create a rescuer kthread for wq "dio/loop4": -EINTR
[  368.766020][T14651] workqueue: Failed to create a rescuer kthread for wq "dio/loop4": -EINTR
[  368.774891][T14650] workqueue: Failed to create a rescuer kthread for wq "dio/loop4": -EINTR
[  368.850199][T13164] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  368.893868][T14659] EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities
[  369.005345][T14648] tipc: Disabling bearer <eth:syzkaller0>
[  369.212155][T14669] __nla_validate_parse: 2 callbacks suppressed
[  369.212177][T14669] netlink: 256 bytes leftover after parsing attributes in process `syz.5.3351'.
[  369.459221][T14677] syzkaller0: entered promiscuous mode
[  369.464773][T14677] syzkaller0: entered allmulticast mode
[  369.786296][ T3304]  loop5: p1 p2 p3 < p5 p6 >
[  369.791552][T14689] EXT4-fs: Ignoring removed orlov option
[  369.801848][ T3304] loop5: p2 size 16775168 extends beyond EOD, truncated
[  369.811623][ T3304] loop5: p5 start 4294970168 is beyond EOD, truncated
[  369.842223][T14681]  loop5: p1 p2 p3 < p5 p6 >
[  369.847610][T14681] loop5: p2 size 16775168 extends beyond EOD, truncated
[  369.856292][T14681] loop5: p5 start 4294970168 is beyond EOD, truncated
[  369.865804][T14694] workqueue: Failed to create a rescuer kthread for wq "dio/loop4": -EINTR
[  369.865881][T14691] workqueue: Failed to create a rescuer kthread for wq "dio/loop4": -EINTR
[  369.875218][T14692] workqueue: Failed to create a rescuer kthread for wq "dio/loop4": -EINTR
[  369.913707][T14693] workqueue: Failed to create a rescuer kthread for wq "dio/loop4": -EINTR
[  369.955534][T14702] EXT4-fs error (device loop3): ext4_ext_check_inode:523: inode #4: comm syz.3.3361: pblk 98 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  369.986542][T14702] EXT4-fs error (device loop3): ext4_quota_enable:7180: comm syz.3.3361: Bad quota inode: 4, type: 1
[  370.015536][T14702] EXT4-fs warning (device loop3): ext4_enable_quotas:7221: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  370.031025][T14702] EXT4-fs (loop3): mount failed
[  370.120772][T14715] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3366'.
[  370.157152][T14715] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3366'.
[  370.166330][T14715] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3366'.
[  370.280664][T14728] netlink: 6032 bytes leftover after parsing attributes in process `syz.0.3372'.
[  370.295441][T14726] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  370.302655][T14726] syzkaller0: entered promiscuous mode
[  370.308301][T14726] syzkaller0: entered allmulticast mode
[  370.320453][   T29] kauditd_printk_skb: 22 callbacks suppressed
[  370.320470][   T29] audit: type=1400 audit(1769513396.837:2690): avc:  denied  { ioctl } for  pid=14717 comm="syz.5.3368" path=2F7365637265746D656D202864656C6574656429 dev="secretmem" ino=42544 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  370.391550][T11345] udevd[11345]: inotify_add_watch(7, /dev/loop5p2, 10) failed: No such file or directory
[  370.406289][ T3304] udevd[3304]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory
[  370.416886][ T3306] udevd[3306]: inotify_add_watch(7, /dev/loop5p6, 10) failed: No such file or directory
[  370.427233][T11109] udevd[11109]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory
[  370.442393][T14733] journal_path: Non-blockdev passed as './bus'
[  370.448659][T14733] EXT4-fs: error: could not find journal device path
[  370.490971][ T3301] udevd[3301]: inotify_add_watch(7, /dev/loop5p6, 10) failed: No such file or directory
[  370.502083][T11345] udevd[11345]: inotify_add_watch(7, /dev/loop5p2, 10) failed: No such file or directory
[  370.513387][T14726] tipc: Resetting bearer <eth:syzkaller0>
[  370.528449][T14725] tipc: Resetting bearer <eth:syzkaller0>
[  370.534951][T14725] tipc: Disabling bearer <eth:syzkaller0>
[  370.547498][T11345]  loop3: p1 p2 p3 < p5 p6 >
[  370.552890][T11345] loop3: p2 size 16775168 extends beyond EOD, truncated
[  370.568290][T11345] loop3: p5 start 4294970168 is beyond EOD, truncated
[  370.575718][T14737] EXT4-fs: Ignoring removed orlov option
[  370.590550][T14731]  loop3: p1 p2 p3 < p5 p6 >
[  370.596469][T14731] loop3: p2 size 16775168 extends beyond EOD, truncated
[  370.604825][T14731] loop3: p5 start 4294970168 is beyond EOD, truncated
[  370.633321][T14741] workqueue: Failed to create a rescuer kthread for wq "dio/loop5": -EINTR
[  370.633391][T14741] workqueue: Failed to create a rescuer kthread for wq "dio/loop5": -EINTR
[  370.642807][T14740] workqueue: Failed to create a rescuer kthread for wq "dio/loop5": -EINTR
[  370.679505][T14739] workqueue: Failed to create a rescuer kthread for wq "dio/loop5": -EINTR
[  370.747112][T14753] EXT4-fs error (device loop0): __ext4_find_entry:1626: inode #12: comm syz.0.3378: checksumming directory block 0
[  370.779871][T14753] EXT4-fs error (device loop0): __ext4_find_entry:1626: inode #12: comm syz.0.3378: checksumming directory block 0
[  370.807919][T14748] syzkaller0: entered promiscuous mode
[  370.813613][T14748] syzkaller0: entered allmulticast mode
[  370.936706][T14765] EXT4-fs: Ignoring removed orlov option
[  370.978453][T14767] syzkaller0: entered promiscuous mode
[  370.984030][T14767] syzkaller0: entered allmulticast mode
[  371.006273][T14772] workqueue: Failed to create a rescuer kthread for wq "dio/loop0": -EINTR
[  371.006412][T14772] workqueue: Failed to create a rescuer kthread for wq "dio/loop0": -EINTR
[  371.026664][T14772] workqueue: Failed to create a rescuer kthread for wq "dio/loop0": -EINTR
[  371.059073][T14772] workqueue: Failed to create a rescuer kthread for wq "dio/loop0": -EINTR
[  371.109567][T14782] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3386'.
[  371.127289][T14782] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3386'.
[  371.136262][T14782] netlink: 'syz.3.3386': attribute type 13 has an invalid length.
[  371.144306][T14782] netlink: 'syz.3.3386': attribute type 12 has an invalid length.
[  371.216683][T14790] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3389'.
[  371.233843][T14790] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2565 sclass=netlink_route_socket pid=14790 comm=syz.0.3389
[  371.246719][T14790] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2566 sclass=netlink_route_socket pid=14790 comm=syz.0.3389
[  371.259642][T14790] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2562 sclass=netlink_route_socket pid=14790 comm=syz.0.3389
[  371.272531][T14790] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2560 sclass=netlink_route_socket pid=14790 comm=syz.0.3389
[  371.285519][T14790] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2560 sclass=netlink_route_socket pid=14790 comm=syz.0.3389
[  371.298375][T14790] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2562 sclass=netlink_route_socket pid=14790 comm=syz.0.3389
[  371.311342][T14790] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2563 sclass=netlink_route_socket pid=14790 comm=syz.0.3389
[  371.324291][T14790] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2565 sclass=netlink_route_socket pid=14790 comm=syz.0.3389
[  371.337454][T14790] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2574 sclass=netlink_route_socket pid=14790 comm=syz.0.3389
[  371.350511][T14790] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2572 sclass=netlink_route_socket pid=14790 comm=syz.0.3389
[  371.473847][   T29] audit: type=1326 audit(1769513398.055:2691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14799 comm="syz.3.3394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde1576aeb9 code=0x7ffc0000
[  371.497495][   T29] audit: type=1326 audit(1769513398.055:2692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14799 comm="syz.3.3394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde1576aeb9 code=0x7ffc0000
[  371.581197][T14808] FAULT_INJECTION: forcing a failure.
[  371.581197][T14808] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  371.594551][T14808] CPU: 1 UID: 0 PID: 14808 Comm: syz.0.3396 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  371.594603][T14808] Tainted: [W]=WARN
[  371.594610][T14808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  371.594647][T14808] Call Trace:
[  371.594657][T14808]  <TASK>
[  371.594667][T14808]  __dump_stack+0x1d/0x30
[  371.594700][T14808]  dump_stack_lvl+0x95/0xd0
[  371.594729][T14808]  dump_stack+0x15/0x1b
[  371.594750][T14808]  should_fail_ex+0x263/0x280
[  371.594848][T14808]  should_fail+0xb/0x20
[  371.594881][T14808]  should_fail_usercopy+0x1a/0x20
[  371.594926][T14808]  _copy_from_user+0x1c/0xb0
[  371.595019][T14808]  ___sys_sendmsg+0xc1/0x1e0
[  371.595061][T14808]  __x64_sys_sendmsg+0xd4/0x160
[  371.595093][T14808]  x64_sys_call+0x17ba/0x3000
[  371.595126][T14808]  do_syscall_64+0xc0/0x2a0
[  371.595183][T14808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  371.595254][T14808] RIP: 0033:0x7f5a5dc6aeb9
[  371.595271][T14808] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  371.595294][T14808] RSP: 002b:00007f5a5c6c7028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  371.595335][T14808] RAX: ffffffffffffffda RBX: 00007f5a5dee5fa0 RCX: 00007f5a5dc6aeb9
[  371.595350][T14808] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000004
[  371.595439][T14808] RBP: 00007f5a5c6c7090 R08: 0000000000000000 R09: 0000000000000000
[  371.595457][T14808] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  371.595535][T14808] R13: 00007f5a5dee6038 R14: 00007f5a5dee5fa0 R15: 00007ffc533d2f58
[  371.595595][T14808]  </TASK>
[  371.984872][T14821] netlink: 112 bytes leftover after parsing attributes in process `syz.1.3403'.
[  372.015642][   T29] audit: type=1326 audit(1769513398.055:2693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14799 comm="syz.3.3394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fde1576aeb9 code=0x7ffc0000
[  372.039333][   T29] audit: type=1326 audit(1769513398.055:2694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14799 comm="syz.3.3394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde1576aeb9 code=0x7ffc0000
[  372.062969][   T29] audit: type=1326 audit(1769513398.055:2695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14799 comm="syz.3.3394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fde1576aeb9 code=0x7ffc0000
[  372.086486][   T29] audit: type=1326 audit(1769513398.055:2696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14799 comm="syz.3.3394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde1576aeb9 code=0x7ffc0000
[  372.110016][   T29] audit: type=1326 audit(1769513398.055:2697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14799 comm="syz.3.3394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=37 compat=0 ip=0x7fde1576aeb9 code=0x7ffc0000
[  372.133527][   T29] audit: type=1326 audit(1769513398.055:2698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14799 comm="syz.3.3394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde1576aeb9 code=0x7ffc0000
[  372.157060][   T29] audit: type=1326 audit(1769513398.055:2699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14799 comm="syz.3.3394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fde1576aeb9 code=0x7ffc0000
[  372.498488][T14863] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3417'.
[  372.662279][T14870] FAULT_INJECTION: forcing a failure.
[  372.662279][T14870] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  372.675589][T14870] CPU: 0 UID: 0 PID: 14870 Comm: syz.4.3419 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  372.675627][T14870] Tainted: [W]=WARN
[  372.675638][T14870] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  372.675655][T14870] Call Trace:
[  372.675664][T14870]  <TASK>
[  372.675675][T14870]  __dump_stack+0x1d/0x30
[  372.675725][T14870]  dump_stack_lvl+0x95/0xd0
[  372.675754][T14870]  dump_stack+0x15/0x1b
[  372.675827][T14870]  should_fail_ex+0x263/0x280
[  372.675882][T14870]  should_fail+0xb/0x20
[  372.675918][T14870]  should_fail_usercopy+0x1a/0x20
[  372.675974][T14870]  _copy_to_user+0x20/0xa0
[  372.676001][T14870]  simple_read_from_buffer+0xb5/0x130
[  372.676105][T14870]  proc_fail_nth_read+0x10e/0x150
[  372.676144][T14870]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  372.676194][T14870]  vfs_read+0x1ab/0x7f0
[  372.676274][T14870]  ? __schedule+0x82d/0xc90
[  372.676293][T14870]  ? __rcu_read_unlock+0x4e/0x70
[  372.676350][T14870]  ? __fget_files+0x184/0x1c0
[  372.676378][T14870]  ? mutex_lock+0x57/0x90
[  372.676406][T14870]  ksys_read+0xdc/0x1a0
[  372.676428][T14870]  __x64_sys_read+0x40/0x50
[  372.676451][T14870]  x64_sys_call+0x2889/0x3000
[  372.676517][T14870]  do_syscall_64+0xc0/0x2a0
[  372.676552][T14870]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  372.676583][T14870] RIP: 0033:0x7f3382eeb78e
[  372.676607][T14870] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  372.676708][T14870] RSP: 002b:00007f3381986fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  372.676729][T14870] RAX: ffffffffffffffda RBX: 00007f33819876c0 RCX: 00007f3382eeb78e
[  372.676744][T14870] RDX: 000000000000000f RSI: 00007f33819870a0 RDI: 0000000000000006
[  372.676757][T14870] RBP: 00007f3381987090 R08: 0000000000000000 R09: 0000000000000000
[  372.676770][T14870] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  372.676801][T14870] R13: 00007f33831a6038 R14: 00007f33831a5fa0 R15: 00007ffc4b5ab298
[  372.676828][T14870]  </TASK>
[  373.299167][T14889] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  373.514829][T14896] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  373.548169][T14896] syzkaller0: entered promiscuous mode
[  373.553816][T14896] syzkaller0: entered allmulticast mode
[  373.602968][T14896] tipc: Resetting bearer <eth:syzkaller0>
[  373.609737][T14895] tipc: Resetting bearer <eth:syzkaller0>
[  373.619261][T14895] tipc: Disabling bearer <eth:syzkaller0>
[  373.697246][T14904] FAULT_INJECTION: forcing a failure.
[  373.697246][T14904] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  373.710508][T14904] CPU: 1 UID: 0 PID: 14904 Comm: syz.5.3433 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  373.710587][T14904] Tainted: [W]=WARN
[  373.710595][T14904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  373.710610][T14904] Call Trace:
[  373.710619][T14904]  <TASK>
[  373.710704][T14904]  __dump_stack+0x1d/0x30
[  373.710730][T14904]  dump_stack_lvl+0x95/0xd0
[  373.710794][T14904]  dump_stack+0x15/0x1b
[  373.710820][T14904]  should_fail_ex+0x263/0x280
[  373.710860][T14904]  should_fail+0xb/0x20
[  373.710921][T14904]  should_fail_usercopy+0x1a/0x20
[  373.710950][T14904]  _copy_from_user+0x1c/0xb0
[  373.710968][T14904]  do_sock_getsockopt+0xf1/0x210
[  373.711080][T14904]  __x64_sys_getsockopt+0x11d/0x1a0
[  373.711211][T14904]  x64_sys_call+0x2dc7/0x3000
[  373.711245][T14904]  do_syscall_64+0xc0/0x2a0
[  373.711306][T14904]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  373.711326][T14904] RIP: 0033:0x7f57cc18aeb9
[  373.711406][T14904] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  373.711485][T14904] RSP: 002b:00007f57cabe7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  373.711516][T14904] RAX: ffffffffffffffda RBX: 00007f57cc405fa0 RCX: 00007f57cc18aeb9
[  373.711531][T14904] RDX: 000000000000001f RSI: 0000000000000084 RDI: 0000000000000003
[  373.711590][T14904] RBP: 00007f57cabe7090 R08: 0000200000000440 R09: 0000000000000000
[  373.711605][T14904] R10: 0000200000000380 R11: 0000000000000246 R12: 0000000000000001
[  373.711618][T14904] R13: 00007f57cc406038 R14: 00007f57cc405fa0 R15: 00007ffde2afde58
[  373.711639][T14904]  </TASK>
[  373.993998][T14912] set_capacity_and_notify: 10 callbacks suppressed
[  373.994018][T14912] loop4: detected capacity change from 0 to 1024
[  374.008589][T14912] EXT4-fs: Ignoring removed orlov option
[  374.183077][T14931] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  374.190154][T14931] syzkaller0: entered promiscuous mode
[  374.195749][T14931] syzkaller0: entered allmulticast mode
[  374.208321][T14931] tipc: Resetting bearer <eth:syzkaller0>
[  374.223830][T14935] __nla_validate_parse: 2 callbacks suppressed
[  374.223845][T14935] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3445'.
[  374.253655][T14930] tipc: Resetting bearer <eth:syzkaller0>
[  374.269609][T14930] tipc: Disabling bearer <eth:syzkaller0>
[  374.558389][T14941] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  374.565816][T14942] loop3: detected capacity change from 0 to 32768
[  374.593617][ T3304]  loop3: p1 p2 p3 < p5 p6 >
[  374.598828][ T3304] loop3: p2 size 16775168 extends beyond EOD, truncated
[  374.615193][ T3304] loop3: p5 start 4294970168 is beyond EOD, truncated
[  374.644084][T14942]  loop3: p1 p2 p3 < p5 p6 >
[  374.649440][T14942] loop3: p2 size 16775168 extends beyond EOD, truncated
[  374.657319][T14942] loop3: p5 start 4294970168 is beyond EOD, truncated
[  374.802876][T14960] loop4: detected capacity change from 0 to 164
[  374.831940][T14960] ISOFS: unable to read i-node block
[  374.877689][T14960] isofs_fill_super: get root inode failed
[  374.893926][T14968] syzkaller0: entered promiscuous mode
[  374.899510][T14968] syzkaller0: entered allmulticast mode
[  374.923150][T14960] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3457'.
[  374.923986][T11345] udevd[11345]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[  374.939704][ T3306] udevd[3306]: inotify_add_watch(7, /dev/loop3p6, 10) failed: No such file or directory
[  374.948362][ T3304] udevd[3304]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  374.962353][T11109] udevd[11109]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[  374.982570][T11109] udevd[11109]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[  374.994456][T11345] udevd[11345]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[  375.012734][ T3306] udevd[3306]: inotify_add_watch(7, /dev/loop3p6, 10) failed: No such file or directory
[  375.014295][ T3304] udevd[3304]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  375.026345][ T3306] udevd[3306]: inotify_add_watch(7, /dev/loop3p6, 10) failed: No such file or directory
[  375.028187][T11109] udevd[11109]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[  375.338748][T14988] loop3: detected capacity change from 0 to 32768
[  375.350609][   T29] kauditd_printk_skb: 45 callbacks suppressed
[  375.350627][   T29] audit: type=1400 audit(1769513402.097:2745): avc:  denied  { read } for  pid=14991 comm="syz.5.3470" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  375.404468][T14988]  loop3: p1 p2 p3 < p5 p6 >
[  375.409680][T14988] loop3: p2 size 16775168 extends beyond EOD, truncated
[  375.417850][T14988] loop3: p5 start 4294970168 is beyond EOD, truncated
[  375.485835][T15004] loop0: detected capacity change from 0 to 512
[  375.515262][T15004] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  375.534976][   T29] audit: type=1400 audit(1769513402.307:2746): avc:  denied  { create } for  pid=15010 comm="syz.4.3476" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  375.557533][T15004] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2858: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  375.605078][T15004] EXT4-fs (loop0): 1 truncate cleaned up
[  375.612357][T15004] FAULT_INJECTION: forcing a failure.
[  375.612357][T15004] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  375.625634][T15004] CPU: 1 UID: 0 PID: 15004 Comm: syz.0.3474 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  375.625683][T15004] Tainted: [W]=WARN
[  375.625690][T15004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  375.625778][T15004] Call Trace:
[  375.625787][T15004]  <TASK>
[  375.625798][T15004]  __dump_stack+0x1d/0x30
[  375.625831][T15004]  dump_stack_lvl+0x95/0xd0
[  375.625859][T15004]  dump_stack+0x15/0x1b
[  375.625884][T15004]  should_fail_ex+0x263/0x280
[  375.625984][T15004]  should_fail+0xb/0x20
[  375.626021][T15004]  should_fail_usercopy+0x1a/0x20
[  375.626118][T15004]  _copy_from_user+0x1c/0xb0
[  375.626197][T15004]  quota_setquota+0x89/0x400
[  375.626227][T15004]  do_quotactl+0x5ba/0x670
[  375.626304][T15004]  __se_sys_quotactl+0x3a5/0x670
[  375.626426][T15004]  __x64_sys_quotactl+0x55/0x70
[  375.626532][T15004]  x64_sys_call+0x19a4/0x3000
[  375.626569][T15004]  do_syscall_64+0xc0/0x2a0
[  375.626629][T15004]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  375.626653][T15004] RIP: 0033:0x7f5a5dc6aeb9
[  375.626669][T15004] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  375.626692][T15004] RSP: 002b:00007f5a5c6c7028 EFLAGS: 00000246 ORIG_RAX: 00000000000000b3
[  375.626788][T15004] RAX: ffffffffffffffda RBX: 00007f5a5dee5fa0 RCX: 00007f5a5dc6aeb9
[  375.626803][T15004] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffff80000801
[  375.626817][T15004] RBP: 00007f5a5c6c7090 R08: 0000000000000000 R09: 0000000000000000
[  375.626835][T15004] R10: 0000200000000180 R11: 0000000000000246 R12: 0000000000000001
[  375.626853][T15004] R13: 00007f5a5dee6038 R14: 00007f5a5dee5fa0 R15: 00007ffc533d2f58
[  375.626935][T15004]  </TASK>
[  375.877762][T15028] loop3: detected capacity change from 0 to 1024
[  375.878114][T15028] EXT4-fs: Ignoring removed orlov option
[  375.884080][   T29] audit: type=1326 audit(1769513402.674:2747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15029 comm="syz.1.3481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff79a00aeb9 code=0x7ffc0000
[  375.884117][   T29] audit: type=1326 audit(1769513402.674:2748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15029 comm="syz.1.3481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff79a00aeb9 code=0x7ffc0000
[  375.884224][   T29] audit: type=1326 audit(1769513402.685:2749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15029 comm="syz.1.3481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=151 compat=0 ip=0x7ff79a00aeb9 code=0x7ffc0000
[  375.884295][   T29] audit: type=1326 audit(1769513402.685:2750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15029 comm="syz.1.3481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff79a00aeb9 code=0x7ffc0000
[  375.884383][   T29] audit: type=1326 audit(1769513402.685:2751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15029 comm="syz.1.3481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff79a00aeb9 code=0x7ffc0000
[  375.884517][   T29] audit: type=1326 audit(1769513402.685:2752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15029 comm="syz.1.3481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff79a00aeb9 code=0x7ffc0000
[  375.884617][   T29] audit: type=1326 audit(1769513402.685:2753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15029 comm="syz.1.3481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff79a00aeb9 code=0x7ffc0000
[  375.884648][   T29] audit: type=1326 audit(1769513402.685:2754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15029 comm="syz.1.3481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff79a00aeb9 code=0x7ffc0000
[  376.106986][T15046] loop3: detected capacity change from 0 to 1024
[  376.319786][T15067] loop5: detected capacity change from 0 to 512
[  376.337585][T15069] FAULT_INJECTION: forcing a failure.
[  376.337585][T15069] name failslab, interval 1, probability 0, space 0, times 0
[  376.350389][T15069] CPU: 0 UID: 0 PID: 15069 Comm: syz.0.3494 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  376.350455][T15069] Tainted: [W]=WARN
[  376.350465][T15069] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  376.350482][T15069] Call Trace:
[  376.350491][T15069]  <TASK>
[  376.350502][T15069]  __dump_stack+0x1d/0x30
[  376.350533][T15069]  dump_stack_lvl+0x95/0xd0
[  376.350584][T15069]  dump_stack+0x15/0x1b
[  376.350609][T15069]  should_fail_ex+0x263/0x280
[  376.350644][T15069]  should_failslab+0x8c/0xb0
[  376.350673][T15069]  __kmalloc_cache_noprof+0x64/0x4a0
[  376.350703][T15069]  ? __se_sys_memfd_create+0x1d5/0x6c0
[  376.350827][T15069]  ? mutex_unlock+0x4e/0x90
[  376.350884][T15069]  __se_sys_memfd_create+0x1d5/0x6c0
[  376.350923][T15069]  __x64_sys_memfd_create+0x31/0x40
[  376.351111][T15069]  x64_sys_call+0x28cb/0x3000
[  376.351139][T15069]  do_syscall_64+0xc0/0x2a0
[  376.351173][T15069]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  376.351198][T15069] RIP: 0033:0x7f5a5dc6aeb9
[  376.351215][T15069] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  376.351379][T15069] RSP: 002b:00007f5a5c6c6e08 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  376.351401][T15069] RAX: ffffffffffffffda RBX: 0000000000000483 RCX: 00007f5a5dc6aeb9
[  376.351468][T15069] RDX: 00007f5a5c6c6ee0 RSI: 0000000000000000 RDI: 00007f5a5dcd7333
[  376.351483][T15069] RBP: 0000200000001040 R08: 00000000ffffffff R09: 0000000000000000
[  376.351498][T15069] R10: 0000000000000001 R11: 0000000000000202 R12: 00002000000001c0
[  376.351512][T15069] R13: 00007f5a5c6c6ee0 R14: 00007f5a5c6c6ea0 R15: 00002000000000c0
[  376.351535][T15069]  </TASK>
[  376.525894][T15067] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #15: comm syz.5.3493: corrupted inode contents
[  376.541054][T15067] EXT4-fs error (device loop5): ext4_dirty_inode:6502: inode #15: comm syz.5.3493: mark_inode_dirty error
[  376.552916][T15067] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #15: comm syz.5.3493: corrupted inode contents
[  376.565412][T15067] EXT4-fs error (device loop5): ext4_xattr_delete_inode:3001: inode #15: comm syz.5.3493: mark_inode_dirty error
[  376.577742][T15067] EXT4-fs error (device loop5): ext4_xattr_delete_inode:3004: inode #15: comm syz.5.3493: mark inode dirty (error -117)
[  376.590872][T15067] EXT4-fs warning (device loop5): ext4_evict_inode:273: xattr delete (err -117)
[  376.600232][T15067] EXT4-fs (loop5): 1 orphan inode deleted
[  376.749468][T15082] loop1: detected capacity change from 0 to 512
[  376.772822][T15082] netlink: 46 bytes leftover after parsing attributes in process `syz.1.3500'.
[  376.781868][T15082] netlink: 60 bytes leftover after parsing attributes in process `syz.1.3500'.
[  376.790883][T15082] netlink: 72 bytes leftover after parsing attributes in process `syz.1.3500'.
[  376.815596][T15082] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3500'.
[  376.827407][T15088] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3502'.
[  376.875341][T15091] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3504'.
[  376.900355][T15095] loop1: detected capacity change from 0 to 1024
[  376.913052][T15095] EXT4-fs: Ignoring removed orlov option
[  377.131552][T15116] 9pnet_fd: Insufficient options for proto=fd
[  377.309955][ T3304]  loop5: p1 p2 p3 < p5 p6 >
[  377.317506][ T3304] loop5: p2 size 16775168 extends beyond EOD, truncated
[  377.340515][ T3304] loop5: p5 start 4294970168 is beyond EOD, truncated
[  377.359465][T15139] ==================================================================
[  377.367611][T15139] BUG: KCSAN: data-race in rwsem_down_write_slowpath / rwsem_down_write_slowpath
[  377.376765][T15139] 
[  377.379122][T15139] write to 0xffffc90002787878 of 1 bytes by task 15123 on cpu 0:
[  377.386857][T15139]  rwsem_down_write_slowpath+0x3eb/0xa80
[  377.392525][T15139]  down_write+0xab/0xc0
[  377.396713][T15139]  kernfs_remove_by_name_ns+0x5c/0xf0
[  377.402119][T15139]  sysfs_remove_group+0xa5/0x170
[  377.407087][T15139]  sysfs_remove_groups+0x3a/0x80
[  377.412058][T15139]  device_remove_attrs+0x139/0x1a0
[  377.417201][T15139]  device_del+0x361/0x790
[  377.421559][T15139]  bdev_disk_changed+0x1a3/0xcb0
[  377.426729][T15139]  loop_set_status+0x692/0x750
[  377.431522][T15139]  lo_ioctl+0x672/0x13a0
[  377.435797][T15139]  blkdev_ioctl+0x387/0x460
[  377.440334][T15139]  __se_sys_ioctl+0xce/0x140
[  377.444963][T15139]  __x64_sys_ioctl+0x43/0x50
[  377.449590][T15139]  x64_sys_call+0x14b0/0x3000
[  377.454300][T15139]  do_syscall_64+0xc0/0x2a0
[  377.458850][T15139]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  377.464782][T15139] 
[  377.467126][T15139] read to 0xffffc90002787878 of 1 bytes by task 15139 on cpu 1:
[  377.474770][T15139]  rwsem_down_write_slowpath+0x45e/0xa80
[  377.480441][T15139]  down_write+0xab/0xc0
[  377.484624][T15139]  kernfs_add_one+0x5a/0x280
[  377.489247][T15139]  kernfs_create_dir_ns+0x90/0xe0
[  377.494308][T15139]  sysfs_create_dir_ns+0xd4/0x1d0
[  377.499355][T15139]  kobject_add_internal+0x47a/0x780
[  377.504574][T15139]  kobject_init_and_add+0x14a/0x1f0
[  377.509810][T15139]  net_rx_queue_update_kobjects+0x18d/0x540
[  377.515739][T15139]  netdev_register_kobject+0x185/0x230
[  377.521235][T15139]  register_netdevice+0x8df/0x1000
[  377.526389][T15139]  __ip_tunnel_create+0x319/0x430
[  377.531450][T15139]  ip_tunnel_init_net+0x210/0x490
[  377.536506][T15139]  ipip_init_net+0x35/0x40
[  377.540955][T15139]  ops_init+0x22a/0x2e0
[  377.545142][T15139]  setup_net+0x9f/0x230
[  377.549333][T15139]  copy_net_ns+0x308/0x450
[  377.553772][T15139]  create_new_namespaces+0x20e/0x440
[  377.559083][T15139]  unshare_nsproxy_namespaces+0xe6/0x120
[  377.564740][T15139]  ksys_unshare+0x3cd/0x6d0
[  377.569269][T15139]  __x64_sys_unshare+0x1f/0x30
[  377.574069][T15139]  x64_sys_call+0x2ae6/0x3000
[  377.578796][T15139]  do_syscall_64+0xc0/0x2a0
[  377.583340][T15139]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  377.589271][T15139] 
[  377.591611][T15139] value changed: 0x00 -> 0x01
[  377.596310][T15139] 
[  377.598655][T15139] Reported by Kernel Concurrency Sanitizer on:
[  377.604822][T15139] CPU: 1 UID: 0 PID: 15139 Comm: syz.4.3523 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[  377.616243][T15139] Tainted: [W]=WARN
[  377.620065][T15139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  377.630196][T15139] ==================================================================
[  377.655403][T15123]  loop5: p1 p2 p3 < p5 p6 >
[  377.660742][T15123] loop5: p2 size 16775168 extends beyond EOD, truncated
[  377.668882][T15123] loop5: p5 start 4294970168 is beyond EOD, truncated
[  384.983150][    C1] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!