last executing test programs:

7.703282085s ago: executing program 2 (id=2651):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x2, 0x0, 0x7fff0000}]})
set_tid_address(0x0)
socket(0x10, 0x3, 0x0)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
ioctl$HIDIOCGUSAGES(0xffffffffffffffff, 0xd01c4813, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x20081, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x2, @perf_bp={0x0, 0x8}, 0x2, 0x0, 0x10ffe, 0x0, 0x2, 0x80000011, 0x1, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0x9)
r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x2b, 0x3, 0x0, 0x2, 0x0, 0x9, 0xf40bb, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x0, @perf_config_ext={0x7, 0x100}, 0x104084, 0x0, 0x43a1bd76, 0x7, 0x6, 0x2, 0x2, 0x0, 0x0, 0x0, 0x200b}, 0x0, 0x4000000000, 0xffffffffffffffff, 0xa)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, 0xffffffffffffffff)
r2 = socket(0x2b, 0x80801, 0x1)
setsockopt$sock_int(r2, 0x1, 0x20, &(0x7f0000000100)=0xffff8000, 0x4)
listen(r2, 0x7fff)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
getsockopt$PNPIPE_INITSTATE(r2, 0x113, 0x4, &(0x7f00000000c0), &(0x7f00000004c0)=0x4)
r3 = open(&(0x7f0000000200)='./file1\x00', 0x4827e, 0xdc)
fallocate(r3, 0x0, 0x0, 0x8800000)
open(&(0x7f0000000140)='./file1\x00', 0x66842, 0x21)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
connect$unix(0xffffffffffffffff, &(0x7f0000000200)=@file={0x0, './file0\x00'}, 0x38)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000002c80)=[{{&(0x7f0000000580)=@caif=@dbg, 0x80, &(0x7f0000002ac0)=[{&(0x7f00000014c0)=""/4096, 0x1000}, {&(0x7f00000024c0)=""/170, 0xaa}, {&(0x7f0000002580)=""/140, 0x8c}, {&(0x7f0000002640)=""/244, 0xf4}, {&(0x7f0000002740)=""/17, 0x11}, {&(0x7f0000000600)=""/220, 0xdc}, {&(0x7f0000002880)=""/213, 0xd5}, {&(0x7f00000002c0)=""/30, 0x1e}, {&(0x7f00000029c0)=""/79, 0x4f}, {&(0x7f0000002a40)=""/128, 0x80}], 0xa, &(0x7f0000002b80)=""/232, 0xe8}}], 0x1, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0xa010, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x110514, 0x400000, 0x0, 0x0, 0x0, 0x0, 0xb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x1, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff000000009408000000001700638af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b703000008000000850000006900000095"], &(0x7f0000005d80)='syzkaller\x00', 0xc}, 0x94)

5.879844127s ago: executing program 2 (id=2665):
r0 = socket(0x10, 0x3, 0x0)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000001c0), 0x4b301, 0x0)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000000)=0x1a)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000180)={0x80000020}, 0x10)
sendmsg$NFQNL_MSG_VERDICT(r0, &(0x7f0000000480)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000440)={&(0x7f0000000300)={0x130, 0x1, 0x3, 0x201, 0x0, 0x0, {0x5, 0x0, 0x2}, [@NFQA_PAYLOAD={0xe3, 0xa, "1f40f8b62a601e11f8675875e2883a2d3cf6bf13ecbe3e05768fc7b2f309973eff7cb89e58b4728ece62ccbdd37e5eb0c55e38630f5a90590c06a0a1275e5def659ac85a15dc1219e6efbf01b8637ced5ebf2d11ccbd7548f6b83347627329ec28ab30e2cc612a701f237132b78ec45d39257742cb04f43412bd67adef9e108ce59138ff7a463f37f8882894ff211acc4ad7ac23a37b8e973ee8a0fdb656d2b15eb1f6f96c05d75b29d714689b08ac1802ac2f7d34c090b68f66398efda7624e51eb71946b5ce22c61c535107a91edc22a94f793e378d870afee9c0de0d83d"}, @NFQA_VLAN={0x2c, 0x13, 0x0, 0x1, [@NFQA_VLAN_TCI={0x6, 0x2, 0x1, 0x0, 0x90}, @NFQA_VLAN_TCI={0x6, 0x2, 0x1, 0x0, 0x5}, @NFQA_VLAN_PROTO={0x6, 0x1, 0x1, 0x0, 0x8100}, @NFQA_VLAN_PROTO={0x6, 0x1, 0x1, 0x0, 0x88a8}, @NFQA_VLAN_TCI={0x6, 0x2, 0x1, 0x0, 0x1}]}, @NFQA_VERDICT_HDR={0xc, 0x2, {0xfffffffffffffffd, 0xd41}}]}, 0x130}, 0x1, 0x0, 0x0, 0x40010}, 0x4c084)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="300000001a00011500000000000000001c000000000000000000000014"], 0x30}}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001f80)=ANY=[@ANYBLOB="0a000000010000000400000004"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000098affe24d57b7bf4977a26de00ff000016748c7a45981be50000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000006007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000208500000001000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000005000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x4)
r5 = dup(r4)
ioctl$TIOCL_SETSEL(r5, 0x560d, 0x0)
r6 = syz_io_uring_setup(0x56b7, &(0x7f00000000c0)={0x0, 0x0, 0x800, 0x4}, &(0x7f0000000640), &(0x7f0000000080), &(0x7f0000000000))
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x8001)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240"], 0x7c}, 0x1, 0x0, 0x0, 0x20000040}, 0x24004000)
sendmsg$NFT_BATCH(r7, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a0c010000120a09000000000000000000020000000900dfff73797a31000000000800044004000400db000d4059c9a9352e754bddebe747bb814495668d192bffb10d7bc5472ab3b2e99b871130860084922a638e25f0f94c56c15ea1248312e02c49782e3675250d09c165c610acb37d09ce9248b60b2fce82890f92ce84b19db949a09d0ed7a414d0a3345fea1bcf5785ec912ac391796f67d1d8ae25824d50319cf0646229f6b6e4bdc1d7bb49f7b5d6b7442eb5b38f764664ad11fe14aae6e2b123c20c6e6ccea49037f8e4a9c1f291159af12efc6ad16b1e2fd9a9e44056fbe83ce50917343e714509e6a216eafef52c0e323fecfa0a3d5d61d3728179daf0c6fa000800034000000004140000001100010000000000000000000000000a"], 0x134}, 0x1, 0x0, 0x0, 0x404c045}, 0x0)
open(&(0x7f00000000c0)='./file0\x00', 0x101000, 0x10)
r8 = syz_io_uring_setup(0x2790, &(0x7f0000000180)={0x0, 0xc386, 0x3010, 0x2, 0x200004}, &(0x7f0000000240), &(0x7f0000000140), &(0x7f0000000000))
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c0000003b0007010000000000000009027c0000040000001400018006000600803500000500510000000000"], 0x2c}}, 0x0)
fsopen(&(0x7f0000000600)='hostfs\x00', 0x0)
r10 = epoll_create(0xaf2)
epoll_ctl$EPOLL_CTL_ADD(r10, 0x1, r8, &(0x7f0000000080)={0xe000201b})
epoll_ctl$EPOLL_CTL_MOD(r10, 0x3, r8, &(0x7f00000000c0)={0x20000010})
poll(&(0x7f0000000000)=[{r6, 0xd010}], 0x1, 0x9)
r11 = bpf$MAP_CREATE(0x0, &(0x7f0000001080)=ANY=[@ANYBLOB="09000000140000000800000040"], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100), &(0x7f0000000580), 0x1000, r11}, 0x38)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001bc0)={{r2, <r12=>0xffffffffffffffff}, &(0x7f0000001b40), &(0x7f0000001b80)=r3}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001c80)={0x6, 0x1, &(0x7f0000000240)=ANY=[@ANYBLOB="009945d0b8256a18"], &(0x7f0000000280)='GPL\x00', 0x0, 0x1000, &(0x7f0000000ac0)=""/4096, 0x40f00, 0x2d, '\x00', 0x0, 0x25, r5, 0x8, &(0x7f0000001ac0)={0x5, 0x3}, 0x8, 0x10, &(0x7f0000001b00)={0x4, 0x0, 0x5, 0x4}, 0x10, 0x0, 0x0, 0x4, &(0x7f0000001c00)=[r2, r2, r0, r2, 0x1, r2, r2, r11, r12], &(0x7f0000001c40)=[{0x1, 0x5, 0x3, 0x8}, {0x5, 0x1, 0x5, 0xa}, {0x1, 0x1, 0x2, 0x43e74c243ddaf4b4}, {0x3, 0x4, 0x5, 0xb}], 0x10, 0x3}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000a80)={r3}, 0xc)

5.011946575s ago: executing program 2 (id=2686):
r0 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r0, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c1f00001000030400"/20, @ANYRES32=0x0, @ANYBLOB="a4280400000000001400350076657468305f746f5f626f6e6400000008000a00", @ANYRES32=r4], 0x3c}, 0x1, 0x0, 0x0, 0x4008800}, 0x8000)

4.898968922s ago: executing program 2 (id=2687):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff})
socket$inet_smc(0x2b, 0x1, 0x0)
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
unshare(0x8000000)
semget$private(0x0, 0x4000, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x5, 0x7, 0x7ffc0001}]})
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x448d3}, 0x0)
semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000740))
write$UHID_INPUT(r0, &(0x7f0000001980)={0x9, {"a2e3ad214fc752f91b5b09094bf70e0dd038e7ff7fc6e5539b324c078b089b3438076d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b32310d076d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e01000000138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12d3099dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f6dc7bcbf2a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509301815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827466cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d951061ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153bdf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033095563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db87195358bfee2916580dacae008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2df086dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36ffffffff00000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817b97c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d00000f4ff000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
mlock(&(0x7f0000ffc000/0x1000)=nil, 0x1000)
r3 = syz_open_dev$usbfs(&(0x7f0000000080), 0x75, 0x109301)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r3, 0x8108551b, &(0x7f0000002600)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d806726615380fe65a6a0a72e19c2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d90d1f6"})
r4 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000003c0), r2)
sendmsg$NLBL_UNLABEL_C_STATICLIST(r2, &(0x7f00000004c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x60, r4, 0x200, 0x70bd2d, 0x25dfdbff, {}, [@NLBL_UNLABEL_A_SECCTX={0x21, 0x7, 'system_u:object_r:sysfs_t:s0\x00'}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'veth0_to_batadv\x00'}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @mcast2}]}, 0x60}, 0x1, 0x0, 0x0, 0x40000}, 0x4000)
ioctl$USBDEVFS_SUBMITURB(r3, 0x8038550a, &(0x7f0000000380)=@urb_type_bulk={0x3, {0x1, 0x1}, 0x13ff, 0x0, &(0x7f00000001c0)="0f589e75e89c818cadbe50801800843e12935d036fff0619783865bf3cbe4b1cf31f7aaceb2d512b81790092003647d635418e7ab01474095b4d3c63e2ace2261a95a06c", 0x44, 0x0, 0x40, 0x2, 0xfffffffc, 0x0, 0x0})
ioctl$USBDEVFS_DISCARDURB(r3, 0x550b, 0x0)
fstatfs(r3, &(0x7f0000000140)=""/83)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000b00002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000008500000070000000181100", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB, @ANYRES32=r7], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xe, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, 0x0, 0x0)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000300)={r6, r5}, 0xc)

4.753911822s ago: executing program 1 (id=2690):
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='coredump_filter\x00')
write$cgroup_int(r0, &(0x7f0000000180)=0x10, 0x12)
r1 = socket(0x1e, 0x4, 0x0)
connect$tipc(r1, &(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
sendmmsg$unix(r1, &(0x7f0000004400), 0x400000000000203, 0xfff5)

4.644616619s ago: executing program 1 (id=2693):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000740)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x4e23, @broadcast}, 0x2, 0x0, 0x4}}, 0x2e)
r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000480)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002cbd70100400000005000000080009000200000008000c00a80a000008000b0000000000060001"], 0x34}}, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
syz_emit_ethernet(0x53, &(0x7f0000000600)={@link_local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2a}, @val={@void}, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x19, 0x11, 0xff, @remote, @local, {[], {0x0, 0xe22, 0x19, 0x0, @gue={{0x2, 0x0, 0x0, 0x3}, "30b00afe4e794d9f63"}}}}}}}, 0x0)

4.63294128s ago: executing program 1 (id=2694):
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x2a, 0x1, 0x0, 0x0, 0x0, 0x9, 0xf4039, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x80000001, 0x8}, 0x204, 0x1, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x200b}, 0x0, 0x4000000000, 0xffffffffffffffff, 0x8)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
writev(r2, &(0x7f0000000040)=[{&(0x7f0000000100), 0x86}], 0x2)
symlink(&(0x7f0000001640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/../file0\x00', &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], 0x0, 0x0, 0xfffffffffffffe42, 0x0, 0x40e00, 0x5a, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
r3 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
write$binfmt_misc(r3, &(0x7f0000000300)="65f38e", 0x3)
r4 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4, 0x12, r4, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x5a, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r5, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000004c0)=[0x2], 0x0, 0x0, 0x1, 0x1}}, 0x40)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000100), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="67727071546f74612c73737572652c7063b741a6056b866d303a41826f4a3cbc723d30303042303030524dfd2304f68ca5200a70ec30fbe91f05dfe6bbb61fb5d1bd53352bdba2c82f530270ff6300"/94])
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f00000003c0)={0x0, 0x18, 0xfa00, {0x2, &(0x7f00000001c0), 0x106, 0xa}}, 0x20)

4.480897s ago: executing program 1 (id=2696):
r0 = socket(0x10, 0x3, 0x0)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000001c0), 0x4b301, 0x0)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000000)=0x1a)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000180)={0x80000020}, 0x10)
sendmsg$NFQNL_MSG_VERDICT(r0, &(0x7f0000000480)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000440)={&(0x7f0000000300)={0x130, 0x1, 0x3, 0x201, 0x0, 0x0, {0x5, 0x0, 0x2}, [@NFQA_PAYLOAD={0xe3, 0xa, "1f40f8b62a601e11f8675875e2883a2d3cf6bf13ecbe3e05768fc7b2f309973eff7cb89e58b4728ece62ccbdd37e5eb0c55e38630f5a90590c06a0a1275e5def659ac85a15dc1219e6efbf01b8637ced5ebf2d11ccbd7548f6b83347627329ec28ab30e2cc612a701f237132b78ec45d39257742cb04f43412bd67adef9e108ce59138ff7a463f37f8882894ff211acc4ad7ac23a37b8e973ee8a0fdb656d2b15eb1f6f96c05d75b29d714689b08ac1802ac2f7d34c090b68f66398efda7624e51eb71946b5ce22c61c535107a91edc22a94f793e378d870afee9c0de0d83d"}, @NFQA_VLAN={0x2c, 0x13, 0x0, 0x1, [@NFQA_VLAN_TCI={0x6, 0x2, 0x1, 0x0, 0x90}, @NFQA_VLAN_TCI={0x6, 0x2, 0x1, 0x0, 0x5}, @NFQA_VLAN_PROTO={0x6, 0x1, 0x1, 0x0, 0x8100}, @NFQA_VLAN_PROTO={0x6, 0x1, 0x1, 0x0, 0x88a8}, @NFQA_VLAN_TCI={0x6, 0x2, 0x1, 0x0, 0x1}]}, @NFQA_VERDICT_HDR={0xc, 0x2, {0xfffffffffffffffd, 0xd41}}]}, 0x130}, 0x1, 0x0, 0x0, 0x40010}, 0x4c084)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="300000001a00011500000000000000001c000000000000000000000014"], 0x30}}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001f80)=ANY=[@ANYBLOB="0a000000010000000400000004"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000098affe24d57b7bf4977a26de00ff000016748c7a45981be50000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000006007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000208500000001000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000005000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x4)
r5 = dup(r4)
ioctl$TIOCL_SETSEL(r5, 0x560d, 0x0)
r6 = syz_io_uring_setup(0x56b7, &(0x7f00000000c0)={0x0, 0x0, 0x800, 0x4}, &(0x7f0000000640), &(0x7f0000000080), &(0x7f0000000000))
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x8001)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240"], 0x7c}, 0x1, 0x0, 0x0, 0x20000040}, 0x24004000)
sendmsg$NFT_BATCH(r7, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a0c010000120a09000000000000000000020000000900dfff73797a31000000000800044004000400db000d4059c9a9352e754bddebe747bb814495668d192bffb10d7bc5472ab3b2e99b871130860084922a638e25f0f94c56c15ea1248312e02c49782e3675250d09c165c610acb37d09ce9248b60b2fce82890f92ce84b19db949a09d0ed7a414d0a3345fea1bcf5785ec912ac391796f67d1d8ae25824d50319cf0646229f6b6e4bdc1d7bb49f7b5d6b7442eb5b38f764664ad11fe14aae6e2b123c20c6e6ccea49037f8e4a9c1f291159af12efc6ad16b1e2fd9a9e44056fbe83ce50917343e714509e6a216eafef52c0e323fecfa0a3d5d61d3728179daf0c6fa000800034000000004140000001100010000000000000000000000000a"], 0x134}, 0x1, 0x0, 0x0, 0x404c045}, 0x0)
open(&(0x7f00000000c0)='./file0\x00', 0x101000, 0x10)
r8 = syz_io_uring_setup(0x2790, &(0x7f0000000180)={0x0, 0xc386, 0x3010, 0x2, 0x200004}, &(0x7f0000000240), &(0x7f0000000140), &(0x7f0000000000))
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB="2c0000003b0007010000000000000009027c0000040000001400018006000600803500000500510000000000"], 0x2c}}, 0x0)
fsopen(&(0x7f0000000600)='hostfs\x00', 0x0)
r10 = epoll_create(0xaf2)
epoll_ctl$EPOLL_CTL_ADD(r10, 0x1, r8, &(0x7f0000000080)={0xe000201b})
epoll_ctl$EPOLL_CTL_MOD(r10, 0x3, r8, &(0x7f00000000c0)={0x20000010})
poll(&(0x7f0000000000)=[{r6, 0xd010}], 0x1, 0x9)
r11 = bpf$MAP_CREATE(0x0, &(0x7f0000001080)=ANY=[@ANYBLOB="09000000140000000800000040"], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100), &(0x7f0000000580), 0x1000, r11}, 0x38)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001bc0)={{r2, <r12=>0xffffffffffffffff}, &(0x7f0000001b40), &(0x7f0000001b80)=r3}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001c80)={0x6, 0x1, &(0x7f0000000240)=ANY=[@ANYBLOB="009945d0b8256a18"], &(0x7f0000000280)='GPL\x00', 0x0, 0x1000, &(0x7f0000000ac0)=""/4096, 0x40f00, 0x2d, '\x00', 0x0, 0x25, r5, 0x8, &(0x7f0000001ac0)={0x5, 0x3}, 0x8, 0x10, &(0x7f0000001b00)={0x4, 0x0, 0x5, 0x4}, 0x10, 0x0, 0x0, 0x4, &(0x7f0000001c00)=[r2, r2, r0, r2, 0x1, r2, r2, r11, r12], &(0x7f0000001c40)=[{0x1, 0x5, 0x3, 0x8}, {0x5, 0x1, 0x5, 0xa}, {0x1, 0x1, 0x2, 0x43e74c243ddaf4b4}, {0x3, 0x4, 0x5, 0xb}], 0x10, 0x3}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000a80)={r3}, 0xc)

4.380572037s ago: executing program 0 (id=2697):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000780), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000080)='G%\t\x00\x00\x00\x00\x00\x00\x00', 0xa}], 0x1}, 0x0)
recvmmsg(r3, &(0x7f0000001300)=[{{0x0, 0x0, 0x0}}], 0x300, 0x48, 0x0)

3.701270732s ago: executing program 3 (id=2698):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x55)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x210000000013, &(0x7f0000000500)=0x100000001, 0x4)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x20200, 0x0)
ioctl$TCSETS(r2, 0x40045431, &(0x7f0000000080)={0x0, 0x10, 0x572, 0x200800, 0x17, "ff000d00009a468e0cd912098d00"})
r3 = syz_open_pts(r2, 0x0)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x13)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f00000000c0))
ioctl$TCSETA(r3, 0x5406, &(0x7f0000000140)={0xfffe, 0x5, 0x7ff, 0x8, 0x1e, '\a\x00'})
pipe2$9p(&(0x7f0000000180), 0x0)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000340)=0xd)
connect$inet(r1, &(0x7f00000000c0)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x16}}, 0x10)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x3, &(0x7f0000000100)=[{0x6, 0x0, 0x1, 0x7fff7ffc}, {0x1, 0xfa, 0x4, 0x8}, {0x6, 0x2, 0xc5, 0x7f}]})
close_range(r4, 0xffffffffffffffff, 0x0)

3.653763256s ago: executing program 2 (id=2699):
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000001c6a000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a4c000000060a09040000000000000000020000000900010073797a30000000000900020073797a3200000000200004801c0001800a00010072656469720000000c000280080001"], 0x74}, 0x1, 0x0, 0x0, 0x20008000}, 0x4)
r1 = getpid()
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_GETKMSGREDIRECT(r3, 0x541c, &(0x7f0000000000))
r4 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x1, 0x5, &(0x7f0000000500)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002e000000850000002a00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f0000000080)=r6, 0x4)
sendmsg$IPCTNL_MSG_CT_GET_STATS(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x14, 0x5, 0x1, 0x401, 0x0, 0x0, {0x7, 0x0, 0x5}}, 0x14}, 0x1, 0x0, 0x0, 0x4000050}, 0x50040)
ioctl$PERF_EVENT_IOC_SET_BPF(r4, 0x40042408, r2)
futex(&(0x7f0000000340)=0x4, 0x5, 0x801, 0x0, &(0x7f0000000380), 0xfffffffc)
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0xfffff000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r7, &(0x7f0000005ac0)=[{{0x0, 0x0, 0x0}, 0x6}, {{0x0, 0x0, &(0x7f0000005a80)=[{&(0x7f00000058c0)=""/32, 0x20}, {&(0x7f0000005900)=""/27, 0x1b}, {&(0x7f0000005940)=""/1, 0x1}, {&(0x7f0000005980)=""/198, 0xc6}], 0x4}, 0x1}], 0x2, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000001fd8)=ANY=[@ANYBLOB="b70700000000000063114a0000a696660d000000000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x8, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback=0x6}, 0x64)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r9 = openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000040)='devices.deny\x00', 0x2, 0x0)
write$cgroup_devices(r9, &(0x7f00000000c0)={'b', ' *:* ', 'r\x00'}, 0x8)

3.652957096s ago: executing program 1 (id=2700):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x11, &(0x7f0000000180)={[{@nombcache}, {@resgid}, {@norecovery}, {@commit={'commit', 0x3d, 0x5}}, {@nombcache}]}, 0x8, 0x5fc, &(0x7f00000004c0)="$eJzs3c1vVFUbAPDn3n7Svu/bQt6ouJAmxkCitLSAIcZE2BOCHztXlRaCFEpojRZJLAluTIwbFyauXIj/hZK4deHWhRtXhoQYw0IMkTF3em+ZTmdKv+aDmd8vufSce5l7zi08fe6cnnMngK41lv2RRuyPiKtJxEjFsd7ID46t/L37f944l21JlEpv/5HEjU+S5cpzJfnX4fzF/4xE8nMasa9nfbsLS9cvTc/NzV7L6xOLl69OLCxdP3zx8vSF2QuzV6ZenTpx/NjxE5NHdnR9pVxWPn3r/Q9HPjvz7rdfP0wmv/v1TBIn41Het+y6ql87sKOWs+/ZWNH+g8r92ff1xA7P3S7+Gin+nzyWVO+gbZ2PiCzC+iLi2RiJnop/zZH49M2Wdg5oqFLyOEcC3SbZVvwP7n5HgCYr7gOK9/a13gevlzb4rgRohnunVgakVmK/LyKK+O9dGRuMwfLYwND9ZM04T5KPG+xU1sZPP565lW1RZxwOaIzlm8Uod3X+T8qxORqD5drQ/XRN/KcVW7b/rW22P1ZVF//QPMs3I+K5PP/3x5bif6wi/t/bZvviHwAAAAAAAHbPnVMR8Uqt+X/p6vyf/hrzf4Yj4uQutP/k3/+ld/NCsgvNARXunYp4veb839U5vqM9ee2/5fkAfcn5i3OzRyLifxFxKPoGsvpk1XkrZwgf/nzfV/Xar5z/l21Z+8VcwPxMd3urFuLOTC9O7/S6gYh7NyOeL8//PZDvWTv/J8v/SY38n8X31U22se+l22frHXty/AONUvom4mDN/P/4djvZ+PkcE+X7gYnirmC9Fz7+4vt67Yt/aJ0s/w9tHP8DSeXzeha2dv7+iDi61Fuqd3y79//9yTs9xfkzH00vLl6bjOhPTq/fP7W1PkOnKuKhiJcs/g+9uPH43+r9f0Uc7omI5U22+cyj4d/qHZP/oXWy+J/ZOP+Prs3/Wy9M3R79oV77ZzeV/4+Vc/qhfI/xP6i0/nkcmw3QlnQXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ5yaUT8J5J0fLWcpuPjEcMR8f8YSufmFxZfPj//wZWZ7Fj58//T4pN+R1bqSfH5/6MV9amq+tGI2BsRX/bsKdfHz83PzbT64gEAAAAAAAAAAAAAAAAAAKBNDJfX/JcGqtf/Z37vaXXvgIbrzb+Kd+g+vdt+ZWlgVzsCNN324x942m0+/vsa2g+g+erH/4OHpbKmdgdoIvf/0L22Gf9+XQAdQP6HbrXJMb3BRvcDaAX5HwAAAAAAOsreA3d+SSJi+bU95S3Tnx8z2R86W9rqDgAtYw4vdK/e+Vb3AGgV7/GBZLX0d83F/vVn/yeN6RAAAAAAAAAAAAAAsM7B/db/Q7faeP2/uf3QyTZY/18r+D0uADpI/Y/+kPuh03mPDzwp21v/DwAAAAAAAAAAAABtYPD6pem5udlrC0tPX+GN9ujG1grL023RjV0tPGrMmfsioj0usNmF4hEcLexGi38uAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAq/4NAAD//yOCL58=")
socket$netlink(0x10, 0x3, 0x10)
r0 = epoll_create1(0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
arch_prctl$ARCH_GET_XCOMP_GUEST_PERM(0x1024, 0x0)
socket(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000"], 0x48)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r5 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000240)=@bpf_lsm={0x18, 0x7, &(0x7f0000000100)=ANY=[@ANYBLOB="8510000004000000950000000000000018000000000000000000000000000000950000000000000085100000fcffffff95"], &(0x7f00000000c0)='GPL\x00'}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000400)={r5, 0xe0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2, 0xfffffffffffffffc, 0x0, 0x0, 0x8, 0x0, 0xffffffffffffffc0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, 0x0, 0x0}}, 0x10)
ioctl$sock_SIOCETHTOOL(r1, 0x89f1, &(0x7f0000010640)={'sit0\x00', &(0x7f00000001c0)=@ethtool_cmd={0x2b, 0x5, 0x2, 0x0, 0x8, 0x3, 0x3, 0xfc, 0x0, 0xfc, 0x0, 0x0, 0x0, 0xff, 0x0, 0x45, [0x0, 0x89ff]}})
epoll_pwait(r0, &(0x7f0000000140)=[{}], 0x1, 0x2d516fb6, 0x0, 0x0)
epoll_wait(r0, &(0x7f0000000040)=[{}], 0x1, 0x400)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="08000000040000"], 0x48)
r6 = socket(0x10, 0x2, 0x0)
write(r6, &(0x7f0000000480)="1c0000001a009b8a140000003b000000000000000000000000000000fda35065733173ae72a0d270d958f739b6d44c893b03599f77a332b446ea93568ae2ff534952656c6a18b6c0fdcec321127ee28705f2496eb43654255c5cc688f71db82bab173f4e19361ac01c1b0a2d2229993c8308ab7721e4c33c5fc214cd64a17d552a0fa33011d3ccceb56738a8c7e690d5843333a2a6d60f38798d000000003991f3787269de5382929be107a698db9edbc0257c0bb0205084640cc1c859d69828feab5d0ac72f62c0bf387044a185428df3ab4cc2525d41adb01c8c13c71b6a98dac98f678e2472d5a6a8a5b2f69ac595a8bea681e962033baf38e57debcb4a900797d1f406f72c22a58b8255e88e662270140fe5646e9e558f594eaf8856161f48", 0x121)
recvmmsg(r6, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})

3.576656111s ago: executing program 3 (id=2701):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = dup(r0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x8, &(0x7f0000000400)=ANY=[@ANYBLOB="7a0af8ff75257075bfa100000000000007010000f9ffffffb702000005000000bf130000000000008500000071000000b7000000000000009500000000000000b2595285faa6ead0169191d54f8196217fc560e2fc91f6da4dad4fdc2eb1b257183fa3bcd48666d1ddd73f3047d248df061222193165274bc7f2382f6cda4bfdd45be583823c0f09601f3c1c65ee19ee875daf45006a4c4ea5e15b2f9618d547244a22000000000000db453620ce7243d1aebd00000000000000005839c77edf2d34b12cd48a0c20fb7dd843267e0331759f4ec6b5b0af58e604f4942eb613eff289026d5045ef76d7d864409eb2dcc718a09f4886afc26abba34635d0e8b54bc76be40d435aa8b5202db761014b1b999a12df6bee431a666100"/296], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x200fffe, 0xe, 0x55, &(0x7f0000000140)="a06ad876d56a0064d082778c3938", &(0x7f0000000380)=""/85, 0x7300, 0x4000000, 0x0, 0x0, &(0x7f0000000000), &(0x7f0000000000), 0x0, 0x4}, 0x28)
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000540)=@base={0xa, 0x16, 0xb4, 0x3}, 0x50)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, 0x0, 0x0)

3.418947351s ago: executing program 0 (id=2702):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101041, 0x0)
pwrite64(r0, &(0x7f0000000140)='2', 0xfdef, 0xe7c) (async)
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f0000000000)={0x4, 0x4, 0x8, 0x7, 0x1, 0x5, 0x2, 0x8, <r1=>0x0}, &(0x7f0000000040)=0x20)
r2 = perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x2a, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_bp={0x0, 0x1}, 0x10e200, 0x10004, 0x20da, 0x5, 0xb, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xfffffbffffffffff, 0xffffffffffffffff, 0xa)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, &(0x7f0000000000)=0x8000)
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000080)={r1, 0xfffffffa}, &(0x7f00000000c0)=0x8) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="050000000c00000043e8000040"], 0x50) (async)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
setrlimit(0x2, &(0x7f0000000500)={0x89, 0xec}) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)

3.29284529s ago: executing program 0 (id=2703):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
fcntl$lock(r0, 0x6, &(0x7f0000000000)={0x0, 0x0, 0x8})
fcntl$lock(r0, 0x26, &(0x7f0000000280)={0x1, 0x0, 0x9, 0x9})
unshare(0x22020400)
fcntl$lock(r0, 0x7, &(0x7f0000000140)={0x1, 0x1, 0x25, 0x5})
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r1=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
fcntl$lock(r0, 0x7, &(0x7f00000000c0)={0x1, 0x2, 0x8, 0x73e9})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r1, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x2e, &(0x7f0000000100)={0x761, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x108)
r3 = socket(0xa, 0x80805, 0x0)
r4 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000000)=@ethtool_cmd={0x49, 0x6, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x9, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, [0x0, 0x4]}})
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000000)={<r5=>0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
ioctl$FS_IOC_RESVSP(r6, 0x4030582b, &(0x7f0000000c00)={0x0, 0x1, 0x4, 0x40000000000000, 0x0, 0xf0})
write$RDMA_USER_CM_CMD_CREATE_ID(r6, &(0x7f0000000400)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000003c0), 0x13f, 0x6}}, 0x20)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r7 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000280)={<r8=>0xffffffffffffffff}, 0x2, 0x3}}, 0x20)
write$RDMA_USER_CM_CMD_JOIN_IP_MCAST(r7, &(0x7f0000000340)={0x10, 0x30, 0xfa00, {&(0x7f0000000240), 0x3, {0xa, 0x4e20, 0x2, @mcast1, 0x4}, r8}}, 0x38)
getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000040)=@assoc_value, &(0x7f0000000080)=0x8)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
sendmsg$nl_route(r0, &(0x7f0000000500)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)=@getrule={0x14, 0x22, 0x300, 0x70bd25, 0x25dfdbfc, {}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000040}, 0x90)
bpf$PROG_BIND_MAP(0xa, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r3, 0x84, 0x84, &(0x7f0000000180)={r5, @in={{0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x19}}}, 0x6, 0x2a}, 0x90)
sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newlink={0x38, 0x10, 0x401, 0x70bd27, 0x0, {0x0, 0x0, 0x0, 0x0, 0x137b}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GENEVE_COLLECT_METADATA={0x4}]}}}]}, 0x38}}, 0x40800)

3.273342621s ago: executing program 3 (id=2704):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000740)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x4e23, @broadcast}, 0x2, 0x0, 0x4}}, 0x2e)
r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000480)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002cbd70100400000005000000080009000200000008000c00a80a000008000b000000000006000100"], 0x34}}, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
syz_emit_ethernet(0x53, &(0x7f0000000600)={@link_local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2a}, @val={@void}, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x19, 0x11, 0xff, @remote, @local, {[], {0x0, 0xe22, 0x19, 0x0, @gue={{0x2, 0x0, 0x0, 0x3}, "30b00afe4e794d9f63"}}}}}}}, 0x0)

2.740739597s ago: executing program 1 (id=2706):
socket(0x2d, 0x2, 0x0)
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000009c0)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000780)=ANY=[@ANYRES32=r4, @ANYRES32=r5, @ANYBLOB="0500000000000000000000007fbdbc14e20210"], 0x10)
syz_usb_connect(0x6, 0x24, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r4}, &(0x7f00000006c0), &(0x7f0000000700)=r3}, 0x20)
sendmsg$inet(r2, &(0x7f0000000980)={0x0, 0x6000, &(0x7f0000000900)=[{&(0x7f0000000640)='U', 0xa00120}], 0x1}, 0x3)
socket$nl_generic(0x10, 0x3, 0x10)
unshare(0x8040480)
sendmsg$TIPC_CMD_GET_MAX_PORTS(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x0, 0x100, 0x70bd25, 0x25dfdbfc, {}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4c}, 0x8040)

2.195839363s ago: executing program 3 (id=2709):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)=@newtclass={0x24, 0x28, 0x4, 0x70bd26, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0x9, 0x4}, {0x7, 0xb}, {0xb, 0xf}}}, 0x24}}, 0x80000)
r0 = socket$netlink(0x10, 0x3, 0x0)
syz_mount_image$ext4(&(0x7f0000000ac0)='ext4\x00', &(0x7f0000000340)='./file0\x00', 0x0, &(0x7f0000000100)={[{@stripe}, {@nobh}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x8}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nogrpid}, {@sysvgroups}, {@orlov}, {@grpquota}, {@i_version}]}, 0x1, 0x47f, &(0x7f0000000b00)="$eJzs3M9vFFUcAPDvTLdAEGlF/AGiVtHY+IPSgsrBi0YTD5qY6AGPtS0EKdTQmgghshqDR0PinRhP/guePBnjycSrXo0hIUpM+HFxzezM0N3tbqVl2+2PzydZ+t7Oe/Pelzdv+2YeSwCb1lD2RxKxIyJ+i4iBPNtcYCj/cePa+Ymb185PJFGrvftXUi93/dr5ibJoWe+eIjOcRqRfJEUjzWbPnjs5Pj09dabIj8yd+mhk9uy5F06cGj8+dXzq9NiRI4cPjb780tiLXYkz69P1vZ/O7Nvz5vuX3p44eumDbU3HG+PolqEs8L9rda3Hnu52Yz32b20+zqTS695wp/oiIhuu/vr8H4i+mB+8gXjj8552DlhR2Wf2H61v9t9OVWvABpbEsqrF8qoBa0cU9+3Z/W/5WuUlSE9dfTW/AcrivlG88iOVSIu/oP4VbH8oIo5Wb13OXtHyHKLW5rkBAMDd+iFb/zy/cP2XrQkfbCiXFHtDgxFxX0Tsioj7I2J3RDxQlH0oIh5eYvutW0ML15/plWWGdkey9d8rxd5W8/ovLYsM9hW5e+vx9yfHTkxPHYyInRExHP1bs/xou5OXp3j91686td+4/jtazftRrgWLk1ypbG2ocOHb/GeXFqVXP4vYW2kXf1LfCUiiVsvGfk9E7F3aqXeWiRPPfrevU6Hm+G9dXhj/Irqwz1T7JuKZfPyr0RJ/KVl8f3JkW0xPHRwpr4qFfv7l4jud2r+r+LsgG//tzdd/S4mBf5LG/drZpbdx8fcvO95TVv43/pbrPyImx+fGtyTv1festxTvfTI+N3dmNGJL8lY93/T+2HzdMl+Wz+If3t9+/u8q6mTxPxIR2UX8aEQ8FhGPF2P3REQ8GRH7F4n/p9ee+rDTsbUw/pNtP/9uX/+DzeO/9ETfyR+/79T+ovHXP0Gy8T9czw4XdbLxz1PbOsbVuTtlneVezQAAALD+pBGxI5L0wO10mh44kP97+d2xPZ2emZ177tjMx6cn8+8IDEZ/Wj7pGmh4HjqaVIsz5vmx4llxefxQ8dz46/KxwsTM9GQP4wbyed5u/mf+7Ot174AV5/tasHm1zv+0R/0AVt+d/v53PwAbz3LX/9YJsP65/4fNq938v9CSt/aHjcnvf9i82s//raveD2D1LZz/yc35/x4I2Mis/2FTupvv9a9UorLIt/cl1koi0hVroromAlzHiUoXZnePP5gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC65L8AAAD//2IA+HU=")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f00000000c0)={0xd270, 0x0, 0x1, 0xd05, 0xd4})
sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000000)=@newlink={0x4c, 0x10, 0x401, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, 0x0, 0xb4d5}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gre={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_IKEY={0x8, 0x4, 0xd}]}}}, @IFLA_IFNAME={0x14, 0x3, 'dvmrp0\x00'}]}, 0x4c}}, 0x4000004)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)=@newtclass={0x24, 0x28, 0x4, 0x70bd26, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0x9, 0x4}, {0x7, 0xb}, {0xb, 0xf}}}, 0x24}}, 0x80000) (async)
socket$netlink(0x10, 0x3, 0x0) (async)
syz_mount_image$ext4(&(0x7f0000000ac0)='ext4\x00', &(0x7f0000000340)='./file0\x00', 0x0, &(0x7f0000000100)={[{@stripe}, {@nobh}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x8}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nogrpid}, {@sysvgroups}, {@orlov}, {@grpquota}, {@i_version}]}, 0x1, 0x47f, &(0x7f0000000b00)="$eJzs3M9vFFUcAPDvTLdAEGlF/AGiVtHY+IPSgsrBi0YTD5qY6AGPtS0EKdTQmgghshqDR0PinRhP/guePBnjycSrXo0hIUpM+HFxzezM0N3tbqVl2+2PzydZ+t7Oe/Pelzdv+2YeSwCb1lD2RxKxIyJ+i4iBPNtcYCj/cePa+Ymb185PJFGrvftXUi93/dr5ibJoWe+eIjOcRqRfJEUjzWbPnjs5Pj09dabIj8yd+mhk9uy5F06cGj8+dXzq9NiRI4cPjb780tiLXYkz69P1vZ/O7Nvz5vuX3p44eumDbU3HG+PolqEs8L9rda3Hnu52Yz32b20+zqTS695wp/oiIhuu/vr8H4i+mB+8gXjj8552DlhR2Wf2H61v9t9OVWvABpbEsqrF8qoBa0cU9+3Z/W/5WuUlSE9dfTW/AcrivlG88iOVSIu/oP4VbH8oIo5Wb13OXtHyHKLW5rkBAMDd+iFb/zy/cP2XrQkfbCiXFHtDgxFxX0Tsioj7I2J3RDxQlH0oIh5eYvutW0ML15/plWWGdkey9d8rxd5W8/ovLYsM9hW5e+vx9yfHTkxPHYyInRExHP1bs/xou5OXp3j91686td+4/jtazftRrgWLk1ypbG2ocOHb/GeXFqVXP4vYW2kXf1LfCUiiVsvGfk9E7F3aqXeWiRPPfrevU6Hm+G9dXhj/Irqwz1T7JuKZfPyr0RJ/KVl8f3JkW0xPHRwpr4qFfv7l4jud2r+r+LsgG//tzdd/S4mBf5LG/drZpbdx8fcvO95TVv43/pbrPyImx+fGtyTv1festxTvfTI+N3dmNGJL8lY93/T+2HzdMl+Wz+If3t9+/u8q6mTxPxIR2UX8aEQ8FhGPF2P3REQ8GRH7F4n/p9ee+rDTsbUw/pNtP/9uX/+DzeO/9ETfyR+/79T+ovHXP0Gy8T9czw4XdbLxz1PbOsbVuTtlneVezQAAALD+pBGxI5L0wO10mh44kP97+d2xPZ2emZ177tjMx6cn8+8IDEZ/Wj7pGmh4HjqaVIsz5vmx4llxefxQ8dz46/KxwsTM9GQP4wbyed5u/mf+7Ot174AV5/tasHm1zv+0R/0AVt+d/v53PwAbz3LX/9YJsP65/4fNq938v9CSt/aHjcnvf9i82s//raveD2D1LZz/yc35/x4I2Mis/2FTupvv9a9UorLIt/cl1koi0hVroromAlzHiUoXZnePP5gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC65L8AAAD//2IA+HU=") (async)
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) (async)
ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f00000000c0)={0xd270, 0x0, 0x1, 0xd05, 0xd4}) (async)
sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000000)=@newlink={0x4c, 0x10, 0x401, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, 0x0, 0xb4d5}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gre={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_IKEY={0x8, 0x4, 0xd}]}}}, @IFLA_IFNAME={0x14, 0x3, 'dvmrp0\x00'}]}, 0x4c}}, 0x4000004) (async)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async)

2.144856866s ago: executing program 0 (id=2710):
r0 = socket$l2tp6(0xa, 0x2, 0x73)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000005c0)={&(0x7f0000000540)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x5, [@func={0x2, 0x0, 0x0, 0xc, 0x4}]}, {0x0, [0x30, 0x61, 0x2e]}}, 0x0, 0x29, 0x0, 0x1, 0x8001}, 0x28)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, 0x0, 0x0)
sendmmsg$inet6(r0, &(0x7f0000000780)=[{{&(0x7f0000000040)={0xa, 0x4e20, 0x4, @local, 0x2}, 0x1c, 0x0, 0x0, &(0x7f00000004c0)=[@dstopts_2292={{0x18, 0x29, 0x4, {0x6}}}], 0x18}}], 0x1, 0xff04)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000900)={'syztnl2\x00', &(0x7f0000000880)={'ip6gre0\x00', 0x0, 0x2f, 0x2, 0x63, 0x8001, 0x4, @local, @loopback, 0x8, 0x7800, 0x1, 0xfffffff8}})
socket$kcm(0x10, 0x2, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff0000/0xd000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fec000/0x14000)=nil, &(0x7f0000fe9000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffe000/0x1000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r1 = io_uring_setup(0x1c79, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1})
prctl$PR_MCE_KILL(0x4e, 0x1, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x17, 0x3, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0)
r2 = getpid()
r3 = syz_pidfd_open(r2, 0x0)
ftruncate(r3, 0x80000001)
syz_io_uring_setup(0x18d7, 0x0, 0x0, 0x0, 0x0)

2.144562077s ago: executing program 4 (id=2711):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x55)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x210000000013, &(0x7f0000000500)=0x100000001, 0x4)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x20200, 0x0)
ioctl$TCSETS(r2, 0x40045431, &(0x7f0000000080)={0x0, 0x10, 0x572, 0x200800, 0x17, "ff000d00009a468e0cd912098d00"})
r3 = syz_open_pts(r2, 0x0)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x13)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f00000000c0))
ioctl$TCSETA(r3, 0x5406, &(0x7f0000000140)={0xfffe, 0x5, 0x7ff, 0x8, 0x1e, '\a\x00'})
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000340)=0xd)
connect$inet(r1, &(0x7f00000000c0)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x16}}, 0x10)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x3, &(0x7f0000000100)=[{0x6, 0x0, 0x1, 0x7fff7ffc}, {0x1, 0xfa, 0x4, 0x8}, {0x6, 0x2, 0xc5, 0x7f}]})
close_range(r4, 0xffffffffffffffff, 0x0)

2.133028807s ago: executing program 0 (id=2712):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={<r1=>0x0, 0x10, &(0x7f0000000040)=[@in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x20}}]}, &(0x7f0000000100)=0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x4, &(0x7f00000002c0)={[{@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x7f}}]}, 0x1, 0x4c0, &(0x7f0000000f00)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7WimlTpS56HmqVGTmdnMaoZFJUQlNiCVkLghxImj2ClN1EUCuy5YIBBIiAV7/gI2dEWFhFjDHrFARVCCBEhIRvfabhM3DhakMc39/aTbnPuwv3NifafnHt+bG0BmnU3+yUUMRsRHEXG0vrr9gLP1H5t3b0wnSy5qtctf5tLjkvXmoc3XHYmI9Yjoi4gn/hfxbO7BuJXVtfmpUqm43Fgfri4sDVdW1y7MLUzNFmeLi6MTFycnJ0bGxyb3rK03X37+5qV3H+t959uX7tx+5f33kmoNNvZtbcdeqje9J45v2XYoIv7zMIJ1QaHRnv5uV4SfJfn8fhcR59L8PxqF9NMEsqBWq9V+qB1ut3u9BhxY+XQMnMsPRUS9nM8PDdXH8L+PgXypXKn+42p5ZXGmPlY+Fj35q3Ol4kjjXOFY9OSS9dG0fH99rGV9PCIdA79a6E/Xh6bLpZn97eqAFkda8v+bQj3/gYxwyg/ZJf8hu+Q/ZJf8h+yS/5Bd8h+yS/5Ddsl/yC75D9lV6HYFgK7x/z9k0uOXLiVLrXn/+8y11ZX58rULM8XK/NDCyvTQdHl5aWi2XJ5N79lZ+Kn3K5XLS6P/jJXrw9VipTpcWV27slBeWaxeSe/rv1Ls2ZdWAZ04fubWJ7mIWP9Xf7okehv75CocbLVaLrp9DzLQHab+ILtM/UF2OccHWv9Eb+u4oK/dC5fuzxcCj5Z8tysAdM35U77/g6wy/w/ZZf4fsssYH9jhEX3b7Db/DzyazP9Ddg22ef7Xb7Y8u2skIn4bER8Xeg43n/UFHAT5z3ON8f/5o38ZbN3bm/su/YqgNyJeePPy69enqtXl0WT7V/e2V99obB/b8sK2JwxAtzTztJnHAEB2bd69Md1c9jPuF/+tX4TwYPxDjbnJvvQ7yoHN3LZrFXJ7dO3C+kZEnNwpfq7xvPP6iczAZuGB+CcaP3P1t0jreyh9bvr+xD+1Jf6ft8Q//Yt/K5ANt5L+Z2Sn/MunOR338m97/zO4R9dOtO//8vf6v0Kb/u9MhzGee+vFz9rG34g4vWP8Zry+NFZr/KRu5zuMf+fpJ//Qbl/t7fr77BS/KSkNVxeWhiuraxfmFjZmi7PFxdGJi5OTEyPjY5PDV+dKxT8daR//3yc/vL1b+wca8Xui8/Yn2/7WYfu//+MHT53dJf5fz+38+Z/YJX5/RPy9w/hfj336TLt9SfyZNr///C7xk23jHcavvPb/wx0eCgDsg8rq2vxUqVRcVlBQ6Eph49dRjZZCt3sm4GGrrCan5knSd7smAAAAAAAAAAAAQKf243LibrcRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAg+DEAAP//KbnRCQ==")
r4 = creat(&(0x7f0000000200)='./file1\x00', 0x1)
ioctl$FS_IOC_FSSETXATTR(r4, 0x40086602, &(0x7f0000000000)={0x20052f8, 0xfffffff8, 0x100802, 0x2, 0x8})
write$cgroup_devices(r4, 0x0, 0x0)
r5 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$int_in(r5, 0x5452, &(0x7f0000002480)=0x3)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r2)
socket$inet_sctp(0x2, 0x5, 0x84)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r6, 0x84, 0x6f, &(0x7f0000000540)={0x0, 0x0, 0x0}, &(0x7f00000002c0)=0x10)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000d40)={0x14, 0x2, 0x6, 0x5}, 0x14}}, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
recvfrom$phonet(r4, &(0x7f00000000c0)=""/229, 0xe5, 0x122, &(0x7f00000001c0)={0x23, 0x6, 0x8, 0x3}, 0x10)
sendmsg$IPSET_CMD_ADD(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast1=0xe0004001}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10000047}, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000840)={r1, @in6={{0xa, 0x4e20, 0x3ae, @empty, 0x129}}, 0x2, 0x2, 0x614, 0x1, 0xd, 0x7, 0x4}, 0x9c)

2.118173488s ago: executing program 4 (id=2713):
r0 = socket$l2tp6(0xa, 0x2, 0x73)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, 0x0, 0x0)
sendmmsg$inet6(r0, &(0x7f0000000780)=[{{&(0x7f0000000040)={0xa, 0x4e20, 0x4, @local, 0x2}, 0x1c, 0x0, 0x0, &(0x7f00000004c0)=[@dstopts_2292={{0x18, 0x29, 0x4, {0x6}}}], 0x18}}], 0x1, 0xff04)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000900)={'syztnl2\x00', &(0x7f0000000880)={'ip6gre0\x00', 0x0, 0x2f, 0x2, 0x63, 0x8001, 0x4, @local, @loopback, 0x8, 0x7800, 0x1, 0xfffffff8}})
socket$kcm(0x10, 0x2, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff0000/0xd000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fec000/0x14000)=nil, &(0x7f0000fe9000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffe000/0x1000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r1 = io_uring_setup(0x1c79, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1})
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x17, 0x3, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0)
syz_io_uring_setup(0x18d7, 0x0, 0x0, 0x0, 0x0)

2.08992381s ago: executing program 4 (id=2714):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), 0xffffffffffffffff)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r2=>0x0)
sendmsg$NFC_CMD_DEV_UP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000d80)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="010426bd7000f8dbdf250200000008000100", @ANYRES32=r2], 0x1c}}, 0x4008054)
r3 = socket(0x1e, 0x4, 0x0)
write$nci(r0, &(0x7f0000000140)=ANY=[@ANYBLOB='P', @ANYRES8, @ANYRES16=r3], 0x14)

1.990901937s ago: executing program 4 (id=2715):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x35, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x201}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r0, 0x2000300, 0xe, 0x0, &(0x7f0000000000)="63eced8e46dc3f0adf3389f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
socket$inet6(0xa, 0x2, 0x0)
ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, &(0x7f0000000280)=@urb_type_control={0x2, {0x9, 0x1}, 0x3, 0xab, &(0x7f0000000040)={0x1d, 0x0, 0xd, 0x4, 0x4}, 0x8, 0x7, 0x0, 0x0, 0x8001, 0x9, 0x0})
get_mempolicy(0x0, &(0x7f0000000100), 0x80000000, &(0x7f000038d000/0x4000)=nil, 0x6)
timer_create(0x1, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000500)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0xf241f1a146326c4, 0x2, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x8, 0x40008, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x9, 0x6}, 0x4580, 0x0, 0x800000, 0x2, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x48)
r4 = syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x2000c12, &(0x7f00000002c0)={[{@utf8}, {@uid}, {@map_normal}, {@nocompress}, {@showassoc}, {@map_acorn}, {@map_normal}, {@block={'block', 0x3d, 0x800}}, {@utf8}, {@map_off}, {@dmode={'dmode', 0x3d, 0x9fbc}}, {@iocharset={'iocharset', 0x3d, 'default'}}], [{@fowner_lt}]}, 0x2, 0xa2f, &(0x7f0000000ec0)="$eJzs3c9vHGf5APBn1nbiuFWStvn2W6K2nqQkdVvjrG2aYPUAjnftbLG9yHakRBya0jgoiqHQgtRWSKQS4oCoQAJx4VZx4lSpF3pBvcENLnBAQv0XKk7hZDSzu/bau+u1Xcd208/H2t358cz7PvNj581OducNPl9WT2wYW13NH7scv/rHfciYQ+xy6ZP3P3gve7x7N45ET7yY/CmiPyLSiN6IeCKib6q0UJ3rUtCdiBsR8XFEEhFHo/a6LTci+VU8vD7+cSS/z+rt6Mh2S6abVb7QDvr4AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAwyiZKhWLo8mRqMxfvZbWRKQtpkoL1SRWV1vnNJap+Sjv9Tv56BcPdak3Iske0d/f6Or7iVPrsx+PiPRsPFkbezLvkDz6452HHj/50mO9hcbynbL5TI52KLYnWjbMm2+/c+fVlZXlN3ZYRf9ucztkZsrzlcVqZW5yppxWFqvpxMWLxQtXphfT6cpsefH64lJ5Lp1aKE8uVRfSoann0tGJifG0PHK9enV+pjQyW25MvPSVsWLxYvryyLfKkwuL1fkLL48sTl2pzM5W5mfymGx2FnMpOxC/WVlKl8qTc2l66/bK8vimnFp2UxY02m1NsqCxbkFjxbGx0dGxsdF3671nr024+OLEi5eKxd7iJtEScZ8OWg6XY5138/04jcOuFGrtf8RsVGI+rsa1SNv+TUUpFqIacx3m1zXa/3MXylvW29z+11v53qbZp7Ons/F0fbS/Q/vfIZf9+3sz3o534k68GiuxEsvxxoFn1PqX7ZEO84591rJnohzzUYnFqEYl5mIyn5LWp6QxERfjYhTjlbgSg7EYaUxHJWajHItxPRZjKcr5ETUVC1GOyViKaixEGkMxFc9FGqMxERMxHmmUYySuRzWuxnzMRCkm81Juxe18u49vkeNa0Oh2gsa2CGppzHfc/pdb/w3JF8zen8Rhl1br7f+R7qFDU/uREAAAALDnvvTXOH7q0b/8OyKJp/Lr8tOV2XLxoNMCAAAA9lASScST2VNfNvpUJD7/AwAAwIMmyX9jl0TEQAzWhhq/hHIRAAAAAB4Q+e16no5kcH2Cz/8AAADwgFm7x37tSsDaPXav9TSmdr0LfzLcuP1verP2erMeUS9iYLoyWx6Zqs6+NBrn87sM5L80aCmtJyLpy39+8HycqUWdGYi72evAeolZnf1Z1OjIS6PxfJytr8jQM9nLM0NtIsdqkc/WIp9tjuyJDZHjWSQAPOjObtEe1+6x3739fz6GaxHDp/Mmv/d0mza4qGUFgMNirY+d/9a7NGvT/tcjnu7U/n91i8//WcSjcWuw9pWCkXgtXo+VuBnDUf/GwWC7Uhu9EdS+hjDcdDUgt+lqwED9Kwt/v1SI4ZbrAf1r69ocuxxjMVy/InCsPr9+7SBZi00aOYzXAnruww4AgANwdst2eHvt/3CXz/8DvlIIAIfKWg/22x3IFtp2cG3goNcRANhIKw0AAAAAAAAAAAAAAAAAAAAAAAAAAAB7b1s38P/b+YiVleWInXYWsIOBk5un9O8kw60HCnF/cm4z0Hv/q9hqoGfnvTNsc+AfXWO+HjsuOdvHB7OhDHQbOOATEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPsiiehpN71wNH8pRsSF/c7pfrp70AnslXR3iyX34l68Fcf3Oh0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC+6+v3/C1F7fag2KXoLEeci4kZEfPugc9xL9w46gQPzvfy56f7/hYi+WE2it7bbI+mbKi1U57LdnxzN5n/y/gfvZY/uZbf2qpB3H1HY1LlEvYamKX0bl3okX2qgtPzmnR+9/oO0dDk/MC8vTc+W5mYWvrEe+HjyYa0LhOZuEBr5/uTcn3/dNPlIvfIPszVtb3O903m9pdZ6/7/d0h3q3YbbK8tjWU1L5WtLP/7+7beaZj0aZyKeGYoY2ljTd7NHh5rObN6eGyWfJj9Pjsfv4ka+/7Otkawm2S46ka//sVu3V5ZHXnt95eZaTj/dkNPJGIyImxH9289pMD+ftJUfdYW+rNZiHpQ9nepS3paaShztsF0fyQ+ZgR2tQ9p5HXL5du94cDUyGm+b0W9++Fic3/GePr/1nm4v+TT5V3Il/hk/a+r/o5Dt/3PR9t3Zpog8sulIaZ63YQsUapH5mo81z3hlc5lbbDj23C/jO/G1tf1faDr/1/fV/pyPmmps/76I2Pn74g8nWlqUdXmLdGpTi1Q/+7RdoH8tz1O1qA55/l+8ENF7ekdnlBe6nFH2/v1fr+/uUPwn7ur/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOPySiJ520wsR5yLiZEScyMbTiNXNMXd3UV9hINlNmntmNzkfZklv26lNK7pxjZN7cS/eiuP7kBoAAAAAAAAA++By6ZP3P3gve+T/H98TXy7U56QRvRFxMvlt31RpoTrXpaC+iBuN/9Lv31kON7Knh9fHP87Gnuiy0MF+fQAAPtf+FwAA//822GxX")
r5 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901)
r6 = fspick(r5, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(r6, 0x0, &(0x7f0000000080)='ro\x00', 0x0, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r6, 0x7, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_PATH(r6, 0x3, &(0x7f0000000040)='map=off', 0x0, r4)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r7)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r7, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000000)={0x20, r8, 0x9c3fa077fa966179, 0x0, 0x25dfdbfe, {{0x7e}, {@void, @val={0xc, 0x99, {0x7, 0x17}}}}}, 0x20}, 0x1, 0x0, 0x0, 0x8004800}, 0x8)
socket(0x15, 0x5, 0x0)

813.832615ms ago: executing program 0 (id=2716):
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000009c0)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000780)=ANY=[@ANYRES32=r4, @ANYRES32=r5, @ANYBLOB="0500000000000000000000007fbdbc14e20210"], 0x10)
syz_usb_connect(0x6, 0x24, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r4}, &(0x7f00000006c0), &(0x7f0000000700)=r3}, 0x20)
sendmsg$inet(r2, &(0x7f0000000980)={0x0, 0x6000, &(0x7f0000000900)=[{&(0x7f0000000640)='U', 0xa00120}], 0x1}, 0x3)

663.956766ms ago: executing program 3 (id=2717):
syz_emit_ethernet(0x52, &(0x7f0000000080)={@local, @random="1553ff41cf11", @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "4dda00", 0x1c, 0x6, 0x0, @private1={0xfc, 0x1, '\x00', 0x2}, @local, {[], {{0x0, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0x7, 0x2, 0x0, 0x0, 0x0, {[@generic={0x22, 0x2}, @generic={0x4, 0x4, "00f8"}]}}}}}}}}, 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000000080), 0x2, 0x842)
mount$9p_fd(0x0, &(0x7f0000000340)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r0])

496.914227ms ago: executing program 2 (id=2718):
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000140)=ANY=[@ANYBLOB="140000001000010000000000000000000300000a54000000060a010400000000000000000a0000040900010073797a31000000000900020073797a320000000028000480240001800b0001007470726f78790000140002800800034000ab0000080001400000000a"], 0x7c}, 0x1, 0x0, 0x0, 0x24000844}, 0x24044000)
bind$bt_sco(r0, &(0x7f0000000000)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
getsockopt$IP_SET_OP_GET_BYINDEX(r0, 0x1, 0x53, &(0x7f0000000080)={0x7, 0x7, 0x3}, &(0x7f00000000c0)=0x28)
listen(r0, 0x5)
ioctl$BTRFS_IOC_SCRUB(r0, 0xc400941b, &(0x7f00000002c0)={<r2=>0x0, 0xfff, 0x10})
ioctl$BTRFS_IOC_SCRUB(r0, 0xc400941b, &(0x7f00000006c0)={r2, 0xa, 0x6fd, 0x50d7005972eb9b2d})
r3 = msgget$private(0x0, 0x508)
msgsnd(r3, &(0x7f00000000c0)=ANY=[@ANYBLOB='\f\x00\x00\x00\x00\x00\x00\x00'], 0x8, 0x800)
accept4(r0, 0x0, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r4, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000001400000008000200fc00000018000180140002006e657464657673696d300000000000000800050000fcffff08000900fc000000080011000700000008000e00800000000800", @ANYRES32=r4, @ANYRESOCT], 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x0)

46.184246ms ago: executing program 4 (id=2719):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000740)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x4e23, @broadcast}, 0x2, 0x0, 0x4}}, 0x2e)
r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000480)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002cbd70100400000005000000080009000200000008000c00a80a000008000b000000000006000100"], 0x34}}, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
syz_emit_ethernet(0x53, &(0x7f0000000600)={@link_local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2a}, @val={@void}, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x19, 0x11, 0xff, @remote, @local, {[], {0x0, 0xe22, 0x19, 0x0, @gue={{0x2, 0x0, 0x0, 0x3}, "30b00afe4e794d9f63"}}}}}}}, 0x0)

3.808079ms ago: executing program 3 (id=2720):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000001c0)=[{0x6, 0x2, 0x0, 0x7fff0000}]})
set_tid_address(0x0)
preadv(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x20081, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x2, @perf_bp={0x0, 0x8}, 0x2, 0x0, 0x10ffe, 0x0, 0x2, 0x80000011, 0x1, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x2b, 0x3, 0x0, 0x2, 0x0, 0x9, 0xf40bb, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x0, @perf_config_ext={0x7, 0x100}, 0x104084, 0x0, 0x43a1bd76, 0x7, 0x6, 0x2, 0x2, 0x0, 0x0, 0x0, 0x200b}, 0x0, 0x4000000000, 0xffffffffffffffff, 0xa)
socket(0x2b, 0x80801, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f0000000280)='./file0\x00', 0x180c8, &(0x7f0000000580)=ANY=[@ANYRES64=0x0], 0x1, 0x24a, &(0x7f0000000ac0)="$eJzs3TFrE2EYB/DHNm1DFzuLw4GLU1An1yAVxIAQuUEnD6pLK8J1OZ3uY/gZ/Eh+jE7dTuzFpq3RpU3f693vB+Ee+BN4XgJ5Mzzvmw8PPx8efDn+1Pz8HuNxFqOIumki9mIjNqN1b/HcOKu346I6AIC7Zj4vpql7YL3KclpsRcTOX0n+I0lDAAAAAAAAAAAAXNuq+f84Nf8PAH1m/r//ynJa7C5+v11m/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABI57Rp7jf/eaXuDwC4efZ/ABge+z8ADI/9HwCG5+2796+ns9n+PMvGESd1lVd5+2zzl69m+0+yM3vLd51UVb55nj9t8+xyvhW7i/zZynw7Hj9q89/ZizezK/lOHKx/+QAAAAAAAAAAAAAAAAAAANAJk+zcyvP9k8m/8ra6cD/AlfP7o3gwurVlAAAAAAAAAAAAAAAAAAAAwJ12/PXbYXF09LEcbvHnXoOu9HPtIp53oo3bLnr0CXahSPzFBAAAAAAAAAAAAAAAAAAAA7Q89Ju6EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABIZ/n//+srIqJuWqmXCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPTYrwAAAP//gGWXaQ==")
r0 = open(&(0x7f0000000200)='./file1\x00', 0x4827e, 0xdc)
fallocate(r0, 0x0, 0x0, 0x8800000)
pwritev2(0xffffffffffffffff, 0x0, 0x0, 0x2000, 0x0, 0x3)
sched_setscheduler(0x0, 0x2, 0x0)
getpid()
connect$unix(0xffffffffffffffff, &(0x7f0000000200)=@file={0x0, './file0\x00'}, 0x38)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000002c80), 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x1, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff000000009408000000001700638af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b703000008000000850000006900000095"], &(0x7f0000005d80)='syzkaller\x00', 0xc}, 0x94)

0s ago: executing program 4 (id=2721):
r0 = socket(0x10, 0x803, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x4000)
sendmsg$nl_route_sched_retired(r1, &(0x7f0000000c80)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x42008421}, 0xc, &(0x7f0000000c40)={&(0x7f0000000a40)=@delqdisc={0x124, 0x25, 0x300, 0x70bd2c, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0xa, 0xfff2}, {0xa, 0x3}, {0x2, 0x8}}, [@q_dsmark={{0xb}, {0x34, 0x2, [@TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x2a}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_INDICES={0x6, 0x1, 0xa}, @TCA_DSMARK_INDICES={0x6}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x12}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x32}]}}, @q_dsmark={{0xb}, {0x44, 0x2, [@TCA_DSMARK_INDICES={0x6, 0x1, 0x38}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x972}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x2}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x5}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x9}, @TCA_DSMARK_DEFAULT_INDEX={0x6}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0xff}, @TCA_DSMARK_SET_TC_INDEX={0x4}]}}, @q_dsmark={{0xb}, {0x18, 0x2, [@TCA_DSMARK_INDICES={0x6, 0x1, 0x10}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x7}]}}, @q_dsmark={{0xb}, {0xc, 0x2, [@TCA_DSMARK_INDICES={0x6, 0x1, 0x10}]}}, @q_dsmark={{0xb}, {0x28, 0x2, [@TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x5}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x1}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x1}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_SET_TC_INDEX={0x4}]}}]}, 0x124}, 0x1, 0x0, 0x0, 0x20}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@newlink={0x38, 0x10, 0x401, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1114}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x8, 0x2, 0x0, 0x1, [@IFLA_IPTUN_COLLECT_METADATA={0x4}]}}}]}, 0x38}}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newlink={0x34, 0x10, 0x401, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, 0x0, 0x100, 0x15010}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x4}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x40001}, 0x20004090)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)={0x24, 0x2d, 0x1, 0x70bd2a, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @uid}, @nested={0x4}, @nested={0x5, 0x1, 0x0, 0x1, [@generic="88"]}]}, 0x24}], 0x1}, 0x0)
r3 = socket$xdp(0x2c, 0x3, 0x0)
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000340)='./file1\x00', 0x210000, &(0x7f0000000000)={[{@nobarrier}, {@dioread_lock}, {@barrier_val={'barrier', 0x3d, 0x4}}, {@usrjquota}, {@jqfmt_vfsv0}, {@lazytime}, {@errors_remount}, {@stripe={'stripe', 0x3d, 0x10}}, {@bh}, {@init_itable}]}, 0xfc, 0x57d, &(0x7f0000000380)="$eJzs3V9rW+UfAPDvSdPu7++3DsZQL2SwCydz6dr6Z4LgvBQdDvR+hjYro+kymnSsdeB24W68kSGIOBBfgPdeDt+Ar2KggyGj6IUIkZOcdLFNmrbLbNZ8PnCW5zl/9pxvnvM9e07OGSeAoXUi/SMX8WJEfJVEHGlblo9s4YnmequPb86kUxL1+se/J5Fk81rrJ9nnoX3NygsR8fMXEadzG9utLq/MF8vl0mJWn6gtXJuoLq+cubJQnCvNla5OTU+fe2N66u233uxbrK9e/PPbj+6/f+7Lk6vf/Pjw6N0kzsfhbFl7HE/hVnvlRPHvrDQa59etONmHxgZJspONRvq/H2zPSJbno5GeA47ESJb1wN73eUTUgSGVyH8YUq1xQOvavk/Xwc+NR+81L4AasY+1x59v/jYS+xvXRgdXk39dGaXXu+N9aD9t46ff7t1Np9j8d4gDPeoA23LrdkSczec3nv+T7Py3c2cbPx5vbn0bw/bvD+ym++n457VO47/c2vgnOox/DnXI3Z3onf+5h31opqt0/PdOx/Hv2qlrfCSr/a8x5htNLl8pl85GxP8j4lTUe976OLf6oN5tWfv4L53S9ltjwWw/Hub3pZ+H1+bMFmvFiBh7irDXPLod8VK+U/zJWv8nHfo//T4ubrGN46V7L7fvf7ve8T9b9R8iXunY/0+6Ndn8/uRE43iYaB0VG/1x5/gv3drf7fjT/j+4efzjSfv92ur22/h+/1+lbsu2fvw/kR7/Y8knjXIrCW4Ua7XFyYix5MON86eebNuqt9ZP4z91cvPzX6fjP734+nSL8d85dqfrqoPQ/7Pb6v/tFx588Nl33drfWv+/3iidyuZk57/OsmNlqzv4tN8fAAAAAAAADJJc48mCJFdYK+dyhULz+Y5jcTBXrlRrpy9Xlq7ONu/gj8dornWn+0jb8xCT2fOwrfrUuvp0RByNiK9HDjTqhZlKeXa3gwcAAAAAAAAAAAAAAAAAAIABcajL//9P/er9zLD3NV5ssG+39wLYDT1f+d+PNz0BA6ln/gN7lvyH4SX/YXjJfxhe8h+Gl/yH4SX/YXjJfwAAAAAAAAAAAAAAAAAAAAAAAAAAAOirixcupFN99fHNmbQ+e315ab5y/cxsqTpfWFiaKcxUFq8V5iqVuXKpMFNZ6PX3lSuVa5NTsXRjolaq1iaqyyuXFipLV2uXriwU50qXSqP/SVQAAAAAAAAAAAAAAAAAAADwfKkur8wXy+XSokLXwrsxELvxLANs2tHm+UGJQqFL4XZEPuvhbWy1iyclAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFjnnwAAAP//+tcwgw==")
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(r1, 0x84, 0x65, &(0x7f0000000940)=[@in={0x2, 0x4e20, @local}, @in={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x1, 0x0}}, @in6={0xa, 0x4e23, 0x1, @local}, @in6={0xa, 0x4e23, 0x5, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x3d}}, @in={0x2, 0x4e23, @multicast2}, @in={0x2, 0x4e23, @loopback}], 0x88)
r5 = syz_genetlink_get_family_id$nfc(&(0x7f0000000500), r4)
sendmsg$NFC_CMD_SE_IO(r4, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a00)={0x1c, r5, 0x1, 0x70bd28, 0x25dfdbfc, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x483, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x2, @perf_bp={0x0, 0x8}, 0x2, 0x0, 0x1000, 0x2, 0x2, 0x80000011, 0x1, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0x9)
openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFDSTADDR(r6, 0x891b, &(0x7f0000000000)={'team_slave_1\x00', {0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xa}}})
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000b80)={[{@errors_remount}, {@nobh}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@max_batch_time={'max_batch_time', 0x3d, 0x7}}, {@dioread_lock}]}, 0x3, 0x439, &(0x7f0000002380)="$eJzs3MtvG0UYAPBv105LXyRU5dEHECiIikfSpKX0wAUEEgeQkOBQjiFJq1K3QU2QaFVBQKgcUSXuiCMSfwEnuCDghMQV7qhShXJp4WS09m5iO3aauE5c8O8nrTuzO9bM592xZ3a6CWBgjWYvScTuiPg9Iobr2eYCo/V/bi1dmf576cp0EtXqW38ltXI3l65MF0WL9+0qMuWI9LMkDrapd/7S5XNTlcrsxTw/vnD+/fH5S5efO3t+6szsmdkLkydPHj828cKJyed7EmcW180DH80d2v/aO9femD517d2fv02K+Fvi6JHRtQ4+Wa32uLr+2tOQTsp9bAgbUqp30xiq9f/hKMXKyRuOVz/ta+OATVWtVqsPdD68WAX+x5LodwuA/ih+6LP5b7Ft0dDjrnDjpfoEKIv7Vr7Vj5QjzcsMtcxve2k0Ik4t/vNVtsXm3IcAAGjyfTb+ebbd+C+NxvtC9+ZrKCMRcV9E7I2IExGxLyLuj6iVfTAiHtpg/a2LJKvHP+n1rgJbp2z892K+ttU8/itGfzFSynN7avEPJafPVmaP5p/JkRjanuUn1qjjh1d++6LTscbxX7Zl9Rdjwbwd18vbm98zM7UwdScxN7rxScSBcrv4k+WVgCQi9kfEgS7rOPv0N4c6Hbt9/GvowTpT9euIp+rnfzFa4i8ka69Pjt8Tldmj48VVsdovv159s1P9dxR/D2Tnf2fb6385/pGkcb12fuN1XP3j845zmm6v/23J2037PpxaWLg4EbEteb3e6JX9pYuTLeUmV8pn8R853L7/742VT+JgRGQX8cMR8UhEPJq3/bGIeDwiDq8R/08vP/Fe9/Fvriz+mQ2d/5XEtmjd0z5ROvfjd02Vjmwk/uz8H6+ljuR71vP9t552dXc1AwAAwH9PGhG7I0nHltNpOjZW/z/8+2JnWpmbX3jm9NwHF2bqzwiMxFBa3OkabrgfOpFP64v8ZEv+WH7f+MvSjlp+bHquMtPv4GHA7erQ/zN/lvrdOmDTdbeOlva8HcDW87wmDC79HwaX/g+Dq03/39GPdgBbr93v/8d9aAew9coNr/nfBAMGhPk/DC79HwaX/g8DaX5H3P4heQmJVYlI74pmSGxSot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL3xbwAAAP//1Xjmag==")
r7 = open(&(0x7f0000000300)='.\x00', 0x100000, 0x0)
flock(r7, 0x6)
setsockopt$XDP_UMEM_FILL_RING(r3, 0x29, 0x5, 0x0, 0x0)

kernel console output (not intermixed with test programs):

1" path="socket:[22326]" dev="sockfs" ino=22326 ioctlcmd=0x6607 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  275.852738][T10275] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=769 sclass=netlink_route_socket pid=10275 comm=syz.0.2213
[  275.878463][   T28] audit: type=1400 audit(1775426718.352:1089): avc:  denied  { ioctl } for  pid=10269 comm="syz.0.2211" path="socket:[22330]" dev="sockfs" ino=22330 ioctlcmd=0x8918 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  276.001194][T10281] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  276.016835][T10278] netlink: 'syz.0.2213': attribute type 1 has an invalid length.
[  276.055410][T10281] gretap1: entered allmulticast mode
[  276.532321][ T3320] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  276.679895][T10292] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2217'.
[  276.713886][T10292] netlink: 'syz.3.2217': attribute type 7 has an invalid length.
[  276.737694][T10292] netlink: 'syz.3.2217': attribute type 8 has an invalid length.
[  276.763988][T10292] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2217'.
[  276.789065][   T28] audit: type=1400 audit(1775426719.402:1090): avc:  denied  { read } for  pid=10296 comm="syz.1.2219" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  276.870924][   T28] audit: type=1400 audit(1775426719.482:1091): avc:  denied  { getopt } for  pid=10296 comm="syz.1.2219" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  276.922139][   T28] audit: type=1400 audit(1775426719.512:1092): avc:  denied  { setopt } for  pid=10296 comm="syz.1.2219" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  276.945330][T10302] netlink: 104 bytes leftover after parsing attributes in process `syz.3.2220'.
[  276.963968][T10302] netlink: 'syz.3.2220': attribute type 1 has an invalid length.
[  277.770414][T10321] loop3: detected capacity change from 0 to 128
[  277.852456][T10327] loop3: detected capacity change from 0 to 1024
[  278.100954][T10327] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  278.114915][   T28] kauditd_printk_skb: 1 callbacks suppressed
[  278.114931][   T28] audit: type=1400 audit(1775426720.732:1094): avc:  denied  { ioctl } for  pid=10326 comm="syz.3.2227" path="socket:[22405]" dev="sockfs" ino=22405 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  278.288519][T10334] loop2: detected capacity change from 0 to 4096
[  278.324923][T10334] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  278.413727][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  278.591494][   T28] audit: type=1400 audit(1775426721.202:1095): avc:  denied  { bind } for  pid=10326 comm="syz.3.2227" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  278.672127][   T28] audit: type=1400 audit(1775426721.202:1096): avc:  denied  { write } for  pid=10326 comm="syz.3.2227" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  278.698310][T10342] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2230'.
[  278.713628][T10342] netlink: 'syz.2.2230': attribute type 7 has an invalid length.
[  278.721466][T10342] netlink: 'syz.2.2230': attribute type 8 has an invalid length.
[  278.743477][T10342] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2230'.
[  279.359949][T10352] program syz.4.2234 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  279.669656][ T3311] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  279.742931][T10364] loop3: detected capacity change from 0 to 512
[  279.764946][T10364] EXT4-fs: Ignoring removed orlov option
[  279.774747][T10364] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  279.790562][   T28] audit: type=1400 audit(1775426722.402:1097): avc:  denied  { write } for  pid=10365 comm="syz.4.2241" name="file0" dev="tmpfs" ino=2237 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  279.834885][T10364] EXT4-fs (loop3): orphan cleanup on readonly fs
[  279.844945][T10366] SELinux:  policydb version 5905727 does not match my version range 15-35
[  279.849256][   T28] audit: type=1400 audit(1775426722.402:1098): avc:  denied  { open } for  pid=10365 comm="syz.4.2241" path="/423/file0" dev="tmpfs" ino=2237 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  279.854614][T10366] SELinux: failed to load policy
[  279.894598][T10364] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2240: bg 0: block 248: padding at end of block bitmap is not set
[  279.918031][T10364] loop3: lost filesystem error report for type 5 error -117
[  279.918240][T10364] Quota error (device loop3): write_blk: dquota write failed
[  279.925624][    C0] EXT4-fs (loop3): error count since last fsck: 1
[  279.925652][    C0] EXT4-fs (loop3): last error at time 1775426722: ext4_validate_block_bitmap:441
[  279.977992][   T28] audit: type=1400 audit(1775426722.402:1099): avc:  denied  { getopt } for  pid=10365 comm="syz.4.2241" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  280.006319][T10364] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  280.029282][   T28] audit: type=1400 audit(1775426722.462:1100): avc:  denied  { load_policy } for  pid=10365 comm="syz.4.2241" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  280.030465][T10364] EXT4-fs error (device loop3): ext4_acquire_dquot:7026: comm syz.3.2240: Failed to acquire dquot type 1
[  280.093544][T10364] loop3: lost filesystem error report for type 5 error -117
[  280.094152][T10364] EXT4-fs (loop3): 1 truncate cleaned up
[  280.106359][T10375] loop4: detected capacity change from 0 to 512
[  280.109594][T10364] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  280.130824][T10376] loop0: detected capacity change from 0 to 512
[  280.201480][   T28] audit: type=1400 audit(1775426722.812:1101): avc:  denied  { read } for  pid=10363 comm="syz.3.2240" name="loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  280.247688][T10364] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  280.264604][T10364] EXT4-fs error (device loop3): __ext4_remount:6829: comm syz.3.2240: Abort forced by user
[  280.283632][T10364] EXT4-fs (loop3): Remounting filesystem read-only
[  280.291334][T10364] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  280.309586][T10364] ext4 filesystem being remounted at /460/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  280.375780][ T3311] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  280.456534][T10386] netlink: 'syz.3.2249': attribute type 11 has an invalid length.
[  280.528768][T10391] FAULT_INJECTION: forcing a failure.
[  280.528768][T10391] name failslab, interval 1, probability 0, space 0, times 0
[  280.611605][T10391] CPU: 1 UID: 0 PID: 10391 Comm: syz.3.2251 Not tainted syzkaller #0 PREEMPT(full) 
[  280.611639][T10391] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  280.611653][T10391] Call Trace:
[  280.611669][T10391]  <TASK>
[  280.611678][T10391]  __dump_stack+0x1d/0x30
[  280.611708][T10391]  dump_stack_lvl+0x95/0xd0
[  280.611788][T10391]  dump_stack+0x15/0x1b
[  280.611815][T10391]  should_fail_ex+0x263/0x280
[  280.611890][T10391]  should_failslab+0x8c/0xb0
[  280.611917][T10391]  __kmalloc_node_track_caller_noprof+0xc3/0x560
[  280.611964][T10391]  ? sidtab_sid2str_get+0xa0/0x130
[  280.611997][T10391]  kmemdup_noprof+0x2b/0x70
[  280.612021][T10391]  sidtab_sid2str_get+0xa0/0x130
[  280.612051][T10391]  security_sid_to_context_core+0x1eb/0x2e0
[  280.612190][T10391]  security_sid_to_context+0x27/0x40
[  280.612286][T10391]  avc_audit_post_callback+0x9d/0x540
[  280.612320][T10391]  ? audit_log_lsm_data+0x7e7/0xbb0
[  280.612348][T10391]  ? __pfx_avc_audit_post_callback+0x10/0x10
[  280.612380][T10391]  common_lsm_audit+0x1ba/0x230
[  280.612414][T10391]  ? __pfx_avc_audit_post_callback+0x10/0x10
[  280.612445][T10391]  ? avc_update_node+0x224/0x5e0
[  280.612515][T10391]  slow_avc_audit+0x14c/0x190
[  280.612608][T10391]  audit_inode_permission+0x119/0x160
[  280.612643][T10391]  selinux_inode_permission+0x723/0x7d0
[  280.612682][T10391]  security_inode_permission+0x69/0xa0
[  280.612771][T10391]  inode_permission+0x288/0x3b0
[  280.612802][T10391]  may_open+0x255/0x350
[  280.612836][T10391]  path_openat+0x1a59/0x2050
[  280.612859][T10391]  ? _parse_integer_limit+0x170/0x190
[  280.612916][T10391]  ? kstrtouint+0x76/0xc0
[  280.612941][T10391]  do_file_open+0x16c/0x290
[  280.612986][T10391]  do_sys_openat2+0x94/0x130
[  280.613034][T10391]  __x64_sys_openat+0xf2/0x120
[  280.613069][T10391]  x64_sys_call+0x1e39/0x3020
[  280.613097][T10391]  do_syscall_64+0x12c/0x370
[  280.613196][T10391]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  280.613223][T10391] RIP: 0033:0x7f83220bc819
[  280.613243][T10391] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  280.613263][T10391] RSP: 002b:00007f8320b17028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  280.613376][T10391] RAX: ffffffffffffffda RBX: 00007f8322335fa0 RCX: 00007f83220bc819
[  280.613393][T10391] RDX: 0000000000000001 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  280.613410][T10391] RBP: 00007f8320b17090 R08: 0000000000000000 R09: 0000000000000000
[  280.613425][T10391] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  280.613493][T10391] R13: 00007f8322336038 R14: 00007f8322335fa0 R15: 00007ffe888e2478
[  280.613540][T10391]  </TASK>
[  280.903581][T10391] random: crng reseeded on system resumption
[  281.031426][ T4351] bio_check_eod: 3 callbacks suppressed
[  281.031447][ T4351] kworker/u8:20: attempt to access beyond end of device
[  281.031447][ T4351] loop0: rw=1, sector=2456, nr_sectors = 2048 limit=512
[  281.062438][ T4351] kworker/u8:20: attempt to access beyond end of device
[  281.062438][ T4351] loop0: rw=1, sector=4504, nr_sectors = 2112 limit=512
[  281.094738][ T4351] kworker/u8:20: attempt to access beyond end of device
[  281.094738][ T4351] loop0: rw=1, sector=6616, nr_sectors = 3352 limit=512
[  281.130190][ T4351] kworker/u8:20: attempt to access beyond end of device
[  281.130190][ T4351] loop0: rw=1, sector=9968, nr_sectors = 2048 limit=512
[  281.162305][ T4351] kworker/u8:20: attempt to access beyond end of device
[  281.162305][ T4351] loop0: rw=1, sector=12016, nr_sectors = 2048 limit=512
[  281.196957][ T4351] kworker/u8:20: attempt to access beyond end of device
[  281.196957][ T4351] loop0: rw=1, sector=14064, nr_sectors = 2384 limit=512
[  281.228728][ T4351] kworker/u8:20: attempt to access beyond end of device
[  281.228728][ T4351] loop0: rw=1, sector=16448, nr_sectors = 16 limit=512
[  281.444029][T10402] loop4: detected capacity change from 0 to 1024
[  281.465319][T10402] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (29950!=20869)
[  281.503487][T10402] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  281.553440][T10402] EXT4-fs error (device loop4): ext4_get_journal_inode:5888: comm syz.4.2256: inode #4294967295: comm syz.4.2256: iget: illegal inode #
[  281.593437][T10402] loop4: lost filesystem error report for type 5 error -117
[  281.593632][T10402] EXT4-fs (loop4): no journal found
[  281.606430][    C0] EXT4-fs (loop4): error count since last fsck: 1
[  281.606455][    C0] EXT4-fs (loop4): initial error at time 1775426724: ext4_get_journal_inode:5888
[  281.606497][    C0] EXT4-fs (loop4): last error at time 1775426724: ext4_get_journal_inode:5888
[  281.663451][T10402] EXT4-fs (loop4): can't get journal size
[  281.673763][T10402] EXT4-fs (loop4): failed to initialize system zone (-22)
[  281.681029][T10402] EXT4-fs (loop4): mount failed
[  282.213582][T10400] syz.0.2255 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  282.258280][T10400] CPU: 0 UID: 0 PID: 10400 Comm: syz.0.2255 Not tainted syzkaller #0 PREEMPT(full) 
[  282.258442][T10400] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  282.258470][T10400] Call Trace:
[  282.258477][T10400]  <TASK>
[  282.258486][T10400]  __dump_stack+0x1d/0x30
[  282.258540][T10400]  dump_stack_lvl+0x95/0xd0
[  282.258563][T10400]  dump_stack+0x15/0x1b
[  282.258588][T10400]  dump_header+0x80/0x240
[  282.258675][T10400]  oom_kill_process+0x295/0x350
[  282.258704][T10400]  out_of_memory+0x97d/0xb80
[  282.258796][T10400]  try_charge_memcg+0x62e/0xa10
[  282.258836][T10400]  obj_cgroup_charge_pages+0x23/0xc0
[  282.258941][T10400]  __memcg_kmem_charge_page+0x9e/0x170
[  282.258968][T10400]  __alloc_frozen_pages_noprof+0x18a/0x360
[  282.259073][T10400]  alloc_pages_mpol+0xb3/0x260
[  282.259107][T10400]  alloc_pages_noprof+0x8f/0x140
[  282.259135][T10400]  __vmalloc_node_range_noprof+0xa46/0x12b0
[  282.259228][T10400]  __kvmalloc_node_noprof+0x3d4/0x650
[  282.259257][T10400]  ? futex_hash_allocate+0x190/0x9d0
[  282.259307][T10400]  ? futex_hash_allocate+0x190/0x9d0
[  282.259343][T10400]  futex_hash_allocate+0x190/0x9d0
[  282.259373][T10400]  ? cap_task_prctl+0x13f/0x6e0
[  282.259475][T10400]  futex_hash_prctl+0xd8/0xf0
[  282.259508][T10400]  __se_sys_prctl+0xa3d/0x13f0
[  282.259538][T10400]  __x64_sys_prctl+0x67/0x80
[  282.259622][T10400]  x64_sys_call+0x2533/0x3020
[  282.259649][T10400]  do_syscall_64+0x12c/0x370
[  282.259676][T10400]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  282.259748][T10400] RIP: 0033:0x7f38b1e9c819
[  282.259768][T10400] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  282.259791][T10400] RSP: 002b:00007f38b08ef028 EFLAGS: 00000246 ORIG_RAX: 000000000000009d
[  282.259816][T10400] RAX: ffffffffffffffda RBX: 00007f38b2115fa0 RCX: 00007f38b1e9c819
[  282.259830][T10400] RDX: 0000000001000000 RSI: 0000000000000001 RDI: 000000000000004e
[  282.259852][T10400] RBP: 00007f38b1f32c91 R08: 0000000000000000 R09: 0000000000000000
[  282.259928][T10400] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  282.259942][T10400] R13: 00007f38b2116038 R14: 00007f38b2115fa0 R15: 00007fff2bd420a8
[  282.260033][T10400]  </TASK>
[  282.260041][T10400] memory: usage 307200kB, limit 307200kB, failcnt 674
[  282.493999][T10400] memory+swap: usage 307396kB, limit 9007199254740988kB, failcnt 0
[  282.503112][T10400] kmem: usage 307196kB, limit 9007199254740988kB, failcnt 0
[  282.511037][T10400] Memory cgroup stats for /syz0:
[  282.533997][T10400] cache 0
[  282.542085][T10400] rss 0
[  282.552939][T10400] shmem 0
[  282.556698][T10400] mapped_file 0
[  282.560209][T10400] dirty 0
[  282.563315][T10400] writeback 0
[  282.568453][T10400] workingset_refault_anon 72
[  282.680257][T10400] workingset_refault_file 275
[  282.685043][T10400] swap 200704
[  282.688421][T10400] swapcached 499712
[  282.692324][T10400] pgpgin 272268
[  282.695851][T10400] pgpgout 272267
[  282.699417][T10400] pgfault 312027
[  282.703029][T10400] pgmajfault 74
[  282.714673][T10400] inactive_anon 0
[  282.755254][T10400] active_anon 4096
[  282.776295][T10400] inactive_file 0
[  282.803421][T10400] active_file 0
[  282.811158][T10400] unevictable 0
[  282.818933][T10400] hierarchical_memory_limit 314572800
[  282.829530][T10400] hierarchical_memsw_limit 9223372036854771712
[  282.845266][T10400] total_cache 0
[  282.852930][T10400] total_rss 0
[  282.873946][T10400] total_shmem 0
[  282.884772][T10400] total_mapped_file 0
[  282.897875][T10400] total_dirty 0
[  282.916415][T10400] total_writeback 0
[  282.930641][T10400] total_workingset_refault_anon 72
[  282.942431][T10400] total_workingset_refault_file 275
[  282.955050][T10400] total_swap 200704
[  282.963020][T10400] total_swapcached 499712
[  282.972601][T10400] total_pgpgin 272268
[  282.981221][T10400] total_pgpgout 272267
[  282.991593][T10400] total_pgfault 312027
[  282.999920][T10400] total_pgmajfault 74
[  283.008208][T10400] total_inactive_anon 0
[  283.017660][T10400] total_active_anon 4096
[  283.026106][T10400] total_inactive_file 0
[  283.034439][T10400] total_active_file 0
[  283.052279][T10400] total_unevictable 0
[  283.066805][T10400] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.2255,pid=10399,uid=0
[  283.112091][T10400] Memory cgroup out of memory: Killed process 10399 (syz.0.2255) total-vm:94164kB, anon-rss:1232kB, file-rss:22212kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  283.620813][T10439] program syz.2.2267 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  284.303809][T10446] pim6reg1: entered promiscuous mode
[  284.314288][T10446] pim6reg1: entered allmulticast mode
[  284.553035][T10456] netlink: 436 bytes leftover after parsing attributes in process `syz.0.2273'.
[  284.593237][T10456] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2273'.
[  284.603167][   T28] kauditd_printk_skb: 5 callbacks suppressed
[  284.603184][   T28] audit: type=1400 audit(1775426727.152:1107): avc:  denied  { mount } for  pid=10450 comm="syz.3.2272" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  284.790256][T10464] IPVS: Error connecting to the multicast addr
[  285.062728][T10473] program syz.3.2278 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  285.560398][   T28] audit: type=1400 audit(1775426728.172:1108): avc:  denied  { connect } for  pid=10478 comm="syz.3.2279" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  285.593517][T10480] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5138 sclass=netlink_route_socket pid=10480 comm=syz.2.2280
[  285.624210][T10480] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2280'.
[  285.634305][   T28] audit: type=1400 audit(1775426728.252:1109): avc:  denied  { setopt } for  pid=10478 comm="syz.3.2279" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  286.230717][   T28] audit: type=1326 audit(1775426728.822:1110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10483 comm="syz.0.2281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38b1e9c819 code=0x7ffc0000
[  286.337739][   T28] audit: type=1326 audit(1775426728.822:1111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10483 comm="syz.0.2281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38b1e9c819 code=0x7ffc0000
[  286.530788][   T28] audit: type=1326 audit(1775426728.822:1112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10483 comm="syz.0.2281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38b1e9c819 code=0x7ffc0000
[  286.560479][T10480] loop2: detected capacity change from 0 to 1024
[  286.588903][   T28] audit: type=1326 audit(1775426728.822:1113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10483 comm="syz.0.2281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38b1e9c819 code=0x7ffc0000
[  286.615113][T10480] EXT4-fs: Ignoring removed bh option
[  286.618618][   T28] audit: type=1326 audit(1775426728.822:1114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10483 comm="syz.0.2281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=162 compat=0 ip=0x7f38b1e9c819 code=0x7ffc0000
[  286.649805][   T28] audit: type=1326 audit(1775426728.872:1115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10483 comm="syz.0.2281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38b1e9c819 code=0x7ffc0000
[  286.673926][   T28] audit: type=1326 audit(1775426728.872:1116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10483 comm="syz.0.2281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38b1e9c819 code=0x7ffc0000
[  286.835029][T10480] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: writeback.
[  286.851082][T10480] ext4 filesystem being mounted at /465/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  286.903613][T10504] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 112: padding at end of block bitmap is not set
[  286.997564][T10506] loop1: detected capacity change from 0 to 1024
[  287.129063][T10480] EXT4-fs error (device loop2): ext4_map_blocks:828: inode #15: comm syz.2.2280: lblock 0 mapped to illegal pblock 0 (length 1)
[  287.234721][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  287.597486][T10518] program syz.1.2290 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  287.622657][T10521] sctp: [Deprecated]: syz.3.2292 (pid 10521) Use of int in max_burst socket option.
[  287.622657][T10521] Use struct sctp_assoc_value instead
[  287.836294][T10516] loop2: detected capacity change from 0 to 512
[  287.882151][T10516] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  287.986461][T10543] loop0: detected capacity change from 0 to 1764
[  288.136141][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  288.173557][T10550] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=257 sclass=netlink_route_socket pid=10550 comm=syz.0.2300
[  288.188415][T10552] Illegal XDP return value 4294967262 on prog  (id 239) dev N/A, expect packet loss!
[  288.306191][T10550] netlink: 'syz.0.2300': attribute type 16 has an invalid length.
[  288.431747][T10554] loop2: detected capacity change from 0 to 1764
[  288.439676][T10554] iso9660: Unknown parameter 'fowner<00000000000000000000'
[  288.763904][T10556] loop1: detected capacity change from 0 to 512
[  288.771296][T10556] EXT4-fs: inline encryption not supported
[  288.808433][T10556] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  288.829258][T10556] EXT4-fs (loop1): 1 truncate cleaned up
[  288.836401][T10556] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  288.851883][T10556] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  289.343729][T10559] program syz.0.2303 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  289.676326][ T1033] IPVS: starting estimator thread 0...
[  289.787728][T10564] IPVS: using max 2400 ests per chain, 120000 per kthread
[  290.355830][T10554] syz.2.2301 (10554) used greatest stack depth: 8440 bytes left
[  290.494656][T10574] loop2: detected capacity change from 0 to 512
[  290.502030][T10574] EXT4-fs: inline encryption not supported
[  290.556576][T10574] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  290.726405][T10574] EXT4-fs (loop2): 1 truncate cleaned up
[  290.749077][T10574] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  290.799968][T10574] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  291.030824][T10581] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2308'.
[  291.070028][T10581] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2308'.
[  291.251459][T10593] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=769 sclass=netlink_route_socket pid=10593 comm=syz.1.2313
[  291.348492][T10597] netlink: 68 bytes leftover after parsing attributes in process `syz.2.2311'.
[  291.380292][   T28] kauditd_printk_skb: 75 callbacks suppressed
[  291.380339][   T28] audit: type=1400 audit(1775426733.982:1192): avc:  denied  { remount } for  pid=10586 comm="syz.2.2311" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  291.473855][T10599] netlink: 'syz.1.2313': attribute type 1 has an invalid length.
[  292.024835][T10603] program syz.0.2315 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  292.148334][T10606] loop0: detected capacity change from 0 to 512
[  292.365308][T10609] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=769 sclass=netlink_route_socket pid=10609 comm=syz.1.2317
[  292.522883][T10610] netlink: 'syz.1.2317': attribute type 1 has an invalid length.
[  293.011629][T10624] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2322'.
[  293.021587][ T4357] kworker/u8:23: attempt to access beyond end of device
[  293.021587][ T4357] loop0: rw=1, sector=5856, nr_sectors = 10608 limit=512
[  293.022429][T10624] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2322'.
[  293.173822][   T28] audit: type=1400 audit(1775426735.792:1193): avc:  denied  { ioctl } for  pid=10629 comm="syz.0.2321" path="socket:[24006]" dev="sockfs" ino=24006 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  293.255158][T10636] bond1: entered promiscuous mode
[  293.261044][T10636] 8021q: adding VLAN 0 to HW filter on device bond1
[  293.414884][   T28] audit: type=1400 audit(1775426736.022:1194): avc:  denied  { nlmsg_write } for  pid=10629 comm="syz.0.2321" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1
[  293.615636][T10646] loop1: detected capacity change from 0 to 4096
[  293.627166][T10646] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  293.684101][T10646] EXT4-fs error (device loop1): ext4_iget_extra_inode:5040: inode #15: comm syz.1.2326: corrupted in-inode xattr: e_name out of bounds
[  293.744139][T10646] ext4: Unknown parameter 'ÿÿX€XsÔæTÓ ºÝ¨Ø'
[  293.751145][T10646] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  293.761836][T10646] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000.
[  293.770855][T10646] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000.
[  293.780785][T10646] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000.
[  293.789785][T10646] ext4: Unknown parameter 'ÿÿX€XsÔæTÓ ºÝ¨Ø'
[  293.796556][T10646] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000.
[  293.815894][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  293.927268][T10649] loop1: detected capacity change from 0 to 4096
[  293.964838][T10649] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  294.029964][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  295.224915][T10664] loop3: detected capacity change from 0 to 512
[  295.525488][   T28] audit: type=1400 audit(1775426738.142:1195): avc:  denied  { egress } for  pid=22 comm="ksoftirqd/1" saddr=fe80::a8aa:aaff:feaa:aa1c daddr=ff02::2 netif=gretap0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:netif_t tclass=netif permissive=1
[  295.551140][   T28] audit: type=1400 audit(1775426738.142:1196): avc:  denied  { sendto } for  pid=22 comm="ksoftirqd/1" saddr=fe80::a8aa:aaff:feaa:aa1c daddr=ff02::2 netif=gretap0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:node_t tclass=node permissive=1
[  295.865250][ T4014] kworker/u8:14: attempt to access beyond end of device
[  295.865250][ T4014] loop3: rw=1, sector=13544, nr_sectors = 2920 limit=512
[  295.881435][T10615] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  295.980081][T10674] netlink: 388 bytes leftover after parsing attributes in process `syz.4.2335'.
[  296.066840][   T28] audit: type=1400 audit(1775426738.682:1197): avc:  denied  { bind } for  pid=10679 comm="syz.2.2338" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  296.131418][T10678] netlink: 'syz.4.2337': attribute type 1 has an invalid length.
[  296.161205][T10678] bond1: entered promiscuous mode
[  296.173575][T10678] 8021q: adding VLAN 0 to HW filter on device bond1
[  296.181923][T10685] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2337'.
[  296.222132][T10685] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2337'.
[  296.265664][T10678] bond1: (slave bridge1): making interface the new active one
[  296.291884][T10678] bridge1: entered promiscuous mode
[  296.306403][T10690] loop4: detected capacity change from 0 to 512
[  296.312906][T10678] bond1: (slave bridge1): Enslaving as an active interface with an up link
[  296.348367][T10690] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a002e018, mo2=0002]
[  296.349592][   T28] audit: type=1326 audit(1775426738.962:1198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10688 comm="syz.2.2340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd6e0bc819 code=0x7ffc0000
[  296.356998][T10690] System zones: 
[  296.385696][   T28] audit: type=1326 audit(1775426738.962:1199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10688 comm="syz.2.2340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=303 compat=0 ip=0x7fbd6e0bc819 code=0x7ffc0000
[  296.413575][   T28] audit: type=1326 audit(1775426738.962:1200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10688 comm="syz.2.2340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd6e0bc819 code=0x7ffc0000
[  296.437648][   T28] audit: type=1326 audit(1775426738.962:1201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10688 comm="syz.2.2340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fbd6e0bc819 code=0x7ffc0000
[  296.445171][T10690] 0-2
[  296.461349][   T28] audit: type=1326 audit(1775426738.962:1202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10688 comm="syz.2.2340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd6e0bc819 code=0x7ffc0000
[  296.487627][   T28] audit: type=1326 audit(1775426739.002:1203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10688 comm="syz.2.2340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fbd6e0bc819 code=0x7ffc0000
[  296.511506][   T28] audit: type=1326 audit(1775426739.002:1204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10688 comm="syz.2.2340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd6e0bc819 code=0x7ffc0000
[  296.516321][T10690] , 18-18
[  296.535973][   T28] audit: type=1326 audit(1775426739.002:1205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10688 comm="syz.2.2340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fbd6e0bc819 code=0x7ffc0000
[  296.581873][T10690] , 34-34
[  296.584070][   T28] audit: type=1326 audit(1775426739.002:1206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10688 comm="syz.2.2340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd6e0bc819 code=0x7ffc0000
[  296.614486][T10690] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 42 vs 41 free clusters
[  296.633393][    C0] EXT4-fs (loop4): error count since last fsck: 1
[  296.639265][   T28] audit: type=1326 audit(1775426739.002:1207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10688 comm="syz.2.2340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd6e0bc819 code=0x7ffc0000
[  296.639891][    C0] EXT4-fs (loop4): initial error at time 1775426739: ext4_mb_generate_buddy:1317
[  296.673065][    C0] EXT4-fs (loop4): last error at time 1775426739: ext4_mb_generate_buddy:1317
[  296.687201][   T28] audit: type=1326 audit(1775426739.002:1208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10688 comm="syz.2.2340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fbd6e0bc819 code=0x7ffc0000
[  296.688840][T10690] EXT4-fs error (device loop4): ext4_do_update_inode:5602: inode #16: comm syz.4.2337: corrupted inode contents
[  296.760312][T10690] loop4: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[  296.760542][T10690] EXT4-fs error (device loop4): ext4_dirty_inode:6495: inode #16: comm syz.4.2337: mark_inode_dirty error
[  296.819693][T10690] loop4: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[  296.819927][T10690] EXT4-fs error (device loop4): ext4_do_update_inode:5602: inode #16: comm syz.4.2337: corrupted inode contents
[  296.869446][T10688] syz.2.2340 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  296.890731][T10688] CPU: 1 UID: 0 PID: 10688 Comm: syz.2.2340 Not tainted syzkaller #0 PREEMPT(full) 
[  296.890790][T10688] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  296.890825][T10688] Call Trace:
[  296.890832][T10688]  <TASK>
[  296.890839][T10688]  __dump_stack+0x1d/0x30
[  296.890868][T10688]  dump_stack_lvl+0x95/0xd0
[  296.890893][T10688]  dump_stack+0x15/0x1b
[  296.890915][T10688]  dump_header+0x80/0x240
[  296.891032][T10688]  oom_kill_process+0x295/0x350
[  296.891080][T10688]  out_of_memory+0x97d/0xb80
[  296.891105][T10688]  try_charge_memcg+0x62e/0xa10
[  296.891145][T10688]  mem_cgroup_swapin_charge_folio+0x103/0x1f0
[  296.891180][T10688]  __swap_cache_prepare_and_add+0x67/0x460
[  296.891261][T10688]  ? alloc_pages_mpol+0x217/0x260
[  296.891294][T10688]  swap_cache_alloc_folio+0xa2/0x120
[  296.891325][T10688]  swap_cluster_readahead+0x26e/0x3d0
[  296.891426][T10688]  swapin_readahead+0xde/0x840
[  296.891456][T10688]  ? _raw_spin_unlock+0x9/0x30
[  296.891490][T10688]  ? swap_put_entries_cluster+0x385/0x3a0
[  296.891523][T10688]  ? swap_put_entries_cluster+0x141/0x3a0
[  296.891586][T10688]  ? __rcu_read_unlock+0x4e/0x70
[  296.891646][T10688]  ? swap_cache_get_folio+0x26f/0x280
[  296.891676][T10688]  do_swap_page+0x2fe/0x21e0
[  296.891708][T10688]  ? css_rstat_updated+0xbb/0x280
[  296.891729][T10688]  ? __rcu_read_lock+0x36/0x50
[  296.891793][T10688]  ? pte_offset_map_rw_nolock+0x19e/0x200
[  296.891823][T10688]  handle_mm_fault+0xb46/0x3020
[  296.891856][T10688]  ? vma_start_read+0x1c7/0x2c0
[  296.891903][T10688]  do_user_addr_fault+0x62f/0x1050
[  296.891936][T10688]  ? arch_exit_to_user_mode_prepare+0x26/0x80
[  296.891961][T10688]  ? trace_page_fault_user+0x1f/0xe0
[  296.892016][T10688]  exc_page_fault+0x62/0xa0
[  296.892038][T10688]  asm_exc_page_fault+0x26/0x30
[  296.892058][T10688] RIP: 0033:0x7fbd6e07797e
[  296.892076][T10688] Code: 41 51 4c 8d 9b 08 03 00 00 49 89 c9 48 89 f1 41 50 48 8b 74 24 20 49 89 d0 48 89 fa 4c 89 df e8 a8 56 00 00 8b 93 08 03 00 00 <59> 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24
[  296.892173][T10688] RSP: 002b:00007ffe7279ab10 EFLAGS: 00010246
[  296.892191][T10688] RAX: 0000000000000000 RBX: 0000555582cac500 RCX: 00007fbd6e07d04e
[  296.892206][T10688] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  296.892218][T10688] RBP: 00007fbd6e337da0 R08: 0000000000000000 R09: 0000000000000000
[  296.892231][T10688] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000004886c
[  296.892245][T10688] R13: 00007fbd6e33609c R14: 00000000000485f8 R15: 00007fbd6e336090
[  296.892264][T10688]  </TASK>
[  296.902324][T10690] loop4: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[  296.903431][T10688] memory: usage 307200kB, limit 307200kB, failcnt 2653
[  296.928784][T10690] EXT4-fs error (device loop4): __ext4_ext_dirty:207: inode #16: comm syz.4.2337: mark_inode_dirty error
[  296.948621][T10688] memory+swap: usage 288656kB, limit 9007199254740988kB, failcnt 0
[  296.967997][T10696] serio: Serial port ttyS3
[  296.987133][T10688] kmem: usage 264460kB, limit 9007199254740988kB, failcnt 0
[  297.003421][T10690] loop4: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[  297.028365][T10688] Memory cgroup stats for 
[  297.063719][T10690] EXT4-fs error (device loop4): ext4_do_update_inode:5602: inode #16: comm syz.4.2337: corrupted inode contents
[  297.094014][T10688] /syz2
[  297.216806][T10690] loop4: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[  297.219985][T10690] EXT4-fs error (device loop4): __ext4_ext_dirty:207: inode #16: comm syz.4.2337: mark_inode_dirty error
[  297.241475][T10690] loop4: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[  297.241655][T10690] EXT4-fs error (device loop4): ext4_do_update_inode:5602: inode #16: comm syz.4.2337: corrupted inode contents
[  297.263173][T10688] :
[  297.263481][T10688] cache 524288
[  297.269334][T10688] rss 28672
[  297.272469][T10688] shmem 0
[  297.278881][T10690] loop4: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[  297.278951][T10688] mapped_file 65536
[  297.292329][T10688] dirty 0
[  297.294767][T10696] loop1: detected capacity change from 0 to 128
[  297.295551][T10690] EXT4-fs error (device loop4) in ext4_orphan_del:303: Corrupt filesystem
[  297.326123][T10688] writeback 0
[  297.339874][T10688] workingset_refault_anon 10
[  297.349079][T10690] loop4: lost filesystem error report for type 5 error -117
[  297.349239][T10690] EXT4-fs error (device loop4): ext4_do_update_inode:5602: inode #16: comm syz.4.2337: corrupted inode contents
[  297.353675][T10688] workingset_refault_file 129
[  297.357171][T10690] loop4: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[  297.368715][T10688] swap 172032
[  297.374577][T10690] EXT4-fs error (device loop4): ext4_truncate:4602: inode #16: comm syz.4.2337: mark_inode_dirty error
[  297.382646][T10688] swapcached 245760
[  297.382658][T10688] pgpgin 328899
[  297.405155][T10688] pgpgout 328763
[  297.407803][T10690] loop4: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[  297.408718][T10688] pgfault 326731
[  297.421619][T10690] EXT4-fs error (device loop4) in ext4_process_orphan:345: Corrupt filesystem
[  297.423152][T10688] pgmajfault 47
[  297.433586][T10690] loop4: lost filesystem error report for type 5 error -117
[  297.434433][T10690] EXT4-fs (loop4): 1 truncate cleaned up
[  297.435130][T10688] inactive_anon 0
[  297.442391][T10690] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  297.449609][T10688] active_anon 28672
[  297.452070][T10690] ext4 filesystem being mounted at /435/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  297.464525][  T176] EXT4-fs error (device loop4): ext4_release_dquot:7062: comm kworker/u8:5: Failed to release dquot type 1
[  297.492211][T10688] inactive_file 0
[  297.495968][T10688] active_file 499712
[  297.499150][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  297.499975][T10688] unevictable 0
[  297.512949][T10688] hierarchical_memory_limit 314572800
[  297.518404][T10688] hierarchical_memsw_limit 9223372036854771712
[  297.524811][T10688] total_cache 524288
[  297.546025][T10706] loop1: detected capacity change from 0 to 512
[  297.571455][T10708] pimreg: entered allmulticast mode
[  297.578841][T10688] total_rss 28672
[  297.582726][T10688] total_shmem 0
[  297.587905][T10709] pimreg: left allmulticast mode
[  297.599239][T10688] total_mapped_file 65536
[  297.604274][T10688] total_dirty 0
[  297.607829][T10688] total_writeback 0
[  297.614121][T10688] total_workingset_refault_anon 10
[  297.619392][T10688] total_workingset_refault_file 129
[  297.625090][T10688] total_swap 172032
[  297.629018][T10688] total_swapcached 245760
[  297.637417][T10707] pimreg: entered allmulticast mode
[  297.654270][T10708] pimreg: left allmulticast mode
[  297.661240][T10688] total_pgpgin 328899
[  297.687060][T10715] netlink: 388 bytes leftover after parsing attributes in process `syz.0.2347'.
[  297.693433][T10688] total_pgpgout 328763
[  297.703548][T10688] total_pgfault 326731
[  297.707672][T10688] total_pgmajfault 47
[  297.721943][T10688] total_inactive_anon 0
[  297.740960][T10688] total_active_anon 28672
[  297.751056][T10688] total_inactive_file 0
[  297.761320][T10688] total_active_file 499712
[  297.771318][T10688] total_unevictable 0
[  297.781342][T10688] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.2340,pid=10688,uid=0
[  297.800854][T10688] Memory cgroup out of memory: Killed process 10688 (syz.2.2340) total-vm:94164kB, anon-rss:1260kB, file-rss:22424kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[  297.834469][T10719] FAULT_INJECTION: forcing a failure.
[  297.834469][T10719] name failslab, interval 1, probability 0, space 0, times 0
[  297.850059][T10719] CPU: 0 UID: 0 PID: 10719 Comm: syz.4.2349 Not tainted syzkaller #0 PREEMPT(full) 
[  297.850092][T10719] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  297.850107][T10719] Call Trace:
[  297.850115][T10719]  <TASK>
[  297.850123][T10719]  __dump_stack+0x1d/0x30
[  297.850161][T10719]  dump_stack_lvl+0x95/0xd0
[  297.850184][T10719]  dump_stack+0x15/0x1b
[  297.850211][T10719]  should_fail_ex+0x263/0x280
[  297.850351][T10719]  should_failslab+0x8c/0xb0
[  297.850373][T10719]  kmem_cache_alloc_noprof+0x66/0x400
[  297.850395][T10719]  ? do_getname+0x2e/0x1c0
[  297.850420][T10719]  do_getname+0x2e/0x1c0
[  297.850475][T10719]  user_path_at+0x28/0x100
[  297.850503][T10719]  __se_sys_mount+0x25b/0x2e0
[  297.850526][T10719]  ? fput+0x8f/0xc0
[  297.850553][T10719]  __x64_sys_mount+0x67/0x80
[  297.850649][T10719]  x64_sys_call+0x2d61/0x3020
[  297.850682][T10719]  do_syscall_64+0x12c/0x370
[  297.850716][T10719]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  297.850742][T10719] RIP: 0033:0x7f47997ec819
[  297.850794][T10719] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  297.850838][T10719] RSP: 002b:00007f479823f028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  297.850926][T10719] RAX: ffffffffffffffda RBX: 00007f4799a65fa0 RCX: 00007f47997ec819
[  297.850944][T10719] RDX: 0000200000000100 RSI: 0000200000000040 RDI: 0000000000000000
[  297.850960][T10719] RBP: 00007f479823f090 R08: 0000200000000700 R09: 0000000000000000
[  297.850973][T10719] R10: 0000000000004440 R11: 0000000000000246 R12: 0000000000000001
[  297.850986][T10719] R13: 00007f4799a66038 R14: 00007f4799a65fa0 R15: 00007fffc6bb71d8
[  297.851043][T10719]  </TASK>
[  298.765426][ T4020] kworker/u8:16: attempt to access beyond end of device
[  298.765426][ T4020] loop1: rw=1, sector=2384, nr_sectors = 2128 limit=512
[  298.779670][T10739] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2354'.
[  298.793707][T10739] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2354'.
[  298.829705][ T4020] kworker/u8:16: attempt to access beyond end of device
[  298.829705][ T4020] loop1: rw=1, sector=4512, nr_sectors = 2112 limit=512
[  298.889993][T10741] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2356'.
[  298.893580][T10743] FAULT_INJECTION: forcing a failure.
[  298.893580][T10743] name failslab, interval 1, probability 0, space 0, times 0
[  298.902705][ T4020] kworker/u8:16: attempt to access beyond end of device
[  298.902705][ T4020] loop1: rw=1, sector=6624, nr_sectors = 2080 limit=512
[  298.925999][T10743] CPU: 1 UID: 0 PID: 10743 Comm: syz.2.2357 Not tainted syzkaller #0 PREEMPT(full) 
[  298.926070][T10743] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  298.926082][T10743] Call Trace:
[  298.926089][T10743]  <TASK>
[  298.926097][T10743]  __dump_stack+0x1d/0x30
[  298.926125][T10743]  dump_stack_lvl+0x95/0xd0
[  298.926169][T10743]  dump_stack+0x15/0x1b
[  298.926198][T10743]  should_fail_ex+0x263/0x280
[  298.926226][T10743]  should_failslab+0x8c/0xb0
[  298.926251][T10743]  kmem_cache_alloc_noprof+0x66/0x400
[  298.926277][T10743]  ? skb_clone+0x151/0x1f0
[  298.926311][T10743]  skb_clone+0x151/0x1f0
[  298.926332][T10743]  __netlink_deliver_tap+0x2c9/0x500
[  298.926420][T10743]  netlink_unicast+0x66b/0x690
[  298.926450][T10743]  netlink_sendmsg+0x5c8/0x6f0
[  298.926470][T10743]  ? __pfx_netlink_sendmsg+0x10/0x10
[  298.926546][T10743]  ____sys_sendmsg+0x563/0x5b0
[  298.926567][T10743]  ___sys_sendmsg+0x195/0x1e0
[  298.926593][T10743]  __x64_sys_sendmsg+0xd4/0x160
[  298.926692][T10743]  x64_sys_call+0x194c/0x3020
[  298.926722][T10743]  do_syscall_64+0x12c/0x370
[  298.926752][T10743]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  298.926809][T10743] RIP: 0033:0x7fbd6e0bc819
[  298.926828][T10743] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  298.926845][T10743] RSP: 002b:00007fbd6cb17028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  298.926865][T10743] RAX: ffffffffffffffda RBX: 00007fbd6e335fa0 RCX: 00007fbd6e0bc819
[  298.926879][T10743] RDX: 0000000000000000 RSI: 0000200000000740 RDI: 0000000000000003
[  298.926943][T10743] RBP: 00007fbd6cb17090 R08: 0000000000000000 R09: 0000000000000000
[  298.926958][T10743] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  298.926973][T10743] R13: 00007fbd6e336038 R14: 00007fbd6e335fa0 R15: 00007ffe7279aa28
[  298.926993][T10743]  </TASK>
[  299.134647][T10745] netlink: 388 bytes leftover after parsing attributes in process `syz.0.2358'.
[  299.154151][ T4020] kworker/u8:16: attempt to access beyond end of device
[  299.154151][ T4020] loop1: rw=1, sector=8704, nr_sectors = 2064 limit=512
[  299.197404][ T4020] kworker/u8:16: attempt to access beyond end of device
[  299.197404][ T4020] loop1: rw=1, sector=10768, nr_sectors = 2048 limit=512
[  299.225207][ T4020] kworker/u8:16: attempt to access beyond end of device
[  299.225207][ T4020] loop1: rw=1, sector=12816, nr_sectors = 2048 limit=512
[  299.242254][ T4020] kworker/u8:16: attempt to access beyond end of device
[  299.242254][ T4020] loop1: rw=1, sector=14864, nr_sectors = 1600 limit=512
[  299.247038][T10749] FAULT_INJECTION: forcing a failure.
[  299.247038][T10749] name failslab, interval 1, probability 0, space 0, times 0
[  299.269070][T10748] loop0: detected capacity change from 0 to 1024
[  299.310044][T10749] CPU: 0 UID: 0 PID: 10749 Comm: syz.2.2361 Not tainted syzkaller #0 PREEMPT(full) 
[  299.310136][T10749] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  299.310149][T10749] Call Trace:
[  299.310157][T10749]  <TASK>
[  299.310166][T10749]  __dump_stack+0x1d/0x30
[  299.310197][T10749]  dump_stack_lvl+0x95/0xd0
[  299.310223][T10749]  dump_stack+0x15/0x1b
[  299.310275][T10749]  should_fail_ex+0x263/0x280
[  299.310305][T10749]  ? __pfx_debugfs_alloc_inode+0x10/0x10
[  299.310359][T10749]  should_failslab+0x8c/0xb0
[  299.310383][T10749]  kmem_cache_alloc_lru_noprof+0x6c/0x410
[  299.310410][T10749]  ? debugfs_alloc_inode+0x34/0x40
[  299.310472][T10749]  ? __pfx_debugfs_alloc_inode+0x10/0x10
[  299.310509][T10749]  debugfs_alloc_inode+0x34/0x40
[  299.310572][T10749]  alloc_inode+0x40/0x170
[  299.310599][T10749]  new_inode+0x1d/0xe0
[  299.310628][T10749]  __debugfs_create_file+0x97/0x2b0
[  299.310672][T10749]  debugfs_create_file_full+0x3f/0x60
[  299.310703][T10749]  ? __pfx_xfrmi_dev_setup+0x10/0x10
[  299.310748][T10749]  ref_tracker_dir_debugfs+0x10e/0x220
[  299.310787][T10749]  alloc_netdev_mqs+0x1a7/0xa40
[  299.310826][T10749]  rtnl_create_link+0x239/0x720
[  299.310929][T10749]  rtnl_newlink_create+0x174/0x650
[  299.310958][T10749]  ? security_capable+0x7b/0x90
[  299.310991][T10749]  ? netlink_ns_capable+0x86/0xa0
[  299.311030][T10749]  rtnl_newlink+0x10a0/0x1330
[  299.311063][T10749]  ? __memcg_slab_free_hook+0x14b/0x240
[  299.311097][T10749]  ? __rcu_read_unlock+0x4e/0x70
[  299.311125][T10749]  ? avc_has_perm_noaudit+0xab/0x130
[  299.311177][T10749]  ? cred_has_capability+0x224/0x2a0
[  299.311210][T10749]  ? selinux_capable+0x31/0x40
[  299.311347][T10749]  ? security_capable+0x7b/0x90
[  299.311378][T10749]  ? ns_capable+0x7c/0xb0
[  299.311400][T10749]  ? __pfx_rtnl_newlink+0x10/0x10
[  299.311425][T10749]  rtnetlink_rcv_msg+0x64b/0x720
[  299.311498][T10749]  netlink_rcv_skb+0x123/0x220
[  299.311530][T10749]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  299.311584][T10749]  rtnetlink_rcv+0x1c/0x30
[  299.311606][T10749]  netlink_unicast+0x5c0/0x690
[  299.311641][T10749]  netlink_sendmsg+0x5c8/0x6f0
[  299.311674][T10749]  ? __pfx_netlink_sendmsg+0x10/0x10
[  299.311697][T10749]  ____sys_sendmsg+0x563/0x5b0
[  299.311722][T10749]  ___sys_sendmsg+0x195/0x1e0
[  299.311762][T10749]  __x64_sys_sendmsg+0xd4/0x160
[  299.311784][T10749]  x64_sys_call+0x194c/0x3020
[  299.311881][T10749]  do_syscall_64+0x12c/0x370
[  299.311912][T10749]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  299.311956][T10749] RIP: 0033:0x7fbd6e0bc819
[  299.311975][T10749] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  299.312068][T10749] RSP: 002b:00007fbd6cb17028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  299.312091][T10749] RAX: ffffffffffffffda RBX: 00007fbd6e335fa0 RCX: 00007fbd6e0bc819
[  299.312139][T10749] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000003
[  299.312154][T10749] RBP: 00007fbd6cb17090 R08: 0000000000000000 R09: 0000000000000000
[  299.312167][T10749] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  299.312181][T10749] R13: 00007fbd6e336038 R14: 00007fbd6e335fa0 R15: 00007ffe7279aa28
[  299.312202][T10749]  </TASK>
[  299.312242][T10749] debugfs: out of free dentries, can not create file 'netdev@ffff88810bafb560'
[  299.553052][T10756] loop1: detected capacity change from 0 to 2048
[  299.643763][T10748] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  299.649324][T10756] EXT4-fs: Ignoring removed nomblk_io_submit option
[  299.685636][T10756] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  299.748597][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  299.865219][T10773] loop4: detected capacity change from 0 to 512
[  299.961602][T10777] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2367'.
[  299.982523][T10777] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2367'.
[  300.196114][T10781] SELinux:  Context system_u:object_r:hugetlbfs_t:s0 is not valid (left unmapped).
[  300.378422][T10785] program syz.2.2370 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  300.511002][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  300.655230][T10796] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2375'.
[  300.665210][T10796] netlink: 'syz.2.2375': attribute type 30 has an invalid length.
[  300.673218][T10796] netlink: 'syz.2.2375': attribute type 29 has an invalid length.
[  300.760682][ T4014] kworker/u8:14: attempt to access beyond end of device
[  300.760682][ T4014] loop4: rw=1, sector=5272, nr_sectors = 5848 limit=512
[  300.789803][T10803] loop2: detected capacity change from 0 to 512
[  300.790311][ T4014] kworker/u8:14: attempt to access beyond end of device
[  300.790311][ T4014] loop4: rw=1, sector=11120, nr_sectors = 5344 limit=512
[  300.796799][T10803] EXT4-fs: inline encryption not supported
[  300.824293][T10803] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  300.837043][T10803] EXT4-fs (loop2): 1 truncate cleaned up
[  300.843297][T10803] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  300.862032][T10803] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  300.887638][T10809] netlink: 'syz.4.2378': attribute type 5 has an invalid length.
[  300.904328][T10810] netlink: 'syz.0.2380': attribute type 1 has an invalid length.
[  300.913697][T10812] program syz.3.2381 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  301.078792][T10826] loop2: detected capacity change from 0 to 1024
[  301.113043][T10826] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  301.386030][T10826] __nla_validate_parse: 2 callbacks suppressed
[  301.386059][T10826] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2385'.
[  301.419381][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  301.876588][T10840] loop2: detected capacity change from 0 to 512
[  301.960459][   T28] kauditd_printk_skb: 23 callbacks suppressed
[  301.960477][   T28] audit: type=1400 audit(1775426744.572:1231): avc:  denied  { mounton } for  pid=10839 comm="syz.2.2389" path="/496/file0" dev="tmpfs" ino=2603 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  302.038617][T10848] program syz.4.2392 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  302.091244][T10845] loop0: detected capacity change from 0 to 512
[  302.226790][   T28] audit: type=1400 audit(1775426744.842:1232): avc:  denied  { listen } for  pid=10854 comm="syz.3.2396" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  302.247371][   T28] audit: type=1400 audit(1775426744.872:1233): avc:  denied  { accept } for  pid=10854 comm="syz.3.2396" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  302.309303][T10845] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  302.313577][   T28] audit: type=1400 audit(1775426744.932:1234): avc:  denied  { shutdown } for  pid=10854 comm="syz.3.2396" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  302.324614][T10845] ext4 filesystem being mounted at /475/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  302.365563][T10872] netlink: 104 bytes leftover after parsing attributes in process `syz.2.2400'.
[  302.375707][T10872] netlink: 'syz.2.2400': attribute type 1 has an invalid length.
[  302.479461][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  302.520723][T10874] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2401'.
[  302.543130][T10874] netlink: 136 bytes leftover after parsing attributes in process `syz.0.2401'.
[  302.569777][T10874] loop0: detected capacity change from 0 to 512
[  302.923717][T10889] program syz.0.2406 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  303.230289][T10898] loop1: detected capacity change from 0 to 512
[  303.647716][T10905] loop1: detected capacity change from 0 to 512
[  303.657533][T10902] loop2: detected capacity change from 0 to 512
[  303.859298][T10902] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  303.873875][T10919] program syz.0.2417 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  303.904297][T10902] ext4 filesystem being mounted at /501/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  304.031138][   T28] audit: type=1400 audit(1775426746.642:1235): avc:  denied  { create } for  pid=10927 comm="syz.4.2420" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  304.063300][   T28] audit: type=1400 audit(1775426746.672:1236): avc:  denied  { setopt } for  pid=10927 comm="syz.4.2420" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  304.084311][T10928] netlink: 'syz.4.2420': attribute type 6 has an invalid length.
[  304.085472][T10929] netlink: 104 bytes leftover after parsing attributes in process `syz.0.2419'.
[  304.101763][   T28] audit: type=1400 audit(1775426746.672:1237): avc:  denied  { create } for  pid=10927 comm="syz.4.2420" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  304.125846][T10929] netlink: 'syz.0.2419': attribute type 1 has an invalid length.
[  304.126288][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  304.143117][   T28] audit: type=1400 audit(1775426746.702:1238): avc:  denied  { write } for  pid=10927 comm="syz.4.2420" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  304.253891][T10938] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=769 sclass=netlink_route_socket pid=10938 comm=syz.2.2421
[  304.393593][T10938] netlink: 'syz.2.2421': attribute type 1 has an invalid length.
[  304.551967][ T4359] kworker/u8:24: attempt to access beyond end of device
[  304.551967][ T4359] loop1: rw=1, sector=3432, nr_sectors = 2328 limit=512
[  304.589509][ T4359] kworker/u8:24: attempt to access beyond end of device
[  304.589509][ T4359] loop1: rw=1, sector=5760, nr_sectors = 2048 limit=512
[  304.626347][ T4359] kworker/u8:24: attempt to access beyond end of device
[  304.626347][ T4359] loop1: rw=1, sector=7808, nr_sectors = 2048 limit=512
[  304.650703][ T4359] kworker/u8:24: attempt to access beyond end of device
[  304.650703][ T4359] loop1: rw=1, sector=9856, nr_sectors = 2048 limit=512
[  304.672982][ T4359] kworker/u8:24: attempt to access beyond end of device
[  304.672982][ T4359] loop1: rw=1, sector=11904, nr_sectors = 2048 limit=512
[  304.696800][ T4359] kworker/u8:24: attempt to access beyond end of device
[  304.696800][ T4359] loop1: rw=1, sector=13952, nr_sectors = 2512 limit=512
[  304.856905][T10955] program syz.1.2428 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  305.159551][   T28] audit: type=1326 audit(1775426747.772:1239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10965 comm="syz.1.2434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1598fec819 code=0x7ffc0000
[  305.187673][   T28] audit: type=1326 audit(1775426747.772:1240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10965 comm="syz.1.2434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1598fec819 code=0x7ffc0000
[  305.215079][T10969] loop2: detected capacity change from 0 to 512
[  305.247610][T10964] loop0: detected capacity change from 0 to 512
[  305.356167][T10969] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  305.359979][T10964] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  305.382385][T10964] ext4 filesystem being mounted at /486/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  305.396795][T10969] EXT4-fs (loop2): inodes count not valid: 27 vs 32
[  305.433153][T10976] netlink: 348 bytes leftover after parsing attributes in process `syz.4.2437'.
[  305.464888][T10967] loop2: detected capacity change from 0 to 128
[  305.489942][T10967] FAT-fs (loop2): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  305.508541][ T4014] FAT-fs (loop2): error, invalid FAT chain (i_pos 548, last_block 8)
[  305.519737][ T4014] FAT-fs (loop2): Filesystem has been set read-only
[  305.527955][ T4014] FAT-fs (loop2): error, corrupted file size (i_pos 548, 522)
[  305.574397][T10982] program syz.2.2440 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  305.580086][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  305.645894][T10987] loop4: detected capacity change from 0 to 512
[  305.657060][T10987] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  305.679277][T10987] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2858: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  305.697063][T10987] EXT4-fs (loop4): 1 truncate cleaned up
[  305.703628][T10987] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  305.737945][T10992] loop0: detected capacity change from 0 to 512
[  305.750445][T10993] netlink: 104 bytes leftover after parsing attributes in process `syz.2.2441'.
[  305.802526][T10994] netlink: 'syz.2.2441': attribute type 1 has an invalid length.
[  306.052558][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  306.119575][T11002] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=769 sclass=netlink_route_socket pid=11002 comm=syz.4.2443
[  306.158485][T11001] netlink: 336 bytes leftover after parsing attributes in process `syz.1.2444'.
[  306.177839][T11001] netlink: 336 bytes leftover after parsing attributes in process `syz.1.2444'.
[  306.301789][T11008] netlink: 'syz.4.2443': attribute type 1 has an invalid length.
[  306.967844][ T4012] kworker/u8:13: attempt to access beyond end of device
[  306.967844][ T4012] loop0: rw=1, sector=2456, nr_sectors = 2048 limit=512
[  307.014871][ T4012] kworker/u8:13: attempt to access beyond end of device
[  307.014871][ T4012] loop0: rw=1, sector=4504, nr_sectors = 4152 limit=512
[  307.042742][ T4012] kworker/u8:13: attempt to access beyond end of device
[  307.042742][ T4012] loop0: rw=1, sector=8656, nr_sectors = 3632 limit=512
[  307.086820][ T4012] kworker/u8:13: attempt to access beyond end of device
[  307.086820][ T4012] loop0: rw=1, sector=12288, nr_sectors = 4176 limit=512
[  307.213950][T11021] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=769 sclass=netlink_route_socket pid=11021 comm=syz.0.2449
[  307.338772][T11022] netlink: 'syz.0.2449': attribute type 1 has an invalid length.
[  307.449931][T11019] loop1: detected capacity change from 0 to 512
[  307.554282][T11019] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  307.573014][T11019] ext4 filesystem being mounted at /501/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  308.014548][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  308.072225][T11028] program syz.1.2451 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  308.072732][T11029] tipc: Started in network mode
[  308.087643][T11029] tipc: Node identity 00000000400000000000000000000001, cluster identity 4711
[  308.096969][T11029] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  308.150918][T11033] loop0: detected capacity change from 0 to 512
[  308.165778][T11033] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  308.179359][T11033] ext4 filesystem being mounted at /490/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  308.213262][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  308.938499][T11046] loop2: detected capacity change from 0 to 512
[  309.129665][T11049] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=769 sclass=netlink_route_socket pid=11049 comm=syz.4.2458
[  309.218291][T11052] loop0: detected capacity change from 0 to 512
[  309.229390][T11053] netlink: 'syz.4.2458': attribute type 1 has an invalid length.
[  309.764155][ T4030] kworker/u8:18: attempt to access beyond end of device
[  309.764155][ T4030] loop2: rw=1, sector=2384, nr_sectors = 2080 limit=512
[  309.782874][ T4030] kworker/u8:18: attempt to access beyond end of device
[  309.782874][ T4030] loop2: rw=1, sector=4464, nr_sectors = 2048 limit=512
[  309.801648][ T4030] kworker/u8:18: attempt to access beyond end of device
[  309.801648][ T4030] loop2: rw=1, sector=6512, nr_sectors = 2048 limit=512
[  309.820027][ T4030] kworker/u8:18: attempt to access beyond end of device
[  309.820027][ T4030] loop2: rw=1, sector=8560, nr_sectors = 2048 limit=512
[  309.837886][ T4030] kworker/u8:18: attempt to access beyond end of device
[  309.837886][ T4030] loop2: rw=1, sector=10608, nr_sectors = 2048 limit=512
[  309.856312][ T4030] kworker/u8:18: attempt to access beyond end of device
[  309.856312][ T4030] loop2: rw=1, sector=12656, nr_sectors = 2048 limit=512
[  309.887661][ T4030] kworker/u8:18: attempt to access beyond end of device
[  309.887661][ T4030] loop2: rw=1, sector=14704, nr_sectors = 1760 limit=512
[  310.008157][   T28] kauditd_printk_skb: 500 callbacks suppressed
[  310.008176][   T28] audit: type=1400 audit(1775426752.622:1741): avc:  denied  { getopt } for  pid=11059 comm="syz.4.2461" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  310.064809][ T4012] kworker/u8:13: attempt to access beyond end of device
[  310.064809][ T4012] loop0: rw=1, sector=2880, nr_sectors = 4264 limit=512
[  310.085622][ T4012] kworker/u8:13: attempt to access beyond end of device
[  310.085622][ T4012] loop0: rw=1, sector=7144, nr_sectors = 2160 limit=512
[  310.100241][T11064] netlink: 'syz.2.2463': attribute type 3 has an invalid length.
[  310.103337][ T4012] kworker/u8:13: attempt to access beyond end of device
[  310.103337][ T4012] loop0: rw=1, sector=9304, nr_sectors = 2048 limit=512
[  310.202567][T11071] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2464'.
[  310.290528][T11076] netlink: 642 bytes leftover after parsing attributes in process `syz.0.2468'.
[  310.312134][   T28] audit: type=1400 audit(1775426752.922:1742): avc:  denied  { create } for  pid=11075 comm="syz.0.2468" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  310.385780][   T28] audit: type=1326 audit(1775426753.002:1743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11075 comm="syz.0.2468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38b1e9c819 code=0x7ffc0000
[  310.393640][T11076] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11076 comm=syz.0.2468
[  310.457603][   T28] audit: type=1326 audit(1775426753.002:1744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11075 comm="syz.0.2468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38b1e9c819 code=0x7ffc0000
[  310.504001][   T28] audit: type=1326 audit(1775426753.002:1745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11075 comm="syz.0.2468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38b1e9c819 code=0x7ffc0000
[  310.550481][   T28] audit: type=1326 audit(1775426753.002:1746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11075 comm="syz.0.2468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38b1e9c819 code=0x7ffc0000
[  310.601795][   T28] audit: type=1326 audit(1775426753.002:1747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11075 comm="syz.0.2468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=97 compat=0 ip=0x7f38b1e9c819 code=0x7ffc0000
[  310.650627][   T28] audit: type=1326 audit(1775426753.002:1748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11075 comm="syz.0.2468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38b1e9c819 code=0x7ffc0000
[  310.701055][   T28] audit: type=1326 audit(1775426753.002:1749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11075 comm="syz.0.2468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38b1e9c819 code=0x7ffc0000
[  310.742757][   T28] audit: type=1326 audit(1775426753.002:1750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11075 comm="syz.0.2468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38b1e9c819 code=0x7ffc0000
[  311.352609][T11086] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=769 sclass=netlink_route_socket pid=11086 comm=syz.1.2471
[  311.445361][T11087] netlink: 'syz.1.2471': attribute type 1 has an invalid length.
[  311.791777][T11039] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  311.819816][T11090] loop3: detected capacity change from 0 to 512
[  311.831650][T11090] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8840c01c, mo2=0002]
[  311.843515][T11090] EXT4-fs (loop3): orphan cleanup on readonly fs
[  311.850515][T11090] EXT4-fs warning (device loop3): ext4_enable_quotas:7261: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  311.866086][T11090] EXT4-fs (loop3): Cannot turn on quotas: error -22
[  311.873251][T11090] EXT4-fs error (device loop3): ext4_ext_check_inode:521: inode #13: comm syz.3.2472: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  311.891498][T11090] loop3: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117
[  311.891717][T11090] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz.3.2472: couldn't read orphan inode 13 (err -117)
[  311.901045][    C1] EXT4-fs (loop3): error count since last fsck: 1
[  311.901071][    C1] EXT4-fs (loop3): last error at time 1775426754: ext4_ext_check_inode:521: inode 13
[  311.929673][T11090] loop3: lost filesystem error report for type 5 error -117
[  311.930164][T11090] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  311.952325][T11090] EXT4-fs error (device loop3): ext4_lookup:1789: inode #2: comm syz.3.2472: deleted inode referenced: 12
[  312.024320][ T3311] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  312.575562][T11113] 9p: Bad value for 'rfdno'
[  312.673259][T11121] loop1: detected capacity change from 0 to 512
[  315.714556][T11117] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  315.767554][T11149] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=769 sclass=netlink_route_socket pid=11149 comm=syz.4.2492
[  315.850832][T11152] bridge0: port 2(bridge_slave_1) entered disabled state
[  315.858044][T11152] bridge0: port 1(bridge_slave_0) entered disabled state
[  315.892373][T11159] netlink: 'syz.4.2492': attribute type 1 has an invalid length.
[  316.766320][T11173] FAULT_INJECTION: forcing a failure.
[  316.766320][T11173] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  316.821654][T11173] CPU: 1 UID: 0 PID: 11173 Comm: syz.2.2498 Not tainted syzkaller #0 PREEMPT(full) 
[  316.821753][T11173] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  316.821765][T11173] Call Trace:
[  316.821771][T11173]  <TASK>
[  316.821780][T11173]  __dump_stack+0x1d/0x30
[  316.821960][T11173]  dump_stack_lvl+0x95/0xd0
[  316.821989][T11173]  dump_stack+0x15/0x1b
[  316.822015][T11173]  should_fail_ex+0x263/0x280
[  316.822044][T11173]  should_fail+0xb/0x20
[  316.822144][T11173]  should_fail_usercopy+0x1a/0x20
[  316.822176][T11173]  _copy_from_iter+0xcf/0xea0
[  316.822212][T11173]  ? _copy_from_iter+0x13e/0xea0
[  316.822249][T11173]  copy_page_from_iter+0x178/0x2a0
[  316.822287][T11173]  skb_copy_datagram_from_iter+0x22d/0x480
[  316.822372][T11173]  unix_stream_sendmsg+0x642/0xbb0
[  316.822438][T11173]  ? __pfx_unix_stream_sendmsg+0x10/0x10
[  316.822469][T11173]  ____sys_sendmsg+0x563/0x5b0
[  316.822545][T11173]  ___sys_sendmsg+0x195/0x1e0
[  316.822622][T11173]  __x64_sys_sendmsg+0xd4/0x160
[  316.822650][T11173]  x64_sys_call+0x194c/0x3020
[  316.822685][T11173]  do_syscall_64+0x12c/0x370
[  316.822762][T11173]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  316.822787][T11173] RIP: 0033:0x7fbd6e0bc819
[  316.822815][T11173] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  316.822842][T11173] RSP: 002b:00007fbd6cb17028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  316.822880][T11173] RAX: ffffffffffffffda RBX: 00007fbd6e335fa0 RCX: 00007fbd6e0bc819
[  316.822897][T11173] RDX: 0000000000000003 RSI: 0000200000000980 RDI: 0000000000000003
[  316.822913][T11173] RBP: 00007fbd6cb17090 R08: 0000000000000000 R09: 0000000000000000
[  316.822927][T11173] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  316.822943][T11173] R13: 00007fbd6e336038 R14: 00007fbd6e335fa0 R15: 00007ffe7279aa28
[  316.822967][T11173]  </TASK>
[  316.977546][ T4357] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  317.088440][ T4357] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  317.118075][ T4357] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  317.138531][ T4357] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  317.151679][T11175] loop4: detected capacity change from 0 to 512
[  317.178582][T11175] EXT4-fs: inline encryption not supported
[  317.220256][   T28] kauditd_printk_skb: 98 callbacks suppressed
[  317.220275][   T28] audit: type=1400 audit(1775426759.832:1849): avc:  denied  { read } for  pid=11180 comm="syz.0.2501" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  317.262060][T11175] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  317.302846][T11175] EXT4-fs (loop4): 1 truncate cleaned up
[  317.310750][T11175] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  317.361961][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  317.389320][T11188] netlink: 104 bytes leftover after parsing attributes in process `syz.2.2502'.
[  317.409294][T11188] netlink: 'syz.2.2502': attribute type 1 has an invalid length.
[  317.488575][T11190] netdevsim netdevsim4: Direct firmware load for ./file0 failed with error -2
[  317.552141][T11194] netlink: 388 bytes leftover after parsing attributes in process `syz.4.2504'.
[  317.776576][   T28] audit: type=1400 audit(1775426760.392:1850): avc:  denied  { execute } for  pid=11154 comm="syz.3.2493" name="file0" dev="tmpfs" ino=2609 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  317.776742][T11155] process 'syz.3.2493' launched './file0' with NULL argv: empty string added
[  317.820300][   T28] audit: type=1400 audit(1775426760.432:1851): avc:  denied  { execute_no_trans } for  pid=11154 comm="syz.3.2493" path="/495/file0" dev="tmpfs" ino=2609 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  317.903282][   T28] audit: type=1326 audit(1775426760.512:1852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11202 comm="syz.3.2506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83220bc819 code=0x7ffc0000
[  317.934630][   T28] audit: type=1326 audit(1775426760.512:1853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11202 comm="syz.3.2506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83220bc819 code=0x7ffc0000
[  317.959646][   T28] audit: type=1326 audit(1775426760.552:1854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11202 comm="syz.3.2506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83220bc819 code=0x7ffc0000
[  317.984358][   T28] audit: type=1326 audit(1775426760.552:1855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11202 comm="syz.3.2506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83220bc819 code=0x7ffc0000
[  318.010966][T11203] xt_hashlimit: size too large, truncated to 1048576
[  318.017915][   T28] audit: type=1326 audit(1775426760.552:1856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11202 comm="syz.3.2506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=160 compat=0 ip=0x7f83220bc819 code=0x7ffc0000
[  318.041943][   T28] audit: type=1326 audit(1775426760.552:1857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11202 comm="syz.3.2506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83220bc819 code=0x7ffc0000
[  318.065705][   T28] audit: type=1326 audit(1775426760.552:1858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11202 comm="syz.3.2506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83220bc819 code=0x7ffc0000
[  318.498712][T11214] loop1: detected capacity change from 0 to 512
[  319.240044][ T4030] bio_check_eod: 9 callbacks suppressed
[  319.240063][ T4030] kworker/u8:18: attempt to access beyond end of device
[  319.240063][ T4030] loop1: rw=1, sector=2384, nr_sectors = 2048 limit=512
[  319.262824][ T4030] kworker/u8:18: attempt to access beyond end of device
[  319.262824][ T4030] loop1: rw=1, sector=4432, nr_sectors = 2048 limit=512
[  319.282454][ T4030] kworker/u8:18: attempt to access beyond end of device
[  319.282454][ T4030] loop1: rw=1, sector=6480, nr_sectors = 3888 limit=512
[  319.307875][ T4030] kworker/u8:18: attempt to access beyond end of device
[  319.307875][ T4030] loop1: rw=1, sector=10368, nr_sectors = 3200 limit=512
[  319.329977][ T4030] kworker/u8:18: attempt to access beyond end of device
[  319.329977][ T4030] loop1: rw=1, sector=13568, nr_sectors = 2048 limit=512
[  319.353816][ T4030] kworker/u8:18: attempt to access beyond end of device
[  319.353816][ T4030] loop1: rw=1, sector=15616, nr_sectors = 848 limit=512
[  319.498264][T11222] netlink: 388 bytes leftover after parsing attributes in process `syz.1.2511'.
[  319.685341][T11228] 8021q: VLANs not supported on caif0
[  319.728386][T11230] loop3: detected capacity change from 0 to 512
[  319.782203][T11230] EXT4-fs: inline encryption not supported
[  319.788605][T11230] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  319.802202][T11230] EXT4-fs (loop3): 1 truncate cleaned up
[  319.808516][T11230] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  319.823861][T11230] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  319.891211][T11235] loop3: detected capacity change from 0 to 512
[  319.935308][T11235] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  319.948556][T11235] ext4 filesystem being mounted at /498/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  319.961418][T11235] EXT4-fs error (device loop3): ext4_find_dest_de:2050: inode #2: block 3: comm syz.3.2514: bad entry in directory: inode out of bounds - offset=0, inode=4294377480, rec_len=2048, size=2048 fake=1
[  319.993715][ T3311] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  320.111189][T11242] program syz.3.2516 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  320.235056][T11246] netlink: 104 bytes leftover after parsing attributes in process `syz.0.2517'.
[  320.244876][T11246] netlink: 'syz.0.2517': attribute type 1 has an invalid length.
[  320.599216][T11196] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  320.850524][T11260] loop2: detected capacity change from 0 to 1024
[  320.891451][T11260] EXT4-fs: Ignoring removed bh option
[  321.006214][T11260] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  321.176492][T11264] EXT4-fs error (device loop2): __ext4_new_inode:1079: comm syz.2.2523: reserved inode found cleared - inode=18
[  321.256593][T11264] EXT4-fs (loop2): Remounting filesystem read-only
[  321.349490][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  321.389695][T11266] loop0: detected capacity change from 0 to 512
[  321.403830][T11266] EXT4-fs: inline encryption not supported
[  321.424030][T11266] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  321.454048][T11266] EXT4-fs (loop0): 1 truncate cleaned up
[  321.460243][T11266] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  321.503461][T11266] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  322.264945][   T10] kernel write not supported for file /1381/coredump_filter (pid: 10 comm: kworker/0:1)
[  322.381444][T11318] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  322.389248][T11318] SELinux: failed to load policy
[  322.643421][   T28] kauditd_printk_skb: 75 callbacks suppressed
[  322.643489][   T28] audit: type=1400 audit(1775426765.252:1934): avc:  denied  { create } for  pid=11321 comm="syz.0.2533" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  322.672450][T11322] syzkaller0: entered promiscuous mode
[  322.678351][T11322] syzkaller0: entered allmulticast mode
[  322.684691][   T28] audit: type=1400 audit(1775426765.292:1935): avc:  denied  { ioctl } for  pid=11321 comm="syz.0.2533" path="socket:[26092]" dev="sockfs" ino=26092 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  322.721578][   T28] audit: type=1400 audit(1775426765.332:1936): avc:  denied  { append } for  pid=11321 comm="syz.0.2533" name="loop5" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  322.899736][T11330] loop4: detected capacity change from 0 to 2048
[  322.906647][T11330] EXT4-fs: Ignoring removed nomblk_io_submit option
[  322.925856][T11330] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  322.939712][T11333] netlink: 104 bytes leftover after parsing attributes in process `syz.0.2535'.
[  322.949708][T11333] netlink: 'syz.0.2535': attribute type 1 has an invalid length.
[  323.138913][T11337] gretap0: entered promiscuous mode
[  323.149280][T11337] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=0 sclass=netlink_xfrm_socket pid=11337 comm=syz.2.2537
[  323.932133][T11345] loop0: detected capacity change from 0 to 512
[  323.963911][T11345] EXT4-fs: inline encryption not supported
[  324.003909][T11345] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  324.074091][T11345] EXT4-fs (loop0): 1 truncate cleaned up
[  324.080400][T11345] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  324.104072][T11345] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  324.143830][T11349] vhci_hcd vhci_hcd.4: default hub control req: 0000 v0000 i0000 l0
[  324.176944][   T28] audit: type=1400 audit(1775426766.782:1937): avc:  denied  { sqpoll } for  pid=11348 comm="syz.1.2540" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  324.216545][T11351] vhci_hcd vhci_hcd.4: default hub control req: 0000 v0000 i0000 l0
[  324.449485][   T28] audit: type=1400 audit(1775426767.062:1938): avc:  denied  { ioctl } for  pid=11359 comm="syz.2.2544" path="socket:[26160]" dev="sockfs" ino=26160 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  324.998991][T11371] loop2: detected capacity change from 0 to 512
[  325.128795][T11371] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  325.146589][T11371] ext4 filesystem being mounted at /529/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  325.199059][T11308] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  325.613453][   T28] audit: type=1400 audit(1775426768.212:1939): avc:  denied  { recv } for  pid=11354 comm="syz.1.2542" saddr=10.128.0.163 src=40810 daddr=10.128.0.25 dest=22 netif=eth0 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1
[  325.665605][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  325.756516][T11384] loop2: detected capacity change from 0 to 512
[  325.758272][T11382] ip6gretap0: entered promiscuous mode
[  325.784169][T11382] macvtap1: entered promiscuous mode
[  325.785065][T11384] EXT4-fs: inline encryption not supported
[  325.799097][T11382] macvtap1: entered allmulticast mode
[  325.799128][T11384] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  325.817959][T11382] ip6gretap0: entered allmulticast mode
[  325.827857][T11384] EXT4-fs (loop2): 1 truncate cleaned up
[  325.835090][T11384] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  325.835726][   T28] audit: type=1400 audit(1775426768.452:1940): avc:  denied  { read } for  pid=11381 comm="syz.0.2552" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  325.859253][T11384] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  325.872357][   T28] audit: type=1400 audit(1775426768.452:1941): avc:  denied  { open } for  pid=11381 comm="syz.0.2552" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  325.893084][T11388] loop3: detected capacity change from 0 to 2048
[  325.906307][   T28] audit: type=1400 audit(1775426768.502:1942): avc:  denied  { write } for  pid=11386 comm="syz.3.2553" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  325.933963][T11382] ip6gretap0: left allmulticast mode
[  325.945133][T11382] ip6gretap0: left promiscuous mode
[  325.977077][   T28] audit: type=1400 audit(1775426768.592:1943): avc:  denied  { read } for  pid=11386 comm="syz.3.2553" name="usbmon0" dev="devtmpfs" ino=141 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  326.096456][T11399] mmap: syz.3.2556 (11399) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  326.165257][T11402] vhci_hcd vhci_hcd.4: default hub control req: 0000 v0000 i0000 l0
[  326.356823][T11410] loop0: detected capacity change from 0 to 512
[  326.669457][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  326.843915][T11415] program syz.3.2561 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  326.853002][  T176] kworker/u8:5: attempt to access beyond end of device
[  326.853002][  T176] loop0: rw=1, sector=9344, nr_sectors = 2064 limit=512
[  326.891966][  T176] kworker/u8:5: attempt to access beyond end of device
[  326.891966][  T176] loop0: rw=1, sector=11408, nr_sectors = 2728 limit=512
[  326.928649][  T176] kworker/u8:5: attempt to access beyond end of device
[  326.928649][  T176] loop0: rw=1, sector=14136, nr_sectors = 2048 limit=512
[  326.944226][  T176] kworker/u8:5: attempt to access beyond end of device
[  326.944226][  T176] loop0: rw=1, sector=16184, nr_sectors = 280 limit=512
[  327.004498][T11425] loop0: detected capacity change from 0 to 512
[  327.011252][T11425] EXT4-fs: inline encryption not supported
[  327.025268][T11425] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  327.040395][T11425] EXT4-fs (loop0): 1 truncate cleaned up
[  327.055068][T11425] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  327.087006][T11425] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  327.145019][T11431] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11431 comm=syz.2.2567
[  327.163119][T11435] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2569'.
[  327.188556][T11438] vhci_hcd vhci_hcd.4: default hub control req: 0000 v0000 i0000 l0
[  327.687622][T11471] loop4: detected capacity change from 0 to 512
[  328.100217][T11476] program syz.0.2579 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  328.128206][T11478] loop0: detected capacity change from 0 to 164
[  328.160144][T11478] Unable to read rock-ridge attributes
[  328.179247][T11478] Unable to read rock-ridge attributes
[  328.185917][T11478] iso9660: Corrupted directory entry in block 4 of inode 1792
[  328.242034][T11485] vhci_hcd vhci_hcd.4: default hub control req: 0000 v0000 i0000 l0
[  328.425874][T11497] tipc: Enabled bearer <udp:syz2>, priority 10
[  328.479322][T11501] program syz.0.2590 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  328.569664][   T28] kauditd_printk_skb: 3 callbacks suppressed
[  328.569682][   T28] audit: type=1326 audit(1775426771.182:1947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11508 comm="syz.4.2593" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f47997ec819 code=0x0
[  328.637075][T11514] FAULT_INJECTION: forcing a failure.
[  328.637075][T11514] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  328.650678][T11514] CPU: 1 UID: 0 PID: 11514 Comm: syz.3.2594 Not tainted syzkaller #0 PREEMPT(full) 
[  328.650706][T11514] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  328.650721][T11514] Call Trace:
[  328.650728][T11514]  <TASK>
[  328.650773][T11514]  __dump_stack+0x1d/0x30
[  328.650840][T11514]  dump_stack_lvl+0x95/0xd0
[  328.650933][T11514]  dump_stack+0x15/0x1b
[  328.650955][T11514]  should_fail_ex+0x263/0x280
[  328.650986][T11514]  should_fail+0xb/0x20
[  328.651093][T11514]  should_fail_usercopy+0x1a/0x20
[  328.651128][T11514]  _copy_to_iter+0xd2/0xea0
[  328.651236][T11514]  ? __rcu_read_unlock+0x4e/0x70
[  328.651262][T11514]  ? avc_has_perm_noaudit+0xab/0x130
[  328.651413][T11514]  copy_page_to_iter+0x18f/0x2d0
[  328.651443][T11514]  anon_pipe_read+0x236/0x750
[  328.651529][T11514]  ? security_file_permission+0x22/0x70
[  328.651558][T11514]  ? __pfx_anon_pipe_read+0x10/0x10
[  328.651584][T11514]  __io_read+0x463/0xc50
[  328.651607][T11514]  ? task_work_add+0x277/0x2d0
[  328.651688][T11514]  io_read+0x4a/0x190
[  328.651709][T11514]  ? io_req_normal_work_add+0xe2/0x280
[  328.651740][T11514]  __io_issue_sqe+0xfd/0x2d0
[  328.651763][T11514]  io_issue_sqe+0x206/0xc00
[  328.651784][T11514]  ? anon_pipe_write+0xa1/0xb30
[  328.651810][T11514]  ? anon_pipe_write+0x991/0xb30
[  328.651871][T11514]  ? anon_pipe_write+0xa1/0xb30
[  328.651928][T11514]  io_req_task_submit+0x46/0xa0
[  328.651963][T11514]  io_poll_task_func+0x60b/0x800
[  328.652019][T11514]  ? __pfx_io_poll_task_func+0x10/0x10
[  328.652046][T11514]  io_handle_tw_list+0x121/0x230
[  328.652104][T11514]  tctx_task_work_run+0x42/0x170
[  328.652156][T11514]  tctx_task_work+0x3f/0x80
[  328.652184][T11514]  task_work_run+0x130/0x1a0
[  328.652213][T11514]  get_signal+0xe0e/0xf60
[  328.652320][T11514]  ? io_submit_one+0xbe3/0x1350
[  328.652359][T11514]  arch_do_signal_or_restart+0x96/0x450
[  328.652404][T11514]  exit_to_user_mode_loop+0x6a/0x6f0
[  328.652431][T11514]  do_syscall_64+0x249/0x370
[  328.652462][T11514]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  328.652487][T11514] RIP: 0033:0x7f83220bc819
[  328.652558][T11514] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  328.652579][T11514] RSP: 002b:00007f8320b17028 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[  328.652603][T11514] RAX: 0000000000000001 RBX: 00007f8322335fa0 RCX: 00007f83220bc819
[  328.652621][T11514] RDX: 0000200000000300 RSI: 0000000000000001 RDI: 00007f8320ae7000
[  328.652637][T11514] RBP: 00007f8320b17090 R08: 0000000000000000 R09: 0000000000000000
[  328.652686][T11514] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  328.652699][T11514] R13: 00007f8322336038 R14: 00007f8322335fa0 R15: 00007ffe888e2478
[  328.652723][T11514]  </TASK>
[  328.956782][   T28] audit: type=1400 audit(1775426771.552:1948): avc:  denied  { append } for  pid=11508 comm="syz.4.2593" name="ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  329.073939][T11524] FAULT_INJECTION: forcing a failure.
[  329.073939][T11524] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  329.094730][T11524] CPU: 0 UID: 0 PID: 11524 Comm: syz.3.2598 Not tainted syzkaller #0 PREEMPT(full) 
[  329.094763][T11524] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  329.094775][T11524] Call Trace:
[  329.094783][T11524]  <TASK>
[  329.094792][T11524]  __dump_stack+0x1d/0x30
[  329.094874][T11524]  dump_stack_lvl+0x95/0xd0
[  329.094900][T11524]  dump_stack+0x15/0x1b
[  329.094936][T11524]  should_fail_ex+0x263/0x280
[  329.094968][T11524]  should_fail+0xb/0x20
[  329.095007][T11524]  should_fail_usercopy+0x1a/0x20
[  329.095039][T11524]  _copy_from_user+0x1c/0xb0
[  329.095137][T11524]  do_sock_getsockopt+0xf1/0x210
[  329.095175][T11524]  __x64_sys_getsockopt+0x11d/0x1a0
[  329.095228][T11524]  x64_sys_call+0x2dcf/0x3020
[  329.095258][T11524]  do_syscall_64+0x12c/0x370
[  329.095312][T11524]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  329.095411][T11524] RIP: 0033:0x7f83220bc819
[  329.095429][T11524] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  329.095449][T11524] RSP: 002b:00007f8320b17028 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  329.095471][T11524] RAX: ffffffffffffffda RBX: 00007f8322335fa0 RCX: 00007f83220bc819
[  329.095487][T11524] RDX: 0000000000000002 RSI: 000000000000011c RDI: 0000000000000003
[  329.095501][T11524] RBP: 00007f8320b17090 R08: 0000200000000000 R09: 0000000000000000
[  329.095516][T11524] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000001
[  329.095601][T11524] R13: 00007f8322336038 R14: 00007f8322335fa0 R15: 00007ffe888e2478
[  329.095629][T11524]  </TASK>
[  329.101998][T11526] vhci_hcd vhci_hcd.4: default hub control req: 0000 v0000 i0000 l0
[  329.304742][T11530] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=769 sclass=netlink_route_socket pid=11530 comm=syz.1.2601
[  329.359222][T11536] program syz.3.2602 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  329.382945][T11537] netlink: 'syz.1.2601': attribute type 1 has an invalid length.
[  329.462226][T11543] loop0: detected capacity change from 0 to 512
[  329.496497][ T3512] tipc: Node number set to 1073741825
[  329.572393][T11542] loop3: detected capacity change from 0 to 4096
[  329.646453][T11542] EXT4-fs: Ignoring removed bh option
[  329.658774][T11542] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  329.683668][T11552] batadv_slave_0: entered promiscuous mode
[  329.695280][T11552] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2607'.
[  329.738692][T11552] batadv_slave_0 (unregistering): left promiscuous mode
[  329.768033][ T3311] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  329.895240][T11555] loop4: detected capacity change from 0 to 1024
[  329.910218][T11555] EXT4-fs: Ignoring removed bh option
[  329.967628][T11555] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  330.056469][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  330.179416][   T28] audit: type=1400 audit(1775426772.792:1949): avc:  denied  { execute } for  pid=11562 comm="syz.1.2612" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=26539 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  330.232575][   T28] audit: type=1400 audit(1775426772.832:1950): avc:  denied  { create } for  pid=11562 comm="syz.1.2612" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=netlink_socket permissive=1
[  330.258146][T11565] vhci_hcd vhci_hcd.4: default hub control req: 0000 v0000 i0000 l0
[  330.294944][   T28] audit: type=1400 audit(1775426772.832:1951): avc:  denied  { create } for  pid=11562 comm="syz.1.2612" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=qipcrtr_socket permissive=1
[  330.328633][   T28] audit: type=1400 audit(1775426772.832:1952): avc:  denied  { getattr } for  pid=11562 comm="syz.1.2612" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=qipcrtr_socket permissive=1
[  330.392646][   T28] audit: type=1400 audit(1775426772.832:1953): avc:  denied  { create } for  pid=11562 comm="syz.1.2612" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=netlink_route_socket permissive=1
[  330.419456][   T28] audit: type=1400 audit(1775426772.832:1954): avc:  denied  { write } for  pid=11562 comm="syz.1.2612" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=netlink_route_socket permissive=1
[  330.441690][   T28] audit: type=1400 audit(1775426772.832:1955): avc:  denied  { nlmsg_write } for  pid=11562 comm="syz.1.2612" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=netlink_route_socket permissive=1
[  330.477648][T11572] FAULT_INJECTION: forcing a failure.
[  330.477648][T11572] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  330.491050][T11572] CPU: 0 UID: 0 PID: 11572 Comm: syz.3.2608 Not tainted syzkaller #0 PREEMPT(full) 
[  330.491084][T11572] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  330.491098][T11572] Call Trace:
[  330.491107][T11572]  <TASK>
[  330.491117][T11572]  __dump_stack+0x1d/0x30
[  330.491255][T11572]  dump_stack_lvl+0x95/0xd0
[  330.491324][T11572]  dump_stack+0x15/0x1b
[  330.491349][T11572]  should_fail_ex+0x263/0x280
[  330.491378][T11572]  should_fail+0xb/0x20
[  330.491411][T11572]  should_fail_usercopy+0x1a/0x20
[  330.491515][T11572]  strncpy_from_user+0x27/0x250
[  330.491538][T11572]  ? kmem_cache_alloc_noprof+0x18c/0x400
[  330.491567][T11572]  do_getname+0x59/0x1c0
[  330.491605][T11572]  user_path_at+0x28/0x100
[  330.491691][T11572]  __se_sys_mount+0x25b/0x2e0
[  330.491716][T11572]  ? fput+0x8f/0xc0
[  330.491746][T11572]  __x64_sys_mount+0x67/0x80
[  330.491771][T11572]  x64_sys_call+0x2d61/0x3020
[  330.491867][T11572]  do_syscall_64+0x12c/0x370
[  330.491898][T11572]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  330.491988][T11572] RIP: 0033:0x7f83220bc819
[  330.492007][T11572] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  330.492026][T11572] RSP: 002b:00007f8320b17028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  330.492050][T11572] RAX: ffffffffffffffda RBX: 00007f8322335fa0 RCX: 00007f83220bc819
[  330.492081][T11572] RDX: 0000200000000040 RSI: 0000200000000340 RDI: 0000000000000000
[  330.492097][T11572] RBP: 00007f8320b17090 R08: 0000200000000240 R09: 0000000000000000
[  330.492112][T11572] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  330.492203][T11572] R13: 00007f8322336038 R14: 00007f8322335fa0 R15: 00007ffe888e2478
[  330.492225][T11572]  </TASK>
[  330.711019][T11578] program syz.3.2615 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  331.410418][ T3311] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  331.474717][T11600] loop2: detected capacity change from 0 to 1024
[  331.504714][T11600] EXT4-fs: Ignoring removed bh option
[  331.532957][ T3311] CPU: 1 UID: 0 PID: 3311 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  331.533056][ T3311] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  331.533070][ T3311] Call Trace:
[  331.533080][ T3311]  <TASK>
[  331.533090][ T3311]  __dump_stack+0x1d/0x30
[  331.533123][ T3311]  dump_stack_lvl+0x95/0xd0
[  331.533219][ T3311]  dump_stack+0x15/0x1b
[  331.533240][ T3311]  dump_header+0x80/0x240
[  331.533264][ T3311]  oom_kill_process+0x295/0x350
[  331.533301][ T3311]  out_of_memory+0x97d/0xb80
[  331.533330][ T3311]  try_charge_memcg+0x62e/0xa10
[  331.533482][ T3311]  mem_cgroup_swapin_charge_folio+0x103/0x1f0
[  331.533535][ T3311]  __swap_cache_prepare_and_add+0x67/0x460
[  331.533571][ T3311]  ? alloc_pages_mpol+0x217/0x260
[  331.533636][ T3311]  swap_cache_alloc_folio+0xa2/0x120
[  331.533672][ T3311]  swap_cluster_readahead+0x26e/0x3d0
[  331.533713][ T3311]  swapin_readahead+0xde/0x840
[  331.533790][ T3311]  ? swap_cache_get_folio+0x26f/0x280
[  331.533891][ T3311]  ? swap_cache_get_folio+0x26f/0x280
[  331.533992][ T3311]  ? swap_cache_get_folio+0x26f/0x280
[  331.534101][ T3311]  do_swap_page+0x2fe/0x21e0
[  331.534130][ T3311]  ? __rcu_read_lock+0x36/0x50
[  331.534156][ T3311]  ? pte_offset_map_rw_nolock+0x19e/0x200
[  331.534221][ T3311]  handle_mm_fault+0xb46/0x3020
[  331.534255][ T3311]  ? rcu_read_unlock_special+0x9f/0x200
[  331.534361][ T3311]  do_user_addr_fault+0x62f/0x1050
[  331.534398][ T3311]  ? trace_page_fault_user+0x1f/0xe0
[  331.534430][ T3311]  exc_page_fault+0x62/0xa0
[  331.534520][ T3311]  asm_exc_page_fault+0x26/0x30
[  331.534545][ T3311] RIP: 0033:0x7f8322077997
[  331.534565][ T3311] Code: 48 89 fa 4c 89 df e8 a8 56 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff
[  331.534594][ T3311] RSP: 002b:00007ffe888e2770 EFLAGS: 00010202
[  331.534623][ T3311] RAX: 0000000000000000 RBX: 00005555744de500 RCX: 00007f8322077997
[  331.534715][ T3311] RDX: 00007ffe888e27b0 RSI: 0000000000000000 RDI: 0000000000000000
[  331.534728][ T3311] RBP: 00007ffe888e281c R08: 0000000000000000 R09: 0000000000000000
[  331.534741][ T3311] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000001388
[  331.534754][ T3311] R13: 00000000000927c0 R14: 0000000000050ce3 R15: 00007ffe888e2870
[  331.534773][ T3311]  </TASK>
[  331.648843][T11606] loop0: detected capacity change from 0 to 512
[  331.840803][T11600] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  331.920715][ T3311] memory: usage 40064kB, limit 307200kB, failcnt 562
[  331.927930][ T3311] memory+swap: usage 40156kB, limit 9007199254740988kB, failcnt 0
[  331.936039][ T3311] kmem: usage 39280kB, limit 9007199254740988kB, failcnt 0
[  331.994132][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  332.036521][T11602] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2623'.
[  332.048859][T11602] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2623'.
[  332.121403][T11613] loop1: detected capacity change from 0 to 1764
[  332.129342][T11613] iso9660: Unknown parameter 'fowner<00000000000000000000'
[  332.389032][ T3311] Memory cgroup stats for /syz3:
[  332.389488][ T3311] cache 524288
[  332.398321][ T3311] rss 106496
[  332.401786][ T3311] shmem 0
[  332.405114][ T3311] mapped_file 24576
[  332.409205][ T3311] dirty 24576
[  332.412639][ T3311] writeback 28672
[  332.416526][ T3311] workingset_refault_anon 95
[  332.421191][ T3311] workingset_refault_file 1217
[  332.426394][ T3311] swap 94208
[  332.429726][ T3311] swapcached 8994816
[  332.433789][ T3311] pgpgin 387018
[  332.437467][ T3311] pgpgout 386861
[  332.441133][ T3311] pgfault 360790
[  332.444820][ T3311] pgmajfault 78
[  332.448316][ T3311] inactive_anon 28672
[  332.452406][ T3311] active_anon 90112
[  332.461567][ T3311] inactive_file 0
[  332.465299][ T3311] active_file 524288
[  332.469539][ T3311] unevictable 0
[  332.473082][ T3311] hierarchical_memory_limit 314572800
[  332.478937][ T3311] hierarchical_memsw_limit 9223372036854771712
[  332.494545][ T3311] total_cache 524288
[  332.498941][ T3311] total_rss 106496
[  332.502866][ T3311] total_shmem 0
[  332.507440][ T3311] total_mapped_file 24576
[  332.512179][ T3311] total_dirty 24576
[  332.886433][T11623] gtp0: entered promiscuous mode
[  332.891926][T11623] gtp0: entered allmulticast mode
[  333.601422][T11632] loop4: detected capacity change from 0 to 1764
[  333.608744][T11632] iso9660: Unknown parameter 'fowner<00000000000000000000'
[  333.957175][T11633] netlink: 'syz.0.2628': attribute type 6 has an invalid length.
[  333.965183][ T3311] total_writeback 28672
[  333.969939][ T3311] total_workingset_refault_anon 95
[  333.975527][ T3311] total_workingset_refault_file 1217
[  333.980937][ T3311] total_swap 94208
[  333.984909][ T3311] total_swapcached 8994816
[  333.989438][ T3311] total_pgpgin 387018
[  333.993744][ T3311] total_pgpgout 386861
[  334.181112][T11629] loop0: detected capacity change from 0 to 8192
[  334.983145][ T3311] total_pgfault 360790
[  335.418946][   T28] audit: type=1326 audit(1775426778.022:1956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11640 comm="syz.0.2633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38b1e9c819 code=0x7ffc0000
[  335.605119][ T3311] total_pgmajfault 78
[  335.619215][ T3311] total_inactive_anon 28672
[  335.636003][ T3311] total_active_anon 90112
[  335.652670][ T3311] total_inactive_file 0
[  335.761868][T11648] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2637'.
[  335.881188][   T28] audit: type=1326 audit(1775426778.022:1957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11640 comm="syz.0.2633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38b1e9c819 code=0x7ffc0000
[  335.905207][   T28] audit: type=1326 audit(1775426778.022:1958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11640 comm="syz.0.2633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38b1e9c819 code=0x7ffc0000
[  335.928947][   T28] audit: type=1326 audit(1775426778.022:1959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11640 comm="syz.0.2633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38b1e9c819 code=0x7ffc0000
[  335.988078][   T28] audit: type=1326 audit(1775426778.022:1960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11640 comm="syz.0.2633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f38b1e9c819 code=0x7ffc0000
[  336.041638][   T28] audit: type=1326 audit(1775426778.032:1961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11640 comm="syz.0.2633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38b1e9c819 code=0x7ffc0000
[  336.065610][   T28] audit: type=1326 audit(1775426778.032:1962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11640 comm="syz.0.2633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38b1e9c819 code=0x7ffc0000
[  336.089510][   T28] audit: type=1326 audit(1775426778.032:1963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11640 comm="syz.0.2633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38b1e9c819 code=0x7ffc0000
[  336.165265][   T28] audit: type=1326 audit(1775426778.032:1964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11640 comm="syz.0.2633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f38b1e9c819 code=0x7ffc0000
[  336.190203][   T28] audit: type=1326 audit(1775426778.032:1965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11640 comm="syz.0.2633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f38b1e9c819 code=0x7ffc0000
[  336.225845][ T3311] total_active_file 524288
[  336.230339][ T3311] total_unevictable 0
[  336.234697][ T3311] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.2618,pid=11584,uid=0
[  336.249699][ T3311] Memory cgroup out of memory: Killed process 11584 (syz.3.2618) total-vm:96344kB, anon-rss:1332kB, file-rss:22404kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[  336.287330][T11665] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2643'.
[  336.353952][T11668] FAULT_INJECTION: forcing a failure.
[  336.353952][T11668] name failslab, interval 1, probability 0, space 0, times 0
[  336.388657][T11668] CPU: 1 UID: 0 PID: 11668 Comm: syz.1.2645 Not tainted syzkaller #0 PREEMPT(full) 
[  336.388685][T11668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  336.388699][T11668] Call Trace:
[  336.388707][T11668]  <TASK>
[  336.388717][T11668]  __dump_stack+0x1d/0x30
[  336.388775][T11668]  dump_stack_lvl+0x95/0xd0
[  336.388801][T11668]  dump_stack+0x15/0x1b
[  336.388827][T11668]  should_fail_ex+0x263/0x280
[  336.388965][T11668]  should_failslab+0x8c/0xb0
[  336.388990][T11668]  kmem_cache_alloc_node_noprof+0x6d/0x460
[  336.389014][T11668]  ? __alloc_skb+0x2d6/0x690
[  336.389051][T11668]  __alloc_skb+0x2d6/0x690
[  336.389114][T11668]  ? __alloc_skb+0x200/0x690
[  336.389146][T11668]  netlink_alloc_large_skb+0xbf/0xf0
[  336.389181][T11668]  netlink_sendmsg+0x40c/0x6f0
[  336.389232][T11668]  ? __pfx_netlink_sendmsg+0x10/0x10
[  336.389251][T11668]  ____sys_sendmsg+0x563/0x5b0
[  336.389304][T11668]  ___sys_sendmsg+0x195/0x1e0
[  336.389340][T11668]  __x64_sys_sendmsg+0xd4/0x160
[  336.389367][T11668]  x64_sys_call+0x194c/0x3020
[  336.389463][T11668]  do_syscall_64+0x12c/0x370
[  336.389561][T11668]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  336.389583][T11668] RIP: 0033:0x7f1598fec819
[  336.389603][T11668] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  336.389625][T11668] RSP: 002b:00007f1597a3f028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  336.389648][T11668] RAX: ffffffffffffffda RBX: 00007f1599265fa0 RCX: 00007f1598fec819
[  336.389671][T11668] RDX: 0000000000000000 RSI: 0000200000000ac0 RDI: 0000000000000003
[  336.389684][T11668] RBP: 00007f1597a3f090 R08: 0000000000000000 R09: 0000000000000000
[  336.389697][T11668] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  336.389710][T11668] R13: 00007f1599266038 R14: 00007f1599265fa0 R15: 00007ffefbe74808
[  336.389734][T11668]  </TASK>
[  336.583196][T11585] syz.3.2618 (11585) used greatest stack depth: 8312 bytes left
[  336.739489][T11679] loop1: detected capacity change from 0 to 1024
[  336.775648][T11679] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (29950!=20869)
[  336.786066][T11679] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  336.897015][T11679] EXT4-fs error (device loop1): ext4_get_journal_inode:5888: comm syz.1.2649: inode #4294967295: comm syz.1.2649: iget: illegal inode #
[  336.899037][T11687] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=769 sclass=netlink_route_socket pid=11687 comm=syz.0.2653
[  336.911334][T11679] loop1: lost filesystem error report for type 5 error -117
[  336.924982][T11679] EXT4-fs (loop1): no journal found
[  336.937707][    C0] EXT4-fs (loop1): error count since last fsck: 1
[  336.937731][    C0] EXT4-fs (loop1): initial error at time 1775426779: ext4_get_journal_inode:5888
[  336.937760][    C0] EXT4-fs (loop1): last error at time 1775426779: ext4_get_journal_inode:5888
[  337.065489][T11679] EXT4-fs (loop1): can't get journal size
[  337.094451][T11679] EXT4-fs (loop1): failed to initialize system zone (-22)
[  337.119881][T11679] EXT4-fs (loop1): mount failed
[  337.168836][T11694] netlink: 'syz.0.2653': attribute type 1 has an invalid length.
[  338.240013][T11702] loop1: detected capacity change from 0 to 1024
[  338.247547][T11706] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2655'.
[  338.267377][T11702] EXT4-fs: Ignoring removed bh option
[  338.274098][T11708] program syz.0.2657 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  338.333883][T11702] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  338.394063][T11720] loop4: detected capacity change from 0 to 128
[  338.399377][T11702] EXT4-fs error (device loop1): __ext4_new_inode:1079: comm syz.1.2656: reserved inode found cleared - inode=18
[  338.517710][T11722] loop0: detected capacity change from 0 to 512
[  338.522162][T11702] EXT4-fs (loop1): Remounting filesystem read-only
[  338.525501][T11722] EXT4-fs (loop0): can't mount with commit=, fs mounted w/o journal
[  338.551356][    T9] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  338.559648][    T9] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  338.616128][T11731] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=769 sclass=netlink_route_socket pid=11731 comm=syz.2.2665
[  338.702735][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  338.731583][T11742] program syz.0.2669 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  338.756400][T11744] netlink: 'syz.2.2665': attribute type 1 has an invalid length.
[  338.799017][T11750] FAULT_INJECTION: forcing a failure.
[  338.799017][T11750] name failslab, interval 1, probability 0, space 0, times 0
[  338.812793][T11750] CPU: 0 UID: 0 PID: 11750 Comm: syz.0.2671 Not tainted syzkaller #0 PREEMPT(full) 
[  338.812822][T11750] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  338.812833][T11750] Call Trace:
[  338.812841][T11750]  <TASK>
[  338.812849][T11750]  __dump_stack+0x1d/0x30
[  338.812947][T11750]  dump_stack_lvl+0x95/0xd0
[  338.812972][T11750]  dump_stack+0x15/0x1b
[  338.812999][T11750]  should_fail_ex+0x263/0x280
[  338.813038][T11750]  should_failslab+0x8c/0xb0
[  338.813059][T11750]  kmem_cache_alloc_node_noprof+0x6d/0x460
[  338.813103][T11750]  ? __alloc_skb+0x2d6/0x690
[  338.813135][T11750]  __alloc_skb+0x2d6/0x690
[  338.813167][T11750]  ? __alloc_skb+0x200/0x690
[  338.813220][T11750]  netlink_alloc_large_skb+0xbf/0xf0
[  338.813248][T11750]  netlink_sendmsg+0x40c/0x6f0
[  338.813334][T11750]  ? __pfx_netlink_sendmsg+0x10/0x10
[  338.813363][T11750]  ____sys_sendmsg+0x563/0x5b0
[  338.813388][T11750]  ___sys_sendmsg+0x195/0x1e0
[  338.813419][T11750]  __x64_sys_sendmsg+0xd4/0x160
[  338.813444][T11750]  x64_sys_call+0x194c/0x3020
[  338.813493][T11750]  do_syscall_64+0x12c/0x370
[  338.813533][T11750]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  338.813554][T11750] RIP: 0033:0x7f38b1e9c819
[  338.813615][T11750] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  338.813637][T11750] RSP: 002b:00007f38b08ef028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  338.813660][T11750] RAX: ffffffffffffffda RBX: 00007f38b2115fa0 RCX: 00007f38b1e9c819
[  338.813674][T11750] RDX: 839157857a0fd2ca RSI: 0000200000000240 RDI: 0000000000000003
[  338.813702][T11750] RBP: 00007f38b08ef090 R08: 0000000000000000 R09: 0000000000000000
[  338.813714][T11750] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  338.813727][T11750] R13: 00007f38b2116038 R14: 00007f38b2115fa0 R15: 00007fff2bd420a8
[  338.813750][T11750]  </TASK>
[  339.128941][T11773] loop4: detected capacity change from 0 to 1024
[  339.136128][T11775] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2679'.
[  339.145633][T11773] EXT4-fs: Ignoring removed bh option
[  339.159004][T11777] loop1: detected capacity change from 0 to 1024
[  339.175726][T11777] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  339.176704][T11773] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  339.206483][T11777] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.2680: Invalid block bitmap block 0 in block_group 0
[  339.244635][T11777] loop1: lost filesystem error report for type 5 error -117
[  339.244787][T11777] EXT4-fs error (device loop1): ext4_acquire_dquot:7026: comm syz.1.2680: Failed to acquire dquot type 0
[  339.250924][T11773] EXT4-fs error (device loop4): __ext4_new_inode:1079: comm syz.4.2678: reserved inode found cleared - inode=18
[  339.268940][T11777] loop1: lost filesystem error report for type 5 error -117
[  339.275393][    C0] EXT4-fs (loop1): error count since last fsck: 1
[  339.275417][    C0] EXT4-fs (loop1): initial error at time 1775426781: ext4_read_block_bitmap_nowait:483
[  339.275444][    C0] EXT4-fs (loop1): last error at time 1775426781: ext4_read_block_bitmap_nowait:483
[  339.291358][T11773] EXT4-fs (loop4): Remounting filesystem read-only
[  339.320183][T11777] EXT4-fs error (device loop1): ext4_free_blocks:6724: comm syz.1.2680: Freeing blocks not in datazone - block = 0, count = 4096
[  339.339722][T11777] loop1: lost filesystem error report for type 5 error -117
[  339.345242][T11777] EXT4-fs error (device loop1): ext4_read_inode_bitmap:139: comm syz.1.2680: Invalid inode bitmap blk 0 in block_group 0
[  339.381173][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  339.382540][ T4030] EXT4-fs error (device loop1): ext4_release_dquot:7062: comm kworker/u8:18: Failed to release dquot type 0
[  339.393510][T11777] loop1: lost filesystem error report for type 5 error -117
[  339.412683][T11777] EXT4-fs error (device loop1) in ext4_free_inode:361: Corrupt filesystem
[  339.422435][ T4030] loop1: lost filesystem error report for type 5 error -117
[  339.429410][T11777] loop1: lost filesystem error report for type 5 error -117
[  339.471703][T11792] FAULT_INJECTION: forcing a failure.
[  339.471703][T11792] name failslab, interval 1, probability 0, space 0, times 0
[  339.478320][T11794] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2686'.
[  339.482727][T11792] CPU: 1 UID: 0 PID: 11792 Comm: syz.4.2685 Not tainted syzkaller #0 PREEMPT(full) 
[  339.482758][T11792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  339.482771][T11792] Call Trace:
[  339.482779][T11792]  <TASK>
[  339.482787][T11792]  __dump_stack+0x1d/0x30
[  339.482839][T11792]  dump_stack_lvl+0x95/0xd0
[  339.482863][T11792]  dump_stack+0x15/0x1b
[  339.482886][T11792]  should_fail_ex+0x263/0x280
[  339.482914][T11792]  should_failslab+0x8c/0xb0
[  339.482967][T11792]  kmem_cache_alloc_noprof+0x66/0x400
[  339.482991][T11792]  ? do_getname+0x2e/0x1c0
[  339.483017][T11792]  do_getname+0x2e/0x1c0
[  339.483041][T11792]  __se_sys_symlink+0x2f/0x1b0
[  339.483084][T11792]  __x64_sys_symlink+0x31/0x40
[  339.483181][T11792]  x64_sys_call+0x2465/0x3020
[  339.483277][T11792]  do_syscall_64+0x12c/0x370
[  339.483382][T11792]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  339.483405][T11792] RIP: 0033:0x7f47997ec819
[  339.483423][T11792] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  339.483441][T11792] RSP: 002b:00007f479823f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000058
[  339.483464][T11792] RAX: ffffffffffffffda RBX: 00007f4799a65fa0 RCX: 00007f47997ec819
[  339.483533][T11792] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000200000001640
[  339.483599][T11792] RBP: 00007f479823f090 R08: 0000000000000000 R09: 0000000000000000
[  339.483613][T11792] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  339.483626][T11792] R13: 00007f4799a66038 R14: 00007f4799a65fa0 R15: 00007fffc6bb71d8
[  339.483688][T11792]  </TASK>
[  339.493547][T11789] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2684'.
[  339.527964][T11777] EXT4-fs (loop1): 1 orphan inode deleted
[  339.550010][T11789] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2684'.
[  339.556261][T11777] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  339.725408][ T3320] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  339.771933][T11804] loop3: detected capacity change from 0 to 128
[  339.912682][T11816] loop0: detected capacity change from 0 to 1024
[  339.919876][T11816] EXT4-fs: Ignoring removed bh option
[  339.964334][T11816] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  339.982119][T11820] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=769 sclass=netlink_route_socket pid=11820 comm=syz.1.2696
[  340.021537][T11804] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  340.034675][T11816] EXT4-fs error (device loop0): __ext4_new_inode:1079: comm syz.0.2695: reserved inode found cleared - inode=18
[  340.047113][T11816] EXT4-fs (loop0): Remounting filesystem read-only
[  340.055093][T11804] ext4 filesystem being mounted at /530/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  340.070253][T11822] netlink: 'syz.1.2696': attribute type 1 has an invalid length.
[  340.093652][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  340.424459][   T28] kauditd_printk_skb: 479 callbacks suppressed
[  340.424486][   T28] audit: type=1326 audit(1775426783.042:2442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11795 comm="syz.2.2687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fbd6e07d04e code=0x7ffc0000
[  340.509483][   T28] audit: type=1326 audit(1775426783.072:2443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11795 comm="syz.2.2687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fbd6e0bc819 code=0x7ffc0000
[  340.612587][   T28] audit: type=1326 audit(1775426783.072:2444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11795 comm="syz.2.2687" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fbd6e0bc819 code=0x7ffc0000
[  340.777833][ T3311] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  340.854176][T11835] loop1: detected capacity change from 0 to 1024
[  340.861433][T11835] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (29950!=20869)
[  340.872000][T11835] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  340.884589][T11835] EXT4-fs error (device loop1): ext4_get_journal_inode:5888: comm syz.1.2700: inode #4294967295: comm syz.1.2700: iget: illegal inode #
[  340.901318][T11835] loop1: lost filesystem error report for type 5 error -117
[  340.901427][T11835] EXT4-fs (loop1): no journal found
[  340.908911][    C0] EXT4-fs (loop1): error count since last fsck: 1
[  340.908951][    C0] EXT4-fs (loop1): initial error at time 1775426783: ext4_get_journal_inode:5888
[  340.908977][    C0] EXT4-fs (loop1): last error at time 1775426783: ext4_get_journal_inode:5888
[  340.917642][T11831] futex_wake_op: syz.2.2699 tries to shift op by -1; fix this program
[  340.922642][T11835] EXT4-fs (loop1): can't get journal size
[  341.008974][T11835] EXT4-fs (loop1): failed to initialize system zone (-22)
[  341.016551][T11835] EXT4-fs (loop1): mount failed
[  341.755384][T11861] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2705'.
[  341.897759][T11869] loop4: detected capacity change from 0 to 1024
[  341.922363][T11869] EXT4-fs: Ignoring removed bh option
[  341.961822][T11869] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  342.175889][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  342.462445][T11891] loop3: detected capacity change from 0 to 512
[  342.581295][T11886] loop0: detected capacity change from 0 to 512
[  342.595783][T11891] EXT4-fs: Ignoring removed nobh option
[  342.601606][T11891] EXT4-fs: Ignoring removed orlov option
[  342.607877][T11891] EXT4-fs: Ignoring removed i_version option
[  342.652658][T11891] EXT4-fs error (device loop3): __ext4_iget:5393: inode #11: block 1: comm syz.3.2709: invalid block
[  342.665327][T11891] loop3: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[  342.671103][T11891] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz.3.2709: couldn't read orphan inode 11 (err -117)
[  342.673385][    C1] EXT4-fs (loop3): error count since last fsck: 1
[  342.700844][    C1] EXT4-fs (loop3): initial error at time 1775426785: __ext4_iget:5393: inode 11: block 1
[  342.711008][    C1] EXT4-fs (loop3): last error at time 1775426785: __ext4_iget:5393: inode 11: block 1
[  342.768182][T11898] loop4: detected capacity change from 0 to 1764
[  342.775897][T11898] iso9660: Unknown parameter 'fowner<00000000000000000000'
[  342.941100][T11891] loop3: lost filesystem error report for type 5 error -117
[  343.001263][T11886] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  343.077195][T11891] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  343.093246][T11886] ext4 filesystem being mounted at /560/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  343.244413][   T28] audit: type=1400 audit(1775426785.822:2445): avc:  denied  { write } for  pid=11880 comm="syz.0.2712" name="file1" dev="loop0" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  343.627929][   T28] audit: type=1400 audit(1775426785.822:2446): avc:  denied  { open } for  pid=11880 comm="syz.0.2712" path="/560/file1/file1" dev="loop0" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  343.682814][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  343.734742][   T28] audit: type=1400 audit(1775426785.832:2447): avc:  denied  { setattr } for  pid=11880 comm="syz.0.2712" path="/560/file1/file1" dev="loop0" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  343.763572][   T28] audit: type=1400 audit(1775426786.312:2448): avc:  denied  { setattr } for  pid=11890 comm="syz.3.2709" name="/" dev="loop3" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  343.872625][ T3311] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  344.451860][ T1033] kernel write not supported for file /input/event2 (pid: 1033 comm: kworker/1:2)
[  344.494654][T11914] loop4: detected capacity change from 0 to 1024
[  344.501602][T11914] EXT4-fs: Ignoring removed bh option
[  344.510970][T11915] loop3: detected capacity change from 0 to 512
[  344.517864][ T4030] ==================================================================
[  344.525962][ T4030] BUG: KCSAN: data-race in atime_needs_update / touch_atime
[  344.533283][ T4030] 
[  344.535713][ T4030] write to 0xffff88810565f540 of 4 bytes by task 4357 on cpu 1:
[  344.543462][ T4030]  touch_atime+0x1d7/0x330
[  344.547919][ T4030]  shmem_file_read_iter+0x477/0x540
[  344.553229][ T4030]  lo_rw_aio+0x67d/0x730
[  344.557489][ T4030]  loop_process_work+0x56c/0xac0
[  344.562442][ T4030]  loop_workfn+0x31/0x40
[  344.566706][ T4030]  process_scheduled_works+0x513/0xa10
[  344.572199][ T4030]  worker_thread+0x58a/0x780
[  344.577149][ T4030]  kthread+0x22a/0x280
[  344.581229][ T4030]  ret_from_fork+0x150/0x360
[  344.585840][ T4030]  ret_from_fork_asm+0x1a/0x30
[  344.590709][ T4030] 
[  344.593040][ T4030] read to 0xffff88810565f540 of 4 bytes by task 4030 on cpu 0:
[  344.600770][ T4030]  atime_needs_update+0x25f/0x3e0
[  344.606032][ T4030]  touch_atime+0x4a/0x330
[  344.610406][ T4030]  shmem_file_read_iter+0x477/0x540
[  344.615624][ T4030]  lo_rw_aio+0x67d/0x730
[  344.619973][ T4030]  loop_process_work+0x56c/0xac0
[  344.624936][ T4030]  loop_rootcg_workfn+0x22/0x30
[  344.629902][ T4030]  process_scheduled_works+0x513/0xa10
[  344.635376][ T4030]  worker_thread+0x58a/0x780
[  344.639987][ T4030]  kthread+0x22a/0x280
[  344.644083][ T4030]  ret_from_fork+0x150/0x360
[  344.648776][ T4030]  ret_from_fork_asm+0x1a/0x30
[  344.653567][ T4030] 
[  344.655893][ T4030] value changed: 0x074afcfe -> 0x086f8045
[  344.661702][ T4030] 
[  344.664059][ T4030] Reported by Kernel Concurrency Sanitizer on:
[  344.670213][ T4030] CPU: 0 UID: 0 PID: 4030 Comm: kworker/u8:18 Not tainted syzkaller #0 PREEMPT(full) 
[  344.679942][ T4030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  344.690003][ T4030] Workqueue: loop4 loop_rootcg_workfn
[  344.695404][ T4030] ==================================================================
[  344.711116][T11914] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  344.763623][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  344.876271][ T4357] kworker/u8:23: attempt to access beyond end of device
[  344.876271][ T4357] loop3: rw=1, sector=2416, nr_sectors = 3200 limit=512
[  344.892906][ T4357] kworker/u8:23: attempt to access beyond end of device
[  344.892906][ T4357] loop3: rw=1, sector=5616, nr_sectors = 2096 limit=512
[  344.909191][ T4357] kworker/u8:23: attempt to access beyond end of device
[  344.909191][ T4357] loop3: rw=1, sector=7712, nr_sectors = 2168 limit=512
[  344.926555][ T4357] kworker/u8:23: attempt to access beyond end of device
[  344.926555][ T4357] loop3: rw=1, sector=9880, nr_sectors = 2112 limit=512
[  344.943471][ T4357] kworker/u8:23: attempt to access beyond end of device
[  344.943471][ T4357] loop3: rw=1, sector=11992, nr_sectors = 3024 limit=512
[  344.960170][ T4357] kworker/u8:23: attempt to access beyond end of device
[  344.960170][ T4357] loop3: rw=1, sector=15016, nr_sectors = 1448 limit=512