last executing test programs:

39.433021181s ago: executing program 1 (id=328):
r0 = socket$inet(0x2, 0x3, 0x8)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000340)=@raw={'raw\x00', 0x8, 0x3, 0x308, 0x1a0, 0xe138, 0x198, 0x1a0, 0x198, 0x270, 0x358, 0x358, 0x270, 0x358, 0x3, 0x0, {[{{@ip={@broadcast, @loopback, 0x0, 0x0, 'nicvf0\x00', 'veth0_to_bond\x00', {}, {}, 0x0, 0x0, 0x20}, 0x0, 0x158, 0x178, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'fsm\x00', "0d0003000000000000000404fff0cf81dfd28c89544e14cd3e01dd24289831867846c88621039b284c3ff45c429955608b9952bed40ce4a8c1df6cdbdb7e2378d5afd35f4c16827f55b3af494e39e8fb330200000000000032b6a99a8d87298e88a94cb519f5c17631af916a0002000000000000000000000000000000080049", 0x4}}, @inet=@rpfilter={{0x28}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x1, 0x3, 0x3078, 0x5, 'syz1\x00', {0x5}}}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @local, 0xc, 0x6, [0x97f4, 0x15, 0x33, 0x29, 0x7, 0x3c, 0x4, 0x26, 0x9, 0xc, 0xf, 0x1d, 0x3e, 0x1e, 0x30], 0x0, 0x0, 0x3}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x368) (fail_nth: 4)

39.366906115s ago: executing program 1 (id=330):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETVNETHDRSZ(r0, 0x400454d8, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f00000001c0)={'veth1_virt_wifi\x00'})
listen(r1, 0xfff)
r2 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
syz_emit_ethernet(0x36, &(0x7f0000000240)={@local, @remote, @val, {@ipv6}}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000500)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_clone3(&(0x7f0000000740)={0x8180080, 0x0, 0x0, 0x0, {0x19}, 0x0, 0x0, 0x0, &(0x7f00000005c0)=[0xffffffffffffffff], 0x1}, 0x70)
write$char_usb(0xffffffffffffffff, 0x0, 0x18)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x27, 0x6, 0x0, 0x0, 0x0, 0x9, 0x690bb, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000400, 0x1, @perf_bp={0x0, 0x8}, 0x880, 0x34, 0x43a1bd76, 0x1, 0x3, 0x1, 0x2, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x1)
modify_ldt$read_default(0x2, &(0x7f0000000000)=""/147, 0x93)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a80)={0x14, 0x58, 0x1, 0x0, 0x0, {0x7}}, 0x14}, 0x1, 0x0, 0x0, 0x4c504}, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
ioctl$RTC_VL_READ(0xffffffffffffffff, 0x80047013, &(0x7f0000000280))

37.705619496s ago: executing program 1 (id=337):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000100), r0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000b40)={&(0x7f0000000500)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c00000007000000040000000000000c0100000000610061ff5c"], &(0x7f0000000400)=""/220, 0x2b, 0xdc, 0x1}, 0x28)
sendmsg$L2TP_CMD_SESSION_GET(r0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x40, r1, 0x200, 0x70bd2d, 0x25dfdbfe, {}, [@L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_DEBUG={0x8, 0x11, 0x1}, @L2TP_ATTR_PEER_COOKIE={0xc, 0x10, 0x8f}, @L2TP_ATTR_UDP_ZERO_CSUM6_RX={0x5}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x2}]}, 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
r2 = fsopen(&(0x7f0000000040)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f00000001c0)='task\x00')
r4 = fsmount(r3, 0x0, 0x74)
fchownat(r4, &(0x7f0000000080)='.\x00', 0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x841e, 0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_bp={0x0, 0x2}, 0x82, 0x4, 0x4, 0x5, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x21c91c, &(0x7f0000000440)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800000}}, {@noblock_validity}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x200000}}, {@jqfmt_vfsold}, {@noinit_itable}, {@quota}, {@noauto_da_alloc}, {@sysvgroups}, {@resgid, 0x32}]}, 0x1, 0x4e0, &(0x7f0000001a40)="$eJzs3d9rW9cdAPDvla0sP5zZYXvIAsvCkmGHLZIdL4nZQ7bB2J4C27L3zLNlYyxbxpKT2ITNYX/AYIy10Kc+9aXQP6BQ8ieUQqB9L21pKW3SPhTaRkVXUuI4UuwQWUqtzweOdO7Rvfqeo4uO7rn3cBVA3zoVEacj4kG1Wj0bEcON8kwjxWY91da7f+/WTC0lUa1e/SyJSOpltdXGtrznkcZmByPir3+K+EfyZNzy+sbidLFYWG0s5ytLK/ny+sa5haXp+cJ8YXlycuLi1KWpC1PjHWnnUERc/sNH///Pa3+8/Navbrx/7ZOxfyaN8ohH7ei0etOz6WfRNBgRq3sRrEcG0xYCAPB90DzO/3lEnI3hGEiP5gAAAID9pPrbofgmiagCAAAA+1YmnQObZHKNeQBDkcnkcvU5vD+Ow5liqVz55VxpbXm2Pld2JLKZuYViYbwxV3gksklteSLNP1o+v215MiKORcT/hg+ly7mZUnG21yc/AAAAoE8c2Tb+/3K4Pv7f4uueVQ4AAADonJFeVwAAAADYc8b/AAAAsP8Z/wMAAMC+9ucrV2qp2vz/69nr62uLpevnZgvlxdzS2kxuprS6kpsvlebTe/Yt7fR+xVJp5dexvHYzXymUK/ny+sa1pdLacuXawmN/gQ0AAAB00bGf3XkviYjN3xxKU82BXlcK6IrBZ1n5w72rB9B9A72uANAzz/T7D+wr2V5XAOi5ZIfX207eebvzdQEAAPbG6E9aX/8f2PHcwGamS1UE9ojzf9C/XP+H/uX6P/SvbAyEgTz0t51uAfr81/+r1WeqEAAA0HFDaUoyuYj0PMBQZDK5XMTRdEyQTeYWioXxiPhhRLw7nP1BbXki3TLZcc4wAAAAAAAAAAAAAAAAAAAAAAAAAFBXrSZRBQAAAPa1iMzHSXo3/4jR4TND288PHEi+Gk6fI+LGK1dfujldqaxO1Mo/f1heeblRfr4XZzAAAACA7Zrj9OY4HgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA66f69WzPN1M24n/4+IkZaxR+Mg+nzwchGxOEvkhjcsl0SEQMdiL95OyKOt4qf1KoVI41atIp/qMfxj3QgPvSzO7X+53etvn+ZOJU+t/7+XUx7qOfXvv/LPOz/BlrEr5Ud3WWME3ffyLeNfzvixGDr/qcZP2nT/5zeZfy//21jo91r1VcjRlv+/iSPxcpXllby5fWNcwtL0/OF+cLy5OTExalLUxemxvNzC8VC47FljP/+9M0HT2v/4TbxR3Zo/5ldtv/buzfv/aiezT7cPHkUf+x06/1/vE38TGP//6KRr70+2sxv1vNbnXz9nZNPa/9sm/bvtP/Hdtn+s3/59we7XBUA6ILy+sbidLFYWO3rzHN9GrXDoheiFS9mpva5vgDVaJn51x68c+3IvNft6kSmp90SAACwB54cAwMAAAAAAAAAAAAAAAAAAADd1o3biWW3xdxMHztx93wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgM75LgAA///6fNJN")
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x324a038, &(0x7f00000008c0)=ANY=[], 0xb, 0x0, &(0x7f0000000000))
r5 = syz_genetlink_get_family_id$fou(&(0x7f0000000240), r0)
sendmsg$FOU_CMD_DEL(r0, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="000428bd7000fedbdf250200000014000900fc0000000000000000000000000045ae"], 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x44044004)
r6 = syz_genetlink_get_family_id$fou(&(0x7f00000069c0), 0xffffffffffffffff)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
unshare(0x2a020400)
syz_open_dev$evdev(&(0x7f0000000140), 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x20, 0x0, 0x0, 0x0, 0x5, 0x20280, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x1, @perf_config_ext={0x7fffffffffffffff, 0x4}, 0x4, 0x40, 0x11000, 0x1, 0x4, 0x3, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0x9)
r7 = socket(0x10, 0x3, 0x9)
openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0)
sendmsg$FOU_CMD_ADD(r0, &(0x7f0000006ac0)={0x0, 0x0, &(0x7f0000006a80)={&(0x7f0000006a00)={0x34, r6, 0x1, 0x70bd2a, 0x25dfdbfb, {}, [@FOU_ATTR_PEER_PORT={0x6, 0xa, 0x4e20}, @FOU_ATTR_PEER_V4={0x8, 0x8, @dev={0xac, 0x14, 0x14, 0x2e}}, @FOU_ATTR_AF={0x5, 0x2, 0x2}, @FOU_ATTR_TYPE={0x5, 0x4, 0x1}]}, 0x34}, 0x1, 0x0, 0x0, 0x4048040}, 0x24040005)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x20000001, &(0x7f0000000300)={0xa, 0x4e20, 0x5, @mcast1}, 0x1c)
fcntl$setpipe(r7, 0x407, 0x6)

36.417267144s ago: executing program 1 (id=354):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000940)={&(0x7f00000013c0)=ANY=[@ANYBLOB="640000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="e5fda988000000002800128009000100766c616e00000000180002800c0018001c0000001f000000060001000000000008000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES32, @ANYBLOB="0a000100000070"], 0x64}, 0x1, 0x0, 0x0, 0x8811}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x21c91c, &(0x7f0000000500)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800000}}, {@noblock_validity}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x200000}}, {@jqfmt_vfsold}, {@noinit_itable}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0xe4a}}, {@noauto_da_alloc}, {@sysvgroups}, {@resgid, 0x32}]}, 0x1, 0x4e0, &(0x7f0000001a40)="$eJzs3d9rW9cdAPDvla0sP5zZYXvIAsvCkmGHLZIdL4nZQ7bB2J4C27L3zLNlYyxbxpKT2ITNYX/AYIy10Kc+9aXQP6BQ8ieUQqB9L21pKW3SPhTaRkVXUuI4UuwQWUqtzweOdO7Rvfqeo4uO7rn3cBVA3zoVEacj4kG1Wj0bEcON8kwjxWY91da7f+/WTC0lUa1e/SyJSOpltdXGtrznkcZmByPir3+K+EfyZNzy+sbidLFYWG0s5ytLK/ny+sa5haXp+cJ8YXlycuLi1KWpC1PjHWnnUERc/sNH///Pa3+8/Navbrx/7ZOxfyaN8ohH7ei0etOz6WfRNBgRq3sRrEcG0xYCAPB90DzO/3lEnI3hGEiP5gAAAID9pPrbofgmiagCAAAA+1YmnQObZHKNeQBDkcnkcvU5vD+Ow5liqVz55VxpbXm2Pld2JLKZuYViYbwxV3gksklteSLNP1o+v215MiKORcT/hg+ly7mZUnG21yc/AAAAoE8c2Tb+/3K4Pv7f4uueVQ4AAADonJFeVwAAAADYc8b/AAAAsP8Z/wMAAMC+9ucrV2qp2vz/69nr62uLpevnZgvlxdzS2kxuprS6kpsvlebTe/Yt7fR+xVJp5dexvHYzXymUK/ny+sa1pdLacuXawmN/gQ0AAAB00bGf3XkviYjN3xxKU82BXlcK6IrBZ1n5w72rB9B9A72uANAzz/T7D+wr2V5XAOi5ZIfX207eebvzdQEAAPbG6E9aX/8f2PHcwGamS1UE9ojzf9C/XP+H/uX6P/SvbAyEgTz0t51uAfr81/+r1WeqEAAA0HFDaUoyuYj0PMBQZDK5XMTRdEyQTeYWioXxiPhhRLw7nP1BbXki3TLZcc4wAAAAAAAAAAAAAAAAAAAAAAAAAFBXrSZRBQAAAPa1iMzHSXo3/4jR4TND288PHEi+Gk6fI+LGK1dfujldqaxO1Mo/f1heeblRfr4XZzAAAACA7Zrj9OY4HgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA66f69WzPN1M24n/4+IkZaxR+Mg+nzwchGxOEvkhjcsl0SEQMdiL95OyKOt4qf1KoVI41atIp/qMfxj3QgPvSzO7X+53etvn+ZOJU+t/7+XUx7qOfXvv/LPOz/BlrEr5Ud3WWME3ffyLeNfzvixGDr/qcZP2nT/5zeZfy//21jo91r1VcjRlv+/iSPxcpXllby5fWNcwtL0/OF+cLy5OTExalLUxemxvNzC8VC47FljP/+9M0HT2v/4TbxR3Zo/5ldtv/buzfv/aiezT7cPHkUf+x06/1/vE38TGP//6KRr70+2sxv1vNbnXz9nZNPa/9sm/bvtP/Hdtn+s3/59we7XBUA6ILy+sbidLFYWO3rzHN9GrXDoheiFS9mpva5vgDVaJn51x68c+3IvNft6kSmp90SAACwB54cAwMAAAAAAAAAAAAAAAAAAADd1o3biWW3xdxMHztx93wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgM75LgAA///6fNJN")
syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00') (async)
r4 = syz_open_procfs(0x0, &(0x7f0000000040)='mounts\x00')
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x0, 0x0)
preadv(r4, &(0x7f00000001c0)=[{&(0x7f00000039c0)=""/4088, 0xff8}], 0x1, 0x15f, 0x0)
pipe(&(0x7f0000000080)) (async)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$nl_route(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000580)=ANY=[@ANYBLOB="540000001000010400000000000000ffff000000", @ANYRES32=0x0, @ANYBLOB="0380000000000000240012800c0001006d6163766c616e00140002800800010008000000062102000100000008000500", @ANYRES32=r5, @ANYBLOB='\b\x00\n\x00]'], 0x54}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000000)=r5, 0x4)

35.854074368s ago: executing program 2 (id=363):
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x22, 0x1, 0x0, 0x0, 0x0, 0x2, 0x1f0519, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x4, @perf_config_ext={0x9, 0x7}, 0xec25, 0x4085, 0xb, 0x4, 0x2, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffefffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000bc0)='ext4\x00', &(0x7f0000000240)='./file1\x00', 0x4000, &(0x7f00000003c0), 0x2, 0xbdb, &(0x7f0000003840)="$eJzs3N9rm2sdAPDv+zZNu62aTkScN1ZENhCzdtLhhuAmE2+801thoUtHafaDtjLbFZbqPyDqteCNoA7FC3fdGwVvvdHtVjkXB8ahZz0HDodzcnjTpM1pk7Y7S/qW9vOBp+/zI8nz/eZt8j4PJAng1JrI/qQRFyLidhJRavWnEVFs1kYj6lu329xYnXl/Y3UmiUbjx+8ksd5oNF5trM60HytpHc+1GqMR8e/vJ/GFX+6dd3F5Zb5Sq1UXWu3LS/ceXl5cXvnW3L3K3erd6v2pq9+ZvjJ9dfLadN9y/eB/N56997UfvlX/8E8fPX33N39I4kaMtcY68+iXiZjYfk46FSKi0u/JcjLUyqczz6RwwJ3SAQcFAEBPacca7ktRiqHYWbyV4h//yTU4AAAAoC8aQxENAAAA4IRL7P8BAADghGt/DuDVxupMuxziYwPrLwb7sYQj8/JmRIxv5b/ZKlsjhag3j6MxHBFnXyXR+bXWZOtub2wiIv7/4tpfsxID+h7yfuprEfHlbuc/aeY/3vwW997804iY7MP8E7vaeeRf6Pr/f3D+N/owf975A3A6rd/cupDtvf6l2+uf6HL9K3S5dn0WeV//2uu/zT3rv538h7qu/0YOPcfjP/7uUa+xLP/vPvvBX9olmz87vkFKr+XlWsRXCt3yT7bzT3qsf28fco7Sx4+qvcbyzr/x+4iL0T3/tmT/3ye6PDtXq05u/e06x9q/pv/ca/6888/O/9ke+bd//6nX+X94yDl+euvW3/Z0dmwg988/fbuY/KRZK7Z6fl5ZWlqYiigmP2r3J0m7/8r+sbRv036MLP9LX9//9d8t/+w9od56HrK9wFrrmLV/sWvO7z19/Pde8bT3f3me/zs9zn9H/k923y/L81eHnOMb//z1pV5jnfvfrGTzt/fCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANCWRsRYJGl5u56m5XLEuYj4YpxNaw8Wl745++Bn9+9kYxHjMZzOztWqkxFR2monWXuqWd9pX9nV/nZEnI+I35bONNvlmQe1O3knDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwLZzETEWSVqOiDQiNktpWi7nHRUAAADQd+N5BwAAAAAMnP0/AAAAnHz2/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzY+a+uP08ion79TLNkiq2x4VwjAwYtzTsAIDdDeQcA5KaQdwBAbl5zj2+5ACdQcsD4aM+Rkb7HAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDxdfHC+vMkIurXzzRLptgaG841MmDQ0rwDAHIztN9g4ejiAI6elzicXvb4QHLA+OjObeqfHhkZWEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHD9jzZKk5YgotvrK5YjPRcR4DCezc7XqZER8PiL+WxoeydpTOccMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/y0ur8xXarXqQlZJo1XZ7qk0nuzuOa2VkdYzVj8m8eyq7DqVKgdXinEswjimlX3fNoaO5M0JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAjt7i8Ml+p1aoLi3lHAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAORtcXllvlKrVRcGWMk7RwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8vNJAAAA//8a1w58")

35.629724412s ago: executing program 2 (id=365):
capset(&(0x7f0000000040)={0x19980330}, &(0x7f0000000080)={0x6, 0x6, 0x2, 0x87, 0xffffffff, 0x2})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000340), 0x0, 0x40b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
r0 = syz_open_dev$sg(&(0x7f0000000140), 0x6f5e, 0x0)
ioctl$FIBMAP(r0, 0x1, &(0x7f0000000040)=0x85)

35.540975677s ago: executing program 2 (id=367):
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@bloom_filter={0x1e, 0x5, 0x5, 0xfff, 0x2000, 0x1, 0x7, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xe}, 0x50)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x2041, 0x0)
write$binfmt_aout(r1, &(0x7f00000000c0)=ANY=[], 0xff2e)
r2 = socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x5d, 0x24, 0xf0b, 0x1, 0x0, {0x0, 0x0, 0x0, r3, {0x6, 0xffe0}, {0xffff, 0x7}, {0x0, 0xc}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x10}, 0x40000)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000700)=@newtfilter={0x38, 0x2c, 0xd27, 0x70bd28, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0xfffa, 0xfff3}, {0x0, 0xffe0}, {0x10, 0x4}}, [@filter_kind_options=@f_fw={{0x7}, {0xc, 0x2, [@TCA_FW_CLASSID={0x8, 0x1, {0x4, 0xfff3}}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x20048001}, 0x4044)
sendmsg$nl_route(r2, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000240)=@delneigh={0x50, 0x1d, 0x100, 0x70bd28, 0x2, {0x7, 0x0, 0x0, r3, 0x4, 0x20, 0xb}, [@NDA_DST_IPV6={0x14, 0x1, @mcast1}, @NDA_PROBES={0x8, 0x4, 0xc9f}, @NDA_SRC_VNI={0x8, 0xb, 0x8}, @NDA_VNI={0x8, 0x7, 0x1}, @NDA_SRC_VNI={0x8}]}, 0x50}, 0x1, 0x0, 0x0, 0x44004000}, 0x844)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000100)=0x12)
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000001c0)=<r4=>0x0)
perf_event_open(&(0x7f0000000140)={0x1, 0x80, 0x40, 0x5, 0x3, 0x6, 0x0, 0x0, 0x8000, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x2, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x7, 0x1, @perf_config_ext={0x2, 0x5}, 0x80404, 0x0, 0x5, 0x7, 0x1, 0x9b3, 0x40, 0x0, 0x7, 0x0, 0x2}, r4, 0xb, r1, 0x2)
r5 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000010000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000ac03000000000000850000003300000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r9=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000002c0)={r7, r9, 0x25, 0x2}, 0x14)
syz_emit_ethernet(0x115, &(0x7f0000000540)={@local, @broadcast, @void, {@ipv6={0x86dd, @gre_packet={0x1, 0x6, "bc4a06", 0xdf, 0x2f, 0x0, @remote, @local, {[], {{0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x88be, 0x0, 0x1}, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88a8}, {}, {0x8, 0x88be, 0x3, {{0xc, 0x1, 0x8, 0x1, 0x1, 0x0, 0x4, 0x14}, 0x1, {0x7b40}}}, {0x8, 0x22eb, 0x2, {{0x3, 0x2, 0x2, 0x3, 0x0, 0x0, 0x1, 0x9}, 0x2, {0x3, 0xeb, 0x0, 0xd, 0x1, 0x1, 0x1, 0x1, 0x1}}}, {0x8, 0x6558, 0x4, "cba7fe5c11a791fa7c9c3a1eff1875adf523b1b75c4aa1e15c2e5884f2763c889cb046c42f568acd5915e923c7efa0f8257283f4c81bba70f4fa52e501eee78b261978153db1e1ac5d78622fee6081df1523c20c7fb915801a04b982cd7f9d2fd90037de2df00055190af76165d9045f367af0bc6a73322ee8ea2d66053f9996f73f26ed1d157616c848c0c1961b79fb63cb9bc39a52992cd67bf9"}}}}}}}, 0x0)
recvmmsg(r5, &(0x7f0000000280)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000141, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x200000a, 0x13, r0, 0x0)
r10 = gettid()
process_vm_writev(r10, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0x7ffff000}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)
r11 = io_uring_setup(0x17f8, &(0x7f0000000080)={0x0, 0x94ec, 0x0, 0x1, 0x33d})
io_uring_register$IORING_REGISTER_BUFFERS(r11, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)

35.317608701s ago: executing program 1 (id=370):
socket$kcm(0x2, 0xa, 0x73)
socket$kcm(0x2, 0xa, 0x2)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="259a53f271a76d2673004c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x2000c12, &(0x7f0000000040)={[{@mode={'mode', 0x3d, 0x2}}, {@nocompress}, {}, {@uid}, {@check_strict}, {@nojoliet}, {@gid}, {@cruft}, {@nocompress}]}, 0x1, 0xa4b, &(0x7f0000000180)="$eJzs3U9sHGdfB/DvrO3EcUuStqGUqm02KUnd1ji20yZEPZTE3iQu/oNsR2rEoWkbB4UYCg1IbYSUVEKcqEACcYBbxQkOVOqFXlBvcINTD0ioJ+4Vp7wnv5rddby2d7126sRJ+vlY65155jfP85vd2Xm8u+N5wuNl+cCaueXl+m0r81+0lDVd+ueHkDGPsHMTP3z19Zfl7Ys72ZOevF38W9KfpJr0Jnkh6RufmJud3rt5RTeSK0m+S4okZXCx1RyupPjrPL06/12Kfyzb7WjPVmumm2V+1nZ7/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEdRMT4xMjJa7MnkzKX3qw1JdYPxibnZIsvLG5esrNPwbX3U7+Lbru0mRXlLf//KUN8vHFpd/HyS6tG81Jh7qT4gefpz66nnD77zXG9lZf1O2fwke7dUbSqN3G58uLS0+GnnuOXbjbgdTPDRcaE2Mzk/Ozl99kKtOjk/Wz1z6tTIiYvn56vnJ6dq85fnF2rT1fG52tmF2bnq4Pjr1dEzZ05Wa8OXZy/NXJgYnqqtFJ7+zbGRkVPV94Z/t3Z2bn525sR7w/PjFyenpiZnLtRjysVlzOlyR/ydyYXqQu3sdLV67frS4sl1OfWsf7DLoNFuW1IGjXWJ6c3I2Njo6NjY6BfN0bPHVgpOvX3m7dMjI70j62RDxAPaaXm07Ov8NO/k4Rt+kkqj/88fTGUyM7mU91Nt+zOeicxlNtMdljet9P/HTtQ2bbe1/2/28r0ti18sfx3NK83Z/mb//ytJWvv/Drk8vJ+b+Ty3ciMfZilLWcynu57Rw/25kFpmMpn5zGYy0zlbL6k2S6o5k1M5lZF8kIs5nPlUcz6TmUot87mc+SykVt+jxjOXWs5mIbOZSzWDGc/rqWY0Z3ImJ1NNLcO5nNlcykwuZCJn67Vcy/X6435ykxzvBY1uJWhsk6D1nXm5r2+v/689qX8JsmU7fxCH+7Tc7P/3rCvv2Rg6OP6wkgIAAAB21K//Z/YfevY//jcp8nL9c/nzk1O1d3c7LQAAAGAH1U/Xe6m86yunXu6vv/8f2e20AAAAgB1U1P/HrkgykMONqZX/hPIhAAAAADwh6t//v5Li8GqB9/8AAADwhOl+jf2uEcXQyuV/q1cb91ebEY25osjkVG14fHbqndEcr19lIMnLG2vrSYq++r8fvJEjjagjA437gdUayzb7y6jR4XdG80aONjdk8NXy7tXBNpFjjcjXGpGvtUb2ZE3kyTISAJ50Rzfpj7fa/7+RoUbE0Iv1Lr/3xTZ98IieFQAeFffG2PlFc0izNv1/M+KVTv3/W5u8/y8jns21w41TCobzcT7JUq5mKM0zDg63q3VPc3S9xmkIQ10+DRhonrLw36crGdrweUD/vW1tjV3MWIZWPxH4qPlZxdp6i5UcTjaWthkUAQAeR0c37Ye31v8PdXn/P7BvpTWnFALAo+Dm57caI9jf/PzW8u3mxL2S1YmBlpLbHWI6Tez2NgIAa+mlAQAAAAAAAAAAAAAAAAAAAAAAAAAAYOetuVz/yjg96y/g/1/Hk6WlxWRbl/3/iRP97TK8v4lKHlLOuz7Rk2S3Wn83216rv83Oto2Jf9nXXP3/dv+R3+2J7HiFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/AwUSU+78kqyN8lIkhMPP6sH585uJ7BTqnvua7Xibu7ms+zf8XwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH7mmtf/r6Rx/1SjKL2V5FiSK0l+b7dz3El3dzuBB6PoHvKHjcDV6/9Xkr4sF+ltPO0p+sYn5many6qKveXyH776+svy1r3ujaMqlBWULawZXKLZQktJ39q1nqmv9X1zrjpxrr5jnls4PzUxfWHut1cDny++aVRdbVl7Jd8/P/bvf9NS3Bwoofim3NL2Gu0OTCzevPGnn/xxdeJ8vd2Jje3+2tr1is3a3YLrS4tjZUsLtfcX/uyPrn/WsujZHEleHUwG127h75e3Di0dWf94rsv2x+Ivi/35+1zJ/uYOUywX5eN4oL79+65dX1oc/viTpav3crq9JqeDOZzkatLfJqd/bZ/T4c77Zn2vq/SVrY7Ug8pfh7ps46Zaahzt8Lg+U99lBtpvQ4c2q11eX10e92ZGJ9tm9Ld/8lyOb/uZPt6lxbaKH4v/KS7m+/xFy/gflfL5P5a2r842VdQjW/aU1mVrXl6VRmR9y8daF3ywvs6Or0oegL/KR/mte89/peX433yu1uylq4PMNI5He9dWdv/Ho5YW278uku2/Lv7pwIYeZVU99UPreqTm0afTOs08DzWiOuT5q3mzUec2jihvduuxH9Dr/x+Kwfx/7hj/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAePQVSU+78kpyLMnBJAfK+WqyvD7mzn20Vxko7ifNHXM/OT9+io4bWtzN3XyW/Q87IwAAAAAAAAAejHMTP3z19Zflrf59fE9+o5LkrcY3/b1JDhZ/1zc+MTc73aWivuTKylf6/dvL4Ur56+nV+e/KuRe6rLS7pw8AwGPtlwEAAP//aYxhPg==")
socket$l2tp(0x2, 0x2, 0x73)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)={0x58, 0x2, 0x6, 0x201, 0x0, 0x0, {0xa, 0x0, 0xfffc}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_MAXELEM={0x8, 0x13, 0x1, 0x0, 0xfffff7ff}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}]}, 0x58}, 0x1, 0x0, 0x0, 0x80820}, 0xc0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=@newlink={0x48, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x4048b}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_BR_MULTI_BOOLOPT={0xc, 0x2e, {0x0, 0x1}}, @IFLA_BR_NF_CALL_ARPTABLES={0x5}]}}}]}, 0x48}}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x14, &(0x7f0000000c00)={0x1, &(0x7f00000000c0)=[{0x3ff, 0xf, 0xff}]})
r3 = open(&(0x7f0000000100)='./file0\x00', 0x8080, 0xd)
getdents(r3, &(0x7f0000001fc0)=""/184, 0xb8)

34.569849076s ago: executing program 2 (id=374):
mount_setattr(0xffffffffffffffff, 0x0, 0x8800, &(0x7f0000001dc0)={0x0, 0x0, 0x80070}, 0x20)
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x2a0471a, &(0x7f0000000280)={[{@jqfmt_vfsv1}]}, 0x82, 0x48f, &(0x7f0000000380)="$eJzs3M1vVFUfAODfvf3gffmsigpItEqMjR8tLags3Gg0cYHRRBeoq9oWQijU0JpYQqAagxsTQ6JrdWniX+DOjVFXJiaudG9IiLIBjYsx9869Mp12mKFOZwrzPMnQc+acO+ecnnvuPfccpgH0rOHsnyRia0T8EhE7qtHlGYarP65dOTv155WzU0lUKq/+nuT5rl45O1VmLY/bUkRG0oj0g6QoZLn5xTMnJmdnZ04X8bGFk2+PzS+eeeL4ycljM8dmTk0cOnTwwPjTT0082ZZ2Zu26uufc3N7dL75+8aWpIxff+v6rrL5bi/TadqzJ4Mq3hrOG/1HJ1ac9HP//T8VtNNtqwkl/FyvCTemLiKy7BrLxX6lUztek7YgX3m9y+JZ1rh6wjrJ706ZV3i/ui0uVhpIbpgK3giS6XQOgO8r7ffb8W746OP3ousvPVh+AsnZfK17VlP5IizwDdc+37TQcEUeW/vose0U71iEAAJr4aOrTw/H4avO/NO6pybe92EMZiog7IuLOiLgrInZGxN0Red57I2JXK4XWbBDUbw2tnP+kl9beuuay+d8zxd7W8vlfOfuLob4iti1v/0By9PjszP7idzISA5uy+PgNyvjm+Z8+bpRWO//LXln55VywqMel/roFuunJhcl8UtoGl9+L2NMff1cqlbr2J1H2UhIRuyNiz8199PYycPzRL/c2ytS8/Ss+7ro27DNVvoh4pNr/S1HX/lKycn9ycNv1/cmx/8XszP6x8qxY6YcfL7zSqPzW278+sv7fvPz8L1I+XywCQ2/W7tfOR4Ody60Ny7jw64cNn2nWev4PJq/l16Ny2/XdyYWF0+MRg8nhPL7s/Ynrx5bxMn/W/pF9WUrZ/vLINL/GRdH/90XE3mK/7P6IeKCo+4MR8VBE7GvY+ojvnmucthH6f7qm/5OoP/93nav+LPt/8aYDfSe+/bpR+a31/8E8NFK8k1//mmi1gmv/zQEAAMCtI81XbpJ09N9wmo6OVv9j787YnM7OzS88dnTunVPT1RWeoRhIy5WuHTXroePJUvGJ1fhEsVZcph8o1o0/6Ys8Pjo1Nzvd5bZDr9vSYPxnfuvrdu2AdbfaPtrEKl9oA24/9eM/XR49/3InKwN0lO9rQ+9qMv7TTtUD6Dz3f+hdq43/83VxewFwe3L/h95l/EPvMv6hd9WN/774uVs1ATpoDV/nFxCYXzwT6YaoRkuB1v8exHoH3tgY1Wgh0O0rEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQHv8EwAA//9gP+wr")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x20000, 0x0)
quotactl_fd$Q_SETINFO(r1, 0xffffffff80000601, 0xee01, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid(0x0, 0x0, &(0x7f0000002b80), 0x41000004, &(0x7f0000000040))
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000005c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff}, 0x2, 0x5}}, 0x20)
r3 = syz_clone(0x20000000, 0x0, 0xf, 0x0, 0x0, 0x0)
ptrace(0x10, r3)
ptrace$getregset(0x4205, r3, 0x202, &(0x7f0000000240)={0x0})
write$RDMA_USER_CM_CMD_LISTEN(r0, &(0x7f0000000100)={0x7, 0x8, 0xfa00, {r2, 0x4734}}, 0x10)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200), 0x41, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000004c0)=0x19)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000340)={0x1, &(0x7f0000000000)=[{0x6, 0xf, 0x0, 0x7fff8000}]})
close_range(r5, 0xffffffffffffffff, 0x0)
close_range(r0, r0, 0x0)

33.440298545s ago: executing program 1 (id=379):
r0 = socket$inet6(0xa, 0x3, 0x5)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000000c0)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x800, 0x0, 0x3, 0x9}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000100)=0xffffffc3, 0x4)
sendmmsg(r0, &(0x7f00000004c0)=[{{&(0x7f0000000440)=@l2tp6={0xa, 0x0, 0x7080000, @local, 0x4, 0x1}, 0x80, 0x0, 0x0, &(0x7f0000000500)=[{0x12, 0x29, 0x37, 'Y'}], 0x18}}], 0x1, 0x4000000)

33.37168101s ago: executing program 32 (id=379):
r0 = socket$inet6(0xa, 0x3, 0x5)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000000c0)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x800, 0x0, 0x3, 0x9}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000100)=0xffffffc3, 0x4)
sendmmsg(r0, &(0x7f00000004c0)=[{{&(0x7f0000000440)=@l2tp6={0xa, 0x0, 0x7080000, @local, 0x4, 0x1}, 0x80, 0x0, 0x0, &(0x7f0000000500)=[{0x12, 0x29, 0x37, 'Y'}], 0x18}}], 0x1, 0x4000000)

33.152384683s ago: executing program 2 (id=382):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@file={0x0, './bus\x00'}, 0x6e)
r3 = syz_io_uring_setup(0x8d6, &(0x7f00000000c0)={0x0, 0x0, 0x400, 0x0, 0x379}, &(0x7f0000000040)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
r6 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r6, 0x40042408, r7)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r8, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r9=>0x0})
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r10, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000001940)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r11, @ANYBLOB="01dfffffff9a26000000210000000c00018008000100", @ANYRES32=r9], 0x20}, 0x1, 0x0, 0x0, 0x4000c00}, 0x800)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
r12 = syz_io_uring_setup(0xd2, &(0x7f0000000400)={0x0, 0x2, 0x80, 0x0, 0x323}, &(0x7f0000000000)=<r13=>0x0, &(0x7f00000001c0)=<r14=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r13, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
r15 = io_uring_register$IORING_REGISTER_PERSONALITY(r12, 0x9, 0x0, 0x0)
syz_io_uring_submit(r13, r14, &(0x7f0000000200)=@IORING_OP_MADVISE={0x19, 0x8, 0x0, 0x0, 0x0, &(0x7f0000ff9000/0x4000)=nil, 0x4000, 0xe, 0x0, {0x0, r15}})
syz_io_uring_submit(r4, r5, &(0x7f0000000240)=@IORING_OP_LINKAT={0x27, 0x44, 0x0, r3, &(0x7f0000000000)='./bus\x00', &(0x7f0000000200)='./bus\x00', 0xffffffffffffff9c, 0x1000, 0x1, {0x0, r15}})
io_uring_enter(r3, 0x47ba, 0x3e82, 0x60, 0x0, 0x0)
dup3(r2, r1, 0x0)
r16 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendto(r0, &(0x7f0000000300)="5fb6a72c9c84da38d655dbf5c5c6e41d93bce63d1946bed0b0eda5543b259178a6f7ece73bc6eddd19e73109af6fb07e370de196d251e0b04e103b3671a4c8bc2c5426b3dcf2cd5c1c0b3ad52410c7e61c1bb1132d061d7f0db87703af0d5767d3573084fbb20f0d6c07df8c765ad199ce24653a97d9953100ee663a4712ea665a013faea1dd6efc3209a86c6a2a0219336845be6c8d91c241eaa9a90deb289a79211d99d57b964b728f95e28852ff133dd1289f855f8e3cb1f873dc9eecf6c81905e4d9e36b88c17f", 0xc9, 0x800, &(0x7f00000004c0)=@ax25={{0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x8}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @default, @bcast]}, 0x80)
sendmsg$MPTCP_PM_CMD_GET_ADDR(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000280)={0x8, r16, 0x1, 0x70bd2a, 0x25dfdbff, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x0, 0x3, 0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x41}, 0x40)
r17 = syz_clone(0x81000, &(0x7f0000000540)="8c4e2dc869342ef0c6720910f89ca326bd95346918d6b0aec3cfcb8cbacddedff129220bd8c7cfd73be05e00b072c5851e1c000fc21ba5a4cd278b3796fb3468a7335620975a4b14dd2ca7ca9cc9b98d313449882c34a823c7720c295d04fb721e9bb8f52b4d0a5190817e5be29caca0d7c79e9927bf4b0aa24c7d11cdac3b97eaf528d1a7b11add3cb5706006c79b6d9034e61ebd3778007e678b09f6003919a97a1ab79fa6", 0xa6, &(0x7f0000000600), &(0x7f0000000640), &(0x7f0000000680)="ea68a7c68bc014311a998dd8b54c1190d2b1cbf3eb6f19dbc81c868faf4d0ba116501f373e3a9e7fa3ea37a82ed3e9e6c602e99f3b5d883b38e7f29a6d18d414a8580f9f02afd584436481fb842da17a6af75a2781481a88437e2f9968d28848efa501e74393dd73e7ec026cff19f4b59fec4937664b76993aa9aa796c5d7289378699bea75e3e7dff2809e6f9732bb317a10987d726e37e6e4859be7cb49dc014a92a07b8782dfec75ddb82bc1c3584eb33089d9063add720ee1b86a172f379d3b4176165")
waitid(0x1, r17, &(0x7f0000000780), 0x40000000, &(0x7f0000000800))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x10, 0x4, &(0x7f00000000c0)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x0, 0x1, 0x30}], {0x95, 0x0, 0x700}}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0xd}, 0x94)

32.613863935s ago: executing program 2 (id=389):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000001d80)=@broute={'broute\x00', 0x20, 0x0, 0x90, [0x0, 0x1100000000000000, 0x0, 0x0, 0x0, 0x2000000000c0], 0x11, 0x0, &(0x7f00000000c0)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}]}, 0x108)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x40801, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000340)={0x1, &(0x7f0000000000)=[{0x6, 0xf, 0x0, 0x7fff8000}]})
r2 = socket$inet(0x2, 0x2, 0x1)
connect$inet(r2, &(0x7f0000000180)={0x2, 0x0, @remote}, 0x10)
sendmmsg$inet(r2, &(0x7f0000000540)=[{{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f00000000c0)="08001497733f5d3e", 0x8}, {0x0}], 0x2}}], 0x1, 0x2004000)
close_range(r1, 0xffffffffffffffff, 0x0)

32.613665886s ago: executing program 33 (id=389):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000001d80)=@broute={'broute\x00', 0x20, 0x0, 0x90, [0x0, 0x1100000000000000, 0x0, 0x0, 0x0, 0x2000000000c0], 0x11, 0x0, &(0x7f00000000c0)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}]}, 0x108)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x40801, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000340)={0x1, &(0x7f0000000000)=[{0x6, 0xf, 0x0, 0x7fff8000}]})
r2 = socket$inet(0x2, 0x2, 0x1)
connect$inet(r2, &(0x7f0000000180)={0x2, 0x0, @remote}, 0x10)
sendmmsg$inet(r2, &(0x7f0000000540)=[{{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f00000000c0)="08001497733f5d3e", 0x8}, {0x0}], 0x2}}], 0x1, 0x2004000)
close_range(r1, 0xffffffffffffffff, 0x0)

3.591141062s ago: executing program 6 (id=720):
socket(0x2b, 0x80801, 0x1)
socket$inet_tcp(0x2, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0xc, 0x0, &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x3e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x6, 0xf4039, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x147b7e, 0x0, @perf_bp={0x0}, 0x9092, 0x0, 0x43a1bd76, 0x2, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x200b}, 0x0, 0x4000000000, 0xffffffffffffffff, 0x8)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000c3707bf4000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(0xffffffffffffffff, 0x84, 0x6b, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000200)={0x0, 0x4a, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000100001001b000000000000000000000a20000000000a01020000000000000000010020000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a31000000002c0003800800014000000000180003801400010076657468315f746f5f626f6e6400000008000240000000006c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a30000000004000038008000140000000002c0003801400010067656e657665300180000000000000001400010076657468315f746f5f626f6e64000000080002"], 0x10c}}, 0x0)

3.400055143s ago: executing program 6 (id=724):
socket(0x22, 0x80801, 0x7fffffff)
socket$inet_tcp(0x2, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0xc, 0x0, &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x0, 0x0, 0x0, 0x0, 0x6, 0xf4039, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x147b7e, 0x0, @perf_bp={0x0}, 0x9092, 0x0, 0x43a1bd76, 0x2, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x200b}, 0x0, 0x4000000000, 0xffffffffffffffff, 0x8)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200), 0x101000, 0x0)
ioctl$TIOCL_GETKMSGREDIRECT(r1, 0x541c, &(0x7f00000001c0))
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000c3707bf4000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r2)
fcntl$lock(0xffffffffffffffff, 0x6, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x9400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x4, @perf_config_ext={0x9, 0x3}, 0x0, 0xa88, 0x8406, 0x9, 0x0, 0x3c, 0xffff, 0x0, 0x0, 0x0, 0x46}, 0x0, 0xffbfffffffffffff, 0xffffffffffffffff, 0x1)
ioperm(0x0, 0x7, 0x80006)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x404, &(0x7f0000000340)={[{@errors_remount}, {@nodiscard}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@barrier}, {@jqfmt_vfsold}, {@quota}]}, 0x1, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000008c0)='./file0\x00', 0x1008490, &(0x7f0000000a40)={[{@grpid}, {@grpquota}]}, 0x4, 0x4eb, &(0x7f0000000a80)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=")
r3 = syz_open_dev$tty1(0xc, 0x4, 0x2)
pidfd_getfd(0xffffffffffffffff, r3, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000020c0), 0x0, 0x40000020, &(0x7f0000000900))
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
renameat2(r4, &(0x7f00000001c0)='./file0\x00', r4, 0x0, 0x4)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2000002, &(0x7f0000000280)={[{@user_xattr}]}, 0x9, 0x537, &(0x7f0000000fc0)="$eJzs3c9vI1cdAPCvJ4mTbtNmF3qACtgFCgtarb3xtlHVC90LCFWVEIgD4rANiTcKseMQO1UTIpH+DXDgCn8CByQOSD1x4MYRiQNCKgekBSLQBgkkoxlPUm/idL2Nf0D8+UijmTfPM9/3ksy8mefJvAAm1o2IOIiIYkS8FREL+fpCPsXrnSn93KPD/ZWjw/2VQrTb3/pbIctP10XXNqln833ORcQ3vxbxvcLZuM3dvY3lWq26nafLrfpWubm7d3u9vrxWXatuVipLi0t3Xr37SmVgdb1e/8XDr66/8e1f/+rT7//u4Ms/TIs1n+d112OQOlWfOYmTmo6IN4YRbAym8nlxzOXgo0ki4mMR8bns+F+IqeyvEwC4zNrthWgvdKcBgMsuyfrACkkp7wuYjyQplTp9eC/ElaTWaLZuPWjsbK52+squxkzyYL1WvXNt9g8/yK4YZgppejHLy/KzdOVU+m5EXIuIn8w+k6VLK43a6vguewBgoj17qv3/52yn/e9Dj2/1AID/G3PjLgAAMHLafwCYPNp/AJg8fbT/+Zf9B0MvCwAwGk9x/58MsxwAwOjo/weAyaP9B4CJ8o0330yn9lH+/uvVt3d3Nhpv316tNjdK9Z2V0kpje6u01misZe/sqT9pf7VGY2vx5dh5p9yqNlvl5u7e/XpjZ7N1P3uv9/3qzEhqBQB8mGvX3/t9ISIOXnsmm6JrLAdtNVxunueByeUlfjC5jPYFk6v/e/zfDrUcwPj0vA+Y67n4uJ8+RRDPGcH/lJuf7L//3xjPcLno/4fJNfWRtpodeDmA0dP/D5Or3S6cHvO/eJIFAFxKF3jGv/2jQV2EAGP1pOeAB/L9PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFwy8xHx/SgkpXws8PlIklIp4rmIuBozhQfrteqdiHg+rkfEzGyaXhx3oQGAC0r+UsjH/7q58NL86dxi4V/ZYP/FtPXP120vpuv/frJ+9nj4sMoH211gXEEAYMDeWW61tiv5vOtG/tHh/srxNMryPLwX/8mHIl45OtzPpk7OdExn87nsWuLKPwp5ujMW6YsRMTWA+AfvRsQnetW/kPWNXM1HPu2OH3ns50YaP3ksfpLldebpxdfHB1AWmDTv3YuI13sdf0ncyOa9j/+57Ax1cQ/vdXZ2fO47OtwvHsc/Pv9N9YifHvM3+o3x8m++fmZle6GT927Ei9OPxT85/xzHL5wT/6U+4//xU5/58VfOyWv/LOJm9I7fHavcqm+Vm7t7t9fry2vVtepmpbK0uHTn1buvVMpZH3X5uKf6rL++duv588qW1v/KOfHneta/eLLtF/qs/8///dZ3P/sh8b/0+V7xk3ihZ/yOtE38Yp/xl6/88tzhu9P4q+fU/0m//1t9xn//z3urfX4UABiB5u7exnKtVt2+0EJ6FzqI/ZxZSIs40B32WCh2Ff5PMdxYT7UwM6yf6tAXpk+uFQe75++kexxxdZKB1+JCC49GFWu85yVg+D446MddEgAAAAAAAAAAAAAA4Dyj+NelcdcRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAy+u/AQAA//9xkcaD")
socket$inet(0xa, 0x2, 0x85)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1000040, &(0x7f00000002c0)={[{@barrier}, {@nodioread_nolock}, {@noquota}, {@barrier}, {@auto_da_alloc}, {@nodioread_nolock}]}, 0x1, 0x59c, &(0x7f0000001840)="$eJzs3U9oHGUbAPBnZrNN/+T70g++Dz6lh6JChdJN0j9aPbVXsVDoQfCiYbMNJZtsySbahIDpvYg9iEov9aYHj4oHD+LFo1cvimeh2KDQ9KArm51N03S3bmI2W7O/H0z2fWdm93nfmX3e7AwzTAB962j9TxrxVERcTCKGNywbiGzh0cZ6qytLxfsrS8UkarVLvySRRMS9laVic/0kez0UEcsR8f+I+CYfcTxd/8h9zUJ1YXFqvFwuzWb1kbnpqyPVhcUTV6bHJ0uTpZlTL7505uzpM2MnxzY2935tYy2/tb7e+PHmuze+e+X2zU8/O7JcfH88iXMxlC3b2I+d1Ngm+Ti3af7pbgTroaTXDWBbclme11PpfzEcuSzrW6ltHBwGd6V5QBfVBiNq6zYUgT6QSHroU83fAfXj3+a0m78/7pxvHIDU466uLBXfiWb8gca5idi/dmxy8NfkoSOT+vHm4d1sKHvS8vWIGB0YePT7n2Tfv+0b3YkG0lVfn2/sqEf3f7o+/kSL8Weoee70b2qOf6vZ+LfaIn6uzfh3scMYv7/+00dt418fjKdbxk/W4yct4qcR8WaH8W+99uXZdstqH0cci9bxm5LHnx8euXylXBpt/G0Z46tjR15u3/+Ig23iN87Z7l9ryMb+78valHbY/y++/fyZ5cfEf/7Zx+//Vtv/QES812H8/9z75NV2y+5cT+7WfwVsdf8nkY/bHcZ/4dzRH7Kis4YAAAAAAAAAALCD0rVr2ZK0sF5O00KhcQ/vf+NgWq5U545frszPTDSueTsc+bR5pdVwo57U62PZ9bjN+slN9VO5LGDuwFq9UKyUJ3rcdwAAAAAAAAAAAAAAAAAAAHhSHNp0//9vubX7/zc/rhrYq9o/8hvY6+Q/9K+H8z/pWTuA3ef/P/StmvyH/iX/oX/Jf+hf8h/6l/yH/iX/oX/JfwAAAAAAAAAAAAAAAAAAAAAAAAAA6IqLFy7Up9r9laVivT4xsDA/VXnrxESpOlWYni8WipXZq4XJSmWyXCoUK9N/9XlJpXJ1NGbmr43MlapzI9WFxTemK/MzzWeKlvJd7xEAAAAAAAAAAAAAAAAAAAD88wytTUlaiMg36mlaKET8KyIOJ5FcvlIujUbEvyPi+1x+sF4f63WjAQAAAAAAAAAAAAAAAAAAYI+pLixOjZfLpdnuFQayUF0M0XlhYCsrR8Tyzjaj/olbflc+24A93nR7o5B7Mr6HT36hh4MSAAAAAAAAAAAAAAAAAAD0qQc3/Xb6jj+62yAAAAAAAAAAAAAAAAAAAADoS+nPSUTUp2PDzw1tXrovWc2tvUbE27cufXBtfG5udqw+/+76/LkPs/kne9F+oFPNPE0jop7HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwAPVhcWp8XK5NLvNwmAH6/S6jwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADb8WcAAAD//y4WzlE=")
eventfd2(0x0, 0x801)
mq_notify(0xffffffffffffffff, 0x0)
r5 = openat(0xffffffffffffff9c, 0x0, 0x1cb142, 0x84)
io_setup(0x20fe, &(0x7f0000000540)=<r6=>0x0)
io_submit(r6, 0x1, &(0x7f0000002680)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, r5, 0x0, 0x0, 0x600}])
read$msr(r5, &(0x7f0000000100)=""/22, 0x16)
socket$netlink(0x10, 0x3, 0x4)
mknod$loop(&(0x7f0000000a40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x100, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(0xffffffffffffffff, 0x84, 0x6b, 0x0, 0x0)

1.866060916s ago: executing program 5 (id=754):
r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x6, 0x441e, 0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0x7, 0x8, 0x3, 0x7, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bind$nfc_llcp(0xffffffffffffffff, &(0x7f0000000180)={0x27, 0x0, 0xffffffffffffffff, 0x3, 0xb, 0x7, "e9daf44e732c86d9c47dd73feb56949505f739e7bc2afea5091e53616c873711330100dd4f9608340000c12cb40e93798f80a3de35942504433ee4bcb06ecf", 0x20}, 0x60)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = perf_event_open(&(0x7f0000000000)={0x5, 0x80, 0xff, 0x81, 0xe, 0x4, 0x0, 0x7, 0x401, 0x2, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x10001, 0x1, @perf_config_ext={0x8000000000000000, 0x1}, 0x2000, 0x80, 0x1, 0x4, 0x3ff, 0x5, 0x2, 0x0, 0x10001, 0x0, 0x6}, 0xffffffffffffffff, 0x0, r0, 0x8)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x26040000000000)
sendmsg$nl_generic(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2c0000003f00070dfeffffff00000000017c0000040077000c0003"], 0x2c}, 0x1, 0x0, 0x0, 0x404c001}, 0x8010)

1.827523309s ago: executing program 0 (id=756):
r0 = socket$kcm(0x29, 0x5, 0x0)
sendmsg(r0, &(0x7f0000003680)={0x0, 0x0, &(0x7f0000003140)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9}, 0x0)
socket$netlink(0x10, 0x3, 0x8000000004)
timer_create(0x0, 0x0, 0x0)
fcntl$lock(0xffffffffffffffff, 0x6, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1000040, &(0x7f0000000140)={[{@barrier}, {@min_batch_time={'min_batch_time', 0x3d, 0x7}}, {@noquota}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x3}}, {@errors_remount}, {@nodioread_nolock}]}, 0x1, 0x59c, &(0x7f0000001840)="$eJzs3U9oHGUbAPBnZrNN/+T70g++Dz6lh6JChdJN0j9aPbVXsVDoQfCiYbMNJZtsySbahIDpvYg9iEov9aYHj4oHD+LFo1cvimeh2KDQ9KArm51N03S3bmI2W7O/H0z2fWdm93nfmX3e7AwzTAB962j9TxrxVERcTCKGNywbiGzh0cZ6qytLxfsrS8UkarVLvySRRMS9laVic/0kez0UEcsR8f+I+CYfcTxd/8h9zUJ1YXFqvFwuzWb1kbnpqyPVhcUTV6bHJ0uTpZlTL7505uzpM2MnxzY2935tYy2/tb7e+PHmuze+e+X2zU8/O7JcfH88iXMxlC3b2I+d1Ngm+Ti3af7pbgTroaTXDWBbclme11PpfzEcuSzrW6ltHBwGd6V5QBfVBiNq6zYUgT6QSHroU83fAfXj3+a0m78/7pxvHIDU466uLBXfiWb8gca5idi/dmxy8NfkoSOT+vHm4d1sKHvS8vWIGB0YePT7n2Tfv+0b3YkG0lVfn2/sqEf3f7o+/kSL8Weoee70b2qOf6vZ+LfaIn6uzfh3scMYv7/+00dt418fjKdbxk/W4yct4qcR8WaH8W+99uXZdstqH0cci9bxm5LHnx8euXylXBpt/G0Z46tjR15u3/+Ig23iN87Z7l9ryMb+78valHbY/y++/fyZ5cfEf/7Zx+//Vtv/QES812H8/9z75NV2y+5cT+7WfwVsdf8nkY/bHcZ/4dzRH7Kis4YAAAAAAAAAALCD0rVr2ZK0sF5O00KhcQ/vf+NgWq5U545frszPTDSueTsc+bR5pdVwo57U62PZ9bjN+slN9VO5LGDuwFq9UKyUJ3rcdwAAAAAAAAAAAAAAAAAAAHhSHNp0//9vubX7/zc/rhrYq9o/8hvY6+Q/9K+H8z/pWTuA3ef/P/StmvyH/iX/oX/Jf+hf8h/6l/yH/iX/oX/JfwAAAAAAAAAAAAAAAAAAAAAAAAAA6IqLFy7Up9r9laVivT4xsDA/VXnrxESpOlWYni8WipXZq4XJSmWyXCoUK9N/9XlJpXJ1NGbmr43MlapzI9WFxTemK/MzzWeKlvJd7xEAAAAAAAAAAAAAAAAAAAD88wytTUlaiMg36mlaKET8KyIOJ5FcvlIujUbEvyPi+1x+sF4f63WjAQAAAAAAAAAAAAAAAAAAYI+pLixOjZfLpdnuFQayUF0M0XlhYCsrR8Tyzjaj/olbflc+24A93nR7o5B7Mr6HT36hh4MSAAAAAAAAAAAAAAAAAAD0qQc3/Xb6jj+62yAAAAAAAAAAAAAAAAAAAADoS+nPSUTUp2PDzw1tXrovWc2tvUbE27cufXBtfG5udqw+/+76/LkPs/kne9F+oFPNPE0jop7HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwAPVhcWp8XK5NLvNwmAH6/S6jwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADb8WcAAAD//y4WzlE=")
fallocate(0xffffffffffffffff, 0x10, 0x0, 0x8800000)
r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x1ff, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000300)={0x2, 0x4e20, @remote}, 0x10)
socket$nl_sock_diag(0x10, 0x3, 0x4)
ioctl$EVIOCGSND(r1, 0x8040451a, &(0x7f0000000480)=""/85)
mprotect(&(0x7f0000005000/0x3000)=nil, 0x3000, 0x9)
r2 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x9, 0x690bb, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x3, 0x6, 0x2, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x1)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, 0xffffffffffffffff)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="4800000010001fff0000056800080000faff0000", @ANYRES32=0x0, @ANYBLOB="c30c424700000000280012800a00010076786c616e00000018000280140010"], 0x48}, 0x1, 0x0, 0x0, 0x1}, 0x0)

1.744048914s ago: executing program 5 (id=757):
r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x88604, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_config_ext={0x8, 0x6}, 0x800, 0x10000, 0x20000, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
r2 = socket$l2tp6(0xa, 0x2, 0x73)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x40, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x24}, 0x94)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="04000000000000000000000000000000000000000000000000866f00"], 0x50)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000640)=@raw={'raw\x00', 0x8, 0x3, 0x338, 0x1c0, 0xe138, 0x198, 0x1c0, 0x198, 0x2a0, 0x358, 0x358, 0x2a0, 0x358, 0x3, 0x0, {[{{@ip={@broadcast, @loopback, 0x0, 0x0, '\x00', 'veth0_to_bond\x00', {}, {}, 0x21}, 0x0, 0x158, 0x1c0, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'fsm\x00', "0d0004000000000000000004fff0cf81dfd28c89544e14cd3e01dd24289831867846c88621039b284c3ff45c42995560a99952bed40cf5a8c1df6cdbdb7e2378d5afd35f4c16827f55b3af494e39e8fb330200000000000032b6a99a8d87298e88a94cb519f5c17631af916a0002000000000000000000000000000000000049", 0xc}}, @inet=@rpfilter={{0x28}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00', 'syz0\x00', {0xfffffffffffffffc}}}}, {{@uncond, 0x0, 0x98, 0xe0, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'syz0\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x398)
setsockopt$inet_sctp_SCTP_AUTOCLOSE(0xffffffffffffffff, 0x84, 0x4, &(0x7f0000000080)=0x12cc9210, 0x4)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c0000005e00679a3601ffc4910710007e570966f4366ec9d4"], 0x1c}, 0x1, 0x0, 0x0, 0x4004}, 0x0)
socket$netlink(0x10, 0x3, 0x7)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x72, 0x0, 0x7fff0000}]})
munlock(&(0x7f0000002000/0x4000)=nil, 0x4000)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r5, 0x8933, &(0x7f00000019c0))
read(r5, &(0x7f0000000240)=""/235, 0xeb)
sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000001980)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYRESDEC, @ANYRES16=r6, @ANYBLOB="090b00000000000000000500000008000300", @ANYRES8=r1], 0x1c}}, 0x2c000805)
recvmmsg$unix(0xffffffffffffffff, &(0x7f0000002380)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
set_mempolicy_home_node(&(0x7f0000ed9000/0x2000)=nil, 0x2000, 0x3, 0x0)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000c80)=ANY=[@ANYBLOB="5c00000009060108fffffc0000000000070000000900020073797a3100000000050001000700000034000780180006"], 0x5c}, 0x1, 0x0, 0x0, 0x10000042}, 0x90)
sendto$inet6(r3, &(0x7f0000000040)="aa", 0x1, 0x0, &(0x7f0000000100)={0xa, 0x0, 0xfffffffc, @dev={0xfe, 0x80, '\x00', 0x3}, 0x3}, 0x1c)
sendmsg$inet6(r2, &(0x7f0000001280)={&(0x7f00000000c0)={0xa, 0x4e23, 0xb, @private2={0xfc, 0x2, '\x00', 0x1}, 0xc}, 0x1c, &(0x7f0000000340)=[{&(0x7f00000001c0)="a068e003419b66da96ef3863ade636364d51e58a130509e86f68ab02731b3f1ce575eb7d9d0f4f16", 0x28}], 0x1}, 0x40004004)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
shutdown(r3, 0x1)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x14, &(0x7f0000000000)=0x1ff, 0x4)
setsockopt$inet_sctp6_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000080)={0x0, 0x1, 0x0, 0x8, 0x2, 0x819}, 0x14)
socket$nl_audit(0x10, 0x3, 0x9)

1.610148323s ago: executing program 0 (id=758):
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180200001a00000011000000000000008500000036000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000cd00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

1.539959677s ago: executing program 0 (id=760):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket(0x10, 0x803, 0x4)
syz_genetlink_get_family_id$batadv(&(0x7f0000000200), r1)
getsockname$packet(r1, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r3, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r4, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3c0000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="a4280400000000001400350064756d6d79300000000000000000000008000a00", @ANYRES32=r4], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8004)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5)
sendto$packet(r0, &(0x7f0000000040)="2717a90af1a30d71286f47000000", 0x6f, 0x40000, &(0x7f0000000180)={0x11, 0x16, 0x0, 0x1, 0x0, 0x6, @link_local}, 0x14)

1.192547827s ago: executing program 0 (id=763):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000050000000a20000000000a01030000000000000000010000000900010073797a310000000054000000030a01020000000000000000010000000900030073797a310000000028000480080002400000000008000140000000051400030076657468315f6d6163767461700000000900010073797a310000000058000000050a01020000000000000000010020000c00024000000000000000010900010073797a3100000000200004"], 0xf4}}, 0x10)

1.170152029s ago: executing program 3 (id=764):
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x27, 0x6, 0x0, 0x0, 0x0, 0x9, 0x690bb, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x1, @perf_bp={0x0, 0x8}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x3, 0x1, 0x2, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x1)
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4008094}, 0x4008814)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f00006e3000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
io_uring_setup(0x7f9, &(0x7f0000000040)={0x0, 0xc8df, 0xfc00, 0xa, 0x20002f7})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x300, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x1}, {0xfff1, 0xffff}, {0xe, 0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40005}, 0x20040000)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3, &(0x7f0000000000)=0x6, 0x4)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="300000001800090000000000000000001c140000fe0004000000f30004f3110007000000000000008d6880328c49d2ee"], 0x30}}, 0x0)

1.113884203s ago: executing program 0 (id=765):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00') (async)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
sendmsg$inet_sctp(r1, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000940)=[@authinfo={0x18, 0x84, 0x6, {0x66}}], 0x18, 0x4000}, 0x4000004) (async)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x102}) (async)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x102}) (async)
r4 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000300)={'rose0\x00', <r5=>0x0})
r6 = socket$nl_route(0x10, 0x3, 0x0)
preadv2(r3, &(0x7f0000000000)=[{&(0x7f0000000080)=""/126, 0x7e}], 0x1, 0x80000, 0x0, 0x4) (async)
sendmsg$nl_route(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="2000000011000100000002000000000000000000", @ANYRES32=r5], 0x20}}, 0x0) (async)
preadv(r0, &(0x7f0000000500)=[{0x0}, {&(0x7f00000003c0)=""/215, 0x5c}], 0x2, 0xfffffffd, 0x8)

1.029097588s ago: executing program 4 (id=767):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r1, 0x107, 0xa, &(0x7f0000000080)=0x1, 0x4)
setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f0000000140)=@req={0x2, 0xc, 0x3, 0x8}, 0x10)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000180)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=@newlink={0x48, 0x10, 0x437, 0x3, 0xffffffff, {0x0, 0x0, 0x0, r3, 0x51b0b}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @ip6gre={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x14, 0x7, @remote}]}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x48800}, 0x4000010)
sendto$packet(r0, &(0x7f0000000000)="6f3d12caa1", 0x5, 0x4, &(0x7f0000000180)={0x11, 0x8100, r3, 0x1, 0xe9, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}, 0x14)

1.006706379s ago: executing program 3 (id=768):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000007c0)={[{@nouid32}, {@nogrpid}, {@bh}]}, 0x1, 0x51d, &(0x7f0000001480)="$eJzs3c9vHFcdAPDvTLK2k7h1WnoABG1oCwFFWceb1qp6gHJCCFVC9AhSauyNZXnXa3nXpTaRcM9ckajECY78AZx74s4FwY1LOSDxwwLVSBwGzezY2di79uaHvZb385FG89688X7fizPvzbxd7wtgbN2IiJ2ImIiI9yNipjyelFu8093y8z7bfbC4t/tgMYkse++fSVGeH4uen8ldK19zKiJ+8J2IHydH47a3tlcXGo36Rpmf7TTXZ9tb27dXmgvL9eX6Wq02Pzd/5627b9YeozVTx5a+0pwoU1/+9A873/hpXq3p8khvO56lbtMrB3FylyPie6cRbAQule2ZGHVFeCJpRLwYEa8W1/9MXCp+mwDARZZlM5HN9OYBgIsuLebAkrRazgVMR5pWq905vJfiatpotTu37rc215a6c2XXo5LeX2nU75RzhdejkuT5uSL9MF87lL8bES9ExC8mrxT56mKrsTTKGx8AGGPXDo3//5nsjv8AwAV3/MdmAICLyPgPAOPH+A8A48f4DwDjpzv+X3ncH8uy7GenUR0A4Ax4/geA8WP8B4Cx8v133823bK/8/uulD7Y2V1sf3F6qt1erzc3F6mJrY7263GotF9/Z0zzp9Rqt1vrcG7H54fVvrrc7s+2t7XvN1uZa517xvd736pXirJ0zaBkAMMgLr3zy5yQfkd++UmzRs5ZDZaQ1A05bOuoKACNzadQVAEbGal8wvh4+4z/2hwBMD8AF0WeJ3kdM9fsDoSzLstOrEnDKbn7B/D+Mq575f58ChjFz0vx/sTawNwnhQjL/D+Mry5Jh1/yPYU8EAM63Y+b4r5/lfQgwOgPe/3+x3P+2fHPgR0uHz/j4NGsFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA59v++r/Vcpnf6UjTajXiuWIBoEpyf6VRvxMRz0fEnyYrk3l+bsR1BgCeVvq3pFz/6+bM69OPFL187SA5ERE/+dV7v/xwodPZ+GPERPKvyf3jnY/L47UTg02dRgsAgOPtj9PFvudB/rPdB4v721nW5+/f7t4V5HH3didi7yD+5bhc7KeiEhFX/52U+a6kZ+7iaex8FBGf79f+JKaLOZDuLcvh+Hns5840fvpI/LRcoDkt/y0+9wzqAuPmk7z/eaff9ZfGjWLf//qfKnqop1f2f/lLLe4VfeDD+Pv936UB/d+NYWO88fvvdlNXjpZ9FPHFyxH7sfd6+p/9+MmA+K8PGf8vX3r51UFl2a8jbkb/+L2xZjvN9dn21vbtlebCcn25vlarzc/N33nr7pu12WKOenbwaPCPt289P6gsb//VAfGnTmj/V4ds/2/+9/4Pv3JM/K+/1i9+Gi8dEz8fE782ZPyFq78b+Nydx1862v5kmN//rSHjf/rX7SPLhgMAo9Pe2l5daDTqGxIS5z+R/5c9B9Xom/jWWcWaiP5FP3+te00fKsqyJ4o1qMd4FrNuwHlwcNFHxH9HXRkAAAAAAAAAAAAAAKCvs/iLpVG3EQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIvr/wEAAP//Rb3T2A==")
r0 = creat(0x0, 0x182)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x80602, 0x148)
pwrite64(r1, &(0x7f0000000140)='2', 0xfdef, 0xfecc)
r2 = creat(&(0x7f0000000000)='./bus\x00', 0x111)
fallocate(r2, 0x0, 0x8001, 0x2000406)
unshare(0x22020600)
socket$netlink(0x10, 0x3, 0x8000000004)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000040)={0xc, r0, 0x4, 0x0, 0x0, 0xfffffffffe000002})

942.048333ms ago: executing program 6 (id=769):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000007c0)={[{@nouid32}, {@nogrpid}, {@bh}]}, 0x1, 0x51d, &(0x7f0000001480)="$eJzs3c9vHFcdAPDvTLK2k7h1WnoABG1oCwFFWceb1qp6gHJCCFVC9AhSauyNZXnXa3nXpTaRcM9ckajECY78AZx74s4FwY1LOSDxwwLVSBwGzezY2di79uaHvZb385FG89688X7fizPvzbxd7wtgbN2IiJ2ImIiI9yNipjyelFu8093y8z7bfbC4t/tgMYkse++fSVGeH4uen8ldK19zKiJ+8J2IHydH47a3tlcXGo36Rpmf7TTXZ9tb27dXmgvL9eX6Wq02Pzd/5627b9YeozVTx5a+0pwoU1/+9A873/hpXq3p8khvO56lbtMrB3FylyPie6cRbAQule2ZGHVFeCJpRLwYEa8W1/9MXCp+mwDARZZlM5HN9OYBgIsuLebAkrRazgVMR5pWq905vJfiatpotTu37rc215a6c2XXo5LeX2nU75RzhdejkuT5uSL9MF87lL8bES9ExC8mrxT56mKrsTTKGx8AGGPXDo3//5nsjv8AwAV3/MdmAICLyPgPAOPH+A8A48f4DwDjpzv+X3ncH8uy7GenUR0A4Ax4/geA8WP8B4Cx8v133823bK/8/uulD7Y2V1sf3F6qt1erzc3F6mJrY7263GotF9/Z0zzp9Rqt1vrcG7H54fVvrrc7s+2t7XvN1uZa517xvd736pXirJ0zaBkAMMgLr3zy5yQfkd++UmzRs5ZDZaQ1A05bOuoKACNzadQVAEbGal8wvh4+4z/2hwBMD8AF0WeJ3kdM9fsDoSzLstOrEnDKbn7B/D+Mq575f58ChjFz0vx/sTawNwnhQjL/D+Mry5Jh1/yPYU8EAM63Y+b4r5/lfQgwOgPe/3+x3P+2fHPgR0uHz/j4NGsFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA59v++r/Vcpnf6UjTajXiuWIBoEpyf6VRvxMRz0fEnyYrk3l+bsR1BgCeVvq3pFz/6+bM69OPFL187SA5ERE/+dV7v/xwodPZ+GPERPKvyf3jnY/L47UTg02dRgsAgOPtj9PFvudB/rPdB4v721nW5+/f7t4V5HH3didi7yD+5bhc7KeiEhFX/52U+a6kZ+7iaex8FBGf79f+JKaLOZDuLcvh+Hns5840fvpI/LRcoDkt/y0+9wzqAuPmk7z/eaff9ZfGjWLf//qfKnqop1f2f/lLLe4VfeDD+Pv936UB/d+NYWO88fvvdlNXjpZ9FPHFyxH7sfd6+p/9+MmA+K8PGf8vX3r51UFl2a8jbkb/+L2xZjvN9dn21vbtlebCcn25vlarzc/N33nr7pu12WKOenbwaPCPt289P6gsb//VAfGnTmj/V4ds/2/+9/4Pv3JM/K+/1i9+Gi8dEz8fE782ZPyFq78b+Nydx1862v5kmN//rSHjf/rX7SPLhgMAo9Pe2l5daDTqGxIS5z+R/5c9B9Xom/jWWcWaiP5FP3+te00fKsqyJ4o1qMd4FrNuwHlwcNFHxH9HXRkAAAAAAAAAAAAAAKCvs/iLpVG3EQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIvr/wEAAP//Rb3T2A==")
r0 = creat(0x0, 0x182)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x80602, 0x148)
pwrite64(r1, &(0x7f0000000140)='2', 0xfdef, 0xfecc)
r2 = creat(&(0x7f0000000000)='./bus\x00', 0x111)
fallocate(r2, 0x0, 0x8001, 0x2000406)
unshare(0x22020600)
socket$netlink(0x10, 0x3, 0x8000000004)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000040)={0xc, r0, 0x4, 0x0, 0x0, 0xfffffffffe000002})

936.898423ms ago: executing program 4 (id=770):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x47f2, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xbecd6000)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a0300ea000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x40080)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000ef0000000000000500000a4c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc080003400000001408000c4000000e45400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c000180060001"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)

869.060237ms ago: executing program 5 (id=771):
bpf$TOKEN_CREATE(0x24, &(0x7f0000000040), 0x8) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0xe, &(0x7f0000000780)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)

739.236105ms ago: executing program 5 (id=772):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7, 0x0, 0x1, 0x10000}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x4000}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}, @call={0x85, 0x0, 0x0, 0x7}]}, &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000001c0)={{r0}, &(0x7f0000000080), &(0x7f0000000180)='%pS    \x00'}, 0x20)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xe4776000)
prctl$PR_GET_NAME(0x10, &(0x7f0000000000)=""/14)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000003c0)={r1, r0}, 0xc)

653.69889ms ago: executing program 4 (id=773):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
connect$inet(r0, 0x0, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r1, &(0x7f0000000040)={0x0, 0x140, &(0x7f0000000140)=[{&(0x7f0000000400)="89000000120081ae08060cdc03a6000000000002000000006ee2ffca1b1f0005000004c00e72f750375ed08a563319bf9ed720000000d6e747033a0093b837dc6cc01e32efaec8c7a6ec0012100002400d0c0c00bdad446b9bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x0)

653.31516ms ago: executing program 5 (id=774):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000100), r0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000b40)={&(0x7f0000000500)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c00000007000000040000000000000c0100000000610061ff5c"], &(0x7f0000000400)=""/220, 0x2b, 0xdc, 0x1}, 0x28)
sendmsg$L2TP_CMD_SESSION_GET(r0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x40, r1, 0x200, 0x70bd2d, 0x25dfdbfe, {}, [@L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_DEBUG={0x8, 0x11, 0x1}, @L2TP_ATTR_PEER_COOKIE={0xc, 0x10, 0x8f}, @L2TP_ATTR_UDP_ZERO_CSUM6_RX={0x5}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x2}]}, 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
r2 = fsopen(&(0x7f0000000040)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f00000001c0)='task\x00')
r4 = fsmount(r3, 0x0, 0x74)
fchownat(r4, &(0x7f0000000080)='.\x00', 0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x21c91c, &(0x7f0000000440)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800000}}, {@noblock_validity}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x200000}}, {@jqfmt_vfsold}, {@noinit_itable}, {@quota}, {@noauto_da_alloc}, {@sysvgroups}, {@resgid, 0x32}]}, 0x1, 0x4e0, &(0x7f0000001a40)="$eJzs3d9rW9cdAPDvla0sP5zZYXvIAsvCkmGHLZIdL4nZQ7bB2J4C27L3zLNlYyxbxpKT2ITNYX/AYIy10Kc+9aXQP6BQ8ieUQqB9L21pKW3SPhTaRkVXUuI4UuwQWUqtzweOdO7Rvfqeo4uO7rn3cBVA3zoVEacj4kG1Wj0bEcON8kwjxWY91da7f+/WTC0lUa1e/SyJSOpltdXGtrznkcZmByPir3+K+EfyZNzy+sbidLFYWG0s5ytLK/ny+sa5haXp+cJ8YXlycuLi1KWpC1PjHWnnUERc/sNH///Pa3+8/Navbrx/7ZOxfyaN8ohH7ei0etOz6WfRNBgRq3sRrEcG0xYCAPB90DzO/3lEnI3hGEiP5gAAAID9pPrbofgmiagCAAAA+1YmnQObZHKNeQBDkcnkcvU5vD+Ow5liqVz55VxpbXm2Pld2JLKZuYViYbwxV3gksklteSLNP1o+v215MiKORcT/hg+ly7mZUnG21yc/AAAAoE8c2Tb+/3K4Pv7f4uueVQ4AAADonJFeVwAAAADYc8b/AAAAsP8Z/wMAAMC+9ucrV2qp2vz/69nr62uLpevnZgvlxdzS2kxuprS6kpsvlebTe/Yt7fR+xVJp5dexvHYzXymUK/ny+sa1pdLacuXawmN/gQ0AAAB00bGf3XkviYjN3xxKU82BXlcK6IrBZ1n5w72rB9B9A72uANAzz/T7D+wr2V5XAOi5ZIfX207eebvzdQEAAPbG6E9aX/8f2PHcwGamS1UE9ojzf9C/XP+H/uX6P/SvbAyEgTz0t51uAfr81/+r1WeqEAAA0HFDaUoyuYj0PMBQZDK5XMTRdEyQTeYWioXxiPhhRLw7nP1BbXki3TLZcc4wAAAAAAAAAAAAAAAAAAAAAAAAAFBXrSZRBQAAAPa1iMzHSXo3/4jR4TND288PHEi+Gk6fI+LGK1dfujldqaxO1Mo/f1heeblRfr4XZzAAAACA7Zrj9OY4HgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA66f69WzPN1M24n/4+IkZaxR+Mg+nzwchGxOEvkhjcsl0SEQMdiL95OyKOt4qf1KoVI41atIp/qMfxj3QgPvSzO7X+53etvn+ZOJU+t/7+XUx7qOfXvv/LPOz/BlrEr5Ud3WWME3ffyLeNfzvixGDr/qcZP2nT/5zeZfy//21jo91r1VcjRlv+/iSPxcpXllby5fWNcwtL0/OF+cLy5OTExalLUxemxvNzC8VC47FljP/+9M0HT2v/4TbxR3Zo/5ldtv/buzfv/aiezT7cPHkUf+x06/1/vE38TGP//6KRr70+2sxv1vNbnXz9nZNPa/9sm/bvtP/Hdtn+s3/59we7XBUA6ILy+sbidLFYWO3rzHN9GrXDoheiFS9mpva5vgDVaJn51x68c+3IvNft6kSmp90SAACwB54cAwMAAAAAAAAAAAAAAAAAAADd1o3biWW3xdxMHztx93wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgM75LgAA///6fNJN")
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x324a038, &(0x7f00000008c0)=ANY=[], 0xb, 0x0, &(0x7f0000000000))
r5 = syz_genetlink_get_family_id$fou(&(0x7f0000000240), r0)
sendmsg$FOU_CMD_DEL(r0, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="000428bd7000fedbdf250200000014000900fc0000000000000000000000000045ae"], 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x44044004)
r6 = syz_genetlink_get_family_id$fou(&(0x7f00000069c0), 0xffffffffffffffff)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
unshare(0x2a020400)
r7 = syz_open_dev$evdev(&(0x7f0000000140), 0x0, 0x0)
ioctl$EVIOCRMFF(r7, 0x4004550f, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x20, 0x0, 0x0, 0x0, 0x5, 0x20280, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x1, @perf_config_ext={0x7fffffffffffffff, 0x4}, 0x4, 0x40, 0x11000, 0x1, 0x4, 0x3, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0x9)
r8 = socket(0x10, 0x3, 0x9)
openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0)
sendmsg$FOU_CMD_ADD(r0, &(0x7f0000006ac0)={0x0, 0x0, &(0x7f0000006a80)={&(0x7f0000006a00)={0x34, r6, 0x1, 0x70bd2a, 0x25dfdbfb, {}, [@FOU_ATTR_PEER_PORT={0x6, 0xa, 0x4e20}, @FOU_ATTR_PEER_V4={0x8, 0x8, @dev={0xac, 0x14, 0x14, 0x2e}}, @FOU_ATTR_AF={0x5, 0x2, 0x2}, @FOU_ATTR_TYPE={0x5, 0x4, 0x1}]}, 0x34}, 0x1, 0x0, 0x0, 0x4048040}, 0x24040005)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x20000001, &(0x7f0000000300)={0xa, 0x4e20, 0x5, @mcast1}, 0x1c)
fcntl$setpipe(r8, 0x407, 0x6)

636.258271ms ago: executing program 3 (id=775):
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0xbccc0bab2d1645b3}, 0xc, 0xfffffffffffffffc, 0x1, 0x0, 0x0, 0x8000}, 0x4800)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r0)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000040)=ANY=[@ANYBLOB="d0000000", @ANYRES16=r1, @ANYBLOB="010000000000000000000100000090000100000000000400048008000c8004000b800800020001000000a00008809c000780080077144ebb0000080006"], 0xd0}}, 0x0)

539.730867ms ago: executing program 6 (id=776):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="fc010000190001000000000002000000e0000001000000000003000000000000ac1414bb00000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000044010500"], 0x1fc}}, 0x0)

450.044522ms ago: executing program 3 (id=777):
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000005000)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
r0 = socket(0x10, 0x3, 0x0)
sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0x0)
setsockopt$RXRPC_EXCLUSIVE_CONNECTION(r0, 0x110, 0x3)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x1000000009, 0x640b9, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x8, 0x3fff8000}, 0xa00, 0x81, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0xa)
r1 = socket$inet6(0xa, 0x80002, 0x0)
r2 = socket(0x10, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f0000000c80)={'ip6_vti0\x00', &(0x7f0000000000)={'syztnl1\x00', <r3=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local, @private2={0xfc, 0x2, '\x00', 0x5}, 0x7800, 0x7800, 0xfffffffc, 0xdc64}})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r2, 0x89f3, &(0x7f0000000080)={'syztnl1\x00', &(0x7f00000000c0)={'ip6_vti0\x00', r3, 0x0, 0x0, 0x2, 0x1000, 0x64, @private2={0xfc, 0x2, '\x00', 0x1}, @mcast2, 0x7, 0x0, 0xfffffffc}})
getsockopt$WPAN_SECURITY(r2, 0x0, 0x1, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xc, 0x1b, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000055a60701000000000000000018110000", @ANYRES32=r4, @ANYRES32=r4, @ANYBLOB="0000000000000000b7020000030000088500000086000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r5, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b800000500000000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback={0xff00000000000000}, 0x2000400}, 0x1c)
sendmmsg$inet6(r1, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x176}}], 0x400000000000172, 0x4000000)

449.593123ms ago: executing program 4 (id=778):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000001e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000540)={{0x14, 0x10, 0x1, 0x0, 0x2400}, [@NFT_MSG_NEWRULE={0x40, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x14, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @fib={{0x8}, @val={0x4}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x68}}, 0x0)

442.433003ms ago: executing program 6 (id=779):
socket$qrtr(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x2000c015}, 0x2404c8c0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
r1 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x800000, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000440)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
semget$private(0x0, 0x207, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), r0)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000040)={0x0, r0}, 0x8)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2c}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r3, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={r2, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='fd\x00')
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
fchdir(r4)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000024c0)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)=@abs={0x1, 0x30}, 0x6e, 0x0}}], 0x2, 0xe0)

438.672064ms ago: executing program 4 (id=780):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0xa, &(0x7f0000000080)=@framed={{0x18, 0x3, 0x0, 0x0, 0xa2ff}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @initr0={0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x4}, @generic={0x65}, @initr0={0x18, 0x0, 0x0, 0x0, 0x20000000, 0x0, 0x0, 0x0, 0xd67}, @exit]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x45}, 0x94)

400.975146ms ago: executing program 4 (id=781):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x20800000000, 0xb, &(0x7f0000006680))
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000002880), 0xffffffffffffffff)
syz_emit_ethernet(0x4e, &(0x7f00000000c0)={@broadcast, @empty, @void, {@ipv6={0x86dd, @icmpv6={0x7, 0x6, "001b01", 0x18, 0x3a, 0xff, @initdev={0xfe, 0x88, '\x00', 0x2, 0x0}, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0xff, 0x2, 0x3, 0x1, 0xfffffff6, [{0x5, 0x1, "c89600000500"}]}}}}}}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet(0x2, 0x3, 0x2)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x15}}]}, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/uts\x00')
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, 0x0)
get_mempolicy(0x0, &(0x7f00000001c0), 0x4, &(0x7f0000001000/0x1000)=nil, 0x1)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x1d}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r4 = socket$inet6(0xa, 0x3, 0x1)
r5 = socket(0x10, 0x3, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x8, 0x3, 0x560, 0x0, 0xffffffff, 0xffffffff, 0xf0, 0xffffffff, 0x490, 0xffffffff, 0xffffffff, 0x490, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xf0}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@mcast2, 'vxcan1\x00', {0x8}}}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xfd}}, [], [0x0, 0xffffffff], 'pim6reg\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0x358, 0x3a0, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'veth0_virt_wifi\x00', {0x4, 0x8, 0x20, 0x5e1b2d47, 0xf91, 0x5, 0x4, 0x9f7, 0x18}, {0x8}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x5}}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@mcast2, 'bridge_slave_0\x00', {0x53}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x5c0)
ioctl$SIOCSIFMTU(r5, 0x8923, &(0x7f0000000000)={'vxcan1\x00', 0x96})
setsockopt$inet_mreqsrc(r2, 0x0, 0x27, &(0x7f0000000280)={@multicast2, @local, @remote}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f00000000c0)=ANY=[@ANYBLOB="e0000002ac1414aa0000000003"], 0x1c)
syz_emit_ethernet(0x36, &(0x7f0000001840)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaaaabbc500000028006400000402907800000000e0000002110090783bf5e711000100010000000000000000d27eb1470660977922018495937267a6595f5e42daf32c3c4df976b514284b330ef09d9b47cf9eebf0d13d9877893084659a0f413682e676e02fb72cbc421431e70f02cf4a3e480a013a53be6737285f857ea7a60a4677b9b84452c47805e29ae4bf32abb21a8f57245b4a3788dad1bf3f7a56e5c2fb438c5551b2e552aa694e1584f93753bca1438c0e953a59f33a115ab2c89af9979f4bfc9407e652887966"], 0x0)
sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="300000001000010029bd70e1fcdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="211000000300000008001b0000000000080004000180"], 0x30}, 0x1, 0x0, 0x0, 0x801}, 0x4000000)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x8, 0x1014}, 0x50)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0xc, 0x4, 0x4, 0x7, 0x0, r6}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r7, <r8=>0xffffffffffffffff}, &(0x7f0000000180), &(0x7f00000001c0)=r6}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r8, &(0x7f0000000080), 0x0}, 0x20)
r9 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000300), r0)
sendmsg$L2TP_CMD_SESSION_MODIFY(r0, &(0x7f0000000440)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x60, r9, 0x800, 0x70bd2d, 0x25dfdbfd, {}, [@L2TP_ATTR_IP_SADDR={0x8, 0x18, @empty}, @L2TP_ATTR_IFNAME={0x14, 0x8, 'bridge0\x00'}, @L2TP_ATTR_COOKIE={0xc}, @L2TP_ATTR_ENCAP_TYPE={0x6}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @private2={0xfc, 0x2, '\x00', 0x1}}, @L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x3}]}, 0x60}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000180))
socket$netlink(0x10, 0x3, 0x0)

354.602529ms ago: executing program 3 (id=782):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000000)={0x27, 0x4, 0x1}, 0x6)
getsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x1f, 0x0, &(0x7f0000000000))
mmap(&(0x7f0000352000/0x4000)=nil, 0x4000, 0x3, 0x2010, r0, 0xb0475000)
mbind(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x1, 0x0, 0x1ff, 0x3)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x3, 0x3a)
socket$netlink(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket(0x25, 0xa, 0x6)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = creat(&(0x7f0000000240)='./file1\x00', 0x0)
r2 = open(&(0x7f0000000280)='.\x00', 0x20000, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c00000003080102000000074441980000000000050003"], 0x1c}, 0x1, 0x0, 0x0, 0x50}, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
r4 = openat$cgroup_ro(r2, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f00000000c0)={'#! ', '', [{0x20, '-#:\x0e(('}, {0x20, '1\xfc\xc70\xd0\xd7\b\x00\x00\x00\x03\xd7\xf9E\f\xccN\x14\x04\xa9\x89,\xfdj\x11@\xd00\x92\xc7\xf3\xa0\xc6\x16\xcd\x8e\xb1p\xe6\xf4\x15'}]}, 0x35)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x13, r3, 0x0)
r5 = openat$cgroup_ro(r2, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$batadv(&(0x7f0000007580), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000007640)={&(0x7f0000000000)=ANY=[@ANYBLOB="46040000", @ANYRES16=r7, @ANYBLOB="ff830500000700ffffff", @ANYRES8=r2], 0x4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
sendfile(r6, r5, 0x0, 0x100000002)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000080), 0xffffffffffffffff)

177.787799ms ago: executing program 0 (id=783):
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
mlock2(&(0x7f0000751000/0x3000)=nil, 0x3000, 0x0)
munlockall()
sendmsg$nl_route(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000005a40)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100fe0f00000c000200367da1650e000000280003800c00fe0001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32=r1], 0xb4}}, 0x0)

168.63263ms ago: executing program 3 (id=784):
r0 = syz_mount_image$msdos(&(0x7f0000000140), &(0x7f0000001080)='./bus\x00', 0x80, &(0x7f00000010c0)=ANY=[@ANYBLOB="666c7573682c6e6f646f74732c646973636172642c646d61736b3d30303030303030303030303030303030303030303030322c646d61736b3d30303030303030303030303030303030303030303137372c646f74732c6e6f646f74732c71756965742c646f74732c0023c3cb4d2e3cbf18508098fe0de2af38db67d42d1bc4ab714d52f019082433fc9ca2d7174b2c4ece31c9f4c7a4d53914e100"/167], 0x1, 0x140, &(0x7f0000000000)="$eJzs27Fq21AUBuDj2m3ddvFcOgi6dDJtn6CluFAqaEnwkEwJOFnsYIgXJZMfJS8YCJ683ZAo2Imxhwy2IPq+RT/8CO4dpMMV6OjT2XAwnpyO/8+i3WhE60dkMW9EJ15FM0rTAABeknlKcZNSSm+n8e4qUkpVrwgA2DbzHwDqx/wHgPox/wGgfvYPDv/+zPPeXpa1I66nRb/ol9ey//0n733N7nWWd82Kot9c9N/KPnvav473D/33tf2b+PK57O+6X//ylf5DDLa/fQAAAKiFbraw9nzf7W7qy/To+8DK+b0VH1s72wYA8AyTi8vh8Wh0ci4IgrAIVb+ZgG1bPvRVrwQAAAAAAAAAAAAAANhkF78TVb1HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWHUbAAD//0DvUik=")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x1c1840, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x0, 0x80)
ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000001c0)=<r3=>0x0)
ioctl$AUTOFS_DEV_IOCTL_FAIL(r2, 0xc0189377, &(0x7f0000000240)={{0x1, 0x1, 0x18, r0, {0x2, 0x2}}, './bus\x00'})
wait4(r3, 0x0, 0x8, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000e80)='./bus\x00', 0x1c1002, 0x0)
write(r4, &(0x7f0000000200)="000bda", 0x3)
syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f0000000280)='./file0\x00', 0x180c8, &(0x7f0000000580)=ANY=[@ANYBLOB="6e66732c646f74732c636865636b3d7374726963742c646f74732c6572726f72733d72656d6f756e742d726f2c00fc403bb14281bbfb9b8213bd6284536d64789a24dd73b98b3e33cb47fed8a736464bb62e9e891aa832722dfc28bfa4489b3a127a503e72326b737d0f67c97be6f37ef46154dec39ef8718946ffc8cd4d735a0b101c1722477bbe2f923577ea51f7116f17c3ddf5c497fba2d0bb3272d123b31e9461d4e2d65a42e1174fa269de92e463fc1ca202650fe2628e15341e45dce6c0de2367bdb50cc5b2b462e1d45fc3265f1a88561ab6afb1b73a3b340b5c5fc6e601843a59f3cdeb36991cfa985453287d4c9d2d6e21adddc57a607369c682e821b20dc0efd51d12f386f3f8e53c05e696e50c7c3f79b1b0bd7e5cfaf3f63d8949c8dd2fd94aa0f259a4cb9412c30c45f9d4d63d267d2a43f03a47fa56b3"], 0x1, 0x242, &(0x7f0000000300)="$eJzs3bFqFFEUBuBjskmWNKYWiwEbq0WtbBeJIA4IK1No5UC0SUSYNKPVPIbP4CP5GKnSjZhZsklcbczm7s58Hyz3wM/Cuc3eLc6d+fDw8/HRl9NP7c/vMR5nMYpo2jbiILZiOzr35uvWRb0bVzUBAGya2aycpu6B1aqqabkTEXt/JMWPJA0BAAAAAAAAAADw35bN/8e5+X8A6DPz//1XVdNyf/7/7Trz/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEA65217v/3HJ3V/AMDtc/4DwPA4/wFgeJz/ADA8b9+9fz3N88NZlo0jzpq6qItu7fKXr/LDJ9mFg8W3zuq62L7Mn3Z5dj3fif15/mxpvhuPH3X57+zFm/xGvhdHq98+AAAAAAAAAAAAAAAAAAAArIVJdmnp/f7J5G95V115PsCN+/ujeDC6s20AAAAAAAAAAAAAAAAAAADARjv9+u24PDn5WCl6U8TztWjjrouItWijL0XqXyYAAAAAAAAAAAAAAAAAABiexaXf1J0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQDqL9/+vroiIpu2k3i4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQY78CAAD//139ms4=")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
sendfile(r4, r1, 0x0, 0x40001)
sendfile(r4, r2, 0x0, 0x7ffff000)

90.467445ms ago: executing program 6 (id=785):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000007c0)={[{@nouid32}, {@nogrpid}, {@bh}]}, 0x1, 0x51d, &(0x7f0000001480)="$eJzs3c9vHFcdAPDvTLK2k7h1WnoABG1oCwFFWceb1qp6gHJCCFVC9AhSauyNZXnXa3nXpTaRcM9ckajECY78AZx74s4FwY1LOSDxwwLVSBwGzezY2di79uaHvZb385FG89688X7fizPvzbxd7wtgbN2IiJ2ImIiI9yNipjyelFu8093y8z7bfbC4t/tgMYkse++fSVGeH4uen8ldK19zKiJ+8J2IHydH47a3tlcXGo36Rpmf7TTXZ9tb27dXmgvL9eX6Wq02Pzd/5627b9YeozVTx5a+0pwoU1/+9A873/hpXq3p8khvO56lbtMrB3FylyPie6cRbAQule2ZGHVFeCJpRLwYEa8W1/9MXCp+mwDARZZlM5HN9OYBgIsuLebAkrRazgVMR5pWq905vJfiatpotTu37rc215a6c2XXo5LeX2nU75RzhdejkuT5uSL9MF87lL8bES9ExC8mrxT56mKrsTTKGx8AGGPXDo3//5nsjv8AwAV3/MdmAICLyPgPAOPH+A8A48f4DwDjpzv+X3ncH8uy7GenUR0A4Ax4/geA8WP8B4Cx8v133823bK/8/uulD7Y2V1sf3F6qt1erzc3F6mJrY7263GotF9/Z0zzp9Rqt1vrcG7H54fVvrrc7s+2t7XvN1uZa517xvd736pXirJ0zaBkAMMgLr3zy5yQfkd++UmzRs5ZDZaQ1A05bOuoKACNzadQVAEbGal8wvh4+4z/2hwBMD8AF0WeJ3kdM9fsDoSzLstOrEnDKbn7B/D+Mq575f58ChjFz0vx/sTawNwnhQjL/D+Mry5Jh1/yPYU8EAM63Y+b4r5/lfQgwOgPe/3+x3P+2fHPgR0uHz/j4NGsFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA59v++r/Vcpnf6UjTajXiuWIBoEpyf6VRvxMRz0fEnyYrk3l+bsR1BgCeVvq3pFz/6+bM69OPFL187SA5ERE/+dV7v/xwodPZ+GPERPKvyf3jnY/L47UTg02dRgsAgOPtj9PFvudB/rPdB4v721nW5+/f7t4V5HH3didi7yD+5bhc7KeiEhFX/52U+a6kZ+7iaex8FBGf79f+JKaLOZDuLcvh+Hns5840fvpI/LRcoDkt/y0+9wzqAuPmk7z/eaff9ZfGjWLf//qfKnqop1f2f/lLLe4VfeDD+Pv936UB/d+NYWO88fvvdlNXjpZ9FPHFyxH7sfd6+p/9+MmA+K8PGf8vX3r51UFl2a8jbkb/+L2xZjvN9dn21vbtlebCcn25vlarzc/N33nr7pu12WKOenbwaPCPt289P6gsb//VAfGnTmj/V4ds/2/+9/4Pv3JM/K+/1i9+Gi8dEz8fE782ZPyFq78b+Nydx1862v5kmN//rSHjf/rX7SPLhgMAo9Pe2l5daDTqGxIS5z+R/5c9B9Xom/jWWcWaiP5FP3+te00fKsqyJ4o1qMd4FrNuwHlwcNFHxH9HXRkAAAAAAAAAAAAAAKCvs/iLpVG3EQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIvr/wEAAP//Rb3T2A==")
r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x182)
r1 = openat(0xffffffffffffff9c, 0x0, 0x80602, 0x148)
pwrite64(r1, &(0x7f0000000140)='2', 0xfdef, 0xfecc)
r2 = creat(&(0x7f0000000000)='./bus\x00', 0x111)
fallocate(r2, 0x0, 0x8001, 0x2000406)
unshare(0x22020600)
socket$netlink(0x10, 0x3, 0x8000000004)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000040)={0xc, r0, 0x4, 0x0, 0x0, 0xfffffffffe000002})

0s ago: executing program 5 (id=786):
syz_mount_image$msdos(&(0x7f0000000140), &(0x7f0000001080)='./bus\x00', 0x80, &(0x7f00000010c0)=ANY=[@ANYBLOB="666c7573682c6e6f646f74732c646973636172642c646d61736b3d30303030303030303030303030303030303030303030322c646d61736b3d30303030303030303030303030303030303030303137372c646f74732c6e6f646f74732c71756965742c646f74732c0023c3cb4d2e3cbf18508098fe0de2af38db67d42d1bc4ab714d52f019082433fc9ca2d7174b2c4ece31c9f4c7a4d53914e100"/167], 0x1, 0x140, &(0x7f0000000000)="$eJzs27Fq21AUBuDj2m3ddvFcOgi6dDJtn6CluFAqaEnwkEwJOFnsYIgXJZMfJS8YCJ683ZAo2Imxhwy2IPq+RT/8CO4dpMMV6OjT2XAwnpyO/8+i3WhE60dkMW9EJ15FM0rTAABeknlKcZNSSm+n8e4qUkpVrwgA2DbzHwDqx/wHgPox/wGgfvYPDv/+zPPeXpa1I66nRb/ol9ey//0n733N7nWWd82Kot9c9N/KPnvav473D/33tf2b+PK57O+6X//ylf5DDLa/fQAAAKiFbraw9nzf7W7qy/To+8DK+b0VH1s72wYA8AyTi8vh8Wh0ci4IgrAIVb+ZgG1bPvRVrwQAAAAAAAAAAAAAANhkF78TVb1HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWHUbAAD//0DvUik=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x1c1840, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x0, 0x0)
ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f00000001c0)=<r2=>0x0)
wait4(r2, 0x0, 0x8, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000e80)='./bus\x00', 0x1c1002, 0x0)
write(r3, &(0x7f0000000200)="000bda", 0x3)
sendfile(r3, r0, 0x0, 0x40001)
sendfile(r3, r1, 0x0, 0x7ffff013)

kernel console output (not intermixed with test programs):

10: 0000000000004001 R11: 0000000000000246 R12: 0000000000000001
[   70.092061][ T4515] R13: 00007f6b75786038 R14: 00007f6b75785fa0 R15: 00007ffe4e238048
[   70.092124][ T4515]  </TASK>
[   70.441283][ T3311] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.470286][ T4519] netlink: 108 bytes leftover after parsing attributes in process `syz.2.338'.
[   70.490100][ T4521] loop1: detected capacity change from 0 to 512
[   70.499147][ T4517] team0 (unregistering): Port device team_slave_0 removed
[   70.520208][ T4521] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   70.531977][ T4521] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[   70.583639][ T4517] team0 (unregistering): Port device team_slave_1 removed
[   70.594702][ T4521] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4215: comm syz.1.337: Allocating blocks 41-42 which overlap fs metadata
[   70.625655][ T4521] Quota error (device loop1): write_blk: dquota write failed
[   70.634190][ T4521] Quota error (device loop1): find_free_dqentry: Can't write quota data block 5
[   70.648016][ T4530] loop4: detected capacity change from 0 to 512
[   70.665412][ T4530] EXT4-fs: Ignoring removed bh option
[   70.671692][ T4530] EXT4-fs: Ignoring removed mblk_io_submit option
[   70.689943][   T29] audit: type=1400 audit(1769394423.363:932): avc:  denied  { connect } for  pid=4516 comm="syz.0.336" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   70.700058][ T4534] 9p: Bad value for 'rfdno'
[   70.713697][ T4521] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4215: comm syz.1.337: Allocating blocks 41-42 which overlap fs metadata
[   70.737086][ T4521] Quota error (device loop1): write_blk: dquota write failed
[   70.758518][ T4530] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[   70.782827][ T4521] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[   70.796661][ T4530] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   70.806475][ T4530] EXT4-fs (loop4): orphan cleanup on readonly fs
[   70.814642][ T4530] EXT4-fs error (device loop4): ext4_acquire_dquot:6986: comm syz.4.340: Failed to acquire dquot type 1
[   70.833015][ T4521] EXT4-fs error (device loop1): ext4_acquire_dquot:6986: comm syz.1.337: Failed to acquire dquot type 1
[   70.856386][ T4530] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.340: Invalid block bitmap block 0 in block_group 0
[   70.875105][ T4521] EXT4-fs error (device loop1): mb_free_blocks:2037: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[   70.895896][ T4530] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.340: Invalid block bitmap block 0 in block_group 0
[   70.917036][ T4521] EXT4-fs error (device loop1): ext4_do_update_inode:5617: inode #12: comm syz.1.337: corrupted inode contents
[   70.930618][ T4530] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.340: Invalid block bitmap block 0 in block_group 0
[   70.959916][ T4521] EXT4-fs error (device loop1): ext4_dirty_inode:6502: inode #12: comm syz.1.337: mark_inode_dirty error
[   70.975805][ T4530] EXT4-fs error (device loop4): ext4_acquire_dquot:6986: comm syz.4.340: Failed to acquire dquot type 1
[   70.990376][ T4521] EXT4-fs error (device loop1): ext4_do_update_inode:5617: inode #12: comm syz.1.337: corrupted inode contents
[   70.999013][ T4532] loop2: detected capacity change from 0 to 8192
[   71.006509][ T4521] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #12: comm syz.1.337: mark_inode_dirty error
[   71.046081][ T4521] EXT4-fs error (device loop1): ext4_do_update_inode:5617: inode #12: comm syz.1.337: corrupted inode contents
[   71.046093][ T4530] EXT4-fs error (device loop4): ext4_acquire_dquot:6986: comm syz.4.340: Failed to acquire dquot type 1
[   71.075676][ T4530] EXT4-fs (loop4): 1 orphan inode deleted
[   71.094208][ T4530] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   71.125368][ T4549] netlink: 'syz.3.346': attribute type 10 has an invalid length.
[   71.137153][ T4530] EXT4-fs error (device loop4): ext4_lookup:1785: inode #15: comm syz.4.340: iget: bad i_size value: 360287970189639690
[   71.160006][ T4549] 8021q: adding VLAN 0 to HW filter on device bond0
[   71.171567][ T4549] team0: Port device bond0 added
[   71.183551][ T4521] EXT4-fs error (device loop1) in ext4_orphan_del:303: Corrupt filesystem
[   71.202573][ T4521] EXT4-fs error (device loop1): ext4_do_update_inode:5617: inode #12: comm syz.1.337: corrupted inode contents
[   71.217678][ T4521] EXT4-fs error (device loop1): ext4_truncate:4635: inode #12: comm syz.1.337: mark_inode_dirty error
[   71.230796][ T4521] EXT4-fs error (device loop1) in ext4_process_orphan:345: Corrupt filesystem
[   71.266723][ T4521] EXT4-fs (loop1): 1 truncate cleaned up
[   71.287344][ T4521] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.335963][ T4521] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000.
[   71.392339][ T3323] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.587981][ T4565] syzkaller0: entered promiscuous mode
[   71.594672][ T4565] syzkaller0: entered allmulticast mode
[   71.739411][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.933869][ T4568] bridge0: port 2(bridge_slave_1) entered disabled state
[   71.943188][ T4568] bridge0: port 1(bridge_slave_0) entered disabled state
[   71.957962][ T4574] 8021q: VLANs not supported on ip_vti0
[   71.970358][ T4574] loop1: detected capacity change from 0 to 512
[   72.007821][ T4574] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   72.019037][ T4574] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[   72.056869][ T4574] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4215: comm syz.1.354: Allocating blocks 41-42 which overlap fs metadata
[   72.095573][ T4587] netlink: 16 bytes leftover after parsing attributes in process `syz.0.358'.
[   72.146689][ T4574] EXT4-fs error (device loop1): ext4_acquire_dquot:6986: comm syz.1.354: Failed to acquire dquot type 1
[   72.161099][ T4574] EXT4-fs error (device loop1): mb_free_blocks:2037: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[   72.230974][ T4597] netlink: 16 bytes leftover after parsing attributes in process `syz.4.361'.
[   72.243363][ T4574] EXT4-fs error (device loop1): ext4_do_update_inode:5617: inode #12: comm syz.1.354: corrupted inode contents
[   72.256907][ T4574] EXT4-fs error (device loop1): ext4_dirty_inode:6502: inode #12: comm syz.1.354: mark_inode_dirty error
[   72.257441][ T4574] EXT4-fs error (device loop1): ext4_do_update_inode:5617: inode #12: comm syz.1.354: corrupted inode contents
[   72.315886][ T4574] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #12: comm syz.1.354: mark_inode_dirty error
[   72.317970][ T4592] bridge0: port 3(macvtap1) entered blocking state
[   72.338896][ T4592] bridge0: port 3(macvtap1) entered disabled state
[   72.348706][ T4600] loop2: detected capacity change from 0 to 4096
[   72.356669][ T4574] EXT4-fs error (device loop1): ext4_do_update_inode:5617: inode #12: comm syz.1.354: corrupted inode contents
[   72.377974][ T4600] EXT4-fs warning (device loop2): ext4_enable_quotas:7221: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[   72.380848][ T4592] macvtap1: entered allmulticast mode
[   72.395591][ T4600] EXT4-fs (loop2): mount failed
[   72.400644][ T4592] bridge0: entered allmulticast mode
[   72.417560][ T4574] EXT4-fs error (device loop1) in ext4_orphan_del:303: Corrupt filesystem
[   72.428407][ T4604] netlink: 16 bytes leftover after parsing attributes in process `syz.0.364'.
[   72.429688][ T4574] EXT4-fs error (device loop1): ext4_do_update_inode:5617: inode #12: comm syz.1.354: corrupted inode contents
[   72.456657][ T4574] EXT4-fs error (device loop1): ext4_truncate:4635: inode #12: comm syz.1.354: mark_inode_dirty error
[   72.458773][ T4608] loop3: detected capacity change from 0 to 512
[   72.490379][ T4574] EXT4-fs error (device loop1) in ext4_process_orphan:345: Corrupt filesystem
[   72.510481][ T4610] program syz.2.365 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   72.532617][ T4592] macvtap1: left allmulticast mode
[   72.532849][ T4574] EXT4-fs (loop1): 1 truncate cleaned up
[   72.538021][ T4592] bridge0: left allmulticast mode
[   72.571606][ T4574] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   72.614657][ T4608] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   72.628281][ T4575] netlink: 8 bytes leftover after parsing attributes in process `syz.1.354'.
[   72.649186][ T4608] EXT4-fs (loop3): orphan cleanup on readonly fs
[   72.679292][ T4608] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #16: comm syz.3.360: corrupted inode contents
[   72.755865][ T4608] EXT4-fs (loop3): Remounting filesystem read-only
[   72.773381][ T4620] FAULT_INJECTION: forcing a failure.
[   72.773381][ T4620] name failslab, interval 1, probability 0, space 0, times 0
[   72.789226][ T4620] CPU: 0 UID: 0 PID: 4620 Comm: syz.4.369 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   72.789315][ T4620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   72.789378][ T4620] Call Trace:
[   72.789387][ T4620]  <TASK>
[   72.789398][ T4620]  __dump_stack+0x1d/0x30
[   72.789431][ T4620]  dump_stack_lvl+0x95/0xd0
[   72.789487][ T4620]  dump_stack+0x15/0x1b
[   72.789652][ T4620]  should_fail_ex+0x263/0x280
[   72.789693][ T4620]  ? __pfx_addr_handler+0x10/0x10
[   72.789726][ T4620]  should_failslab+0x8c/0xb0
[   72.789757][ T4620]  __kmalloc_cache_noprof+0x64/0x4a0
[   72.789893][ T4620]  ? rdma_resolve_ip+0x4d/0x4b0
[   72.789925][ T4620]  ? __pfx_addr_handler+0x10/0x10
[   72.789958][ T4620]  rdma_resolve_ip+0x4d/0x4b0
[   72.790064][ T4620]  rdma_resolve_addr+0x544/0x1350
[   72.790097][ T4620]  ? terminate_walk+0x1e6/0x210
[   72.790122][ T4620]  ? path_openat+0x1d94/0x23c0
[   72.790205][ T4620]  ucma_resolve_ip+0x283/0x370
[   72.790249][ T4620]  ? __pfx_ucma_resolve_ip+0x10/0x10
[   72.790287][ T4620]  ucma_write+0x1c9/0x260
[   72.790368][ T4620]  vfs_writev+0x42b/0x900
[   72.790402][ T4620]  ? __pfx_ucma_write+0x10/0x10
[   72.790468][ T4620]  do_writev+0xe9/0x210
[   72.790496][ T4620]  __x64_sys_writev+0x45/0x50
[   72.790522][ T4620]  x64_sys_call+0x1ba5/0x3000
[   72.791027][ T4620]  do_syscall_64+0xc0/0x2a0
[   72.791069][ T4620]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   72.791095][ T4620] RIP: 0033:0x7fe63dcbacb9
[   72.791116][ T4620] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   72.791171][ T4620] RSP: 002b:00007fe63c717028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[   72.791195][ T4620] RAX: ffffffffffffffda RBX: 00007fe63df35fa0 RCX: 00007fe63dcbacb9
[   72.791210][ T4620] RDX: 0000000000000002 RSI: 0000200000000040 RDI: 000000000000000e
[   72.791222][ T4620] RBP: 00007fe63c717090 R08: 0000000000000000 R09: 0000000000000000
[   72.791240][ T4620] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   72.791253][ T4620] R13: 00007fe63df36038 R14: 00007fe63df35fa0 R15: 00007fff6f64aa28
[   72.791280][ T4620]  </TASK>
[   72.792063][ T3314] EXT4-fs error (device loop1): ext4_ext_check_inode:523: inode #11: comm syz-executor: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[   72.883403][ T4608] EXT4-fs (loop3): 1 truncate cleaned up
[   72.894691][ T3314] EXT4-fs error (device loop1): ext4_ext_check_inode:523: inode #11: comm syz-executor: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[   73.101944][   T42] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   73.116178][   T42] __quota_error: 14 callbacks suppressed
[   73.116200][   T42] Quota error (device loop3): write_blk: dquota write failed
[   73.133149][   T42] Quota error (device loop3): remove_free_dqentry: Can't write block (5) with free entries
[   73.143982][   T42] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   73.156585][   T42] Quota error (device loop3): write_blk: dquota write failed
[   73.165193][   T42] Quota error (device loop3): free_dqentry: Can't move quota data block (5) to free list
[   73.180313][   T42] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[   73.192758][   T42] Quota error (device loop3): v2_write_file_info: Can't write info structure
[   73.204006][   T42] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14
[   73.215471][ T4608] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   73.410846][ T3311] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.541692][ T4634] loop2: detected capacity change from 0 to 512
[   73.554048][ T4634] EXT4-fs (loop2): 1 truncate cleaned up
[   73.622037][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.643208][ T4634] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   73.674502][   T57] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   74.705976][ T4651] loop4: detected capacity change from 0 to 512
[   74.746345][ T4651] EXT4-fs: Ignoring removed bh option
[   74.781483][   T57] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   74.892725][ T3313] EXT4-fs error (device loop2): htree_dirblock_to_tree:1080: inode #2: block 13: comm syz-executor: bad entry in directory: directory entry overrun - offset=76, inode=0, rec_len=1024, size=1024 fake=0
[   74.926618][   T29] audit: type=1400 audit(1769394427.603:937): avc:  denied  { map } for  pid=4654 comm="syz.0.381" path="socket:[10367]" dev="sockfs" ino=10367 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   74.953118][   T29] audit: type=1400 audit(1769394427.603:938): avc:  denied  { read } for  pid=4654 comm="syz.0.381" path="socket:[10367]" dev="sockfs" ino=10367 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   74.986750][ T3313] EXT4-fs error (device loop2): ext4_lookup:1785: inode #14: comm syz-executor: invalid fast symlink length 39
[   75.007185][   T29] audit: type=1400 audit(1769394427.653:939): avc:  denied  { unlink } for  pid=3313 comm="syz-executor" name="lost+found" dev="loop2" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=blk_file permissive=1
[   75.015044][ T4651] ext4 filesystem being mounted at /81/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   75.094190][ T3313] EXT4-fs error (device loop2): ext4_lookup:1785: inode #14: comm syz-executor: invalid fast symlink length 39
[   75.119005][   T57] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   75.199907][   T57] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   75.268209][ T4670] loop3: detected capacity change from 0 to 128
[   75.293419][ T4670] vfat: Unknown parameter '01777777777777777777777'
[   75.388985][ T4672] loop4: detected capacity change from 0 to 8192
[   75.413001][   T57] bridge_slave_1: left allmulticast mode
[   75.420939][   T57] bridge_slave_1: left promiscuous mode
[   75.429742][   T57] bridge0: port 2(bridge_slave_1) entered disabled state
[   75.447441][   T29] audit: type=1400 audit(1769394428.123:940): avc:  denied  { write } for  pid=4671 comm="syz.4.386" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   75.484439][ T4681] netlink: 8 bytes leftover after parsing attributes in process `syz.0.387'.
[   75.503459][   T57] bridge_slave_0: left allmulticast mode
[   75.511285][   T57] bridge_slave_0: left promiscuous mode
[   75.518221][   T57] bridge0: port 1(bridge_slave_0) entered disabled state
[   75.607945][ T4686] FAULT_INJECTION: forcing a failure.
[   75.607945][ T4686] name failslab, interval 1, probability 0, space 0, times 0
[   75.623638][ T4686] CPU: 0 UID: 0 PID: 4686 Comm: syz.4.392 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   75.623669][ T4686] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   75.623682][ T4686] Call Trace:
[   75.623690][ T4686]  <TASK>
[   75.623700][ T4686]  __dump_stack+0x1d/0x30
[   75.623727][ T4686]  dump_stack_lvl+0x95/0xd0
[   75.623834][ T4686]  dump_stack+0x15/0x1b
[   75.623858][ T4686]  should_fail_ex+0x263/0x280
[   75.623900][ T4686]  should_failslab+0x8c/0xb0
[   75.623932][ T4686]  __kmalloc_noprof+0xb8/0x580
[   75.624010][ T4686]  ? nla_strdup+0x78/0xc0
[   75.624036][ T4686]  nla_strdup+0x78/0xc0
[   75.624059][ T4686]  nf_tables_newflowtable+0x649/0x13c0
[   75.624157][ T4686]  nfnetlink_rcv+0xc1e/0x1720
[   75.624218][ T4686]  netlink_unicast+0x5c0/0x690
[   75.624253][ T4686]  netlink_sendmsg+0x5c8/0x6f0
[   75.624336][ T4686]  ? __pfx_netlink_sendmsg+0x10/0x10
[   75.624401][ T4686]  ____sys_sendmsg+0x5af/0x600
[   75.624426][ T4686]  ___sys_sendmsg+0x195/0x1e0
[   75.624467][ T4686]  __x64_sys_sendmsg+0xd4/0x160
[   75.624496][ T4686]  x64_sys_call+0x17ba/0x3000
[   75.624596][ T4686]  do_syscall_64+0xc0/0x2a0
[   75.624638][ T4686]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.624667][ T4686] RIP: 0033:0x7fe63dcbacb9
[   75.624688][ T4686] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   75.624780][ T4686] RSP: 002b:00007fe63c717028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   75.624801][ T4686] RAX: ffffffffffffffda RBX: 00007fe63df35fa0 RCX: 00007fe63dcbacb9
[   75.624819][ T4686] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000007
[   75.624855][ T4686] RBP: 00007fe63c717090 R08: 0000000000000000 R09: 0000000000000000
[   75.624871][ T4686] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   75.624884][ T4686] R13: 00007fe63df36038 R14: 00007fe63df35fa0 R15: 00007fff6f64aa28
[   75.624910][ T4686]  </TASK>
[   75.926298][   T57] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   75.939459][   T57] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   75.951855][   T57] bond0 (unregistering): Released all slaves
[   75.962358][   T57] bond1 (unregistering): Released all slaves
[   75.984628][ T4681] dummy0: entered promiscuous mode
[   75.993498][ T4681] dummy0: left promiscuous mode
[   76.085992][   T57] hsr_slave_0: left promiscuous mode
[   76.109855][ T4698] loop4: detected capacity change from 0 to 512
[   76.118935][ T4698] EXT4-fs: Ignoring removed bh option
[   76.125735][   T57] hsr_slave_1: left promiscuous mode
[   76.133090][   T57] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   76.143001][   T57] batman_adv: batadv0: Removing interface: batadv_slave_0
[   76.152270][   T57] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   76.161068][   T57] batman_adv: batadv0: Removing interface: batadv_slave_1
[   76.175764][   T57] veth1_macvtap: left promiscuous mode
[   76.182326][   T57] veth0_macvtap: left promiscuous mode
[   76.188692][   T57] veth1_vlan: left promiscuous mode
[   76.195379][   T57] veth0_vlan: left promiscuous mode
[   76.205814][ T4698] EXT4-fs mount: 3 callbacks suppressed
[   76.205832][ T4698] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   76.243573][ T4698] ext4 filesystem being mounted at /85/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   76.305740][ T4705] program syz.3.397 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   76.349776][   T57] team0 (unregistering): Port device team_slave_1 removed
[   76.369188][   T57] team0 (unregistering): Port device team_slave_0 removed
[   76.394457][ T3323] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.563394][ T4658] chnl_net:caif_netlink_parms(): no params data found
[   76.626382][ T4732] loop3: detected capacity change from 0 to 512
[   76.670109][ T4732] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   76.680426][ T4732] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[   76.709800][ T4741] program syz.0.406 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   76.721652][ T4743] loop4: detected capacity change from 0 to 512
[   76.735466][ T4743] EXT4-fs: Ignoring removed bh option
[   76.747068][ T4732] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4215: comm syz.3.404: Allocating blocks 41-42 which overlap fs metadata
[   76.769464][ T4732] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4215: comm syz.3.404: Allocating blocks 41-42 which overlap fs metadata
[   76.791825][ T4732] EXT4-fs error (device loop3): ext4_acquire_dquot:6986: comm syz.3.404: Failed to acquire dquot type 1
[   76.806214][ T4658] bridge0: port 1(bridge_slave_0) entered blocking state
[   76.809544][ T4743] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   76.816029][ T4658] bridge0: port 1(bridge_slave_0) entered disabled state
[   76.816485][ T4658] bridge_slave_0: entered allmulticast mode
[   76.848948][ T4658] bridge_slave_0: entered promiscuous mode
[   76.857814][ T4658] bridge0: port 2(bridge_slave_1) entered blocking state
[   76.865755][ T4658] bridge0: port 2(bridge_slave_1) entered disabled state
[   76.874133][ T4658] bridge_slave_1: entered allmulticast mode
[   76.884699][ T4658] bridge_slave_1: entered promiscuous mode
[   76.885223][ T4732] EXT4-fs error (device loop3): mb_free_blocks:2037: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[   76.914963][ T4658] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   76.929336][ T4743] ext4 filesystem being mounted at /88/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   76.959365][ T4658] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   76.967885][ T4732] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #12: comm syz.3.404: corrupted inode contents
[   76.986224][ T4732] EXT4-fs error (device loop3): ext4_dirty_inode:6502: inode #12: comm syz.3.404: mark_inode_dirty error
[   77.005652][   T57] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   77.020124][ T4732] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #12: comm syz.3.404: corrupted inode contents
[   77.045095][ T4732] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #12: comm syz.3.404: mark_inode_dirty error
[   77.059870][ T4732] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #12: comm syz.3.404: corrupted inode contents
[   77.075762][ T4732] EXT4-fs error (device loop3) in ext4_orphan_del:303: Corrupt filesystem
[   77.086795][ T4732] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #12: comm syz.3.404: corrupted inode contents
[   77.104552][ T4658] team0: Port device team_slave_0 added
[   77.107002][ T4732] EXT4-fs error (device loop3): ext4_truncate:4635: inode #12: comm syz.3.404: mark_inode_dirty error
[   77.126377][ T4732] EXT4-fs error (device loop3) in ext4_process_orphan:345: Corrupt filesystem
[   77.140833][ T4732] EXT4-fs (loop3): 1 truncate cleaned up
[   77.152603][ T4732] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   77.164643][   T57] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   77.189509][ T3323] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.204344][ T4732] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000.
[   77.206363][ T4658] team0: Port device team_slave_1 added
[   77.247527][   T57] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   77.286794][ T4658] batman_adv: batadv0: Adding interface: batadv_slave_0
[   77.296044][ T4658] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   77.328887][ T4658] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   77.342523][ T4766] netlink: 'syz.4.410': attribute type 4 has an invalid length.
[   77.364380][ T4658] batman_adv: batadv0: Adding interface: batadv_slave_1
[   77.372263][ T4658] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   77.403520][ T4658] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   77.447465][ T3311] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.477357][   T57] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   77.610498][ T4658] hsr_slave_0: entered promiscuous mode
[   77.618620][ T4658] hsr_slave_1: entered promiscuous mode
[   77.627135][ T4658] debugfs: 'hsr0' already exists in 'hsr'
[   77.634803][ T4658] Cannot create hsr debugfs directory
[   77.713331][ T4791] loop3: detected capacity change from 0 to 256
[   77.753862][ T4791] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   77.964555][ T4687] chnl_net:caif_netlink_parms(): no params data found
[   78.280108][ T4811] loop3: detected capacity change from 0 to 512
[   78.289693][ T4811] EXT4-fs: Ignoring removed bh option
[   78.336706][ T4811] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   78.369697][ T4811] ext4 filesystem being mounted at /96/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   78.406375][   T57] bridge_slave_1: left allmulticast mode
[   78.414310][   T57] bridge_slave_1: left promiscuous mode
[   78.421594][   T57] bridge0: port 2(bridge_slave_1) entered disabled state
[   78.432309][   T57] bridge_slave_0: left allmulticast mode
[   78.440218][   T57] bridge_slave_0: left promiscuous mode
[   78.448796][   T57] bridge0: port 1(bridge_slave_0) entered disabled state
[   78.486013][ T3311] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.560245][ T4835] loop3: detected capacity change from 0 to 512
[   78.581840][ T4835] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   78.592583][ T4835] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[   78.644203][ T4835] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4215: comm syz.3.420: Allocating blocks 41-42 which overlap fs metadata
[   78.665738][ T4835] __quota_error: 12 callbacks suppressed
[   78.665783][ T4835] Quota error (device loop3): write_blk: dquota write failed
[   78.681465][ T4835] Quota error (device loop3): find_free_dqentry: Can't write quota data block 5
[   78.693639][ T4835] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4215: comm syz.3.420: Allocating blocks 41-42 which overlap fs metadata
[   78.710153][ T4835] Quota error (device loop3): write_blk: dquota write failed
[   78.719347][ T4835] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[   78.719387][   T57] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   78.735280][ T4835] EXT4-fs error (device loop3): ext4_acquire_dquot:6986: comm syz.3.420: Failed to acquire dquot type 1
[   78.760963][ T4835] EXT4-fs error (device loop3): mb_free_blocks:2037: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[   78.778230][   T57] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   78.788842][ T4835] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #12: comm syz.3.420: corrupted inode contents
[   78.805429][   T57] bond0 (unregistering): Released all slaves
[   78.813195][ T4835] EXT4-fs error (device loop3): ext4_dirty_inode:6502: inode #12: comm syz.3.420: mark_inode_dirty error
[   78.830347][ T4835] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #12: comm syz.3.420: corrupted inode contents
[   78.853665][ T4835] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #12: comm syz.3.420: mark_inode_dirty error
[   78.868186][ T4835] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #12: comm syz.3.420: corrupted inode contents
[   78.883514][ T4687] bridge0: port 1(bridge_slave_0) entered blocking state
[   78.884519][ T4835] EXT4-fs error (device loop3) in ext4_orphan_del:303: Corrupt filesystem
[   78.891919][ T4687] bridge0: port 1(bridge_slave_0) entered disabled state
[   78.906402][ T4845] loop0: detected capacity change from 0 to 1764
[   78.912747][ T4687] bridge_slave_0: entered allmulticast mode
[   78.921789][ T4835] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #12: comm syz.3.420: corrupted inode contents
[   78.929881][ T4687] bridge_slave_0: entered promiscuous mode
[   78.943358][ T4835] EXT4-fs error (device loop3): ext4_truncate:4635: inode #12: comm syz.3.420: mark_inode_dirty error
[   78.952850][ T4687] bridge0: port 2(bridge_slave_1) entered blocking state
[   78.969833][ T4687] bridge0: port 2(bridge_slave_1) entered disabled state
[   78.989567][   T29] audit: type=1400 audit(1769394431.663:949): avc:  denied  { mount } for  pid=4844 comm="syz.0.423" name="/" dev="loop0" ino=1792 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1
[   79.033204][ T4835] EXT4-fs error (device loop3) in ext4_process_orphan:345: Corrupt filesystem
[   79.045997][   T29] audit: type=1400 audit(1769394431.723:950): avc:  denied  { unmount } for  pid=3312 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1
[   79.053837][ T4687] bridge_slave_1: entered allmulticast mode
[   79.079880][ T4687] bridge_slave_1: entered promiscuous mode
[   79.107982][   T29] audit: type=1400 audit(1769394431.783:951): avc:  denied  { create } for  pid=4848 comm="syz.0.424" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   79.131683][ T4835] EXT4-fs (loop3): 1 truncate cleaned up
[   79.139901][   T57] hsr_slave_0: left promiscuous mode
[   79.140735][ T4835] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   79.162577][   T57] hsr_slave_1: left promiscuous mode
[   79.169094][   T29] audit: type=1400 audit(1769394431.823:952): avc:  denied  { setopt } for  pid=4847 comm="syz.4.425" lport=8 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   79.170233][   T57] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   79.194127][   T29] audit: type=1400 audit(1769394431.823:953): avc:  denied  { ioctl } for  pid=4848 comm="syz.0.424" path="socket:[10876]" dev="sockfs" ino=10876 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   79.202976][   T57] batman_adv: batadv0: Removing interface: batadv_slave_0
[   79.256430][ T4835] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000.
[   79.267025][   T57] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   79.276220][   T57] batman_adv: batadv0: Removing interface: batadv_slave_1
[   79.288597][   T57] veth1_macvtap: left promiscuous mode
[   79.297117][   T57] veth0_macvtap: left promiscuous mode
[   79.307407][   T57] veth1_vlan: left promiscuous mode
[   79.313989][   T57] veth0_vlan: left promiscuous mode
[   79.346913][ T3311] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.406301][ T4859] EXT4-fs: Ignoring removed bh option
[   79.431586][ T4859] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   79.446922][ T4859] ext4 filesystem being mounted at /99/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   79.476969][   T57] team0 (unregistering): Port device team_slave_1 removed
[   79.490591][   T57] team0 (unregistering): Port device team_slave_0 removed
[   79.517445][ T3311] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.535230][ T4864] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   79.586394][ T4658] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   79.624310][ T4687] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   79.638475][ T4658] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   79.658082][ T4658] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   79.675767][ T4687] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   79.686554][ T4658] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   79.734453][ T4872] netlink: 8 bytes leftover after parsing attributes in process `syz.3.430'.
[   79.755546][ T4872] gretap0: entered promiscuous mode
[   79.761923][ T4872] macsec1: entered promiscuous mode
[   79.767859][ T4872] macsec1: entered allmulticast mode
[   79.773811][ T4872] gretap0: entered allmulticast mode
[   79.801285][ T4687] team0: Port device team_slave_0 added
[   79.829638][ T4687] team0: Port device team_slave_1 added
[   79.885066][ T4687] batman_adv: batadv0: Adding interface: batadv_slave_0
[   79.893280][ T4687] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   79.924466][ T4687] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   79.942470][ T4687] batman_adv: batadv0: Adding interface: batadv_slave_1
[   79.951389][ T4687] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   79.983185][ T4687] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   79.999403][ T4658] 8021q: adding VLAN 0 to HW filter on device bond0
[   80.012445][ T4658] 8021q: adding VLAN 0 to HW filter on device team0
[   80.047101][   T30] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.055354][   T30] bridge0: port 1(bridge_slave_0) entered forwarding state
[   80.072873][ T4879] netlink: 12 bytes leftover after parsing attributes in process `syz.3.431'.
[   80.105094][ T4658] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   80.117036][ T4658] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   80.144376][   T30] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.152668][   T30] bridge0: port 2(bridge_slave_1) entered forwarding state
[   80.199049][ T4687] hsr_slave_0: entered promiscuous mode
[   80.208145][ T4687] hsr_slave_1: entered promiscuous mode
[   80.217040][ T4687] debugfs: 'hsr0' already exists in 'hsr'
[   80.223577][ T4687] Cannot create hsr debugfs directory
[   80.355324][ T4903] dummy0: entered promiscuous mode
[   80.368751][ T4658] 8021q: adding VLAN 0 to HW filter on device batadv0
[   80.454878][ T4908] dummy0: left promiscuous mode
[   80.493352][   T29] audit: type=1400 audit(1769394432.983:954): avc:  denied  { relabelfrom } for  pid=4877 comm="syz.3.431" name="NETLINK" dev="sockfs" ino=11000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   80.562682][ T4914] ip6gretap0: entered promiscuous mode
[   80.568621][ T4914] macsec1: entered promiscuous mode
[   80.576714][ T4914] ip6gretap0: left promiscuous mode
[   80.620608][ T4924] FAULT_INJECTION: forcing a failure.
[   80.620608][ T4924] name failslab, interval 1, probability 0, space 0, times 0
[   80.636436][ T4924] CPU: 1 UID: 0 PID: 4924 Comm: syz.3.437 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   80.636477][ T4924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   80.636496][ T4924] Call Trace:
[   80.636506][ T4924]  <TASK>
[   80.636518][ T4924]  __dump_stack+0x1d/0x30
[   80.636620][ T4924]  dump_stack_lvl+0x95/0xd0
[   80.636650][ T4924]  dump_stack+0x15/0x1b
[   80.636685][ T4924]  should_fail_ex+0x263/0x280
[   80.636777][ T4924]  should_failslab+0x8c/0xb0
[   80.636809][ T4924]  kmem_cache_alloc_noprof+0x68/0x490
[   80.636849][ T4924]  ? skb_clone+0x151/0x1f0
[   80.636933][ T4924]  skb_clone+0x151/0x1f0
[   80.636959][ T4924]  __netlink_deliver_tap+0x2c9/0x500
[   80.637007][ T4924]  ? netlink_attachskb+0x2e2/0x660
[   80.637126][ T4924]  netlink_sendskb+0x126/0x150
[   80.637162][ T4924]  netlink_unicast+0x2a2/0x690
[   80.637202][ T4924]  netlink_ack+0x4c8/0x500
[   80.637252][ T4924]  nfnetlink_rcv+0x154d/0x1720
[   80.637306][ T4924]  netlink_unicast+0x5c0/0x690
[   80.637405][ T4924]  netlink_sendmsg+0x5c8/0x6f0
[   80.637428][ T4924]  ? __pfx_netlink_sendmsg+0x10/0x10
[   80.637485][ T4924]  ____sys_sendmsg+0x5af/0x600
[   80.637514][ T4924]  ___sys_sendmsg+0x195/0x1e0
[   80.637553][ T4924]  __x64_sys_sendmsg+0xd4/0x160
[   80.637582][ T4924]  x64_sys_call+0x17ba/0x3000
[   80.637650][ T4924]  do_syscall_64+0xc0/0x2a0
[   80.637681][ T4924]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.637711][ T4924] RIP: 0033:0x7fad48e2acb9
[   80.637732][ T4924] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   80.637832][ T4924] RSP: 002b:00007fad47887028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   80.637857][ T4924] RAX: ffffffffffffffda RBX: 00007fad490a5fa0 RCX: 00007fad48e2acb9
[   80.637871][ T4924] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[   80.637883][ T4924] RBP: 00007fad47887090 R08: 0000000000000000 R09: 0000000000000000
[   80.637898][ T4924] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   80.637914][ T4924] R13: 00007fad490a6038 R14: 00007fad490a5fa0 R15: 00007ffd26953278
[   80.637972][ T4924]  </TASK>
[   80.775387][ T4687] netdevsim netdevsim6 netdevsim0: renamed from eth0
[   80.921760][ T4687] netdevsim netdevsim6 netdevsim1: renamed from eth1
[   81.002093][ T4687] netdevsim netdevsim6 netdevsim2: renamed from eth2
[   81.027822][ T4687] netdevsim netdevsim6 netdevsim3: renamed from eth3
[   81.222183][ T4658] veth0_vlan: entered promiscuous mode
[   81.259674][ T4658] veth1_vlan: entered promiscuous mode
[   81.306864][ T4687] 8021q: adding VLAN 0 to HW filter on device bond0
[   81.364294][ T4687] 8021q: adding VLAN 0 to HW filter on device team0
[   81.425052][   T30] bridge0: port 1(bridge_slave_0) entered blocking state
[   81.432713][   T30] bridge0: port 1(bridge_slave_0) entered forwarding state
[   81.473210][   T30] bridge0: port 2(bridge_slave_1) entered blocking state
[   81.482449][   T30] bridge0: port 2(bridge_slave_1) entered forwarding state
[   81.524424][ T4658] veth0_macvtap: entered promiscuous mode
[   81.560158][ T4984] random: crng reseeded on system resumption
[   81.589157][ T4658] veth1_macvtap: entered promiscuous mode
[   81.615100][ T4658] batman_adv: batadv0: Interface activated: batadv_slave_0
[   81.665966][ T4658] batman_adv: batadv0: Interface activated: batadv_slave_1
[   81.690647][ T4986] set_capacity_and_notify: 2 callbacks suppressed
[   81.690668][ T4986] loop0: detected capacity change from 0 to 256
[   81.727419][   T57] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   81.752181][ T4687] 8021q: adding VLAN 0 to HW filter on device batadv0
[   81.765604][ T4986] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   81.803060][   T57] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   81.828835][   T57] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   81.859012][   T57] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   81.873705][ T5008] FAULT_INJECTION: forcing a failure.
[   81.873705][ T5008] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   81.888914][ T5008] CPU: 1 UID: 0 PID: 5008 Comm: syz.4.450 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   81.888987][ T5008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   81.889002][ T5008] Call Trace:
[   81.889010][ T5008]  <TASK>
[   81.889019][ T5008]  __dump_stack+0x1d/0x30
[   81.889047][ T5008]  dump_stack_lvl+0x95/0xd0
[   81.889070][ T5008]  dump_stack+0x15/0x1b
[   81.889096][ T5008]  should_fail_ex+0x263/0x280
[   81.889278][ T5008]  should_fail+0xb/0x20
[   81.889308][ T5008]  should_fail_usercopy+0x1a/0x20
[   81.889417][ T5008]  _copy_to_user+0x20/0xa0
[   81.889444][ T5008]  simple_read_from_buffer+0xb5/0x130
[   81.889557][ T5008]  proc_fail_nth_read+0x10e/0x150
[   81.889592][ T5008]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   81.889644][ T5008]  vfs_read+0x1ab/0x7f0
[   81.889669][ T5008]  ? mntput+0x71/0xb0
[   81.889831][ T5008]  ? __rcu_read_unlock+0x4e/0x70
[   81.889914][ T5008]  ? __fget_files+0x184/0x1c0
[   81.889937][ T5008]  ? mutex_lock+0x57/0x90
[   81.889968][ T5008]  ksys_read+0xdc/0x1a0
[   81.889995][ T5008]  __x64_sys_read+0x40/0x50
[   81.890022][ T5008]  x64_sys_call+0x2889/0x3000
[   81.890091][ T5008]  do_syscall_64+0xc0/0x2a0
[   81.890123][ T5008]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   81.890174][ T5008] RIP: 0033:0x7fe63dc7b58e
[   81.890197][ T5008] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[   81.890222][ T5008] RSP: 002b:00007fe63c6f5fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   81.890250][ T5008] RAX: ffffffffffffffda RBX: 00007fe63c6f66c0 RCX: 00007fe63dc7b58e
[   81.890269][ T5008] RDX: 000000000000000f RSI: 00007fe63c6f60a0 RDI: 0000000000000004
[   81.890283][ T5008] RBP: 00007fe63c6f6090 R08: 0000000000000000 R09: 0000000000000000
[   81.890298][ T5008] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   81.890384][ T5008] R13: 00007fe63df36128 R14: 00007fe63df36090 R15: 00007fff6f64aa28
[   81.890410][ T5008]  </TASK>
[   82.181563][ T5017] program syz.4.452 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   82.211628][ T5021] program syz.4.453 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   82.287385][ T5011] netlink: 36 bytes leftover after parsing attributes in process `syz.3.451'.
[   82.311671][ T5026] loop0: detected capacity change from 0 to 512
[   82.359135][ T5026] EXT4-fs error (device loop0): ext4_orphan_get:1391: inode #15: comm syz.0.454: inode has both inline data and extents flags
[   82.385036][ T5026] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.454: couldn't read orphan inode 15 (err -117)
[   82.401434][ T5026] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   82.435388][ T5036] netlink: 'syz.4.455': attribute type 1 has an invalid length.
[   82.439910][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.445084][ T5036] netlink: 'syz.4.455': attribute type 4 has an invalid length.
[   82.466904][ T5036] netlink: 9462 bytes leftover after parsing attributes in process `syz.4.455'.
[   82.498970][ T5039] netlink: 4 bytes leftover after parsing attributes in process `syz.0.456'.
[   82.553415][ T5045] netlink: 4 bytes leftover after parsing attributes in process `syz.0.456'.
[   82.584182][ T5011] netlink: 16 bytes leftover after parsing attributes in process `syz.3.451'.
[   82.598813][ T4687] veth0_vlan: entered promiscuous mode
[   82.613337][ T4687] veth1_vlan: entered promiscuous mode
[   82.650484][ T4687] veth0_macvtap: entered promiscuous mode
[   82.664051][ T5039] xt_recent: Unsupported userspace flags (000000b1)
[   82.678404][ T4687] veth1_macvtap: entered promiscuous mode
[   82.697877][ T4687] batman_adv: batadv0: Interface activated: batadv_slave_0
[   82.712117][ T4687] batman_adv: batadv0: Interface activated: batadv_slave_1
[   82.726721][ T4660] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   82.765266][ T4660] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   82.784221][   T12] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   82.818074][   T12] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   82.857229][ T5072] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   82.865857][ T5072] IPv6: NLM_F_CREATE should be set when creating new route
[   82.875820][ T5072] IPv6: NLM_F_CREATE should be set when creating new route
[   82.883891][ T5072] IPv6: NLM_F_CREATE should be set when creating new route
[   82.899702][ T5071] delete_channel: no stack
[   82.994356][ T5082] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   83.114198][ T5100] netlink: 8 bytes leftover after parsing attributes in process `syz.4.464'.
[   83.183095][ T5099] loop5: detected capacity change from 0 to 1024
[   83.191232][ T5099] EXT4-fs: Ignoring removed oldalloc option
[   83.204421][ T5082] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   83.245102][ T5099] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   83.307458][ T5097] netlink: 12 bytes leftover after parsing attributes in process `syz.5.467'.
[   83.366682][ T5082] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   83.486723][ T5082] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   83.672841][   T57] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   83.705968][   T57] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   83.741960][   T57] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   83.815477][   T12] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   83.878600][   T29] kauditd_printk_skb: 54 callbacks suppressed
[   83.878614][   T29] audit: type=1326 audit(1769394436.553:1009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5093 comm="syz.5.467" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea6e1bacb9 code=0x7ffc0000
[   83.915269][   T29] audit: type=1326 audit(1769394436.553:1010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5093 comm="syz.5.467" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea6e1bacb9 code=0x7ffc0000
[   83.988679][ T4658] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.025914][   T29] audit: type=1400 audit(1769394436.663:1011): avc:  denied  { unmount } for  pid=4658 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   84.052331][   T29] audit: type=1400 audit(1769394436.683:1012): avc:  denied  { listen } for  pid=5122 comm="syz.0.470" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[   84.137025][   T29] audit: type=1400 audit(1769394436.803:1013): avc:  denied  { append } for  pid=5132 comm="syz.5.472" name="autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[   84.177326][ T5138] loop6: detected capacity change from 0 to 512
[   84.193938][ T5138] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   84.194042][ T5138] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[   84.201391][ T5090] syz.3.466 (5090) used greatest stack depth: 7232 bytes left
[   84.221574][ T5138] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4215: comm syz.6.474: Allocating blocks 41-42 which overlap fs metadata
[   84.221921][ T5138] Quota error (device loop6): write_blk: dquota write failed
[   84.221941][ T5138] Quota error (device loop6): find_free_dqentry: Can't write quota data block 5
[   84.222026][ T5138] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4215: comm syz.6.474: Allocating blocks 41-42 which overlap fs metadata
[   84.222272][ T5138] Quota error (device loop6): write_blk: dquota write failed
[   84.222299][ T5138] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[   84.222392][ T5138] EXT4-fs error (device loop6): ext4_acquire_dquot:6986: comm syz.6.474: Failed to acquire dquot type 1
[   84.222599][ T5138] EXT4-fs error (device loop6): mb_free_blocks:2037: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[   84.222803][ T5138] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #12: comm syz.6.474: corrupted inode contents
[   84.231499][ T5138] EXT4-fs error (device loop6): ext4_dirty_inode:6502: inode #12: comm syz.6.474: mark_inode_dirty error
[   84.234665][   T29] audit: type=1400 audit(1769394436.913:1014): avc:  denied  { listen } for  pid=5132 comm="syz.5.472" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   84.239330][ T5138] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #12: comm syz.6.474: corrupted inode contents
[   84.242129][ T5138] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #12: comm syz.6.474: mark_inode_dirty error
[   84.243938][ T5138] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #12: comm syz.6.474: corrupted inode contents
[   84.247160][ T5138] EXT4-fs error (device loop6) in ext4_orphan_del:303: Corrupt filesystem
[   84.249812][ T5138] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #12: comm syz.6.474: corrupted inode contents
[   84.250042][ T5138] EXT4-fs error (device loop6): ext4_truncate:4635: inode #12: comm syz.6.474: mark_inode_dirty error
[   84.254729][ T5138] EXT4-fs error (device loop6) in ext4_process_orphan:345: Corrupt filesystem
[   84.310961][ T5150] netlink: 12 bytes leftover after parsing attributes in process `syz.3.476'.
[   84.384573][ T5138] EXT4-fs (loop6): 1 truncate cleaned up
[   84.564721][ T5138] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   84.595243][ T5138] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000.
[   84.650385][ T5159] loop3: detected capacity change from 0 to 512
[   84.685079][ T4687] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.704500][ T5159] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   84.751316][ T5159] ext4 filesystem being mounted at /syzcgroup/cpu/syz3/cgroup.procs supports timestamps until 2038-01-19 (0x7fffffff)
[   84.787441][ T5159] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.896990][ T5173] __nla_validate_parse: 1 callbacks suppressed
[   84.897012][ T5173] netlink: 44 bytes leftover after parsing attributes in process `syz.6.482'.
[   84.914713][ T5173] netlink: 35 bytes leftover after parsing attributes in process `syz.6.482'.
[   84.926986][ T5173] netlink: 'syz.6.482': attribute type 5 has an invalid length.
[   84.936174][ T5173] netlink: 'syz.6.482': attribute type 6 has an invalid length.
[   84.945094][ T5173] netlink: 35 bytes leftover after parsing attributes in process `syz.6.482'.
[   84.979352][ T5180] bridge2: entered promiscuous mode
[   84.986546][ T5180] bridge2: entered allmulticast mode
[   85.348938][ T5184] loop0: detected capacity change from 0 to 512
[   85.421480][ T5184] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   85.631391][ T5184] ext4 filesystem being mounted at /101/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   85.656983][ T5184] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #2: comm syz.0.485: corrupted inode contents
[   85.675891][ T5195] netlink: 'syz.6.488': attribute type 1 has an invalid length.
[   85.721197][ T5184] EXT4-fs error (device loop0): ext4_dirty_inode:6502: inode #2: comm syz.0.485: mark_inode_dirty error
[   85.767708][ T5184] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #2: comm syz.0.485: corrupted inode contents
[   85.843965][ T5184] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #2: comm syz.0.485: corrupted inode contents
[   85.860281][ T5207] netlink: 56 bytes leftover after parsing attributes in process `syz.3.492'.
[   85.873614][ T5184] EXT4-fs error (device loop0): ext4_dirty_inode:6502: inode #2: comm syz.0.485: mark_inode_dirty error
[   85.900822][ T5184] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #2: comm syz.0.485: corrupted inode contents
[   85.935139][ T5184] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #2: comm syz.0.485: mark_inode_dirty error
[   85.948642][ T5184] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #2: comm syz.0.485: corrupted inode contents
[   85.962922][ T5184] EXT4-fs error (device loop0): ext4_dirty_inode:6502: inode #2: comm syz.0.485: mark_inode_dirty error
[   86.013244][ T5214] netlink: 16 bytes leftover after parsing attributes in process `syz.4.495'.
[   86.043780][ T5215] loop3: detected capacity change from 0 to 2048
[   86.055115][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.061296][ T5217] loop6: detected capacity change from 0 to 512
[   86.116525][ T5215] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[   86.135427][ T5226] program syz.0.497 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   86.153432][ T5228] netlink: 16 bytes leftover after parsing attributes in process `syz.4.498'.
[   86.234395][ T5234] netlink: 8 bytes leftover after parsing attributes in process `syz.6.500'.
[   86.244644][ T5234] netlink: 12 bytes leftover after parsing attributes in process `syz.6.500'.
[   86.258743][ T5225] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   86.291648][ T5236] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   86.336271][ T5236] EXT4-fs (loop3): Delayed block allocation failed for inode 19 at logical offset 0 with max blocks 1 with error 28
[   86.347532][ T5239] loop5: detected capacity change from 0 to 512
[   86.351828][ T5236] EXT4-fs (loop3): This should not happen!! Data will be lost
[   86.351828][ T5236] 
[   86.372193][ T5236] EXT4-fs (loop3): Total free blocks count 0
[   86.379806][ T5236] EXT4-fs (loop3): Free/Dirty block details
[   86.386858][ T5236] EXT4-fs (loop3): free_blocks=2415919104
[   86.396101][ T5236] EXT4-fs (loop3): dirty_blocks=1776
[   86.403020][ T5236] EXT4-fs (loop3): Block reservation details
[   86.410257][ T5236] EXT4-fs (loop3): i_reserved_data_blocks=1
[   86.461279][ T5239] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   86.505454][ T5239] ext4 filesystem being mounted at /6/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   86.531385][ T5247] netlink: 56 bytes leftover after parsing attributes in process `syz.4.504'.
[   86.829360][ T5256] loop0: detected capacity change from 0 to 512
[   86.895269][ T5256] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   86.906882][ T5256] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[   87.036612][ T4658] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.056089][ T5260] netlink: 16 bytes leftover after parsing attributes in process `syz.4.508'.
[   87.088726][ T5215] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[   87.124043][ T5256] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4215: comm syz.0.506: Allocating blocks 41-42 which overlap fs metadata
[   87.200054][ T5264] loop4: detected capacity change from 0 to 512
[   87.233562][ T5266] program syz.5.509 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   87.243481][ T5256] EXT4-fs error (device loop0): ext4_acquire_dquot:6986: comm syz.0.506: Failed to acquire dquot type 1
[   87.276037][ T5264] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   87.300802][ T5256] EXT4-fs error (device loop0): mb_free_blocks:2037: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[   87.305305][ T5264] ext4 filesystem being mounted at /123/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   87.337841][ T5271] loop5: detected capacity change from 0 to 512
[   87.364796][ T5256] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #12: comm syz.0.506: corrupted inode contents
[   87.416148][ T5276] EXT4-fs error (device loop4): ext4_xattr_block_get:597: inode #12: comm syz.4.510: corrupted xattr block 6: invalid header
[   87.433044][ T5256] EXT4-fs error (device loop0): ext4_dirty_inode:6502: inode #12: comm syz.0.506: mark_inode_dirty error
[   87.474431][ T5256] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #12: comm syz.0.506: corrupted inode contents
[   87.490787][ T5276] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=12
[   87.502044][ T5256] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #12: comm syz.0.506: mark_inode_dirty error
[   87.535950][ T5264] EXT4-fs error (device loop4): ext4_xattr_block_get:597: inode #12: comm syz.4.510: corrupted xattr block 6: invalid header
[   87.555145][ T5256] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #12: comm syz.0.506: corrupted inode contents
[   87.578091][ T5256] EXT4-fs error (device loop0) in ext4_orphan_del:303: Corrupt filesystem
[   87.588690][ T5256] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #12: comm syz.0.506: corrupted inode contents
[   87.613297][ T5264] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=12
[   87.642998][ T5264] EXT4-fs error (device loop4): ext4_xattr_block_get:597: inode #12: comm syz.4.510: corrupted xattr block 6: invalid header
[   87.674785][ T5264] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=12
[   87.697289][ T5264] EXT4-fs error (device loop4): ext4_xattr_block_get:597: inode #12: comm syz.4.510: corrupted xattr block 6: invalid header
[   87.713842][ T5256] EXT4-fs error (device loop0): ext4_truncate:4635: inode #12: comm syz.0.506: mark_inode_dirty error
[   87.728133][ T5256] EXT4-fs error (device loop0) in ext4_process_orphan:345: Corrupt filesystem
[   87.740547][ T5264] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=12
[   87.751442][ T5264] EXT4-fs error (device loop4): ext4_xattr_block_get:597: inode #12: comm syz.4.510: corrupted xattr block 6: invalid header
[   87.774155][ T5256] EXT4-fs (loop0): 1 truncate cleaned up
[   87.781011][ T5294] FAULT_INJECTION: forcing a failure.
[   87.781011][ T5294] name failslab, interval 1, probability 0, space 0, times 0
[   87.797083][ T5294] CPU: 0 UID: 0 PID: 5294 Comm: syz.5.517 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   87.797119][ T5294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   87.797137][ T5294] Call Trace:
[   87.797146][ T5294]  <TASK>
[   87.797156][ T5294]  __dump_stack+0x1d/0x30
[   87.797189][ T5294]  dump_stack_lvl+0x95/0xd0
[   87.797596][ T5294]  dump_stack+0x15/0x1b
[   87.797620][ T5294]  should_fail_ex+0x263/0x280
[   87.797652][ T5294]  should_failslab+0x8c/0xb0
[   87.797738][ T5294]  __kmalloc_cache_noprof+0x64/0x4a0
[   87.797765][ T5294]  ? nft_trans_table_add+0x36/0x190
[   87.797789][ T5294]  nft_trans_table_add+0x36/0x190
[   87.797818][ T5294]  nf_tables_newtable+0x955/0xea0
[   87.797940][ T5294]  nfnetlink_rcv+0xc1e/0x1720
[   87.798006][ T5294]  netlink_unicast+0x5c0/0x690
[   87.798188][ T5294]  netlink_sendmsg+0x5c8/0x6f0
[   87.798269][ T5294]  ? __pfx_netlink_sendmsg+0x10/0x10
[   87.798315][ T5294]  ____sys_sendmsg+0x5af/0x600
[   87.798341][ T5294]  ___sys_sendmsg+0x195/0x1e0
[   87.798407][ T5294]  __x64_sys_sendmsg+0xd4/0x160
[   87.798438][ T5294]  x64_sys_call+0x17ba/0x3000
[   87.798469][ T5294]  do_syscall_64+0xc0/0x2a0
[   87.798508][ T5294]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.798585][ T5294] RIP: 0033:0x7fea6e1bacb9
[   87.798602][ T5294] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   87.798621][ T5294] RSP: 002b:00007fea6cbf6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   87.798686][ T5294] RAX: ffffffffffffffda RBX: 00007fea6e436090 RCX: 00007fea6e1bacb9
[   87.798700][ T5294] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000005
[   87.798734][ T5294] RBP: 00007fea6cbf6090 R08: 0000000000000000 R09: 0000000000000000
[   87.798750][ T5294] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   87.798764][ T5294] R13: 00007fea6e436128 R14: 00007fea6e436090 R15: 00007ffd38af2208
[   87.798791][ T5294]  </TASK>
[   87.799508][ T5256] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   87.884821][ T5264] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop4 ino=12
[   88.067890][ T5264] EXT4-fs error (device loop4): ext4_xattr_block_get:597: inode #12: comm syz.4.510: corrupted xattr block 6: invalid header
[   88.087112][ T5253] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000.
[   88.112222][ T3323] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.176008][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.230772][ T5308] program syz.0.522 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   88.444973][ T5315] netlink: 'syz.0.527': attribute type 11 has an invalid length.
[   88.661275][ T5319] loop5: detected capacity change from 0 to 512
[   88.707829][ T5330] program syz.3.530 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   88.847444][ T5319] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   88.946769][ T5319] ext4 filesystem being mounted at /15/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   89.181528][ T5337] loop3: detected capacity change from 0 to 8192
[   89.253956][ T4658] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.499966][ T5362] loop3: detected capacity change from 0 to 256
[   89.509050][ T5368] program syz.4.541 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   89.521174][ T5362] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   89.652570][   T29] kauditd_printk_skb: 19 callbacks suppressed
[   89.652591][   T29] audit: type=1400 audit(1769394442.323:1031): avc:  denied  { read append } for  pid=5370 comm="syz.4.542" name="nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[   89.692489][   T29] audit: type=1400 audit(1769394442.323:1032): avc:  denied  { open } for  pid=5370 comm="syz.4.542" path="/dev/nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[   89.722028][ T5379] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5379 comm=syz.3.538
[   90.396905][ T5398] FAULT_INJECTION: forcing a failure.
[   90.396905][ T5398] name failslab, interval 1, probability 0, space 0, times 0
[   90.411370][ T5398] CPU: 1 UID: 0 PID: 5398 Comm: syz.6.548 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   90.411406][ T5398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   90.411456][ T5398] Call Trace:
[   90.411484][ T5398]  <TASK>
[   90.411495][ T5398]  __dump_stack+0x1d/0x30
[   90.411527][ T5398]  dump_stack_lvl+0x95/0xd0
[   90.411556][ T5398]  dump_stack+0x15/0x1b
[   90.411787][ T5398]  should_fail_ex+0x263/0x280
[   90.411834][ T5398]  should_failslab+0x8c/0xb0
[   90.411877][ T5398]  __kmalloc_cache_noprof+0x64/0x4a0
[   90.411961][ T5398]  ? xfrm_policy_inexact_alloc_bin+0x3b4/0xc30
[   90.412068][ T5398]  xfrm_policy_inexact_alloc_bin+0x3b4/0xc30
[   90.412174][ T5398]  ? __kmalloc_cache_noprof+0x245/0x4a0
[   90.412354][ T5398]  xfrm_policy_insert+0xdc/0x790
[   90.412394][ T5398]  xfrm_add_policy+0x1aa/0x470
[   90.412447][ T5398]  xfrm_user_rcv_msg+0x576/0x670
[   90.412482][ T5398]  ? __kfree_skb+0x109/0x150
[   90.412524][ T5398]  ? nlmon_xmit+0x4f/0x60
[   90.412589][ T5398]  ? consume_skb+0x49/0x140
[   90.412664][ T5398]  netlink_rcv_skb+0x123/0x220
[   90.412780][ T5398]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[   90.412821][ T5398]  xfrm_netlink_rcv+0x48/0x60
[   90.412855][ T5398]  netlink_unicast+0x5c0/0x690
[   90.412901][ T5398]  netlink_sendmsg+0x5c8/0x6f0
[   90.412954][ T5398]  ? __pfx_netlink_sendmsg+0x10/0x10
[   90.413042][ T5398]  ____sys_sendmsg+0x5af/0x600
[   90.413125][ T5398]  ___sys_sendmsg+0x195/0x1e0
[   90.413158][ T5398]  __x64_sys_sendmsg+0xd4/0x160
[   90.413255][ T5398]  x64_sys_call+0x17ba/0x3000
[   90.413352][ T5398]  do_syscall_64+0xc0/0x2a0
[   90.413395][ T5398]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.413486][ T5398] RIP: 0033:0x7fd63424acb9
[   90.413589][ T5398] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   90.413615][ T5398] RSP: 002b:00007fd632ca7028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   90.413643][ T5398] RAX: ffffffffffffffda RBX: 00007fd6344c5fa0 RCX: 00007fd63424acb9
[   90.413666][ T5398] RDX: 0000000000004000 RSI: 0000200000000240 RDI: 0000000000000003
[   90.413679][ T5398] RBP: 00007fd632ca7090 R08: 0000000000000000 R09: 0000000000000000
[   90.413692][ T5398] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   90.413705][ T5398] R13: 00007fd6344c6038 R14: 00007fd6344c5fa0 R15: 00007ffddafe3178
[   90.413730][ T5398]  </TASK>
[   90.797077][ T5409] program syz.6.552 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   90.836564][ T5414] __nla_validate_parse: 5 callbacks suppressed
[   90.836583][ T5414] netlink: 8 bytes leftover after parsing attributes in process `syz.0.551'.
[   90.959536][ T5427] loop6: detected capacity change from 0 to 512
[   91.014673][ T5427] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   91.052528][ T5427] ext4 filesystem being mounted at /17/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   91.080361][ T5437] 9p: Bad value for 'wfdno'
[   91.093865][   T29] audit: type=1400 audit(1769394443.753:1033): avc:  denied  { mounton } for  pid=5436 comm="syz.0.558" path="/113/file0" dev="tmpfs" ino=600 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   91.253463][ T5423] loop3: detected capacity change from 0 to 256
[   91.261735][ T4687] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   91.281329][ T5423] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   91.897641][ T5468] program syz.4.566 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   91.942276][ T5472] loop0: detected capacity change from 0 to 512
[   92.002412][ T5472] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   92.045840][ T5472] ext4 filesystem being mounted at /114/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   92.063772][ T5472] FAULT_INJECTION: forcing a failure.
[   92.063772][ T5472] name failslab, interval 1, probability 0, space 0, times 0
[   92.079632][ T5472] CPU: 0 UID: 0 PID: 5472 Comm: syz.0.567 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   92.079716][ T5472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   92.079733][ T5472] Call Trace:
[   92.079741][ T5472]  <TASK>
[   92.079752][ T5472]  __dump_stack+0x1d/0x30
[   92.079786][ T5472]  dump_stack_lvl+0x95/0xd0
[   92.079894][ T5472]  dump_stack+0x15/0x1b
[   92.079922][ T5472]  should_fail_ex+0x263/0x280
[   92.079956][ T5472]  should_failslab+0x8c/0xb0
[   92.080059][ T5472]  kmem_cache_alloc_noprof+0x68/0x490
[   92.080092][ T5472]  ? __es_insert_extent+0x508/0xee0
[   92.080210][ T5472]  __es_insert_extent+0x508/0xee0
[   92.080253][ T5472]  ? find_get_block_common+0x6de/0x8e0
[   92.080289][ T5472]  ext4_es_cache_extent+0x28d/0x390
[   92.080341][ T5472]  ext4_find_extent+0x336/0x7a0
[   92.080373][ T5472]  ext4_ext_map_blocks+0x128/0x38a0
[   92.080461][ T5472]  ? __account_obj_stock+0x2d6/0x350
[   92.080491][ T5472]  ? obj_cgroup_charge_account+0x122/0x1a0
[   92.080525][ T5472]  ? __rcu_read_unlock+0x4e/0x70
[   92.080632][ T5472]  ? __memcg_slab_post_alloc_hook+0x44a/0x530
[   92.080702][ T5472]  ? kmem_cache_alloc_lru_noprof+0x2bb/0x490
[   92.080736][ T5472]  ext4_map_query_blocks+0xae/0x550
[   92.080767][ T5472]  ? ext4_es_lookup_extent+0x3ac/0x540
[   92.081208][ T5472]  ext4_map_blocks+0x398/0xd70
[   92.081243][ T5472]  ? css_rstat_updated+0xbb/0x280
[   92.081282][ T5472]  ? obj_cgroup_charge_account+0x122/0x1a0
[   92.081354][ T5472]  _ext4_get_block+0x117/0x370
[   92.081389][ T5472]  ext4_get_block_unwritten+0x2a/0xb0
[   92.081425][ T5472]  ext4_block_write_begin+0x650/0xcf0
[   92.081471][ T5472]  ? __pfx_ext4_get_block_unwritten+0x10/0x10
[   92.081506][ T5472]  ? folio_mapping+0xb9/0xe0
[   92.081534][ T5472]  ext4_write_begin+0x636/0xe90
[   92.081642][ T5472]  ext4_da_write_begin+0x1f0/0x6b0
[   92.081672][ T5472]  ? inode_to_bdi+0x47/0xa0
[   92.081693][ T5472]  ? balance_dirty_pages_ratelimited_flags+0x420/0x800
[   92.081741][ T5472]  generic_perform_write+0x183/0x490
[   92.081793][ T5472]  ext4_buffered_write_iter+0x1ee/0x3c0
[   92.081857][ T5472]  ? ext4_file_write_iter+0x100/0xf70
[   92.082048][ T5472]  ext4_file_write_iter+0x380/0xf70
[   92.082236][ T5472]  ? path_openat+0x1e8e/0x23c0
[   92.082276][ T5472]  ? _parse_integer_limit+0x170/0x190
[   92.082361][ T5472]  ? avc_policy_seqno+0x15/0x30
[   92.082479][ T5472]  do_iter_readv_writev+0x4fd/0x5a0
[   92.082514][ T5472]  vfs_writev+0x2e1/0x900
[   92.082552][ T5472]  __se_sys_pwritev2+0xfc/0x1c0
[   92.082637][ T5472]  __x64_sys_pwritev2+0x67/0x80
[   92.082667][ T5472]  x64_sys_call+0x2c9e/0x3000
[   92.082706][ T5472]  do_syscall_64+0xc0/0x2a0
[   92.082745][ T5472]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.082768][ T5472] RIP: 0033:0x7f118bc1acb9
[   92.082785][ T5472] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   92.082808][ T5472] RSP: 002b:00007f118a677028 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[   92.082845][ T5472] RAX: ffffffffffffffda RBX: 00007f118be95fa0 RCX: 00007f118bc1acb9
[   92.082859][ T5472] RDX: 0000000000000001 RSI: 0000200000000100 RDI: 0000000000000004
[   92.082910][ T5472] RBP: 00007f118a677090 R08: 0000000000000000 R09: 0000000000000000
[   92.082925][ T5472] R10: 0000000000005405 R11: 0000000000000246 R12: 0000000000000001
[   92.082941][ T5472] R13: 00007f118be96038 R14: 00007f118be95fa0 R15: 00007ffdd6d74e18
[   92.082997][ T5472]  </TASK>
[   92.710840][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.788827][ T5495] loop4: detected capacity change from 0 to 1024
[   92.805674][ T5495] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2134 sclass=netlink_route_socket pid=5495 comm=syz.4.577
[   92.911355][ T5501] program syz.6.578 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   92.966422][   T29] audit: type=1400 audit(1769394445.623:1034): avc:  denied  { read } for  pid=5494 comm="syz.4.577" dev="sockfs" ino=13536 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   93.076398][ T5505] loop3: detected capacity change from 0 to 8192
[   93.112723][ T5509] netlink: 4 bytes leftover after parsing attributes in process `syz.0.580'.
[   93.251465][ T3304]  loop3: p2 p4[EZD]
[   93.260271][ T3304] loop3: p4 start 33488900 is beyond EOD, truncated
[   93.281472][ T5505]  loop3: p2 p4[EZD]
[   93.287681][ T5505] loop3: p4 start 33488900 is beyond EOD, truncated
[   93.292655][   T29] audit: type=1400 audit(1769394445.973:1035): avc:  denied  { name_bind } for  pid=5517 comm="syz.0.584" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[   93.646329][ T4677] udevd[4677]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[   93.876997][ T4677] udevd[4677]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[   93.984997][   T29] audit: type=1400 audit(1769394446.653:1036): avc:  denied  { firmware_load } for  pid=5543 comm="syz.3.588" path="/lib/firmware/regulatory.db" dev="sda1" ino=448 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:lib_t tclass=system permissive=1
[   94.216968][   T29] audit: type=1400 audit(1769394446.733:1037): avc:  denied  { create } for  pid=5548 comm="syz.0.589" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[   94.244246][ T5549] loop0: detected capacity change from 0 to 128
[   94.275562][ T5549] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   94.314100][ T5512] syz.4.583 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[   94.327150][ T5512] CPU: 0 UID: 0 PID: 5512 Comm: syz.4.583 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   94.327197][ T5512] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   94.327214][ T5512] Call Trace:
[   94.327224][ T5512]  <TASK>
[   94.327234][ T5512]  __dump_stack+0x1d/0x30
[   94.327267][ T5512]  dump_stack_lvl+0x95/0xd0
[   94.327326][ T5512]  dump_stack+0x15/0x1b
[   94.327353][ T5512]  dump_header+0x80/0x240
[   94.327380][ T5512]  oom_kill_process+0x295/0x350
[   94.327413][ T5512]  out_of_memory+0x97d/0xb80
[   94.327493][ T5512]  try_charge_memcg+0x62e/0xa10
[   94.327522][ T5512]  mem_cgroup_swapin_charge_folio+0x103/0x1f0
[   94.327570][ T5512]  __read_swap_cache_async+0x17b/0x2d0
[   94.327694][ T5512]  swap_cluster_readahead+0x362/0x3c0
[   94.327736][ T5512]  swapin_readahead+0xde/0x840
[   94.327771][ T5512]  ? plist_check_list+0x199/0x1b0
[   94.327874][ T5512]  ? __rcu_read_unlock+0x4e/0x70
[   94.327907][ T5512]  ? swap_cache_get_folio+0x26f/0x280
[   94.327950][ T5512]  do_swap_page+0x59b/0x2a50
[   94.328061][ T5512]  ? __pfx_futex_wake_mark+0x10/0x10
[   94.328107][ T5512]  ? __rcu_read_lock+0x36/0x50
[   94.328145][ T5512]  ? __pfx_default_wake_function+0x10/0x10
[   94.328187][ T5512]  handle_mm_fault+0xb40/0x3030
[   94.328287][ T5512]  ? vma_start_read+0x1c7/0x2c0
[   94.328390][ T5512]  do_user_addr_fault+0x62f/0x1050
[   94.328429][ T5512]  exc_page_fault+0x62/0xa0
[   94.328532][ T5512]  asm_exc_page_fault+0x26/0x30
[   94.328559][ T5512] RIP: 0033:0x7fe63dcbaccb
[   94.328575][ T5512] Code: 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 <64> 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 2e 0f 1f
[   94.328639][ T5512] RSP: 002b:00007fff6f64ab88 EFLAGS: 00010213
[   94.328661][ T5512] RAX: 000000000000006e RBX: 000000000001700c RCX: ffffffffffffffe8
[   94.328680][ T5512] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fe63df3618c
[   94.328698][ T5512] RBP: 0000000000000032 R08: 7fffffffffffffff R09: 0000000000000000
[   94.328796][ T5512] R10: 00007fff6f64ac90 R11: 0000000000000246 R12: 00007fff6f64acb0
[   94.328815][ T5512] R13: 00007fe63df3618c R14: 000000000001703e R15: 00007fff6f64ac90
[   94.328840][ T5512]  </TASK>
[   94.328848][ T5512] memory: usage 304080kB, limit 307200kB, failcnt 2065
[   94.432212][ T5549] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   94.437765][ T5512] memory+swap: usage 255900kB, limit 9007199254740988kB, failcnt 0
[   94.630085][ T5512] kmem: usage 232204kB, limit 9007199254740988kB, failcnt 0
[   94.639895][ T5512] Memory cgroup stats for /syz4:
[   94.640189][ T5512] cache 528384
[   94.650301][ T5512] rss 32768
[   94.653752][ T5512] shmem 4096
[   94.658736][ T5512] mapped_file 69632
[   94.664254][ T5512] dirty 0
[   94.667765][ T5512] writeback 0
[   94.672573][ T5512] workingset_refault_anon 14
[   94.678331][ T5512] workingset_refault_file 191
[   94.683900][ T5512] swap 176128
[   94.687947][ T5512] swapcached 24576
[   94.693222][ T5512] pgpgin 34292
[   94.696769][ T5512] pgpgout 34152
[   94.700460][ T5512] pgfault 52920
[   94.704161][ T5512] pgmajfault 17
[   94.709140][ T5512] inactive_anon 0
[   94.713688][ T5512] active_anon 45056
[   94.718525][ T5512] inactive_file 0
[   94.723291][ T5512] active_file 528384
[   94.728047][ T5512] unevictable 0
[   94.731937][ T5512] hierarchical_memory_limit 314572800
[   94.740700][ T5512] hierarchical_memsw_limit 9223372036854771712
[   94.747609][ T5512] total_cache 528384
[   94.751775][ T5512] total_rss 32768
[   94.755981][ T5512] total_shmem 4096
[   94.761322][ T5512] total_mapped_file 69632
[   94.766269][ T5512] total_dirty 0
[   94.771803][ T5512] total_writeback 0
[   94.777154][ T5512] total_workingset_refault_anon 14
[   94.783533][ T5512] total_workingset_refault_file 191
[   94.789469][ T5512] total_swap 176128
[   94.794297][ T5512] total_swapcached 24576
[   94.800776][ T5512] total_pgpgin 34292
[   94.805788][ T5512] total_pgpgout 34152
[   94.811120][ T5512] total_pgfault 52920
[   94.816173][ T5512] total_pgmajfault 17
[   94.821735][ T5512] total_inactive_anon 0
[   94.827229][ T5512] total_active_anon 45056
[   94.833135][ T5512] total_inactive_file 0
[   94.837680][ T5512] total_active_file 528384
[   94.843651][ T5512] total_unevictable 0
[   94.847768][ T5512] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.583,pid=5512,uid=0
[   94.864084][ T5512] Memory cgroup out of memory: Killed process 5512 (syz.4.583) total-vm:104784kB, anon-rss:1208kB, file-rss:30480kB, shmem-rss:0kB, UID:0 pgtables:160kB oom_score_adj:1000
[   94.943335][   T12] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   94.988926][ T5562] loop0: detected capacity change from 0 to 512
[   95.004408][ T5565] program syz.5.592 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   95.027129][ T5562] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   95.076742][ T5577] ref_tracker: memory allocation failure, unreliable refcount tracker.
[   95.090143][ T5562] ext4 filesystem being mounted at /120/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   95.256403][ T5600] netlink: 'syz.4.600': attribute type 8 has an invalid length.
[   95.274117][ T5602] loop5: detected capacity change from 0 to 128
[   95.311243][ T5601] loop3: detected capacity change from 0 to 256
[   95.321600][ T5601] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   95.342720][ T5602] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   95.361441][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   95.411965][ T5602] ext4 filesystem being mounted at /28/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   95.498031][ T5622] netlink: 8 bytes leftover after parsing attributes in process `syz.4.603'.
[   95.551993][   T29] audit: type=1400 audit(1769394448.223:1038): avc:  denied  { mount } for  pid=5618 comm="syz.0.602" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[   95.621530][   T29] audit: type=1400 audit(1769394448.233:1039): avc:  denied  { unmount } for  pid=5618 comm="syz.0.602" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[   95.714351][ T5640] program syz.0.606 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   95.736100][ T4658] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   95.807915][ T5652] FAULT_INJECTION: forcing a failure.
[   95.807915][ T5652] name failslab, interval 1, probability 0, space 0, times 0
[   95.823426][ T5652] CPU: 1 UID: 0 PID: 5652 Comm: syz.5.607 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   95.823515][ T5652] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   95.823544][ T5652] Call Trace:
[   95.823552][ T5652]  <TASK>
[   95.823560][ T5652]  __dump_stack+0x1d/0x30
[   95.823591][ T5652]  dump_stack_lvl+0x95/0xd0
[   95.823619][ T5652]  dump_stack+0x15/0x1b
[   95.823645][ T5652]  should_fail_ex+0x263/0x280
[   95.823798][ T5652]  should_failslab+0x8c/0xb0
[   95.823842][ T5652]  kmem_cache_alloc_node_noprof+0x6a/0x4a0
[   95.825388][ T5652]  ? __alloc_skb+0x2f0/0x4b0
[   95.825829][ T5652]  __alloc_skb+0x2f0/0x4b0
[   95.826033][ T5652]  ? __alloc_skb+0x219/0x4b0
[   95.826145][ T5652]  xfrm_alloc_compat+0x131/0xdf0
[   95.826181][ T5652]  ? skb_put+0xa9/0xf0
[   95.826221][ T5652]  ? __pfx_xfrm_alloc_compat+0x10/0x10
[   95.826336][ T5652]  xfrm_send_policy_notify+0xf80/0x1040
[   95.826442][ T5652]  ? __pfx_xfrm_send_policy_notify+0x10/0x10
[   95.826474][ T5652]  km_policy_notify+0x62/0xb0
[   95.826502][ T5652]  xfrm_add_policy+0x317/0x470
[   95.826627][ T5652]  xfrm_user_rcv_msg+0x576/0x670
[   95.826727][ T5652]  ? __kfree_skb+0x109/0x150
[   95.826916][ T5652]  ? nlmon_xmit+0x4f/0x60
[   95.827032][ T5652]  ? consume_skb+0x49/0x140
[   95.827084][ T5652]  netlink_rcv_skb+0x123/0x220
[   95.827127][ T5652]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[   95.827260][ T5652]  xfrm_netlink_rcv+0x48/0x60
[   95.827291][ T5652]  netlink_unicast+0x5c0/0x690
[   95.827334][ T5652]  netlink_sendmsg+0x5c8/0x6f0
[   95.827426][ T5652]  ? __pfx_netlink_sendmsg+0x10/0x10
[   95.827452][ T5652]  ____sys_sendmsg+0x5af/0x600
[   95.827480][ T5652]  ___sys_sendmsg+0x195/0x1e0
[   95.827584][ T5652]  __x64_sys_sendmsg+0xd4/0x160
[   95.827614][ T5652]  x64_sys_call+0x17ba/0x3000
[   95.827650][ T5652]  do_syscall_64+0xc0/0x2a0
[   95.827717][ T5652]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.827746][ T5652] RIP: 0033:0x7fea6e1bacb9
[   95.827806][ T5652] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   95.827826][ T5652] RSP: 002b:00007fea6cc17028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   95.827850][ T5652] RAX: ffffffffffffffda RBX: 00007fea6e435fa0 RCX: 00007fea6e1bacb9
[   95.827921][ T5652] RDX: 0000000000004000 RSI: 0000200000000240 RDI: 0000000000000003
[   95.827940][ T5652] RBP: 00007fea6cc17090 R08: 0000000000000000 R09: 0000000000000000
[   95.827957][ T5652] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   95.827972][ T5652] R13: 00007fea6e436038 R14: 00007fea6e435fa0 R15: 00007ffd38af2208
[   95.828064][ T5652]  </TASK>
[   96.217875][ T5636] loop3: detected capacity change from 0 to 8192
[   96.225525][   T29] audit: type=1400 audit(1769394448.863:1040): avc:  denied  { write } for  pid=5646 comm="syz.4.608" path="socket:[13182]" dev="sockfs" ino=13182 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   96.329197][ T5662] loop5: detected capacity change from 0 to 764
[   96.329197][ T5661] loop4: detected capacity change from 0 to 1024
[   96.350896][ T5661] EXT4-fs: Ignoring removed oldalloc option
[   96.357910][ T5661] EXT4-fs: Ignoring removed bh option
[   96.369619][ T5666] netlink: 20 bytes leftover after parsing attributes in process `syz.3.605'.
[   96.389323][ T5662] rock: directory entry would overflow storage
[   96.398971][ T5662] rock: sig=0x4654, size=5, remaining=4
[   96.446272][ T5661] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   96.522630][ T3323] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.632966][   T29] audit: type=1400 audit(1769394449.303:1041): avc:  denied  { read } for  pid=5683 comm="syz.4.613" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   96.678296][ T5688] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   96.741502][ T5701] FAULT_INJECTION: forcing a failure.
[   96.741502][ T5701] name failslab, interval 1, probability 0, space 0, times 0
[   96.757925][ T5701] CPU: 0 UID: 0 PID: 5701 Comm: syz.4.616 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   96.757975][ T5701] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   96.757988][ T5701] Call Trace:
[   96.758036][ T5701]  <TASK>
[   96.758048][ T5701]  __dump_stack+0x1d/0x30
[   96.758108][ T5701]  dump_stack_lvl+0x95/0xd0
[   96.758130][ T5701]  dump_stack+0x15/0x1b
[   96.758151][ T5701]  should_fail_ex+0x263/0x280
[   96.758192][ T5701]  should_failslab+0x8c/0xb0
[   96.758225][ T5701]  kmem_cache_alloc_noprof+0x68/0x490
[   96.758266][ T5701]  ? skb_clone+0x151/0x1f0
[   96.758286][ T5701]  skb_clone+0x151/0x1f0
[   96.758312][ T5701]  __netlink_deliver_tap+0x2c9/0x500
[   96.758393][ T5701]  netlink_unicast+0x66b/0x690
[   96.758429][ T5701]  netlink_sendmsg+0x5c8/0x6f0
[   96.758456][ T5701]  ? __pfx_netlink_sendmsg+0x10/0x10
[   96.758776][ T5701]  ____sys_sendmsg+0x5af/0x600
[   96.758809][ T5701]  ___sys_sendmsg+0x195/0x1e0
[   96.758850][ T5701]  __x64_sys_sendmsg+0xd4/0x160
[   96.758874][ T5701]  x64_sys_call+0x17ba/0x3000
[   96.758990][ T5701]  do_syscall_64+0xc0/0x2a0
[   96.759026][ T5701]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.759051][ T5701] RIP: 0033:0x7fe63dcbacb9
[   96.759072][ T5701] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   96.759168][ T5701] RSP: 002b:00007fe63c717028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   96.759208][ T5701] RAX: ffffffffffffffda RBX: 00007fe63df35fa0 RCX: 00007fe63dcbacb9
[   96.759226][ T5701] RDX: 0000000006054040 RSI: 00002000000001c0 RDI: 0000000000000003
[   96.759317][ T5701] RBP: 00007fe63c717090 R08: 0000000000000000 R09: 0000000000000000
[   96.759335][ T5701] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   96.759352][ T5701] R13: 00007fe63df36038 R14: 00007fe63df35fa0 R15: 00007fff6f64aa28
[   96.759379][ T5701]  </TASK>
[   97.164549][   T29] audit: type=1400 audit(1769394449.843:1042): avc:  denied  { append } for  pid=5719 comm="syz.4.619" name="ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[   97.455185][ T5769] FAULT_INJECTION: forcing a failure.
[   97.455185][ T5769] name failslab, interval 1, probability 0, space 0, times 0
[   97.469952][ T5769] CPU: 0 UID: 0 PID: 5769 Comm: syz.4.624 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   97.470025][ T5769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   97.470038][ T5769] Call Trace:
[   97.470046][ T5769]  <TASK>
[   97.470054][ T5769]  __dump_stack+0x1d/0x30
[   97.470099][ T5769]  dump_stack_lvl+0x95/0xd0
[   97.470126][ T5769]  dump_stack+0x15/0x1b
[   97.470146][ T5769]  should_fail_ex+0x263/0x280
[   97.470185][ T5769]  should_failslab+0x8c/0xb0
[   97.470235][ T5769]  kmem_cache_alloc_node_noprof+0x6a/0x4a0
[   97.470289][ T5769]  ? __alloc_skb+0x2f0/0x4b0
[   97.470499][ T5769]  __alloc_skb+0x2f0/0x4b0
[   97.470578][ T5769]  ? __alloc_skb+0x219/0x4b0
[   97.470689][ T5769]  xfrm_alloc_compat+0x131/0xdf0
[   97.470767][ T5769]  ? skb_put+0xa9/0xf0
[   97.470808][ T5769]  ? __pfx_xfrm_alloc_compat+0x10/0x10
[   97.470847][ T5769]  xfrm_send_policy_notify+0xf80/0x1040
[   97.470895][ T5769]  ? __pfx_xfrm_send_policy_notify+0x10/0x10
[   97.470928][ T5769]  km_policy_notify+0x62/0xb0
[   97.470962][ T5769]  xfrm_add_policy+0x317/0x470
[   97.470997][ T5769]  xfrm_user_rcv_msg+0x576/0x670
[   97.471027][ T5769]  ? __kfree_skb+0x109/0x150
[   97.471059][ T5769]  ? nlmon_xmit+0x4f/0x60
[   97.471099][ T5769]  ? consume_skb+0x49/0x140
[   97.471161][ T5769]  netlink_rcv_skb+0x123/0x220
[   97.471223][ T5769]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[   97.471327][ T5769]  xfrm_netlink_rcv+0x48/0x60
[   97.471371][ T5769]  netlink_unicast+0x5c0/0x690
[   97.471417][ T5769]  netlink_sendmsg+0x5c8/0x6f0
[   97.471531][ T5769]  ? __pfx_netlink_sendmsg+0x10/0x10
[   97.471557][ T5769]  ____sys_sendmsg+0x5af/0x600
[   97.471588][ T5769]  ___sys_sendmsg+0x195/0x1e0
[   97.471636][ T5769]  __x64_sys_sendmsg+0xd4/0x160
[   97.471668][ T5769]  x64_sys_call+0x17ba/0x3000
[   97.471764][ T5769]  do_syscall_64+0xc0/0x2a0
[   97.471888][ T5769]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.471918][ T5769] RIP: 0033:0x7fe63dcbacb9
[   97.471941][ T5769] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   97.471967][ T5769] RSP: 002b:00007fe63c717028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   97.471994][ T5769] RAX: ffffffffffffffda RBX: 00007fe63df35fa0 RCX: 00007fe63dcbacb9
[   97.472013][ T5769] RDX: 0000000000004000 RSI: 0000200000000240 RDI: 0000000000000003
[   97.472069][ T5769] RBP: 00007fe63c717090 R08: 0000000000000000 R09: 0000000000000000
[   97.472082][ T5769] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   97.472095][ T5769] R13: 00007fe63df36038 R14: 00007fe63df35fa0 R15: 00007fff6f64aa28
[   97.472116][ T5769]  </TASK>
[   97.845771][ T5748] set_capacity_and_notify: 1 callbacks suppressed
[   97.845854][ T5748] loop0: detected capacity change from 0 to 8192
[   97.891498][ T5782] futex_wake_op: syz.5.625 tries to shift op by 144; fix this program
[   97.934149][   T29] audit: type=1400 audit(1769394450.593:1043): avc:  denied  { create } for  pid=5781 comm="syz.5.625" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[   97.965731][ T5787] loop3: detected capacity change from 0 to 512
[   97.982747][   T29] audit: type=1400 audit(1769394450.653:1044): avc:  denied  { lock } for  pid=5779 comm="syz.4.626" path="socket:[13929]" dev="sockfs" ino=13929 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1
[   98.066714][ T5795] loop6: detected capacity change from 0 to 512
[   98.119707][ T5780] wireguard0: entered promiscuous mode
[   98.126263][ T5780] wireguard0: entered allmulticast mode
[   98.165123][ T5795] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   98.175850][ T5795] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[   98.209181][ T5787] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   98.246383][ T5805] netlink: 8 bytes leftover after parsing attributes in process `syz.5.629'.
[   98.246680][ T5795] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4215: comm syz.6.628: Allocating blocks 41-42 which overlap fs metadata
[   98.293476][ T5795] Quota error (device loop6): write_blk: dquota write failed
[   98.303187][ T5795] Quota error (device loop6): find_free_dqentry: Can't write quota data block 5
[   98.359063][ T5787] ext4 filesystem being mounted at /134/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   98.382133][   T29] audit: type=1326 audit(1769394451.053:1045): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5809 comm="syz.5.630" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea6e1bacb9 code=0x7ffc0000
[   98.416356][ T5795] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4215: comm syz.6.628: Allocating blocks 41-42 which overlap fs metadata
[   98.446278][ T5787] EXT4-fs error (device loop3): ext4_xattr_block_get:597: inode #15: comm syz.3.627: corrupted xattr block 33: invalid header
[   98.477977][ T5795] EXT4-fs error (device loop6): ext4_acquire_dquot:6986: comm syz.6.628: Failed to acquire dquot type 1
[   98.503472][ T5795] EXT4-fs error (device loop6): mb_free_blocks:2037: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[   98.556240][ T5787] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=15
[   98.576134][ T5824] sg_write: data in/out 156/154 bytes for SCSI command 0x0-- guessing data in;
[   98.576134][ T5824]    program syz.5.632 not setting count and/or reply_len properly
[   98.599550][ T5795] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #12: comm syz.6.628: corrupted inode contents
[   98.635763][ T5823] EXT4-fs error (device loop3): ext4_xattr_block_get:597: inode #15: comm syz.3.627: corrupted xattr block 33: invalid header
[   98.681321][ T5795] EXT4-fs error (device loop6): ext4_dirty_inode:6502: inode #12: comm syz.6.628: mark_inode_dirty error
[   98.707759][ T5787] EXT4-fs error (device loop3): ext4_xattr_block_get:597: inode #12: comm syz.3.627: corrupted xattr block 6: invalid header
[   98.724414][ T5795] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #12: comm syz.6.628: corrupted inode contents
[   98.753508][ T5823] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=15
[   98.775428][ T5795] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #12: comm syz.6.628: mark_inode_dirty error
[   98.807028][ T5823] EXT4-fs error (device loop3): ext4_xattr_block_get:597: inode #15: comm syz.3.627: corrupted xattr block 33: invalid header
[   98.856111][ T5795] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #12: comm syz.6.628: corrupted inode contents
[   98.898694][ T5823] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=15
[   98.913521][ T5787] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=12
[   98.935481][ T5795] EXT4-fs error (device loop6) in ext4_orphan_del:303: Corrupt filesystem
[   98.987030][ T5795] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #12: comm syz.6.628: corrupted inode contents
[   99.014851][ T5855] loop4: detected capacity change from 0 to 512
[   99.034359][ T5795] EXT4-fs error (device loop6): ext4_truncate:4635: inode #12: comm syz.6.628: mark_inode_dirty error
[   99.063041][ T5787] EXT4-fs error (device loop3): ext4_xattr_block_get:597: inode #12: comm syz.3.627: corrupted xattr block 6: invalid header
[   99.082107][ T5855] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   99.097237][ T5795] EXT4-fs error (device loop6) in ext4_process_orphan:345: Corrupt filesystem
[   99.120360][ T5795] EXT4-fs (loop6): 1 truncate cleaned up
[   99.127936][ T5787] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=12
[   99.148839][ T5855] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.639: bg 0: block 4: invalid block bitmap
[   99.179990][ T5795] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   99.204839][ T5855] EXT4-fs (loop4): Remounting filesystem read-only
[   99.242293][ T5787] EXT4-fs error (device loop3): ext4_xattr_block_find:1879: inode #12: comm syz.3.627: corrupted xattr block 6: invalid header
[   99.252550][ T5855] EXT4-fs (loop4): 1 truncate cleaned up
[   99.269639][ T5855] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   99.300951][ T5795] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000.
[   99.438089][ T4687] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.453385][ T3311] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.523530][ T3323] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.699726][ T5893] netlink: 16 bytes leftover after parsing attributes in process `syz.5.645'.
[   99.741792][ T5893] FAULT_INJECTION: forcing a failure.
[   99.741792][ T5893] name failslab, interval 1, probability 0, space 0, times 0
[   99.758850][ T5893] CPU: 0 UID: 0 PID: 5893 Comm: syz.5.645 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   99.758914][ T5893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   99.758963][ T5893] Call Trace:
[   99.758972][ T5893]  <TASK>
[   99.759033][ T5893]  __dump_stack+0x1d/0x30
[   99.759065][ T5893]  dump_stack_lvl+0x95/0xd0
[   99.759094][ T5893]  dump_stack+0x15/0x1b
[   99.759119][ T5893]  should_fail_ex+0x263/0x280
[   99.759201][ T5893]  should_failslab+0x8c/0xb0
[   99.759284][ T5893]  __kvmalloc_node_noprof+0x148/0x680
[   99.759314][ T5893]  ? rhashtable_init_noprof+0x30c/0x450
[   99.759431][ T5893]  rhashtable_init_noprof+0x30c/0x450
[   99.759535][ T5893]  nft_rhash_init+0xa4/0x200
[   99.759581][ T5893]  ? __pfx_nft_rhash_key+0x10/0x10
[   99.759654][ T5893]  ? __pfx_nft_rhash_obj+0x10/0x10
[   99.759688][ T5893]  ? __pfx_nft_rhash_cmp+0x10/0x10
[   99.759797][ T5893]  nf_tables_newset+0x1443/0x16d0
[   99.759859][ T5893]  ? do_trace_netlink_extack+0x17/0xd0
[   99.759910][ T5893]  nfnetlink_rcv+0xc1e/0x1720
[   99.759986][ T5893]  netlink_unicast+0x5c0/0x690
[   99.760074][ T5893]  netlink_sendmsg+0x5c8/0x6f0
[   99.760098][ T5893]  ? __pfx_netlink_sendmsg+0x10/0x10
[   99.760121][ T5893]  ____sys_sendmsg+0x5af/0x600
[   99.760146][ T5893]  ___sys_sendmsg+0x195/0x1e0
[   99.760347][ T5893]  __x64_sys_sendmsg+0xd4/0x160
[   99.760458][ T5893]  x64_sys_call+0x17ba/0x3000
[   99.760485][ T5893]  do_syscall_64+0xc0/0x2a0
[   99.760552][ T5893]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.760582][ T5893] RIP: 0033:0x7fea6e1bacb9
[   99.760643][ T5893] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   99.760686][ T5893] RSP: 002b:00007fea6cc17028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   99.760717][ T5893] RAX: ffffffffffffffda RBX: 00007fea6e435fa0 RCX: 00007fea6e1bacb9
[   99.760736][ T5893] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[   99.760883][ T5893] RBP: 00007fea6cc17090 R08: 0000000000000000 R09: 0000000000000000
[   99.760896][ T5893] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   99.760927][ T5893] R13: 00007fea6e436038 R14: 00007fea6e435fa0 R15: 00007ffd38af2208
[   99.760954][ T5893]  </TASK>
[  100.120647][ T5900] loop6: detected capacity change from 0 to 512
[  100.127976][ T5901] netlink: 12 bytes leftover after parsing attributes in process `syz.3.650'.
[  100.148352][ T5900] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  100.158776][ T5900] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  100.200625][ T5901] netlink: 12 bytes leftover after parsing attributes in process `syz.3.650'.
[  100.238813][ T5900] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4215: comm syz.6.651: Allocating blocks 41-42 which overlap fs metadata
[  100.307376][ T5900] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4215: comm syz.6.651: Allocating blocks 41-42 which overlap fs metadata
[  100.405356][ T5900] EXT4-fs error (device loop6): ext4_acquire_dquot:6986: comm syz.6.651: Failed to acquire dquot type 1
[  100.439671][ T5901] netlink: 12 bytes leftover after parsing attributes in process `syz.3.650'.
[  100.481662][ T5918] netlink: 20 bytes leftover after parsing attributes in process `syz.0.649'.
[  100.503164][ T5900] EXT4-fs error (device loop6): mb_free_blocks:2037: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  100.584741][ T5900] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #12: comm syz.6.651: corrupted inode contents
[  100.607273][ T5927] netlink: 12 bytes leftover after parsing attributes in process `syz.5.658'.
[  100.619977][ T5900] EXT4-fs error (device loop6): ext4_dirty_inode:6502: inode #12: comm syz.6.651: mark_inode_dirty error
[  100.645399][ T5900] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #12: comm syz.6.651: corrupted inode contents
[  100.664750][   T29] kauditd_printk_skb: 106 callbacks suppressed
[  100.664769][   T29] audit: type=1326 audit(1769394453.343:1146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5919 comm="syz.4.655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe63dcbacb9 code=0x7ffc0000
[  100.715448][ T5900] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #12: comm syz.6.651: mark_inode_dirty error
[  100.732948][   T29] audit: type=1326 audit(1769394453.343:1147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5919 comm="syz.4.655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe63dcbacb9 code=0x7ffc0000
[  100.760924][   T29] audit: type=1326 audit(1769394453.343:1148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5919 comm="syz.4.655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe63dcbacb9 code=0x7ffc0000
[  100.768162][ T5900] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #12: comm syz.6.651: corrupted inode contents
[  100.790931][   T29] audit: type=1326 audit(1769394453.383:1149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5919 comm="syz.4.655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe63dcbacb9 code=0x7ffc0000
[  100.790996][   T29] audit: type=1326 audit(1769394453.383:1150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5919 comm="syz.4.655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe63dcbacb9 code=0x7ffc0000
[  100.860677][ T5900] EXT4-fs error (device loop6) in ext4_orphan_del:303: Corrupt filesystem
[  100.863191][   T29] audit: type=1326 audit(1769394453.383:1151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5919 comm="syz.4.655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe63dcbacb9 code=0x7ffc0000
[  100.901364][   T29] audit: type=1326 audit(1769394453.383:1152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5919 comm="syz.4.655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe63dcbacb9 code=0x7ffc0000
[  100.928820][   T29] audit: type=1326 audit(1769394453.383:1153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5919 comm="syz.4.655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe63dcbacb9 code=0x7ffc0000
[  100.958819][   T29] audit: type=1326 audit(1769394453.383:1154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5919 comm="syz.4.655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe63dcbacb9 code=0x7ffc0000
[  100.965644][ T5900] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #12: comm syz.6.651: corrupted inode contents
[  100.985095][   T29] audit: type=1326 audit(1769394453.383:1155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5919 comm="syz.4.655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe63dcbacb9 code=0x7ffc0000
[  101.035786][ T5927] 8021q: adding VLAN 0 to HW filter on device bond1
[  101.045278][ T5900] EXT4-fs error (device loop6): ext4_truncate:4635: inode #12: comm syz.6.651: mark_inode_dirty error
[  101.105186][ T5900] EXT4-fs error (device loop6) in ext4_process_orphan:345: Corrupt filesystem
[  101.210505][ T5900] EXT4-fs (loop6): 1 truncate cleaned up
[  101.242180][ T5900] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.313170][ T5900] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000.
[  101.476670][ T4687] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.292786][ T5971] netlink: 20 bytes leftover after parsing attributes in process `syz.5.670'.
[  102.315112][ T5969] netlink: 4 bytes leftover after parsing attributes in process `syz.0.669'.
[  102.342806][ T5969] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  102.351667][ T5969] IPv6: NLM_F_CREATE should be set when creating new route
[  102.375626][ T5975] loop5: detected capacity change from 0 to 512
[  102.783045][ T6007] mmap: syz.5.681 (6007) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  103.020607][ T6021] loop6: detected capacity change from 0 to 512
[  103.035438][ T6021] EXT4-fs warning (device loop6): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  103.050027][ T6021] EXT4-fs warning (device loop6): dx_probe:849: Enable large directory feature to access it
[  103.061952][ T6021] EXT4-fs warning (device loop6): dx_probe:934: inode #2: comm syz.6.688: Corrupt directory, running e2fsck is recommended
[  103.099435][ T6021] EXT4-fs (loop6): Cannot turn on journaled quota: type 1: error -2
[  103.109028][ T6021] EXT4-fs error (device loop6): ext4_iget_extra_inode:5073: inode #15: comm syz.6.688: corrupted in-inode xattr: invalid ea_ino
[  103.125541][ T6021] EXT4-fs error (device loop6): ext4_orphan_get:1396: comm syz.6.688: couldn't read orphan inode 15 (err -117)
[  103.139906][ T6021] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.171443][ T4687] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.224973][ T6030] FAULT_INJECTION: forcing a failure.
[  103.224973][ T6030] name failslab, interval 1, probability 0, space 0, times 0
[  103.240147][ T6030] CPU: 1 UID: 0 PID: 6030 Comm: syz.5.691 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  103.240184][ T6030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  103.240206][ T6030] Call Trace:
[  103.240215][ T6030]  <TASK>
[  103.240226][ T6030]  __dump_stack+0x1d/0x30
[  103.240256][ T6030]  dump_stack_lvl+0x95/0xd0
[  103.240321][ T6030]  dump_stack+0x15/0x1b
[  103.240348][ T6030]  should_fail_ex+0x263/0x280
[  103.240458][ T6030]  should_failslab+0x8c/0xb0
[  103.240491][ T6030]  __kmalloc_cache_noprof+0x64/0x4a0
[  103.240527][ T6030]  ? nf_tables_newchain+0xa33/0x1610
[  103.240591][ T6030]  nf_tables_newchain+0xa33/0x1610
[  103.240638][ T6030]  ? should_failslab+0x8c/0xb0
[  103.240737][ T6030]  nfnetlink_rcv+0xc1e/0x1720
[  103.240805][ T6030]  netlink_unicast+0x5c0/0x690
[  103.240967][ T6030]  netlink_sendmsg+0x5c8/0x6f0
[  103.240998][ T6030]  ? __pfx_netlink_sendmsg+0x10/0x10
[  103.241025][ T6030]  ____sys_sendmsg+0x5af/0x600
[  103.241055][ T6030]  ___sys_sendmsg+0x195/0x1e0
[  103.241159][ T6030]  __x64_sys_sendmsg+0xd4/0x160
[  103.241183][ T6030]  x64_sys_call+0x17ba/0x3000
[  103.241223][ T6030]  do_syscall_64+0xc0/0x2a0
[  103.241346][ T6030]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.241398][ T6030] RIP: 0033:0x7fea6e1bacb9
[  103.241422][ T6030] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  103.241504][ T6030] RSP: 002b:00007fea6cc17028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  103.241598][ T6030] RAX: ffffffffffffffda RBX: 00007fea6e435fa0 RCX: 00007fea6e1bacb9
[  103.241619][ T6030] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  103.241637][ T6030] RBP: 00007fea6cc17090 R08: 0000000000000000 R09: 0000000000000000
[  103.241655][ T6030] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  103.241672][ T6030] R13: 00007fea6e436038 R14: 00007fea6e435fa0 R15: 00007ffd38af2208
[  103.241694][ T6030]  </TASK>
[  103.246443][ T6032] loop6: detected capacity change from 0 to 256
[  103.284627][ T6033] loop4: detected capacity change from 0 to 1024
[  103.304658][ T6032] vfat: Unknown parameter ''
[  103.510103][ T6037] netlink: 8 bytes leftover after parsing attributes in process `syz.3.693'.
[  103.524481][ T6033] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  103.560530][ T6037] dummy0: entered promiscuous mode
[  103.568383][ T6037] dummy0: left promiscuous mode
[  103.588409][ T6042] loop5: detected capacity change from 0 to 512
[  103.596506][ T6042] vfat: Unknown parameter '$'
[  103.653475][ T6033] SELinux:  Context system_u:object_r:sulogin_exec_t:s0 is not valid (left unmapped).
[  103.680236][ T6033] EXT4-fs error (device loop4): ext4_xattr_inode_iget:441: comm syz.4.685: inode #778331508: comm syz.4.685: iget: illegal inode #
[  103.706104][ T6033] EXT4-fs error (device loop4): ext4_xattr_inode_iget:446: comm syz.4.685: error while reading EA inode 778331508 err=-117
[  103.751218][ T6033] EXT4-fs error (device loop4): ext4_xattr_block_list:766: inode #15: comm syz.4.685: corrupted xattr block 113: invalid header
[  104.013872][ T3323] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.071073][ T6077] netlink: 20 bytes leftover after parsing attributes in process `syz.3.706'.
[  104.285266][ T6093] FAULT_INJECTION: forcing a failure.
[  104.285266][ T6093] name failslab, interval 1, probability 0, space 0, times 0
[  104.302078][ T6093] CPU: 0 UID: 0 PID: 6093 Comm: syz.3.716 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  104.302155][ T6093] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  104.302170][ T6093] Call Trace:
[  104.302182][ T6093]  <TASK>
[  104.302190][ T6093]  __dump_stack+0x1d/0x30
[  104.302216][ T6093]  dump_stack_lvl+0x95/0xd0
[  104.302294][ T6093]  dump_stack+0x15/0x1b
[  104.302394][ T6093]  should_fail_ex+0x263/0x280
[  104.302434][ T6093]  should_failslab+0x8c/0xb0
[  104.302459][ T6093]  kmem_cache_alloc_noprof+0x68/0x490
[  104.302532][ T6093]  ? getname_flags+0x7f/0x3b0
[  104.302612][ T6093]  getname_flags+0x7f/0x3b0
[  104.302699][ T6093]  user_path_at+0x28/0x130
[  104.302737][ T6093]  do_fchmodat+0x77/0x150
[  104.302836][ T6093]  __x64_sys_chmod+0x38/0x50
[  104.302871][ T6093]  x64_sys_call+0x2aaf/0x3000
[  104.302925][ T6093]  do_syscall_64+0xc0/0x2a0
[  104.302967][ T6093]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.303011][ T6093] RIP: 0033:0x7fad48e2acb9
[  104.303031][ T6093] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  104.303094][ T6093] RSP: 002b:00007fad47887028 EFLAGS: 00000246 ORIG_RAX: 000000000000005a
[  104.303267][ T6093] RAX: ffffffffffffffda RBX: 00007fad490a5fa0 RCX: 00007fad48e2acb9
[  104.303287][ T6093] RDX: 0000000000000000 RSI: 0000000000000355 RDI: 0000200000000180
[  104.303305][ T6093] RBP: 00007fad47887090 R08: 0000000000000000 R09: 0000000000000000
[  104.303323][ T6093] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  104.303337][ T6093] R13: 00007fad490a6038 R14: 00007fad490a5fa0 R15: 00007ffd26953278
[  104.303357][ T6093]  </TASK>
[  104.543321][ T6102] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=784 sclass=netlink_route_socket pid=6102 comm=syz.0.717
[  104.575577][ T6105] loop4: detected capacity change from 0 to 1024
[  104.628394][ T6114] netlink: 20 bytes leftover after parsing attributes in process `syz.3.722'.
[  104.644187][ T6105] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  104.707023][ T6115] netlink: 88 bytes leftover after parsing attributes in process `syz.0.723'.
[  104.998049][ T3323] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.079319][ T6146] netlink: 168 bytes leftover after parsing attributes in process `syz.4.732'.
[  105.118488][ T6149] loop5: detected capacity change from 0 to 7
[  105.142336][ T6144] loop0: detected capacity change from 0 to 512
[  105.151876][ T6144] EXT4-fs: Invalid want_extra_isize 3
[  105.189454][ T6121] loop6: detected capacity change from 0 to 512
[  105.191983][ T6149] loop5: detected capacity change from 7 to 3
[  105.232070][ T6156] loop4: detected capacity change from 0 to 512
[  105.268465][ T6121] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  105.282945][ T6156] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  105.299777][ T6156] ext4 filesystem being mounted at /173/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  105.316881][ T6156] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #4: comm syz.4.738: corrupted inode contents
[  105.347061][ T6156] EXT4-fs error (device loop4): ext4_dirty_inode:6502: inode #4: comm syz.4.738: mark_inode_dirty error
[  105.362517][ T6156] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #4: comm syz.4.738: corrupted inode contents
[  105.385492][ T6156] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #4: comm syz.4.738: mark_inode_dirty error
[  105.385640][ T6121] EXT4-fs (loop6): 1 truncate cleaned up
[  105.427433][ T6156] EXT4-fs error (device loop4): ext4_acquire_dquot:6986: comm syz.4.738: Failed to acquire dquot type 1
[  105.451054][ T6121] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  105.474317][ T3323] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.550043][ T6173] FAT-fs (loop4): Directory bread(block 517) failed
[  105.595114][ T6173] FAT-fs (loop4): Directory bread(block 518) failed
[  105.629836][ T6177] FAULT_INJECTION: forcing a failure.
[  105.629836][ T6177] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  105.646460][ T6177] CPU: 0 UID: 0 PID: 6177 Comm: syz.5.745 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  105.646496][ T6177] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  105.646513][ T6177] Call Trace:
[  105.646522][ T6177]  <TASK>
[  105.646608][ T6177]  __dump_stack+0x1d/0x30
[  105.647086][ T6177]  dump_stack_lvl+0x95/0xd0
[  105.647136][ T6177]  dump_stack+0x15/0x1b
[  105.647163][ T6177]  should_fail_ex+0x263/0x280
[  105.647204][ T6177]  should_fail+0xb/0x20
[  105.647239][ T6177]  should_fail_usercopy+0x1a/0x20
[  105.647350][ T6177]  _copy_to_user+0x20/0xa0
[  105.647380][ T6177]  simple_read_from_buffer+0xb5/0x130
[  105.647431][ T6177]  proc_fail_nth_read+0x10e/0x150
[  105.647505][ T6177]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  105.647543][ T6177]  vfs_read+0x1ab/0x7f0
[  105.647595][ T6177]  ? __kcsan_check_access+0x15/0x1d0
[  105.647627][ T6177]  ? mutex_lock+0x57/0x90
[  105.647660][ T6177]  ksys_read+0xdc/0x1a0
[  105.647733][ T6177]  __x64_sys_read+0x40/0x50
[  105.647758][ T6177]  x64_sys_call+0x2889/0x3000
[  105.647791][ T6177]  do_syscall_64+0xc0/0x2a0
[  105.647917][ T6177]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.647976][ T6177] RIP: 0033:0x7fea6e17b58e
[  105.647999][ T6177] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  105.648026][ T6177] RSP: 002b:00007fea6cc16fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  105.648050][ T6177] RAX: ffffffffffffffda RBX: 00007fea6cc176c0 RCX: 00007fea6e17b58e
[  105.648067][ T6177] RDX: 000000000000000f RSI: 00007fea6cc170a0 RDI: 0000000000000004
[  105.648149][ T6177] RBP: 00007fea6cc17090 R08: 0000000000000000 R09: 0000000000000000
[  105.648167][ T6177] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  105.648185][ T6177] R13: 00007fea6e436038 R14: 00007fea6e435fa0 R15: 00007ffd38af2208
[  105.648213][ T6177]  </TASK>
[  105.658192][ T6173] FAT-fs (loop4): Directory bread(block 519) failed
[  105.892710][ T6182] netlink: 4 bytes leftover after parsing attributes in process `syz.3.746'.
[  105.911177][ T6173] FAT-fs (loop4): Directory bread(block 520) failed
[  105.919571][ T6173] FAT-fs (loop4): Directory bread(block 521) failed
[  105.928159][ T6173] FAT-fs (loop4): Directory bread(block 522) failed
[  105.971712][ T6173] FAT-fs (loop4): Directory bread(block 523) failed
[  105.998065][ T6173] FAT-fs (loop4): Directory bread(block 524) failed
[  106.005475][ T6173] FAT-fs (loop4): Directory bread(block 525) failed
[  106.014108][ T6173] FAT-fs (loop4): Directory bread(block 526) failed
[  106.142467][   T29] kauditd_printk_skb: 271 callbacks suppressed
[  106.142487][   T29] audit: type=1400 audit(1769395226.989:1424): avc:  denied  { associate } for  pid=6187 comm="syz.3.750" name="pfkey" scontext=root:object_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  106.268572][ T6200] netlink: 8 bytes leftover after parsing attributes in process `syz.5.754'.
[  106.283431][ T6192] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  106.362480][ T6206] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  106.395990][ T6206] ext4 filesystem being mounted at /145/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  106.439336][ T5743] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  106.458667][ T5743] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  106.476909][ T5743] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  106.487898][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  106.500094][ T5743] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  106.530822][ T6210] xt_CT: No such helper "snmp_trap"
[  106.573925][ T6220] netem: incorrect ge model size
[  106.581233][ T6220] netem: change failed
[  106.598013][ T6211] FAULT_INJECTION: forcing a failure.
[  106.598013][ T6211] name failslab, interval 1, probability 0, space 0, times 0
[  106.612755][ T6211] CPU: 0 UID: 0 PID: 6211 Comm: syz.3.755 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  106.612794][ T6211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  106.612813][ T6211] Call Trace:
[  106.612823][ T6211]  <TASK>
[  106.612833][ T6211]  __dump_stack+0x1d/0x30
[  106.612862][ T6211]  dump_stack_lvl+0x95/0xd0
[  106.612886][ T6211]  dump_stack+0x15/0x1b
[  106.612911][ T6211]  should_fail_ex+0x263/0x280
[  106.612953][ T6211]  should_failslab+0x8c/0xb0
[  106.612984][ T6211]  kmem_cache_alloc_noprof+0x68/0x490
[  106.613017][ T6211]  ? vm_area_alloc+0x2c/0xb0
[  106.613051][ T6211]  vm_area_alloc+0x2c/0xb0
[  106.613084][ T6211]  mmap_region+0xfd8/0x1d20
[  106.613114][ T6211]  ? avc_has_perm+0x101/0x190
[  106.613192][ T6211]  do_mmap+0x9b2/0xbd0
[  106.613234][ T6211]  vm_mmap_pgoff+0x183/0x2d0
[  106.613271][ T6211]  ksys_mmap_pgoff+0x267/0x310
[  106.613318][ T6211]  x64_sys_call+0x16bb/0x3000
[  106.613352][ T6211]  do_syscall_64+0xc0/0x2a0
[  106.613396][ T6211]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.613427][ T6211] RIP: 0033:0x7fad48e2acb9
[  106.613448][ T6211] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  106.613473][ T6211] RSP: 002b:00007fad47866028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  106.613500][ T6211] RAX: ffffffffffffffda RBX: 00007fad490a6090 RCX: 00007fad48e2acb9
[  106.613519][ T6211] RDX: 0000000000000002 RSI: 0000000000b36000 RDI: 0000200000000000
[  106.613538][ T6211] RBP: 00007fad47866090 R08: 0000000000000003 R09: 0000000000000000
[  106.613557][ T6211] R10: 0000000000028011 R11: 0000000000000246 R12: 0000000000000001
[  106.613574][ T6211] R13: 00007fad490a6128 R14: 00007fad490a6090 R15: 00007ffd26953278
[  106.613615][ T6211]  </TASK>
[  106.643501][ T6226] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=6226 comm=syz.0.760
[  106.728630][ T6230] netlink: 'syz.0.760': attribute type 1 has an invalid length.
[  106.904379][ T6230] 8021q: adding VLAN 0 to HW filter on device bond1
[  106.946957][ T6236] netlink: 12 bytes leftover after parsing attributes in process `syz.0.763'.
[  106.992255][   T29] audit: type=1400 audit(1769395227.882:1425): avc:  denied  { accept } for  pid=6240 comm="syz.4.766" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  107.022837][   T29] audit: type=1400 audit(1769395227.882:1426): avc:  denied  { read } for  pid=6240 comm="syz.4.766" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  107.045481][   T29] audit: type=1400 audit(1769395227.913:1427): avc:  denied  { relabelfrom } for  pid=6239 comm="syz.0.765" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  107.070124][   T29] audit: type=1400 audit(1769395227.913:1428): avc:  denied  { relabelto } for  pid=6239 comm="syz.0.765" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  107.110776][ T6248] ip6gre1: entered promiscuous mode
[  107.116913][ T6248] ip6gre1: entered allmulticast mode
[  107.143942][ T4687] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.159724][ T6250] EXT4-fs: Ignoring removed bh option
[  107.181639][ T6252] EXT4-fs: Ignoring removed bh option
[  107.210028][ T6250] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  107.237657][ T6252] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  107.260720][ T6250] ext4 filesystem being mounted at /161/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  107.274480][ T6252] ext4 filesystem being mounted at /42/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  107.299516][   T29] audit: type=1400 audit(1769395228.207:1429): avc:  denied  { read append } for  pid=6249 comm="syz.3.768" name="file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  107.330539][   T29] audit: type=1400 audit(1769395228.207:1430): avc:  denied  { open } for  pid=6249 comm="syz.3.768" path="/161/bus/file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  107.397433][   T29] audit: type=1400 audit(1769395228.301:1431): avc:  denied  { ioctl } for  pid=6249 comm="syz.3.768" path="/newroot/161/bus/file1" dev="loop3" ino=15 ioctlcmd=0x660f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  107.461274][ T6268] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  107.471079][ T6268] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  107.495299][ T3311] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.527317][ T6270] netlink: 'syz.3.775': attribute type 1 has an invalid length.
[  107.539589][ T6270] __nla_validate_parse: 2 callbacks suppressed
[  107.539651][ T6270] netlink: 44 bytes leftover after parsing attributes in process `syz.3.775'.
[  107.557449][ T6268] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4215: comm syz.5.774: Allocating blocks 41-42 which overlap fs metadata
[  107.592928][ T4687] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.605822][ T6268] Quota error (device loop5): write_blk: dquota write failed
[  107.616517][ T6268] Quota error (device loop5): find_free_dqentry: Can't write quota data block 5
[  107.659401][ T6268] EXT4-fs error (device loop5): ext4_acquire_dquot:6986: comm syz.5.774: Failed to acquire dquot type 1
[  107.691592][ T6268] EXT4-fs error (device loop5): mb_free_blocks:2037: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  107.732663][ T6268] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #12: comm syz.5.774: corrupted inode contents
[  107.754569][ T6284] xt_hashlimit: size too large, truncated to 1048576
[  107.798964][ T6268] EXT4-fs error (device loop5): ext4_dirty_inode:6502: inode #12: comm syz.5.774: mark_inode_dirty error
[  107.814429][ T6268] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #12: comm syz.5.774: corrupted inode contents
[  107.829323][ T6268] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #12: comm syz.5.774: mark_inode_dirty error
[  107.845357][ T6268] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #12: comm syz.5.774: corrupted inode contents
[  107.862341][ T6268] EXT4-fs error (device loop5) in ext4_orphan_del:303: Corrupt filesystem
[  107.873485][ T6287] –: renamed from vxcan1 (while UP)
[  107.923464][ T6268] EXT4-fs error (device loop5): ext4_do_update_inode:5617: inode #12: comm syz.5.774: corrupted inode contents
[  107.942723][ T6292] netlink: 8 bytes leftover after parsing attributes in process `syz.0.783'.
[  107.971375][ T6268] EXT4-fs error (device loop5): ext4_truncate:4635: inode #12: comm syz.5.774: mark_inode_dirty error
[  107.980818][ T6294] set_capacity_and_notify: 5 callbacks suppressed
[  107.980871][ T6294] loop3: detected capacity change from 0 to 128
[  107.988421][ T6268] EXT4-fs error (device loop5) in ext4_process_orphan:345: Corrupt filesystem
[  108.014892][ T6268] EXT4-fs (loop5): 1 truncate cleaned up
[  108.022400][ T6268] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  108.046428][ T6268] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000.
[  108.072387][ T6296] loop6: detected capacity change from 0 to 512
[  108.089371][ T6296] EXT4-fs: Ignoring removed bh option
[  108.120947][ T6292] vlan0: entered allmulticast mode
[  108.143477][ T4658] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.169076][ T6294] ==================================================================
[  108.180878][ T6294] BUG: KCSAN: data-race in __xa_set_mark / xas_find_marked
[  108.190383][ T6294] 
[  108.193346][ T6294] write to 0xffff88811b44e914 of 4 bytes by task 6297 on cpu 1:
[  108.201747][ T6294]  __xa_set_mark+0x172/0x1a0
[  108.206914][ T6294]  __folio_mark_dirty+0x383/0x490
[  108.213428][ T6294]  mark_buffer_dirty+0x11e/0x200
[  108.219632][ T6294]  block_write_end+0x12d/0x210
[  108.224904][ T6294]  generic_write_end+0x56/0x150
[  108.230517][ T6294]  fat_write_end+0x4f/0x160
[  108.236728][ T6294]  generic_perform_write+0x311/0x490
[  108.246726][ T6294]  __generic_file_write_iter+0x9e/0x120
[  108.253833][ T6294]  generic_file_write_iter+0x8d/0x310
[  108.260349][ T6294]  iter_file_splice_write+0x6bc/0xa80
[  108.267229][ T6294]  direct_splice_actor+0x156/0x2a0
[  108.272482][ T6294]  splice_direct_to_actor+0x311/0x670
[  108.279274][ T6294]  do_splice_direct+0x119/0x1a0
[  108.285178][ T6294]  do_sendfile+0x382/0x650
[  108.290248][ T6294]  __x64_sys_sendfile64+0x105/0x150
[  108.296570][ T6294]  x64_sys_call+0x2db1/0x3000
[  108.303899][ T6294]  do_syscall_64+0xc0/0x2a0
[  108.309028][ T6294]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.316630][ T6294] 
[  108.319343][ T6294] read to 0xffff88811b44e914 of 4 bytes by task 6294 on cpu 0:
[  108.329163][ T6294]  xas_find_marked+0x5d7/0x620
[  108.335975][ T6294]  filemap_get_folios_tag+0xfa/0x510
[  108.342163][ T6294]  file_write_and_wait_range+0x20c/0x2f0
[  108.348715][ T6294]  __generic_file_fsync+0x46/0x160
[  108.355705][ T6294]  fat_file_fsync+0x49/0x100
[  108.361929][ T6294]  vfs_fsync_range+0x10d/0x130
[  108.367526][ T6294]  generic_file_write_iter+0x1ba/0x310
[  108.373915][ T6294]  iter_file_splice_write+0x6bc/0xa80
[  108.381958][ T6294]  direct_splice_actor+0x156/0x2a0
[  108.388887][ T6294]  splice_direct_to_actor+0x311/0x670
[  108.395983][ T6294]  do_splice_direct+0x119/0x1a0
[  108.404207][ T6294]  do_sendfile+0x382/0x650
[  108.409563][ T6294]  __x64_sys_sendfile64+0x105/0x150
[  108.416135][ T6294]  x64_sys_call+0x2db1/0x3000
[  108.421812][ T6294]  do_syscall_64+0xc0/0x2a0
[  108.426730][ T6294]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.434157][ T6294] 
[  108.436974][ T6294] value changed: 0x04000021 -> 0x0a000021
[  108.443154][ T6294] 
[  108.445685][ T6294] Reported by Kernel Concurrency Sanitizer on:
[  108.453011][ T6294] CPU: 0 UID: 0 PID: 6294 Comm: syz.3.784 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  108.464949][ T6294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  108.477265][ T6294] ==================================================================
[  108.490804][ T6296] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  108.493598][ T6303] program syz.0.787 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  108.508281][ T6296] ext4 filesystem being mounted at /45/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  108.544069][ T6305] loop5: detected capacity change from 0 to 128
[  108.597204][ T4687] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.