last executing test programs:

2.795177457s ago: executing program 3 (id=500):
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x27, 0x6, 0x0, 0x0, 0x0, 0xffff, 0x690bb, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x1, @perf_bp={0x0, 0x8}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x3, 0x1, 0x5, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x1)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f0000000040)={0x0, 0x6, 0x1fd, {0x0, 0xa}, {0x1, 0x7}, @const={0x0, {0x1, 0x8, 0x4, 0x881}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4808000010001fff3a4ee9bfd5c3a3696c40af0b", @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800a00010076786c616e"], 0x3}}, 0x0)
write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc)
splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x0)
r3 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'lo\x00', <r5=>0x0})
set_mempolicy(0x6005, &(0x7f0000000080)=0xfffffffffffffffd, 0x4)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_buf(r6, 0x29, 0x20, &(0x7f00000000c0)="0bbb268dd6ffa80800000000000000000000210d0000aaa8fa017242ba9380d424000000000000002900000002000000", 0xfe60)
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x48, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r5, {0x0, 0x2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x8}}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=@newqdisc={0x34, 0x24, 0xd0f, 0x0, 0x25dfdb7c, {0x60, 0x0, 0x0, r5, {}, {0x1, 0x2}}, [@qdisc_kind_options=@q_pfifo_fast={0xf}]}, 0x34}, 0x1, 0x0, 0x0, 0x40004}, 0x40000)
getresuid(&(0x7f0000000140), &(0x7f0000000180)=<r7=>0x0, &(0x7f00000001c0))
sendmsg$nl_xfrm(r1, &(0x7f00000005c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8121}, 0xc, &(0x7f0000000580)={&(0x7f0000000240)=@newae={0x2a8, 0x1e, 0x400, 0x70bd28, 0x25dfdbfd, {{@in=@multicast1, 0x4d5, 0xa, 0x2b}, @in6=@private0, 0x1, 0x34ff}, [@user_kmaddress={0x2c, 0x13, {@in6=@dev={0xfe, 0x80, '\x00', 0x36}, @in6=@local, 0x0, 0x2}}, @replay_val={0x10, 0xa, {0x70bd2d, 0x70bd29, 0x2}}, @migrate={0x180, 0x11, [{@in=@loopback, @in=@local, @in6=@remote, @in6=@mcast1, 0x33, 0x0, 0x0, 0x0, 0xa, 0xa}, {@in=@local, @in=@empty, @in=@private=0xa010100, @in6=@private0, 0x3c, 0x3, 0x0, 0x3502, 0x2, 0x2}, {@in6=@remote, @in6=@local, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in=@dev={0xac, 0x14, 0x14, 0xa}, 0x6c, 0x0, 0x0, 0x3500, 0x2, 0x8}, {@in=@empty, @in=@dev={0xac, 0x14, 0x14, 0x1e}, @in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @in=@dev={0xac, 0x14, 0x14, 0x43}, 0x6c, 0x1, 0x0, 0x3501, 0xa, 0xa}, {@in=@broadcast, @in6=@remote, @in=@local, @in6=@ipv4={'\x00', '\xff\xff', @empty}, 0x2b, 0x1, 0x0, 0x0, 0x2}]}, @policy={0xac, 0x7, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x4e22, 0x4, 0x4e20, 0x7, 0xa, 0xe0, 0x0, 0x89, r5, r7}, {0x47, 0x9, 0xb, 0x9, 0x8000000000000001, 0x6f2, 0x1, 0x47}, {0x1, 0x3, 0x81, 0x17}, 0xfffffffa, 0x6e6bc0, 0x2}}]}, 0x2a8}, 0x1, 0x0, 0x0, 0x4}, 0x80)

2.394870181s ago: executing program 1 (id=510):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x101c08a, &(0x7f00000001c0)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c757466383d312c696f636861727365743d61736369692c73686f72746e616d653d77696e39352c73686f77657865632c6e66732c636865636b3d7374726963742c756e695f786c6174653d302c757466383d312c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c726f6469722c726f6469722c64656275672c757466383d302c726f6469722c71756965742c6572726f72733d72656d6f756e742d726f2c009c8a8fc4f74784ad79ec08fb556262ebc972ef94821f3565ef5f75f11e30ef1f72a065c510b17cae352940538b7b2c5d72f4627c25306b2479725add28f511a68f5f6f47f9facdd0cc574286d00ab52d6b9374b6a58eac694336ebe971f41860d01084c1a0fa6b51d80fa9f9d2c5a2e7a5284f93296217ef8f28e0a36e573296a0bfb38b94191f4b82873563f3759b5e193ecfab6ed7892542364757e47d656ad6a0fbb6e8bf138bddae620a3602991821d4844f628e6bdd8b62cca73744332f0185a54b"], 0x6, 0x2c6, &(0x7f0000000b00)="$eJzs3T+LI2UYAPBnkuxk1CJbWIlwA15hdXjXiU0WuQNxK48UaqGrdweyCcIdLPgH41W2NhYWfgJB8INc4zcQbIXrPGFhZCYzm0mMIVnMiru/X7PPvvM+8z7vZMjOFnny4cuT43t5PHj85a+RZUl0hjGMZ0nsRycaX8eC4bcBAPyfPSuKeFrMbJOXRES2u7IAgB3a7O9/bx7+fCFlAQA7dPfd994+ODy8/U4WWdyZfHMyKv+zL3/Ojh88iE9iHPfjtRjEaUT1oLAX1dNCGd4pimLay0v7cX0yPRmVmZMPntTnP/g9IsYfPW0tefa0UeW/dXj7Zj7Typ+WdTxfrz8s178Vg3jxLHkh/9aK/Bil8eorrfpvxCB++Tg+jXHcq4qY5391M8/fLL7744v3y/LK/GR6MupX81pldy/sRQEAAAAAAAAAAAAAAAAAAAAA4NK7UffO6Ud+La5PyqG6/073NNLy17yxv9ifZ5afNCdq9wcqimJaxA+tloJ5UU+c5/fipV67sSAAAAAAAAAAAAAAAAAAAABcXY8++/z4aDy+//BfCZpuAL2I+PNuxHnPM2yNXIv1k/v1mkfjcacOF+Y8Sdsj0W3mJBFryyg3cb6r0d0267nlmpvgx5/KDW6zetYaeX31BvfOu6/Ng+buOj5KVq/Vj2Ykq2+S79OI+Zw0Nlwr/adDRWxz+6UrDw223nv6QhVM18yJpF3Y8vV547fZlatHkuVdpNVVXXnmvTpopS/dGxu97pHN0v/+XpFU3Tr6u3szAgAAAAAAAAAAAAAAAACAK27+6d8VBx+vTe0UPgoMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwCUx//7/LYJpnbzB5DQePvqPtwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAV8FcAAAD//xzqWB8=")
unshare(0x2c020400)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x1a1081, 0x18)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
fallocate(r1, 0x0, 0x0, 0x8ffff)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001300)=@newtfilter={0x884, 0x2c, 0xd27, 0x70bd25, 0x2, {0x0, 0x0, 0x0, r3, {0x0, 0xc}, {0x0, 0xfff1}, {0xc, 0x4}}, [@filter_kind_options=@f_route={{0xa}, {0x854, 0x2, [@TCA_ROUTE4_TO={0x8, 0x2, 0xca}, @TCA_ROUTE4_POLICE={0x848, 0x5, [@TCA_POLICE_RATE={0x404, 0x2, [0x6, 0x7ff, 0xad04, 0xffffffff, 0x101, 0x9, 0x40, 0x1b12, 0x2, 0x2, 0x6, 0xe, 0x9e, 0x10001, 0x0, 0x4, 0x5, 0x1800000, 0x3, 0x0, 0x6, 0x5, 0x7fffffff, 0x3, 0x80e2b7, 0xffff, 0xffffffa9, 0x200, 0xf, 0xfffff758, 0x0, 0x2, 0x80, 0x200, 0xbe, 0x3, 0x800, 0x5, 0x100, 0x0, 0xb5, 0xb, 0x2, 0x8, 0x0, 0x6, 0x0, 0x5, 0x5, 0x200, 0x2, 0x1, 0x1ff, 0x3, 0x0, 0x4, 0xa, 0x3, 0x8, 0x7, 0x401, 0x74, 0x4, 0xfff, 0x5, 0x7, 0x7a, 0x50, 0xfffffae9, 0x8, 0x91, 0x10000, 0x9, 0x7, 0x3, 0x9, 0xfffffffe, 0x5, 0x6, 0xffffffff, 0x7, 0x2, 0x2, 0x1, 0x3, 0x3, 0x7613, 0x7ff, 0x4, 0x0, 0x9, 0x5, 0x7, 0xda5d, 0x4, 0x101, 0x7, 0xe, 0x101, 0x10, 0x5, 0x62b39d84, 0x1, 0x4, 0x4, 0x788c, 0xd7, 0xc0d9, 0x3, 0x4, 0x3, 0xffff, 0x400, 0x500000, 0x6, 0x445f, 0xffff, 0x2323da5a, 0x5, 0x3, 0x2, 0x7, 0x6, 0x9, 0x3, 0x2, 0xe, 0x5, 0x81, 0x200000, 0x81, 0x9, 0xb50, 0x9, 0x9, 0xffffff81, 0x9, 0x4, 0x1, 0x200, 0x7, 0x8, 0x4, 0x7fffffff, 0x1, 0x1, 0xb, 0x1, 0xfffffbed, 0x8, 0xffff, 0x8, 0x0, 0x1, 0x7, 0xa220, 0x0, 0x4, 0x8, 0x4, 0x9, 0xea8a, 0x54c, 0x2, 0xfffffff7, 0x7, 0x8, 0x80000000, 0x4, 0x0, 0x0, 0xb, 0x4, 0x5, 0x604, 0x0, 0xfffffff7, 0x2, 0x8, 0x5, 0xfff, 0x1, 0xf, 0x1, 0x1, 0x3, 0xef2, 0x4, 0x8001, 0xf2d8, 0x6, 0x7, 0x7, 0x62d, 0x0, 0x2555, 0x6, 0xd, 0x8, 0x32f4, 0x8, 0x6, 0x7, 0x0, 0xd981, 0x7f, 0x31, 0x1, 0x8, 0xfff, 0xffff, 0xc, 0x3ff, 0x4, 0x2, 0x1000, 0x4, 0x3ff, 0x7ff, 0x4, 0xe, 0xe, 0xffffff05, 0x4, 0x2, 0xffffffff, 0x4, 0x8, 0x5, 0x101, 0x9, 0x4, 0x5, 0xfffffffd, 0x2ae, 0x0, 0x9, 0x4, 0xffffffff, 0x2, 0xe, 0x1, 0x401, 0x3, 0x9, 0x6, 0x11, 0x7, 0x0, 0x1, 0x6, 0x1, 0x7, 0x2, 0x2, 0x1000]}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x7f, 0x1, 0x1, 0x4000006, 0x5, 0x465ed2bd, 0x7, 0x98, 0x2, 0x8e, 0x7, 0x6, 0x8, 0x800, 0x2, 0x6, 0x6, 0x2, 0x3, 0x1, 0x3, 0x2, 0x4, 0x8, 0x2, 0x5, 0x0, 0x9, 0x3, 0xc8, 0x3, 0x8, 0x5, 0xfffffff9, 0x7, 0x81, 0x0, 0x2, 0x10000, 0xa, 0xfffffffe, 0x1, 0x0, 0x7fffffff, 0xfe1, 0x8001, 0x5, 0x40, 0xffffffff, 0x4, 0x7fff, 0x3ff, 0x7, 0x3, 0x8, 0x0, 0x2, 0x7, 0x27, 0x6, 0x2, 0x6, 0x6, 0xe, 0x80000001, 0x4, 0x9, 0x1, 0x1, 0x3, 0x9, 0x3, 0x9, 0x0, 0x81, 0xe585, 0x0, 0x64, 0x3, 0x800, 0x3, 0x80000001, 0x1, 0x6, 0xffffffd8, 0xffffff1e, 0x3ff, 0x0, 0x8, 0x8, 0x9, 0x2, 0xf8f9, 0x2, 0x7f, 0xfffffd43, 0xfffffffa, 0x5, 0x1, 0xffffffff, 0x5, 0x2, 0x3, 0x2, 0x9, 0x0, 0x4, 0x5, 0xffffffff, 0x6, 0x7fffffff, 0x4, 0x8, 0xa8, 0x7, 0x1, 0x6, 0x71, 0x7, 0x0, 0x10, 0x1, 0x400, 0x4, 0x100, 0xffffffec, 0x6, 0x7, 0x83, 0x101, 0x0, 0x9, 0x6, 0x80000001, 0x4, 0x4, 0x0, 0x9, 0x8, 0x2, 0x7, 0x2, 0xff, 0x7fffffff, 0x81, 0x3, 0x4, 0xd, 0x3, 0x6, 0x7fff, 0x2, 0x7ff, 0x88, 0x7, 0x5, 0x0, 0x1, 0x7, 0x8, 0x6, 0x2, 0x800, 0x9, 0x0, 0x2, 0x3, 0x0, 0x9, 0x8, 0xb0, 0x2b88, 0xfffffc00, 0x61, 0x800000, 0x2, 0x4, 0x3, 0x2, 0xfffffff8, 0x8, 0x8, 0x7, 0x1, 0x2, 0xffff, 0xec, 0x6, 0x0, 0x30a, 0x6, 0x5, 0x3, 0x1, 0xc, 0x6, 0x1, 0x5, 0x80000000, 0x0, 0x1ff, 0x0, 0xffffff7f, 0x6, 0xca9e, 0xaf0, 0x1c40, 0x7, 0x3, 0x5, 0x0, 0x1, 0x5, 0xfffffffe, 0x7, 0x80000001, 0x0, 0x6f6, 0x5, 0x98, 0x1, 0x1600, 0x80000000, 0x6, 0x0, 0x57, 0x7, 0x8, 0x24, 0x8, 0x7fff, 0x5, 0x1, 0x4, 0x1, 0x3, 0x7, 0x1, 0xffffffff, 0xa412, 0x15, 0x400, 0x0, 0xf, 0x4fd9, 0x9, 0x0, 0x4, 0x0, 0xc7, 0x0, 0x80, 0x0, 0x7fffffff, 0x1ec, 0x4]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x4, 0x2, 0x4, 0x89, 0x4, {0x10, 0x0, 0x4, 0xc, 0xf000, 0x4}, {0x6, 0x0, 0x1, 0xff4f, 0x10, 0xa}, 0x400, 0xfffffffd, 0x8}}]}]}}]}, 0x884}}, 0x0)

2.331720674s ago: executing program 1 (id=512):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x5, 0x5, 0x2, 0x7, 0x0, 0x1, 0x10000}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000003000000000000b45ea93519647db20104a99887c671000040000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x4, &(0x7f0000000480)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0xd0}]}, 0x0}, 0x94)
r1 = perf_event_open(&(0x7f0000000fc0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x400, 0xf6103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24000000, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000000)='./file2\x00', 0x2210458, &(0x7f00000002c0)=ANY=[@ANYBLOB='nodots,dmask=00000000000000000000003,usefree,nodots,flush,dots,dots,gid=', @ANYRESHEX=0x0, @ANYBLOB], 0x1, 0x214, &(0x7f0000000840)="$eJzs3D1rW1cYB/AjWa6tlhZPhXbpoV3a5bb10qVDS3GhVNCSRCEv0zWWEyFFAl8NksmgOVM+RwhkCWQL+QL+DFmymYDx5Ck3OJKs2NixE0dy4vx+ix6e/z1X5+jARVy9bP5+91ZjNUtW004ozRdC8Y/QDzuFsBCKYaQffnpwZfvOxavX/v2zUlm6MDvsx/jVd4+v377//ZPOF5cf7nYKIYStxWcbX298s/ni0s16FutZbLU7MY3L7XYnXW7W4ko9ayQx/t+spVkt1ltZbW1fvtpsj5861LIspq1ebNR6sdOOnbVeTG+k9VZMkiTOB06lem8nz8NWnuf5XD/kef62JyhMZl5Myyn3n4/c3kU97l5Nn/e71W518DjI//6nsvRLfGVhPGq7263O7OW/DvK4P58Nnw/zxUPzz8KPPwzy3eyv/yoH8nJYmfzyAQAAAADgXErinkPv7yfJUfmgeu3zgQP370vh29K4MzP5pQAAAABHyHrrjbS5Mrs2KJq1Myvmwv7Ob4+GUzxu+M9Pjz9mQsWXwyK843nKIYSjjymGM9+U6RSj75EPO6PfF5xseOl9TaP8gbwao2I+HBaVw3pjbjqbAgAAnC/jN/0nHlKc6IQAAAAAAAAAAAAAAAAAAADgEzSNPzM76zUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALzJywAAAP//ixdW4w==")
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
fallocate(r4, 0x0, 0xa20, 0x8000c64)
ftruncate(r3, 0x5)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0)
r6 = syz_open_dev$usbfs(&(0x7f00000001c0), 0x800000001fe, 0x2)
r7 = socket$xdp(0x2c, 0x3, 0x0)
fcntl$setownex(r7, 0xf, &(0x7f0000000100)={0x2, 0xffffffffffffffff})
r8 = dup(r6)
ioctl$USBDEVFS_CONTROL(r8, 0xc0185500, &(0x7f0000000280)={0x23, 0x3, 0x1c, 0x4008, 0x0, 0x1, 0x0})
write$cgroup_type(r5, &(0x7f0000000180), 0x13bb711e)
socket$inet_sctp(0x2, 0x5, 0x84)
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r9=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r9, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0)
open(&(0x7f0000000000)='./file0\x00', 0x80002, 0x186)
timer_getoverrun(r9)
r10 = gettid()
timer_create(0x1, &(0x7f0000000800)={0x0, 0x21, 0x4, @tid=r10}, &(0x7f0000000000))
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x3ed4, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9)
timer_settime(0x0, 0x1, &(0x7f0000000040), 0x0)

2.250354479s ago: executing program 4 (id=516):
r0 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
writev(r0, &(0x7f0000000300)=[{&(0x7f00000000c0)="4d2e2e7c8bdc018d531b710a78ed2cdae32d8297c11cd0d6371dbfdb7a91885dd2e6fc18a49f70709f6c9fa3b0dfd31fcaee1bbfe6d1a2bbbc668a67227352b36900", 0x42}], 0x1)
perf_event_open(&(0x7f00000006c0)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x8, 0x40008, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f9cf02e, 0x2, @perf_config_ext={0x5, 0x6}, 0x0, 0x5bd20d9e, 0x800000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r1 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r4, &(0x7f0000000140)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x44)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000001c0)=@newlink={0x38, 0x10, 0x439, 0x0, 0xfffffffc, {0x0, 0x0, 0x0, r5, 0x0, 0x2808c}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gre={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_LINK={0x8, 0x1, r5}]}}}]}, 0x38}}, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="48000000100039040200"/20, @ANYRES32=r5, @ANYBLOB="40100000004104002000128008000100677265001400028008000700ac1414aa"], 0x48}}, 0x4040000)
r7 = openat$cgroup_subtree(r2, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000300)=ANY=[@ANYBLOB='-cpu'], 0x5)
write$cgroup_subtree(r7, &(0x7f0000000140)={[{0x2b, 'cpu'}]}, 0x5)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x98, 0x4, 0x8, 0x101, 0x0, 0x0, {0x0, 0x0, 0x8}, [@CTA_TIMEOUT_DATA={0x54, 0x4, 0x0, 0x1, @icmpv6=[@CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x3}, @CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x8}, @CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x6}, @CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x13f}, @CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x3}, @CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x9}, @CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x7}, @CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x9c}, @CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x79}, @CTA_TIMEOUT_ICMPV6_TIMEOUT={0x8}]}, @CTA_TIMEOUT_L4PROTO={0x5}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x11}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x6}]}, 0x98}}, 0x4048000)

2.102815487s ago: executing program 4 (id=518):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0)
recvmsg$unix(r1, &(0x7f0000000240)={&(0x7f00000000c0)=@abs, 0x6e, &(0x7f0000000040), 0x0, &(0x7f0000000140)=[@cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa8}, 0x2020)
write$binfmt_aout(r2, &(0x7f00000001c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r2, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0xfe, "0062ba7d82000000160000000000f738096304"})
r3 = syz_open_pts(r2, 0x80)
r4 = dup3(r3, r2, 0x80000)
read$watch_queue(r4, &(0x7f0000002d40)=""/4095, 0xfff)
getsockopt$bt_BT_VOICE(r0, 0x112, 0xb, 0x0, &(0x7f0000000000))

2.042775671s ago: executing program 0 (id=520):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
rt_sigtimedwait(0x0, 0x0, 0x0, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000680)=@updpolicy={0xb8, 0x19, 0x1, 0x70bd2d, 0x0, {{@in6=@empty, @in6=@empty, 0x8000, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x87}, {0x2, 0x96c, 0x0, 0x0, 0x0, 0x0, 0x4000000000000001, 0xfffffffffffffffb}, {0x0, 0x7, 0x2}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0xb8}}, 0x2c000810)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000009c0)=ANY=[@ANYBLOB="b8000000190001000000000000000000e0000002000000000000000000000000000000000000000000000000000000e6f14db4921ee12d000a000000290000003fa70ecb27a7379fe0266ccbf6294359c82f7fd6355893568ea9c68900134ac7f3ba84d22f67a4253beb6ca23e797fa89bcfc58193f95214ef608ee45db4f89eafc17e4f6af3c9b868397d2d6c3e8d4d0e8745cc85597ad9163322b83bc5590499e08a4f5f3ed47761692949c7eb1998838a5d6976cb8792895b155d01e763a819f75d2da4411117bd56fb03b906fa26c78e2805f4d732d2e8a2c9273915fe5f1141c037b897ba82d489c6a75c8038a191cc53d2e17522d670f000ca36073cb5a31c2e09038f901c48032b2d6bad47d5000b048e9d9ed6f2d82b569e6687eced9415e27292b9d1ce1d482aed08e6e85df161d3645a593f81e89e2ada53", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000700000000000000000000000000000000000000000000000200000000000000ffffffffffffffff0000000000000000000000000000000000000000000000000000000000000000ffffffffffffffff00"/112], 0xb8}}, 0x4004)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r2)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xf}, 0x1c)
listen(r3, 0x0)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r5, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000980)=ANY=[@ANYBLOB="84000000", @ANYRES16=r6, @ANYBLOB="010000000000fbdbdf250100000008000200000000000500050000000000080003000100000048000180050002002000000006000100020000000800060003000000080003"], 0x84}}, 0x20000000)

1.937616977s ago: executing program 3 (id=521):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)={0x58, 0x2, 0x6, 0x201, 0x0, 0x0, {0x1}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_NETMASK={0x5, 0x14, 0xed}]}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}]}, 0x58}}, 0x4000000)
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$IPVS_CMD_GET_DEST(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)={0x28, r2, 0x50dc85624ea6cf59, 0x70bd2b, 0x8000001, {}, [@IPVS_CMD_ATTR_SERVICE={0x14, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_AF={0x6, 0x1, 0x2}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x3}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x400c081}, 0x0)

1.936522327s ago: executing program 1 (id=522):
syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00')
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000040)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x2c)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@newlink={0x50, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @vxcan={{0xa}, {0x18, 0x2, 0x0, 0x1, @val={0x14, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x18088, 0x80}}}}}}, @IFLA_MASTER={0x8, 0x3, r2}]}, 0x50}, 0x1, 0x8}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00') (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket(0x1, 0x803, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x2c) (async)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@newlink={0x50, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @vxcan={{0xa}, {0x18, 0x2, 0x0, 0x1, @val={0x14, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x18088, 0x80}}}}}}, @IFLA_MASTER={0x8, 0x3, r2}]}, 0x50}, 0x1, 0x8}, 0x0) (async)

1.859664822s ago: executing program 3 (id=523):
syz_emit_ethernet(0x7a, &(0x7f0000000280)=ANY=[@ANYBLOB="856b934629faaaaaaaaaaaaa86dd60381f3400142f00fc000000000000000000000000000000ff0200000000000000000000000000010420"], 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000000c0)={'vxcan1\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=@gettclass={0x24, 0x2a, 0x400, 0x70bd2d, 0x25dfdbfc, {0x0, 0x0, 0x0, r2, {0xfff1, 0x7}, {0xfbe1bbd0bd1cd74c, 0x2}, {0x9, 0xfff1}}, ["", "", "", "", "", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x400c800}, 0x0)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff)
syz_emit_ethernet(0x4a, &(0x7f0000000480)={@local, @remote, @void, {@ipv4={0x800, @tcp={{0xa, 0x4, 0x0, 0x0, 0x3c, 0x64, 0x0, 0x0, 0x6, 0x0, @local, @private=0xa010102, {[@generic={0x7, 0x8, "044158a35b9e"}, @timestamp_addr={0x44, 0xc, 0x6, 0x1, 0x0, [{@multicast1, 0x3ff}]}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2}}}}}}, 0x0)
sendmsg$TIPC_NL_MON_PEER_GET(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000a00)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0d0300000000000000001300000024000980"], 0x38}}, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000240)={0x0, <r5=>0x0}, &(0x7f0000000280)=0x5)
setuid(r5)
futex_waitv(&(0x7f0000004040)=[{0x0, &(0x7f00000001c0), 0x2}], 0x1, 0x0, 0x0, 0x1)
setpriority(0x2, 0xff, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000040)={&(0x7f00000002c0)={0x37c, 0x1a, 0x100, 0x70bd2d, 0x25dfdbfb, {0x1d}, [@nested={0x2de, 0x3, 0x0, 0x1, [@generic="de55c6c6e6f1a918b93f42e0a4c49124f032068774aedd94121965e3980bbf6742176e4c35acaadb31b87f22aac95b", @nested={0x4, 0x44}, @typed={0xc, 0xe0, 0x0, 0x0, @u64=0x7}, @typed={0x4, 0x11d}, @generic="ac68b661fa17b1c90846b3ad23513c427a62867bb088232d1abaadf74e2239e4996a1713c100f69af6f1caf15b1c75efdd5f8b361f9096ee3fc606bb45e91d45677421f0e88f8893a34c60fe84f3094807712a99584efe8bb71203bdaddc1c4d5cb97de67a695c93d29fb3125a6aa669438f5f7afe550794381725be41eaf5b2440c93337cd78a55d97e5c4c9d3ed86df30634864d539ab572d23216b0dfbf6489861da177a7ace7ffa102024cde892391742a87a881de95c3b99da64f5f56ed2c0326345fb342afc7abac6af1e97c813d5fb510c6ce01850d93ce59df3ba7a742decc4bb66aeb70b6656fdd3c2339ecd8ea5766ddc93bba", @generic="45786a5274f37362b1f9e0d288bde629368a94cc8b5196160388406525ec8cceef41de99a302c0ec2ff13d8273eada470ed96ba3d30beafff8b7f54010f9a30257585834e542c638db3d739f22173bf17e69a7c6616195b82aa27a98e5911c3edb32bbbfb7a14c34ac563c40bf0a43aa8ec6c4d9bde9b9a27f0387054abae79a66c37ffe9cb19260a317bc77934c95791f636982483923bf931981c19c20ec2638dfa166aedee42b10744f3701bfcbb54011683bddcd2cd573162db107a8fc1fb90f7d58b07e847393404a4cc3f39245b31905bb6e6355b93b561a0f8299d4b80c07ceae9764b1c74b075e9179fc578c58e7acc3143a05640fe261", @typed={0x92, 0xd8, 0x0, 0x0, @binary="b39fd14810f6837afc5a07bfd69c5a847b7be8118f8df2ebeea07e34f6f1d6e3f99dcbc3ad64721ea40e36974a84ad721ecf9d14c0004931f214a7f008591b7c34611511d6ea952d517be30c09f6be104890c9d8bc2afb3b8d200dddd34a9f72ca17f7b3415444a02b44ca622c6ffd3a1a27c7e53579695b7ab73bf8b000a8732801cd647ffa22fb3c85d8f58238"}, @nested={0x4, 0xe1}, @typed={0xb, 0xf4, 0x0, 0x0, @str=':-+[\b@\x00'}]}, @nested={0x88, 0x134, 0x0, 0x1, [@generic="a75c0e7924b5e79c3fddfe72e947de85da1950879d0eb8007af6883612e170e800f620564bdf3ba19d9937159ea113044b2e6d3d38a7114c9a58a7dbb78e491134337a145ec78f9302dd2679c9ee8b46339900571e2d8a8687a2af48c4d13cba979b0b701e72731443afae9292aee97fb1726816d3f22cf050eb1b547eab71009761f1e3"]}]}, 0x37c}, 0x1, 0x0, 0x0, 0x48811}, 0x4004)

1.826796574s ago: executing program 1 (id=524):
perf_event_open(&(0x7f0000000480)={0x2, 0x80, 0x5c, 0x0, 0x0, 0x0, 0x0, 0x8, 0x40008, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x5, @perf_config_ext={0x9, 0xc64}, 0x10096, 0x0, 0x800000, 0x0, 0x4, 0x2, 0x6, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
mount$bpf(0x200000000000, &(0x7f0000000440)='./file0/../file0\x00', 0x0, 0x989046, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000040)='./file0/../file0\x00', 0x0, 0xbc0023, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f00000001c0)={'batadv_slave_1\x00', <r2=>0x0})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000500)={0x0, 0x0, 0x54}, 0x28)
r3 = syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
r4 = socket$netlink(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_PORT_GET(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)=ANY=[@ANYBLOB, @ANYRES16=r3, @ANYBLOB="01002bbd700000000000350000000e0001006e657464657673696d0000000f0002006e657464657673696d30000008007300020000000e"], 0x64}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x2000, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0x4, 0xa}, {0x0, 0xffe0}}}, 0x24}, 0x1, 0x0, 0x0, 0x48080}, 0x0)

1.759800038s ago: executing program 1 (id=525):
syz_open_dev$tty1(0xc, 0x4, 0x4)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000000c0)={0x1c, 0x2, 0x6, 0x5, 0x0, 0x3000000, {0x0, 0x0, 0xfffd}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x1c}}, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/wakeup_count', 0x169a82, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r3, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, 0x0, 0x0)
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c00000010001fff0000000001000000000000d7", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800a000100767863616e0000000400028008000a00", @ANYRES32=r4], 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x1, 0x803, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
r8 = socket(0x10, 0x803, 0x8)
sendmsg$IPVS_CMD_SET_INFO(r8, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r7, &(0x7f00000000c0)={0x0, 0x60, &(0x7f0000000300)={&(0x7f0000000900)=ANY=[@ANYBLOB="5c00000010001ffffcffffff0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800b0001006772657461700000240002800800070064010100060003001008000008001500700f0d0008000700ac1414bb08000a00", @ANYRES32=r9], 0x5c}}, 0x40)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newlink={0x4c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x300}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x8}]}}}, @IFLA_LINK={0x8, 0x5, r10}, @IFLA_MASTER={0x8, 0xa, r10}]}, 0x4c}}, 0x884)
sendfile(r1, r1, 0x0, 0x7)

1.655014203s ago: executing program 1 (id=527):
r0 = socket$netlink(0x10, 0x3, 0x4)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000100)=0x1800, 0x4)
r1 = getpid()
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r6 = socket$kcm(0x2, 0xa, 0x2)
prctl$PR_SET_MM(0x23, 0xa, &(0x7f0000ffb000/0x3000)=nil)
prlimit64(0x0, 0x2, &(0x7f0000000040)={0x8000000000009, 0xffffffffffffffff}, 0x0)
prctl$PR_SET_MM(0x23, 0xb, &(0x7f0000ffb000/0x4000)=nil)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
r7 = epoll_create(0xf)
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r5, &(0x7f0000000100)={0x10000010})
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000000)=@filter={'filter\x00', 0x4, 0x4, 0x400, 0xffffffff, 0x0, 0x1e0, 0x0, 0xfeffffff, 0xffffffff, 0x330, 0x330, 0x330, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x2f2, 0xa8, 0xf0}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00', 0x1, 0x35, {0x3}}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00', 0x1, 0x41, {0x6}}}}, {{@ipv6={@private0, @loopback, [0xff, 0x0, 0xff000000, 0xffffffff], [0x0, 0xff, 0xff000000, 0xffffff00], 'team0\x00', 'batadv_slave_0\x00', {0xff}, {}, 0xff, 0xe7, 0x4, 0x44}, 0x0, 0xf0, 0x150, 0x0, {}, [@common=@dst={{0x48}, {0x4, 0x9, 0x1, [0x3, 0x8575, 0x9, 0xfff, 0x8, 0x101, 0x1, 0x101, 0x8, 0x5, 0x800, 0xb9e, 0x6, 0x8, 0x7, 0x4], 0xf}}]}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv4=@private=0xa010100, [0xffffff00, 0x0, 0xffffffff, 0xffffff00], 0x4e24, 0x4e21, 0x4e21, 0x4e23, 0x8a, 0xffff, 0x5, 0x2, 0x3fd}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x460)
sendmsg$DEVLINK_CMD_RELOAD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r3, 0x1, 0x70bd27, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r1}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x30)
setsockopt$sock_int(r0, 0x1, 0x9, &(0x7f0000000040)=0x4, 0x4)

1.279933605s ago: executing program 2 (id=530):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x4)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000000c0)={0x38, 0x2, 0x6, 0x5, 0x0, 0x3000000, {0x0, 0x0, 0xfffd}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x38}}, 0x0)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/wakeup_count', 0x169a82, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r4, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r5, @ANYBLOB], 0x3c}}, 0x0)
sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c00000010001fff0000000001000000000000d7", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800a000100767863616e0000000400028008000a00", @ANYRES32=r5], 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x1, 0x803, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
r8 = socket(0x10, 0x803, 0x8)
sendmsg$IPVS_CMD_SET_INFO(r8, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r7, &(0x7f00000000c0)={0x0, 0x60, &(0x7f0000000300)={&(0x7f0000000900)=ANY=[@ANYBLOB="5c00000010001ffffcffffff0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800b0001006772657461700000240002800800070064010100060003001008000008001500700f0d0008000700ac1414bb08000a00", @ANYRES32=r9], 0x5c}}, 0x40)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendfile(r2, r2, 0x0, 0x7)
ioctl$KDFONTOP_SET(r0, 0x4b72, &(0x7f0000000400)={0x0, 0x0, 0x1c, 0x1f, 0x1a5, &(0x7f00000007c0)="1ae19337aa151f36ae49bb3f8cb95c5bf840d4f1e55efaaf098d47a70eb36a73090000000000001b0f4743f490c585108c1331c7749299a25a705f5096cb268cbc6070d60100be2507000000000000000007f3c7b61abe4162256004ea8ca5e5b5f379c6eb3257eda08f7e6959090000004d13184d382747e035b4722525e00ade86b4c6d1e157c75d15c1f961ebc0a64d7f2a73f8979fcecacaa64f9b9069ebcc1d5b471edbc4f6c7f1b98ae74e909aa6f25b7fa77bf9cd4ed36d5c53dc519d11c3cc1c22a3b86cf3c645413f4afbcea0c99ded703699d2bb6a4a663b99b6069da5aaf64785a5887c31261d4b9e57ee07000000def6f255ca26108f11f02047d47f2d0fec30f7e92482f71496e184214a4e0c5fdc48b0af0c0478940016d8f0990a0e1090fd515380aae83c5eaeed338701574b64200a16ef2811fadcf1e0f49a514df529061e09ce45e3da03a03fe9b4a6bcfa7d04594e4f6d0714a2e14ea127ab370db630cd4f4a2e6c985a542ff20a9b090000000000000088dd6c9d6a926dd23d32425849c5d9210007660a617f22133b6cb5087f4c6057942aa18193172bd995fa70a1f949b196f2e2a3c175858575713be5ee3f7f4dcecc98123f9ded3afdebe13d79a7f7fcb2469ae0ac503111401612df7ee995f74fb97a63bf62d61f78c042f959119ab50c1f706a930121ebcd53ccb93d158186ed360750ca8e728150d988844b9a5cff46591ccaff416e5a8c25f9555da5ca6fdf75b86ea6171b046b856168f403b5253a5cc393430a09a4489a0895571e597ac8846f945ffb372a88d3a25978b463dc961416c80c55773f917020751ed51cfd73c1e06fbadd156d56bedc117af95d242d6dccbe2ce34dccd6005e944afa92b22ec9a698469c6edc06caa2cfcd61912607d459b4c28ebea9745bcd4697d75c9601fd333d3cd797963a3c71b7cc5fdc756da8d97207936e5f53b53b732533c2722e03002293517966611602f297de6ff5408777b7a93c45cee3ee5c5601a4e94266b295ea7a86812a7ab8896ec5ea1b12643e1844b185734528399e62bceb8700cc6cd491e4a4430d0a3ba329a5a2fa170fd0b1cc4ba8294de988cd35df2cd7344aa8a9f3432b96fb889c02f484f635a0cc3466a3c2733d45f176931b2db18dba54991a9553cedb7f585786388d4042dbae1c95b769e3d4e036e8afea0a04c04f542b152ca1fd1f8efee60425c5a122fd1b90e98635284abd9f217d9e19cb2a64b354c9d79509cc47d7305114990148a7291cb0fe2d1c773a6664b66ae04aa62c534d072ae54c2ca0d5962cc58945d8924abfc4d5af922462507430d8f2c17479a6678b0b3700000000000000000000000000000000000000000000f800"})

1.254212417s ago: executing program 4 (id=531):
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000900)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00010000850000000d000000b7000000000000009500000000000000496cf2827fb43a431ca711fcc9cdfa146ec56175037958e271f60d25b7937f02c8695e5a1b2cdf41dc10d1e8bf076d83923dd29c034055b67dafe6c8dc3d5d78c07fa1f7e4d5b318e2ec0e0700897a74a0091ff110026e6d2ef831ab7ea0c34f17e3ad6ef3bb622003b538dfd8e012e79578e51bc53099e90fbdb2ca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e060e36fd8270ef0e789f93781965f1328d6704902cbe7bc0476619f28d99cd0aa7b73340cc2160a1fe3c184b751c51160fbce841f8a97be6148ba532e6ea09c346dfebd31a08b32808b80200000000009dd27080e71113610e10d859e8327ef03fb6c86adac12233f9a1fb9c2aec61ce63a3462fd50117b89a9ab759b4eeb8cb000067d42b4e54861d0227dbfd2ed8576a3f7f3deadd7130856f756436303767d2e24f29e5dad9796edb697a6ea0180aabc18cae2ed4b4390af9a9ceafd07ed0030000002cab154ad029a119ca3c972780870014605c83d7d11c3c975d5aec84222fff0d7216fdb0d3a0ec4bfae563112f4b391aafe2348754000000000000007642d3e5a815212f5e16c1b30c3a2a71bc85018e5ff2c910496f18afc9ffc2cc5a788bee1b47683db01a46939868d75211bbae0e7313bff5d4c391ddece00fc772dd6b4d4d0a917b239fe12280fc92c88c5b8dcdcc22ee1747790a8992533ac2a9f5a699593f084419cae0b4183fb01c73f99857399537f5dc2acb72c7eae993fc9eb22d130665b6341da114f08cd0509d380578673fffffff7f23877a6b24db0e067345560942fa629fbef2461c96a08707671215c302fae29187d4f5c06a960fd37c10223fdae7ed04935c3c90d3add8eebc8619d73415e6adcda2130f5011e42e50adab988dd8e12baf5cc9398c88607a08009c2977aab37d9a44cfc1c7b4000000000000fa47742f6c5b9c4b11e7d7262a1457c39495c826b956ba859adfe38f77b91bd7d5ca1664fe2f3ced8468911806e8916dc15e21644db60c2499d5d16d7d915836ab26c169482008ef069dc42749289f854797f2f900c2a12d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aae73835d5a3cda9e90d76c1993e0799d4894ee7f8249dc1e3428d2129369ee1b85afa1a5be5f6eb2eea0d0df414b315f65112412392191fa83ee830548f11e1038debd64cbe359454a3f2239cfe35f81b7aded448859968ff0e90500d0b07c0dd00490f167e6d5c1109681739dc33f75b20428d6474a0a91ee90b8de802c6b538622e6bbcb80f87b415263c401e64ed69a2f75409000000000000001d695c4559b82cabac3cccadc1e1c19af4e03020abf5ff0433d660f20898d2a045d009a0ffb20a77c9af2b80c05184a66d30bbea2ca45a4d6d6d1e6e79aef42355a500587b603306a5af8d867d80a07f10d82eafb03062e95196d5e3ff010000000000000be959096ea948cfa8e7194123e918914a71ad5a8521fb9553bc60f7d9719b55b3abb6bba3d113a680a8d46fe074c83fbe378a3889e8145b2eaceab05ef932c6e4f8ef0ed0d818a7b76d839cf3c63ebb4380b168c38fa32e49563cfee3a7f0fc18bfa32c418cef875fb49e2989177a30280bc586e79a5dd8076c248e7d6e97b3ce267dd4e27b6ef206660090bb2164474cef378f97ca33fc03000000000000001547053453d0c9aec91a24079b21d52fb5516bf0c28ef37aa76442f6083dc99cd61afaf6be45d7b00d3639f2f10ac2d5c759c3e5468f5874c24411d415b6b085fb73a2c7c3852e0e658ffeb4e863428a792bee94f6cd895424360e0464f9d7ea425f2fa6aac029d15af607ad83532ff181c985f54b39370c06e63055b4d6a36fa98a44e379d28307c9912fb097601f3f88a2ca6fd1f9320cfe7fc8e9f7f15f02e177ce23f43a154b42e26f037e8a013709003f509e6e540c9ba9c2a589ac5d8ad67a65e9a44c576dc24452eaa9d819e2b04bdd1c000000070000000000000000000000005333c6199c12dcd926891927a7267c47cf897853d160100b39b613faefe16bed1fc105dddd77ab929b837d54aa17eb9fbdc2bdc0e98ae2c3f23a6131e2879f04ff01000030b92dd493be66c2242f8184733b80ba28e8ffffff7f00000000bb2f89049c5f6d63d56995747639964217aacfe548bc869098aa0500e51dbc9e2d4db3c5f79fd355222ec2a00cf7f2ccd6dd6d2dc2a815d8314221a5472f1318a9dfbec5a759579caf3262129b14e99040b5d91398e17df85c25ccae973eecc7d187168d5c9cd848d566cc17587641ed01889c927da38d83314480b15e23138c5b877a72bd4cf74a299df4fbfc8e6ea96939f15d254d9033c5a45706bda78ab60200000000000000000000000000000000000000706f78f0a2ea9667fb5b951808545a46830970c2dfae01adbda7d29bf1f7abdaf52e0de6f9d7150808ed086642e64ebf98762b34338b80e41b704c3eefaf0bb5f7d895de17a10b0a0ea15ccc0d7a830b6eb33b6b61675511d693ef5e3c44bbf71cabc5175d879e7499f8baae2a1a09cf38da73297764fbc0e723e1cc3abb12e3076982ed32c94a2ce3e6f37c47e983da4ca5c96187db5a2a2e1742bc93a65d7187126126b3a80f17dd2f7dbbe82d104ede9ba6925afc2ee6cb94f56f1363cad635abf8f983292c49c0ebf5005154c7b58a3a2a2e5a00d2f953a86d2fd92b8661264f781e3fb02d05a28f3f17b64d0258853d45cb5ebde10cd3d82eeed2f1ed925b7cf400304932c5ed0a362b235ce37e1f17700f7d1fecf8be8a2c5d25a9c60657560d05441387ff158a018d19a286c56d0886eb59d509ee89cc2df52881d005b2e5c27563ba54e4153c132d0366a9"], 0x0}, 0x94)
set_mempolicy(0x6005, &(0x7f0000000080)=0xfffffffffffffffd, 0x4)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="2400000039000900f036d6760000000004000000040000000c000180060006008035"], 0x24}}, 0x10)
sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000900)=ANY=[@ANYBLOB="3c0100001900010029bd7000fbdbdf25fe880000000000000000000000000101fe8000000000000000000000000000bb000000008971b3920200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000004000000000000000000000000000000000000000000000000000000000000000200000000000000fdffffffffffffff000000000000000000000000000000000500000000000000000000000020000000000000000000000000000000000000010002020000000084000500ac1e0101000000000000000000000000000004d63c0000000200000000000000000000000000ffff000000000735000000031000090000000000000001000100ff010000000000000000000000000001000004d42b"], 0x13c}, 0x1, 0x0, 0x0, 0x20000004}, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f0000000240)={0x2, 0x0, @local}, 0x6f)
socket$netlink(0x10, 0x3, 0x4)
set_mempolicy(0x1, &(0x7f0000000000)=0x628, 0x8)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x0)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, 0x0, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000003c0)=ANY=[@ANYBLOB="e30000002100010004003de500000000fc02000000000000000000defb4dcc920e9d0000000001fe8000005342a800000003260000003a00c8550000000002080000a02e000000e758369eb3a06b2c1801e02a0551ae2aa7bce283d53a863e6659572c36b3c6b2718d19a7c73a2f4aebcec958cb36892bcc8d49b4a2956023671f0e746055c679940ff8d33ff922e91fba211dbd525acd530a", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000009c001100fc0000000000000000000000000000017f000001000000000000000000000000fc020000000000000000000000000001000000000000000000000000000000013c040000000000000a000a000a01010100000000000000000000000000000000000000000000000000000000ffffffff000000000000000000000000ac1414340000000000000000000000003c040000002e000008000200"], 0xec}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
pipe(&(0x7f0000000080)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$inet_tcp_buf(r6, 0x6, 0x1a, &(0x7f0000000140)=""/68, &(0x7f0000000040)=0x44)
write$binfmt_misc(r6, &(0x7f0000000000), 0xfffffecc)
splice(r5, 0x0, r7, 0x0, 0x4ffe3, 0x8)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x10, &(0x7f0000000600), 0x1, 0x587, &(0x7f00000045c0)="$eJzs3V1rHFUcB+D/mWzSl7QmFUFrEQMFW1CTJq0oIthivfPCl4JXgjFJS+m2DU0EWyttoX4D/QCCd96Il0WkqCDeeif4AUQs0ubGu8hsZtJtu5vmZdOpneeBbebMyXDOZPn1zJydmQ2gtkbyf7KI3RExmyKG2uoaUVSOLP3erZsXpxZuXpxKsbj43j8pUrGu/P1U/BwsNt4aEb/9mOLxvnvbnTt/4dRkszlzriiPzZ+eHZs7f+HFk6cnT8ycmDkzMf7y+EuHDk4cOtCT/dwZET+PHm1cPf7Gnm+nvt516ftvrqU4HDuK+vb96JWRGFn+m7TL/66v9LqxivQV+9P+FqdGhR1iTcr3rz8inoyh6Ivbb95QfP5OpZ0DNtViilgEairJP9RUeRyQn/+Wr2qPSIAH5caRpQmAW2lpbm9hOf+NpbnB2NqaG9i+kKJ9WidFRC9m5vI2Zp9LQ/krNmkeDujs8pWIeKrT+J9a2RxuzeLn+c/uyH8WEW8XP/P1766z/ZG7yvIPD85G8v9hW/4/Wmf78g8AAAAAAAC9c/1IRLzQ6fO/bPn6n+hw/c9gRBzuQfv3//wvu9SDZoAObhyJeC0iymv/FtryXxjuK0o7W9cD9KfjJ5szByLisYjYH/1b8vL4Cm2M7Pm1v2td2/V/+Stvv7wWsOjHX40td24zPTk/uZF9BpbcuBLxdKNT/tPy+J/uHP9/eaYY+2dX2cbi0dd/6lZ3//wDm2Xxq4h9Hcf/20+uSCs/n2OsdTwwVh4V3OvTD6591619+Yfq5OP/9pXzP5zan9czt/Y2Pvv7jw3kv/Px/0A61nrkzECx7pPJ+flz4xED6a1710+svc/wKCrzUOYlz//+vZ3P/7sc/7dsi4jLq2zz2A9vXu1WZ/yH6uT5n17T+L/2hb3vf/lvt/ZXN/4fao3p+4s15v9gZasNaNX9BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/oywidkTKRpeXs2x0NGIwIp6I7Vnz7Nz888fPfnxmOq9rff9/Vn7T79BSOZXf/z/cVp64q3wwInZFxBd921rl0amzzemqdx4AAAAAAAAAAAAAAAAAAAAeEoNd7v/P/dlXde+ATdeougNAZeQf6kv+ob7kH+pL/qG+5B/qS/6hvuQf6kv+ob7kHwAAAAAAHim7nr3+e4qIy69ua71yA0Vdf6U9Azbb4ao7AFTGI36gvlz6A/XlHB9I96nfuu4tAQAAAAAAAAAAAIBe2bfb/f9QV1nVHQAq0/3+f08GgEed+/+hvpzjA+7/BwAAAAAAAAAAAICH39z5C6cmm82Zc+td2LKxzS1YqM9CpB4k7gEtVP0/EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAUPovAAD//0C19y8=")

1.20355128s ago: executing program 0 (id=532):
r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = openat$selinux_policy(0xffffff9c, &(0x7f0000000040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r1, 0x0)
r2 = socket$packet(0x11, 0x2, 0x300)
setsockopt$sock_linger(r2, 0x1, 0x3d, &(0x7f0000000080)={0xb}, 0x8)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0)
write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0xffa8)

1.19407303s ago: executing program 2 (id=533):
r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = openat$selinux_policy(0xffffff9c, &(0x7f0000000040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r1, 0x0)
r2 = socket$packet(0x11, 0x2, 0x300)
setsockopt$sock_linger(r2, 0x1, 0x3d, &(0x7f0000000080)={0xb}, 0x8)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0)
write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0xffa8) (fail_nth: 1)

955.630164ms ago: executing program 3 (id=534):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = syz_io_uring_setup(0x3fb1, &(0x7f0000000300)={0x0, 0x9cae, 0x1000, 0x802, 0xd6}, &(0x7f0000000100), &(0x7f00000000c0))
io_uring_register$IORING_REGISTER_PBUF_RING(r1, 0x22, &(0x7f0000000380)={&(0x7f0000001000)}, 0x1)
bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc)
getresuid(&(0x7f0000000040)=<r2=>0x0, &(0x7f0000000100), &(0x7f0000000140))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = syz_io_uring_setup(0x599, &(0x7f0000000400)={0x0, 0xd146, 0x0, 0x1, 0x288}, &(0x7f0000000100)=<r5=>0x0, &(0x7f00000003c0)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000040)=0xfffffffd, 0x0, 0x4)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x5, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x5, 0x8, 0x20005, 0x7, 0x0, 0x0, 0x0, 0x20004006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x40, 0x0, r3, 0x0, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='0'], 0x30}})
io_uring_enter(r4, 0x3516, 0x0, 0x28, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000840)=@newsa={0x1d4, 0x16, 0x633, 0x0, 0x80000000, {{@in=@broadcast, @in=@loopback, 0xfffc, 0x0, 0x0, 0x0, 0xa}, {@in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x4d2, 0x32}, @in6=@loopback, {}, {0x9, 0xffffffffffffffff, 0x0, 0x5}, {0x4, 0x2}, 0x6, 0x2, 0x2, 0x4, 0x18, 0x19}, [@sa={0xe4, 0x6, {{@in=@loopback, @in6=@ipv4={'\x00', '\xff\xff', @broadcast}, 0x4e24, 0x20, 0x4e23, 0xa4c, 0x2, 0x80, 0xa0, 0x2, 0x0, r2}, {@in=@multicast2, 0x4d4, 0x8596f95369958b8b}, @in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, {0x4eea8493, 0xff, 0x80, 0x8000000000000000, 0x81, 0x1000000000000000, 0x2, 0x10000}, {0x0, 0xe82, 0x4, 0x1}, {0x8001, 0x7, 0x4}, 0x70bd26, 0x3, 0x2, 0x4, 0x4, 0x84}}]}, 0x1d4}}, 0x0)
syz_mount_image$iso9660(&(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0x812011, &(0x7f0000000740), 0x5, 0x558, &(0x7f0000000a40)="$eJzs3e9u09YbwPHH/fOjKj/YtE0IVQUOZZOKVILjQFDEK885SQ2OHdkOal+hiqaoIoWJMmntq/EGbdJ2EbzdRewSdidol8BkO2nTNn/W0iYV+34iOCf2sc9zXMuPnMS2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMZyyaeYN8Vy/saL6c8phUBswv7O+2weKAf2KGMk/mZmRq9mkq9/sz76S/Lcg89m7eZlJihnZvXjly4dfT010lh8Q0Ehs7+y+WGu1mq+Ps9Dk2cUzalXtu1Hg1uyqVm4UqFKxaN5drkSq4no6Wo1iXVNOqO04CNWic1vlS6WC0rnVoOFXy7anOxMf3LFMs6ge5eraDqPAv/soFznLrue5fjVtk8xO2jxIdsTHbqxibdeU2thsNQtKqYuDgkwa5YeNJGlkDWtkmZaVz1tWvni/dP+BaU4dmWAeIu0WH41sTzanxr/TYrxO8/ANfJKJdv4XT1zxpSEronq+HClLKIHU+sxv6+T/7+7qvT7+16Pf7vzfyfJX92fPSZr/r2fvrvfL/31iGd1rW3ZkV17ImrSkJU15PfaIRvuqihZfXIkkEFdqYqdTVHuKkpIUpSimPJVlqUgkSiriiidaIlmVSGLR6R7lSChabIklkFCULIojt0VJXkpSkoIo0ZKTVQmkIb5UpSx2upYN2Uy3e6FndHuyRvkBA5ENuZQ2sgY0Ok7+v5Bke/PoIuT//7pTPoIDJ/exk//7mx5dNAAAAAAA4CwY6afvRnqafy2tVVxPm+MOCwAAAAAAnKL0m//5pEi/5r8mBuf/AAAAAAB8boz0GjtDRGblRlbrXFPFhwAAAAAAAHwm0u//ryfFbFK7IQbn/wAAAAAAfG5+GXqP/ah+wfjzbwnDaeNtfeVbY8tO2tlbk9lyk4fXGFfmjMvtlaRFcar9ztHzRvvul3s3wfzQLjb6xfH/dKphGKcQgPwmN7M2N9ezcr0zJxvtbMX1dM4JvId5se3LE7FeiX98ufmTpMP/1a9dNmRjs9XMPXvVWk9jeZus5e1W+waKR+6jOCCWN+n9FtJrLnpu+en0QoysX+PnrF+ze/wT2eITx+jznSxkbRZms3L24Phnkj7zuX6jn82iyB8aec+7Rw6M4lbW5tbirazoEYXVN4qku81W0+qO4kTb4l9EURi2LQqdKKb3uz9OFAAwLhtDspBxNPGf4CjXN7t3ejmV7P5OFrM2i3PpgXVqrscR3Rx2RDc/Ma//MX34GUj9cmzS7++Hsur7ZIH3ffuNPMtINuHkm60f5Mr2zu6dza21583nzZeWVSia90zzviXT6TDaBbkHANDD8GfsDG1h3BtyVv3V3k8KcvJMXklL1mUpvdog/cVB91qrX7TXOtv1M4SlIWet+23zsjTkrG6/rXWMtoUR/CUAABidhd55+Fj5f2nIeffBXD747Lg7lwMAgLOhww8P29X603yplLfjZa3CwHmsQrdc1cr1Yx06y7Zf1aoeBnHgBF5SeeKWdaSiRr0ehLGqBKGqB5G7kj75XbUf/R7pmu3HrhPVPW1HWjmBH9tOrMpu5Kh643vPjZZ1mCzcecagY8du4KsoaISOzikVad3V0C1rP3YrblL1VT10a3a4qp4EXqOmVVlHTujW4yBd4V5frl8Jwpodu5ckN8btDADAebK9s/tirdVqvj7DyrjHCAAADiJLAwAAAAAAAAAAAAAAAAAAAABw/o3i+r/xV/7KniIg5yWec1y52N4xDs+aGXdgJ6pMiMg5COMMK8ZZrXmcRyUAo/BPAAAA//8+jkVh")
socket$nl_xfrm(0x10, 0x3, 0x6) (async)
syz_io_uring_setup(0x3fb1, &(0x7f0000000300)={0x0, 0x9cae, 0x1000, 0x802, 0xd6}, &(0x7f0000000100), &(0x7f00000000c0)) (async)
io_uring_register$IORING_REGISTER_PBUF_RING(r1, 0x22, &(0x7f0000000380)={&(0x7f0000001000)}, 0x1) (async)
bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc) (async)
getresuid(&(0x7f0000000040), &(0x7f0000000100), &(0x7f0000000140)) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)) (async)
syz_io_uring_setup(0x599, &(0x7f0000000400)={0x0, 0xd146, 0x0, 0x1, 0x288}, &(0x7f0000000100), &(0x7f00000003c0)) (async)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000040)=0xfffffffd, 0x0, 0x4) (async)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x5, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x5, 0x8, 0x20005, 0x7, 0x0, 0x0, 0x0, 0x20004006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) (async)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x40, 0x0, r3, 0x0, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='0'], 0x30}}) (async)
io_uring_enter(r4, 0x3516, 0x0, 0x28, 0x0, 0x0) (async)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000840)=@newsa={0x1d4, 0x16, 0x633, 0x0, 0x80000000, {{@in=@broadcast, @in=@loopback, 0xfffc, 0x0, 0x0, 0x0, 0xa}, {@in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x4d2, 0x32}, @in6=@loopback, {}, {0x9, 0xffffffffffffffff, 0x0, 0x5}, {0x4, 0x2}, 0x6, 0x2, 0x2, 0x4, 0x18, 0x19}, [@sa={0xe4, 0x6, {{@in=@loopback, @in6=@ipv4={'\x00', '\xff\xff', @broadcast}, 0x4e24, 0x20, 0x4e23, 0xa4c, 0x2, 0x80, 0xa0, 0x2, 0x0, r2}, {@in=@multicast2, 0x4d4, 0x8596f95369958b8b}, @in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, {0x4eea8493, 0xff, 0x80, 0x8000000000000000, 0x81, 0x1000000000000000, 0x2, 0x10000}, {0x0, 0xe82, 0x4, 0x1}, {0x8001, 0x7, 0x4}, 0x70bd26, 0x3, 0x2, 0x4, 0x4, 0x84}}]}, 0x1d4}}, 0x0) (async)
syz_mount_image$iso9660(&(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0x812011, &(0x7f0000000740), 0x5, 0x558, &(0x7f0000000a40)="$eJzs3e9u09YbwPHH/fOjKj/YtE0IVQUOZZOKVILjQFDEK885SQ2OHdkOal+hiqaoIoWJMmntq/EGbdJ2EbzdRewSdidol8BkO2nTNn/W0iYV+34iOCf2sc9zXMuPnMS2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMZyyaeYN8Vy/saL6c8phUBswv7O+2weKAf2KGMk/mZmRq9mkq9/sz76S/Lcg89m7eZlJihnZvXjly4dfT010lh8Q0Ehs7+y+WGu1mq+Ps9Dk2cUzalXtu1Hg1uyqVm4UqFKxaN5drkSq4no6Wo1iXVNOqO04CNWic1vlS6WC0rnVoOFXy7anOxMf3LFMs6ge5eraDqPAv/soFznLrue5fjVtk8xO2jxIdsTHbqxibdeU2thsNQtKqYuDgkwa5YeNJGlkDWtkmZaVz1tWvni/dP+BaU4dmWAeIu0WH41sTzanxr/TYrxO8/ANfJKJdv4XT1zxpSEronq+HClLKIHU+sxv6+T/7+7qvT7+16Pf7vzfyfJX92fPSZr/r2fvrvfL/31iGd1rW3ZkV17ImrSkJU15PfaIRvuqihZfXIkkEFdqYqdTVHuKkpIUpSimPJVlqUgkSiriiidaIlmVSGLR6R7lSChabIklkFCULIojt0VJXkpSkoIo0ZKTVQmkIb5UpSx2upYN2Uy3e6FndHuyRvkBA5ENuZQ2sgY0Ok7+v5Bke/PoIuT//7pTPoIDJ/exk//7mx5dNAAAAAAA4CwY6afvRnqafy2tVVxPm+MOCwAAAAAAnKL0m//5pEi/5r8mBuf/AAAAAAB8boz0GjtDRGblRlbrXFPFhwAAAAAAAHwm0u//ryfFbFK7IQbn/wAAAAAAfG5+GXqP/ah+wfjzbwnDaeNtfeVbY8tO2tlbk9lyk4fXGFfmjMvtlaRFcar9ztHzRvvul3s3wfzQLjb6xfH/dKphGKcQgPwmN7M2N9ezcr0zJxvtbMX1dM4JvId5se3LE7FeiX98ufmTpMP/1a9dNmRjs9XMPXvVWk9jeZus5e1W+waKR+6jOCCWN+n9FtJrLnpu+en0QoysX+PnrF+ze/wT2eITx+jznSxkbRZms3L24Phnkj7zuX6jn82iyB8aec+7Rw6M4lbW5tbirazoEYXVN4qku81W0+qO4kTb4l9EURi2LQqdKKb3uz9OFAAwLhtDspBxNPGf4CjXN7t3ejmV7P5OFrM2i3PpgXVqrscR3Rx2RDc/Ma//MX34GUj9cmzS7++Hsur7ZIH3ffuNPMtINuHkm60f5Mr2zu6dza21583nzZeWVSia90zzviXT6TDaBbkHANDD8GfsDG1h3BtyVv3V3k8KcvJMXklL1mUpvdog/cVB91qrX7TXOtv1M4SlIWet+23zsjTkrG6/rXWMtoUR/CUAABidhd55+Fj5f2nIeffBXD747Lg7lwMAgLOhww8P29X603yplLfjZa3CwHmsQrdc1cr1Yx06y7Zf1aoeBnHgBF5SeeKWdaSiRr0ehLGqBKGqB5G7kj75XbUf/R7pmu3HrhPVPW1HWjmBH9tOrMpu5Kh643vPjZZ1mCzcecagY8du4KsoaISOzikVad3V0C1rP3YrblL1VT10a3a4qp4EXqOmVVlHTujW4yBd4V5frl8Jwpodu5ckN8btDADAebK9s/tirdVqvj7DyrjHCAAADiJLAwAAAAAAAAAAAAAAAAAAAABw/o3i+r/xV/7KniIg5yWec1y52N4xDs+aGXdgJ6pMiMg5COMMK8ZZrXmcRyUAo/BPAAAA//8+jkVh") (async)

882.877678ms ago: executing program 3 (id=535):
r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = openat$selinux_policy(0xffffff9c, &(0x7f0000000140), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r1, 0x0)
r2 = socket$packet(0x11, 0x2, 0x300)
setsockopt$sock_linger(r2, 0x1, 0x3d, &(0x7f0000000080)={0xb}, 0x8)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0)
write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0xffa8)

411.237376ms ago: executing program 4 (id=536):
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000001, 0x4c032, 0xffffffffffffffff, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x2000000, 0x0, 0x0, 0x2)

307.258012ms ago: executing program 2 (id=537):
syz_open_dev$tty1(0xc, 0x4, 0x4)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000000c0)={0x1c, 0x2, 0x6, 0x5, 0x0, 0x3000000, {0x0, 0x0, 0xfffd}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x1c}}, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/wakeup_count', 0x169a82, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r3, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, 0x0, 0x0)
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c00000010001fff0000000001000000000000d7", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800a000100767863616e0000000400028008000a00", @ANYRES32=r4], 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x1, 0x803, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
r8 = socket(0x10, 0x803, 0x8)
sendmsg$IPVS_CMD_SET_INFO(r8, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r7, &(0x7f00000000c0)={0x0, 0x60, &(0x7f0000000300)={&(0x7f0000000900)=ANY=[@ANYBLOB="5c00000010001ffffcffffff0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800b0001006772657461700000240002800800070064010100060003001008000008001500700f0d0008000700ac1414bb08000a00", @ANYRES32=r9], 0x5c}}, 0x40)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newlink={0x4c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x300}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x8}]}}}, @IFLA_LINK={0x8, 0x5, r10}, @IFLA_MASTER={0x8, 0xa, r10}]}, 0x4c}}, 0x884)
sendfile(r1, r1, 0x0, 0x7)

286.398003ms ago: executing program 4 (id=538):
r0 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = openat$ppp(0xffffffffffffff9c, 0x0, 0x69ce01, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000480)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000440)={&(0x7f0000000600)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x40, 0x6, 0xa, 0x201, 0x0, 0x0, {0x0, 0x0, 0x9}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, @reject={{0xb}, @val={0x4}}}, {0x14, 0x1, 0x0, 0x1, @connlimit={{0xe}, @void}}]}]}, @NFT_MSG_NEWRULE={0x28, 0x6, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_RULE_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x4}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0x13c, 0x16, 0xa, 0x3, 0x0, 0x0, {0x3, 0x0, 0xa}, [@NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x2}, @NFTA_FLOWTABLE_HOOK={0x11c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x90, 0x3, 0x0, 0x1, [{0x14, 0x1, 'veth0_to_bond\x00'}, {0x14, 0x1, 'vxcan1\x00'}, {0x14, 0x1, 'veth0_to_bridge\x00'}, {0x14, 0x1, 'syz_tun\x00'}, {0x14, 0x1, 'batadv0\x00'}, {0x14, 0x1, 'bond_slave_0\x00'}, {0x14, 0x1, 'batadv_slave_1\x00'}]}, @NFTA_FLOWTABLE_HOOK_DEVS={0x68, 0x3, 0x0, 0x1, [{0x14, 0x1, 'vlan0\x00'}, {0x14, 0x1, 'batadv_slave_0\x00'}, {0x14, 0x1, 'veth1_to_batadv\x00'}, {0x14, 0x1, 'bridge_slave_0\x00'}, {0x14, 0x1, 'bridge_slave_1\x00'}]}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x4}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}]}]}, @NFT_MSG_DELTABLE={0x10c, 0x2, 0xa, 0x301, 0x0, 0x0, {0xa}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_TABLE_USERDATA={0xdd, 0x6, "83aa361e3291ca6575a945cf66b2216093ed83a1994d1324f6ade35a17ce1337b55a8a52c650a5475eeb3aeec1052e85b05ae4b1383744d9865a0a84754bfc654d975efd4d3e000e0cc1ffbf1f2ad5088cec7c8461b1e816d3e1458f4b3eb40760cac39b71ff68e9a5025165487134534f808812fe878a421ee4b74176a3bcbf9375b1bc2985745d28360be41ecfb75980d45b51c651458f302df76c26438beb9fcdfc86d814e47c680874a1eb0ded9500cc8576e1639dfe1296870dc6b9c81b1db8347fda640803f9bc2ffef84be7c099e79bc1d34e3558f7"}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x4}}}, 0x2d8}, 0x1, 0x0, 0x0, 0x80}, 0x0)
name_to_handle_at(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x600)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r2, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, 0x0)
r5 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x82280)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r5, 0x54a2)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
set_mempolicy(0x4005, &(0x7f0000000300)=0x6, 0x4)
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendmsg$rds(0xffffffffffffffff, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
socket$inet6_sctp(0xa, 0x1, 0x84)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x84, 0x1, 0x0, 0x0, 0x0, 0x7, 0x441e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x523, 0x1, @perf_config_ext={0x200, 0x7}, 0x0, 0x10004, 0x8, 0x1, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000a40), 0xffffffffffffffff)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000000fcdbdf25120000001800018014000200766574683000000000000000080000000800090000000000080007"], 0x3c}, 0x1, 0x0, 0x0, 0x2400c000}, 0x2004c0a0)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000002240)={'syzkaller0\x00', 0x7101})
r9 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r9, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r10, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000008380)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd25, 0x25dfdbfe, {0x0, 0x0, 0x0, r10, {0xb, 0x1}, {}, {0x8, 0x4}}, [@filter_kind_options=@f_bpf={{0x8}, {0x18, 0x2, [@TCA_BPF_FD={0x8}, @TCA_BPF_OPS={{0x6, 0x4, 0xfffffffffffffc85}, {0x4}}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x400c081}, 0x80)
r11 = socket$inet6(0xa, 0x2, 0x0)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r11, 0x29, 0x20, &(0x7f0000000080)={@private2={0xfc, 0x2, '\x00', 0x1}, 0x704, 0x0, 0x1, 0xe, 0x4, 0x5}, &(0x7f0000000100)=0x20)

282.174963ms ago: executing program 0 (id=539):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x80, 0x0, 0x7ffc1ffb}]})
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x2010846, &(0x7f0000000b00), 0x1, 0x570, &(0x7f0000000b40)="$eJzs3c9rHFUcAPDvbJL+1qZQiopIoAcrtZsm8UcFD/UoWizovS7JNJRsuiW7KU0s2B7sxYsUQcSCeNe7x+LNk39FQQtFStCDl8hsZtNNs5ukyaa77X4+MOG9nZl989037+XNvFk2gL41kv0pRLwcEd8kEYcjIsnXDUa+cmRlu6WH1yezJYnl5U//TurbZfnGezX2O5hnXoqI376KOFlYX251YXGmVC6nc3l+tDZ7ZbS6sHjq0mxpOp1OL49PTJx5e2L8vXff6Visb5z/9/tP7n545uvjS9/9cv/I7STOxqF8XXMcO3CjOTMSI/lnMhRnH9twrAOF9ZKk2wfAtgzk7Xwosj7gcAzkrR54/n0ZEctAn0q0f+hTjXFA49q+Q9fBz4wHH6xcAK2Pf3Dl3kjsq18bHVhK1lwZZde7wx0oPyvj17/u3M6W6Nx9CIBN3bgZEacHB9f3f0ne/23f6TW5FjeBG/efm+j/4Om5m41/3mw1/imsjn+ixfjnYIu2ux2bt//C/Q4U01Y2/nu/5fh3tb8aHshzL9THfEPJxUvlNOvbXoyIEzG0N8tvNJ9zZunecrt1zeO/bMnKb4wF8+O4P7h37T5TpVppJzE3e3Az4pWW499ktf6TFvWffR7nt1jGsfTOa+3WbR7/7lr+KeL1lvX/aEYr2Xh+crR+Pow2zor1/rl17I925Xc7/qz+D2wc/3DSPF9bffIyftz3X9pu3Zr4Y+vn/57ks3p6T/7atVKtNjcWsSf5eP3r44/2beQb22fxnzi+cf/X6vzfHxGfbzH+W0d/fnVL8W9W/7swyZrFP/VE9f/kiXsfffHD9uPP6v+teupE/kpz/9dutnKrB7jTzw8AAAAAAAB6SSEiDkVSKK6mC4ViceX5jqNxoFCuVGsnL1bmL09F/buywzFUaMx0H256HmIsfx62kR9/LD8REUci4tuB/fV8cbJSnup28AAAAAAAAAAAAAAAAAAAANAjDrb5/n/mz4FuHx2w6/zkN/SvTdt/J37pCehJ/v9D/9L+oX9p/9C/tH/oX9o/9C/tH/qX9g/9S/sHAAAAAAAAAAAAAAAAAAAAAAAAAACAjjp/7ly2LC89vD6Z5aeuLszPVK6emkqrM8XZ+cniZGXuSnG6Upkup79PVmY3e79ypXJlbDzmr43W0mpttLqweGG2Mn+5duHSbGk6vZAOPZWoAAAAAAAAAAAAAAAAAAAA4NlSXVicKZXL6dzOEoXozPtIdC2xLyK2s/tgLxx8lojoicN4XhLd7pkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4JH/AwAA//8oUzTa")
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000005c0)=ANY=[@ANYBLOB="3c0200001900010029bd7000fbdbdf25fe880000000000000000000000000001ff020000000000000000000000000001000000004e2100000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000004000000000000000000000000000000000000000000000000000000000000000200000000000000fdffffffffffffff000000000000000000000000000000000500000000000000000000000020000004000000040000000000000000000000010002020000000084010500fe880000000000000000000000000101000004d23c00000000000000ac1414aa0000000000000000000000000000000000020100ff7f0000070000005395214300000000000000000000000000000000000004d533000000020000007f00000100000000000000000000000000000000000122000500000001040000020000007f000001000000000000000000000000000004d23200000002000000fe88000000000000000000000000000101350000020101000400000008000000ffffff7ffe8000000000000000000000000000bb000004d2320000000200000000000000000000000000ffffe000000102354d7f00"], 0x23c}, 0x1, 0x0, 0x0, 0x20000004}, 0x0)
r1 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x800000, 0x3fff8001}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001100)={0x5, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000440)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
msgrcv(0x0, 0x0, 0x0, 0x0, 0x2000)
r3 = socket$igmp6(0xa, 0x3, 0x2)
sendmsg$inet6(r3, &(0x7f00000001c0)={&(0x7f0000000080)={0xa, 0x4e23, 0x2000000, @ipv4={'\x00', '\xff\xff', @loopback}, 0x1}, 0x1c, &(0x7f0000000180)=[{&(0x7f00000000c0)="bef349d119e4e2e736b81b7349ab2481f427cc", 0x13}, {&(0x7f0000000140)="8830434cc8db121f4a97fb04966d81ef21711707a700e9c314341c36a30c8edf66e6eaf18abc31b1654a84853d1c7d562df5ffe6748d", 0x36}, {&(0x7f0000000240)="e553a6780073c3bed8d46d8356b201def65d2f022aeb0585b7ce49592051e570ec675f1da1524d0ada0b2d20c75d5ce09855e5ab59609d04f36a7f7bc2584620c3257baa6f6d7a09038762360248efee90231415a3d84676fdcb48334ad9d258ac82a7c803aac1a8e21ed1286d9fc9c89a83b6c67e78423768d865a18a082c62a734b40d6d10c1aa2f021d35faf5", 0x8e}], 0x3}, 0x4000011)

279.342084ms ago: executing program 3 (id=540):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x80, 0x0, 0x7ffc1ffb}]})
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x800000, 0x3fff8001}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001100)={0x5, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000440)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
msgrcv(0x0, 0x0, 0x0, 0x0, 0x2000)

239.405686ms ago: executing program 0 (id=541):
inotify_init()
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$IPVS_CMD_SET_SERVICE(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x78, r1, 0x0, 0x70bd2c, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_DAEMON={0x2c, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @private=0xa010100}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_STATE={0x8}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e20}]}, @IPVS_CMD_ATTR_SERVICE={0x24, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@private2={0xfc, 0x2, '\x00', 0x1}}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x34, 0x44}}]}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e21}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x5b1e5a89}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x8000}, 0x4000000)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r2=>r0}, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00'})
sendmsg$IPVS_CMD_NEW_DAEMON(r2, &(0x7f0000000480)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000440)={&(0x7f0000000300)={0x138, r1, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_DAEMON={0x58, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @private0={0xfc, 0x0, '\x00', 0x1}}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @multicast1}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e20}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'veth0_vlan\x00'}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'veth1_to_batadv\x00'}, @IPVS_DAEMON_ATTR_STATE={0x8}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x5}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x6}, @IPVS_CMD_ATTR_DAEMON={0x54, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0xfffc}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x3}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'syz_tun\x00'}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e20}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0xbf}]}, @IPVS_CMD_ATTR_DAEMON={0x20, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x100}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0xffffffff}, @IPVS_CMD_ATTR_DAEMON={0x38, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0xc766a6725d938f5f}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x8}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x7}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'pimreg\x00'}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0xc6}]}]}, 0x138}, 0x1, 0x0, 0x0, 0x20000081}, 0x20008040)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_VERSION(r3, &(0x7f0000000580)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x40, 0x0, 0x1, 0x70bd27, 0x25dfdbfd, {}, [@NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @empty}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x3}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @loopback}]}, 0x40}, 0x1, 0x0, 0x0, 0x8020}, 0x4000000)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000600), r0)
sendmsg$DEVLINK_CMD_SB_POOL_SET(r0, &(0x7f00000007c0)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000780)={&(0x7f0000000640)={0x110, r4, 0x8, 0x70bd29, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x2}, {0x6, 0x11, 0x1}, {0x8, 0x13, 0x6}, {0x5, 0x14, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x7ff}, {0x6, 0x11, 0x800}, {0x8, 0x13, 0xea}, {0x5, 0x14, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x401}, {0x6, 0x11, 0x1}, {0x8, 0x13, 0x8}, {0x5, 0x14, 0x1}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x857}, {0x6, 0x11, 0x1}, {0x8, 0x13, 0x6396}, {0x5}}]}, 0x110}, 0x1, 0x0, 0x0, 0x20000000}, 0x400c090)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000840), r3)
ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000880)={'wpan4\x00', <r6=>0x0})
sendmsg$NL802154_CMD_SET_ACKREQ_DEFAULT(r3, &(0x7f0000000940)={&(0x7f0000000800)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000900)={&(0x7f00000008c0)={0x38, r5, 0xc08, 0x70bd29, 0x25dfdbff, {}, [@NL802154_ATTR_ACKREQ_DEFAULT={0x5, 0x1a, 0x1}, @NL802154_ATTR_ACKREQ_DEFAULT={0x5, 0x1a, 0x1}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r6}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x4000050)
sendmsg$DEVLINK_CMD_PORT_UNSPLIT(r2, &(0x7f0000000ac0)={&(0x7f0000000980)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000a80)={&(0x7f00000009c0)={0x88, r4, 0x0, 0x70bd2d, 0x25dfdbfe, {}, [{{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}}]}, 0x88}, 0x1, 0x0, 0x0, 0x8}, 0x200448d4)
r7 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000b40), r3)
sendmsg$NL802154_CMD_SET_SEC_PARAMS(r3, &(0x7f0000000c00)={&(0x7f0000000b00)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000b80)={0x24, r7, 0x400, 0x70bd2b, 0x25dfdbff, {}, [@NL802154_ATTR_SEC_OUT_LEVEL={0x8, 0x2a, 0x3}, @NL802154_ATTR_SEC_FRAME_COUNTER={0x8, 0x2c, 0x2}]}, 0x24}}, 0x8051)
r8 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000c80), r3)
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r3, &(0x7f0000000d40)={&(0x7f0000000c40)={0x10, 0x0, 0x0, 0x40002020}, 0xc, &(0x7f0000000d00)={&(0x7f0000000cc0)={0x3c, r8, 0x4, 0x70bd29, 0x25dfdbfb, {}, [@IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0x2}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xffff}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8, 0x2c, 0x9}, @IEEE802154_ATTR_PAN_ID={0x6}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xfffe}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80}, 0x4)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000dc0), r0)
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000e80)={&(0x7f0000000d80)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000e40)={&(0x7f0000000e00)={0x1c, r9, 0x8, 0x70bd26, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x9}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000f00), r3)
sendmsg$NLBL_CALIPSO_C_ADD(r10, &(0x7f0000000fc0)={&(0x7f0000000ec0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000f80)={&(0x7f0000000f40)={0x3c, r11, 0x2, 0x70bd2d, 0x25dfdbfd, {}, [@NLBL_CALIPSO_A_DOI={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x2}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}, @NLBL_CALIPSO_A_DOI={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000000}, 0x400d0)
syz_open_procfs$namespace(0x0, &(0x7f0000001000)='ns/mnt\x00')
r12 = syz_genetlink_get_family_id$mptcp(&(0x7f0000001080), r0)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r2, &(0x7f0000001140)={&(0x7f0000001040)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000001100)={&(0x7f00000010c0)={0x14, r12, 0x800, 0x70bd27, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x400c0}, 0x8000)
r13 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_JOIN_OCB(r13, &(0x7f0000001280)={&(0x7f0000001180)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000001240)={&(0x7f00000011c0)={0x64, r9, 0x531, 0x70bd26, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x2}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x4}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1450}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x25f}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1685}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x1}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x8c}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x24}]}, 0x64}, 0x1, 0x0, 0x0, 0x4000000}, 0x1)
r14 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_NEW(r14, &(0x7f0000001380)={&(0x7f00000012c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000001340)={&(0x7f0000001300)={0x20, 0x0, 0x7, 0x801, 0x0, 0x0, {0xb, 0x0, 0x5}, [@NFACCT_QUOTA={0xc, 0x6, 0x1, 0x0, 0x4}]}, 0x20}}, 0x40000)

239.016266ms ago: executing program 2 (id=542):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = dup(r1)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
write$tun(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="00006003000000240000bbbbbbbbbbbb81000d0008004500002000670000032f"], 0x36)

159.748691ms ago: executing program 0 (id=543):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x4)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000000c0)={0x38, 0x2, 0x6, 0x5, 0x0, 0x3000000, {0x0, 0x0, 0xfffd}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x38}}, 0x0)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/wakeup_count', 0x169a82, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r4, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r5, @ANYBLOB], 0x3c}}, 0x0)
sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c00000010001fff0000000001000000000000d7", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800a000100767863616e0000000400028008000a00", @ANYRES32=r5], 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x1, 0x803, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
r8 = socket(0x10, 0x803, 0x8)
sendmsg$IPVS_CMD_SET_INFO(r8, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r7, &(0x7f00000000c0)={0x0, 0x60, &(0x7f0000000300)={&(0x7f0000000900)=ANY=[@ANYBLOB="5c00000010001ffffcffffff0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800b0001006772657461700000240002800800070064010100060003001008000008001500700f0d0008000700ac1414bb08000a00", @ANYRES32=r9], 0x5c}}, 0x40)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendfile(r2, r2, 0x0, 0x7)
ioctl$KDFONTOP_SET(r0, 0x4b72, &(0x7f0000000400)={0x0, 0x0, 0x1c, 0x1f, 0x1a5, &(0x7f00000007c0)="1ae19337aa151f36ae49bb3f8cb95c5bf840d4f1e55efaaf098d47a70eb36a73090000000000001b0f4743f490c585108c1331c7749299a25a705f5096cb268cbc6070d60100be2507000000000000000007f3c7b61abe4162256004ea8ca5e5b5f379c6eb3257eda08f7e6959090000004d13184d382747e035b4722525e00ade86b4c6d1e157c75d15c1f961ebc0a64d7f2a73f8979fcecacaa64f9b9069ebcc1d5b471edbc4f6c7f1b98ae74e909aa6f25b7fa77bf9cd4ed36d5c53dc519d11c3cc1c22a3b86cf3c645413f4afbcea0c99ded703699d2bb6a4a663b99b6069da5aaf64785a5887c31261d4b9e57ee07000000def6f255ca26108f11f02047d47f2d0fec30f7e92482f71496e184214a4e0c5fdc48b0af0c0478940016d8f0990a0e1090fd515380aae83c5eaeed338701574b64200a16ef2811fadcf1e0f49a514df529061e09ce45e3da03a03fe9b4a6bcfa7d04594e4f6d0714a2e14ea127ab370db630cd4f4a2e6c985a542ff20a9b090000000000000088dd6c9d6a926dd23d32425849c5d9210007660a617f22133b6cb5087f4c6057942aa18193172bd995fa70a1f949b196f2e2a3c175858575713be5ee3f7f4dcecc98123f9ded3afdebe13d79a7f7fcb2469ae0ac503111401612df7ee995f74fb97a63bf62d61f78c042f959119ab50c1f706a930121ebcd53ccb93d158186ed360750ca8e728150d988844b9a5cff46591ccaff416e5a8c25f9555da5ca6fdf75b86ea6171b046b856168f403b5253a5cc393430a09a4489a0895571e597ac8846f945ffb372a88d3a25978b463dc961416c80c55773f917020751ed51cfd73c1e06fbadd156d56bedc117af95d242d6dccbe2ce34dccd6005e944afa92b22ec9a698469c6edc06caa2cfcd61912607d459b4c28ebea9745bcd4697d75c9601fd333d3cd797963a3c71b7cc5fdc756da8d97207936e5f53b53b732533c2722e03002293517966611602f297de6ff5408777b7a93c45cee3ee5c5601a4e94266b295ea7a86812a7ab8896ec5ea1b12643e1844b185734528399e62bceb8700cc6cd491e4a4430d0a3ba329a5a2fa170fd0b1cc4ba8294de988cd35df2cd7344aa8a9f3432b96fb889c02f484f635a0cc3466a3c2733d45f176931b2db18dba54991a9553cedb7f585786388d4042dbae1c95b769e3d4e036e8afea0a04c04f542b152ca1fd1f8efee60425c5a122fd1b90e98635284abd9f217d9e19cb2a64b354c9d79509cc47d7305114990148a7291cb0fe2d1c773a6664b66ae04aa62c534d072ae54c2ca0d5962cc58945d8924abfc4d5af922462507430d8f2c17479a6678b0b3700000000000000000000000000000000000000000000f800"})

159.462201ms ago: executing program 4 (id=544):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
syz_mount_image$msdos(&(0x7f0000000140), &(0x7f0000001080)='./bus\x00', 0x80, &(0x7f00000010c0)=ANY=[@ANYBLOB="666c7573682c6e6f646f74732c646973636172642c646d61736b3d30303030303030303030303030303030303030303030322c646d61736b3d30303030303030303030303030303030303030303137372c646f74732c6e6f646f74732c71756965742c646f74732c0023c3cb4d2e3cbf18508098fe0de2af38db67d42d1bc4ab714d52f019082433fc9ca2d7174b2c4ece31c9f4c7a4d53914e100"/167], 0x1, 0x140, &(0x7f0000000000)="$eJzs27Fq21AUBuDj2m3ddvFcOgi6dDJtn6CluFAqaEnwkEwJOFnsYIgXJZMfJS8YCJ683ZAo2Imxhwy2IPq+RT/8CO4dpMMV6OjT2XAwnpyO/8+i3WhE60dkMW9EJ15FM0rTAABeknlKcZNSSm+n8e4qUkpVrwgA2DbzHwDqx/wHgPox/wGgfvYPDv/+zPPeXpa1I66nRb/ol9ey//0n733N7nWWd82Kot9c9N/KPnvav473D/33tf2b+PK57O+6X//ylf5DDLa/fQAAAKiFbraw9nzf7W7qy/To+8DK+b0VH1s72wYA8AyTi8vh8Wh0ci4IgrAIVb+ZgG1bPvRVrwQAAAAAAAAAAAAAANhkF78TVb1HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWHUbAAD//0DvUik=")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x1c1840, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000e80)='./bus\x00', 0x1c1002, 0x0)
write(r3, &(0x7f0000000200)="000bda", 0x3)
sendfile(r3, r1, 0x0, 0x40001)
sendfile(r3, r2, 0x0, 0x7ffff000)
set_mempolicy(0x4005, &(0x7f0000000080)=0x7e, 0x9)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="09000000fd3f1400e27f000001"], 0x50)
bpf$MAP_DELETE_BATCH(0x1b, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x3, r4}, 0x38)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000080), 0xc)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x200081, 0x0)

131.132272ms ago: executing program 2 (id=545):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./file0\x00', 0x2010008, &(0x7f00000001c0), 0xff, 0x53b, &(0x7f0000000b80)="$eJzs3cFvHFcZAPBvNl7HSZzaBQ5QqaWiRUkF2Y1r2locSpEQnCohyj0Ye2NZWXste93GVgXrvwAJIUDiBBcuSPwBSCgSF44IKRKcQSoCIUhBggN0qtmdta31rL1pNt54/ftJk3nzZna+7yV5b2d2n2YDOLeej4g3IuKDNE1fioiZvL6UL9HqLNlx7z94dylbkkjTt/6RRJLXdc+V5Osr+cumIuIbX4v4dnI07tbO7p3Fer22mW9Xm2sb1a2d3Rura4srtZXa+vz83KsLry28snBzKO28GhGvf+UvP/zez7/6+q8//86fb/3t+neytKbz/Yfb8ZAmjtvZaXr54lTPCzY/YrAnUdaecnfj0mCv2XuM+QAA0F92jf+xiPhMRLwUM3Hh+MtZAAAA4AxKvzQd/0si0mKTfeoBAACAM6TUngOblCr5XIDpKJUqlc4c3k/E5VK9sdX83O3G9vpyZ67sbJRLt1frtZv5XOHZKCfZ9ly7fLD9cs/2fEQ8HRE/mLnU3q4sNerLo/7wAwAAAM6JKz33//+e6dz/AwAAAGNmdtQJAAAAAI+d+38AAAAYf+7/AQAAYKx9/c03syXt/v718ts723cab99Yrm3dqaxtL1WWGpsblZVGY6X9zL61k85XbzQ2vhDr23erzdpWs3p1Z/fWWmN7vXlrNaZOpUEAAADAEU9/+t4fk4hoffFSe8lMjjop4FRM7JeSfF3Q+//0VGf93iklBZyKCwMc897F4nrXCXC2TfRW9OnrwPgpjzoBYOSSE/b3nbzzu86qNOR8AACA4bv2qeLv/0++nm+55IczTieG86vn+/90ZlSJAKeu/f3/oBN5XCzAWCkPNAMQGGeP+v3/ydL0oRICAACGbrq9JKVK/vHedJRKlUrE1fbPApST26v12s2IeCoi/jBTvphtz7VfmZx4zwAAAAAAAAAAAAAAAAAAAAAAAAAAdKRpEikAAAAw1iJKf01+03mW/7WZF6d7Px+YTP7b/kngyYh45ydv/ejuYrO5OZfV/3O/vvnjvP7lUXyCAQAAAPTq3qe31/8ZdTYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjJv3H7y71F0GOPzSsOL+/csRMVsUfyI/YirKEXH5X8l+TSaJiAtDiN/ai4hPFsVPsrT2QxbFH8ZfQmsvaaVthfFjNqb6xr8yhPhwnt3Lxp83ivp/KZ5vr4v738ShEepR9B//upGn2uNcUf+/OmCMZ+7/sto3/l7EMxPF4183ftIn/gsDxv/WN3d3++1Lfxpxrfv+0x7xDkc4KFWbaxvVrZ3dG6triyu1ldr6/PzcqwuvLbyycLN6e7Vey/8sjPH9Z3/1wXHtv1z4/pfk2fRv/4sF5yt6T/r//bsPPt7daB2Nf/2Fgvi//Vl+xNH4pTzOZ/Nytv9at9zqlA977he/f+649i8ftL/8MP/+1/udtNeRjvLsoP91AIDHYGtn985ivV7bHNtCdpf+BKTxUQqT8USkMb6F72aF+8M6YZqmadanCnbdi4hBzpPEkFtaKs7noNB3BBj1yAQAAAzbwUX/qDMBAAAAAAAAAAAAAAAAAACA8+s0nrLWG/PgEcjJMB6hDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFB8GAAD//2cM13c=")
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x5, 0x0, 0x5}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x5, 0x0, 0x8000}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x4c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x5}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @log={{0x8}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_LOG_GROUP={0x6, 0x1, 0x1, 0x0, 0x77e9}, @NFTA_LOG_FLAGS={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xc0}}, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f00000003c0)=@filter={'filter\x00', 0xe, 0x0, 0x90, [0x0, 0x200000000300, 0x200000000330, 0x200000000360], 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff000000000000000000000809000000000000000000000400000000000000000000000000000000bf2d000000ffffffff000000000000000000000000000000000000000000000000000000000000000000000000000000006eb30000feffffff00aebb6b"]}, 0x108)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b405000000000000611050000000000073014a00000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x85}, 0x52)

20.960099ms ago: executing program 2 (id=546):
syz_open_dev$tty1(0xc, 0x4, 0x1)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="4c0000006c00010025bd7000ffdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="b064000002280000140003007665746830000000000000000000000818"], 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x20040004)
r1 = io_uring_setup(0x56ab, &(0x7f0000000040)={0x0, 0x36b, 0xc000, 0xc, 0x77})
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x3, 0x0, &(0x7f0000000240)='GPL\x00', 0x80000000, 0xfffffffffffffda2, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0xfffffffffffffcad, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0)
add_key$keyring(&(0x7f0000000200), &(0x7f0000000240)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffa)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'gretap0\x00'})
unshare(0x6a040000)
r2 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'ip6gretap0\x00', <r3=>0x0})
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
bind$netlink(r5, &(0x7f0000000380)={0x10, 0x0, 0x25dfdbfb, 0x400000}, 0xc)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r5, 0x10e, 0x1, &(0x7f0000000140)=0x5, 0x4)
sendmsg$nl_route_sched(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=@gettclass={0x24, 0x2a, 0x400, 0x70bd2d, 0xffffff, {0x0, 0x0, 0x0, r3, {0x7, 0x3}, {0xfff1, 0x3}, {0xfff1}}}, 0x24}}, 0x40004)
syz_genetlink_get_family_id$batadv(&(0x7f0000000240), r4)
socket$netlink(0x10, 0x3, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="300000001000010800"/20, @ANYRES32=0x0, @ANYBLOB="000900006440000008001b0000000000050010000467d3b6b81cf0"], 0x30}}, 0x0)

0s ago: executing program 0 (id=547):
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0xf, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000000007fd06640"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x42, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000500)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000380)={[{@grpquota}, {@nogrpid}, {@quota}, {@nobh}]}, 0x1, 0x511, &(0x7f0000000ac0)="$eJzs3c9vI2cZAOB3nDhxsmmTlh4AQbu0hQWt1km8bVT1AOWEEKqE6BGkbUi8URQ7jmKnNGEP2zNXJCpxgiN/AOeeuHNBcOOyHJD4EYE2SByMZjzOerN2Ntps7BA/jzSa+ebz+n2/tWa+zJt4JoCxdT0i7kfEVER8GBHz+f4kX+K9zpK+7uHhvbWjw3trSbTbH/wjyfrTfdHzb1LX8vcsRcQPvhPx4+TJuM39g63VWq26m7cXW/Wdxeb+wa3N+upGdaO6XamsLK8svXP77cpzG+tr9al868sPfn//Gz9N05rL9/SO41kknSH32x8RxeM4qcmI+N55gl0iE/l4pkadCM+kEBEvR8Tr2fE/HxPZpwkAXGXt9ny053vbAMBVV8hqYEmhnNcC5qJQKJc7NbxXYrZQazRbN+829rbXO7WyhSgW7m7Wqkt5rXAhiknaXs62H7UrnfZ0t307Il6KiJ9Pz2Tt8lqjtj7KH3wAYIxdOzH//3u6M/8DAFdcadQJAABDZ/4HgPFj/geA8WP+B4Dx05n/Z0adBgAwRKde/7sfEABcSer/ADBWvv/+++nSPsrvf73+0f7eVuOjW+vV5la5vrdWXmvs7pQ3Go2N7J499ae9X63R2Fl+K/Y+XvjmTrO12Nw/uFNv7G237mT39b5TLWav6nurbABgSF567bM/JemM/O5MtkTPsxyKI80MuGiFUScAjMzEqBMARsZf98D4Osc1vvIAXBF9HtH7mFK/Lwi12+32xaUEXLAbX1D/h3HVU//3V8AwZtT/YXyp/8P4areTsz7zP876QgDgclPjBwb8/v/lfP2b/JcDP1o/+YpPLzIrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuNy6z/8t588Cn4tCoVyOeCEiFqKY3N2sVZci4sWI+ON0cTptL484ZwDgvAp/TfLnf92Yf3Pusa5Xrx1vTkXET375wS8+Xm21dv8QMZX8c7q7v/Vpvr8y/OwBgNOl1/rdeTpb91zIPzy8t9ZdhpnT374dEaVO/KPDqTg6jj8Zk9m6FMWImP1Xkrc7kp7axXnc/yQiPt9v/EnMZTWQzpNPT8ZPY78w1PiFx+IXsr7OOv2/+NxzyAXGzWfp+ee9fsdfIa5n6/7Hfyk7Q51ffv5L32rtKDsHPorfPf9NDDj/XT9rjLd+993O1syTfZ9EfHEyohv7qOf8042fDIj/5hnj//lLr74+qK/9q4gb0T9+b6zFVn1nsbl/cGuzvrpR3ahuVyoryytL79x+u7KY1agXB88Gf3/35ouD+tLxzw6IX3rK+L96xvH/+r8f/vArp8T/+hv94hfilVPip3Pi184Yf3X2t6VBfWn89QHjf9rnf/OM8R/85eCJx4YDAKPT3D/YWq3Vqrv/7xtzxc6ALks+Ni5iI/2EL0EafTe+NaxYU9G/62dvdA6BE13t9jPFGnTGeB5VN+AyOD7oI+I/o04GAAAAAAAAAAAAAADoaxjfWBr1GAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALi6/hcAAP//leLMXA==")
fallocate(0xffffffffffffffff, 0x0, 0x1, 0x2000402)
r0 = open(&(0x7f0000000240)='./file1\x00', 0x16d102, 0x166)
sendfile(r0, r0, 0x0, 0x800000009)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r2 = openat$cgroup_devices(r1, &(0x7f0000000180)='devices.allow\x00', 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$team(&(0x7f0000000100), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000040)={'team0\x00', <r5=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01000000000001dcdf250100000008000100", @ANYRES32=r5], 0x5c}, 0x1, 0x400000000000000}, 0x40010)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'nr0\x00', <r6=>0x0})
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000200)={'ip_vti0\x00', &(0x7f0000000540)={'syztnl0\x00', <r7=>0x0, 0x10, 0x40, 0x8001, 0x8, {{0x29, 0x4, 0x0, 0x1, 0xa4, 0x65, 0x0, 0x6, 0x2f, 0x0, @multicast1, @loopback, {[@cipso={0x86, 0x4c, 0xffffffffffffffff, [{0x0, 0x10, "70cb22f0c55fbc5b14f534bc38c0"}, {0x7, 0x3, 'j'}, {0x5, 0xa, "d083cd7d42909b69"}, {0x2, 0xa, "ca7359e1fda79eb0"}, {0x5, 0x8, "aa8999d34f78"}, {0x0, 0xb, "72318bd723df22c343"}, {0x0, 0xa, "93583b77661ada26"}, {0x7, 0x2}]}, @ra={0x94, 0x4}, @ssrr={0x89, 0xb, 0xd7, [@dev={0xac, 0x14, 0x14, 0x1f}, @empty]}, @timestamp_addr={0x44, 0x34, 0x51, 0x1, 0x5, [{@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7}, {@rand_addr=0x64010102, 0x7}, {@dev={0xac, 0x14, 0x14, 0xf}, 0x6477984e}, {@loopback, 0x4}, {@rand_addr=0x64010100, 0x2}, {@multicast1, 0x7}]}, @end]}}}}})
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000300)={r0, 0x58, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r8=>0x0}}, 0x10)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000004c0)='./cgroup/syz0\x00', 0x200002, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000000480)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000400)={&(0x7f0000000640)={0x148, r4, 0x400, 0x70bd28, 0x25dfdbfc, {}, [{{0x8, 0x1, r6}, {0x12c, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r7}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x5}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x7}}, {0x8, 0x6, r8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x8}}}]}}]}, 0x148}, 0x1, 0x0, 0x0, 0x4c050}, 0x20040800)
write$cgroup_devices(r2, &(0x7f0000000140)=ANY=[@ANYBLOB='c 75:*\tm\n'], 0xa)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000440), 0x8264, 0x0)
getsockopt$inet_sctp_SCTP_RECVNXTINFO(r0, 0x84, 0x21, &(0x7f0000000080), &(0x7f00000000c0)=0x4)

kernel console output (not intermixed with test programs):

oop3): encrypted files will use data=ordered instead of data journaling mode
[   32.992211][ T3633] netlink: 'syz.2.45': attribute type 1 has an invalid length.
[   33.032970][ T3623] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.40: bg 0: block 384: padding at end of block bitmap is not set
[   33.069666][ T3641] loop0: detected capacity change from 0 to 164
[   33.076177][ T3623] EXT4-fs (loop3): Remounting filesystem read-only
[   33.090861][ T3623] EXT4-fs (loop3): 1 truncate cleaned up
[   33.114976][ T3623] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   33.202252][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   33.471148][ T3676] netlink: 'syz.3.61': attribute type 1 has an invalid length.
[   33.604397][ T3686] bond1: entered promiscuous mode
[   33.609505][ T3686] bond1: entered allmulticast mode
[   33.626761][ T3686] 8021q: adding VLAN 0 to HW filter on device bond1
[   33.673549][ T3692] loop0: detected capacity change from 0 to 128
[   33.680631][ T3692] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   33.693741][ T3692] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   33.752468][ T3699] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   33.780699][ T3701] capability: warning: `syz.3.69' uses 32-bit capabilities (legacy support in use)
[   33.857789][ T3706] loop0: detected capacity change from 0 to 512
[   33.872716][ T3706] vfat: Unknown parameter 'podir'
[   33.927553][ T3714] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[   33.991544][ T3721] FAULT_INJECTION: forcing a failure.
[   33.991544][ T3721] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[   34.004905][ T3721] CPU: 0 UID: 0 PID: 3721 Comm: syz.0.76 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   34.004937][ T3721] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   34.004949][ T3721] Call Trace:
[   34.004955][ T3721]  <TASK>
[   34.004977][ T3721]  __dump_stack+0x1d/0x30
[   34.005008][ T3721]  dump_stack_lvl+0x95/0xd0
[   34.005034][ T3721]  dump_stack+0x15/0x1b
[   34.005058][ T3721]  should_fail_ex+0x263/0x280
[   34.005148][ T3721]  should_fail_alloc_page+0xf2/0x100
[   34.005222][ T3721]  __alloc_frozen_pages_noprof+0x108/0x350
[   34.005262][ T3721]  alloc_pages_mpol+0xb3/0x260
[   34.005298][ T3721]  alloc_pages_noprof+0x8f/0x130
[   34.005333][ T3721]  get_free_pages_noprof+0xc/0x40
[   34.005390][ T3721]  vcs_read+0x43/0xa10
[   34.005419][ T3721]  ? avc_policy_seqno+0x15/0x30
[   34.005466][ T3721]  ? selinux_file_permission+0x1f2/0x690
[   34.005554][ T3721]  ? __pfx_vcs_read+0x10/0x10
[   34.005582][ T3721]  vfs_read+0x1ab/0x7f0
[   34.005605][ T3721]  ? __rcu_read_unlock+0x4e/0x70
[   34.005639][ T3721]  ? __fget_files+0x184/0x1c0
[   34.005694][ T3721]  ksys_read+0xdc/0x1a0
[   34.005798][ T3721]  __x64_sys_read+0x40/0x50
[   34.005820][ T3721]  x64_sys_call+0x2889/0x3000
[   34.005853][ T3721]  do_syscall_64+0xc0/0x2a0
[   34.005889][ T3721]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   34.005934][ T3721] RIP: 0033:0x7f5094baaeb9
[   34.005952][ T3721] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   34.006017][ T3721] RSP: 002b:00007f5093607028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   34.006044][ T3721] RAX: ffffffffffffffda RBX: 00007f5094e25fa0 RCX: 00007f5094baaeb9
[   34.006111][ T3721] RDX: 00000000000000d4 RSI: 0000200000000000 RDI: 0000000000000004
[   34.006128][ T3721] RBP: 00007f5093607090 R08: 0000000000000000 R09: 0000000000000000
[   34.006144][ T3721] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   34.006158][ T3721] R13: 00007f5094e26038 R14: 00007f5094e25fa0 R15: 00007ffe649df1b8
[   34.006178][ T3721]  </TASK>
[   34.047113][ T3726] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[   34.663212][ T3747] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   34.676137][ T3747] batman_adv: batadv0: Removing interface: batadv_slave_0
[   34.714624][ T3748] ip_vti0: entered promiscuous mode
[   35.004753][ T3763] loop2: detected capacity change from 0 to 1024
[   35.014869][ T3763] EXT4-fs: Ignoring removed nobh option
[   35.050453][ T3763] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   35.152155][ T3770] __nla_validate_parse: 10 callbacks suppressed
[   35.152174][ T3770] netlink: 28 bytes leftover after parsing attributes in process `syz.2.91'.
[   35.421411][   T29] kauditd_printk_skb: 207 callbacks suppressed
[   35.421427][   T29] audit: type=1400 audit(1769877391.788:355): avc:  denied  { name_connect } for  pid=3775 comm="syz.1.92" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1
[   35.480127][   T29] audit: type=1400 audit(1769877391.848:356): avc:  denied  { listen } for  pid=3775 comm="syz.1.92" lport=37377 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   35.480333][ T3777] FAULT_INJECTION: forcing a failure.
[   35.480333][ T3777] name failslab, interval 1, probability 0, space 0, times 0
[   35.513325][ T3777] CPU: 0 UID: 0 PID: 3777 Comm: syz.1.92 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   35.513346][ T3777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   35.513355][ T3777] Call Trace:
[   35.513360][ T3777]  <TASK>
[   35.513366][ T3777]  __dump_stack+0x1d/0x30
[   35.513421][ T3777]  dump_stack_lvl+0x95/0xd0
[   35.513436][ T3777]  dump_stack+0x15/0x1b
[   35.513450][ T3777]  should_fail_ex+0x263/0x280
[   35.513470][ T3777]  ? __pfx_sock_alloc_inode+0x10/0x10
[   35.513490][ T3777]  should_failslab+0x8c/0xb0
[   35.513587][ T3777]  kmem_cache_alloc_lru_noprof+0x6c/0x490
[   35.513711][ T3777]  ? sock_alloc_inode+0x34/0xa0
[   35.513729][ T3777]  ? __pfx_sock_alloc_inode+0x10/0x10
[   35.513745][ T3777]  sock_alloc_inode+0x34/0xa0
[   35.513772][ T3777]  alloc_inode+0x40/0x170
[   35.513787][ T3777]  do_accept+0xa0/0x390
[   35.513805][ T3777]  ? _raw_spin_lock+0x52/0xa0
[   35.513910][ T3777]  __sys_accept4+0xbe/0x170
[   35.513930][ T3777]  __x64_sys_accept4+0x51/0x60
[   35.513949][ T3777]  x64_sys_call+0x2b3e/0x3000
[   35.513973][ T3777]  do_syscall_64+0xc0/0x2a0
[   35.513993][ T3777]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   35.514008][ T3777] RIP: 0033:0x7f2212f7aeb9
[   35.514089][ T3777] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   35.514102][ T3777] RSP: 002b:00007f22119b6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000120
[   35.514117][ T3777] RAX: ffffffffffffffda RBX: 00007f22131f6090 RCX: 00007f2212f7aeb9
[   35.514127][ T3777] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[   35.514136][ T3777] RBP: 00007f22119b6090 R08: 0000000000000000 R09: 0000000000000000
[   35.514181][ T3777] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   35.514213][ T3777] R13: 00007f22131f6128 R14: 00007f22131f6090 R15: 00007ffef2ec0a78
[   35.514307][ T3777]  </TASK>
[   35.870531][   T29] audit: type=1400 audit(1769877392.238:357): avc:  denied  { write } for  pid=3778 comm="syz.0.93" name="virtual_nci" dev="devtmpfs" ino=132 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   36.292089][   T29] audit: type=1400 audit(1769877392.658:358): avc:  denied  { cpu } for  pid=3786 comm="syz.1.94" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[   36.319831][   T29] audit: type=1326 audit(1769877392.678:359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3786 comm="syz.1.94" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2212f7aeb9 code=0x7ffc0000
[   36.344211][   T29] audit: type=1326 audit(1769877392.678:360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3786 comm="syz.1.94" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2212f7aeb9 code=0x7ffc0000
[   36.367497][   T29] audit: type=1326 audit(1769877392.708:361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3786 comm="syz.1.94" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2212f7aeb9 code=0x7ffc0000
[   36.390824][   T29] audit: type=1326 audit(1769877392.708:362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3786 comm="syz.1.94" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2212f7aeb9 code=0x7ffc0000
[   36.469485][   T29] audit: type=1326 audit(1769877392.708:363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3786 comm="syz.1.94" exe="/root/syz-executor" sig=0 arch=c000003e syscall=149 compat=0 ip=0x7f2212f7aeb9 code=0x7ffc0000
[   36.492941][   T29] audit: type=1326 audit(1769877392.778:364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3786 comm="syz.1.94" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2212f7aeb9 code=0x7ffc0000
[   37.023377][ T3807] netlink: 12 bytes leftover after parsing attributes in process `syz.1.100'.
[   37.129796][ T3807] loop1: detected capacity change from 0 to 512
[   37.160019][ T3807] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   37.178631][ T3807] EXT4-fs (loop1): 1 truncate cleaned up
[   37.192070][ T3807] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   37.227508][ T3309] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   37.384571][ T3817] loop4: detected capacity change from 0 to 512
[   37.393959][ T3817] EXT4-fs: Ignoring removed orlov option
[   37.399741][ T3817] EXT4-fs: Ignoring removed nomblk_io_submit option
[   37.407738][ T3817] ext4: Unknown parameter 'pcr'
[   37.427509][ T3817] netlink: 32 bytes leftover after parsing attributes in process `syz.4.104'.
[   37.446399][ T3819] netlink: 32 bytes leftover after parsing attributes in process `syz.1.105'.
[   37.524535][ T3823] bond1: option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0)
[   37.535751][ T3823] bond1 (unregistering): Released all slaves
[   37.661364][ T3830] syz.1.110: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0
[   37.675917][ T3830] CPU: 1 UID: 0 PID: 3830 Comm: syz.1.110 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   37.675946][ T3830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   37.675980][ T3830] Call Trace:
[   37.675985][ T3830]  <TASK>
[   37.675991][ T3830]  __dump_stack+0x1d/0x30
[   37.676010][ T3830]  dump_stack_lvl+0x95/0xd0
[   37.676088][ T3830]  dump_stack+0x15/0x1b
[   37.676102][ T3830]  warn_alloc+0x145/0x1c0
[   37.676161][ T3830]  __vmalloc_node_range_noprof+0xa0/0x12b0
[   37.676180][ T3830]  ? __futex_wait+0x1fd/0x260
[   37.676205][ T3830]  ? __pfx_futex_wake_mark+0x10/0x10
[   37.676235][ T3830]  ? __rcu_read_unlock+0x4e/0x70
[   37.676255][ T3830]  ? avc_has_perm_noaudit+0xab/0x130
[   37.676309][ T3830]  ? should_fail_ex+0x30/0x280
[   37.676329][ T3830]  ? should_failslab+0x8c/0xb0
[   37.676345][ T3830]  vmalloc_user_noprof+0x7d/0xb0
[   37.676403][ T3830]  ? xskq_create+0x80/0xe0
[   37.676423][ T3830]  xskq_create+0x80/0xe0
[   37.676472][ T3830]  xsk_init_queue+0x91/0xe0
[   37.676492][ T3830]  xsk_setsockopt+0x477/0x640
[   37.676518][ T3830]  ? __pfx_xsk_setsockopt+0x10/0x10
[   37.676597][ T3830]  __sys_setsockopt+0x184/0x200
[   37.676620][ T3830]  __x64_sys_setsockopt+0x64/0x80
[   37.676642][ T3830]  x64_sys_call+0x21d5/0x3000
[   37.676738][ T3830]  do_syscall_64+0xc0/0x2a0
[   37.676796][ T3830]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   37.676812][ T3830] RIP: 0033:0x7f2212f7aeb9
[   37.676825][ T3830] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   37.676914][ T3830] RSP: 002b:00007f22119d7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   37.676930][ T3830] RAX: ffffffffffffffda RBX: 00007f22131f5fa0 RCX: 00007f2212f7aeb9
[   37.676948][ T3830] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000010
[   37.677006][ T3830] RBP: 00007f2212fe8c1f R08: 0000000000000004 R09: 0000000000000000
[   37.677015][ T3830] R10: 0000200000000900 R11: 0000000000000246 R12: 0000000000000000
[   37.677024][ T3830] R13: 00007f22131f6038 R14: 00007f22131f5fa0 R15: 00007ffef2ec0a78
[   37.677037][ T3830]  </TASK>
[   37.677042][ T3830] Mem-Info:
[   37.689160][    C0] vxcan0: j1939_tp_rxtimer: 0xffff88811a9fa200: rx timeout, send abort
[   37.697246][ T3830] active_anon:13487 inactive_anon:0 isolated_anon:0
[   37.697246][ T3830]  active_file:18554 inactive_file:2316 isolated_file:0
[   37.697246][ T3830]  unevictable:2048 dirty:275 writeback:0
[   37.697246][ T3830]  slab_reclaimable:3164 slab_unreclaimable:14538
[   37.697246][ T3830]  mapped:32229 shmem:7270 pagetables:1126
[   37.697246][ T3830]  sec_pagetables:0 bounce:0
[   37.697246][ T3830]  kernel_misc_reclaimable:0
[   37.697246][ T3830]  free:1865624 free_pcp:22831 free_cma:0
[   37.943985][ T3830] Node 0 active_anon:45712kB inactive_anon:0kB active_file:74216kB inactive_file:9264kB unevictable:72kB isolated(anon):0kB isolated(file):0kB mapped:117432kB dirty:1100kB writeback:0kB shmem:17712kB kernel_stack:3488kB pagetables:4504kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[   37.971714][ T3830] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   38.001602][ T3830] lowmem_reserve[]: 0 2879 7858 7858
[   38.007076][ T3830] Node 0 DMA32 free:2943712kB boost:0kB min:4128kB low:7056kB high:9984kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:3129332kB managed:2948380kB mlocked:0kB bounce:0kB free_pcp:4668kB local_pcp:3528kB free_cma:0kB
[   38.038952][ T3830] lowmem_reserve[]: 0 0 4978 4978
[   38.044193][ T3830] Node 0 Normal free:4509440kB boost:0kB min:7188kB low:12284kB high:17380kB reserved_highatomic:0KB free_highatomic:0KB active_anon:45712kB inactive_anon:0kB active_file:74216kB inactive_file:9264kB unevictable:72kB writepending:1100kB zspages:0kB present:5242880kB managed:5098240kB mlocked:72kB bounce:0kB free_pcp:95088kB local_pcp:67080kB free_cma:0kB
[   38.077622][ T3830] lowmem_reserve[]: 0 0 0 0
[   38.082176][ T3830] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[   38.095044][ T3830] Node 0 DMA32: 2*4kB (M) 1*8kB (M) 3*16kB (M) 1*32kB (M) 2*64kB (M) 4*128kB (M) 4*256kB (M) 2*512kB (M) 4*1024kB (M) 2*2048kB (M) 716*4096kB (M) = 2943712kB
[   38.111175][ T3830] Node 0 Normal: 16*4kB (UME) 17*8kB (UM) 13*16kB (UME) 95*32kB (UME) 111*64kB (UME) 120*128kB (UME) 102*256kB (UME) 34*512kB (UME) 34*1024kB (UME) 17*2048kB (UM) 1067*4096kB (UM) = 4509496kB
[   38.130422][ T3830] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[   38.139814][ T3830] 25293 total pagecache pages
[   38.144646][ T3830] 0 pages in swap cache
[   38.148806][ T3830] Free swap  = 124996kB
[   38.153038][ T3830] Total swap = 124996kB
[   38.157285][ T3830] 2097051 pages RAM
[   38.161109][ T3830] 0 pages HighMem/MovableOnly
[   38.165832][ T3830] 81556 pages reserved
[   38.170925][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.189210][    C0] vxcan0: j1939_tp_rxtimer: 0xffff88811a9fbe00: rx timeout, send abort
[   38.200518][    C0] vxcan0: j1939_tp_rxtimer: 0xffff88811a9fa200: abort rx timeout. Force session deactivation
[   38.228241][ T3835] loop3: detected capacity change from 0 to 512
[   38.265536][ T3843] loop1: detected capacity change from 0 to 128
[   38.304953][ T3835] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.113: bg 0: block 393: padding at end of block bitmap is not set
[   38.347131][ T3835] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6689: Corrupt filesystem
[   38.371269][ T3835] EXT4-fs (loop3): 2 truncates cleaned up
[   38.377668][ T3835] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   38.392418][ T3852] netlink: 4 bytes leftover after parsing attributes in process `syz.4.120'.
[   38.434757][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.503670][ T3862] mmap: syz.2.119 (3862) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   38.533110][ T3850] netlink: 4 bytes leftover after parsing attributes in process `syz.2.119'.
[   38.595104][ T3864] SELinux: failed to load policy
[   38.620370][ T3871] netlink: 8 bytes leftover after parsing attributes in process `syz.1.128'.
[   38.629245][ T3871] netlink: 4 bytes leftover after parsing attributes in process `syz.1.128'.
[   38.632602][ T3873] loop3: detected capacity change from 0 to 128
[   38.638718][ T3871] netlink: 8 bytes leftover after parsing attributes in process `syz.1.128'.
[   38.653363][ T3871] netlink: 4 bytes leftover after parsing attributes in process `syz.1.128'.
[   38.658696][ T3873] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   38.675327][ T3873] ext4 filesystem being mounted at /27/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   38.707267][    C0] vxcan0: j1939_tp_rxtimer: 0xffff88811a9fbe00: abort rx timeout. Force session deactivation
[   38.737012][ T3310] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   38.742093][ T3878] loop1: detected capacity change from 0 to 512
[   38.767709][ T3878] EXT4-fs (loop1): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   38.770188][ T3880] bridge1: entered promiscuous mode
[   38.786004][ T3881] loop3: detected capacity change from 0 to 512
[   38.808798][ T3878] EXT4-fs (loop1): unmounting filesystem 00000005-0000-0000-0000-000000000000.
[   38.890652][ T3886] loop0: detected capacity change from 0 to 8192
[   38.984956][ T3895] validate_nla: 1 callbacks suppressed
[   38.984973][ T3895] netlink: 'syz.0.135': attribute type 1 has an invalid length.
[   39.036232][ T3906] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4)
[   39.043059][ T3906] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   39.050676][ T3906] vhci_hcd vhci_hcd.0: Device attached
[   39.160841][ T3914] loop2: detected capacity change from 0 to 1024
[   39.169283][ T3914] EXT4-fs: Ignoring removed orlov option
[   39.202877][ T3914] EXT4-fs error (device loop2): ext4_ext_check_inode:523: inode #4: comm syz.2.136: pblk 98 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[   39.233645][ T3914] EXT4-fs error (device loop2): ext4_quota_enable:7180: comm syz.2.136: Bad quota inode: 4, type: 1
[   39.244824][ T3914] EXT4-fs warning (device loop2): ext4_enable_quotas:7221: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   39.260314][ T3914] EXT4-fs (loop2): mount failed
[   39.334038][   T10] usb 3-1: new low-speed USB device number 2 using vhci_hcd
[   39.512300][ T3898] Set syz1 is full, maxelem 65536 reached
[   39.635213][ T3933] loop4: detected capacity change from 0 to 512
[   39.711094][ T3907] vhci_hcd: connection reset by peer
[   39.735409][ T1645] vhci_hcd vhci_hcd.1: stop threads
[   39.740716][ T1645] vhci_hcd vhci_hcd.1: release socket
[   39.746226][ T1645] vhci_hcd vhci_hcd.1: disconnect device
[   39.783131][ T3945] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   39.790598][ T3945] batman_adv: batadv0: Removing interface: batadv_slave_0
[   39.814091][ T3943] EXT4-fs: dax option not supported
[   39.822055][ T3945] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   39.829509][ T3945] batman_adv: batadv0: Removing interface: batadv_slave_1
[   39.845005][ T3943] netlink: 'syz.1.149': attribute type 10 has an invalid length.
[   39.893197][ T3958] netlink: 'syz.2.152': attribute type 1 has an invalid length.
[   39.923849][ T3943] 8021q: adding VLAN 0 to HW filter on device team0
[   39.932934][ T3943] bond0: (slave team0): Enslaving as an active interface with an up link
[   40.047237][ T3968] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e842c028, mo2=0002]
[   40.055866][ T3968] System zones: 1-12
[   40.061931][ T3968] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.155: bg 0: block 288: padding at end of block bitmap is not set
[   40.078459][ T3968] EXT4-fs (loop4): Remounting filesystem read-only
[   40.097589][ T3968] EXT4-fs (loop4): 1 truncate cleaned up
[   40.106479][ T3968] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   40.107750][ T3971] syz.1.156 uses obsolete (PF_INET,SOCK_PACKET)
[   40.157207][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.177705][ T3979] __nla_validate_parse: 4 callbacks suppressed
[   40.177724][ T3979] netlink: 16 bytes leftover after parsing attributes in process `syz.2.160'.
[   40.214974][ T3980] EXT4-fs: Ignoring removed oldalloc option
[   40.246376][ T3980] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   40.268466][ T3980] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   40.278629][ T3986] delete_channel: no stack
[   40.282412][ T3980] EXT4-fs error (device loop3): ext4_orphan_get:1417: comm syz.3.158: bad orphan inode 11
[   40.294178][ T3980] ext4_test_bit(bit=10, block=4) = 1
[   40.299498][ T3980] is_bad_inode(inode)=0
[   40.303757][ T3980] NEXT_ORPHAN(inode)=3254779904
[   40.308640][ T3980] max_ino=32
[   40.311971][ T3980] i_nlink=0
[   40.319801][ T3980] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #3: block 2: comm syz.3.158: lblock 2 mapped to illegal pblock 2 (length 1)
[   40.340105][ T3980] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #3: block 48: comm syz.3.158: lblock 0 mapped to illegal pblock 48 (length 1)
[   40.360038][ T3980] EXT4-fs error (device loop3): ext4_acquire_dquot:6986: comm syz.3.158: Failed to acquire dquot type 0
[   40.371470][ T3980] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6298: Corrupt filesystem
[   40.381373][ T3980] EXT4-fs error (device loop3): ext4_evict_inode:253: inode #11: comm syz.3.158: mark_inode_dirty error
[   40.394711][ T3980] EXT4-fs warning (device loop3): ext4_evict_inode:256: couldn't mark inode dirty (err -117)
[   40.406183][ T3980] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   40.419849][ T3980] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #2: block 16: comm syz.3.158: lblock 0 mapped to illegal pblock 16 (length 1)
[   40.454140][   T29] kauditd_printk_skb: 186 callbacks suppressed
[   40.454158][   T29] audit: type=1400 audit(1769877396.818:547): avc:  denied  { setattr } for  pid=3976 comm="syz.3.158" name="/" dev="loop3" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   40.501263][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.511099][ T3310] EXT4-fs error (device loop3): __ext4_get_inode_loc:4830: comm syz-executor: Invalid inode table block 1 in block_group 0
[   40.524589][ T3310] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6298: Corrupt filesystem
[   40.524694][ T3310] EXT4-fs error (device loop3): ext4_quota_off:7270: inode #3: comm syz-executor: mark_inode_dirty error
[   40.625718][   T29] audit: type=1400 audit(1769877396.978:548): avc:  denied  { append } for  pid=4000 comm="syz.1.167" name="001" dev="devtmpfs" ino=165 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   40.690106][   T29] audit: type=1400 audit(1769877397.058:549): avc:  denied  { setopt } for  pid=4000 comm="syz.1.167" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[   40.743812][   T29] audit: type=1400 audit(1769877397.058:550): avc:  denied  { read } for  pid=4005 comm="syz.3.169" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   40.764192][   T29] audit: type=1400 audit(1769877397.128:551): avc:  denied  { bind } for  pid=4005 comm="syz.3.169" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   40.784497][   T29] audit: type=1400 audit(1769877397.128:552): avc:  denied  { listen } for  pid=4005 comm="syz.3.169" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   40.804049][   T29] audit: type=1400 audit(1769877397.128:553): avc:  denied  { connect } for  pid=4005 comm="syz.3.169" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   40.811420][ T4012] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   40.823601][   T29] audit: type=1400 audit(1769877397.128:554): avc:  denied  { write } for  pid=4005 comm="syz.3.169" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   40.823654][   T29] audit: type=1400 audit(1769877397.128:555): avc:  denied  { accept } for  pid=4005 comm="syz.3.169" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   40.836700][ T4012] ext4 filesystem being mounted at /50/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   40.855056][   T29] audit: type=1400 audit(1769877397.128:556): avc:  denied  { read } for  pid=4005 comm="syz.3.169" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   40.919753][ T3309] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   40.941927][ T4016] FAULT_INJECTION: forcing a failure.
[   40.941927][ T4016] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   40.955111][ T4016] CPU: 0 UID: 0 PID: 4016 Comm: syz.1.172 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   40.955143][ T4016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   40.955211][ T4016] Call Trace:
[   40.955220][ T4016]  <TASK>
[   40.955230][ T4016]  __dump_stack+0x1d/0x30
[   40.955258][ T4016]  dump_stack_lvl+0x95/0xd0
[   40.955275][ T4016]  dump_stack+0x15/0x1b
[   40.955307][ T4016]  should_fail_ex+0x263/0x280
[   40.955328][ T4016]  should_fail+0xb/0x20
[   40.955410][ T4016]  should_fail_usercopy+0x1a/0x20
[   40.955432][ T4016]  _copy_from_iter+0xcf/0xea0
[   40.955445][ T4016]  ? __alloc_skb+0x397/0x4b0
[   40.955495][ T4016]  ? __alloc_skb+0x219/0x4b0
[   40.955515][ T4016]  netlink_sendmsg+0x4ae/0x6f0
[   40.955531][ T4016]  ? __pfx_netlink_sendmsg+0x10/0x10
[   40.955544][ T4016]  ____sys_sendmsg+0x5af/0x600
[   40.955588][ T4016]  ___sys_sendmsg+0x195/0x1e0
[   40.955667][ T4016]  __x64_sys_sendmsg+0xd4/0x160
[   40.955683][ T4016]  x64_sys_call+0x17ba/0x3000
[   40.955700][ T4016]  do_syscall_64+0xc0/0x2a0
[   40.955721][ T4016]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   40.955745][ T4016] RIP: 0033:0x7f2212f7aeb9
[   40.955757][ T4016] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   40.955824][ T4016] RSP: 002b:00007f22119d7028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   40.955840][ T4016] RAX: ffffffffffffffda RBX: 00007f22131f5fa0 RCX: 00007f2212f7aeb9
[   40.955850][ T4016] RDX: 0000000000000000 RSI: 0000200000000540 RDI: 0000000000000005
[   40.955859][ T4016] RBP: 00007f22119d7090 R08: 0000000000000000 R09: 0000000000000000
[   40.955868][ T4016] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   40.955876][ T4016] R13: 00007f22131f6038 R14: 00007f22131f5fa0 R15: 00007ffef2ec0a78
[   40.955901][ T4016]  </TASK>
[   41.170401][ T4018] netlink: 'syz.2.173': attribute type 1 has an invalid length.
[   41.209807][ T4026] netlink: 8 bytes leftover after parsing attributes in process `syz.4.176'.
[   41.225206][ T4027] netlink: 76 bytes leftover after parsing attributes in process `syz.1.175'.
[   41.399497][ T4044] netlink: 'syz.2.183': attribute type 1 has an invalid length.
[   41.426479][ T4044] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[   41.438256][ T4044] bond1: (slave vxcan3): Error -95 calling set_mac_address
[   41.488536][ T4050] bond1: (slave gretap1): making interface the new active one
[   41.497877][ T4050] bond1: (slave gretap1): Enslaving as an active interface with an up link
[   41.537217][ T4044] macvlan2: entered promiscuous mode
[   41.542573][ T4044] macvlan2: entered allmulticast mode
[   41.605745][ T4044] bond1: entered promiscuous mode
[   41.610941][ T4044] gretap1: entered promiscuous mode
[   41.632836][ T4054] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   41.641026][ T4044] 8021q: adding VLAN 0 to HW filter on device macvlan2
[   41.676842][ T4044] bond1: (slave macvlan2): the slave hw address is in use by the bond; giving it the hw address of gretap1
[   41.707662][ T4044] bond1: left promiscuous mode
[   41.712648][ T4044] gretap1: left promiscuous mode
[   41.791947][ T4068] netlink: 'syz.0.189': attribute type 1 has an invalid length.
[   41.801149][ T4044] syz.2.183 (4044) used greatest stack depth: 9312 bytes left
[   41.821351][ T4067] bond1: entered promiscuous mode
[   41.834382][ T4067] 8021q: adding VLAN 0 to HW filter on device bond1
[   41.861721][ T4071] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   41.886483][ T4067] bridge2: entered promiscuous mode
[   41.912480][ T4071] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[   41.940192][ T4071] ext4 filesystem being mounted at /43/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   41.967932][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[   42.078610][ T4095] batadv_slave_1: entered promiscuous mode
[   42.100679][ T4093] batadv_slave_1: left promiscuous mode
[   42.166890][ T4090] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   42.181792][ T4099] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=4099 comm=syz.4.199
[   42.196173][ T4098] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=4098 comm=syz.4.199
[   42.210744][ T4090] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[   42.219656][ T4090] FAT-fs (loop1): Filesystem has been set read-only
[   42.254380][ T4090] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[   42.264017][ T4090] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[   42.273513][ T4090] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[   42.282662][ T4090] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[   42.307494][ T4090] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[   42.316986][ T4101] SELinux: failed to load policy
[   42.329181][ T4090] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[   42.348366][ T4090] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[   42.361841][ T4106] netlink: 'syz.4.202': attribute type 1 has an invalid length.
[   42.377251][ T4109] FAULT_INJECTION: forcing a failure.
[   42.377251][ T4109] name failslab, interval 1, probability 0, space 0, times 0
[   42.389833][ T4106] bond2: (slave vxcan3): The slave device specified does not support setting the MAC address
[   42.390226][ T4109] CPU: 0 UID: 0 PID: 4109 Comm: syz.0.203 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   42.390304][ T4109] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   42.390317][ T4109] Call Trace:
[   42.390324][ T4109]  <TASK>
[   42.390332][ T4109]  __dump_stack+0x1d/0x30
[   42.390396][ T4109]  dump_stack_lvl+0x95/0xd0
[   42.390419][ T4109]  dump_stack+0x15/0x1b
[   42.390440][ T4109]  should_fail_ex+0x263/0x280
[   42.390472][ T4109]  should_failslab+0x8c/0xb0
[   42.390572][ T4109]  __kmalloc_noprof+0xb8/0x580
[   42.390598][ T4109]  ? genl_family_rcv_msg_attrs_parse+0x75/0x190
[   42.390629][ T4109]  genl_family_rcv_msg_attrs_parse+0x75/0x190
[   42.390772][ T4109]  genl_family_rcv_msg_doit+0x4b/0x1f0
[   42.390799][ T4109]  ? selinux_capable+0x31/0x40
[   42.390866][ T4109]  ? security_capable+0x7b/0x90
[   42.390896][ T4109]  ? ns_capable+0x7c/0xb0
[   42.390924][ T4109]  genl_rcv_msg+0x432/0x470
[   42.390993][ T4109]  ? __pfx_wg_set_device_doit+0x10/0x10
[   42.391024][ T4109]  netlink_rcv_skb+0x123/0x220
[   42.391129][ T4109]  ? __pfx_genl_rcv_msg+0x10/0x10
[   42.391158][ T4109]  genl_rcv+0x28/0x40
[   42.391181][ T4109]  netlink_unicast+0x5c0/0x690
[   42.391230][ T4109]  netlink_sendmsg+0x5c8/0x6f0
[   42.391252][ T4109]  ? __pfx_netlink_sendmsg+0x10/0x10
[   42.391272][ T4109]  ____sys_sendmsg+0x5af/0x600
[   42.391295][ T4109]  ___sys_sendmsg+0x195/0x1e0
[   42.391346][ T4109]  __x64_sys_sendmsg+0xd4/0x160
[   42.391371][ T4109]  x64_sys_call+0x17ba/0x3000
[   42.391397][ T4109]  do_syscall_64+0xc0/0x2a0
[   42.391488][ T4109]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   42.391511][ T4109] RIP: 0033:0x7f5094baaeb9
[   42.391563][ T4109] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   42.391622][ T4109] RSP: 002b:00007f5093607028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   42.391644][ T4109] RAX: ffffffffffffffda RBX: 00007f5094e25fa0 RCX: 00007f5094baaeb9
[   42.391658][ T4109] RDX: 0000000004000040 RSI: 0000200000000240 RDI: 0000000000000003
[   42.391734][ T4109] RBP: 00007f5093607090 R08: 0000000000000000 R09: 0000000000000000
[   42.391748][ T4109] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   42.391765][ T4109] R13: 00007f5094e26038 R14: 00007f5094e25fa0 R15: 00007ffe649df1b8
[   42.391858][ T4109]  </TASK>
[   42.419894][ T4090] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[   42.426311][ T4106] bond2: (slave vxcan3): Error -95 calling set_mac_address
[   42.433999][ T4090] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[   42.686658][ T4111] bond2: (slave gretap1): making interface the new active one
[   42.695165][ T4111] bond2: (slave gretap1): Enslaving as an active interface with an up link
[   42.708916][ T4112] macvlan2: entered promiscuous mode
[   42.714586][ T4112] macvlan2: entered allmulticast mode
[   42.723416][ T4112] bond2: entered promiscuous mode
[   42.728687][ T4112] gretap1: entered promiscuous mode
[   42.739893][ T4112] 8021q: adding VLAN 0 to HW filter on device macvlan2
[   42.752671][ T4112] bond2: (slave macvlan2): the slave hw address is in use by the bond; giving it the hw address of gretap1
[   42.767510][ T4112] bond2: left promiscuous mode
[   42.772578][ T4112] gretap1: left promiscuous mode
[   42.793086][ T4117] set_capacity_and_notify: 6 callbacks suppressed
[   42.793107][ T4117] loop0: detected capacity change from 0 to 1024
[   42.807613][ T4117] EXT4-fs: Ignoring removed bh option
[   42.843429][ T4117] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.864236][ T4112] syz.4.202 (4112) used greatest stack depth: 8888 bytes left
[   42.890400][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.967660][ T4126] netlink: 'syz.0.206': attribute type 1 has an invalid length.
[   42.975487][ T4126] netlink: 12 bytes leftover after parsing attributes in process `syz.0.206'.
[   42.991624][ T4129] netlink: 'syz.3.208': attribute type 1 has an invalid length.
[   43.005400][ T4130] netlink: 'syz.4.209': attribute type 4 has an invalid length.
[   43.155118][ T4138] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(15)
[   43.161850][ T4138] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   43.169548][ T4138] vhci_hcd vhci_hcd.0: Device attached
[   43.177319][ T4141] vhci_hcd vhci_hcd.0: pdev(1) rhport(1) sockfd(18)
[   43.183955][ T4141] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   43.191537][ T4141] vhci_hcd vhci_hcd.0: Device attached
[   43.203451][ T4145] netlink: 28 bytes leftover after parsing attributes in process `syz.0.213'.
[   43.212686][ T4145] FAULT_INJECTION: forcing a failure.
[   43.212686][ T4145] name failslab, interval 1, probability 0, space 0, times 0
[   43.225478][ T4145] CPU: 0 UID: 0 PID: 4145 Comm: syz.0.213 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   43.225598][ T4145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   43.225670][ T4145] Call Trace:
[   43.225678][ T4145]  <TASK>
[   43.225686][ T4145]  __dump_stack+0x1d/0x30
[   43.225714][ T4145]  dump_stack_lvl+0x95/0xd0
[   43.225818][ T4145]  dump_stack+0x15/0x1b
[   43.225839][ T4145]  should_fail_ex+0x263/0x280
[   43.225892][ T4145]  should_failslab+0x8c/0xb0
[   43.225917][ T4145]  kmem_cache_alloc_noprof+0x68/0x490
[   43.226000][ T4145]  ? skb_clone+0x151/0x1f0
[   43.226022][ T4145]  skb_clone+0x151/0x1f0
[   43.226043][ T4145]  __netlink_deliver_tap+0x2c9/0x500
[   43.226132][ T4145]  ? netlink_attachskb+0x2e2/0x660
[   43.226165][ T4145]  netlink_sendskb+0x126/0x150
[   43.226272][ T4145]  netlink_unicast+0x2a2/0x690
[   43.226307][ T4145]  netlink_ack+0x4c8/0x500
[   43.226346][ T4145]  netlink_rcv_skb+0x192/0x220
[   43.226409][ T4145]  ? __pfx_genl_rcv_msg+0x10/0x10
[   43.226436][ T4145]  genl_rcv+0x28/0x40
[   43.226528][ T4145]  netlink_unicast+0x5c0/0x690
[   43.226562][ T4145]  netlink_sendmsg+0x5c8/0x6f0
[   43.226582][ T4145]  ? __pfx_netlink_sendmsg+0x10/0x10
[   43.226614][ T4145]  ____sys_sendmsg+0x5af/0x600
[   43.226718][ T4145]  ___sys_sendmsg+0x195/0x1e0
[   43.226820][ T4145]  __x64_sys_sendmsg+0xd4/0x160
[   43.226846][ T4145]  x64_sys_call+0x17ba/0x3000
[   43.226875][ T4145]  do_syscall_64+0xc0/0x2a0
[   43.226905][ T4145]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   43.226940][ T4145] RIP: 0033:0x7f5094baaeb9
[   43.226960][ T4145] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   43.226982][ T4145] RSP: 002b:00007f5093607028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   43.227004][ T4145] RAX: ffffffffffffffda RBX: 00007f5094e25fa0 RCX: 00007f5094baaeb9
[   43.227018][ T4145] RDX: 0000000024040014 RSI: 00002000000004c0 RDI: 0000000000000003
[   43.227082][ T4145] RBP: 00007f5093607090 R08: 0000000000000000 R09: 0000000000000000
[   43.227098][ T4145] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   43.227121][ T4145] R13: 00007f5094e26038 R14: 00007f5094e25fa0 R15: 00007ffe649df1b8
[   43.227141][ T4145]  </TASK>
[   43.227503][ T4138] vhci_hcd vhci_hcd.0: pdev(1) rhport(2) sockfd(17)
[   43.239739][ T4149] bridge0: port 2(bridge_slave_1) entered disabled state
[   43.247229][ T4138] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   43.247358][ T4138] vhci_hcd vhci_hcd.0: Device attached
[   43.250690][ T4149] bridge0: port 1(bridge_slave_0) entered disabled state
[   43.341972][ T4159] vhci_hcd vhci_hcd.0: pdev(1) rhport(3) sockfd(22)
[   43.491456][ T4159] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   43.499187][ T4159] vhci_hcd vhci_hcd.0: Device attached
[   43.516335][ T4130] syz.4.209 (4130) used greatest stack depth: 8408 bytes left
[   43.549714][ T4141] vhci_hcd vhci_hcd.0: pdev(1) rhport(4) sockfd(25)
[   43.556619][ T4141] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   43.564418][ T4141] vhci_hcd vhci_hcd.0: Device attached
[   43.580049][ T4173] vhci_hcd vhci_hcd.0: pdev(1) rhport(5) sockfd(21)
[   43.586843][ T4173] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   43.594390][ T4173] vhci_hcd vhci_hcd.0: Device attached
[   43.640304][ T4138] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   43.679504][ T4138] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   43.688735][ T4138] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   43.708371][ T4160] vhci_hcd: connection closed
[   43.708441][ T4142] vhci_hcd: connection closed
[   43.710041][ T4164] vhci_hcd: connection closed
[   43.713254][ T1645] vhci_hcd vhci_hcd.1: stop threads
[   43.717975][ T4175] vhci_hcd: connection closed
[   43.722617][ T1645] vhci_hcd vhci_hcd.1: release socket
[   43.722644][ T1645] vhci_hcd vhci_hcd.1: disconnect device
[   43.735133][ T1645] vhci_hcd vhci_hcd.1: stop threads
[   43.738309][ T4146] vhci_hcd: connection closed
[   43.743832][ T1645] vhci_hcd vhci_hcd.1: release socket
[   43.743857][ T1645] vhci_hcd vhci_hcd.1: disconnect device
[   43.760114][ T4139] vhci_hcd: connection closed
[   43.776670][ T1645] vhci_hcd vhci_hcd.1: stop threads
[   43.786694][ T1645] vhci_hcd vhci_hcd.1: release socket
[   43.792184][ T1645] vhci_hcd vhci_hcd.1: disconnect device
[   43.799423][ T1645] vhci_hcd vhci_hcd.1: stop threads
[   43.804714][ T1645] vhci_hcd vhci_hcd.1: release socket
[   43.810249][ T1645] vhci_hcd vhci_hcd.1: disconnect device
[   43.830163][ T1645] vhci_hcd vhci_hcd.1: stop threads
[   43.835628][ T1645] vhci_hcd vhci_hcd.1: release socket
[   43.841131][ T1645] vhci_hcd vhci_hcd.1: disconnect device
[   43.848354][ T1645] vhci_hcd vhci_hcd.1: stop threads
[   43.848440][ T4181] Illegal XDP return value 124 on prog  (id 50) dev syz_tun, expect packet loss!
[   43.853651][ T1645] vhci_hcd vhci_hcd.1: release socket
[   43.868198][ T1645] vhci_hcd vhci_hcd.1: disconnect device
[   44.196787][ T4205] loop4: detected capacity change from 0 to 512
[   44.215514][ T3301] udevd[3301]: incorrect ext4 checksum on /dev/loop4
[   44.223126][ T4205] EXT4-fs (loop4): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[   44.370187][   T10] usb 3-1: enqueue for inactive port 0
[   44.389067][   T10] usb 3-1: enqueue for inactive port 0
[   44.399413][ T4214] validate_nla: 1 callbacks suppressed
[   44.399430][ T4214] netlink: 'syz.3.234': attribute type 1 has an invalid length.
[   44.427034][ T4216] loop2: detected capacity change from 0 to 2048
[   44.474534][ T4217] bond2: (slave vxcan3): The slave device specified does not support setting the MAC address
[   44.491960][   T10] vhci_hcd vhci_hcd.1: vhci_device speed not set
[   44.508689][ T4217] bond2: (slave vxcan3): Error -95 calling set_mac_address
[   44.525324][ T4214] bond2: (slave gretap1): making interface the new active one
[   44.534363][ T4214] bond2: (slave gretap1): Enslaving as an active interface with an up link
[   44.547274][ T4214] macvlan2: entered promiscuous mode
[   44.552674][ T4214] macvlan2: entered allmulticast mode
[   44.559791][ T4214] bond2: entered promiscuous mode
[   44.565168][ T4214] gretap1: entered promiscuous mode
[   44.571336][ T4214] 8021q: adding VLAN 0 to HW filter on device macvlan2
[   44.582546][ T4214] bond2: (slave macvlan2): the slave hw address is in use by the bond; giving it the hw address of gretap1
[   44.594716][ T4214] bond2: left promiscuous mode
[   44.599627][ T4214] gretap1: left promiscuous mode
[   45.346687][ T4216]  loop2: p2 < > p4
[   45.348656][ T4228] loop4: detected capacity change from 0 to 1024
[   45.350600][ T4216] loop2: partition table partially beyond EOD, truncated
[   45.358144][ T4230] netlink: 64 bytes leftover after parsing attributes in process `syz.0.240'.
[   45.364235][ T4216] loop2: p2 start 4278190080 is beyond EOD, truncated
[   45.379774][ T4216] loop2: p4 size 8192 extends beyond EOD, truncated
[   45.423392][ T4228] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   45.467039][ T3301] udevd[3301]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[   45.481081][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.541563][   T29] kauditd_printk_skb: 258 callbacks suppressed
[   45.541583][   T29] audit: type=1400 audit(1769877401.908:815): avc:  denied  { mount } for  pid=4241 comm="syz.2.244" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[   45.570373][ T4242] xt_hashlimit: max too large, truncated to 1048576
[   45.574101][ T4226] loop3: detected capacity change from 0 to 512
[   45.585478][ T3301] udevd[3301]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[   45.606783][   T29] audit: type=1400 audit(1769877401.948:816): avc:  denied  { getopt } for  pid=4241 comm="syz.2.244" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[   45.673483][ T4257] netlink: 8 bytes leftover after parsing attributes in process `syz.0.246'.
[   45.683591][   T29] audit: type=1400 audit(1769877402.048:817): avc:  denied  { setopt } for  pid=4250 comm="syz.0.246" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   45.687015][ T4242] syzkaller0: entered allmulticast mode
[   45.717304][ T4242] syzkaller0: entered promiscuous mode
[   45.725584][ T4259] netlink: 'syz.4.248': attribute type 1 has an invalid length.
[   45.731257][ T4242] syzkaller0: left promiscuous mode
[   45.738857][ T4242] syzkaller0: left allmulticast mode
[   45.741814][ T4226] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   45.763338][ T4226] ext4 filesystem being mounted at /52/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   45.789993][ T4263] loop2: detected capacity change from 0 to 1024
[   45.800625][ T4259] bond3: (slave vxcan3): The slave device specified does not support setting the MAC address
[   45.815165][ T4259] bond3: (slave vxcan3): Error -95 calling set_mac_address
[   45.838532][ T4263] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   45.852541][ T4263] FAULT_INJECTION: forcing a failure.
[   45.852541][ T4263] name failslab, interval 1, probability 0, space 0, times 0
[   45.853151][ T4226] EXT4-fs error (device loop3): ext4_xattr_block_get:597: inode #12: comm syz.3.238: corrupted xattr block 6: invalid header
[   45.865364][ T4263] CPU: 0 UID: 0 PID: 4263 Comm: syz.2.249 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   45.865438][ T4263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   45.865462][ T4263] Call Trace:
[   45.865470][ T4263]  <TASK>
[   45.865479][ T4263]  __dump_stack+0x1d/0x30
[   45.865508][ T4263]  dump_stack_lvl+0x95/0xd0
[   45.865598][ T4263]  dump_stack+0x15/0x1b
[   45.865622][ T4263]  should_fail_ex+0x263/0x280
[   45.865656][ T4263]  should_failslab+0x8c/0xb0
[   45.865708][ T4263]  kmem_cache_alloc_lru_noprof+0x6c/0x490
[   45.865737][ T4263]  ? __d_alloc+0x37/0x340
[   45.865769][ T4263]  __d_alloc+0x37/0x340
[   45.865864][ T4263]  d_alloc+0x2e/0x100
[   45.865900][ T4263]  lookup_one_qstr_excl+0x99/0x250
[   45.865932][ T4263]  __start_renaming+0x13f/0x2a0
[   45.865980][ T4263]  do_renameat2+0x2b4/0x850
[   45.866013][ T4263]  __x64_sys_renameat2+0x7e/0x90
[   45.866041][ T4263]  x64_sys_call+0x35f/0x3000
[   45.866178][ T4263]  do_syscall_64+0xc0/0x2a0
[   45.866283][ T4263]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   45.866336][ T4263] RIP: 0033:0x7ff8ffa8aeb9
[   45.866357][ T4263] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   45.866379][ T4263] RSP: 002b:00007ff8fe4e7028 EFLAGS: 00000246 ORIG_RAX: 000000000000013c
[   45.866403][ T4263] RAX: ffffffffffffffda RBX: 00007ff8ffd05fa0 RCX: 00007ff8ffa8aeb9
[   45.866421][ T4263] RDX: ffffffffffffff9c RSI: 0000200000000440 RDI: ffffffffffffff9c
[   45.866488][ T4263] RBP: 00007ff8fe4e7090 R08: 0000000000000000 R09: 0000000000000000
[   45.866503][ T4263] R10: 0000200000000480 R11: 0000000000000246 R12: 0000000000000001
[   45.866519][ T4263] R13: 00007ff8ffd06038 R14: 00007ff8ffd05fa0 R15: 00007ffed0ae2a68
[   45.866541][ T4263]  </TASK>
[   45.902731][ T4259] macvlan2: entered promiscuous mode
[   45.902753][ T4259] macvlan2: entered allmulticast mode
[   45.903907][ T4259] bond3: entered promiscuous mode
[   45.952567][ T4226] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=12
[   45.956526][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.962012][ T4226] EXT4-fs error (device loop3): ext4_xattr_block_get:597: inode #12: comm syz.3.238: corrupted xattr block 6: invalid header
[   45.970369][ T4259] 8021q: adding VLAN 0 to HW filter on device macvlan2
[   45.972727][ T4226] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=12
[   46.063385][ T4272] loop0: detected capacity change from 0 to 256
[   46.069857][ T4273] netlink: 4 bytes leftover after parsing attributes in process `syz.0.252'.
[   46.113847][ T4272] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   46.119770][ T4226] EXT4-fs error (device loop3): ext4_xattr_block_get:597: inode #12: comm syz.3.238: corrupted xattr block 6: invalid header
[   46.139735][ T4272] FAT-fs (loop0): Directory bread(block 64) failed
[   46.150149][ T4226] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=12
[   46.167683][ T4276] loop2: detected capacity change from 0 to 512
[   46.175543][ T4226] EXT4-fs error (device loop3): ext4_xattr_block_get:597: inode #12: comm syz.3.238: corrupted xattr block 6: invalid header
[   46.183635][ T4276] EXT4-fs: Ignoring removed nobh option
[   46.189457][ T4226] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=12
[   46.206999][ T4272] FAT-fs (loop0): Directory bread(block 65) failed
[   46.207657][ T4226] EXT4-fs error (device loop3): ext4_xattr_block_get:597: inode #12: comm syz.3.238: corrupted xattr block 6: invalid header
[   46.223245][ T4276] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   46.236571][ T4226] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=12
[   46.253475][ T4276] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2858: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   46.255086][ T4272] FAT-fs (loop0): Directory bread(block 66) failed
[   46.268414][ T4276] EXT4-fs (loop2): 1 truncate cleaned up
[   46.274822][   T29] audit: type=1400 audit(1769877402.578:818): avc:  denied  { add_name } for  pid=4225 comm="syz.3.238" name="file3" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   46.280832][ T4276] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   46.306181][ T4259] bond3: left promiscuous mode
[   46.318794][ T4272] FAT-fs (loop0): Directory bread(block 67) failed
[   46.325623][ T4272] FAT-fs (loop0): Directory bread(block 68) failed
[   46.340496][ T4272] FAT-fs (loop0): Directory bread(block 69) failed
[   46.347602][ T4226] EXT4-fs error (device loop3): ext4_xattr_block_get:597: inode #12: comm syz.3.238: corrupted xattr block 6: invalid header
[   46.369791][   T29] audit: type=1400 audit(1769877402.688:819): avc:  denied  { setattr } for  pid=4275 comm="syz.2.250" name="file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   46.392851][ T4272] FAT-fs (loop0): Directory bread(block 70) failed
[   46.402688][ T4272] FAT-fs (loop0): Directory bread(block 71) failed
[   46.415656][ T4272] FAT-fs (loop0): Directory bread(block 72) failed
[   46.423819][ T4272] FAT-fs (loop0): Directory bread(block 73) failed
[   46.448151][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.496373][   T29] audit: type=1400 audit(1769877402.858:820): avc:  denied  { setopt } for  pid=4281 comm="syz.3.253" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   46.520410][   T29] audit: type=1400 audit(1769877402.888:821): avc:  denied  { listen } for  pid=4281 comm="syz.3.253" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   46.554618][ T4280] tipc: Started in network mode
[   46.559565][ T4280] tipc: Node identity 267a1dcd34b2, cluster identity 4711
[   46.566853][ T4280] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   46.574279][   T29] audit: type=1400 audit(1769877402.948:822): avc:  denied  { connect } for  pid=4281 comm="syz.3.253" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   46.599642][ T4282] loop3: detected capacity change from 0 to 1024
[   46.609268][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.620230][ T4287] syzkaller0: entered promiscuous mode
[   46.625745][ T4287] syzkaller0: entered allmulticast mode
[   46.636590][ T4282] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   46.662899][ T4280] tipc: Resetting bearer <eth:syzkaller0>
[   46.663322][   T29] audit: type=1400 audit(1769877403.028:823): avc:  denied  { append } for  pid=4281 comm="syz.3.253" name="file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   46.691569][ T4279] tipc: Resetting bearer <eth:syzkaller0>
[   46.705030][ T4279] tipc: Disabling bearer <eth:syzkaller0>
[   46.733547][   T29] audit: type=1400 audit(1769877403.098:824): avc:  denied  { name_bind } for  pid=4296 comm="syz.4.260" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[   46.736941][ T4297] loop4: detected capacity change from 0 to 1024
[   46.807939][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.859843][ T4297] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   46.903281][ T4314] netlink: 4 bytes leftover after parsing attributes in process `syz.0.265'.
[   46.933146][ T4322] netlink: 'syz.3.267': attribute type 1 has an invalid length.
[   46.952103][ T4322] bond3: (slave vxcan3): The slave device specified does not support setting the MAC address
[   46.963349][ T4322] bond3: (slave vxcan3): Error -95 calling set_mac_address
[   46.985477][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.005665][ T4327] macvlan2: entered promiscuous mode
[   47.011319][ T4327] macvlan2: entered allmulticast mode
[   47.056444][ T4327] bond3: entered promiscuous mode
[   47.084188][ T4327] 8021q: adding VLAN 0 to HW filter on device macvlan2
[   47.092423][ T4327] bond3: left promiscuous mode
[   47.098423][ T4338] vfat: Unknown parameter ''
[   47.108819][ T4334] lo speed is unknown, defaulting to 1000
[   47.108918][ T4334] lo speed is unknown, defaulting to 1000
[   47.109277][ T4334] lo speed is unknown, defaulting to 1000
[   47.109633][ T4334] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   47.110321][ T4334] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[   47.124649][ T4334] lo speed is unknown, defaulting to 1000
[   47.125097][ T4334] lo speed is unknown, defaulting to 1000
[   47.133275][ T4334] lo speed is unknown, defaulting to 1000
[   47.133642][ T4334] lo speed is unknown, defaulting to 1000
[   47.133896][ T4334] lo speed is unknown, defaulting to 1000
[   47.147188][ T4334] lo speed is unknown, defaulting to 1000
[   47.147215][ T4334] lo speed is unknown, defaulting to 1000
[   47.147452][ T4334] lo speed is unknown, defaulting to 1000
[   47.148154][ T4334] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[   47.151370][ T4334] lo speed is unknown, defaulting to 1000
[   47.151852][ T4334] lo speed is unknown, defaulting to 1000
[   47.152220][ T4334] lo speed is unknown, defaulting to 1000
[   47.152542][ T4334] lo speed is unknown, defaulting to 1000
[   47.152853][ T4334] lo speed is unknown, defaulting to 1000
[   47.188422][ T4342] netlink: 104 bytes leftover after parsing attributes in process `syz.0.274'.
[   47.309718][ T4346] FAT-fs (loop3): bogus number of reserved sectors
[   47.316433][ T4346] FAT-fs (loop3): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[   47.325929][ T4346] FAT-fs (loop3): Can't find a valid FAT filesystem
[   47.410546][ T4355] EXT4-fs: Ignoring removed nobh option
[   47.416269][ T4355] EXT4-fs: inline encryption not supported
[   47.458102][ T4355] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   47.485770][ T4355] EXT4-fs error (device loop0): mb_free_blocks:2037: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[   47.554651][ T4355] SELinux: failed to load policy
[   47.564098][ T4369] ------------[ cut here ]------------
[   47.569712][ T4369] EA inode 11 i_nlink=2
[   47.569729][ T4369] WARNING: fs/ext4/xattr.c:1059 at ext4_xattr_inode_update_ref+0x313/0x350, CPU#1: syz.4.282/4369
[   47.584658][ T4369] Modules linked in:
[   47.588689][ T4369] CPU: 1 UID: 0 PID: 4369 Comm: syz.4.282 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   47.598584][ T4369] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   47.608740][ T4369] RIP: 0010:ext4_xattr_inode_update_ref+0x332/0x350
[   47.615424][ T4369] Code: 74 e6 9a ff 4c 8d 2d cd 21 3e 05 49 8d 7e 40 e8 84 d0 b6 ff 49 8b 6e 40 4c 89 e7 e8 b8 cb b6 ff 41 8b 56 48 4c 89 ef 48 89 ee <67> 48 0f b9 3a e9 02 ff ff ff e8 ef e1 d0 03 66 66 66 66 66 66 2e
[   47.635093][ T4369] RSP: 0018:ffffc900013b7778 EFLAGS: 00010246
[   47.641302][ T4369] RAX: ffff88811ad1ab90 RBX: ffff88810ba9b220 RCX: ffffffff81be1958
[   47.649397][ T4369] RDX: 0000000000000002 RSI: 000000000000000b RDI: ffffffff86fc3b10
[   47.657490][ T4369] RBP: 000000000000000b R08: 000188810ba9b1d3 R09: 0000000000000000
[   47.665743][ T4369] R10: ffffc900013b76a8 R11: 0001c900013b76a8 R12: ffff88810ba9b1d0
[   47.673767][ T4369] R13: ffffffff86fc3b10 R14: ffff88810ba9b188 R15: 0000000000000001
[   47.681783][ T4369] FS:  00007fde8fe366c0(0000) GS:ffff8882aec57000(0000) knlGS:0000000000000000
[   47.690861][ T4369] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   47.697515][ T4369] CR2: 0000000000000102 CR3: 000000012a64a000 CR4: 00000000003506f0
[   47.705588][ T4369] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   47.713698][ T4369] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[   47.721965][ T4369] Call Trace:
[   47.725276][ T4369]  <TASK>
[   47.728245][ T4369]  ext4_xattr_inode_dec_ref_all+0x57c/0x880
[   47.734396][ T4369]  ? errseq_check+0x2c/0x50
[   47.738950][ T4369]  ext4_xattr_delete_inode+0x6c1/0x7a0
[   47.744468][ T4369]  ? ext4_truncate+0x92b/0xad0
[   47.749527][ T4369]  ext4_evict_inode+0xa1f/0xd40
[   47.754519][ T4369]  ? __pfx_ext4_evict_inode+0x10/0x10
[   47.759957][ T4369]  evict+0x2af/0x510
[   47.763923][ T4369]  ? __dquot_initialize+0x146/0x7c0
[   47.769176][ T4369]  iput+0x4b9/0x650
[   47.773037][ T4369]  ext4_process_orphan+0x1a9/0x1c0
[   47.778533][ T4369]  ext4_orphan_cleanup+0x6a8/0xa00
[   47.784423][ T4369]  ext4_fill_super+0x3476/0x3800
[   47.789425][ T4369]  ? set_blocksize+0x1a3/0x310
[   47.794267][ T4369]  ? setup_bdev_super+0x30e/0x370
[   47.799320][ T4369]  ? __pfx_ext4_fill_super+0x10/0x10
[   47.804666][ T4369]  get_tree_bdev_flags+0x291/0x300
[   47.809798][ T4369]  ? __pfx_ext4_fill_super+0x10/0x10
[   47.815342][ T4369]  get_tree_bdev+0x1f/0x30
[   47.819780][ T4369]  ext4_get_tree+0x1c/0x30
[   47.824316][ T4369]  vfs_get_tree+0x57/0x1d0
[   47.828785][ T4369]  do_new_mount+0x288/0x700
[   47.833334][ T4369]  path_mount+0x4d0/0xbc0
[   47.837689][ T4369]  ? user_path_at+0xbf/0x130
[   47.842486][ T4369]  __se_sys_mount+0x28c/0x2e0
[   47.847232][ T4369]  __x64_sys_mount+0x67/0x80
[   47.851927][ T4369]  x64_sys_call+0x2cca/0x3000
[   47.856633][ T4369]  do_syscall_64+0xc0/0x2a0
[   47.861187][ T4369]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   47.867122][ T4369] RIP: 0033:0x7fde913fc14a
[   47.871621][ T4369] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   47.891650][ T4369] RSP: 002b:00007fde8fe35e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   47.900311][ T4369] RAX: ffffffffffffffda RBX: 00007fde8fe35ee0 RCX: 00007fde913fc14a
[   47.908322][ T4369] RDX: 00002000000009c0 RSI: 0000200000000540 RDI: 00007fde8fe35ea0
[   47.916367][ T4369] RBP: 00002000000009c0 R08: 00007fde8fe35ee0 R09: 0000000000800718
[   47.924502][ T4369] R10: 0000000000800718 R11: 0000000000000246 R12: 0000200000000540
[   47.932533][ T4369] R13: 00007fde8fe35ea0 R14: 000000000000048d R15: 0000200000000200
[   47.940702][ T4346] set_capacity_and_notify: 5 callbacks suppressed
[   47.940917][ T4346] loop3: detected capacity change from 0 to 512
[   47.947156][ T4369]  </TASK>
[   47.947230][ T4369] ---[ end trace 0000000000000000 ]---
[   47.965490][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.991369][ T4369] EXT4-fs (loop4): 1 orphan inode deleted
[   47.997755][ T4369] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   48.080541][ T4346] EXT4-fs (loop3): too many log groups per flexible block group
[   48.100637][ T4374] serio: Serial port ptm0
[   48.131181][ T4378] bridge0: port 2(bridge_slave_1) entered disabled state
[   48.134494][ T4369] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.135066][ T4378] process 'syz.2.285' launched '/dev/fd/8' with NULL argv: empty string added
[   48.136548][ T4346] EXT4-fs (loop3): failed to initialize mballoc (-12)
[   48.146119][ T4346] EXT4-fs (loop3): mount failed
[   48.259619][ T4374] serio: Serial port ptm0
[   48.271055][ T4385] netlink: 'syz.2.286': attribute type 1 has an invalid length.
[   48.305231][ T4385] bond2: (slave vxcan3): The slave device specified does not support setting the MAC address
[   48.371044][ T4385] bond2: (slave vxcan3): Error -95 calling set_mac_address
[   48.410344][ T4387] macvlan2: entered promiscuous mode
[   48.415733][ T4387] macvlan2: entered allmulticast mode
[   48.439503][ T4387] bond2: entered promiscuous mode
[   48.449267][ T4387] 8021q: adding VLAN 0 to HW filter on device macvlan2
[   48.473836][ T4387] bond2: left promiscuous mode
[   48.529302][ T4405] loop4: detected capacity change from 0 to 512
[   48.573200][ T4405] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   48.616449][ T4405] ext4 filesystem being mounted at /54/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   48.653852][ T4413] netlink: 36 bytes leftover after parsing attributes in process `syz.3.295'.
[   48.663006][ T4413] netlink: 16 bytes leftover after parsing attributes in process `syz.3.295'.
[   48.672127][ T4413] netlink: 36 bytes leftover after parsing attributes in process `syz.3.295'.
[   48.690003][ T4413] netlink: 36 bytes leftover after parsing attributes in process `syz.3.295'.
[   48.690229][ T4405] IPVS: set_ctl: invalid protocol: 59 255.255.255.255:21
[   48.723781][ T4405] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #18: comm syz.4.293: corrupted inode contents
[   48.770421][ T4405] EXT4-fs (loop4): Remounting filesystem read-only
[   48.777976][ T4402] loop0: detected capacity change from 0 to 2048
[   48.784733][ T4405] EXT4-fs warning (device loop4): ext4_evict_inode:273: xattr delete (err -30)
[   48.830953][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.948454][ T4440] loop4: detected capacity change from 0 to 128
[   49.109875][ T4452] netlink: 'syz.0.307': attribute type 1 has an invalid length.
[   49.170145][ T4456] loop3: detected capacity change from 0 to 256
[   49.188009][ T3475] hid-generic 0103:0004:0000.0001: unknown main item tag 0x0
[   49.195504][ T3475] hid-generic 0103:0004:0000.0001: unknown main item tag 0x0
[   49.202965][ T3475] hid-generic 0103:0004:0000.0001: unknown main item tag 0x0
[   49.210385][ T3475] hid-generic 0103:0004:0000.0001: unknown main item tag 0x0
[   49.217881][ T3475] hid-generic 0103:0004:0000.0001: unknown main item tag 0x0
[   49.225503][ T3475] hid-generic 0103:0004:0000.0001: unknown main item tag 0x0
[   49.232992][ T3475] hid-generic 0103:0004:0000.0001: unknown main item tag 0x0
[   49.240603][ T3475] hid-generic 0103:0004:0000.0001: unknown main item tag 0x0
[   49.248015][ T3475] hid-generic 0103:0004:0000.0001: unknown main item tag 0x0
[   49.255538][ T3475] hid-generic 0103:0004:0000.0001: unknown main item tag 0x0
[   49.267762][ T3475] hid-generic 0103:0004:0000.0001: hidraw0: <UNKNOWN> HID v0.02 Device [syz0] on syz1
[   49.318844][ T4465] netlink: 64 bytes leftover after parsing attributes in process `syz.0.311'.
[   49.349171][ T4461] fido_id[4461]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   49.394378][ T4470] xt_CONNSECMARK: invalid mode: 0
[   49.440399][ T4472] FAULT_INJECTION: forcing a failure.
[   49.440399][ T4472] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   49.453606][ T4472] CPU: 0 UID: 0 PID: 4472 Comm: syz.2.312 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   49.453645][ T4472] Tainted: [W]=WARN
[   49.453653][ T4472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   49.453668][ T4472] Call Trace:
[   49.453675][ T4472]  <TASK>
[   49.453684][ T4472]  __dump_stack+0x1d/0x30
[   49.453713][ T4472]  dump_stack_lvl+0x95/0xd0
[   49.453787][ T4472]  dump_stack+0x15/0x1b
[   49.453820][ T4472]  should_fail_ex+0x263/0x280
[   49.453856][ T4472]  should_fail+0xb/0x20
[   49.453944][ T4472]  should_fail_usercopy+0x1a/0x20
[   49.453981][ T4472]  _copy_from_user+0x1c/0xb0
[   49.454004][ T4472]  do_sock_getsockopt+0xf1/0x210
[   49.454070][ T4472]  __x64_sys_getsockopt+0x11d/0x1a0
[   49.454212][ T4472]  x64_sys_call+0x2dc7/0x3000
[   49.454230][ T4472]  do_syscall_64+0xc0/0x2a0
[   49.454251][ T4472]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   49.454282][ T4472] RIP: 0033:0x7ff8ffa8aeb9
[   49.454294][ T4472] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   49.454308][ T4472] RSP: 002b:00007ff8fe4e7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[   49.454323][ T4472] RAX: ffffffffffffffda RBX: 00007ff8ffd05fa0 RCX: 00007ff8ffa8aeb9
[   49.454370][ T4472] RDX: 0000000000000014 RSI: 0000000000000006 RDI: 0000000000000003
[   49.454379][ T4472] RBP: 00007ff8fe4e7090 R08: 00002000000001c0 R09: 0000000000000000
[   49.454388][ T4472] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   49.454397][ T4472] R13: 00007ff8ffd06038 R14: 00007ff8ffd05fa0 R15: 00007ffed0ae2a68
[   49.454410][ T4472]  </TASK>
[   49.624234][ T4477] loop0: detected capacity change from 0 to 512
[   49.661498][ T4477] EXT4-fs error (device loop0): ext4_map_blocks:783: inode #11: block 530: comm syz.0.316: lblock 4 mapped to illegal pblock 530 (length 1)
[   49.685268][ T4477] EXT4-fs (loop0): Remounting filesystem read-only
[   49.691976][ T4477] EXT4-fs warning (device loop0): ext4_evict_inode:256: couldn't mark inode dirty (err -30)
[   49.702513][ T4477] EXT4-fs (loop0): 1 orphan inode deleted
[   49.708726][ T4477] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   49.769282][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.255916][ T4514] loop3: detected capacity change from 0 to 1024
[   50.263125][ T4514] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   50.272074][ T4514] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[   50.282295][ T4514] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[   50.292901][ T4514] EXT4-fs error (device loop3): ext4_get_journal_inode:5849: comm syz.3.327: inode #1: comm syz.3.327: iget: illegal inode #
[   50.307038][ T4514] EXT4-fs (loop3): no journal found
[   50.312427][ T4514] EXT4-fs (loop3): can't get journal size
[   50.318593][ T4514] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a840e118, mo2=0002]
[   50.327015][ T4514] EXT4-fs (loop3): failed to initialize system zone (-22)
[   50.334263][ T4514] EXT4-fs (loop3): mount failed
[   50.385292][ T4517] netlink: 'syz.3.328': attribute type 6 has an invalid length.
[   50.464733][ T4518] __nla_validate_parse: 1 callbacks suppressed
[   50.464749][ T4518] netlink: 28 bytes leftover after parsing attributes in process `syz.3.328'.
[   50.480101][ T4518] netlink: 28 bytes leftover after parsing attributes in process `syz.3.328'.
[   50.492751][ T4518] bond0: entered promiscuous mode
[   50.497864][ T4518] bond_slave_0: entered promiscuous mode
[   50.503677][ T4518] bond_slave_1: entered promiscuous mode
[   50.512244][ T4518] bond0: left promiscuous mode
[   50.517069][ T4518] bond_slave_0: left promiscuous mode
[   50.522627][ T4518] bond_slave_1: left promiscuous mode
[   50.559017][ T4522] loop4: detected capacity change from 0 to 256
[   50.573998][ T4522] FAULT_INJECTION: forcing a failure.
[   50.573998][ T4522] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   50.587198][ T4522] CPU: 1 UID: 0 PID: 4522 Comm: syz.4.330 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   50.587234][ T4522] Tainted: [W]=WARN
[   50.587241][ T4522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   50.587261][ T4522] Call Trace:
[   50.587269][ T4522]  <TASK>
[   50.587277][ T4522]  __dump_stack+0x1d/0x30
[   50.587306][ T4522]  dump_stack_lvl+0x95/0xd0
[   50.587332][ T4522]  dump_stack+0x15/0x1b
[   50.587379][ T4522]  should_fail_ex+0x263/0x280
[   50.587415][ T4522]  should_fail+0xb/0x20
[   50.587443][ T4522]  should_fail_usercopy+0x1a/0x20
[   50.587519][ T4522]  _copy_from_user+0x1c/0xb0
[   50.587563][ T4522]  __se_sys_copy_file_range+0xb1/0x3b0
[   50.587594][ T4522]  ? fput+0x8f/0xc0
[   50.587643][ T4522]  __x64_sys_copy_file_range+0x78/0x90
[   50.587676][ T4522]  x64_sys_call+0x2c93/0x3000
[   50.587732][ T4522]  do_syscall_64+0xc0/0x2a0
[   50.587764][ T4522]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   50.587791][ T4522] RIP: 0033:0x7fde913faeb9
[   50.587840][ T4522] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   50.587863][ T4522] RSP: 002b:00007fde8fe57028 EFLAGS: 00000246 ORIG_RAX: 0000000000000146
[   50.587886][ T4522] RAX: ffffffffffffffda RBX: 00007fde91675fa0 RCX: 00007fde913faeb9
[   50.587926][ T4522] RDX: 0000000000000004 RSI: 0000200000000000 RDI: 0000000000000004
[   50.588037][ T4522] RBP: 00007fde8fe57090 R08: 0000000000000006 R09: 0000000000000000
[   50.588049][ T4522] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   50.588062][ T4522] R13: 00007fde91676038 R14: 00007fde91675fa0 R15: 00007ffd1c094918
[   50.588090][ T4522]  </TASK>
[   50.804320][ T4528] loop4: detected capacity change from 0 to 512
[   50.809339][ T4530] loop3: detected capacity change from 0 to 512
[   50.822503][ T4530] EXT4-fs: Ignoring removed nobh option
[   50.833310][ T4530] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   50.848139][ T4528] EXT4-fs (loop4): couldn't mount as ext2 due to feature incompatibilities
[   50.849174][ T4526] can0: slcan on ttyS3.
[   50.861463][ T4530] ext4 filesystem being mounted at /67/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   50.875453][   T29] kauditd_printk_skb: 272 callbacks suppressed
[   50.875469][   T29] audit: type=1400 audit(1769877663.248:1097): avc:  denied  { read } for  pid=3039 comm="dhcpcd" name="n25" dev="tmpfs" ino=2621 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   50.914351][ T4530] FAULT_INJECTION: forcing a failure.
[   50.914351][ T4530] name failslab, interval 1, probability 0, space 0, times 0
[   50.927147][ T4530] CPU: 1 UID: 0 PID: 4530 Comm: syz.3.334 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   50.927185][ T4530] Tainted: [W]=WARN
[   50.927193][ T4530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   50.927325][ T4530] Call Trace:
[   50.927333][ T4530]  <TASK>
[   50.927341][ T4530]  __dump_stack+0x1d/0x30
[   50.927373][ T4530]  dump_stack_lvl+0x95/0xd0
[   50.927398][ T4530]  dump_stack+0x15/0x1b
[   50.927423][ T4530]  should_fail_ex+0x263/0x280
[   50.927452][ T4530]  should_failslab+0x8c/0xb0
[   50.927477][ T4530]  __kmalloc_cache_noprof+0x64/0x4a0
[   50.927508][ T4530]  ? __iomap_dio_rw+0x194/0x14c0
[   50.927579][ T4530]  __iomap_dio_rw+0x194/0x14c0
[   50.927611][ T4530]  iomap_dio_rw+0x40/0x90
[   50.927651][ T4530]  ext4_file_read_iter+0x20f/0x290
[   50.927710][ T4530]  do_iter_readv_writev+0x4fd/0x5a0
[   50.927794][ T4530]  vfs_readv+0x1f4/0x6e0
[   50.927832][ T4530]  __se_sys_preadv2+0xfc/0x1c0
[   50.927871][ T4530]  __x64_sys_preadv2+0x67/0x80
[   50.927894][ T4530]  x64_sys_call+0xc61/0x3000
[   50.927918][ T4530]  do_syscall_64+0xc0/0x2a0
[   50.927986][ T4530]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   50.928009][ T4530] RIP: 0033:0x7f00a1ecaeb9
[   50.928026][ T4530] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   50.928044][ T4530] RSP: 002b:00007f00a0927028 EFLAGS: 00000246 ORIG_RAX: 0000000000000147
[   50.928076][ T4530] RAX: ffffffffffffffda RBX: 00007f00a2145fa0 RCX: 00007f00a1ecaeb9
[   50.928091][ T4530] RDX: 0000000000000001 RSI: 0000200000000300 RDI: 0000000000000005
[   50.928105][ T4530] RBP: 00007f00a0927090 R08: 00000000ffffffff R09: 0000000000000000
[   50.928118][ T4530] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   50.928132][ T4530] R13: 00007f00a2146038 R14: 00007f00a2145fa0 R15: 00007ffc36052a78
[   50.928214][ T4530]  </TASK>
[   50.937219][   T10] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   50.950822][   T29] audit: type=1400 audit(1769877663.248:1098): avc:  denied  { open } for  pid=3039 comm="dhcpcd" path="/run/udev/data/n25" dev="tmpfs" ino=2621 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   51.129717][ T4550] 9p: Unknown Cache mode or invalid value l
[   51.151853][   T29] audit: type=1400 audit(1769877663.248:1099): avc:  denied  { getattr } for  pid=3039 comm="dhcpcd" path="/run/udev/data/n25" dev="tmpfs" ino=2621 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   51.158852][   T29] audit: type=1400 audit(1769877663.429:1100): avc:  denied  { create } for  pid=4535 comm="dhcpcd-run-hook" name="resolv.conf.can0.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   51.203877][   T29] audit: type=1400 audit(1769877663.429:1101): avc:  denied  { write } for  pid=4535 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf.can0.link" dev="tmpfs" ino=2647 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   51.230197][   T29] audit: type=1400 audit(1769877663.429:1102): avc:  denied  { append } for  pid=4535 comm="dhcpcd-run-hook" name="resolv.conf.can0.link" dev="tmpfs" ino=2647 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   51.231021][ T4552] EXT4-fs: Ignoring removed i_version option
[   51.254541][   T29] audit: type=1400 audit(1769877663.450:1103): avc:  denied  { unlink } for  pid=4548 comm="rm" name="resolv.conf.can0.link" dev="tmpfs" ino=2647 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   51.286288][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.323219][ T4554] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[   51.334492][ T4554] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[   51.367722][ T4552] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   51.381007][ T4525] can0 (unregistered): slcan off ttyS3.
[   51.387270][ T4554] EXT4-fs error (device loop2): ext4_get_journal_inode:5849: inode #32: comm syz.2.338: iget: special inode unallocated
[   51.400065][ T4552] ext4 filesystem being mounted at /63/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   51.417164][ T4556] netlink: 44 bytes leftover after parsing attributes in process `syz.3.335'.
[   51.444945][ T4567] netlink: 4 bytes leftover after parsing attributes in process `syz.0.339'.
[   51.453909][ T4554] EXT4-fs (loop2): Remounting filesystem read-only
[   51.474891][ T4554] EXT4-fs (loop2): no journal found
[   51.480498][ T4554] EXT4-fs (loop2): can't get journal size
[   51.509095][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.550231][ T4554] EXT4-fs (loop2): filesystem is read-only
[   51.589249][ T4554] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   51.644262][ T4566] futex_wake_op: syz.1.340 tries to shift op by -1; fix this program
[   51.709008][ T4590] netlink: 'syz.0.344': attribute type 1 has an invalid length.
[   51.786547][   T29] audit: type=1400 audit(1769877664.165:1104): avc:  denied  { sqpoll } for  pid=4594 comm="syz.1.346" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[   51.805953][   T29] audit: type=1400 audit(1769877664.175:1105): avc:  denied  { name_bind } for  pid=4594 comm="syz.1.346" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[   51.846568][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.118836][ T4611] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   52.213539][ T4611] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   52.270646][ T4611] RDS: rds_bind could not find a transport for fe80::aa, load rds_tcp or rds_rdma?
[   52.377005][   T29] audit: type=1400 audit(1769877664.759:1106): avc:  denied  { read } for  pid=4615 comm="syz.0.351" name="snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[   52.422311][ T4613] netlink: 12 bytes leftover after parsing attributes in process `syz.1.350'.
[   52.489901][ T4627] FAULT_INJECTION: forcing a failure.
[   52.489901][ T4627] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   52.503194][ T4627] CPU: 1 UID: 0 PID: 4627 Comm: syz.3.353 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   52.503228][ T4627] Tainted: [W]=WARN
[   52.503235][ T4627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   52.503326][ T4627] Call Trace:
[   52.503333][ T4627]  <TASK>
[   52.503341][ T4627]  __dump_stack+0x1d/0x30
[   52.503448][ T4627]  dump_stack_lvl+0x95/0xd0
[   52.503473][ T4627]  dump_stack+0x15/0x1b
[   52.503539][ T4627]  should_fail_ex+0x263/0x280
[   52.503577][ T4627]  should_fail+0xb/0x20
[   52.503610][ T4627]  should_fail_usercopy+0x1a/0x20
[   52.503815][ T4627]  _copy_from_user+0x1c/0xb0
[   52.503843][ T4627]  __x64_sys_clock_adjtime+0x67/0x1d0
[   52.503878][ T4627]  x64_sys_call+0xbbf/0x3000
[   52.503908][ T4627]  do_syscall_64+0xc0/0x2a0
[   52.503964][ T4627]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   52.503991][ T4627] RIP: 0033:0x7f00a1ecaeb9
[   52.504011][ T4627] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   52.504029][ T4627] RSP: 002b:00007f00a0927028 EFLAGS: 00000246 ORIG_RAX: 0000000000000131
[   52.504050][ T4627] RAX: ffffffffffffffda RBX: 00007f00a2145fa0 RCX: 00007f00a1ecaeb9
[   52.504065][ T4627] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000000
[   52.504099][ T4627] RBP: 00007f00a0927090 R08: 0000000000000000 R09: 0000000000000000
[   52.504114][ T4627] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   52.504128][ T4627] R13: 00007f00a2146038 R14: 00007f00a2145fa0 R15: 00007ffc36052a78
[   52.504178][ T4627]  </TASK>
[   52.958549][ T4633] lo speed is unknown, defaulting to 1000
[   52.966963][ T4646] netlink: 4 bytes leftover after parsing attributes in process `syz.2.357'.
[   52.995453][ T4649] set_capacity_and_notify: 5 callbacks suppressed
[   52.995482][ T4649] loop3: detected capacity change from 0 to 512
[   53.085434][ T4646] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   53.115626][ T4646] batman_adv: batadv0: Removing interface: batadv_slave_1
[   53.126012][ T4649] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   53.140680][ T4649] ext4 filesystem being mounted at /73/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   53.273643][ T4660] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #18: comm syz.3.360: corrupted inode contents
[   53.287018][ T4660] EXT4-fs (loop3): Remounting filesystem read-only
[   53.293675][ T4660] EXT4-fs warning (device loop3): ext4_evict_inode:273: xattr delete (err -30)
[   53.349276][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.509098][ T4665] SELinux: failed to load policy
[   53.605842][ T4670] loop2: detected capacity change from 0 to 4096
[   53.648303][ T4670] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   53.692302][ T4677] netlink: 4 bytes leftover after parsing attributes in process `syz.1.365'.
[   53.785613][ T4677] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   53.819966][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.833262][ T4677] batman_adv: batadv0: Removing interface: batadv_slave_1
[   53.991424][ T4682] bridge0: port 1(bridge_slave_0) entered disabled state
[   54.121813][ T4682] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   54.212804][   T39] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   54.245350][   T39] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   54.257051][   T39] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   54.266128][   T39] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   54.303364][ T4695] FAULT_INJECTION: forcing a failure.
[   54.303364][ T4695] name failslab, interval 1, probability 0, space 0, times 0
[   54.316173][ T4695] CPU: 0 UID: 0 PID: 4695 Comm: syz.0.371 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   54.316208][ T4695] Tainted: [W]=WARN
[   54.316213][ T4695] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   54.316221][ T4695] Call Trace:
[   54.316226][ T4695]  <TASK>
[   54.316232][ T4695]  __dump_stack+0x1d/0x30
[   54.316251][ T4695]  dump_stack_lvl+0x95/0xd0
[   54.316327][ T4695]  dump_stack+0x15/0x1b
[   54.316340][ T4695]  should_fail_ex+0x263/0x280
[   54.316362][ T4695]  should_failslab+0x8c/0xb0
[   54.316446][ T4695]  kmem_cache_alloc_noprof+0x68/0x490
[   54.316462][ T4695]  ? skb_clone+0x151/0x1f0
[   54.316477][ T4695]  skb_clone+0x151/0x1f0
[   54.316498][ T4695]  __netlink_deliver_tap+0x2c9/0x500
[   54.316523][ T4695]  netlink_unicast+0x66b/0x690
[   54.316630][ T4695]  netlink_sendmsg+0x5c8/0x6f0
[   54.316645][ T4695]  ? __pfx_netlink_sendmsg+0x10/0x10
[   54.316658][ T4695]  ____sys_sendmsg+0x5af/0x600
[   54.316673][ T4695]  ___sys_sendmsg+0x195/0x1e0
[   54.316694][ T4695]  __x64_sys_sendmsg+0xd4/0x160
[   54.316737][ T4695]  x64_sys_call+0x17ba/0x3000
[   54.316754][ T4695]  do_syscall_64+0xc0/0x2a0
[   54.316774][ T4695]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   54.316823][ T4695] RIP: 0033:0x7f5094baaeb9
[   54.316875][ T4695] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   54.316888][ T4695] RSP: 002b:00007f50935e6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   54.316904][ T4695] RAX: ffffffffffffffda RBX: 00007f5094e26090 RCX: 00007f5094baaeb9
[   54.316983][ T4695] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000004
[   54.316992][ T4695] RBP: 00007f50935e6090 R08: 0000000000000000 R09: 0000000000000000
[   54.317001][ T4695] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   54.317009][ T4695] R13: 00007f5094e26128 R14: 00007f5094e26090 R15: 00007ffe649df1b8
[   54.317022][ T4695]  </TASK>
[   54.584240][ T4702] loop3: detected capacity change from 0 to 1024
[   54.633075][ T4702] EXT4-fs: Ignoring removed nomblk_io_submit option
[   54.653476][ T4702] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[   54.691636][ T4702] System zones: 0-1, 3-36
[   54.701399][ T4707] netlink: 24 bytes leftover after parsing attributes in process `syz.0.375'.
[   54.722029][ T4702] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   54.724467][ T4708] tipc: Started in network mode
[   54.739731][ T4708] tipc: Node identity 2eb7b6f350f2, cluster identity 4711
[   54.747019][ T4708] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   54.763488][ T4708] loop4: detected capacity change from 0 to 1024
[   54.770562][ T4708] journal_path: Lookup failure for './file0'
[   54.776691][ T4708] EXT4-fs: error: could not find journal device path
[   54.788875][ T4706] tipc: Disabling bearer <eth:syzkaller0>
[   54.901898][ T4717] netlink: 32 bytes leftover after parsing attributes in process `syz.4.380'.
[   54.921106][ T4719] netlink: 'syz.1.379': attribute type 27 has an invalid length.
[   54.989661][ T4719] bridge0: port 2(bridge_slave_1) entered disabled state
[   54.996976][ T4719] bridge0: port 1(bridge_slave_0) entered disabled state
[   55.085820][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.109549][ T4738] loop2: detected capacity change from 0 to 1024
[   55.116608][ T4738] EXT4-fs: inline encryption not supported
[   55.136969][ T4719] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   55.144805][ T4738] ext4: Unknown parameter 'uid>00000000000000000000'
[   55.168610][ T4742] loop3: detected capacity change from 0 to 1024
[   55.197365][ T4742] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[   55.227082][ T4742] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[   55.255247][ T4742] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a840e11d, mo2=0002]
[   55.289299][ T4728] 8021q: adding VLAN 0 to HW filter on device bond0
[   55.310237][ T4742] System zones: 0-1, 4-36, 102-102
[   55.319188][ T4728] 8021q: adding VLAN 0 to HW filter on device team0
[   55.333427][ T4742] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   55.355780][ T4728] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   55.371618][ T4727] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported
[   55.383238][ T4742] netlink: 16 bytes leftover after parsing attributes in process `syz.3.383'.
[   55.420422][ T4735] bond0: (slave team0): Releasing backup interface
[   55.439897][ T4735] bridge_slave_0: left allmulticast mode
[   55.445603][ T4735] bridge_slave_0: left promiscuous mode
[   55.451231][ T4735] bridge0: port 1(bridge_slave_0) entered disabled state
[   55.459845][ T4735] bridge_slave_1: left allmulticast mode
[   55.465560][ T4735] bridge_slave_1: left promiscuous mode
[   55.471374][ T4735] bridge0: port 2(bridge_slave_1) entered disabled state
[   55.480192][ T4735] bond0: (slave bond_slave_0): Releasing backup interface
[   55.488809][ T4735] bond0: (slave bond_slave_1): Releasing backup interface
[   55.498399][ T4735] team0: Port device team_slave_0 removed
[   55.505405][ T4735] team0: Port device team_slave_1 removed
[   55.511369][ T4735] batman_adv: batadv0: Removing interface: batadv_slave_0
[   55.519237][ T4735] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[   55.535427][   T12] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   55.550503][   T12] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   55.559606][   T12] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   55.580622][ T4756] tc_dump_action: action bad kind
[   55.590623][   T12] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   55.851670][   T29] kauditd_printk_skb: 11 callbacks suppressed
[   55.851767][   T29] audit: type=1400 audit(1769878180.259:1118): avc:  denied  { mounton } for  pid=4772 comm="syz.2.392" path="/syzcgroup/cpu/syz2/cgroup.procs" dev="cgroup" ino=53 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=file permissive=1
[   55.918383][   T29] audit: type=1400 audit(1769878180.299:1119): avc:  denied  { setopt } for  pid=4772 comm="syz.2.392" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[   55.938231][   T29] audit: type=1400 audit(1769878180.299:1120): avc:  denied  { ioctl } for  pid=4772 comm="syz.2.392" path="socket:[9078]" dev="sockfs" ino=9078 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[   55.964498][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.063387][ T4788] netlink: 64 bytes leftover after parsing attributes in process `syz.3.397'.
[   56.083051][ T4787] macvlan2: entered promiscuous mode
[   56.107409][   T29] audit: type=1400 audit(1769878180.511:1121): avc:  denied  { setopt } for  pid=4789 comm="syz.4.399" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[   56.112746][ T4788] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[   56.152970][ T4792] loop4: detected capacity change from 0 to 512
[   56.159959][ T4792] EXT4-fs: Ignoring removed nobh option
[   56.174116][ T4792] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   56.194745][ T4792] ext4 filesystem being mounted at /77/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   56.218313][ T4784] loop1: detected capacity change from 0 to 512
[   56.233613][ T4784] EXT4-fs: inline encryption not supported
[   56.270277][ T4792] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[   56.281013][ T4792] netlink: 8 bytes leftover after parsing attributes in process `syz.4.399'.
[   56.289931][ T4792] netlink: 'syz.4.399': attribute type 21 has an invalid length.
[   56.297713][   T29] audit: type=1400 audit(1769878180.703:1122): avc:  denied  { shutdown } for  pid=4789 comm="syz.4.399" lport=64 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   56.322472][ T4784] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2
[   56.335064][ T4784] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.396: invalid indirect mapped block 2683928664 (level 1)
[   56.361575][ T4784] EXT4-fs (loop1): 1 truncate cleaned up
[   56.382839][ T4784] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   56.399635][   T29] audit: type=1400 audit(1769878180.824:1123): avc:  denied  { read } for  pid=4789 comm="syz.4.399" lport=64 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   56.461554][   T29] audit: type=1400 audit(1769878180.864:1124): avc:  denied  { getopt } for  pid=4789 comm="syz.4.399" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[   56.494961][ T4784] netlink: 104 bytes leftover after parsing attributes in process `syz.1.396'.
[   56.534295][ T4802] netlink: 16 bytes leftover after parsing attributes in process `syz.3.403'.
[   56.553641][   T29] audit: type=1400 audit(1769878180.975:1125): avc:  denied  { bind } for  pid=4800 comm="syz.3.403" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   56.790672][   T29] audit: type=1400 audit(1769878181.207:1126): avc:  denied  { execute } for  pid=4818 comm="syz.0.408" path="/83/cpu.stat" dev="tmpfs" ino=456 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   56.821430][   T29] audit: type=1400 audit(1769878181.227:1127): avc:  denied  { connect } for  pid=4808 comm="syz.3.405" lport=1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   56.925470][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.036231][ T4827] loop4: detected capacity change from 0 to 128
[   57.043002][ T4827] vfat: Unknown parameter '" Ø'
[   57.060471][ T3309] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   57.097265][ T4830] tipc: Can't bind to reserved service type 0
[   57.517740][ T4852] netlink: 'syz.0.420': attribute type 1 has an invalid length.
[   57.671510][ T4860] netlink: 8 bytes leftover after parsing attributes in process `syz.1.423'.
[   57.733423][ T4868] xt_HMARK: spi-set and port-set can't be combined
[   57.737474][ T4866] usb usb1: usbfs: interface 0 claimed by hub while 'syz.1.426' sets config #1
[   57.899441][ T4879] FAULT_INJECTION: forcing a failure.
[   57.899441][ T4879] name failslab, interval 1, probability 0, space 0, times 0
[   57.912415][ T4879] CPU: 1 UID: 0 PID: 4879 Comm: syz.3.427 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   57.912453][ T4879] Tainted: [W]=WARN
[   57.912461][ T4879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   57.912475][ T4879] Call Trace:
[   57.912483][ T4879]  <TASK>
[   57.912548][ T4879]  __dump_stack+0x1d/0x30
[   57.912578][ T4879]  dump_stack_lvl+0x95/0xd0
[   57.912602][ T4879]  dump_stack+0x15/0x1b
[   57.912626][ T4879]  should_fail_ex+0x263/0x280
[   57.912668][ T4879]  should_failslab+0x8c/0xb0
[   57.912695][ T4879]  __kmalloc_cache_noprof+0x64/0x4a0
[   57.912762][ T4879]  ? file_f_owner_allocate+0x4d/0xd0
[   57.912798][ T4879]  file_f_owner_allocate+0x4d/0xd0
[   57.912867][ T4879]  tty_fasync+0x9f/0x280
[   57.912904][ T4879]  do_fcntl+0xd60/0xf80
[   57.913008][ T4879]  __se_sys_fcntl+0xb1/0x120
[   57.913088][ T4879]  __x64_sys_fcntl+0x43/0x50
[   57.913134][ T4879]  x64_sys_call+0x2d6f/0x3000
[   57.913221][ T4879]  do_syscall_64+0xc0/0x2a0
[   57.913254][ T4879]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   57.913338][ T4879] RIP: 0033:0x7f00a1ecaeb9
[   57.913358][ T4879] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   57.913378][ T4879] RSP: 002b:00007f00a0927028 EFLAGS: 00000246 ORIG_RAX: 0000000000000048
[   57.913425][ T4879] RAX: ffffffffffffffda RBX: 00007f00a2145fa0 RCX: 00007f00a1ecaeb9
[   57.913440][ T4879] RDX: 0000000000102800 RSI: 0000000000000004 RDI: 0000000000000004
[   57.913452][ T4879] RBP: 00007f00a0927090 R08: 0000000000000000 R09: 0000000000000000
[   57.913465][ T4879] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   57.913479][ T4879] R13: 00007f00a2146038 R14: 00007f00a2145fa0 R15: 00007ffc36052a78
[   57.913499][ T4879]  </TASK>
[   58.155654][ T4890] netlink: 4 bytes leftover after parsing attributes in process `syz.1.431'.
[   58.166325][ T4890] netlink: 8 bytes leftover after parsing attributes in process `syz.1.431'.
[   58.212683][ T4892] netlink: 'syz.4.435': attribute type 1 has an invalid length.
[   58.261218][ T4896] FAULT_INJECTION: forcing a failure.
[   58.261218][ T4896] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   58.274539][ T4896] CPU: 0 UID: 0 PID: 4896 Comm: syz.3.437 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   58.274598][ T4896] Tainted: [W]=WARN
[   58.274610][ T4896] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   58.274619][ T4896] Call Trace:
[   58.274624][ T4896]  <TASK>
[   58.274629][ T4896]  __dump_stack+0x1d/0x30
[   58.274648][ T4896]  dump_stack_lvl+0x95/0xd0
[   58.274728][ T4896]  dump_stack+0x15/0x1b
[   58.274741][ T4896]  should_fail_ex+0x263/0x280
[   58.274762][ T4896]  should_fail+0xb/0x20
[   58.274839][ T4896]  should_fail_usercopy+0x1a/0x20
[   58.274862][ T4896]  _copy_from_user+0x1c/0xb0
[   58.274947][ T4896]  addrconf_add_ifaddr+0x93/0x280
[   58.274997][ T4896]  inet6_ioctl+0xb0/0x190
[   58.275025][ T4896]  sock_do_ioctl+0x73/0x230
[   58.275095][ T4896]  sock_ioctl+0x41b/0x610
[   58.275109][ T4896]  ? mutex_lock+0x57/0x90
[   58.275160][ T4896]  ? __pfx_sock_ioctl+0x10/0x10
[   58.275176][ T4896]  __se_sys_ioctl+0xce/0x140
[   58.275197][ T4896]  __x64_sys_ioctl+0x43/0x50
[   58.275273][ T4896]  x64_sys_call+0x14b0/0x3000
[   58.275411][ T4896]  do_syscall_64+0xc0/0x2a0
[   58.275445][ T4896]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   58.275534][ T4896] RIP: 0033:0x7f00a1ecaeb9
[   58.275546][ T4896] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   58.275574][ T4896] RSP: 002b:00007f00a0927028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   58.275643][ T4896] RAX: ffffffffffffffda RBX: 00007f00a2145fa0 RCX: 00007f00a1ecaeb9
[   58.275653][ T4896] RDX: 0000200000000000 RSI: 0000000000008916 RDI: 0000000000000004
[   58.275662][ T4896] RBP: 00007f00a0927090 R08: 0000000000000000 R09: 0000000000000000
[   58.275671][ T4896] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   58.275679][ T4896] R13: 00007f00a2146038 R14: 00007f00a2145fa0 R15: 00007ffc36052a78
[   58.275693][ T4896]  </TASK>
[   58.515120][ T4902] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   58.524971][ T4902] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   58.547679][ T4902] loop3: detected capacity change from 0 to 128
[   58.585918][ T4906] IPv6: NLM_F_CREATE should be specified when creating new route
[   58.839539][ T4915] FAULT_INJECTION: forcing a failure.
[   58.839539][ T4915] name failslab, interval 1, probability 0, space 0, times 0
[   58.852261][ T4915] CPU: 1 UID: 0 PID: 4915 Comm: syz.1.443 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   58.852298][ T4915] Tainted: [W]=WARN
[   58.852306][ T4915] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   58.852389][ T4915] Call Trace:
[   58.852396][ T4915]  <TASK>
[   58.852405][ T4915]  __dump_stack+0x1d/0x30
[   58.852453][ T4915]  dump_stack_lvl+0x95/0xd0
[   58.852474][ T4915]  dump_stack+0x15/0x1b
[   58.852494][ T4915]  should_fail_ex+0x263/0x280
[   58.852528][ T4915]  should_failslab+0x8c/0xb0
[   58.852588][ T4915]  kmem_cache_alloc_noprof+0x68/0x490
[   58.852616][ T4915]  ? getname_flags+0x7f/0x3b0
[   58.852640][ T4915]  ? __fget_files+0x184/0x1c0
[   58.852677][ T4915]  getname_flags+0x7f/0x3b0
[   58.852702][ T4915]  path_listxattrat+0x7e/0x2b0
[   58.852736][ T4915]  __x64_sys_llistxattr+0x4d/0x60
[   58.852766][ T4915]  x64_sys_call+0xb12/0x3000
[   58.852871][ T4915]  do_syscall_64+0xc0/0x2a0
[   58.852902][ T4915]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   58.852924][ T4915] RIP: 0033:0x7f2212f7aeb9
[   58.852943][ T4915] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   58.852971][ T4915] RSP: 002b:00007f22119d7028 EFLAGS: 00000246 ORIG_RAX: 00000000000000c3
[   58.852993][ T4915] RAX: ffffffffffffffda RBX: 00007f22131f5fa0 RCX: 00007f2212f7aeb9
[   58.853007][ T4915] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000040
[   58.853021][ T4915] RBP: 00007f22119d7090 R08: 0000000000000000 R09: 0000000000000000
[   58.853061][ T4915] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   58.853074][ T4915] R13: 00007f22131f6038 R14: 00007f22131f5fa0 R15: 00007ffef2ec0a78
[   58.853097][ T4915]  </TASK>
[   58.867677][ T4908] syzkaller0: entered promiscuous mode
[   59.038670][ T4908] syzkaller0: entered allmulticast mode
[   59.203692][ T4923] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=4923 comm=syz.3.447
[   59.297581][ T4930] netlink: 'syz.3.450': attribute type 1 has an invalid length.
[   59.351672][ T4928] loop0: detected capacity change from 0 to 1024
[   59.370906][ T4928] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   59.380587][ T4928] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   59.392344][ T4928] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840e018, mo2=0000]
[   59.407434][ T4928] System zones: 0-1, 3-12
[   59.415193][ T4928] EXT4-fs error (device loop0): ext4_map_blocks:825: inode #3: block 1: comm syz.0.449: lblock 1 mapped to illegal pblock 1 (length 1)
[   59.432355][ T4934] netlink: 12 bytes leftover after parsing attributes in process `syz.3.451'.
[   59.441686][ T4928] EXT4-fs error (device loop0): ext4_acquire_dquot:6986: comm syz.0.449: Failed to acquire dquot type 0
[   59.454636][ T4928] EXT4-fs error (device loop0): ext4_free_blocks:6728: comm syz.0.449: Freeing blocks not in datazone - block = 0, count = 4096
[   59.469093][ T4928] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.449: Invalid inode bitmap blk 0 in block_group 0
[   59.484000][ T1645] EXT4-fs error (device loop0): ext4_map_blocks:783: inode #3: block 1: comm kworker/u8:5: lblock 1 mapped to illegal pblock 1 (length 1)
[   59.498847][ T4928] EXT4-fs error (device loop0) in ext4_free_inode:361: Corrupt filesystem
[   59.508545][ T4928] EXT4-fs (loop0): 1 orphan inode deleted
[   59.516291][ T1645] EXT4-fs error (device loop0): ext4_release_dquot:7022: comm kworker/u8:5: Failed to release dquot type 0
[   59.524401][ T4928] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   59.618424][ T4947] loop4: detected capacity change from 0 to 512
[   59.641222][ T4947] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[   59.650349][ T4947] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[   59.670319][ T4947] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended
[   59.682683][ T4947] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[   59.694307][ T4947] System zones: 0-2, 18-18, 34-35
[   59.695797][ T4955] netlink: 8 bytes leftover after parsing attributes in process `syz.3.457'.
[   59.699846][ T4947] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   59.751529][ T4962] netlink: 152 bytes leftover after parsing attributes in process `syz.0.460'.
[   59.787773][ T4947] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[   59.820150][ T3315] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   59.932586][ T4969] hub 6-0:1.0: USB hub found
[   59.939060][ T4969] hub 6-0:1.0: 8 ports detected
[   60.701708][ T4981] FAULT_INJECTION: forcing a failure.
[   60.701708][ T4981] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   60.716574][ T4981] CPU: 0 UID: 0 PID: 4981 Comm: syz.3.467 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   60.716637][ T4981] Tainted: [W]=WARN
[   60.716646][ T4981] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   60.716660][ T4981] Call Trace:
[   60.716668][ T4981]  <TASK>
[   60.716676][ T4981]  __dump_stack+0x1d/0x30
[   60.716701][ T4981]  dump_stack_lvl+0x95/0xd0
[   60.716787][ T4981]  dump_stack+0x15/0x1b
[   60.716807][ T4981]  should_fail_ex+0x263/0x280
[   60.716891][ T4981]  should_fail+0xb/0x20
[   60.716978][ T4981]  should_fail_usercopy+0x1a/0x20
[   60.717011][ T4981]  _copy_to_user+0x20/0xa0
[   60.717050][ T4981]  simple_read_from_buffer+0xb5/0x130
[   60.717112][ T4981]  proc_fail_nth_read+0x10e/0x150
[   60.717192][ T4981]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   60.717271][ T4981]  vfs_read+0x1ab/0x7f0
[   60.717293][ T4981]  ? __rcu_read_unlock+0x4e/0x70
[   60.717324][ T4981]  ? __fget_files+0x184/0x1c0
[   60.717404][ T4981]  ? mutex_lock+0x57/0x90
[   60.717431][ T4981]  ksys_read+0xdc/0x1a0
[   60.717455][ T4981]  __x64_sys_read+0x40/0x50
[   60.717478][ T4981]  x64_sys_call+0x2889/0x3000
[   60.717551][ T4981]  do_syscall_64+0xc0/0x2a0
[   60.717653][ T4981]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   60.717683][ T4981] RIP: 0033:0x7f00a1e8b78e
[   60.717757][ T4981] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[   60.717778][ T4981] RSP: 002b:00007f00a0926fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   60.717803][ T4981] RAX: ffffffffffffffda RBX: 00007f00a09276c0 RCX: 00007f00a1e8b78e
[   60.717820][ T4981] RDX: 000000000000000f RSI: 00007f00a09270a0 RDI: 000000000000000f
[   60.717835][ T4981] RBP: 00007f00a0927090 R08: 0000000000000000 R09: 0000000000000000
[   60.717851][ T4981] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   60.717871][ T4981] R13: 00007f00a2146038 R14: 00007f00a2145fa0 R15: 00007ffc36052a78
[   60.717963][ T4981]  </TASK>
[   60.721233][ T4986] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[   60.808562][ T4992] loop1: detected capacity change from 0 to 1024
[   60.813861][   T36] lo speed is unknown, defaulting to 1000
[   60.954876][ T4992] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   60.979545][ T4992] EXT4-fs error (device loop1): mb_free_blocks:2037: group 0, inode 18: block 241:freeing already freed block (bit 15); block bitmap corrupt.
[   61.020829][   T29] kauditd_printk_skb: 158 callbacks suppressed
[   61.020846][   T29] audit: type=1400 audit(1769878441.471:1283): avc:  denied  { map } for  pid=4991 comm="syz.1.472" path="/100/file1/memory.events.local" dev="loop1" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   61.052026][ T4992] FAULT_INJECTION: forcing a failure.
[   61.052026][ T4992] name failslab, interval 1, probability 0, space 0, times 0
[   61.064832][ T4992] CPU: 0 UID: 0 PID: 4992 Comm: syz.1.472 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   61.064926][ T4992] Tainted: [W]=WARN
[   61.064934][ T4992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   61.064949][ T4992] Call Trace:
[   61.064955][ T4992]  <TASK>
[   61.064963][ T4992]  __dump_stack+0x1d/0x30
[   61.064992][ T4992]  dump_stack_lvl+0x95/0xd0
[   61.065018][ T4992]  dump_stack+0x15/0x1b
[   61.065040][ T4992]  should_fail_ex+0x263/0x280
[   61.065144][ T4992]  should_failslab+0x8c/0xb0
[   61.065214][ T4992]  kmem_cache_alloc_noprof+0x68/0x490
[   61.065243][ T4992]  ? alloc_empty_file+0x76/0x200
[   61.065271][ T4992]  alloc_empty_file+0x76/0x200
[   61.065369][ T4992]  path_openat+0x62/0x23c0
[   61.065402][ T4992]  ? _parse_integer_limit+0x170/0x190
[   61.065431][ T4992]  ? _parse_integer+0x27/0x40
[   61.065513][ T4992]  ? kstrtoull+0x111/0x140
[   61.065539][ T4992]  ? kstrtouint+0x76/0xc0
[   61.065569][ T4992]  do_filp_open+0x15d/0x280
[   61.065626][ T4992]  do_sys_openat2+0xa6/0x150
[   61.065662][ T4992]  __x64_sys_creat+0x65/0x90
[   61.065817][ T4992]  x64_sys_call+0x2f1c/0x3000
[   61.065842][ T4992]  do_syscall_64+0xc0/0x2a0
[   61.065878][ T4992]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   61.065982][ T4992] RIP: 0033:0x7f2212f7aeb9
[   61.066002][ T4992] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   61.066021][ T4992] RSP: 002b:00007f22119d7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[   61.066043][ T4992] RAX: ffffffffffffffda RBX: 00007f22131f5fa0 RCX: 00007f2212f7aeb9
[   61.066096][ T4992] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000200000000280
[   61.066186][ T4992] RBP: 00007f22119d7090 R08: 0000000000000000 R09: 0000000000000000
[   61.066216][ T4992] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   61.066254][ T4992] R13: 00007f22131f6038 R14: 00007f22131f5fa0 R15: 00007ffef2ec0a78
[   61.066277][ T4992]  </TASK>
[   61.079175][   T29] audit: type=1326 audit(1769878441.531:1284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4996 comm="syz.4.473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde913faeb9 code=0x7ffc0000
[   61.173587][ T5003] __nla_validate_parse: 1 callbacks suppressed
[   61.173604][ T5003] netlink: 132 bytes leftover after parsing attributes in process `syz.4.473'.
[   61.175690][   T29] audit: type=1326 audit(1769878441.531:1285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4996 comm="syz.4.473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fde913faeb9 code=0x7ffc0000
[   61.175739][   T29] audit: type=1326 audit(1769878441.531:1286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4996 comm="syz.4.473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde913faeb9 code=0x7ffc0000
[   61.357640][   T29] audit: type=1326 audit(1769878441.531:1287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4996 comm="syz.4.473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fde913faeb9 code=0x7ffc0000
[   61.380904][   T29] audit: type=1326 audit(1769878441.531:1288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4996 comm="syz.4.473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde913faeb9 code=0x7ffc0000
[   61.404426][   T29] audit: type=1326 audit(1769878441.531:1289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4996 comm="syz.4.473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fde913faeb9 code=0x7ffc0000
[   61.428083][   T29] audit: type=1326 audit(1769878441.531:1290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4996 comm="syz.4.473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde913faeb9 code=0x7ffc0000
[   61.451377][   T29] audit: type=1326 audit(1769878441.531:1291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4996 comm="syz.4.473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fde913faeb9 code=0x7ffc0000
[   61.474821][   T29] audit: type=1326 audit(1769878441.531:1292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4996 comm="syz.4.473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde913faeb9 code=0x7ffc0000
[   61.504317][ T3309] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   61.631563][ T5049] IPVS: set_ctl: invalid protocol: 115 172.20.20.170:20001
[   61.673491][ T5052] loop2: detected capacity change from 0 to 1024
[   61.680139][ T5052] EXT4-fs: Ignoring removed orlov option
[   61.726357][ T5052] EXT4-fs error (device loop2): ext4_ext_check_inode:523: inode #4: comm syz.2.482: pblk 98 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[   61.754838][ T5052] EXT4-fs error (device loop2): ext4_quota_enable:7180: comm syz.2.482: Bad quota inode: 4, type: 1
[   61.766279][ T5052] EXT4-fs warning (device loop2): ext4_enable_quotas:7221: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   61.791872][ T5052] EXT4-fs (loop2): mount failed
[   61.961584][ T5082] lo speed is unknown, defaulting to 1000
[   62.074123][ T5098] lo speed is unknown, defaulting to 1000
[   62.131564][ T5113] loop2: detected capacity change from 0 to 128
[   62.147774][ T5113] journal_path: Lookup failure for './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'
[   62.171738][ T5113] EXT4-fs: error: could not find journal device path
[   62.309375][ T5126] veth0_to_team: entered promiscuous mode
[   62.324084][ T5129] netlink: 2028 bytes leftover after parsing attributes in process `syz.3.500'.
[   62.333289][ T5129] netlink: 24 bytes leftover after parsing attributes in process `syz.3.500'.
[   62.353209][ T5125] veth0_to_team: left promiscuous mode
[   62.396245][ T5134] ipt_REJECT: TCP_RESET invalid for non-tcp
[   62.409292][ T5134] netlink: 36 bytes leftover after parsing attributes in process `syz.2.502'.
[   62.419102][ T5134] netlink: 8 bytes leftover after parsing attributes in process `syz.2.502'.
[   62.456819][ T5098] netlink: 'syz.0.495': attribute type 21 has an invalid length.
[   62.464912][ T5098] netlink: 132 bytes leftover after parsing attributes in process `syz.0.495'.
[   62.488015][ T5098] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=259 sclass=netlink_route_socket pid=5098 comm=syz.0.495
[   62.667623][ T5164] loop1: detected capacity change from 0 to 256
[   62.681955][ T5164] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   62.692376][ T5164] FAT-fs (loop1): Filesystem has been set read-only
[   62.699639][ T5164] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   62.711188][ T5164] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   62.724003][ T5162] SELinux:  policydb string SE Linuî does not match my string SE Linux
[   62.732459][ T5162] SELinux: failed to load policy
[   62.817322][ T5173] loop1: detected capacity change from 0 to 128
[   62.857268][ T5173] syz.1.512: attempt to access beyond end of device
[   62.857268][ T5173] loop1: rw=2049, sector=138, nr_sectors = 112 limit=128
[   62.905339][ T5188] netlink: 8 bytes leftover after parsing attributes in process `syz.4.516'.
[   62.914201][ T5188] netlink: 8 bytes leftover after parsing attributes in process `syz.4.516'.
[   62.925251][ T5193] netlink: 28 bytes leftover after parsing attributes in process `syz.0.517'.
[   63.150117][ T5228] netlink: 36 bytes leftover after parsing attributes in process `syz.0.520'.
[   63.295869][ T5240] option changes via remount are deprecated (pid=5239 comm=syz.1.524)
[   63.389072][ T5246] loop2: detected capacity change from 0 to 512
[   63.399007][ T5246] EXT4-fs: Ignoring removed bh option
[   63.410565][ T5246] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[   63.420483][ T5246] EXT4-fs (loop2): 1 truncate cleaned up
[   63.427330][ T5246] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   63.604111][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   63.629605][ T5254] loop2: detected capacity change from 0 to 512
[   63.639308][ T5254] EXT4-fs (loop2): filesystem is read-only
[   63.647487][ T5254] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[   63.665177][ T5254] EXT4-fs (loop2): filesystem is read-only
[   63.671245][ T5254] EXT4-fs (loop2): orphan cleanup on readonly fs
[   63.678191][ T5254] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.528: bg 0: block 64: padding at end of block bitmap is not set
[   63.693424][ T5254] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6689: Corrupt filesystem
[   63.703129][ T5254] EXT4-fs (loop2): 1 orphan inode deleted
[   63.796334][ T5257] SELinux: failed to load policy
[   63.857379][ T5261] openvswitch: netlink: Missing key (keys=40, expected=2000)
[   63.920584][ T5266] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5266 comm=syz.4.531
[   63.927284][ T5267] FAULT_INJECTION: forcing a failure.
[   63.927284][ T5267] name failslab, interval 1, probability 0, space 0, times 0
[   63.945668][ T5267] CPU: 1 UID: 0 PID: 5267 Comm: syz.2.533 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   63.945818][ T5267] Tainted: [W]=WARN
[   63.945826][ T5267] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   63.945840][ T5267] Call Trace:
[   63.945848][ T5267]  <TASK>
[   63.945858][ T5267]  __dump_stack+0x1d/0x30
[   63.945969][ T5267]  dump_stack_lvl+0x95/0xd0
[   63.945995][ T5267]  dump_stack+0x15/0x1b
[   63.946029][ T5267]  should_fail_ex+0x263/0x280
[   63.946115][ T5267]  should_failslab+0x8c/0xb0
[   63.946131][ T5266] loop4: detected capacity change from 0 to 1024
[   63.946144][ T5267]  __kmalloc_cache_node_noprof+0x69/0x4a0
[   63.946220][ T5267]  ? __get_vm_area_node+0x106/0x1d0
[   63.946265][ T5267]  __get_vm_area_node+0x106/0x1d0
[   63.946292][ T5267]  __vmalloc_node_range_noprof+0x291/0x12b0
[   63.946321][ T5267]  ? sel_write_load+0x156/0x380
[   63.946354][ T5267]  ? __rcu_read_unlock+0x4e/0x70
[   63.946393][ T5267]  ? avc_has_perm_noaudit+0xab/0x130
[   63.946426][ T5267]  ? sel_write_load+0x156/0x380
[   63.946485][ T5267]  vmalloc_noprof+0x82/0xb0
[   63.946589][ T5267]  ? sel_write_load+0x156/0x380
[   63.946619][ T5267]  sel_write_load+0x156/0x380
[   63.946729][ T5267]  ? __pfx_sel_write_load+0x10/0x10
[   63.946759][ T5267]  vfs_write+0x269/0x9f0
[   63.946779][ T5267]  ? __rcu_read_unlock+0x4e/0x70
[   63.946863][ T5267]  ? __fget_files+0x184/0x1c0
[   63.946887][ T5267]  ? mutex_lock+0x57/0x90
[   63.946912][ T5267]  ksys_write+0xdc/0x1a0
[   63.946933][ T5267]  __x64_sys_write+0x40/0x50
[   63.946954][ T5267]  x64_sys_call+0x2847/0x3000
[   63.947024][ T5267]  do_syscall_64+0xc0/0x2a0
[   63.947057][ T5267]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   63.947149][ T5267] RIP: 0033:0x7ff8ffa8aeb9
[   63.947167][ T5267] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   63.947186][ T5267] RSP: 002b:00007ff8fe4e7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   63.947210][ T5267] RAX: ffffffffffffffda RBX: 00007ff8ffd05fa0 RCX: 00007ff8ffa8aeb9
[   63.947261][ T5267] RDX: 000000000000ffa8 RSI: 0000200000000000 RDI: 0000000000000003
[   63.947275][ T5267] RBP: 00007ff8fe4e7090 R08: 0000000000000000 R09: 0000000000000000
[   63.947299][ T5267] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   63.947312][ T5267] R13: 00007ff8ffd06038 R14: 00007ff8ffd05fa0 R15: 00007ffed0ae2a68
[   63.947332][ T5267]  </TASK>
[   63.947341][ T5267] syz.2.533: vmalloc error: size 65448, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null)
[   63.987596][ T5266] EXT4-fs error (device loop4): ext4_acquire_dquot:6986: comm syz.4.531: Failed to acquire dquot type 0
[   63.990863][ T5267] ,cpuset=/,mems_allowed=0
[   63.990902][ T5267] CPU: 1 UID: 0 PID: 5267 Comm: syz.2.533 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   63.991004][ T5267] Tainted: [W]=WARN
[   63.991018][ T5267] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   63.991030][ T5267] Call Trace:
[   63.991038][ T5267]  <TASK>
[   63.991089][ T5267]  __dump_stack+0x1d/0x30
[   63.991115][ T5267]  dump_stack_lvl+0x95/0xd0
[   63.991207][ T5267]  dump_stack+0x15/0x1b
[   63.991229][ T5267]  warn_alloc+0x145/0x1c0
[   63.991289][ T5267]  __vmalloc_node_range_noprof+0x2b6/0x12b0
[   63.991342][ T5267]  ? __rcu_read_unlock+0x4e/0x70
[   63.991444][ T5267]  ? avc_has_perm_noaudit+0xab/0x130
[   63.991524][ T5267]  ? sel_write_load+0x156/0x380
[   63.991554][ T5267]  vmalloc_noprof+0x82/0xb0
[   63.991581][ T5267]  ? sel_write_load+0x156/0x380
[   63.991614][ T5267]  sel_write_load+0x156/0x380
[   63.991654][ T5267]  ? __pfx_sel_write_load+0x10/0x10
[   63.991683][ T5267]  vfs_write+0x269/0x9f0
[   63.991703][ T5267]  ? __rcu_read_unlock+0x4e/0x70
[   63.991813][ T5267]  ? __fget_files+0x184/0x1c0
[   63.991858][ T5267]  ? mutex_lock+0x57/0x90
[   63.991942][ T5267]  ksys_write+0xdc/0x1a0
[   63.991964][ T5267]  __x64_sys_write+0x40/0x50
[   63.991985][ T5267]  x64_sys_call+0x2847/0x3000
[   63.992045][ T5267]  do_syscall_64+0xc0/0x2a0
[   63.992146][ T5267]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   63.992261][ T5267] RIP: 0033:0x7ff8ffa8aeb9
[   63.992280][ T5267] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   63.992362][ T5267] RSP: 002b:00007ff8fe4e7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   63.992384][ T5267] RAX: ffffffffffffffda RBX: 00007ff8ffd05fa0 RCX: 00007ff8ffa8aeb9
[   63.992400][ T5267] RDX: 000000000000ffa8 RSI: 0000200000000000 RDI: 0000000000000003
[   63.992435][ T5267] RBP: 00007ff8fe4e7090 R08: 0000000000000000 R09: 0000000000000000
[   63.992449][ T5267] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   63.992506][ T5267] R13: 00007ff8ffd06038 R14: 00007ff8ffd05fa0 R15: 00007ffed0ae2a68
[   63.992526][ T5267]  </TASK>
[   63.992565][ T5267] Mem-Info:
[   63.998307][ T5266] EXT4-fs error (device loop4): mb_free_blocks:2037: group 0, 
[   64.000215][ T5267] active_anon:28639 inactive_anon:0 isolated_anon:0
[   64.000215][ T5267]  active_file:20688 inactive_file:2630 isolated_file:0
[   64.000215][ T5267]  unevictable:0 dirty:836 writeback:0
[   64.000215][ T5267]  slab_reclaimable:3335 slab_unreclaimable:16181
[   64.000215][ T5267]  mapped:29882 shmem:20961 pagetables:1298
[   64.000215][ T5267]  sec_pagetables:0 bounce:0
[   64.000215][ T5267]  kernel_misc_reclaimable:0
[   64.000215][ T5267]  free:1841161 free_pcp:15113 free_cma:0
[   64.006655][ T5266] inode 13: 
[   64.012328][ T5267] Node 0 active_anon:114556kB inactive_anon:0kB active_file:82752kB inactive_file:10520kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:119528kB dirty:3344kB writeback:0kB shmem:83844kB kernel_stack:3680kB pagetables:5192kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[   64.012385][ T5267] Node 0 
[   64.017586][ T5266] block 160:
[   64.022665][ T5267] DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   64.028561][ T5266] freeing already freed block (bit 10); block bitmap corrupt.
[   64.033475][ T5267] lowmem_reserve[]: 0 2879 7858 7858
[   64.033513][ T5267] Node 0 DMA32 free:2943712kB boost:0kB min:4128kB low:7056kB high:9984kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:3129332kB managed:2948380kB mlocked:0kB bounce:0kB free_pcp:4668kB local_pcp:3528kB free_cma:0kB
[   64.078812][ T5266] EXT4-fs (loop4): 1 truncate cleaned up
[   64.081918][ T5267] lowmem_reserve[]: 0 0 4978 4978
[   64.082023][ T5267] Node 0 Normal free:4405572kB boost:0kB min:7188kB low:12284kB high:17380kB reserved_highatomic:0KB free_highatomic:0KB active_anon:114556kB inactive_anon:0kB active_file:83796kB inactive_file:10520kB unevictable:0kB writepending:4272kB zspages:0kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:54860kB local_pcp:17124kB free_cma:0kB
[   64.177094][ T5271] loop3: detected capacity change from 0 to 164
[   64.183383][ T5267] lowmem_reserve[]: 0 0 0 0
[   64.183431][ T5267] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[   64.654994][ T5267] Node 0 DMA32: 2*4kB (M) 1*8kB (M) 3*16kB (M) 1*32kB (M) 2*64kB (M) 4*128kB (M) 4*256kB (M) 2*512kB (M) 4*1024kB (M) 2*2048kB (M) 716*4096kB (M) = 2943712kB
[   64.671295][ T5267] Node 0 Normal: 671*4kB (UM) 182*8kB (UME) 46*16kB (UME) 59*32kB (UME) 80*64kB (UME) 97*128kB (UME) 85*256kB (UME) 86*512kB (UME) 64*1024kB (UME) 46*2048kB (UM) 1014*4096kB (UM) = 4403180kB
[   64.690529][ T5267] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[   64.699917][ T5267] 44540 total pagecache pages
[   64.704641][ T5267] 0 pages in swap cache
[   64.708833][ T5267] Free swap  = 124996kB
[   64.713000][ T5267] Total swap = 124996kB
[   64.717165][ T5267] 2097051 pages RAM
[   64.720983][ T5267] 0 pages HighMem/MovableOnly
[   64.725732][ T5267] 81556 pages reserved
[   64.730347][ T5268] SELinux:  policydb magic number 0x6c65732f does not match expected magic number 0xf97cff8c
[   64.763587][ T5268] SELinux: failed to load policy
[   64.769578][ T5277] SELinux:  policydb magic number 0x6c65732f does not match expected magic number 0xf97cff8c
[   64.792788][ T5277] SELinux: failed to load policy
[   64.926443][ T5299] loop4: detected capacity change from 0 to 128
[   64.997370][ T5303] loop2: detected capacity change from 0 to 512
[   65.014619][ T5303] EXT4-fs (loop2): corrupt root inode, run e2fsck
[   65.021112][ T5303] EXT4-fs (loop2): mount failed
[   65.122005][ T5308] lo speed is unknown, defaulting to 1000
[   65.181174][ T5299] ==================================================================
[   65.189280][ T5299] BUG: KCSAN: data-race in file_write_and_wait_range / xas_set_mark
[   65.197264][ T5299] 
[   65.199579][ T5299] write to 0xffff88810ba41d14 of 4 bytes by task 5301 on cpu 1:
[   65.207200][ T5299]  xas_set_mark+0x12b/0x140
[   65.211703][ T5299]  tag_pages_for_writeback+0xe3/0x2e0
[   65.217078][ T5299]  writeback_iter+0x340/0x810
[   65.221755][ T5299]  mpage_writepages+0x87/0x1310
[   65.226612][ T5299]  fat_writepages+0x24/0x30
[   65.231309][ T5299]  do_writepages+0x1c6/0x310
[   65.235934][ T5299]  file_write_and_wait_range+0x178/0x2f0
[   65.241865][ T5299]  __generic_file_fsync+0x46/0x160
[   65.246988][ T5299]  fat_file_fsync+0x49/0x100
[   65.251603][ T5299]  vfs_fsync_range+0x10d/0x130
[   65.256830][ T5299]  generic_file_write_iter+0x1ba/0x310
[   65.262315][ T5299]  iter_file_splice_write+0x6bc/0xa80
[   65.267691][ T5299]  direct_splice_actor+0x156/0x2a0
[   65.272810][ T5299]  splice_direct_to_actor+0x311/0x670
[   65.278187][ T5299]  do_splice_direct+0x119/0x1a0
[   65.283140][ T5299]  do_sendfile+0x382/0x650
[   65.287655][ T5299]  __x64_sys_sendfile64+0x105/0x150
[   65.292949][ T5299]  x64_sys_call+0x2db1/0x3000
[   65.297641][ T5299]  do_syscall_64+0xc0/0x2a0
[   65.302521][ T5299]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   65.308428][ T5299] 
[   65.310756][ T5299] read to 0xffff88810ba41d14 of 4 bytes by task 5299 on cpu 0:
[   65.318302][ T5299]  file_write_and_wait_range+0x130/0x2f0
[   65.323948][ T5299]  __generic_file_fsync+0x46/0x160
[   65.329069][ T5299]  fat_file_fsync+0x49/0x100
[   65.333667][ T5299]  vfs_fsync_range+0x10d/0x130
[   65.338470][ T5299]  generic_file_write_iter+0x1ba/0x310
[   65.343943][ T5299]  iter_file_splice_write+0x6bc/0xa80
[   65.349320][ T5299]  direct_splice_actor+0x156/0x2a0
[   65.354436][ T5299]  splice_direct_to_actor+0x311/0x670
[   65.359852][ T5299]  do_splice_direct+0x119/0x1a0
[   65.364745][ T5299]  do_sendfile+0x382/0x650
[   65.369195][ T5299]  __x64_sys_sendfile64+0x105/0x150
[   65.374498][ T5299]  x64_sys_call+0x2db1/0x3000
[   65.379275][ T5299]  do_syscall_64+0xc0/0x2a0
[   65.383789][ T5299]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   65.389691][ T5299] 
[   65.392017][ T5299] value changed: 0x02000021 -> 0x04000021
[   65.397737][ T5299] 
[   65.400067][ T5299] Reported by Kernel Concurrency Sanitizer on:
[   65.406223][ T5299] CPU: 0 UID: 0 PID: 5299 Comm: syz.4.544 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   65.417427][ T5299] Tainted: [W]=WARN
[   65.421236][ T5299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   65.431393][ T5299] ==================================================================
[   65.618464][ T5299] ==================================================================
[   65.627175][ T5299] BUG: KCSAN: data-race in __writeback_single_inode / xas_set_mark
[   65.635161][ T5299] 
[   65.637580][ T5299] write to 0xffff88810ba41d14 of 4 bytes by task 5301 on cpu 1:
[   65.645296][ T5299]  xas_set_mark+0x12b/0x140
[   65.649800][ T5299]  tag_pages_for_writeback+0xe3/0x2e0
[   65.655185][ T5299]  writeback_iter+0x340/0x810
[   65.659952][ T5299]  mpage_writepages+0x87/0x1310
[   65.664978][ T5299]  fat_writepages+0x24/0x30
[   65.669495][ T5299]  do_writepages+0x1c6/0x310
[   65.674283][ T5299]  file_write_and_wait_range+0x178/0x2f0
[   65.679983][ T5299]  __generic_file_fsync+0x46/0x160
[   65.685177][ T5299]  fat_file_fsync+0x49/0x100
[   65.689759][ T5299]  vfs_fsync_range+0x10d/0x130
[   65.694606][ T5299]  generic_file_write_iter+0x1ba/0x310
[   65.700070][ T5299]  iter_file_splice_write+0x6bc/0xa80
[   65.705463][ T5299]  direct_splice_actor+0x156/0x2a0
[   65.710594][ T5299]  splice_direct_to_actor+0x311/0x670
[   65.715977][ T5299]  do_splice_direct+0x119/0x1a0
[   65.720856][ T5299]  do_sendfile+0x382/0x650
[   65.725267][ T5299]  __x64_sys_sendfile64+0x105/0x150
[   65.730470][ T5299]  x64_sys_call+0x2db1/0x3000
[   65.735164][ T5299]  do_syscall_64+0xc0/0x2a0
[   65.739663][ T5299]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   65.745550][ T5299] 
[   65.747890][ T5299] read to 0xffff88810ba41d14 of 4 bytes by task 5299 on cpu 0:
[   65.755440][ T5299]  __writeback_single_inode+0x201/0x7b0
[   65.761039][ T5299]  writeback_single_inode+0x16d/0x3f0
[   65.766468][ T5299]  sync_inode_metadata+0x6e/0xa0
[   65.771468][ T5299]  __generic_file_fsync+0x109/0x160
[   65.776710][ T5299]  fat_file_fsync+0x49/0x100
[   65.781431][ T5299]  vfs_fsync_range+0x10d/0x130
[   65.786249][ T5299]  generic_file_write_iter+0x1ba/0x310
[   65.791760][ T5299]  iter_file_splice_write+0x6bc/0xa80
[   65.797171][ T5299]  direct_splice_actor+0x156/0x2a0
[   65.802335][ T5299]  splice_direct_to_actor+0x311/0x670
[   65.807751][ T5299]  do_splice_direct+0x119/0x1a0
[   65.812645][ T5299]  do_sendfile+0x382/0x650
[   65.817194][ T5299]  __x64_sys_sendfile64+0x105/0x150
[   65.822433][ T5299]  x64_sys_call+0x2db1/0x3000
[   65.827236][ T5299]  do_syscall_64+0xc0/0x2a0
[   65.831809][ T5299]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   65.837824][ T5299] 
[   65.840167][ T5299] value changed: 0x02000021 -> 0x04000021
[   65.845900][ T5299] 
[   65.848315][ T5299] Reported by Kernel Concurrency Sanitizer on:
[   65.854490][ T5299] CPU: 0 UID: 0 PID: 5299 Comm: syz.4.544 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   65.865737][ T5299] Tainted: [W]=WARN
[   65.869818][ T5299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   65.879914][ T5299] ==================================================================