last executing test programs:

37.404676429s ago: executing program 0 (id=7):
r0 = socket$igmp(0x2, 0x3, 0x2)
ioctl$SIOCGETMIFCNT_IN6(r0, 0x8901, &(0x7f0000000100)={0xffffffffffffffff})

37.288857246s ago: executing program 0 (id=8):
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, 0x0)
socket$phonet_pipe(0x23, 0x5, 0x2)
r0 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_ERR_FILTER(r0, 0x65, 0x7, 0x0, 0x0)
io_getevents(0x0, 0x2, 0x0, 0x0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="4c000000020681010000000000000000000000000500050002000000050001"], 0x4c}, 0x1, 0x0, 0x0, 0x4040000}, 0x800)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="240000007b0001000000005955ee0e662d"], 0x24}}, 0x0)

36.904545079s ago: executing program 0 (id=12):
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='fd\x00')
getdents64(r0, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x18, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x62, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff}, 0x94)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a30000000006c000000160a01000000000000000000010000000900010073797a30000000000900020073797a3000000000400003800800014000000000080002400000fbff2b0003801400010067656e6576653000000000000000000014000100776732000000000000000000c6e49c0f5c000000180a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c000380140001"], 0x110}}, 0x48800)

36.8869136s ago: executing program 0 (id=14):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8604, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x2}, 0x0, 0x10000, 0x0, 0x6, 0x10000, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000008}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2, &(0x7f0000000180)={[{@jqfmt_vfsold}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4000000}}, {@orlov}, {@noload}, {@delalloc}, {@mblk_io_submit}, {@commit}, {@noblock_validity}, {@nogrpid}, {@init_itable_val={'init_itable', 0x3d, 0xfff}}]}, 0xfa, 0x477, &(0x7f0000001380)="$eJzs3M9vFFUcAPDvTH/w21bEHyBIFY3EHy0tP+TgRaMJB01M9IDxVNtCKgs1tCZCiFYPeDQk3o3/hfGkF6NeNPGqd0NCDBdQL2tmZwaWZbfd0m0X2M8nme57M6/73ndm3u6bebsbQM8ayf4kEVsj4o+IGMqztxYYyR+uX70w9c/VC1NJVKtv/53Uyl27emGqLFr+35Y8U60W+Q1N6r34XsRkpTJztsiPLZz+cGz+3PkXZ09Pnpw5OXNm4ujRQwf3DB6ZONyROLO4ru36ZG73zmPvXnpz6vil939O0sjjjoY4OmUk37tNPdPpyrpsW1066a/fsvfXm+lmZwLd1BcR2eEaqPX/oeiLTTe2DcXrn3e1ccCaqlar1SVelRerwH0siW63AOiO8o0+u/4tl3UaetwVrrySXwBlcV8vlnxLf6R5Yu9Aw/Xt1g7WPxIRxxf//TpbYo3uQwAA1Ps+G/+80Gz8l8YjeWIw+/NAMYcyHBEPRsT2iHgoInZExMMRtbKPRsRjK6y/cYbk9vFPevmOg2tDNv57uZjbunX8l5ZFhvuK3LZa/APJidnKzIFin+yPgQ0nZpOZ8SXq+OG1379sta1+/JctWf3lWLBox+X+hht005MLk6uJud6VzyJ29TeLP4lyGieJiJ0RsesO65h9rr/ltuXjX0Lrp21b9ZuIZ/PjvxgN8ZeSlvOT4y8dmTg8tjEqMwfGyrPidr/8dvGtVvWvKv4OyI7/5qbn/434h5ONEfPnzp+qzdfOr+jps64TF//8ouU1TRF/1r3aOf+PbSvO/8HkndqKwWLDx5MLC2fHIwaTN25fP3Hz2cp8WT6Lf/++5v1/e9zcE49HxO6I2BMRT2QXhUXbn4yIpyJi3xI74adXn/5gmfibHP/1mSvN4p9e7vhH/fFfeaLv1I/fLR//xohodfwP1VL7izXtvP6128DV7DsAAAC4V+SfgU/S0RvpNB0dzT/DvyM2p5W5+YXnT8x9dGY6n/cejoG0vNM1VHc/dLy4N1zmJxryB4v7xl/1barlR6fmKtPdDh563JYW/T/zV1+3WwesuQ7MowH3KP0fepf+D70p0f+hp+n/0Lua9f9PW5Ye/XZNGwOsK+//0Lva6P+L+UPrUQFwb/L+D71L/4ee1PK78emqvvK/7on/it8zvFvac/8nIr0rmnH/J/rb/jGLFSSqQ3n/z9ZsaFqm269MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnfF/AAAA//8Qi+Nc")
open(&(0x7f0000000100)='./bus\x00', 0x6c140, 0x10)
syz_mount_image$iso9660(&(0x7f0000000800), &(0x7f0000000000)='./file0\x00', 0x200000, &(0x7f0000000740)=ANY=[@ANYBLOB="73657373696f6e8ac2a52710d6575bb0663d3078303030303030303030303030303030372c73657373696f6e3d3078303030303030303030303030303030642c636865636b3d7374726963742c636865636b2c646d6f64653d30783030419996920bf030303030303030303030303030342c6d61703d6f66662c757466382c696f636861727365743d6575632d6a702cc9559e5400b9abd73f1efe504383a77016f7ba699a73f528a5a55eb55a64b627331c857362d7ce"], 0x0, 0x3fc, &(0x7f0000000280)="$eJzs3M9OG0ccwPFZYiilUlQpagKEw6RpJXqIs7sUI5TTdj02k6x3VzPrCE5VVCBCBVKVVCpcWi5pK7UPkWvfoJc+UaP2Dah211DANq7CH6Po+5HQjD2/nfnNypqRjWYFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQTlh3Xc8RkY7by7K/sG6SVq+GT7eL4rC/j08UZ4wrhJP/ifFxMVm+NXnrv+aPyk7ulK/uiPG8GBd7H9z+8NGtysjh9WckfCV2dvde/FHm+L/iK/8cFC49sSvSVLG2iW4FTSW1TeRireY+XGpY2dCRsis2Uy0ZGhVkiZGz4WfSW1yck6q6krTjZj2I1OGbCw98163Jx9VUBcYm8cPHVRsu6SjScbOIyZvzmIX8g/hEZzJTQUvK9Y3NtblBSeZB3hntjhA/FkH+oJ581/c9z/e92vzi/ILrVnzXlyfecE8RXZcM/0OL4brI5Rs4l4PO/g8AAAAAAN5dTvEbe/79f7T4Hd4RDR0pd9hpAQAAAACAC1T85/9OXozmtUnh8P0fAAAAAIB3zc/Hz9i93+uMnU3fc/78Wxgz6uyny584W0EeHmyJSnHdjdM9Zo1p52ank6KoVTqvQjXjTJVBU4fRbzrF+qCzfk5XAp2RTydQnrA7+KFHAuJXMV0GTa+W5ephSznKRENHqhom0SNPBMHNkUwtZ99tb3wviun/ErduOmJ9Y3Ot+tWLzdUil/28l/2tzgGKrnMU/W+GeHl07rH3jMc6XRTjTpTjusfnP1K2j3SPOSX6jPlK3C1j7k6U5cTJ+Y/n8/eq/WbfycI758xfiZkyZmb2fl7cn+2RhT8oC/94Fv3vxfmymOudxV9HWcydMwsAGJb1AbuQ073xv8Uqd3G7+9kr+r0y5t50sbBWpnus6O6gfcU95+72e9czEPrtsfm4v8Wt6pgQR7vq6/yC133HtZHv5Lfwxsutb8Ttnd29Bxtbz56vPV/b9v25mvu56877YrSYRqdg7wEA9KDMG2ci+8kxRqdfemOLXpAtKWmS8Ik0ut5UUseZMuFSEDeVTE2SJWES5ZWnuq6stO00TUwmG4mRaWL1cvHkF9l59ItVrSDOdGjTSAVWyTCJsyDMZF3bUKbtLyJtl5QpLrapCnVDh0Gmk1japG1CVZXSKnUsUNdVnOmGzquxTI1uBWZFPk2idkvJurKh0WmW5NMyR2PpuJGYVtFtddg3GwCAa2Jnd+/rZ5uba99eYmXYcwQAACexSwMAAAAAAAAAAAAAAAAAAAAAcP1dxfm/i604QohrkAYVKhddGXvbD/bBJeQz7JUJwGX7NwAA//++Aql5")
syz_io_uring_setup(0x22f, &(0x7f0000000080)={0x0, 0x5325, 0x10000, 0x3, 0x100002cf}, 0x0, 0x0)
creat(&(0x7f0000000200)='./bus\x00', 0x268)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000540)='./bus\x00', 0x4000, 0x0)
preadv2(r0, &(0x7f00000000c0)=[{&(0x7f0000001200)=""/4096, 0x10fb}], 0x2, 0x0, 0x0, 0x0)
truncate(&(0x7f0000000000)='./bus\x00', 0x9471)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000bc0)=ANY=[@ANYBLOB="3801000010000100fefff7ff00010000fe880000000000000000000000000001fc010000000000000000000000000001000107144e230005000000003a0000005733f31e4a68232217259dd085fe52a0f96e6d0e4914374623298bf6164c6edc469a100997a1fe5054f283855993aa80d11f0ac4d4575537d4496ae39334e1d5a9c590770d9cc2fac7ad6eb355297bd49a346a15ac2c4d8eb6fe32c15c", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8000000000000000000000000000bb000004d46c000000ac141427000000000000000000000000000000000000000092010000000000000600000000000000ffff0000000000001c25"], 0x138}, 0x1, 0x0, 0x0, 0x8801}, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r1 = io_uring_setup(0x899, &(0x7f0000000040)={0x0, 0x3cb1, 0x1c080, 0xa, 0x20002f7})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1c, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="dbaa7bc3184d"], 0x0, 0xb, 0x0, 0x0, 0x0, 0x6f, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0)

36.265985316s ago: executing program 0 (id=26):
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, 0xffffffffffffffff)
syz_create_resource$binfmt(&(0x7f0000001400)='./file0\x00')
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfeaf, 0x0, 0x0, 0x0}, 0x94)
truncate(&(0x7f0000000180)='./file0\x00', 0x8fff5)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r1, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000640)=[0x7, 0x7], 0x0, 0x0, 0x2, 0x1}}, 0x40)

35.078523936s ago: executing program 0 (id=37):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="5800000010001fff2abd70000001000000000000", @ANYRES32=0x0, @ANYBLOB="0000000080401e002c0012800e000100697036677265746170000000180002801400070020010000000000000000000000000000080001"], 0x58}, 0x1, 0x0, 0x0, 0x800}, 0xc0)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x0, {{@in6=@rand_addr=' \x01\x00', @in=@local, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa9, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x8, 0xa00, 0x40800000000000, 0x800000000000000}}, [@tmpl={0x44, 0x5, [{{@in6=@private0={0xfc, 0x0, '\x00', 0x1}, 0x0, 0x3c}, 0x0, @in=@broadcast, 0x0, 0x0, 0x3}]}]}, 0xfc}}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000740)=@migrate={0xbc, 0x21, 0x1, 0xfffffffc, 0x0, {{@in=@private=0xa010101, @in6=@private2, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x5e}, 0x100000}, [@migrate={0x50, 0x11, [{@in6=@ipv4={'\x00', '\xff\xff', @local}, @in6=@mcast1, @in=@private=0xa010102, @in6=@private2, 0x3c, 0x0, 0x0, 0x0, 0x2, 0x2}]}, @encap={0x1c, 0x4, {0xfffffffffffffffd, 0x4e20, 0x4e22, @in6=@mcast2}}]}, 0xbc}, 0x1, 0x0, 0x0, 0x800c}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
dup2(r4, r3)
sendmsg$NFT_BATCH(r3, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000001840)=ANY=[@ANYBLOB="14000000100001"], 0xd3c}, 0x1, 0x0, 0x0, 0x40010}, 0x0)

35.032222609s ago: executing program 32 (id=37):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="5800000010001fff2abd70000001000000000000", @ANYRES32=0x0, @ANYBLOB="0000000080401e002c0012800e000100697036677265746170000000180002801400070020010000000000000000000000000000080001"], 0x58}, 0x1, 0x0, 0x0, 0x800}, 0xc0)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x0, {{@in6=@rand_addr=' \x01\x00', @in=@local, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa9, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x8, 0xa00, 0x40800000000000, 0x800000000000000}}, [@tmpl={0x44, 0x5, [{{@in6=@private0={0xfc, 0x0, '\x00', 0x1}, 0x0, 0x3c}, 0x0, @in=@broadcast, 0x0, 0x0, 0x3}]}]}, 0xfc}}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000740)=@migrate={0xbc, 0x21, 0x1, 0xfffffffc, 0x0, {{@in=@private=0xa010101, @in6=@private2, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x5e}, 0x100000}, [@migrate={0x50, 0x11, [{@in6=@ipv4={'\x00', '\xff\xff', @local}, @in6=@mcast1, @in=@private=0xa010102, @in6=@private2, 0x3c, 0x0, 0x0, 0x0, 0x2, 0x2}]}, @encap={0x1c, 0x4, {0xfffffffffffffffd, 0x4e20, 0x4e22, @in6=@mcast2}}]}, 0xbc}, 0x1, 0x0, 0x0, 0x800c}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
dup2(r4, r3)
sendmsg$NFT_BATCH(r3, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000001840)=ANY=[@ANYBLOB="14000000100001"], 0xd3c}, 0x1, 0x0, 0x0, 0x40010}, 0x0)

2.868131092s ago: executing program 1 (id=773):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'bridge_slave_0\x00', <r0=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000001300)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="340000001c0001fc28bd7000fcdbdf2507000000", @ANYRES32=r0, @ANYRESHEX], 0x34}, 0x1, 0x0, 0x0, 0x400c0a0}, 0x20040010)

2.803739816s ago: executing program 1 (id=775):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000280)={0x2, 0x1, 0xb, 0x3, 0x0, 0x0, 0xfc, 0x0, 0x4f, 0xff, 0x5, 0x0, 0x8, 0x81}, 0xe)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={<r1=>0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000240)=0x10)
setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r0, 0x84, 0x19, &(0x7f0000000040)={r1, 0x1ff}, 0x8)

2.669914304s ago: executing program 4 (id=778):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000980)={0x6}, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000840)=ANY=[@ANYBLOB="1c00000052"], 0x1c}, 0x1, 0x0, 0x0, 0x8800}, 0x20044884)

2.473264806s ago: executing program 4 (id=781):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), r0)
sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="05a300000000000000000d00000008000300", @ANYRES8=r1], 0x1c}, 0x1, 0x0, 0x0, 0x8010}, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r2, 0x400448de, &(0x7f0000000300)="0474db7a174ec1b202cbec9b330bdb1b65a1edf2de0bd30533f17570951200174a414a5db3c2fa5e0d814d8470a663c5ef8a0b4fc2c48f8bac7dd6ad7612ccc997980f327a75f7a2d6e56b3e67fc4a3dc6bc397721379c6d25e480f0bdfc51ee8a889831cb47998cc1307ca60ae0dac66f07653ad73ec2498722bbc1b81e2a25645208b5bb0dcac7af67ee052c80ba2ea062e104dc7d549f86ac091a7ff73cb985438e59f229aeb198e53a9cd17304ba0af236ac088a7122c806965e765aa7c723727c47b4")
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x2, 0x6, 0x4, &(0x7f0000000200)={<r5=>0xffffffffffffffff})
ioctl$BTRFS_IOC_TREE_SEARCH(r3, 0xd0009411, &(0x7f0000000400)={{<r6=>0x0, 0x4b, 0x1, 0x9, 0x3, 0xdc84, 0xd, 0x7, 0x64e, 0x7f, 0x800, 0x4, 0x1, 0x8001, 0xaa9}})
ioctl$BTRFS_IOC_INO_LOOKUP(r5, 0xd0009412, &(0x7f0000002380)={r6, 0x6})
r7 = syz_open_procfs(0x0, &(0x7f0000002340)='fdinfo\x00')
getdents64(r7, &(0x7f0000000100)=""/208, 0xd0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c0000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="84200000000000001400128009000100766574680000000004000280080004"], 0x3c}, 0x1, 0xba01, 0x0, 0x20000000}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@newtaction={0x68, 0x30, 0x3f, 0x70bd2e, 0x25dfdbfd, {}, [{0x54, 0x1, [@m_skbedit={0x50, 0x1, 0x0, 0x0, {{0xc}, {0x24, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x18, 0x2, {0x5, 0x9, 0x0, 0x1000, 0x3}}, @TCA_SKBEDIT_MARK={0x8, 0x5, 0x9}]}, {0x4}, {0xc}, {0xc, 0x8, {0x1, 0x1}}}}]}]}, 0x68}}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$batadv(&(0x7f0000000080), r0) (async)
sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="05a300000000000000000d00000008000300", @ANYRES8=r1], 0x1c}, 0x1, 0x0, 0x0, 0x8010}, 0x0) (async)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) (async)
ioctl$sock_bt_hci(r2, 0x400448de, &(0x7f0000000300)="0474db7a174ec1b202cbec9b330bdb1b65a1edf2de0bd30533f17570951200174a414a5db3c2fa5e0d814d8470a663c5ef8a0b4fc2c48f8bac7dd6ad7612ccc997980f327a75f7a2d6e56b3e67fc4a3dc6bc397721379c6d25e480f0bdfc51ee8a889831cb47998cc1307ca60ae0dac66f07653ad73ec2498722bbc1b81e2a25645208b5bb0dcac7af67ee052c80ba2ea062e104dc7d549f86ac091a7ff73cb985438e59f229aeb198e53a9cd17304ba0af236ac088a7122c806965e765aa7c723727c47b4") (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
socketpair(0x2, 0x6, 0x4, &(0x7f0000000200)) (async)
ioctl$BTRFS_IOC_TREE_SEARCH(r3, 0xd0009411, &(0x7f0000000400)={{0x0, 0x4b, 0x1, 0x9, 0x3, 0xdc84, 0xd, 0x7, 0x64e, 0x7f, 0x800, 0x4, 0x1, 0x8001, 0xaa9}}) (async)
ioctl$BTRFS_IOC_INO_LOOKUP(r5, 0xd0009412, &(0x7f0000002380)={r6, 0x6}) (async)
syz_open_procfs(0x0, &(0x7f0000002340)='fdinfo\x00') (async)
getdents64(r7, &(0x7f0000000100)=""/208, 0xd0) (async)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c0000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="84200000000000001400128009000100766574680000000004000280080004"], 0x3c}, 0x1, 0xba01, 0x0, 0x20000000}, 0x0) (async)
sendmsg$nl_route_sched(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@newtaction={0x68, 0x30, 0x3f, 0x70bd2e, 0x25dfdbfd, {}, [{0x54, 0x1, [@m_skbedit={0x50, 0x1, 0x0, 0x0, {{0xc}, {0x24, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x18, 0x2, {0x5, 0x9, 0x0, 0x1000, 0x3}}, @TCA_SKBEDIT_MARK={0x8, 0x5, 0x9}]}, {0x4}, {0xc}, {0xc, 0x8, {0x1, 0x1}}}}]}]}, 0x68}}, 0x10) (async)

2.39654081s ago: executing program 4 (id=782):
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
r0 = creat(&(0x7f00000000c0)='./file0\x00', 0xa2)
r1 = dup2(r0, r0)
ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000240)={'\x00', 0x40, 0xa9a, 0x76c4, 0x7, 0x7})
ioctl$BLKTRACESTART(r1, 0x1274, 0x0)
syz_genetlink_get_family_id$ieee802154(0x0, 0xffffffffffffffff)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ioctl$BLKTRACESTART(r1, 0x127a, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)

2.094129078s ago: executing program 4 (id=789):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x4042, 0x0)
ioctl$PPPIOCSCOMPRESS(r0, 0x4010744d)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x2, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20010006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000000180)={'syztnl1\x00', &(0x7f0000000100)={'syztnl1\x00', <r2=>0x0, 0x4, 0x6, 0x3, 0x2, 0x20, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x8, 0x8, 0x81, 0x1ac08736}})
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', r2, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$iso9660(&(0x7f0000000080), &(0x7f0000000240)='./file0\x00', 0x4000, &(0x7f00000004c0)=ANY=[], 0x3, 0x58f, &(0x7f0000000800)="$eJzs3c9v2+Ydx/EPXbt2NSAbtiEIAid9mmyAA7gqJTcOjJ446pHMViIFkmrtUxE0cmFE7opkAxZftlyyDdj+iF5333XYfdf9G8V6GnbTQFKy5ehXfjiRE7xfQvI8Ir/k86Us6Ava4kMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA5fs11K46aQdjZM9P5tThqjS/WslR0Bm6daWaMKznZP62t6Uqx6MrPT1dfzv67ofXi2brWsmZNxz+6/JNPfra8NNx+RsKvxcNHx/fv9nrdB4tOZEEaNgySKGh5DWuCJDI770narSemHjRtsp+ktmX82HppFJsN/5ap7OxsGVvejzpho+Y17XDhnQ+rrrttPi23rRcnUfjRp+XE3w2azSBs5DHZ6izmTvZG/CxITWq9ljEHh73u1rwks6DKswRV5wVV3Wq1UqlWK9u3d27fcd3lsQXuKUeu62osYvFvWizWOX+CAy9uaVD/1VSgUB3tyUx8+KopVqTWlPUDw/r/y4/szHFH639e5ftav3K6+qry+n+9eHZ9Wv2fksuMx0q2o+fe6unHu8N9PNQjHeu+7qqnnrp6cBqzeS4jXfBHQ1ahAiWKFKglL19iBkuMdrStbbn6UruqK5FRXYGaskq0r0SpbP6O8hVrVZ5SRYpltCFft2RUUX91R1sysiprX5E6CtVQTV6+lwMd5q/71owcT4IqM4K+GL7zqjOCnqv+50Y3+Rf1H9R/XCT9Yf1/2juLyAYAAAAAALwKTv7b9+z8f0XXpBVH9aBp3UWnBQAAAAAAzlH+l//1rMm/GXdNDuf/AAAAAAC8bZz8GjtHUknvF73h5VKDXwL0f7zoHAEAAAAAwMvJ//5/PWtKWe99OU+f/wMAAAAAgDfdn6bNsf9PqT+YFnDV+cd/FMcrzuP23i+cIy9b5h0NJggcmycwrV91Lg12kjfby4Nnvl13BrNfnkyC+f2gOZg3179zDgnoL/qgiPngXtHeG64pRinVg6Yt+1Hzk4o879JSavfS335z+Dvlh//nsHXJ+eHgsNctf/Xr3r08l8fZXh4fDV6psXkUZ+TyG10rYq5NPuKV/EKMwbglR9m47ujxLxWbLz3HmE90o4i5USra0tnjX8vGrJSnHX2RxaqklzryJ7pZxNzcuFk0E7KozsmiWx19/V/otXiGLLZmZbF62OtuvWQWALAoB7OrUO6ds3X3BT7lXk91f6KNImbjav7Bunx1wie6O6+uuBPq+trJ8MvDLPq/n5LF38bugTStxmbj/vVk3Eo+7nfZBt9NrapJs+po7dv/9vtH3+ryw0fHHx4e3f26+3X3m2p1a9v92HVvV7WSH8agofYAACaYf4+duRHOx3POqn968pWCsr6S/tfv39NmfrVB/o2DiXst5dv8kH8NYXPOWWtp5A4vm3PO6k5jq88Ru/UafhIAALw+N+bU4en13xnexc/ZnHPeXRr5SuHm6Nnxuxo7Ox6t5QAA4NWw8fdOKf2jE8dB+8vKzk7FS3etiSP/MxMHtYY1QZja2N/1woY17ThKIz9qZp3Pg5pNTNJpt6M4NfUoNu0oCfbyO7+bwa3fE9vywjTwk3bTeok1fhSmnp+aWpD4pt35VTNIdm2cb5y0rR/UA99Lgyg0SdSJfVs2JrF2JDCo2TAN6kHWDU07DlpevG8+j5qdljU1m/hx0E6jYofDsYKwHsWtfLflRb/YAABcEA8fHd+/2+t1Hww7zvLTS166s+hjBAAAZ1GlAQAAAAAAAAAAAAAAAAAAAAC4+M7tIr+3qrP6Kvb8hV5Fqu9Jmh3z75I0uqTff9Yhli7Cz+JMZzjp9IyYv09YJekPi0/+zepM+rQYm48awBvs/wEAAP//j/NUaA==")
r4 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_bp={0x0, 0x9}, 0x6000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = syz_usb_connect$hid(0x0, 0x0, 0x0, 0x0)
syz_usb_control_io$hid(r5, 0x0, 0x0)
socket(0xa, 0x3, 0x3a)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r4, 0x40042408, r3)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r6 = openat$incfs(0xffffffffffffff9c, 0x0, 0x149240, 0x0)
lseek(r6, 0x0, 0x1)
syz_clone(0x40002000, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x27, 0x6, 0x0, 0x0, 0x0, 0x9, 0x690bb, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x1, @perf_bp={0x0, 0x8}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x3, 0x1, 0x2, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x1)

1.8859803s ago: executing program 1 (id=797):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040))
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000080)=[@in={0x2, 0x4e22, @private=0xa010100}], 0x10)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000000), 0x4)
r1 = perf_event_open(&(0x7f0000000a00)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x9, 0x650b9, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x800004, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x2, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x1, 0x0, 0x7ffc0002}]})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x5, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000440)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)

835.294322ms ago: executing program 3 (id=826):
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x740b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x400, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt(0xffffffffffffffff, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
socket$inet_mptcp(0x2, 0x1, 0x106)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000100)="b8", 0xffe0, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x6, 0x0, 0x0, 0x0, 0x7, 0x49604, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x5, @perf_bp={&(0x7f0000000240), 0x4}, 0x0, 0x5, 0xfffffffc, 0x6, 0x7, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x2)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x1f, 0x15, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x800007d}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0xa8}}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x56, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7ff}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

806.949313ms ago: executing program 1 (id=828):
r0 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000001440)={'bridge0\x00', &(0x7f0000000100)=@ethtool_ringparam={0xd, 0x0, 0x2003fffe, 0x0, 0x2, 0xb, 0xfffffffd, 0x100000, 0x7}}) (fail_nth: 2)

770.274145ms ago: executing program 3 (id=829):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'hsr0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="38fe0f0055002f03020000000000000007000000", @ANYRES32=r1, @ANYBLOB="200001"], 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x40840)

496.408642ms ago: executing program 1 (id=830):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r1=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r1, 0x1, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
iopl(0x3)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x2, 0x3032, r0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[@ANYBLOB="9feb010018000000000000003400000034000000070000000000000000000003000000000100000002000000030000000000000002000006040000000500005a09"], &(0x7f000001a240)=""/4094, 0x53, 0xffe, 0x8}, 0x28)
pipe2(&(0x7f0000000080)={0x0, <r2=>0x0}, 0x0)
pipe2(&(0x7f0000000100)={<r3=>0x0, <r4=>0x0}, 0x0)
tee(r3, r2, 0xff, 0x0)
vmsplice(r4, &(0x7f0000001240)=[{&(0x7f0000001180)='I', 0x1}], 0x1, 0x6)
ftruncate(r0, 0x5)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000480)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x4, [@fwd={0x2}, @union={0x0, 0x1, 0x0, 0x5, 0x1, 0x0, [{0x0, 0x2}]}]}, {0x0, [0x5f, 0x4f]}}, &(0x7f0000001540)=""/4096, 0x40, 0x1000, 0xa}, 0x28)

496.041512ms ago: executing program 2 (id=831):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, 0x0, 0x0)

495.703662ms ago: executing program 3 (id=832):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x2, @perf_bp={0x0, 0x8}, 0x4, 0x0, 0x11000, 0x0, 0x2, 0x80000011, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0xb)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r0, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
perf_event_open(&(0x7f0000000000)={0x5, 0x80, 0x5, 0x6, 0x0, 0x0, 0x0, 0x5, 0x690bb, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x7, @perf_config_ext={0x600000000, 0x56c324de}, 0x8, 0x32, 0x43a1bd76, 0x7, 0x3, 0x1, 0x2, 0x0, 0x0, 0x0, 0x6}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x9)

458.622134ms ago: executing program 2 (id=835):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000180)={0xffffff, 0x0, 0x0, 0x7ff}, 0x10)
write(r0, &(0x7f0000000000)="24c00e001a005f0214f9f407000904ff80000000fe000000000200000800040001000000", 0x24)

438.341225ms ago: executing program 5 (id=836):
syz_open_procfs(0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x18, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x62, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff}, 0x94)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000160a0302000200000000000002000000090002"], 0x80}}, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a30000000006c000000160a01000000000000000000010000000900010073797a30000000000900020073797a3000000000400003800800014000000000080002400000fbff2b0003801400010067656e6576653000000000000000000014000100776732000000000000000000c6e49c0f5c000000180a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c000380"], 0x110}}, 0x48800)

437.769745ms ago: executing program 3 (id=837):
r0 = openat$selinux_access(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
read(r0, &(0x7f0000000040)=""/204, 0xcc) (async)
timer_create(0x7, &(0x7f0000000280)={0x0, 0x3, 0x0, @thr={&(0x7f0000000140)="e2e7c343288508ac07bb1ac049b8e15639ac65d677bd25f02d72dee03336950325df94cbe43d333d3dacdb4765230d1715da7d739c5d336f9a8afdb2b53c0cc47e38bdca450c88c39b903a2193ca0cc8709fb49e6925519991084695d4ac486f2c83d49ec8cb4f786c7d31934c698d5aae16b59e8ed04d29d05d9ac88baf039aa1399b95a5466e5cd6643ae6e5dac32b3be56251b5b3c1311426c487a934709daab2e4aec49a16674dc930617e79ae5c496288", &(0x7f0000000200)="bfd480db7a40c2cce4e83c072cea23c645bd4b93677189004c5b82c3f89af82bcd8ae50decaa914fae22b843d0a31292e1663c75c3d2e8870c61be2b160fda42ea020462ebf730f9d3278983070c1baaae1fb742c69d45febc1d47bbe2b23334f058e63a68d38fa372c986ca59f4576f375348199cb59e"}}, &(0x7f00000002c0)=<r1=>0x0) (async)
r2 = socket$kcm(0x29, 0x5, 0x0)
r3 = syz_open_dev$loop(&(0x7f0000000300), 0x10e90000000000, 0x80001) (async)
timer_settime(r1, 0x1, &(0x7f0000000340)={{0x77359400}, {0x77359400}}, &(0x7f0000000380)) (async)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r4, 0x84, 0x13, &(0x7f00000003c0)=0x8, 0x4)
fsetxattr$security_selinux(r3, &(0x7f0000000400), &(0x7f0000000440)='system_u:object_r:dhcpd_state_t:s0\x00', 0x23, 0x1) (async)
r5 = getegid() (async)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000480)='/sys/power/pm_wakeup_irq', 0x4200, 0x121) (async)
r7 = openat$vcsu(0xffffffffffffff9c, &(0x7f00000004c0), 0x493140, 0x0)
ioctl$SCSI_IOCTL_START_UNIT(r7, 0x5)
syz_clone3(&(0x7f00000006c0)={0x0, &(0x7f0000000500), &(0x7f0000000540), &(0x7f0000000580)=<r8=>0x0, {0x1a}, &(0x7f00000005c0)=""/81, 0x51, &(0x7f0000000640)=""/23, &(0x7f0000000680)=[0xffffffffffffffff], 0x1, {r7}}, 0x58) (async)
r9 = syz_open_dev$usbmon(&(0x7f0000000980), 0x2, 0x2200)
r10 = socket$l2tp(0x2, 0x2, 0x73) (async)
ioctl$sock_FIOGETOWN(r6, 0x8903, &(0x7f00000009c0)=<r11=>0x0) (async)
ioctl$BLKTRACESETUP(r6, 0xc0481273, &(0x7f0000000a00)={'\x00', 0x9, 0xc, 0x1, 0x9, 0x3, <r12=>0xffffffffffffffff}) (async)
getsockopt$inet6_IPV6_IPSEC_POLICY(r6, 0x29, 0x22, &(0x7f0000000a80)={{{@in=@private, @in=@private, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r13=>0x0}}, {{@in6=@loopback}, 0x0, @in=@broadcast}}, &(0x7f0000000b80)=0xe8) (async)
syz_clone3(&(0x7f0000000d40)={0x0, &(0x7f0000000bc0)=<r14=>0xffffffffffffffff, &(0x7f0000000c00)=<r15=>0x0, &(0x7f0000000c40)=<r16=>0x0, {0x14}, &(0x7f0000000c80)=""/52, 0x34, &(0x7f0000000cc0)=""/18, &(0x7f0000000d00)=[0xffffffffffffffff, 0x0, 0x0, 0x0, 0xffffffffffffffff], 0x5, {r6}}, 0x58)
statx(0xffffffffffffffff, &(0x7f0000000dc0)='./file0\x00', 0x400, 0x10, &(0x7f0000000e00)={0x0, 0x0, 0x0, 0x0, <r17=>0x0})
sendmsg$netlink(r7, &(0x7f0000000fc0)={0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000740)={0x1dc, 0x42, 0x2, 0x70bd25, 0x25dfdbfb, "", [@generic="cd637332a75b3e336f01507b964ff5fa1d412aff1b860b7144608e28e6e56e61f4559192e2f8273660da8b7a7dfa28ec2d52864f949ecb4b33907209e0d1761583b76a786afa50a25dec919ff5e3180269706109eb079b6269705c5e77b6b2cf5fdc85e05ac7f7f4b1c40f8dbcadfe57efcb13", @typed={0x8, 0x39, 0x0, 0x0, @pid=r8}, @generic="343d7bd7f45ead8ee968eb9e11c4e3c36a8d26bef04c7fbb80668ea634754efa8b20e2d4aea7f9670990043c06b2c9303541ad95a8a245a726da0ae2866f9d743fa5ac07b5ebec4a64aff4006dae5fb173d196243113ba1b6f3bb48f2f571ae4626a1e92c89538e2e35d6ba642765a9e4a030c3d8c5cb2ccf35a0c", @typed={0x8, 0x10c, 0x0, 0x0, @fd=r4}, @nested={0xcb, 0x135, 0x0, 0x1, [@generic="b4b13ea0f47d57ae78963fbfac", @nested={0x4, 0x134}, @generic="5ef11ba3ef80f8aae19151e9083447e105c69b0d8e0191f5cc022a61f4699f5d93bb1749629087acc5395d74147bc6700e798ac1398b0955676399eb6d5a1159f22941d6066522c264371af13f164e8b762f271000bd788815e2f2a9fbabc6ec792e50d9142d0cc09734a5f66550a2e844f21e0e23abf38ea447d577bb4f9dc5c84ed75b6f49f2e0b36917ea5af9372832244d5f48c5d42005514ecebc3dd75823a2b6572c8a82023739a3f195791c3787e18ac02543"]}]}, 0x1dc}], 0x1, &(0x7f0000000f00)=[@rights={{0x30, 0x1, 0x1, [r0, r6, r0, r0, r4, r3, r2, r9]}}, @rights={{0x1c, 0x1, 0x1, [r0, r10, r3]}}, @cred={{0x1c, 0x1, 0x2, {r11, 0xffffffffffffffff, r5}}}, @cred={{0x1c, 0x1, 0x2, {r12, r13, r5}}}, @cred={{0x1c, 0x1, 0x2, {r16, r17, r5}}}], 0xb0, 0x2000c000}, 0x10) (async)
r18 = socket(0x65, 0x1, 0xd)
sendmsg$inet(r18, &(0x7f0000001140)={&(0x7f0000001000)={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000010c0)=[{&(0x7f0000001040)="e893ce0afef20b51903d697aacf5f69a58f43c2df78347606899c816fcfd1adb9479a3ccbfeb777f50b5a95d9e12a98287c7447f7807e46e86df75380708572d3246ecc7d1880863949364a28275b004", 0x50}], 0x1, &(0x7f0000001100)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x3ff}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x6}}], 0x30}, 0x81) (async)
flistxattr(r14, &(0x7f0000001180)=""/184, 0xb8) (async)
move_pages(r15, 0x4, &(0x7f0000001240)=[&(0x7f0000fee000/0x12000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ff2000/0x4000)=nil, &(0x7f0000fff000/0x1000)=nil], &(0x7f0000001280)=[0x8, 0x2, 0x0, 0xc], &(0x7f00000012c0)=[0x0, 0x0], 0x4) (async)
fcntl$setsig(r10, 0xa, 0x20)
r19 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000001300), 0x0, 0x0)
ioctl$USBDEVFS_CLEAR_HALT(r19, 0x80045515, &(0x7f0000001340)={0xb}) (async)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000014c0)=@IORING_OP_WRITE={0x17, 0x14, 0x4000, @fd=r14, 0x526a412f, &(0x7f0000001480)="9e8a86c2b323db1bbfcc6501b56080f29c9ada3c12dc14252c7b3c0203", 0x1d, 0xc, 0x1})

403.149517ms ago: executing program 2 (id=838):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000140)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000700), &(0x7f0000000780)='%+9llu \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r1, <r2=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x18, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000838500000073000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)={{0x14, 0x10, 0x4}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}]}, @NFT_MSG_NEWSETELEM={0x8c, 0xc, 0xa, 0x301, 0x0, 0x0, {0x7, 0x0, 0x9}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x60, 0x3, 0x0, 0x1, [{0x5c, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_EXPRESSIONS={0x50, 0xb, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @quota={{0xa}, @val={0x10, 0x2, 0x0, 0x1, [@NFTA_QUOTA_BYTES={0xc}]}}}, {0x2c, 0x1, 0x0, 0x1, @limit={{0xa}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_LIMIT_UNIT={0xc}, @NFTA_LIMIT_RATE={0xc, 0x1, 0x1, 0x0, 0x3}]}}}]}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x110}}, 0x0)

402.787587ms ago: executing program 3 (id=839):
setsockopt(0xffffffffffffffff, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
socket$inet_mptcp(0x2, 0x1, 0x106)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000100)="b8", 0xffe0, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x6, 0x0, 0x0, 0x0, 0x7, 0x49604, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x5, @perf_bp={&(0x7f0000000240), 0x4}, 0x0, 0x5, 0xfffffffc, 0x6, 0x7, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x2)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x1f, 0x15, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x800007d}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0xa8}}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x56, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7ff}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

402.434527ms ago: executing program 5 (id=840):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x47, 0x1, 0x0, 0x0, 0x0, 0x6, 0xf4039, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x147b7e, 0x0, @perf_bp={0x0}, 0x9092, 0x0, 0x43a5bd76, 0x2, 0x9, 0x6, 0x6, 0x0, 0x0, 0x0, 0x200b}, 0x0, 0x4000000000, 0xffffffffffffffff, 0x8)
ioctl$BTRFS_IOC_GET_FEATURES(r0, 0x80189439, &(0x7f0000000000))
close(r0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r2, &(0x7f0000000200)=[{0x0, 0xb}, {&(0x7f0000000100)=""/118, 0x76}], 0x2, 0x0, 0x9)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000002c0)={'erspan0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000010c0)=@newlink={0x40, 0x10, 0xc3b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, 0x0, 0x6200}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_ENCAP_DPORT={0x6, 0x11, 0x4e23}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x100}, 0x40080c0)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000)

377.878509ms ago: executing program 3 (id=841):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="9feb010018000000000000003000000030000000020000000000000000000010040000000000000000000009010000000f0000000100"/74], 0x0, 0x4a}, 0x20)
listen(r0, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x42073, 0xffffffffffffffff, 0x0)
utimensat(0xffffffffffffffff, 0x0, &(0x7f0000000040)={{0x0, 0xea60}, {0x0, 0x3ffffffe}}, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
perf_event_open(&(0x7f00000014c0)={0x5, 0x80, 0x0, 0xff, 0xff, 0xfc, 0x0, 0x1, 0x4041, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000300), 0x4}, 0x1590, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000300)='ns/ipc\x00')
r1 = syz_open_dev$sg(&(0x7f00000002c0), 0xe6, 0x2602)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x380000f, 0x11, r1, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000100)='./bus\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x77f, &(0x7f0000000600)="$eJzs3c9rHFUcAPDvbJKmTauJIPjjFBA0ULoxNbYKHioeRLBQ0LPtstmGmk22ZDelCQEtIngRVDwIeunZH/Xm1R9X/S88iKVqWqx4kMhsZtpts5smbZKt7ucD07w3b7bvfffNvHm7M8wG0LNG038KEY9FxAdJxHC2PomIgWaqP+LY2nbXV5bL6ZLE6uprvyfNba6tLJej5TWp/Vnm0Yj4/t2Ig4X19dYXl2ZK1Wplfi3bFxFnx+uLS4fOzJamK9OVuSMTk5OHjz579Mj2xfrnT0sHLn/48lNfHfv7nUcuvf9DEsfiQFbWGsd2GY3R7D0ZSN/CW7y03ZV1WdLtBnBXCtnB1x/pGDAcfc0UAPB/9lZErAIAPSZx/geAHpN/D3BtZbmcL939RmJ3XXkxIvauxZ9f31wr6c+u2e1tXgcdupbccmUkiYiRbah/NCI+++aNL9Ildug6JEA7b1+IiFMjo+vH/2TdPQtb9fQGZXuyv6O3rTf+we75Np3/PNdu/le4Mf+JNvOfwTbH7t244/G/bxsq2UA6/3uh5d626y3xZ0b6stwDzTnfQHL6TLWSjm0PRsRYDAym+YkN6hi7+s/VTmWt878/Pnrz87T+9O/NLQq/9g/e+pqpUqN0LzG3unIh4vH+dvEnN/o/6TD/PbHJOl55/r1PO5Wl8afx5sv6+CO7O2lnrF6MeLJt/9+8oy1NjTdmO9yfON7cHcbznaKNr3/+ZKhT/a39ny5p/flngd2Q9v/QxvGPJK33a9bXjv2t+PHi8Hedyu4cf/v9f0/yejOdzyPOlxqN+YmIPcmr69cfvvnaPJ9vn8Y/9kT743+j/T/9THhqk/H3X/7tyw3j39/d/p/aUv+3S6SDdIeimVL10vWZvk71b67/J5upsWzNZsa/Ti29PXEv7x0AAAAAAAAAAAAAAAAAAAAAAAAAbFYhIg5EUijeSBcKxeLab3g/HEOFaq3eOHi6tjA3Fc3fyh6JgUL+qMvhluehTmTPw8/zh2/LPxMRD0XEx4P7kvw5ilNdjh0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcvs7/P5/6pfBbrcOANgxe7vdAABg1zn/A0Dvcf4HgN7j/A8Avcf5HwB6j/M/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO+zE8ePpsvrXynI5zU+dW1yYqZ07NFWpzxRnF8rFcm3+bHG6VpuuVorl2uyd/r9qrXZ2MuYWzo83KvXGeH1x6eRsbWGucfLMbGm6crIysCtRAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDW1BeXZkrVamVe4i4Sq/dHM7qf6Mt2p/ulPbuaSO6PZmxzossDEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMB/xL8BAAD//7KsH7I=")
r2 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r2, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0xfffffdd6}], 0x1, 0x9c00, 0x0, 0x3)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000003e00000095"], &(0x7f00000000c0)='GPL\x00'}, 0x90)
getsockopt$bt_BT_SECURITY(r3, 0x112, 0x4, &(0x7f0000000100), 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0xe, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000410500ff0000000008ffffff7f1171000000000095"], &(0x7f0000000c40)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff9}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=ANY=[@ANYBLOB="1200000004000000080000000b"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000001c0)=ANY=[@ANYRESOCT=r3, @ANYRES32=r3, @ANYBLOB="15"], 0x10)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000080)={r4, &(0x7f0000000240), &(0x7f0000000040)=@tcp=r5, 0x4}, 0x20)
sendmmsg$inet6(r0, &(0x7f0000000980)=[{{0xfffffffffffffffe, 0x0, &(0x7f0000000880)=[{0x0}, {&(0x7f0000000780)="c5fcf8", 0x3}], 0x2}}], 0x1, 0x10)

366.805499ms ago: executing program 2 (id=842):
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
r2 = syz_create_resource$binfmt(&(0x7f0000001400)='./file0\x00')
openat$binfmt(0xffffffffffffff9c, r2, 0x42, 0x1ff)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfeaf, 0x0, 0x0, 0x0}, 0x94)
truncate(&(0x7f0000000180)='./file0\x00', 0x8fff5)
bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0)

304.458003ms ago: executing program 5 (id=843):
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x4, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x5, 0x8, 0x20005, 0x7, 0x0, 0x0, 0x0, 0x20004006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
r0 = openat$binfmt_register(0xffffff9c, &(0x7f00000001c0), 0x1, 0x0)
socket$packet(0x11, 0x2, 0x300)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000500)={'veth0_macvtap\x00'})
write$binfmt_register(r0, &(0x7f0000000700)={0x3a, 'syz0', 0x3a, 'E', 0x3a, 0x0, 0x3a, '#%\\h*@#Lw\x9e5\x9f6k\x886\xafm\xa0\b\x81\xdc\xd1\x8f\x93r2\x0eeu}\xf7\"\xbd&-~\xea(J\xee\'X\x9a\xd4\xfeI6\xd9\x1b\xc8\x14.\xfa\xb8\x03\x16\x96\x11\xa8\x90{G\xe2\xf1u\xd1\xca\x8a>\xc3\x84\xd3\xcf\xa7\x1f\xc1\xbd\x12\xd0\x1e\x98\xce+\x12\xaex{\x91\xc7bw\xcaC\xe1/\x19\xfei\xf0\xa2\x9c3\xee/\xcf\xdew \x1c\xc7=\xfb\xb8\x88\x132?\xbf\xb2\x93B\x01\'#\xc0v\xces\xa4\x13\xb1\x14\x89\xa0\x14P\x97\x81%)\xa1\x0e)2a2\xa2\xef\f\xef\x8a\x95\xdd\xac\xab\xff#T}`\x88r\xb3\xd8\x19\x06\xde\xb7\xf0GR.?i|\xafhs\x1d\xdc\x12\x85!\xaaqg\x10\xec\x1b\xcb\xfc6\xba\xde44m\x96+\r\xb4\x9a\xe8V1\x82\xce\xdd\xddx\xe7H\xa3N\x92\xdb\xaa\xdbe\xc1\x05P\b<\x1e\xd6\x92\x8c\xaa\xbe\xda\\|\xcf\xaf$.\x10\x8d\x9aie\xa1W\x1e\xd2L\xfa\xcc\xfb\xc2\x90\x99\xa9\x9f\xcd\xfasX\x9d\xbb\x8f\x1a', 0x3a, '#%\\h*@#Lw\x9e5\x9f6k\x886\xafm\xa0\b\x81\xdc\xd1\x8f\x93r2\x0eeu}\xf7\"\xbd&-~\xeahJ\xee\'X\x9a\xd4\xfeI6\xd9\x1b\xc8\x14.\xfa\xb8\x03\x16\x96\x11\xa8\x90{\xc5\xe2\xf1u\xb5\x12\xd0\x1e\x98\xce+\x12\xaexk\x91\xc7bw\xcaC\xe1/\x19\xfei\xf0\xa2\x9c3\xee/\xcf\xdew \x1c\xc7=\xfb\xb8\x88\x132\xf9\xbf7K\x8d\x16\xa6\xbf4\v\xces\xa4\x13\xb1\x14\x89\xa0\x14P\x97\x81%)\xa1\x0e)2a2\xa2\xef\f\xef\x8a\x95\xdd\xac\xab\xff#T}`\x88r\xb3\xd8\x19\x06\xde\xb7\xf0GR.?i|\xafhs\x1d\xdc\x12\x85!\xaaqg\x10\xec\x1b\xcb\xfc6\xba\xde\x13\xdf\xc6Z+\r\x0e\x00\x00\x00\x00\x00\x00\x00\xddx\xe7H\xa3N\x92\xdb\xaa\xdbe\xc1\x05P\b<\x1e\xd6\x92\x89\xaa\xbe\xda\\|\xcf\xaf$.\x10\x8d\x9aie\xd3W\x1e\xd2L\xfa\xcc\xfb\xc2\x90\x99\xa9\x9f\xcd\xfasX\x9d\xbb\x8f\x1a', 0x3a, './file0'}, 0x22c)

304.234163ms ago: executing program 5 (id=844):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x2, 0x4, 0x8}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r0)
r1 = getpid()
r2 = syz_pidfd_open(r1, 0x0)
setns(r2, 0x8020000)
syz_clone(0xb21e0000, 0x0, 0x0, 0x0, 0x0, 0x0)
open_tree(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x0)

286.423874ms ago: executing program 1 (id=845):
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x441e, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp={0x0, 0x4}, 0x8007, 0x10000, 0x8, 0x1, 0x8, 0x2020005, 0x9, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
open(&(0x7f0000000000)='./file1\x00', 0x143142, 0x80)
openat$selinux_relabel(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=@newlink={0x44, 0x10, 0x401, 0x70bd2b, 0x0, {0x0, 0x0, 0x0, 0x0, 0x503}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BR_MAX_AGE={0x8, 0x3, 0x40a}, @IFLA_BR_AGEING_TIME={0x8, 0x4, 0x5}]}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(r1, 0xff0e, &(0x7f0000000300)=0x3ff)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18080000000000000000000000000000851000000600000018100000", @ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x2}, 0x94)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x2008042, &(0x7f00000000c0), 0x1, 0x571, &(0x7f0000000780)="$eJzs3c+PG1cdAPDvzP5yk7SbQA9QAQlQCCiKnXXaqOql5QJCVSVExQFxSJddZ7XEjkPsLd0lUrd/A0ggcYI/gQMSB6SeOHDjiMQBEOWAVCACJUgcBs3Yu+ts7MSNvXaz/nykybyZN+Pve/bOvOdnxy+AmXUuInYjYjEi3oyI5e7+pLvEq50lP+7undtr9+7cXksiy974Z1Lk5/ui55zcye5jliLim1+L+G7yYNzW9s711Xq9dqu7XWk3blZa2zsXNxurG7WN2o1q9crKlUsvXX6xOra6nm388oOvbr72rd/8+tPv/373yz/Mi3Wqm9dbj3HqVH1hP05uPiJeO4pgUzDXXS9OuRw8njQiPhYRnyuu/+WYK/46AYDjLMuWI1vu3QYAjru0GANL0nJEpGm3E1DujOE9GyfSerPVvnCtuXVjvTNWdjoW0mub9dqlM0t//H5x8EKSb68UeUV+sV09tH05Is5ExI+Xniq2y2vN+vp0ujwAMPNO9rb/EfGfpTQtl4c6tc+negDAE6M07QIAABOn/QeA2aP9B4DZM0T73/2wf/fIywIATIb3/wAwe7T/ADB7tP8AMFO+8frr+ZLd6/7+9fpb21vXm29dXK+1rpcbW2vlteatm+WNZnOj+M2exqMer95s3lx5IbberrRrrXaltb1ztdHcutG+Wvyu99XawkRqBQA8zJmz7/0hiYjdl58qluiZy0FbDcdbOsajgCfL3Cgn6yDAE81sXzC7hmrCi07C7468LMB09P0x71Lf5P1++iGC+J4RfKSc/+Tw4//meIbjxcg+zK7HG/9/ZezlACbvscf//zzecgCTl2XJ4Tn/F/ezAIBjaYSv8GXvjKsTAkzVoybzHsvn/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDMnIqI70WSlou5wNP837Rcjng6Ik7HQnJts167FBHPxNmIWFjKt1emXWgAYETp35Pu/F/nl58/dTh3MfnvUrGOiB/87I2fvL3abt9ayff/a3//0t70YdWD80aYVxAAGN5fhzmoaL+r3XXPG/m7d26v7S1HWMYHfPCV/clH1+7duV0snZz5yLIsiygVfYkT/05ivntOKSKei4i5McTffTciPtGv/kkxNnK6O/Npb/zoxn56ovHT++KnRV5nnT99Hx9DWWDWvJfff149fP3NFVfWueKI/td/qbhDja64/5Ui9u59B/e/veu9VJTmcPz8mj83bIwXfvv1B3Zmy528dyOem+8XP9mPnwyI//yQ8f/0qc/86JUBednPI85H//i9sSrtxs1Ka3vn4mZjdaO2UbtRrV5ZuXLppcsvVivFGHVlb6T6Qf94+cIzg8qW1//EgPidV/7kofov7p/7hSHr/4v/vfmdzx5sLh2O/6XP93/9ny3W/Z//vE384pDxV0/8auD03Xn89QH1f9Trf2HI+O//bWd9yEMBgAlobe9cX63Xa7dGSuTvQj/8WVmWvZOX4SHH5NnDPeBed3G06vwlisTB05JEEqM/P/cn8s7YMAcvjFyd+xJ7wyXjrk6fxPx+X3G8j/zth/+1DEosjhI0HXstHicRp7uJu5MKOpXbETBBBxf9tEsCAAAAAAAAAAAAAAAMMon/wzTtOgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB8/T8AAP//Z1e+LQ==")
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f0000000240)={{}, {}, [], {0x4, 0x3}}, 0x24, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x801460, 0x0, 0x2, 0x0, &(0x7f0000000000))
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
getsockopt$bt_BT_CHANNEL_POLICY(0xffffffffffffffff, 0x112, 0xa, &(0x7f0000000140), &(0x7f00000001c0)=0x4)
syz_extract_tcp_res$synack(0x0, 0x1, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x424, &(0x7f0000000680)={[{@errors_remount}, {@min_batch_time={'min_batch_time', 0x3d, 0xd}}, {@usrjquota_path={'usrjquota', 0x3d, './bus'}}, {@noinit_itable}, {@data_err_ignore}, {@data_journal}], [{@fowner_lt}, {@subj_user}, {@measure}, {@fsmagic={'fsmagic', 0x3d, 0x1d307bab}}, {@uid_lt}, {@defcontext={'defcontext', 0x3d, 'sysadm_u'}}]}, 0x3, 0x439, &(0x7f0000001080)="$eJzs3MtvG0UYAPBv105LXyRU5dEHECiIikfSpKX0wAUEEgeQkOBQjiFJq1K3QU2QaFVBQKgcUSXuiCMSfwEnuCDghMQV7qhShXJp4WS09m5iO3aauE5c8O8nrTuzO9bM592xZ3a6CWBgjWYvScTuiPg9Iobr2eYCo/V/bi1dmf576cp0EtXqW38ltXI3l65MF0WL9+0qMuWI9LMkDrapd/7S5XNTlcrsxTw/vnD+/fH5S5efO3t+6szsmdkLkydPHj828cKJyed7EmcW180DH80d2v/aO9femD517d2fv02K+Fvi6JHRtQ4+Wa32uLr+2tOQTsp9bAgbUqp30xiq9f/hKMXKyRuOVz/ta+OATVWtVqsPdD68WAX+x5LodwuA/ih+6LP5b7Ft0dDjrnDjpfoEKIv7Vr7Vj5QjzcsMtcxve2k0Ik4t/vNVtsXm3IcAAGjyfTb+ebbd+C+NxvtC9+ZrKCMRcV9E7I2IExGxLyLuj6iVfTAiHtpg/a2LJKvHP+n1rgJbp2z892K+ttU8/itGfzFSynN7avEPJafPVmaP5p/JkRjanuUn1qjjh1d++6LTscbxX7Zl9Rdjwbwd18vbm98zM7UwdScxN7rxScSBcrv4k+WVgCQi9kfEgS7rOPv0N4c6Hbt9/GvowTpT9euIp+rnfzFa4i8ka69Pjt8Tldmj48VVsdovv159s1P9dxR/D2Tnf2fb6385/pGkcb12fuN1XP3j845zmm6v/23J2037PpxaWLg4EbEteb3e6JX9pYuTLeUmV8pn8R853L7/742VT+JgRGQX8cMR8UhEPJq3/bGIeDwiDq8R/08vP/Fe9/Fvriz+mQ2d/5XEtmjd0z5ROvfjd02Vjmwk/uz8H6+ljuR71vP9t552dXc1AwAAwH9PGhG7I0nHltNpOjZW/z/8+2JnWpmbX3jm9NwHF2bqzwiMxFBa3OkabrgfOpFP64v8ZEv+WH7f+MvSjlp+bHquMtPv4GHA7erQ/zN/lvrdOmDTdbeOlva8HcDW87wmDC79HwaX/g+Dq03/39GPdgBbr93v/8d9aAew9coNr/nfBAMGhPk/DC79HwaX/g8DaX5H3P4heQmJVYlI74pmSGxSot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL3xbwAAAP//1Xjmag==")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x0)
write$binfmt_elf64(r4, 0x0, 0x78)
pselect6(0x40, &(0x7f0000000100)={0x0, 0x3, 0x0, 0x1, 0x800, 0x2}, 0x0, &(0x7f0000000240)={0x1f, 0x3, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0)

250.118716ms ago: executing program 5 (id=846):
syz_io_uring_setup(0x10d2, &(0x7f0000000280)={0x0, 0x80003734, 0x100, 0xfffffffe, 0x280}, &(0x7f00000000c0)=<r0=>0x0, &(0x7f0000000080))
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100028, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x63, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0xffffffff, 0xfc}, 0x6220, 0x0, 0x800000, 0x6, 0x2, 0xcb, 0xffff, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xfff7ffffffffffff, 0xffffffffffffffff, 0x1)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
r3 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0xfffffffffffffffe]}, 0x8, 0x0)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
r5 = dup(r4)
accept$inet6(r5, 0x0, 0x0)
write$P9_RWSTAT(r2, &(0x7f0000001040)={0x7, 0x7f, 0x1}, 0x7)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300))
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xbecd6000)
r6 = dup(r3)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r6}})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x20000000, '\x00', 0x0, 0x0}, 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r7}, &(0x7f0000000200), &(0x7f00000003c0)='%ps    \x00'}, 0x20)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000004}, 0x0)

192.485429ms ago: executing program 2 (id=847):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x2, @perf_bp={0x0, 0x8}, 0x4, 0x0, 0x11000, 0x0, 0x2, 0x80000011, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0xb)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r0, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
perf_event_open(&(0x7f0000000000)={0x5, 0x80, 0x5, 0x6, 0x0, 0x0, 0x0, 0x5, 0x690bb, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x7, @perf_config_ext={0x600000000, 0x56c324de}, 0x8, 0x32, 0x43a1bd76, 0x7, 0x3, 0x1, 0x2, 0x0, 0x0, 0x0, 0x6}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x9)

137.529683ms ago: executing program 4 (id=848):
r0 = socket$inet6(0xa, 0x2, 0x0)
perf_event_open(&(0x7f00000000c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
r1 = socket$kcm(0xa, 0x2, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, @perf_bp={0x0}, 0x5000, 0x0, 0x0, 0x0, 0x80000000000000, 0xa000a, 0xbabe, 0x0, 0x103}, 0x0, 0xfffffffffffffff9, 0xffffffffffffffff, 0x9)
setsockopt$sock_attach_bpf(r1, 0x29, 0x23, &(0x7f0000000040), 0xcf)
sendmsg$kcm(r1, &(0x7f0000001240)={&(0x7f0000000940)=@generic={0xa, "8ab77fa26849ff263ef30c98b353011a5990650042e2dacdc165ececece6be1862e2adacd2737d00ad6f9fa9f3d7145e15dd9fb1a7adc211220963ad5def53b911ba5b9da13641f982757012a7496de0b3a36f5849f260c603dbc317f54b901ee80ea6132ca6e88c776553e1833052ca376304313c5637786a36a4b83857"}, 0x80, 0x0}, 0x0)
sendmmsg$inet6(r0, &(0x7f0000001280)=[{{&(0x7f00000002c0)={0xa, 0x4e23, 0x173b2a7e, @remote, 0x19}, 0x1c, 0x0, 0x0, &(0x7f00000020c0)=ANY=[@ANYBLOB="38020000000000002900000036000000004300000000000004013f040100c910ff010000000000000000000000000001c910fc0000000000000000000000800000000000000040000000000e07010101000000010000000200000000000000000000000000000001000000010000002000000000000000ffffffff00000000ffffffffffffff7f06aeb07c1c192077cc9e7c45705803ad5588ca8b194d23f748fe792cfa3d32221f25d73b8ffe64a4ddda6efcfb7483b588194d29c7a04395d8500965a9a1d07879040c44db1d5d6f618d2ab920f0bf168ddc9acc6a51edd1230760d4ae8bf30f5f82a78e8114849ee8e37364560400000035bfa8197ef2ba99103ee5f5aae28ec5c8e2675db11530f5c466d55f2244d479dc653c854406155eada3eaeb90d39149b8d13bab75a9bd1452c8c76284b9ddfbeff41344e64f1771d78a706e1c5a6d63f1c954e24a1e73f75c26e9f09ec9b606cc3470f11c4842db651926bd2263a4a0a8fe80de8b2f9cb176e51819d5f4d10a5d1f0488d5e46953fbfd750f6137fbebe89a8d462158a87f9622355104b4f68d7a6d3ad85c373ea52a25afad37ffb743a5c361158087904b09fcc806d032bac00ee0e0251fc032446e45a3e12417ff4703526ffc45f71567857777927903799e0ba453334186009d22e38099c67b5350c7e82136bba947a18fb61d36fcba1f9efe3d79485d06252702833dc8ee417f40bb9064878fb89dd75a49135e5df148c4ad1e1d5626b44c8112d822f4c9a05e693fd5ae5595627f8684016b37a2bf6d0040030000000000002900000037000000006500000000000000fb1a63687c244e6df3aecb13d6eb957495b669cc032f6d0a11a5e16eed9937b046c9dc1a61dcf9754b767df4735c3f8c37b4d5cd15a99c5a19cc62c921ad4e90d6e3695ec1891223a53600d5121b5735acafb556e22279975f958ad437c76573e544506e58455772eb11493af933099a5dc7e9e0c8b907e68e23e59d7b94bc774309e2047132758b60955301f277a9032b0bc47e660b243e9e2126733f13ab99055a0999068ada35a38d105a0100000000000000e28695ecae3944413b7764eefde26ed571d857b2cb2dd1b2a4a84c1fec0799cf90f57f7a6d35e2b60cd425b9372ae4a27f453e5d7da2eacd3b98cdb10cec9152d5829c251112e2a59ea0cd280f3d08849b6cd43d25e3dcd62f7c7dee6123a2682daf4aa9a856b31e9204c5c2b80b84dbeec05d93a64a550f1ebc326488cd620c6fe1aa266a0ce5b24be03b5037786e037cc85ed61f362e081fb694e12e54fcb9eb0f86d6d91fd159023a073278f84d6ada8f9aa25ec223d268f3291b25392c941740932bd1a82f40a8fc586db23d2f6240ce883e3c1dc1e0d07fc3aa73a9ac82a1538d129c9e66cb6a8100abe91bc4064581e8c01ce65ba3ea751db5d8c0a1173fe62b2fd2d415042a97ade4d274a466b6c597eed6bf5d7a305ead804c36b9e1c314b26676ed83412417610d3cf4d07e5b24cf3de9c790ae93850e0f8bba047b710cf340c78a80cef5f6665a647681ff5f7b6ecce8ab65e26406b6a6e0e72ff8501c545bffc00f034dc3a5b251390ae68bb61d936dc9a24e6f66c72e7911c51c716dfd4304566fb32e6c2745d232f990d0bbe0ddf9dc58398dda292c07b16da766a37c60bd9993b4f21e64103602000000db47d7990d5a007faccb2f86660079f2e229723bce870aec3f7f4e529c92add713590ce6c0ea1a0499fb76d32636cfd18b6b39fb48f1a6d46f6ae8f45c47ee8260f9531070d170ab2127cd472a2e4a7f8a9b93a5e550dfecab79d2e46085a67024b6be883c79ade2873458fda5a7f4eb62b05634356ee3b45723f4cff19c654ad441ff5b8792df7f18d8418351e195151b1b3532e742a6525c86efdb29653f35ce8e0a41c8c6d39f39531e13aeb1172893eeedd83b6afb939f8e6abc5482696aa48918000000000000002900000037"], 0x590}}, {{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)="7d8fbcf0827ec236cae74668a89b20c7a335fa32f53397aa31", 0x19}], 0x1}}, {{0x0, 0x0, &(0x7f0000000b80)=[{&(0x7f00000007c0)="90507781dd3d70647c0634dd", 0xc}], 0x1}}], 0x3, 0x28048005)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000b80)="d800000019008111e00212ba0d8105040a61023fff0f040b067c55a1bc000900b800069903000000b0000500808178a8001500030001400200000901ac040000d69b6f940071009807a290457f0189b316277ce06bbade8017cbec4c0000001fb791643a5ee4b11602b2a10e11ce1b25d6d9300000730d7a5025ccca262f2240fad95667e04adcdf634c1f215ce3bb9ad809d5e15de6ccd40dd6e4edef3d93452a9230000e9703000000000000000000000000129ae100000000000000000000080000400000000000000000000080b6fcdb2ab01ec2bb13", 0xd8}], 0x1}, 0x8000194)
syz_open_dev$tty20(0xc, 0x4, 0x0)
syz_mount_image$msdos(&(0x7f0000000540), &(0x7f0000000580)='./file0\x00', 0x0, &(0x7f00000005c0), 0x1, 0x530, &(0x7f0000000600)="$eJzs2r+KE0EcB/Axd+YOG1OLxYIWVsfpE7hIDg4XhMgWWrlwsdkVYbfZpLoH8BF8Ah8v1XWRyy65i/8aE0fN5wNhvuSbwG+a3Snm3cMP5cXH5v3jT5/D8fMkDEIIg6sQRqvUudOvg1UehtsuAwDwr5lMijT2DOxWXafF9Rnu6Lsm/xJlIAAAAAAAAAAAAH6b+/8AsH/c////1XVaDPvz2yb3/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB4rpbL+8tffGLPBwBsn/c/AOyf12/evkyzbDxJkuMQFpdt3ubd2vVn59n4NFkZ3fxr0bb5wbp/2vXJZn833Ov7Zz/sh+HJo66/7l68yr7pj8LF7rcPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3HKSrI1uvl20bX7Q9Sc/67t0dp6NT/sfbPaH4cHhH9sGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsAXNbF4WVTWtBUEQ1iH2kwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIilmc3LoqqmdRN7EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgb9HM5mVRVdN6hyH2HgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYvq8BAAD//xFVYDY=")

65.193667ms ago: executing program 5 (id=849):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000500)=@ipv6_newrule={0x24, 0x1a, 0x1, 0x70bd2d, 0x0, {0x81, 0x80, 0x80}, [@FIB_RULE_POLICY=@FRA_TABLE={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x20008004}, 0x0)
r1 = socket$inet(0x2, 0x5, 0xb)
getsockopt$IP_VS_SO_GET_SERVICE(r1, 0x0, 0x483, &(0x7f0000000100), &(0x7f0000000180)=0x68)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r2, 0x84, 0x22, &(0x7f0000000300)={0x8, 0x201, 0x3, 0xe}, 0x10)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e1f, 0xa3, @loopback, 0x2}, 0x1c)
setsockopt$sock_int(r2, 0x1, 0xb, &(0x7f0000000080)=0xffffffff, 0x4)
sendmsg$inet6(r2, &(0x7f0000000240)={&(0x7f0000000000)={0xa, 0x4e23, 0x81, @loopback, 0x6}, 0x1c, &(0x7f0000000340)=[{&(0x7f00000000c0)="10", 0x1}], 0x1, 0x0, 0x0, 0x2000000}, 0x4048814)
set_mempolicy(0x1, &(0x7f00000001c0)=0x7, 0xf)

30.075599ms ago: executing program 2 (id=850):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x6, &(0x7f00000003c0)=[{0x5, 0x5, 0x8, 0x63956736}, {0x7fff, 0x8, 0x2, 0x82}, {0xaa4, 0x2, 0x0, 0x7}, {0x80, 0x5, 0x7, 0xfffffff9}, {0x8, 0x7, 0x7, 0x8}, {0x5, 0xf1, 0x3, 0xd96b}]})
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f0000000180), 0x10)
sendmsg$can_bcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001c40)=ANY=[], 0x80}, 0x1, 0x0, 0x0, 0x84}, 0x200088c1)
getgroups(0x0, 0x0)
r1 = socket$inet6(0xa, 0x1, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000002180)={0x2000000000000155, &(0x7f0000000240)})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r2, 0x40182103, &(0x7f0000000080)={0x0, 0x0, r2, 0x9})
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000a00)=@raw={'raw\x00', 0x3c1, 0x3, 0x3a8, 0x1e8, 0x12, 0x60a, 0x1e8, 0x202, 0x2d8, 0x2e8, 0x2e8, 0x2d8, 0x2c0, 0x4, 0x0, {[{{@ipv6={@private0, @ipv4={'\x00', '\xff\xff', @multicast2}, [], [], 'veth1_to_bond\x00', 'geneve1\x00'}, 0x0, 0x1b8, 0x1e8, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "000000000000000617ae5119b5135c2aee68d23a465cd431e1ecef50c3234e082555f67222476147864fa03182f5cf11d8c348cbd06dc8de1dcbde7d4e252c3394fed47bf78c70f607b0178fa5ea335019ac07a602061c96baebc989f1f34a214e6726401fe4b124e0f7323a587d2a1fcf07000000eca0a7b66c60c527bac2b5", 0x2, 0x3}}, @common=@inet=@set3={{0x50}, {{0x0, 0x3, 0x4}, {0x1}, {0x81, 0x8000}, 0x2}}]}, @common=@unspec=@CONNMARK={0x30}}, {{@uncond, 0x0, 0xa8, 0xf0}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x0, 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x408)
syz_mount_image$msdos(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x1000000, &(0x7f0000000480)=ANY=[@ANYBLOB="646f74732c756d61736b3d304edc35a66bdfa0ce4ef0cfc9e7a0a6303030303030303030303030303030303030303031302c6e66732c6e6f646f74732c6e66733d7374616c655f72772c6e6f636173652c6e6f646f74732c6e66733d7374616c655f72772c6e6f646f74732c6e6f646f74732c6e6f646f74732c646f74732c646f74732c666c7573682c7379735f696d6d757461626c652c004458d4556d1ad51f4c6b45399eba202e7299749b6f581efdfecd2bd47934bb653b3362b3d31cc68fd53641e04fb36721b04471907e4d52ed0cf59423b1177352c0558607747124b2e27280f2ef22165484cf832bf25c8378ac64def232f7494c"], 0x1, 0x25f, &(0x7f0000000140)="$eJzs3cFqE0EYB/AvTZqsBbVn8bDgxZOobxCkghAQqrkbaL20Imwv0VMeQ/ANfByPPkZPvUXaXVy7LSIl6WS7vx+E/dj/DjuTQCaHmeyHx5+ODj6ffFz++hZZlscgYhFnEbuxFf0o9arj1kU9jGHUFgEAtM3+/mycug+sUO/qqaIYz7YjYnQlm/64pV4BAAAAAAAAAACwYjdZ//836/8BoH2s/7/7imI826l+v11m/T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQztly+XD5j1fq/gEAq2f+B4DuMf8DQPeY/wGge949qIo8zyJOF/PpfFoey9Ov30z2nucXdutWp/P5dLuqJ3svyjxv5jtV+5fX5sN4+qTMz7NXbyeNfBQH6xw4AAAAAAAAAAAAAAAAAAAAbJBn+R+N/f39Mj+/YBTX5FnE90v/D9DYvz+IR4PbHAkAAAAAAAAAAAAAAAAAAAC018mXr0ez4+PDorPFz35EsrtHr/wYUr8JjeJe3KBVtmmjaFHRj4jDUQxivfd6f///L079zQQAAAAAAAAAAAAAAAAAAN1Tb/pN3RMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAASKd+/v/6itRjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrhdwAAAP//UhGHcQ==")
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="6d636230db696e7485726c6561766528372d4e3a302f4e00"])
r3 = gettid()
timer_create(0x1, &(0x7f0000000800)={0x0, 0x21, 0x4, @tid=r3}, &(0x7f0000000000))
perf_event_open(&(0x7f0000000400)={0x2, 0x80, 0x28, 0xff, 0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x4801c, 0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x9, 0x5f8f}, 0x0, 0xfffd, 0x0, 0x1, 0x7, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x8}, r3, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/bus/input/devices\x00', 0x0, 0x0)
preadv(r4, &(0x7f00000015c0)=[{&(0x7f0000001600)=""/4094, 0xffe}], 0x1, 0xf0, 0xd215)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@ipv6_newnexthop={0x24, 0x68, 0x309, 0x0, 0x0, {}, [@NHA_FDB={0x4}, @NHA_ID={0x8, 0x1, 0x1}]}, 0x24}}, 0x0)

0s ago: executing program 4 (id=851):
setsockopt(0xffffffffffffffff, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
socket$inet_mptcp(0x2, 0x1, 0x106)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000100)="b8", 0xffe0, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x6, 0x0, 0x0, 0x0, 0x7, 0x49604, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x5, @perf_bp={&(0x7f0000000240), 0x4}, 0x0, 0x5, 0xfffffffc, 0x6, 0x7, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x2)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x1f, 0x15, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x800007d}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0xa8}}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x56, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7ff}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

kernel console output (not intermixed with test programs):

 tclass=netlink_kobject_uevent_socket permissive=1
[   34.600355][ T3300] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   35.754130][ T3314] chnl_net:caif_netlink_parms(): no params data found
[   35.850494][ T3316] chnl_net:caif_netlink_parms(): no params data found
[   35.869418][ T3314] bridge0: port 1(bridge_slave_0) entered blocking state
[   35.876606][ T3314] bridge0: port 1(bridge_slave_0) entered disabled state
[   35.883800][ T3314] bridge_slave_0: entered allmulticast mode
[   35.890627][ T3314] bridge_slave_0: entered promiscuous mode
[   35.899538][ T3314] bridge0: port 2(bridge_slave_1) entered blocking state
[   35.906665][ T3314] bridge0: port 2(bridge_slave_1) entered disabled state
[   35.913851][ T3314] bridge_slave_1: entered allmulticast mode
[   35.920346][ T3314] bridge_slave_1: entered promiscuous mode
[   35.947690][ T3312] chnl_net:caif_netlink_parms(): no params data found
[   35.969818][ T3314] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   35.993851][ T3315] chnl_net:caif_netlink_parms(): no params data found
[   36.006579][ T3314] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   36.041242][ T3313] chnl_net:caif_netlink_parms(): no params data found
[   36.061267][ T3314] team0: Port device team_slave_0 added
[   36.077791][ T3314] team0: Port device team_slave_1 added
[   36.134343][ T3314] batman_adv: batadv0: Adding interface: batadv_slave_0
[   36.141412][ T3314] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   36.167502][ T3314] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   36.178398][ T3316] bridge0: port 1(bridge_slave_0) entered blocking state
[   36.185625][ T3316] bridge0: port 1(bridge_slave_0) entered disabled state
[   36.192860][ T3316] bridge_slave_0: entered allmulticast mode
[   36.199532][ T3316] bridge_slave_0: entered promiscuous mode
[   36.206315][ T3315] bridge0: port 1(bridge_slave_0) entered blocking state
[   36.213418][ T3315] bridge0: port 1(bridge_slave_0) entered disabled state
[   36.220862][ T3315] bridge_slave_0: entered allmulticast mode
[   36.227330][ T3315] bridge_slave_0: entered promiscuous mode
[   36.241054][ T3314] batman_adv: batadv0: Adding interface: batadv_slave_1
[   36.248086][ T3314] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   36.274032][ T3314] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   36.287926][ T3316] bridge0: port 2(bridge_slave_1) entered blocking state
[   36.295037][ T3316] bridge0: port 2(bridge_slave_1) entered disabled state
[   36.302198][ T3316] bridge_slave_1: entered allmulticast mode
[   36.308802][ T3316] bridge_slave_1: entered promiscuous mode
[   36.315197][ T3315] bridge0: port 2(bridge_slave_1) entered blocking state
[   36.322343][ T3315] bridge0: port 2(bridge_slave_1) entered disabled state
[   36.329653][ T3315] bridge_slave_1: entered allmulticast mode
[   36.336139][ T3315] bridge_slave_1: entered promiscuous mode
[   36.342442][ T3312] bridge0: port 1(bridge_slave_0) entered blocking state
[   36.349581][ T3312] bridge0: port 1(bridge_slave_0) entered disabled state
[   36.356942][ T3312] bridge_slave_0: entered allmulticast mode
[   36.363493][ T3312] bridge_slave_0: entered promiscuous mode
[   36.372832][ T3312] bridge0: port 2(bridge_slave_1) entered blocking state
[   36.379965][ T3312] bridge0: port 2(bridge_slave_1) entered disabled state
[   36.387130][ T3312] bridge_slave_1: entered allmulticast mode
[   36.393693][ T3312] bridge_slave_1: entered promiscuous mode
[   36.434368][ T3312] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   36.453923][ T3316] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   36.464179][ T3315] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   36.474205][ T3316] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   36.489105][ T3312] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   36.500517][ T3314] hsr_slave_0: entered promiscuous mode
[   36.506658][ T3314] hsr_slave_1: entered promiscuous mode
[   36.512665][ T3313] bridge0: port 1(bridge_slave_0) entered blocking state
[   36.519811][ T3313] bridge0: port 1(bridge_slave_0) entered disabled state
[   36.527081][ T3313] bridge_slave_0: entered allmulticast mode
[   36.533648][ T3313] bridge_slave_0: entered promiscuous mode
[   36.541290][ T3315] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   36.550512][ T3313] bridge0: port 2(bridge_slave_1) entered blocking state
[   36.557619][ T3313] bridge0: port 2(bridge_slave_1) entered disabled state
[   36.564796][ T3313] bridge_slave_1: entered allmulticast mode
[   36.571275][ T3313] bridge_slave_1: entered promiscuous mode
[   36.602253][ T3312] team0: Port device team_slave_0 added
[   36.622241][ T3312] team0: Port device team_slave_1 added
[   36.637946][ T3316] team0: Port device team_slave_0 added
[   36.643950][ T3312] batman_adv: batadv0: Adding interface: batadv_slave_0
[   36.650963][ T3312] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   36.676969][ T3312] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   36.689264][ T3313] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   36.699948][ T3313] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   36.714583][ T3315] team0: Port device team_slave_0 added
[   36.721056][ T3316] team0: Port device team_slave_1 added
[   36.727749][ T3315] team0: Port device team_slave_1 added
[   36.733855][ T3312] batman_adv: batadv0: Adding interface: batadv_slave_1
[   36.740898][ T3312] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   36.766854][ T3312] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   36.820950][ T3315] batman_adv: batadv0: Adding interface: batadv_slave_0
[   36.827995][ T3315] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   36.854007][ T3315] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   36.865155][ T3316] batman_adv: batadv0: Adding interface: batadv_slave_0
[   36.872175][ T3316] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   36.898264][ T3316] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   36.914252][ T3316] batman_adv: batadv0: Adding interface: batadv_slave_1
[   36.921373][ T3316] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   36.947378][ T3316] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   36.958710][ T3313] team0: Port device team_slave_0 added
[   36.965569][ T3315] batman_adv: batadv0: Adding interface: batadv_slave_1
[   36.972542][ T3315] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   36.998706][ T3315] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   37.015746][ T3313] team0: Port device team_slave_1 added
[   37.049592][ T3312] hsr_slave_0: entered promiscuous mode
[   37.055690][ T3312] hsr_slave_1: entered promiscuous mode
[   37.061572][ T3312] debugfs: 'hsr0' already exists in 'hsr'
[   37.067380][ T3312] Cannot create hsr debugfs directory
[   37.093123][ T3316] hsr_slave_0: entered promiscuous mode
[   37.099220][ T3316] hsr_slave_1: entered promiscuous mode
[   37.105064][ T3316] debugfs: 'hsr0' already exists in 'hsr'
[   37.110790][ T3316] Cannot create hsr debugfs directory
[   37.144286][ T3315] hsr_slave_0: entered promiscuous mode
[   37.150416][ T3315] hsr_slave_1: entered promiscuous mode
[   37.156329][ T3315] debugfs: 'hsr0' already exists in 'hsr'
[   37.162062][ T3315] Cannot create hsr debugfs directory
[   37.167884][ T3313] batman_adv: batadv0: Adding interface: batadv_slave_0
[   37.174896][ T3313] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   37.200881][ T3313] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   37.227206][ T3313] batman_adv: batadv0: Adding interface: batadv_slave_1
[   37.234227][ T3313] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   37.260220][ T3313] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   37.387752][ T3313] hsr_slave_0: entered promiscuous mode
[   37.393770][ T3313] hsr_slave_1: entered promiscuous mode
[   37.399647][ T3313] debugfs: 'hsr0' already exists in 'hsr'
[   37.405399][ T3313] Cannot create hsr debugfs directory
[   37.447201][ T3314] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   37.462545][ T3314] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   37.471400][ T3314] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   37.487206][ T3314] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   37.533129][ T3316] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   37.544348][ T3316] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   37.556568][ T3316] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   37.581202][ T3316] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   37.590111][ T3315] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   37.603692][ T3315] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   37.613863][ T3315] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   37.626727][ T3315] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   37.659309][ T3312] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   37.669796][ T3312] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   37.679206][ T3312] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   37.688372][ T3312] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   37.710144][ T3314] 8021q: adding VLAN 0 to HW filter on device bond0
[   37.732344][ T3313] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   37.748770][ T3313] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   37.757911][ T3313] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   37.768028][ T3313] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   37.791281][ T3314] 8021q: adding VLAN 0 to HW filter on device team0
[   37.814675][   T61] bridge0: port 1(bridge_slave_0) entered blocking state
[   37.821901][   T61] bridge0: port 1(bridge_slave_0) entered forwarding state
[   37.844466][ T3314] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   37.854893][ T3314] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   37.873741][ T1673] bridge0: port 2(bridge_slave_1) entered blocking state
[   37.880913][ T1673] bridge0: port 2(bridge_slave_1) entered forwarding state
[   37.907246][ T3316] 8021q: adding VLAN 0 to HW filter on device bond0
[   37.921911][ T3316] 8021q: adding VLAN 0 to HW filter on device team0
[   37.931079][ T3315] 8021q: adding VLAN 0 to HW filter on device bond0
[   37.943668][ T1673] bridge0: port 1(bridge_slave_0) entered blocking state
[   37.950787][ T1673] bridge0: port 1(bridge_slave_0) entered forwarding state
[   37.968489][ T1673] bridge0: port 2(bridge_slave_1) entered blocking state
[   37.975592][ T1673] bridge0: port 2(bridge_slave_1) entered forwarding state
[   38.001381][ T3312] 8021q: adding VLAN 0 to HW filter on device bond0
[   38.027846][ T3315] 8021q: adding VLAN 0 to HW filter on device team0
[   38.048961][ T3316] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   38.061365][   T57] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.068490][   T57] bridge0: port 1(bridge_slave_0) entered forwarding state
[   38.078808][   T57] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.086063][   T57] bridge0: port 2(bridge_slave_1) entered forwarding state
[   38.100927][ T3312] 8021q: adding VLAN 0 to HW filter on device team0
[   38.115253][ T3313] 8021q: adding VLAN 0 to HW filter on device bond0
[   38.129382][ T3314] 8021q: adding VLAN 0 to HW filter on device batadv0
[   38.140974][   T52] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.148087][   T52] bridge0: port 1(bridge_slave_0) entered forwarding state
[   38.157699][   T52] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.164839][   T52] bridge0: port 2(bridge_slave_1) entered forwarding state
[   38.180254][ T3313] 8021q: adding VLAN 0 to HW filter on device team0
[   38.204167][   T52] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.211323][   T52] bridge0: port 1(bridge_slave_0) entered forwarding state
[   38.224453][   T52] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.231613][   T52] bridge0: port 2(bridge_slave_1) entered forwarding state
[   38.305485][ T3316] 8021q: adding VLAN 0 to HW filter on device batadv0
[   38.396941][ T3315] 8021q: adding VLAN 0 to HW filter on device batadv0
[   38.408443][ T3313] 8021q: adding VLAN 0 to HW filter on device batadv0
[   38.429884][ T3312] 8021q: adding VLAN 0 to HW filter on device batadv0
[   38.449852][ T3314] veth0_vlan: entered promiscuous mode
[   38.487153][ T3314] veth1_vlan: entered promiscuous mode
[   38.539439][ T3316] veth0_vlan: entered promiscuous mode
[   38.551996][ T3314] veth0_macvtap: entered promiscuous mode
[   38.560714][ T3316] veth1_vlan: entered promiscuous mode
[   38.581336][ T3314] veth1_macvtap: entered promiscuous mode
[   38.599277][ T3315] veth0_vlan: entered promiscuous mode
[   38.617624][ T3315] veth1_vlan: entered promiscuous mode
[   38.642998][ T3314] batman_adv: batadv0: Interface activated: batadv_slave_0
[   38.651759][ T3312] veth0_vlan: entered promiscuous mode
[   38.661879][ T3312] veth1_vlan: entered promiscuous mode
[   38.669793][ T3314] batman_adv: batadv0: Interface activated: batadv_slave_1
[   38.690134][   T57] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   38.708347][ T3316] veth0_macvtap: entered promiscuous mode
[   38.720958][   T57] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   38.732138][ T3315] veth0_macvtap: entered promiscuous mode
[   38.745363][ T3312] veth0_macvtap: entered promiscuous mode
[   38.752293][ T3316] veth1_macvtap: entered promiscuous mode
[   38.759038][   T57] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   38.774187][ T3315] veth1_macvtap: entered promiscuous mode
[   38.781956][   T57] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   38.808872][ T3316] batman_adv: batadv0: Interface activated: batadv_slave_0
[   38.817236][ T3312] veth1_macvtap: entered promiscuous mode
[   38.837676][ T3313] veth0_vlan: entered promiscuous mode
[   38.845336][ T3316] batman_adv: batadv0: Interface activated: batadv_slave_1
[   38.855574][ T3314] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   38.862155][ T3312] batman_adv: batadv0: Interface activated: batadv_slave_0
[   38.886451][ T3315] batman_adv: batadv0: Interface activated: batadv_slave_0
[   38.896727][ T1673] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   38.907459][ T3312] batman_adv: batadv0: Interface activated: batadv_slave_1
[   38.927638][ T3313] veth1_vlan: entered promiscuous mode
[   38.941805][ T1673] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   38.956404][ T3315] batman_adv: batadv0: Interface activated: batadv_slave_1
[   38.967250][ T1673] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   38.996987][ T1673] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   39.022378][ T1673] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   39.042407][ T1673] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   39.065420][ T3313] veth0_macvtap: entered promiscuous mode
[   39.089634][ T3313] veth1_macvtap: entered promiscuous mode
[   39.098394][ T1673] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   39.107312][   T29] kauditd_printk_skb: 33 callbacks suppressed
[   39.107328][   T29] audit: type=1400 audit(1770488928.355:105): avc:  denied  { ioctl } for  pid=3487 comm="syz.0.7" path="socket:[4808]" dev="sockfs" ino=4808 ioctlcmd=0x8901 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   39.144935][ T1673] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   39.171173][ T1673] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   39.178711][ T3490] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=123 sclass=netlink_route_socket pid=3490 comm=syz.0.8
[   39.208257][ T3313] batman_adv: batadv0: Interface activated: batadv_slave_0
[   39.218264][ T3493] netlink: 'syz.1.2': attribute type 29 has an invalid length.
[   39.225044][   T29] audit: type=1400 audit(1770488928.415:106): avc:  denied  { create } for  pid=3489 comm="syz.0.8" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[   39.226095][ T3493] netlink: 'syz.1.2': attribute type 4 has an invalid length.
[   39.245389][   T29] audit: type=1400 audit(1770488928.435:107): avc:  denied  { create } for  pid=3489 comm="syz.0.8" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   39.272246][   T29] audit: type=1400 audit(1770488928.435:108): avc:  denied  { setopt } for  pid=3489 comm="syz.0.8" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   39.291412][   T29] audit: type=1400 audit(1770488928.455:109): avc:  denied  { prog_load } for  pid=3492 comm="syz.1.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   39.307093][ T3313] batman_adv: batadv0: Interface activated: batadv_slave_1
[   39.310257][   T29] audit: type=1400 audit(1770488928.455:110): avc:  denied  { prog_run } for  pid=3492 comm="syz.1.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   39.343262][   T29] audit: type=1400 audit(1770488928.605:111): avc:  denied  { create } for  pid=3496 comm="syz.1.9" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   39.351089][ T1673] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   39.363322][   T29] audit: type=1400 audit(1770488928.605:112): avc:  denied  { create } for  pid=3494 comm="syz.2.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   39.392188][   T29] audit: type=1400 audit(1770488928.605:113): avc:  denied  { name_bind } for  pid=3494 comm="syz.2.3" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[   39.416470][   T29] audit: type=1400 audit(1770488928.655:114): avc:  denied  { write } for  pid=3494 comm="syz.2.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   39.437142][ T1673] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   39.450193][ T1673] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   39.459022][ T1673] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   39.468090][ T1673] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   39.480272][ T1673] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   39.499203][ T3503] netlink: 32 bytes leftover after parsing attributes in process `syz.2.10'.
[   39.512457][ T3505] netlink: 528 bytes leftover after parsing attributes in process `syz.1.11'.
[   39.522315][ T3503] netlink: 32 bytes leftover after parsing attributes in process `syz.2.10'.
[   39.555898][ T1673] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   39.635147][ T3515] loop0: detected capacity change from 0 to 512
[   39.641941][ T3515] EXT4-fs: Ignoring removed orlov option
[   39.647789][ T3515] EXT4-fs: Ignoring removed mblk_io_submit option
[   39.696617][ T3518] mmap: syz.4.5 (3518) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   39.719341][ T3515] EXT4-fs error (device loop0): ext4_iget_extra_inode:5073: inode #15: comm syz.0.14: corrupted in-inode xattr: e_value size too large
[   39.746918][ T3515] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.14: couldn't read orphan inode 15 (err -117)
[   39.774560][ T3515] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   39.807655][ T3530] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   39.884393][ T3530] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=3530 comm=syz.2.18
[   39.957340][ T3540] sch_tbf: burst 20480 is lower than device lo mtu (65550) !
[   40.023816][ T3544] netlink: 'syz.2.22': attribute type 13 has an invalid length.
[   40.034563][ T3544] gretap0: refused to change device tx_queue_len
[   40.035773][    C0] hrtimer: interrupt took 86278 ns
[   40.044498][ T3544] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[   40.215826][ T3314] EXT4-fs error (device loop0): ext4_lookup:1785: inode #14: comm syz-executor: invalid fast symlink length 39
[   40.228862][ T3314] EXT4-fs error (device loop0): ext4_lookup:1785: inode #14: comm syz-executor: invalid fast symlink length 39
[   40.259667][ T3558] tipc: Started in network mode
[   40.264751][ T3558] tipc: Node identity ff010000000000000000000000000001, cluster identity 4711
[   40.273669][ T3558] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[   40.288130][ T3558] loop3: detected capacity change from 0 to 1024
[   40.299471][ T3558] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (24670!=35945)
[   40.316495][ T3558] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   40.327580][ T3558] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   40.336173][ T3558] EXT4-fs (loop3): Can't support bigalloc feature without extents feature
[   40.336173][ T3558] 
[   40.347067][ T3558] EXT4-fs (loop3): Skipping orphan cleanup due to unknown ROCOMPAT features
[   40.358343][ T3558] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   40.372985][ T3558] EXT4-fs error (device loop3): ext4_search_dir:1474: inode #2: block 16: comm syz.3.25: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0
[   40.394616][ T3558] tipc: Enabled bearer <udp:syz2>, priority 10
[   40.435522][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.469146][ T3566] loop2: detected capacity change from 0 to 128
[   40.498885][ T3570] netlink: 24 bytes leftover after parsing attributes in process `syz.3.27'.
[   40.519167][ T3566] syz.2.28: attempt to access beyond end of device
[   40.519167][ T3566] loop2: rw=2049, sector=154, nr_sectors = 8 limit=128
[   40.533145][ T3566] syz.2.28: attempt to access beyond end of device
[   40.533145][ T3566] loop2: rw=8390657, sector=160, nr_sectors = 2 limit=128
[   40.546838][ T3566] Buffer I/O error on dev loop2, logical block 80, lost async page write
[   40.558392][ T3566] syz.2.28: attempt to access beyond end of device
[   40.558392][ T3566] loop2: rw=2049, sector=162, nr_sectors = 8 limit=128
[   40.576236][ T3566] syz.2.28: attempt to access beyond end of device
[   40.576236][ T3566] loop2: rw=2049, sector=154, nr_sectors = 2 limit=128
[   40.622688][ T3570] netlink: 48 bytes leftover after parsing attributes in process `syz.3.27'.
[   40.718515][ T3574] capability: warning: `syz.1.30' uses 32-bit capabilities (legacy support in use)
[   40.728774][ T3574] random: crng reseeded on system resumption
[   40.794876][ T3585] Zero length message leads to an empty skb
[   40.801603][ T3585] netlink: 20 bytes leftover after parsing attributes in process `syz.1.32'.
[   40.848523][ T3572] syz.2.28: attempt to access beyond end of device
[   40.848523][ T3572] loop2: rw=8390657, sector=154, nr_sectors = 2 limit=128
[   40.862371][ T3572] Buffer I/O error on dev loop2, logical block 77, lost async page write
[   41.027656][ T3593] loop2: detected capacity change from 0 to 512
[   41.076392][ T3593] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   41.105989][ T3593] ext4 filesystem being mounted at /9/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   41.216253][ T3599] netlink: 'syz.2.36': attribute type 10 has an invalid length.
[   41.228444][ T3599] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[   41.387778][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.431915][ T3316] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.537199][   T10] tipc: Node number set to 4278255617
[   41.838155][ T3620] loop2: detected capacity change from 0 to 8192
[   41.907534][ T3305]  loop2: p1 < > p2 p3 < p5 p6 > p4
[   41.912820][ T3305] loop2: partition table partially beyond EOD, truncated
[   41.921787][ T3305] loop2: p1 start 100663296 is beyond EOD, truncated
[   41.928608][ T3305] loop2: p2 size 134217732 extends beyond EOD, truncated
[   41.938227][ T3305] loop2: p4 size 14876672 extends beyond EOD, truncated
[   41.946087][ T3305] loop2: p5 size 134217732 extends beyond EOD, truncated
[   41.954227][ T3305] loop2: p6 size 14876672 extends beyond EOD, truncated
[   41.968089][ T3620]  loop2: p1 < > p2 p3 < p5 p6 > p4
[   41.973380][ T3620] loop2: partition table partially beyond EOD, truncated
[   41.980766][ T3620] loop2: p1 start 100663296 is beyond EOD, truncated
[   41.987525][ T3620] loop2: p2 size 134217732 extends beyond EOD, truncated
[   41.996804][ T3620] loop2: p4 size 14876672 extends beyond EOD, truncated
[   42.004447][ T3620] loop2: p5 size 134217732 extends beyond EOD, truncated
[   42.012654][ T3620] loop2: p6 size 14876672 extends beyond EOD, truncated
[   42.043963][ T3629] netlink: 528 bytes leftover after parsing attributes in process `syz.4.46'.
[   42.060009][ T1673] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   42.119070][ T3634] loop4: detected capacity change from 0 to 1024
[   42.155167][ T1673] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   42.187466][ T3634] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   42.224058][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.234382][ T1673] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   42.261897][ T3604] chnl_net:caif_netlink_parms(): no params data found
[   42.292756][ T1673] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   42.326125][ T3604] bridge0: port 1(bridge_slave_0) entered blocking state
[   42.333222][ T3604] bridge0: port 1(bridge_slave_0) entered disabled state
[   42.341305][ T3604] bridge_slave_0: entered allmulticast mode
[   42.351281][ T3604] bridge_slave_0: entered promiscuous mode
[   42.374485][ T3604] bridge0: port 2(bridge_slave_1) entered blocking state
[   42.381631][ T3604] bridge0: port 2(bridge_slave_1) entered disabled state
[   42.389365][ T3604] bridge_slave_1: entered allmulticast mode
[   42.396077][ T3604] bridge_slave_1: entered promiscuous mode
[   42.406942][ T1673] bridge_slave_1: left allmulticast mode
[   42.412651][ T1673] bridge_slave_1: left promiscuous mode
[   42.418397][ T1673] bridge0: port 2(bridge_slave_1) entered disabled state
[   42.429472][ T1673] bridge_slave_0: left allmulticast mode
[   42.435200][ T1673] bridge_slave_0: left promiscuous mode
[   42.441010][ T1673] bridge0: port 1(bridge_slave_0) entered disabled state
[   42.507357][ T3657] netlink: 'syz.1.51': attribute type 83 has an invalid length.
[   42.546982][ T1673] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   42.557048][ T1673] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   42.566926][ T1673] bond0 (unregistering): Released all slaves
[   42.599590][ T3604] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   42.619578][ T3604] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   42.646495][ T1673] hsr_slave_0: left promiscuous mode
[   42.654713][ T1673] hsr_slave_1: left promiscuous mode
[   42.660455][ T1673] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   42.668032][ T1673] batman_adv: batadv0: Removing interface: batadv_slave_0
[   42.728119][ T1673] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   42.735614][ T1673] batman_adv: batadv0: Removing interface: batadv_slave_1
[   42.748384][ T3673] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=1551 sclass=netlink_xfrm_socket pid=3673 comm=syz.2.54
[   42.761121][ T1673] veth1_macvtap: left promiscuous mode
[   42.777367][ T3673] netlink: 232 bytes leftover after parsing attributes in process `syz.2.54'.
[   42.781940][ T1673] veth0_macvtap: left promiscuous mode
[   42.834102][ T3685] FAULT_INJECTION: forcing a failure.
[   42.834102][ T3685] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   42.847372][ T3685] CPU: 1 UID: 0 PID: 3685 Comm: syz.2.58 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   42.847475][ T3685] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[   42.847497][ T3685] Call Trace:
[   42.847509][ T3685]  <TASK>
[   42.847517][ T3685]  __dump_stack+0x1d/0x30
[   42.847551][ T3685]  dump_stack_lvl+0x95/0xd0
[   42.847574][ T3685]  dump_stack+0x15/0x1b
[   42.847596][ T3685]  should_fail_ex+0x263/0x280
[   42.847626][ T3685]  should_fail+0xb/0x20
[   42.847679][ T3685]  should_fail_usercopy+0x1a/0x20
[   42.847718][ T3685]  _copy_from_user+0x1c/0xb0
[   42.847773][ T3685]  ___sys_sendmsg+0xc1/0x1e0
[   42.847815][ T3685]  __x64_sys_sendmsg+0xd4/0x160
[   42.847844][ T3685]  x64_sys_call+0x17ba/0x3000
[   42.847952][ T3685]  do_syscall_64+0xc0/0x2a0
[   42.847982][ T3685]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   42.848035][ T3685] RIP: 0033:0x7f39131daeb9
[   42.848051][ T3685] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   42.848068][ T3685] RSP: 002b:00007f3911c2f028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   42.848086][ T3685] RAX: ffffffffffffffda RBX: 00007f3913455fa0 RCX: 00007f39131daeb9
[   42.848099][ T3685] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000003
[   42.848173][ T3685] RBP: 00007f3911c2f090 R08: 0000000000000000 R09: 0000000000000000
[   42.848190][ T3685] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   42.848205][ T3685] R13: 00007f3913456038 R14: 00007f3913455fa0 R15: 00007fff0db15708
[   42.848226][ T3685]  </TASK>
[   42.870733][ T1673] veth1_vlan: left promiscuous mode
[   43.068753][ T1673] veth0_vlan: left promiscuous mode
[   43.100735][ T3697] loop3: detected capacity change from 0 to 8192
[   43.152969][ T1673] team0 (unregistering): Port device team_slave_1 removed
[   43.163469][ T3697]  loop3: p1 < > p2 p3 < p5 p6 > p4
[   43.168877][ T3697] loop3: partition table partially beyond EOD, truncated
[   43.176338][ T3697] loop3: p1 start 100663296 is beyond EOD, truncated
[   43.177455][ T1673] team0 (unregistering): Port device team_slave_0 removed
[   43.183128][ T3697] loop3: p2 size 134217732 extends beyond EOD, truncated
[   43.203491][ T3697] loop3: p4 size 14876672 extends beyond EOD, truncated
[   43.211488][ T3697] loop3: p5 size 134217732 extends beyond EOD, truncated
[   43.220524][ T3697] loop3: p6 size 14876672 extends beyond EOD, truncated
[   43.237392][ T3699] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23 sclass=netlink_route_socket pid=3699 comm=syz.2.62
[   43.360573][ T3604] team0: Port device team_slave_0 added
[   43.380768][ T3604] team0: Port device team_slave_1 added
[   43.464055][ T3604] batman_adv: batadv0: Adding interface: batadv_slave_0
[   43.471094][ T3604] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   43.497132][ T3604] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   43.512503][ T3302] udevd[3302]: inotify_add_watch(7, /dev/loop3p6, 10) failed: No such file or directory
[   43.512727][ T3632] udevd[3632]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[   43.530365][ T3306] udevd[3306]: inotify_add_watch(7, /dev/loop3p5, 10) failed: No such file or directory
[   43.534538][ T3636] udevd[3636]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[   43.554169][ T3305] udevd[3305]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[   43.619823][ T3720] netlink: 4 bytes leftover after parsing attributes in process `syz.2.69'.
[   43.657279][ T3724] udevd[3724]: inotify_add_watch(7, /dev/loop3p6, 10) failed: No such file or directory
[   43.670266][ T3636] udevd[3636]: inotify_add_watch(7, /dev/loop3p5, 10) failed: No such file or directory
[   43.725350][ T3732] debugfs: Bad value for 'gid'
[   43.730218][ T3732] debugfs: Bad value for 'gid'
[   43.752042][ T3732] 9p: Could not find request transport: @
[   43.795902][ T3604] batman_adv: batadv0: Adding interface: batadv_slave_1
[   43.803002][ T3604] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   43.829197][ T3604] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   43.962230][ T3604] hsr_slave_0: entered promiscuous mode
[   43.968435][ T3604] hsr_slave_1: entered promiscuous mode
[   44.139513][ T3760] netlink: 8 bytes leftover after parsing attributes in process `syz.2.79'.
[   44.150311][ T3760] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   44.173420][   T29] kauditd_printk_skb: 154 callbacks suppressed
[   44.173437][   T29] audit: type=1400 audit(1770488933.426:269): avc:  denied  { setattr } for  pid=3759 comm="syz.2.79" path="socket:[6568]" dev="sockfs" ino=6568 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[   44.352538][   T29] audit: type=1400 audit(1770488933.607:270): avc:  denied  { bind } for  pid=3773 comm="syz.2.83" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   44.383004][ T3604] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   44.416058][ T3604] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   44.423687][   T29] audit: type=1400 audit(1770488933.647:271): avc:  denied  { create } for  pid=3776 comm="syz.3.82" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   44.444245][   T29] audit: type=1400 audit(1770488933.647:272): avc:  denied  { write } for  pid=3776 comm="syz.3.82" name="file0" dev="tmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   44.466496][   T29] audit: type=1400 audit(1770488933.647:273): avc:  denied  { open } for  pid=3776 comm="syz.3.82" path="/12/file0" dev="tmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   44.489607][   T29] audit: type=1400 audit(1770488933.647:274): avc:  denied  { ioctl } for  pid=3776 comm="syz.3.82" path="/12/file0" dev="tmpfs" ino=84 ioctlcmd=0x5430 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   44.513497][   T29] audit: type=1400 audit(1770488933.647:275): avc:  denied  { setopt } for  pid=3773 comm="syz.2.83" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   44.541094][   T29] audit: type=1400 audit(1770488933.797:276): avc:  denied  { mounton } for  pid=3773 comm="syz.2.83" path="/32/file1" dev="tmpfs" ino=191 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   44.548774][ T3604] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   44.606901][   T29] audit: type=1400 audit(1770488933.857:277): avc:  denied  { unmount } for  pid=3313 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[   44.641122][ T3604] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   44.780493][ T3795] loop4: detected capacity change from 0 to 8192
[   44.794739][ T3604] 8021q: adding VLAN 0 to HW filter on device bond0
[   44.808152][ T3604] 8021q: adding VLAN 0 to HW filter on device team0
[   44.823822][ T3795]  loop4: p1 < > p2 p3 < p5 p6 > p4
[   44.829080][ T3795] loop4: partition table partially beyond EOD, truncated
[   44.844131][   T52] bridge0: port 1(bridge_slave_0) entered blocking state
[   44.851329][   T52] bridge0: port 1(bridge_slave_0) entered forwarding state
[   44.871058][   T52] bridge0: port 2(bridge_slave_1) entered blocking state
[   44.874350][   T29] audit: type=1400 audit(1770488934.127:278): avc:  denied  { unlink } for  pid=3315 comm="syz-executor" name="file0" dev="tmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   44.878192][   T52] bridge0: port 2(bridge_slave_1) entered forwarding state
[   44.884175][ T3795] loop4: p1 start 100663296 is beyond EOD, truncated
[   44.915085][ T3795] loop4: p2 size 134217732 extends beyond EOD, truncated
[   44.931383][ T3795] loop4: p4 size 14876672 extends beyond EOD, truncated
[   44.939921][ T3795] loop4: p5 size 134217732 extends beyond EOD, truncated
[   44.948459][ T3795] loop4: p6 size 14876672 extends beyond EOD, truncated
[   45.056066][ T3819] netlink: 'syz.3.89': attribute type 12 has an invalid length.
[   45.063837][ T3819] __nla_validate_parse: 1 callbacks suppressed
[   45.063855][ T3819] netlink: 132 bytes leftover after parsing attributes in process `syz.3.89'.
[   45.106625][ T3824] netlink: 528 bytes leftover after parsing attributes in process `syz.2.90'.
[   45.116824][ T3826] netlink: 4 bytes leftover after parsing attributes in process `syz.3.89'.
[   45.125605][ T3826] netlink: 12 bytes leftover after parsing attributes in process `syz.3.89'.
[   45.134537][ T3826] netlink: 36 bytes leftover after parsing attributes in process `syz.3.89'.
[   45.199032][ T3305] udevd[3305]: inotify_add_watch(7, /dev/loop4p5, 10) failed: No such file or directory
[   45.213589][ T3724] udevd[3724]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[   45.225054][ T3632] udevd[3632]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[   45.243556][ T3832] netlink: 8 bytes leftover after parsing attributes in process `syz.1.93'.
[   45.252626][ T3826] vlan0: entered promiscuous mode
[   45.291691][ T3839] netlink: 16 bytes leftover after parsing attributes in process `syz.3.89'.
[   45.300868][ T3839] netlink: 16 bytes leftover after parsing attributes in process `syz.3.89'.
[   45.316221][ T3604] 8021q: adding VLAN 0 to HW filter on device batadv0
[   45.584728][ T3862] loop4: detected capacity change from 0 to 8192
[   45.591271][ T3604] veth0_vlan: entered promiscuous mode
[   45.607439][ T3604] veth1_vlan: entered promiscuous mode
[   45.646679][ T3604] veth0_macvtap: entered promiscuous mode
[   45.652856][ T3862]  loop4: p1 p2 p3 p4
[   45.656990][ T3862] loop4: p1 size 196608 extends beyond EOD, truncated
[   45.674792][ T3862] loop4: p2 start 164919041 is beyond EOD, truncated
[   45.679061][ T3604] veth1_macvtap: entered promiscuous mode
[   45.681536][ T3862] loop4: p3 size 66846464 extends beyond EOD, truncated
[   45.710780][ T3604] batman_adv: batadv0: Interface activated: batadv_slave_0
[   45.719022][ T3870] loop3: detected capacity change from 0 to 8192
[   45.726069][ T3862] loop4: p4 size 37048832 extends beyond EOD, truncated
[   45.735854][ T3877] netlink: 16 bytes leftover after parsing attributes in process `syz.1.103'.
[   45.757412][ T3604] batman_adv: batadv0: Interface activated: batadv_slave_1
[   45.769500][ T3877] netlink: 12 bytes leftover after parsing attributes in process `syz.1.103'.
[   45.790500][ T1673] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   45.800823][ T3870]  loop3: p1 < > p2 p3 < p5 p6 > p4
[   45.806110][ T3870] loop3: partition table partially beyond EOD, truncated
[   45.816621][ T1673] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   45.882289][ T3870] loop3: p1 start 100663296 is beyond EOD, truncated
[   45.889130][ T3870] loop3: p2 size 134217732 extends beyond EOD, truncated
[   45.913412][ T1673] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   45.958651][ T3870] loop3: p4 size 14876672 extends beyond EOD, truncated
[   45.980583][ T3870] loop3: p5 size 134217732 extends beyond EOD, truncated
[   45.996977][ T3893] netlink: 'syz.4.105': attribute type 29 has an invalid length.
[   46.004875][ T3893] netlink: 'syz.4.105': attribute type 4 has an invalid length.
[   46.031853][ T1673] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   46.041287][ T3870] loop3: p6 size 14876672 extends beyond EOD, truncated
[   46.085639][ T3899] FAULT_INJECTION: forcing a failure.
[   46.085639][ T3899] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   46.098779][ T3899] CPU: 1 UID: 0 PID: 3899 Comm: syz.4.108 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   46.098806][ T3899] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[   46.098818][ T3899] Call Trace:
[   46.098824][ T3899]  <TASK>
[   46.098836][ T3899]  __dump_stack+0x1d/0x30
[   46.098888][ T3899]  dump_stack_lvl+0x95/0xd0
[   46.098908][ T3899]  dump_stack+0x15/0x1b
[   46.098958][ T3899]  should_fail_ex+0x263/0x280
[   46.098987][ T3899]  should_fail+0xb/0x20
[   46.099017][ T3899]  should_fail_usercopy+0x1a/0x20
[   46.099133][ T3899]  _copy_from_user+0x1c/0xb0
[   46.099153][ T3899]  ? __pfx_vlan_ioctl_handler+0x10/0x10
[   46.099206][ T3899]  vlan_ioctl_handler+0x4c/0x530
[   46.099237][ T3899]  ? __pfx_vlan_ioctl_handler+0x10/0x10
[   46.099262][ T3899]  sock_ioctl+0x4a7/0x610
[   46.099374][ T3899]  ? mutex_lock+0x57/0x90
[   46.099404][ T3899]  ? __pfx_sock_ioctl+0x10/0x10
[   46.099489][ T3899]  __se_sys_ioctl+0xce/0x140
[   46.099584][ T3899]  __x64_sys_ioctl+0x43/0x50
[   46.099622][ T3899]  x64_sys_call+0x14b0/0x3000
[   46.099658][ T3899]  do_syscall_64+0xc0/0x2a0
[   46.099687][ T3899]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   46.099720][ T3899] RIP: 0033:0x7f71d24caeb9
[   46.099740][ T3899] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   46.099819][ T3899] RSP: 002b:00007f71d0f27028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   46.099908][ T3899] RAX: ffffffffffffffda RBX: 00007f71d2745fa0 RCX: 00007f71d24caeb9
[   46.099923][ T3899] RDX: 00002000000000c0 RSI: 0000000000008982 RDI: 0000000000000003
[   46.099935][ T3899] RBP: 00007f71d0f27090 R08: 0000000000000000 R09: 0000000000000000
[   46.099947][ T3899] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   46.099958][ T3899] R13: 00007f71d2746038 R14: 00007f71d2745fa0 R15: 00007ffe919241c8
[   46.099982][ T3899]  </TASK>
[   46.336658][ T3905] netlink: 'syz.4.109': attribute type 1 has an invalid length.
[   46.386920][ T3896] bridge_slave_0: left allmulticast mode
[   46.392832][ T3896] bridge_slave_0: left promiscuous mode
[   46.398551][ T3896] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.418512][ T3896] bridge_slave_1: left allmulticast mode
[   46.424350][ T3896] bridge_slave_1: left promiscuous mode
[   46.430099][ T3896] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.446076][ T3896] bond0: (slave bond_slave_0): Releasing backup interface
[   46.457045][ T3896] bond0: (slave bond_slave_1): Releasing backup interface
[   46.482788][ T3896] team0: Port device team_slave_0 removed
[   46.492213][ T3896] team0: Port device team_slave_1 removed
[   46.501169][ T3896] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   46.508885][ T3896] batman_adv: batadv0: Removing interface: batadv_slave_0
[   46.528001][ T3896] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   46.535488][ T3896] batman_adv: batadv0: Removing interface: batadv_slave_1
[   46.546091][ T3896] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[   46.647543][ T3910] loop5: detected capacity change from 0 to 8192
[   46.713979][ T3636]  loop5: p1 < > p2 p3 < p5 p6 > p4
[   46.719283][ T3636] loop5: partition table partially beyond EOD, truncated
[   46.746395][ T3636] loop5: p1 start 100663296 is beyond EOD, truncated
[   46.753277][ T3636] loop5: p2 size 134217732 extends beyond EOD, truncated
[   46.781881][ T3636] loop5: p4 size 14876672 extends beyond EOD, truncated
[   46.798108][ T3636] loop5: p5 size 134217732 extends beyond EOD, truncated
[   46.826792][ T3925] loop3: detected capacity change from 0 to 8192
[   46.837022][ T3935] loop4: detected capacity change from 0 to 512
[   46.846521][ T3636] loop5: p6 size 14876672 extends beyond EOD, truncated
[   46.868626][ T3910]  loop5: p1 < > p2 p3 < p5 p6 > p4
[   46.874045][ T3910] loop5: partition table partially beyond EOD, truncated
[   46.882253][ T3910] loop5: p1 start 100663296 is beyond EOD, truncated
[   46.882800][ T3724]  loop3: p1 < > p2 p3 < p5 p6 > p4
[   46.889027][ T3910] loop5: p2 size 134217732 extends beyond EOD, 
[   46.894290][ T3724] loop3: partition table partially beyond EOD, truncated
[   46.907627][ T3910] truncated
[   46.908187][ T3724] loop3: p1 start 100663296 is beyond EOD, truncated
[   46.917528][ T3724] loop3: p2 size 134217732 extends beyond EOD, truncated
[   46.951360][ T3910] loop5: p4 size 14876672 extends beyond EOD, truncated
[   46.961621][ T3724] loop3: p4 size 14876672 extends beyond EOD, truncated
[   46.975496][ T3724] loop3: p5 size 134217732 extends beyond EOD, truncated
[   46.983601][ T3910] loop5: p5 size 134217732 extends beyond EOD, truncated
[   46.989090][ T3724] loop3: p6 size 14876672 extends beyond EOD, truncated
[   47.028340][ T3910] loop5: p6 size 14876672 extends beyond EOD, truncated
[   47.040365][ T3925]  loop3: p1 < > p2 p3 < p5 p6 > p4
[   47.045730][ T3925] loop3: partition table partially beyond EOD, truncated
[   47.063333][ T3925] loop3: p1 start 100663296 is beyond EOD, truncated
[   47.063417][ T3925] loop3: p2 size 134217732 extends beyond EOD, truncated
[   47.085768][ T3925] loop3: p4 size 14876672 extends beyond EOD, truncated
[   47.086591][ T3925] loop3: p5 size 134217732 extends beyond EOD, truncated
[   47.087299][ T3925] loop3: p6 size 14876672 extends beyond EOD, truncated
[   47.307927][ T3954] 9p: Could not find request transport: td
[   47.359468][ T3961] loop3: detected capacity change from 0 to 1024
[   47.385133][ T3961] EXT4-fs: Ignoring removed orlov option
[   47.398335][ T3961] EXT4-fs (loop3): stripe (133) is not aligned with cluster size (16), stripe is disabled
[   47.430634][ T3961] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   47.454376][ T3954] EXT4-fs error (device loop3): ext4_check_all_de:659: inode #12: block 7: comm syz.3.128: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0
[   47.477180][ T3954] EXT4-fs (loop3): Remounting filesystem read-only
[   47.496522][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.514402][ T3979] vlan3: entered allmulticast mode
[   47.519568][ T3979] vlan0: entered allmulticast mode
[   47.524763][ T3979] veth0_vlan: entered allmulticast mode
[   47.571541][ T3981] tipc: Failed to remove unknown binding: 66,1,1/4278255617:3443746533/3443746535
[   47.681687][ T3988] tipc: Started in network mode
[   47.686734][ T3988] tipc: Node identity ff010000000000000000000000000001, cluster identity 4711
[   47.695818][ T3988] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[   47.727238][ T3993] tipc: Started in network mode
[   47.732279][ T3993] tipc: Node identity ff010000000000000000000000000001, cluster identity 4711
[   47.741315][ T3993] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[   47.760760][ T3988] tipc: Enabled bearer <udp:syz2>, priority 10
[   47.771128][ T3993] loop5: detected capacity change from 0 to 1024
[   47.786013][ T3993] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (24670!=35945)
[   47.806054][ T3993] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   47.833689][ T3993] EXT4-fs (loop5): revision level too high, forcing read-only mode
[   47.855715][ T3993] EXT4-fs (loop5): Can't support bigalloc feature without extents feature
[   47.855715][ T3993] 
[   47.866570][ T3993] EXT4-fs (loop5): Skipping orphan cleanup due to unknown ROCOMPAT features
[   47.904621][ T3993] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   47.928388][ T4008] xt_TCPMSS: Only works on TCP SYN packets
[   47.937316][ T3993] EXT4-fs error (device loop5): ext4_search_dir:1474: inode #2: block 16: comm syz.5.141: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0
[   47.956423][ T4003] 9pnet: p9_errstr2errno: server reported unknown error 
[   48.037459][ T3993] tipc: Enabled bearer <udp:syz2>, priority 10
[   48.101308][ T3604] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.139619][ T4021] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23 sclass=netlink_route_socket pid=4021 comm=syz.1.154
[   48.316127][ T4046] loop3: detected capacity change from 0 to 4096
[   48.334037][ T4046] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   48.354836][ T4046] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #15: comm syz.3.160: corrupted inode contents
[   48.376246][ T4046] EXT4-fs error (device loop3): ext4_dirty_inode:6502: inode #15: comm syz.3.160: mark_inode_dirty error
[   48.388738][ T4046] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #15: comm syz.3.160: corrupted inode contents
[   48.401354][ T4046] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #15: comm syz.3.160: mark_inode_dirty error
[   48.416705][ T4046] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #15: comm syz.3.160: corrupted inode contents
[   48.429060][ T4046] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #15: comm syz.3.160: mark_inode_dirty error
[   48.441000][ T4046] EXT4-fs error (device loop3): ext4_do_update_inode:5617: inode #15: comm syz.3.160: corrupted inode contents
[   48.454028][ T4046] EXT4-fs error (device loop3): ext4_truncate:4635: inode #15: comm syz.3.160: mark_inode_dirty error
[   48.465867][ T4046] EXT4-fs error (device loop3) in ext4_setattr:6035: Corrupt filesystem
[   48.495584][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.593480][ T4066] netlink: 'syz.5.167': attribute type 10 has an invalid length.
[   48.604473][ T4066] ipvlan2: entered promiscuous mode
[   48.611180][ T4066] bridge0: port 3(ipvlan2) entered blocking state
[   48.617844][ T4066] bridge0: port 3(ipvlan2) entered disabled state
[   48.672778][ T4066] ipvlan2: entered allmulticast mode
[   48.678184][ T4066] bridge0: entered allmulticast mode
[   48.688909][ T4066] ipvlan2: left allmulticast mode
[   48.694029][ T4066] bridge0: left allmulticast mode
[   48.713123][ T4076] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23 sclass=netlink_route_socket pid=4076 comm=syz.2.169
[   48.871460][   T10] tipc: Node number set to 4278255617
[   48.887741][ T4096] netlink: 'syz.1.178': attribute type 4 has an invalid length.
[   48.955874][ T4106] 9p: Bad value for 'rfdno'
[   49.051790][ T4115] ip6tnl0: Caught tx_queue_len zero misconfig
[   49.066171][ T4119] netlink: 'syz.5.186': attribute type 63 has an invalid length.
[   49.074045][ T4119] netlink: 'syz.5.186': attribute type 27 has an invalid length.
[   49.088803][ T4119] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2305 sclass=netlink_route_socket pid=4119 comm=syz.5.186
[   49.151043][ T1035] tipc: Node number set to 4278255617
[   49.183311][   T29] kauditd_printk_skb: 191 callbacks suppressed
[   49.183329][   T29] audit: type=1400 audit(1770488938.449:470): avc:  denied  { mount } for  pid=4133 comm="syz.4.193" name="/" dev="ramfs" ino=8203 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[   49.244402][   T29] audit: type=1400 audit(1770488938.489:471): avc:  denied  { create } for  pid=4139 comm="syz.3.194" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   49.263972][   T29] audit: type=1400 audit(1770488938.499:472): avc:  denied  { ioctl } for  pid=4139 comm="syz.3.194" path="socket:[7441]" dev="sockfs" ino=7441 ioctlcmd=0x89f8 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   49.299024][ T4145] loop2: detected capacity change from 0 to 512
[   49.307311][ T4144] IPVS: set_ctl: invalid protocol: 0 172.20.20.39:20003
[   49.316922][ T4149] 9p: Bad value for 'rfdno'
[   49.325342][ T4145] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[   49.340092][ T4145] EXT4-fs (loop2): orphan cleanup on readonly fs
[   49.347239][ T4145] EXT4-fs error (device loop2): __ext4_iget:5426: inode #11: block 8: comm syz.2.188: invalid block
[   49.358900][ T4145] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.188: couldn't read orphan inode 11 (err -117)
[   49.371898][ T4145] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   49.480449][   T29] audit: type=1400 audit(1770488938.729:473): avc:  denied  { bind } for  pid=4159 comm="syz.1.202" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   49.499728][   T29] audit: type=1400 audit(1770488938.729:474): avc:  denied  { name_bind } for  pid=4159 comm="syz.1.202" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[   49.521563][   T29] audit: type=1400 audit(1770488938.729:475): avc:  denied  { node_bind } for  pid=4159 comm="syz.1.202" saddr=::1 src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1
[   49.543098][   T29] audit: type=1400 audit(1770488938.729:476): avc:  denied  { listen } for  pid=4159 comm="syz.1.202" laddr=::1 lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   49.698455][   T29] audit: type=1326 audit(1770488938.849:477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4161 comm="syz.3.204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ff48eaeb9 code=0x7ffc0000
[   49.714135][ T4170] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23 sclass=netlink_route_socket pid=4170 comm=syz.3.205
[   49.721822][   T29] audit: type=1326 audit(1770488938.849:478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4161 comm="syz.3.204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ff48eaeb9 code=0x7ffc0000
[   49.758050][   T29] audit: type=1326 audit(1770488938.849:479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4161 comm="syz.3.204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ff48eaeb9 code=0x7ffc0000
[   49.786064][ T4166] loop4: detected capacity change from 0 to 512
[   49.794264][ T4166] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   49.860985][ T4166] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   49.874510][ T4166] ext4 filesystem being mounted at /36/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   49.912725][ T4180] FAULT_INJECTION: forcing a failure.
[   49.912725][ T4180] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   49.925994][ T4180] CPU: 0 UID: 0 PID: 4180 Comm: syz.5.206 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   49.926029][ T4180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[   49.926045][ T4180] Call Trace:
[   49.926054][ T4180]  <TASK>
[   49.926089][ T4180]  __dump_stack+0x1d/0x30
[   49.926118][ T4180]  dump_stack_lvl+0x95/0xd0
[   49.926146][ T4180]  dump_stack+0x15/0x1b
[   49.926165][ T4180]  should_fail_ex+0x263/0x280
[   49.926226][ T4180]  should_fail+0xb/0x20
[   49.926332][ T4180]  should_fail_usercopy+0x1a/0x20
[   49.926424][ T4180]  _copy_from_user+0x1c/0xb0
[   49.926531][ T4180]  ___sys_sendmsg+0xc1/0x1e0
[   49.926571][ T4180]  __x64_sys_sendmsg+0xd4/0x160
[   49.926602][ T4180]  x64_sys_call+0x17ba/0x3000
[   49.926711][ T4180]  do_syscall_64+0xc0/0x2a0
[   49.926751][ T4180]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   49.926857][ T4180] RIP: 0033:0x7f4b7f56aeb9
[   49.926877][ T4180] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   49.926959][ T4180] RSP: 002b:00007f4b7dfc7028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   49.926986][ T4180] RAX: ffffffffffffffda RBX: 00007f4b7f7e5fa0 RCX: 00007f4b7f56aeb9
[   49.926999][ T4180] RDX: 0000000000008040 RSI: 00002000000003c0 RDI: 0000000000000003
[   49.927011][ T4180] RBP: 00007f4b7dfc7090 R08: 0000000000000000 R09: 0000000000000000
[   49.927023][ T4180] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   49.927034][ T4180] R13: 00007f4b7f7e6038 R14: 00007f4b7f7e5fa0 R15: 00007ffd03a12cd8
[   49.927138][ T4180]  </TASK>
[   50.100093][ T4166] EXT4-fs (loop4): shut down requested (0)
[   50.183492][ T3316] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.196175][ T4191] 9p: Bad value for 'rfdno'
[   50.201573][ T4191] __nla_validate_parse: 22 callbacks suppressed
[   50.201592][ T4191] netlink: 28 bytes leftover after parsing attributes in process `syz.5.211'.
[   50.216850][ T4191] netlink: 28 bytes leftover after parsing attributes in process `syz.5.211'.
[   50.227156][ T4188] netlink: 'syz.3.210': attribute type 2 has an invalid length.
[   50.284744][ T4198] loop5: detected capacity change from 0 to 1024
[   50.320334][ T4204] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23 sclass=netlink_route_socket pid=4204 comm=syz.3.217
[   50.343017][ T4198] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   50.403468][ T3604] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.433112][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.508439][ T4214] loop5: detected capacity change from 0 to 8192
[   50.527209][ T4212] loop3: detected capacity change from 0 to 8192
[   50.563145][ T4214]  loop5: p1 < > p2 p3 < p5 p6 > p4
[   50.568409][ T4214] loop5: partition table partially beyond EOD, truncated
[   50.578447][ T4214] loop5: p1 start 100663296 is beyond EOD, truncated
[   50.585310][ T4214] loop5: p2 size 134217732 extends beyond EOD, truncated
[   50.599907][ T4214] loop5: p4 size 14876672 extends beyond EOD, truncated
[   50.607947][ T4214] loop5: p5 size 134217732 extends beyond EOD, truncated
[   50.617035][ T4214] loop5: p6 size 14876672 extends beyond EOD, truncated
[   50.665046][ T3000]  loop5: p1 < > p2 p3 < p5 p6 > p4
[   50.670371][ T3000] loop5: partition table partially beyond EOD, truncated
[   50.677774][ T3000] loop5: p1 start 100663296 is beyond EOD, truncated
[   50.684552][ T3000] loop5: p2 size 134217732 extends beyond EOD, truncated
[   50.692573][ T4212]  loop3: p1 < > p2 p3 < p5 p6 > p4
[   50.697835][ T4212] loop3: partition table partially beyond EOD, truncated
[   50.706071][ T4212] loop3: p1 start 100663296 is beyond EOD, truncated
[   50.713163][ T4212] loop3: p2 size 134217732 extends beyond EOD, truncated
[   50.722371][ T4212] loop3: p4 size 14876672 extends beyond EOD, truncated
[   50.722873][ T3000] loop5: p4 size 14876672 extends beyond EOD, truncated
[   50.732433][ T4212] loop3: p5 size 134217732 extends beyond EOD, truncated
[   50.744609][ T4212] loop3: p6 size 14876672 extends beyond EOD, truncated
[   50.751031][ T3000] loop5: p5 size 134217732 extends beyond EOD, truncated
[   50.759347][ T3000] loop5: p6 size 14876672 extends beyond EOD, truncated
[   50.805529][ T3636] udevd[3636]: inotify_add_watch(7, /dev/loop5p2, 10) failed: No such file or directory
[   50.818300][ T3632] udevd[3632]: inotify_add_watch(7, /dev/loop5p4, 10) failed: No such file or directory
[   50.843283][ T3305] udevd[3305]: inotify_add_watch(7, /dev/loop5p5, 10) failed: No such file or directory
[   50.853854][ T3724] udevd[3724]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory
[   50.866033][ T3306] udevd[3306]: inotify_add_watch(7, /dev/loop5p6, 10) failed: No such file or directory
[   50.909835][ T3724] udevd[3724]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[   50.920482][ T3305] udevd[3305]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory
[   50.923568][ T3306] udevd[3306]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[   50.936324][ T3636] udevd[3636]: inotify_add_watch(7, /dev/loop5p2, 10) failed: No such file or directory
[   50.957056][ T3302] udevd[3302]: inotify_add_watch(7, /dev/loop3p5, 10) failed: No such file or directory
[   51.005592][ T4231] netlink: 'syz.3.224': attribute type 2 has an invalid length.
[   51.041358][ T4234] netlink: 16 bytes leftover after parsing attributes in process `syz.3.225'.
[   51.259705][ T4240] capability: warning: `syz.2.227' uses deprecated v2 capabilities in a way that may be insecure
[   51.286640][ T4242] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23 sclass=netlink_route_socket pid=4242 comm=syz.3.228
[   51.449747][ T4263] netlink: 'syz.4.235': attribute type 2 has an invalid length.
[   51.528695][ T4272] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23 sclass=netlink_route_socket pid=4272 comm=syz.2.240
[   51.568637][ T4274] loop5: detected capacity change from 0 to 512
[   51.580265][ T4274] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   51.630237][ T4280] netlink: 20 bytes leftover after parsing attributes in process `syz.4.241'.
[   51.713163][ T4296] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=61464 sclass=netlink_route_socket pid=4296 comm=syz.4.246
[   51.813291][ T4289] netlink: 1304 bytes leftover after parsing attributes in process `syz.3.243'.
[   51.972387][ T4316] pim6reg0: tun_chr_ioctl cmd 1074025677
[   51.981859][ T4316] pim6reg0: linktype set to 780
[   52.093496][ T4330] loop5: detected capacity change from 0 to 512
[   52.110017][ T4330] EXT4-fs: Ignoring removed i_version option
[   52.116085][ T4330] EXT4-fs: Ignoring removed bh option
[   52.186022][ T4330] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   52.201892][ T4328] loop2: detected capacity change from 0 to 8192
[   52.209946][ T4330] ext4 filesystem being mounted at /36/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   52.270341][ T3636]  loop2: p1 < > p2 p3 < p5 p6 > p4
[   52.275611][ T3636] loop2: partition table partially beyond EOD, truncated
[   52.289686][ T3636] loop2: p1 start 100663296 is beyond EOD, truncated
[   52.296451][ T3636] loop2: p2 size 134217732 extends beyond EOD, truncated
[   52.307317][   T10] IPVS: starting estimator thread 0...
[   52.320030][ T4330] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.333767][ T3636] loop2: p4 size 14876672 extends beyond EOD, truncated
[   52.356503][ T3636] loop2: p5 size 134217732 extends beyond EOD, truncated
[   52.370412][ T3636] loop2: p6 size 14876672 extends beyond EOD, truncated
[   52.385779][ T4358] netlink: 8 bytes leftover after parsing attributes in process `syz.4.260'.
[   52.399444][ T4352] IPVS: using max 2256 ests per chain, 112800 per kthread
[   52.411601][ T4328]  loop2: p1 < > p2 p3 < p5 p6 > p4
[   52.416884][ T4328] loop2: partition table partially beyond EOD, truncated
[   52.430071][ T4328] loop2: p1 start 100663296 is beyond EOD, truncated
[   52.436859][ T4328] loop2: p2 size 134217732 extends beyond EOD, truncated
[   52.462455][ T4328] loop2: p4 size 14876672 extends beyond EOD, truncated
[   52.476040][ T4328] loop2: p5 size 134217732 extends beyond EOD, truncated
[   52.484201][ T4328] loop2: p6 size 14876672 extends beyond EOD, truncated
[   52.690042][ T4385] netlink: 4 bytes leftover after parsing attributes in process `syz.5.271'.
[   52.757653][ T4383] netlink: 'syz.1.265': attribute type 83 has an invalid length.
[   53.319180][ T4411] netlink: 1304 bytes leftover after parsing attributes in process `syz.2.277'.
[   53.395993][ T4418] netlink: 8 bytes leftover after parsing attributes in process `syz.5.281'.
[   53.426163][ T4417] loop5: detected capacity change from 0 to 512
[   53.470814][ T4417] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   53.514765][ T4417] EXT4-fs error (device loop5): ext4_readdir:224: inode #12: comm syz.5.281: path /44/file0/file0: directory fails checksum at offset 0
[   53.691036][ T4422] tmpfs: Bad value for 'mpol'
[   53.710574][ T4422] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   53.735586][ T4422] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   53.929018][ T4425] netlink: 'syz.2.283': attribute type 39 has an invalid length.
[   53.937976][ T4424] netlink: 'syz.2.283': attribute type 39 has an invalid length.
[   54.211731][   T29] kauditd_printk_skb: 292 callbacks suppressed
[   54.211757][   T29] audit: type=1400 audit(1770488943.481:772): avc:  denied  { read append } for  pid=4428 comm="syz.2.285" name="event2" dev="devtmpfs" ino=245 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   54.241967][   T29] audit: type=1400 audit(1770488943.481:773): avc:  denied  { open } for  pid=4428 comm="syz.2.285" path="/dev/input/event2" dev="devtmpfs" ino=245 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   54.289082][ T4432] netlink: 'syz.1.286': attribute type 2 has an invalid length.
[   54.702178][ T4445] netlink: 'syz.1.291': attribute type 2 has an invalid length.
[   54.896633][   T29] audit: type=1400 audit(1770488944.162:774): avc:  denied  { bind } for  pid=4448 comm="syz.1.293" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   54.915884][   T29] audit: type=1400 audit(1770488944.162:775): avc:  denied  { setopt } for  pid=4448 comm="syz.1.293" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   54.935266][   T29] audit: type=1400 audit(1770488944.162:776): avc:  denied  { write } for  pid=4448 comm="syz.1.293" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   55.095236][ T4456] netlink: 24 bytes leftover after parsing attributes in process `syz.2.296'.
[   55.148800][ T4458] netlink: 'syz.2.297': attribute type 2 has an invalid length.
[   55.263234][ T4470] macvlan2: entered allmulticast mode
[   55.268731][ T4470] vlan1: entered allmulticast mode
[   55.322325][ T4481] =======================================================
[   55.322325][ T4481] WARNING: The mand mount option has been deprecated and
[   55.322325][ T4481]          and is ignored by this kernel. Remove the mand
[   55.322325][ T4481]          option from the mount to silence this warning.
[   55.322325][ T4481] =======================================================
[   55.357782][   T29] audit: type=1400 audit(1770488944.592:777): avc:  denied  { remount } for  pid=4477 comm="syz.2.301" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   55.384847][ T4478] loop2: detected capacity change from 0 to 512
[   55.404585][ T4478] workqueue: Failed to create a rescuer kthread for wq "ext4-rsv-conversion": -EINTR
[   55.404614][ T4478] EXT4-fs: failed to create workqueue
[   55.419728][ T4478] EXT4-fs (loop2): mount failed
[   55.560086][ T4508] FAULT_INJECTION: forcing a failure.
[   55.560086][ T4508] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   55.573321][ T4508] CPU: 0 UID: 0 PID: 4508 Comm: syz.1.307 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   55.573352][ T4508] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[   55.573383][ T4508] Call Trace:
[   55.573442][ T4508]  <TASK>
[   55.573450][ T4508]  __dump_stack+0x1d/0x30
[   55.573476][ T4508]  dump_stack_lvl+0x95/0xd0
[   55.573496][ T4508]  dump_stack+0x15/0x1b
[   55.573514][ T4508]  should_fail_ex+0x263/0x280
[   55.573616][ T4508]  should_fail+0xb/0x20
[   55.573689][ T4508]  should_fail_usercopy+0x1a/0x20
[   55.573727][ T4508]  _copy_from_user+0x1c/0xb0
[   55.573820][ T4508]  __copy_msghdr+0x244/0x300
[   55.573862][ T4508]  ___sys_sendmsg+0x10c/0x1e0
[   55.573898][ T4508]  __x64_sys_sendmsg+0xd4/0x160
[   55.573923][ T4508]  x64_sys_call+0x17ba/0x3000
[   55.573973][ T4508]  do_syscall_64+0xc0/0x2a0
[   55.574011][ T4508]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   55.574099][ T4508] RIP: 0033:0x7fcd7834aeb9
[   55.574115][ T4508] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   55.574132][ T4508] RSP: 002b:00007fcd76d9f028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   55.574205][ T4508] RAX: ffffffffffffffda RBX: 00007fcd785c5fa0 RCX: 00007fcd7834aeb9
[   55.574223][ T4508] RDX: 0000000000008040 RSI: 00002000000003c0 RDI: 0000000000000003
[   55.574240][ T4508] RBP: 00007fcd76d9f090 R08: 0000000000000000 R09: 0000000000000000
[   55.574255][ T4508] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   55.574328][ T4508] R13: 00007fcd785c6038 R14: 00007fcd785c5fa0 R15: 00007ffd5c9ffe58
[   55.574350][ T4508]  </TASK>
[   55.780106][ T4511] netlink: 20 bytes leftover after parsing attributes in process `syz.1.308'.
[   55.898791][ T4530] netlink: 'syz.1.312': attribute type 6 has an invalid length.
[   55.906568][ T4530] netlink: 56 bytes leftover after parsing attributes in process `syz.1.312'.
[   56.003100][ T4546] netlink: 8 bytes leftover after parsing attributes in process `syz.1.317'.
[   56.196056][ T4568] netlink: 'syz.1.322': attribute type 4 has an invalid length.
[   56.249016][   T29] audit: type=1400 audit(1770488945.522:778): avc:  denied  { create } for  pid=4574 comm="syz.3.324" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[   56.282533][   T29] audit: type=1400 audit(1770488945.552:779): avc:  denied  { name_bind } for  pid=4574 comm="syz.3.324" src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[   56.351301][ T3604] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.393549][ T4587] netlink: 8 bytes leftover after parsing attributes in process `syz.4.328'.
[   56.425750][ T4589] loop2: detected capacity change from 0 to 164
[   56.475328][   T29] audit: type=1400 audit(1770488945.723:780): avc:  denied  { mount } for  pid=4586 comm="syz.2.329" name="/" dev="loop2" ino=1792 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1
[   56.812308][   T29] audit: type=1400 audit(1770488946.033:781): avc:  denied  { read } for  pid=4579 comm="syz.1.325" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[   56.946822][ T4584] sctp: [Deprecated]: syz.3.324 (pid 4584) Use of int in max_burst socket option deprecated.
[   56.946822][ T4584] Use struct sctp_assoc_value instead
[   57.014799][ T4603] netlink: 1304 bytes leftover after parsing attributes in process `syz.5.332'.
[   57.120860][ T4612] netlink: 'syz.4.337': attribute type 12 has an invalid length.
[   57.352283][ T4628] pimreg3: entered allmulticast mode
[   57.442259][ T4633] netlink: 4 bytes leftover after parsing attributes in process `syz.5.346'.
[   57.499441][ T4641] netlink: 'syz.5.349': attribute type 29 has an invalid length.
[   57.507319][ T4641] netlink: 'syz.5.349': attribute type 4 has an invalid length.
[   57.530527][ T4646] process 'syz.3.347' launched '/dev/fd/7' with NULL argv: empty string added
[   57.592144][ T4649] netlink: 1300 bytes leftover after parsing attributes in process `syz.1.351'.
[   58.086219][ T4713] loop4: detected capacity change from 0 to 256
[   58.103358][ T4715] loop2: detected capacity change from 0 to 512
[   58.111657][ T4713] netlink: 8 bytes leftover after parsing attributes in process `syz.4.381'.
[   58.120879][ T4713] netdevsim netdevsim4 netdevsim0: entered allmulticast mode
[   58.141318][ T4715] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   58.141540][ T4715] ext4 filesystem being mounted at /79/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   58.173490][ T4715] EXT4-fs error (device loop2): ext4_xattr_block_get:597: inode #12: comm syz.2.380: corrupted xattr block 6: invalid header
[   58.173743][ T4715] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=12
[   58.173773][ T4715] EXT4-fs error (device loop2): ext4_xattr_block_get:597: inode #12: comm syz.2.380: corrupted xattr block 6: invalid header
[   58.173960][ T4715] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=12
[   58.174087][ T4715] EXT4-fs error (device loop2): ext4_xattr_block_get:597: inode #12: comm syz.2.380: corrupted xattr block 6: invalid header
[   58.254170][ T3316] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   58.272643][ T4726] netlink: 24 bytes leftover after parsing attributes in process `syz.5.383'.
[   58.272671][ T4726] netlink: 48 bytes leftover after parsing attributes in process `syz.5.383'.
[   58.737491][ T4776] loop4: detected capacity change from 0 to 1764
[   58.744216][ T4776] iso9660: Bad value for 'sbsector'
[   59.000254][ T4806] loop2: detected capacity change from 0 to 8192
[   59.037455][ T4813] loop3: detected capacity change from 0 to 164
[   59.047031][ T4806]  loop2: p1 < > p2 p3 < p5 p6 > p4
[   59.052286][ T4806] loop2: partition table partially beyond EOD, truncated
[   59.060103][ T4806] loop2: p1 start 100663296 is beyond EOD, truncated
[   59.066888][ T4806] loop2: p2 size 134217732 extends beyond EOD, truncated
[   59.110590][ T4806] loop2: p4 size 14876672 extends beyond EOD, truncated
[   59.128420][ T4806] loop2: p5 size 134217732 extends beyond EOD, truncated
[   59.147410][ T4806] loop2: p6 size 14876672 extends beyond EOD, truncated
[   59.450520][ T4826] tipc: Started in network mode
[   59.455551][ T4826] tipc: Node identity ff010000000000000000000000000001, cluster identity 4711
[   59.464499][ T4826] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[   59.518566][ T4832] loop2: detected capacity change from 0 to 1024
[   59.531270][ T4832] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (24670!=35945)
[   59.550580][ T4832] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   59.574739][   T29] kauditd_printk_skb: 173 callbacks suppressed
[   59.574756][   T29] audit: type=1400 audit(1770488948.834:955): avc:  denied  { create } for  pid=4830 comm="syz.4.428" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   59.645585][ T4832] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   59.694220][   T29] audit: type=1400 audit(1770488948.834:956): avc:  denied  { accept } for  pid=4830 comm="syz.4.428" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   59.714264][ T4832] EXT4-fs (loop2): Can't support bigalloc feature without extents feature
[   59.714264][ T4832] 
[   59.725112][ T4832] EXT4-fs (loop2): Skipping orphan cleanup due to unknown ROCOMPAT features
[   59.765549][   T29] audit: type=1400 audit(1770488949.024:957): avc:  denied  { name_connect } for  pid=4842 comm="syz.5.433" dest=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=sctp_socket permissive=1
[   59.822889][ T4832] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   59.852928][ T4826] EXT4-fs error (device loop2): ext4_search_dir:1474: inode #2: block 16: comm syz.2.425: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0
[   59.926218][ T4826] tipc: Enabled bearer <udp:syz2>, priority 10
[   59.951481][ T3316] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   60.162301][ T4856] loop2: detected capacity change from 0 to 8192
[   60.207304][ T4856]  loop2: p1 < > p2 p3 < p5 p6 > p4
[   60.212569][ T4856] loop2: partition table partially beyond EOD, truncated
[   60.253946][ T4856] loop2: p1 start 100663296 is beyond EOD, truncated
[   60.260817][ T4856] loop2: p2 size 134217732 extends beyond EOD, truncated
[   60.285718][   T29] audit: type=1400 audit(1770488949.544:958): avc:  denied  { create } for  pid=4859 comm="syz.5.441" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   60.305828][   T29] audit: type=1400 audit(1770488949.544:959): avc:  denied  { write } for  pid=4859 comm="syz.5.441" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   60.325903][   T29] audit: type=1400 audit(1770488949.544:960): avc:  denied  { nlmsg_write } for  pid=4859 comm="syz.5.441" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   60.366735][ T4856] loop2: p4 size 14876672 extends beyond EOD, truncated
[   60.388880][ T4856] loop2: p5 size 134217732 extends beyond EOD, truncated
[   60.406803][ T4856] loop2: p6 size 14876672 extends beyond EOD, truncated
[   60.419498][ T4858] loop4: detected capacity change from 0 to 256
[   60.644439][   T29] audit: type=1400 audit(1770488949.905:961): avc:  denied  { mount } for  pid=4857 comm="syz.4.440" name="/" dev="loop4" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[   60.706446][ T3636] udevd[3636]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[   60.725661][ T3305] udevd[3305]: inotify_add_watch(7, /dev/loop2p5, 10) failed: No such file or directory
[   60.735648][   T29] audit: type=1400 audit(1770488949.985:962): avc:  denied  { read } for  pid=4868 comm="syz.2.444" name="qrtr-tun" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   60.758388][   T29] audit: type=1400 audit(1770488949.985:963): avc:  denied  { open } for  pid=4868 comm="syz.2.444" path="/dev/qrtr-tun" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   60.781726][   T29] audit: type=1400 audit(1770488949.985:964): avc:  denied  { create } for  pid=4868 comm="syz.2.444" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[   60.793632][ T3724] udevd[3724]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[   60.813628][ T3306] udevd[3306]: inotify_add_watch(7, /dev/loop2p6, 10) failed: No such file or directory
[   60.820751][ T3632] udevd[3632]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[   60.894277][ T4877] loop5: detected capacity change from 0 to 1024
[   60.908054][ T4877] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (24670!=35945)
[   60.924328][ T4877] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   60.967256][ T4877] EXT4-fs (loop5): revision level too high, forcing read-only mode
[   60.976099][ T4877] EXT4-fs (loop5): Can't support bigalloc feature without extents feature
[   60.976099][ T4877] 
[   60.986889][ T4877] EXT4-fs (loop5): Skipping orphan cleanup due to unknown ROCOMPAT features
[   60.996130][ T4876] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   61.088188][   T10] tipc: Node number set to 4278255617
[   61.126722][ T4877] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   61.142147][ T4872] EXT4-fs error (device loop5): ext4_search_dir:1474: inode #2: block 16: comm syz.5.446: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0
[   61.162435][ T4872] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   61.182880][ T3604] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   61.205445][ T4888] __nla_validate_parse: 11 callbacks suppressed
[   61.205462][ T4888] netlink: 24 bytes leftover after parsing attributes in process `syz.5.447'.
[   61.329000][ T4899] netlink: 528 bytes leftover after parsing attributes in process `syz.5.452'.
[   61.361271][ T4894] syz.4.451 uses obsolete (PF_INET,SOCK_PACKET)
[   61.432384][ T4903] loop5: detected capacity change from 0 to 8192
[   61.475533][ T3636]  loop5: p1 < > p2 p3 < p5 p6 > p4
[   61.480796][ T3636] loop5: partition table partially beyond EOD, truncated
[   61.488015][ T3636] loop5: p1 start 100663296 is beyond EOD, truncated
[   61.494783][ T3636] loop5: p2 size 134217732 extends beyond EOD, truncated
[   61.503255][ T3636] loop5: p4 size 14876672 extends beyond EOD, truncated
[   61.516282][ T3636] loop5: p5 size 134217732 extends beyond EOD, truncated
[   61.524518][ T3636] loop5: p6 size 14876672 extends beyond EOD, truncated
[   61.544208][ T4903]  loop5: p1 < > p2 p3 < p5 p6 > p4
[   61.549579][ T4903] loop5: partition table partially beyond EOD, truncated
[   61.563535][ T4914] netlink: 24 bytes leftover after parsing attributes in process `syz.4.459'.
[   61.600883][ T4903] loop5: p1 start 100663296 is beyond EOD, truncated
[   61.607659][ T4903] loop5: p2 size 134217732 extends beyond EOD, truncated
[   61.636881][ T4920] netlink: 528 bytes leftover after parsing attributes in process `syz.2.463'.
[   61.651416][ T4903] loop5: p4 size 14876672 extends beyond EOD, truncated
[   61.672170][ T4903] loop5: p5 size 134217732 extends beyond EOD, truncated
[   61.691872][ T4903] loop5: p6 size 14876672 extends beyond EOD, truncated
[   61.739354][ T4925] loop3: detected capacity change from 0 to 512
[   61.828724][ T4944] netlink: 'syz.2.473': attribute type 29 has an invalid length.
[   61.839281][ T4945] netlink: 'syz.2.473': attribute type 29 has an invalid length.
[   61.865800][ T3632] udevd[3632]: inotify_add_watch(7, /dev/loop5p4, 10) failed: No such file or directory
[   61.866442][ T3305] udevd[3305]: inotify_add_watch(7, /dev/loop5p5, 10) failed: No such file or directory
[   61.878720][ T3306] udevd[3306]: inotify_add_watch(7, /dev/loop5p6, 10) failed: No such file or directory
[   61.896724][ T3724] udevd[3724]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory
[   61.907809][ T4949] netlink: 20 bytes leftover after parsing attributes in process `syz.5.472'.
[   61.908524][ T3636] udevd[3636]: inotify_add_watch(7, /dev/loop5p2, 10) failed: No such file or directory
[   62.070919][ T4969] netlink: 1304 bytes leftover after parsing attributes in process `syz.5.474'.
[   62.206176][ T4979] netlink: 'syz.1.484': attribute type 4 has an invalid length.
[   62.214570][ T4979] netlink: 'syz.1.484': attribute type 4 has an invalid length.
[   62.229440][ T4979] netlink: 488 bytes leftover after parsing attributes in process `syz.1.484'.
[   62.239048][ T4979] netlink: 28 bytes leftover after parsing attributes in process `syz.1.484'.
[   62.259936][ T4981] netlink: 20 bytes leftover after parsing attributes in process `syz.3.485'.
[   62.275589][ T4983] netlink: 8 bytes leftover after parsing attributes in process `syz.1.486'.
[   62.598357][ T4998] 9p: Could not find request transport: @
[   62.910309][ T5013] loop5: detected capacity change from 0 to 128
[   62.917458][ T5013] msdos: Bad value for 'dmask'
[   63.207120][ T5036] loop5: detected capacity change from 0 to 128
[   63.451176][ T5058] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   63.490356][ T5066] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23 sclass=netlink_route_socket pid=5066 comm=syz.2.521
[   63.503288][ T5058] loop5: detected capacity change from 0 to 1024
[   63.551993][ T5058] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (24670!=35945)
[   63.623454][ T5058] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   63.694261][ T5058] EXT4-fs (loop5): revision level too high, forcing read-only mode
[   63.708548][ T5085] loop2: detected capacity change from 0 to 512
[   63.720591][ T5058] EXT4-fs (loop5): Can't support bigalloc feature without extents feature
[   63.720591][ T5058] 
[   63.731519][ T5058] EXT4-fs (loop5): Skipping orphan cleanup due to unknown ROCOMPAT features
[   63.739186][ T5085] EXT4-fs: Ignoring removed nobh option
[   63.742322][ T5058] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   63.784122][ T5058] EXT4-fs error (device loop5): ext4_search_dir:1474: inode #2: block 16: comm syz.5.516: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0
[   63.875634][ T5085] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   63.905175][ T5058] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   63.941240][ T5085] ext4 filesystem being mounted at /111/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   64.017208][ T5103] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23 sclass=netlink_route_socket pid=5103 comm=syz.4.535
[   64.032525][ T5085] tipc: Enabled bearer <eth:ip6gre0>, priority 10
[   64.053795][ T3604] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   64.111532][ T3316] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   64.238217][ T5109] loop4: detected capacity change from 0 to 8192
[   64.306489][ T3636]  loop4: p1 < > p2 p3 < p5 p6 > p4
[   64.311764][ T3636] loop4: partition table partially beyond EOD, truncated
[   64.320125][ T3636] loop4: p1 start 100663296 is beyond EOD, truncated
[   64.326885][ T3636] loop4: p2 size 134217732 extends beyond EOD, truncated
[   64.349967][ T3636] loop4: p4 size 14876672 extends beyond EOD, truncated
[   64.393650][ T3636] loop4: p5 size 134217732 extends beyond EOD, truncated
[   64.426840][ T3636] loop4: p6 size 14876672 extends beyond EOD, truncated
[   64.472045][ T5109]  loop4: p1 < > p2 p3 < p5 p6 > p4
[   64.477426][ T5109] loop4: partition table partially beyond EOD, truncated
[   64.484823][ T5109] loop4: p1 start 100663296 is beyond EOD, truncated
[   64.491577][ T5109] loop4: p2 size 134217732 extends beyond EOD, truncated
[   64.508441][ T5109] loop4: p4 size 14876672 extends beyond EOD, truncated
[   64.520969][ T5109] loop4: p5 size 134217732 extends beyond EOD, truncated
[   64.534281][ T5109] loop4: p6 size 14876672 extends beyond EOD, truncated
[   64.599488][ T5134] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   64.608221][ T5136] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23 sclass=netlink_route_socket pid=5136 comm=syz.4.547
[   64.688192][ T5131] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   64.771318][   T29] kauditd_printk_skb: 925 callbacks suppressed
[   64.771335][   T29] audit: type=1400 audit(1770488954.037:1890): avc:  denied  { connect } for  pid=5148 comm="syz.2.551" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   64.834009][   T29] audit: type=1400 audit(1770488954.077:1891): avc:  denied  { setopt } for  pid=5148 comm="syz.2.551" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   64.890813][ T5153] loop2: detected capacity change from 0 to 164
[   65.181341][   T29] audit: type=1326 audit(1770488954.447:1892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5165 comm="syz.4.558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71d24caeb9 code=0x7ffc0000
[   65.238440][   T29] audit: type=1326 audit(1770488954.477:1893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5165 comm="syz.4.558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f71d24caeb9 code=0x7ffc0000
[   65.261857][   T29] audit: type=1326 audit(1770488954.477:1894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5165 comm="syz.4.558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71d24caeb9 code=0x7ffc0000
[   65.285233][   T29] audit: type=1326 audit(1770488954.477:1895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5165 comm="syz.4.558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f71d24caeb9 code=0x7ffc0000
[   65.308517][   T29] audit: type=1326 audit(1770488954.477:1896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5165 comm="syz.4.558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71d24caeb9 code=0x7ffc0000
[   65.331853][   T29] audit: type=1326 audit(1770488954.477:1897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5165 comm="syz.4.558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=119 compat=0 ip=0x7f71d24caeb9 code=0x7ffc0000
[   65.355251][   T29] audit: type=1326 audit(1770488954.477:1898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5165 comm="syz.4.558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71d24caeb9 code=0x7ffc0000
[   65.378636][   T29] audit: type=1326 audit(1770488954.477:1899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5165 comm="syz.4.558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f71d24caeb9 code=0x7ffc0000
[   65.456702][ T5172] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   65.466989][ T5168] netlink: 'syz.4.558': attribute type 49 has an invalid length.
[   65.541887][ T5170] loop5: detected capacity change from 0 to 1024
[   65.612741][ T5170] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (24670!=35945)
[   65.635238][ T5170] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   65.790059][ T5170] EXT4-fs (loop5): revision level too high, forcing read-only mode
[   65.798428][ T5170] EXT4-fs (loop5): Can't support bigalloc feature without extents feature
[   65.798428][ T5170] 
[   65.809182][ T5170] EXT4-fs (loop5): Skipping orphan cleanup due to unknown ROCOMPAT features
[   65.819709][ T5170] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   65.835259][ T5170] EXT4-fs error (device loop5): ext4_search_dir:1474: inode #2: block 16: comm syz.5.559: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0
[   65.874372][ T5170] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   65.904002][ T3604] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   65.938612][ T5179] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23 sclass=netlink_route_socket pid=5179 comm=syz.1.561
[   66.089594][ T5192] 9p: Could not find request transport: @
[   66.199614][ T5208] loop3: detected capacity change from 0 to 512
[   66.220078][ T5208] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   66.235033][ T5208] ext4 filesystem being mounted at /112/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   66.246035][ T5208] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   66.284887][ T5215] __nla_validate_parse: 9 callbacks suppressed
[   66.284902][ T5215] netlink: 1304 bytes leftover after parsing attributes in process `syz.4.573'.
[   66.631223][ T5226] netlink: 48 bytes leftover after parsing attributes in process `syz.3.577'.
[   66.697224][ T5228] 9p: Could not find request transport: @
[   66.731929][ T5233] FAULT_INJECTION: forcing a failure.
[   66.731929][ T5233] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   66.745103][ T5233] CPU: 1 UID: 0 PID: 5233 Comm: syz.2.580 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   66.745134][ T5233] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[   66.745150][ T5233] Call Trace:
[   66.745157][ T5233]  <TASK>
[   66.745167][ T5233]  __dump_stack+0x1d/0x30
[   66.745225][ T5233]  dump_stack_lvl+0x95/0xd0
[   66.745256][ T5233]  dump_stack+0x15/0x1b
[   66.745274][ T5233]  should_fail_ex+0x263/0x280
[   66.745302][ T5233]  should_fail+0xb/0x20
[   66.745430][ T5233]  should_fail_usercopy+0x1a/0x20
[   66.745462][ T5233]  _copy_from_user+0x1c/0xb0
[   66.745481][ T5233]  ___sys_sendmsg+0xc1/0x1e0
[   66.745511][ T5233]  __x64_sys_sendmsg+0xd4/0x160
[   66.745605][ T5233]  x64_sys_call+0x17ba/0x3000
[   66.745627][ T5233]  do_syscall_64+0xc0/0x2a0
[   66.745755][ T5233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   66.745774][ T5233] RIP: 0033:0x7f39131daeb9
[   66.745802][ T5233] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   66.745860][ T5233] RSP: 002b:00007f3911c2f028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   66.745878][ T5233] RAX: ffffffffffffffda RBX: 00007f3913455fa0 RCX: 00007f39131daeb9
[   66.745939][ T5233] RDX: 0000000020044884 RSI: 0000200000000180 RDI: 0000000000000003
[   66.745950][ T5233] RBP: 00007f3911c2f090 R08: 0000000000000000 R09: 0000000000000000
[   66.745961][ T5233] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   66.745972][ T5233] R13: 00007f3913456038 R14: 00007f3913455fa0 R15: 00007fff0db15708
[   66.745989][ T5233]  </TASK>
[   66.972405][ T5240] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5240 comm=syz.3.583
[   67.051800][ T5250] loop2: detected capacity change from 0 to 164
[   67.104571][ T5259] 9p: Could not find request transport: @
[   67.134682][ T5265] netlink: 28 bytes leftover after parsing attributes in process `syz.1.591'.
[   67.143675][ T5265] netlink: 28 bytes leftover after parsing attributes in process `syz.1.591'.
[   67.177246][ T5261] netlink: 8 bytes leftover after parsing attributes in process `syz.5.592'.
[   67.194355][ T5270] loop3: detected capacity change from 0 to 512
[   67.205243][ T5270] EXT4-fs: Invalid want_extra_isize 3
[   67.262659][ T5272] netlink: 28 bytes leftover after parsing attributes in process `syz.4.595'.
[   67.271597][ T5272] netlink: 28 bytes leftover after parsing attributes in process `syz.4.595'.
[   67.290781][ T5261] SELinux: failed to load policy
[   67.318109][ T5277] loop3: detected capacity change from 0 to 512
[   67.329888][ T5277] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[   67.344386][ T5277] EXT4-fs (loop3): orphan cleanup on readonly fs
[   67.351235][ T5277] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:517: comm syz.3.597: Block bitmap for bg 0 marked uninitialized
[   67.365039][ T5277] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6689: Corrupt filesystem
[   67.386060][ T5277] EXT4-fs (loop3): 1 orphan inode deleted
[   67.410146][ T5277] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   67.432474][ T5277] ext4: Unknown parameter 'd·¹³~±
'
[   67.438415][ T5284] ext4: Unknown parameter 'd·¹³~±
'
[   67.490047][ T5287] netlink: 28 bytes leftover after parsing attributes in process `syz.5.599'.
[   67.507540][ T5286] netlink: 20 bytes leftover after parsing attributes in process `syz.1.600'.
[   67.524610][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   67.596058][ T5295] 9p: Could not find request transport: @
[   67.651718][ T5301] netlink: 'syz.3.606': attribute type 29 has an invalid length.
[   67.660767][ T5301] netlink: 'syz.3.606': attribute type 4 has an invalid length.
[   67.739874][ T5307] netlink: 8 bytes leftover after parsing attributes in process `syz.1.609'.
[   67.842026][ T5313] lo: Caught tx_queue_len zero misconfig
[   67.925786][ T5321] 9p: Could not find request transport: @
[   68.070954][ T5341] netlink: 'syz.3.625': attribute type 2 has an invalid length.
[   68.102919][ T5344] 9p: Bad value for 'rfdno'
[   68.296257][ T5348] 9p: Could not find request transport: @
[   68.386397][ T5359] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=31768 sclass=netlink_route_socket pid=5359 comm=syz.4.631
[   68.557199][ T5370] loop4: detected capacity change from 0 to 1024
[   68.605010][ T5370] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[   68.617362][ T5370] ext4 filesystem being mounted at /130/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   68.651815][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[   68.708681][ T5386] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23 sclass=netlink_route_socket pid=5386 comm=syz.2.642
[   68.751838][ T5392] FAULT_INJECTION: forcing a failure.
[   68.751838][ T5392] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   68.765000][ T5392] CPU: 0 UID: 0 PID: 5392 Comm: syz.5.644 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   68.765074][ T5392] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[   68.765090][ T5392] Call Trace:
[   68.765098][ T5392]  <TASK>
[   68.765107][ T5392]  __dump_stack+0x1d/0x30
[   68.765136][ T5392]  dump_stack_lvl+0x95/0xd0
[   68.765157][ T5392]  dump_stack+0x15/0x1b
[   68.765240][ T5392]  should_fail_ex+0x263/0x280
[   68.765316][ T5392]  should_fail+0xb/0x20
[   68.765350][ T5392]  should_fail_usercopy+0x1a/0x20
[   68.765436][ T5392]  _copy_from_user+0x1c/0xb0
[   68.765468][ T5392]  get_user_ifreq+0x52/0x110
[   68.765492][ T5392]  sock_ioctl+0x54e/0x610
[   68.765586][ T5392]  ? __pfx_sock_ioctl+0x10/0x10
[   68.765615][ T5392]  __se_sys_ioctl+0xce/0x140
[   68.765695][ T5392]  __x64_sys_ioctl+0x43/0x50
[   68.765733][ T5392]  x64_sys_call+0x14b0/0x3000
[   68.765793][ T5392]  do_syscall_64+0xc0/0x2a0
[   68.765897][ T5392]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.765923][ T5392] RIP: 0033:0x7f4b7f56aeb9
[   68.765943][ T5392] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   68.765965][ T5392] RSP: 002b:00007f4b7dfc7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   68.766047][ T5392] RAX: ffffffffffffffda RBX: 00007f4b7f7e5fa0 RCX: 00007f4b7f56aeb9
[   68.766144][ T5392] RDX: 0000200000001440 RSI: 00000000000089f0 RDI: 0000000000000003
[   68.766157][ T5392] RBP: 00007f4b7dfc7090 R08: 0000000000000000 R09: 0000000000000000
[   68.766169][ T5392] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   68.766181][ T5392] R13: 00007f4b7f7e6038 R14: 00007f4b7f7e5fa0 R15: 00007ffd03a12cd8
[   68.766199][ T5392]  </TASK>
[   69.045120][ T5403] loop2: detected capacity change from 0 to 164
[   69.252390][ T5429] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23 sclass=netlink_route_socket pid=5429 comm=syz.4.655
[   69.282107][ T5431] loop3: detected capacity change from 0 to 512
[   69.297893][ T5431] FAT-fs (loop3): bogus number of FAT sectors
[   69.304139][ T5431] FAT-fs (loop3): Can't find a valid FAT filesystem
[   69.362994][ T5439] 9p: Bad value for 'wfdno'
[   69.367709][ T5439] 9p: Bad value for 'wfdno'
[   69.392621][ T5439] 9p: Bad value for 'wfdno'
[   69.397362][ T5439] 9p: Bad value for 'wfdno'
[   69.402565][ T5439] 9p: Bad value for 'wfdno'
[   69.407251][ T5439] 9p: Bad value for 'wfdno'
[   69.412077][ T5439] 9p: Bad value for 'wfdno'
[   69.416699][ T5439] 9p: Bad value for 'wfdno'
[   69.554654][ T5452] ------------[ cut here ]------------
[   69.560178][ T5452] verifier bug: REG INVARIANTS VIOLATION (false_reg1): range bounds violation u64=[0xfffffffefffff630, 0xffffffff00000000] s64=[0xfffffffefffff630, 0xffffffff00000000] u32=[0x30, 0x8000050] s32=[0x30, 0x0] var_off=(0xfffffffe00000030, 0x10fffffc0)
[   69.584769][ T5452] WARNING: kernel/bpf/verifier.c:2748 at reg_bounds_sanity_check+0x15b/0x660, CPU#1: syz.3.663/5452
[   69.595977][ T5452] Modules linked in:
[   69.599913][ T5452] CPU: 1 UID: 0 PID: 5452 Comm: syz.3.663 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   69.609640][ T5452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[   69.619750][ T5452] RIP: 0010:reg_bounds_sanity_check+0x27d/0x660
[   69.626121][ T5452] Code: 24 78 4c 8b 44 24 70 4c 8b 4c 24 60 41 ff 74 24 20 41 55 53 ff 74 24 68 ff 74 24 78 ff b4 24 90 00 00 00 ff b4 24 b0 00 00 00 <67> 48 0f b9 3a 48 83 c4 38 4c 8b ac 24 98 00 00 00 49 8d 85 80 08
[   69.645801][ T5452] RSP: 0018:ffffc90011e3b388 EFLAGS: 00010246
[   69.651946][ T5452] RAX: ffff88811b5d5d10 RBX: 0000000000000000 RCX: fffffffefffff630
[   69.660034][ T5452] RDX: ffffffff867f0c86 RSI: ffffffff867c5870 RDI: ffffffff86fb99b0
[   69.668086][ T5452] RBP: ffff88811a89f990 R08: ffffffff00000000 R09: fffffffefffff630
[   69.676207][ T5452] R10: ffffffff89153a50 R11: fffffffefffff630 R12: ffff88811a89f950
[   69.684267][ T5452] R13: fffffffe00000030 R14: ffff88811a89f99c R15: ffff88811a89f988
[   69.692294][ T5452] FS:  00007f6ff333f6c0(0000) GS:ffff8882aec57000(0000) knlGS:0000000000000000
[   69.701378][ T5452] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   69.708016][ T5452] CR2: 0000200000004000 CR3: 000000011821c000 CR4: 00000000003506f0
[   69.716066][ T5452] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   69.724129][ T5452] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[   69.732204][ T5452] Call Trace:
[   69.735508][ T5452]  <TASK>
[   69.738489][ T5452]  reg_set_min_max+0x21c/0x260
[   69.743347][ T5452]  check_cond_jmp_op+0x13bd/0x1a80
[   69.748524][ T5452]  do_check+0x440c/0x9060
[   69.753009][ T5452]  do_check_common+0xd0f/0x1630
[   69.757938][ T5452]  bpf_check+0x2f6d/0xc7e0
[   69.762533][ T5452]  ? __alloc_frozen_pages_noprof+0x18a/0x350
[   69.768578][ T5452]  ? alloc_pages_bulk_noprof+0x4a1/0x520
[   69.774298][ T5452]  ? __vmap_pages_range_noflush+0xb9c/0xcc0
[   69.780315][ T5452]  ? css_rstat_updated+0xbb/0x280
[   69.785416][ T5452]  ? try_charge_memcg+0x215/0xa10
[   69.790531][ T5452]  ? pcpu_block_update+0x24e/0x3b0
[   69.795730][ T5452]  ? pcpu_block_refresh_hint+0x10b/0x170
[   69.801474][ T5452]  ? _find_next_zero_bit+0x64/0xa0
[   69.806629][ T5452]  ? pcpu_block_refresh_hint+0x157/0x170
[   69.812490][ T5452]  ? pcpu_block_update_hint_alloc+0x640/0x660
[   69.818616][ T5452]  ? css_rstat_updated+0xbb/0x280
[   69.823739][ T5452]  ? mod_memcg_state+0x182/0x260
[   69.828726][ T5452]  ? __rcu_read_unlock+0x4e/0x70
[   69.833778][ T5452]  ? pcpu_memcg_post_alloc_hook+0xec/0x170
[   69.839637][ T5452]  ? pcpu_alloc_noprof+0xb08/0x1010
[   69.844920][ T5452]  ? should_fail_ex+0x30/0x280
[   69.849763][ T5452]  ? __kmalloc_noprof+0x2a3/0x580
[   69.854885][ T5452]  ? security_bpf_prog_load+0x60/0x140
[   69.860410][ T5452]  ? selinux_bpf_prog_load+0xac/0xd0
[   69.865783][ T5452]  ? security_bpf_prog_load+0x9e/0x140
[   69.871346][ T5452]  bpf_prog_load+0xf76/0x1140
[   69.876096][ T5452]  ? security_bpf+0x2b/0x90
[   69.880674][ T5452]  __sys_bpf+0x469/0x7b0
[   69.885049][ T5452]  __x64_sys_bpf+0x41/0x50
[   69.889507][ T5452]  x64_sys_call+0x28e1/0x3000
[   69.894359][ T5452]  do_syscall_64+0xc0/0x2a0
[   69.898954][ T5452]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.905032][ T5452] RIP: 0033:0x7f6ff48eaeb9
[   69.909472][ T5452] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   69.929162][ T5452] RSP: 002b:00007f6ff333f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   69.937703][ T5452] RAX: ffffffffffffffda RBX: 00007f6ff4b65fa0 RCX: 00007f6ff48eaeb9
[   69.945741][ T5452] RDX: 0000000000000048 RSI: 00002000000017c0 RDI: 0000000000000005
[   69.953749][ T5452] RBP: 00007f6ff4958c1f R08: 0000000000000000 R09: 0000000000000000
[   69.961767][ T5452] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   69.969807][ T5452] R13: 00007f6ff4b66038 R14: 00007f6ff4b65fa0 R15: 00007ffee0b73c18
[   69.977917][ T5452]  </TASK>
[   69.980980][ T5452] ---[ end trace 0000000000000000 ]---
[   70.027417][   T29] kauditd_printk_skb: 209 callbacks suppressed
[   70.027489][   T29] audit: type=1400 audit(1770488959.299:2109): avc:  denied  { mount } for  pid=5460 comm="syz.4.669" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   70.061271][   T29] audit: type=1400 audit(1770488959.329:2110): avc:  denied  { create } for  pid=5460 comm="syz.4.669" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   70.080946][   T29] audit: type=1400 audit(1770488959.329:2111): avc:  denied  { write } for  pid=5460 comm="syz.4.669" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   70.100686][   T29] audit: type=1400 audit(1770488959.329:2112): avc:  denied  { prog_run } for  pid=5460 comm="syz.4.669" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   70.119849][   T29] audit: type=1400 audit(1770488959.339:2113): avc:  denied  { kexec_image_load } for  pid=5460 comm="syz.4.669" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1
[   70.140750][   T29] audit: type=1400 audit(1770488959.339:2114): avc:  denied  { create } for  pid=5460 comm="syz.4.669" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[   70.160530][   T29] audit: type=1400 audit(1770488959.339:2115): avc:  denied  { ioctl } for  pid=5460 comm="syz.4.669" path="socket:[12703]" dev="sockfs" ino=12703 ioctlcmd=0x8919 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[   70.226035][ T5465] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23 sclass=netlink_route_socket pid=5465 comm=syz.4.672
[   70.231315][   T29] audit: type=1400 audit(1770488959.499:2116): avc:  denied  { bind } for  pid=5464 comm="syz.4.672" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   70.257903][   T29] audit: type=1400 audit(1770488959.499:2117): avc:  denied  { node_bind } for  pid=5464 comm="syz.4.672" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[   70.380766][   T29] audit: type=1400 audit(1770488959.539:2118): avc:  denied  { map } for  pid=5464 comm="syz.4.672" path="socket:[12713]" dev="sockfs" ino=12713 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[   70.468697][ T5480] netlink: 'syz.4.677': attribute type 63 has an invalid length.
[   70.488665][ T5452] syz.3.663 (5452) used greatest stack depth: 10008 bytes left
[   70.554518][ T5486] loop4: detected capacity change from 0 to 164
[   70.642715][ T5494] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23 sclass=netlink_route_socket pid=5494 comm=syz.1.684
[   70.708132][ T5500] loop3: detected capacity change from 0 to 512
[   70.736687][ T5500] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   70.758082][ T5500] ext4 filesystem being mounted at /144/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   70.779348][ T5500] veth0_virt_wifi: Caught tx_queue_len zero misconfig
[   70.831235][ T3367] IPVS: starting estimator thread 0...
[   70.889421][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.922392][ T5512] IPVS: using max 2304 ests per chain, 115200 per kthread
[   70.953219][ T5520] netlink: 'syz.2.693': attribute type 21 has an invalid length.
[   71.102137][ T5553] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23 sclass=netlink_route_socket pid=5553 comm=syz.2.697
[   71.311421][ T5570] __nla_validate_parse: 26 callbacks suppressed
[   71.311440][ T5570] netlink: 12 bytes leftover after parsing attributes in process `syz.2.704'.
[   71.416226][ T5582] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23 sclass=netlink_route_socket pid=5582 comm=syz.3.709
[   71.429172][ T5580] netlink: 28 bytes leftover after parsing attributes in process `syz.2.708'.
[   71.438177][ T5580] netlink: 28 bytes leftover after parsing attributes in process `syz.2.708'.
[   71.468533][ T5578] syzkaller1: entered promiscuous mode
[   71.474113][ T5578] syzkaller1: entered allmulticast mode
[   71.570638][ T5592] netlink: 28 bytes leftover after parsing attributes in process `syz.3.712'.
[   71.599189][ T1035] IPVS: starting estimator thread 0...
[   71.601756][ T5596] netlink: 1304 bytes leftover after parsing attributes in process `syz.2.710'.
[   71.690259][ T5595] IPVS: using max 2064 ests per chain, 103200 per kthread
[   71.756462][ T5609] netlink: 40 bytes leftover after parsing attributes in process `syz.3.718'.
[   71.798395][ T5611] loop3: detected capacity change from 0 to 512
[   71.807797][ T5611] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   71.821048][ T5611] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   71.832802][ T5611] EXT4-fs (loop3): orphan file too big: 8388608
[   71.839194][ T5611] EXT4-fs (loop3): mount failed
[   71.884081][ T5615] netlink: 28 bytes leftover after parsing attributes in process `syz.3.720'.
[   71.893056][ T5615] netlink: 28 bytes leftover after parsing attributes in process `syz.3.720'.
[   71.911163][ T5617] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23 sclass=netlink_route_socket pid=5617 comm=syz.1.721
[   71.952707][ T5621] netlink: 118 bytes leftover after parsing attributes in process `syz.3.722'.
[   71.992408][ T5625] netlink: 48 bytes leftover after parsing attributes in process `syz.3.724'.
[   72.123245][ T5638] loop3: detected capacity change from 0 to 8192
[   72.170026][ T5638]  loop3: p1 p2 p4 < >
[   72.174188][ T5638] loop3: partition table partially beyond EOD, truncated
[   72.182667][ T5638] loop3: p1 start 16777216 is beyond EOD, truncated
[   72.189348][ T5638] loop3: p2 size 515840 extends beyond EOD, truncated
[   72.193452][ T5643] loop4: detected capacity change from 0 to 4096
[   72.208052][ T5643] EXT4-fs: Ignoring removed bh option
[   72.213568][ T5643] EXT4-fs: Ignoring removed mblk_io_submit option
[   72.233282][ T5643] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   72.248014][ T5638] loop3: p4 start 16777216 is beyond EOD, truncated
[   72.257800][ T5647] Invalid argument reading file caps for ./file0
[   72.334344][ T5650] 9p: Could not find request transport: @
[   72.456995][ T3636] udevd[3636]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[   72.468416][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.588992][ T5673] tipc: Started in network mode
[   72.594080][ T5673] tipc: Node identity ff010000000000000000000000000001, cluster identity 4711
[   72.603148][ T5673] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[   72.612175][ T5682] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5682 comm=syz.5.741
[   72.630091][ T5683] loop3: detected capacity change from 0 to 256
[   72.661328][ T5685] 9p: Could not find request transport: @
[   72.670570][ T5687] loop4: detected capacity change from 0 to 1024
[   72.679011][ T5675] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   72.723909][ T5687] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (24670!=35945)
[   72.739438][ T5675] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   72.741196][ T5687] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   72.760771][ T5675] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   72.771166][ T5687] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   72.771424][ T5687] EXT4-fs (loop4): Can't support bigalloc feature without extents feature
[   72.771424][ T5687] 
[   72.790100][ T5687] EXT4-fs (loop4): Skipping orphan cleanup due to unknown ROCOMPAT features
[   72.843622][ T5687] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   72.889538][ T5673] EXT4-fs error (device loop4): ext4_search_dir:1474: inode #2: block 16: comm syz.4.742: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0
[   72.911432][ T5673] tipc: Enabled bearer <udp:syz2>, priority 10
[   72.931339][ T3313] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.960746][ T5699] loop3: detected capacity change from 0 to 4096
[   72.977263][ T5699] EXT4-fs: Ignoring removed bh option
[   72.982912][ T5699] EXT4-fs: Ignoring removed mblk_io_submit option
[   73.009656][ T5699] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.050646][ T5706] netlink: 'syz.2.751': attribute type 2 has an invalid length.
[   73.166284][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.288872][ T5733] netlink: 'syz.2.763': attribute type 2 has an invalid length.
[   73.291769][ T5729] bridge0: port 2(bridge_slave_1) entered disabled state
[   73.312695][ T5729] bridge0: port 2(bridge_slave_1) entered disabled state
[   73.326940][ T5736] FAULT_INJECTION: forcing a failure.
[   73.326940][ T5736] name failslab, interval 1, probability 0, space 0, times 0
[   73.326974][ T5736] CPU: 0 UID: 0 PID: 5736 Comm: syz.1.765 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   73.327018][ T5736] Tainted: [W]=WARN
[   73.327024][ T5736] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[   73.327036][ T5736] Call Trace:
[   73.327042][ T5736]  <TASK>
[   73.327052][ T5736]  __dump_stack+0x1d/0x30
[   73.327082][ T5736]  dump_stack_lvl+0x95/0xd0
[   73.327189][ T5736]  dump_stack+0x15/0x1b
[   73.327215][ T5736]  should_fail_ex+0x263/0x280
[   73.327253][ T5736]  should_failslab+0x8c/0xb0
[   73.327411][ T5736]  kmem_cache_alloc_node_noprof+0x6a/0x4a0
[   73.327454][ T5736]  ? __alloc_skb+0x2f0/0x4b0
[   73.327550][ T5736]  __alloc_skb+0x2f0/0x4b0
[   73.327577][ T5736]  ? __alloc_skb+0x219/0x4b0
[   73.327678][ T5736]  netlink_alloc_large_skb+0xbf/0xf0
[   73.327756][ T5736]  netlink_sendmsg+0x40c/0x6f0
[   73.327782][ T5736]  ? __pfx_netlink_sendmsg+0x10/0x10
[   73.327806][ T5736]  ____sys_sendmsg+0x5af/0x600
[   73.327834][ T5736]  ___sys_sendmsg+0x195/0x1e0
[   73.327877][ T5736]  __x64_sys_sendmsg+0xd4/0x160
[   73.327910][ T5736]  x64_sys_call+0x17ba/0x3000
[   73.327964][ T5736]  do_syscall_64+0xc0/0x2a0
[   73.328003][ T5736]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.328030][ T5736] RIP: 0033:0x7fcd7834aeb9
[   73.328049][ T5736] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   73.328114][ T5736] RSP: 002b:00007fcd76d9f028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   73.328173][ T5736] RAX: ffffffffffffffda RBX: 00007fcd785c5fa0 RCX: 00007fcd7834aeb9
[   73.328197][ T5736] RDX: 0000000020044884 RSI: 0000200000000180 RDI: 0000000000000003
[   73.328213][ T5736] RBP: 00007fcd76d9f090 R08: 0000000000000000 R09: 0000000000000000
[   73.328229][ T5736] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   73.328244][ T5736] R13: 00007fcd785c6038 R14: 00007fcd785c5fa0 R15: 00007ffd5c9ffe58
[   73.328265][ T5736]  </TASK>
[   73.341583][ T5738] usb usb1: usbfs: process 5738 (syz.2.764) did not claim interface 0 before use
[   73.433518][ T5745] netlink: 'syz.1.768': attribute type 4 has an invalid length.
[   73.436565][ T5745] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[   73.649000][ T5757] netlink: 'syz.3.774': attribute type 2 has an invalid length.
[   74.133623][ T3408] tipc: Node number set to 4278255617
[   74.408836][ T5803] loop4: detected capacity change from 0 to 164
[   74.540135][ T5816] loop3: detected capacity change from 0 to 736
[   74.574720][ T5816] rock: directory entry would overflow storage
[   74.581045][ T5816] rock: sig=0x3b10, size=4, remaining=3
[   74.758833][ T5834] netlink: 'syz.3.803': attribute type 63 has an invalid length.
[   74.953623][ T5843] netlink: 'syz.3.808': attribute type 27 has an invalid length.
[   74.954897][ T5840] 9p: Could not find request transport: @
[   75.046081][   T29] kauditd_printk_skb: 197 callbacks suppressed
[   75.046099][   T29] audit: type=1400 audit(1770488964.322:2316): avc:  denied  { create } for  pid=5851 comm="syz.2.810" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   75.104584][   T29] audit: type=1400 audit(1770488964.322:2317): avc:  denied  { setopt } for  pid=5851 comm="syz.2.810" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   75.127877][ T5849] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   75.145242][   T29] audit: type=1326 audit(1770488964.422:2318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5856 comm="syz.2.814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39131daeb9 code=0x7ffc0000
[   75.170044][   T29] audit: type=1326 audit(1770488964.422:2319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5856 comm="syz.2.814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39131daeb9 code=0x7ffc0000
[   75.194377][   T29] audit: type=1326 audit(1770488964.452:2320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5856 comm="syz.2.814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f39131daeb9 code=0x7ffc0000
[   75.208222][ T5860] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (24670!=35945)
[   75.217916][   T29] audit: type=1326 audit(1770488964.452:2321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5856 comm="syz.2.814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39131daeb9 code=0x7ffc0000
[   75.248279][ T5860] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   75.250749][   T29] audit: type=1326 audit(1770488964.452:2322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5856 comm="syz.2.814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39131daeb9 code=0x7ffc0000
[   75.275782][ T5860] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   75.292503][ T5860] EXT4-fs (loop3): Can't support bigalloc feature without extents feature
[   75.292503][ T5860] 
[   75.303339][ T5860] EXT4-fs (loop3): Skipping orphan cleanup due to unknown ROCOMPAT features
[   75.312642][ T5860] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   75.328292][ T5849] EXT4-fs error (device loop3): ext4_search_dir:1474: inode #2: block 16: comm syz.3.811: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0
[   75.347070][   T29] audit: type=1326 audit(1770488964.472:2323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5856 comm="syz.2.814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f39131daeb9 code=0x7ffc0000
[   75.370425][   T29] audit: type=1326 audit(1770488964.472:2324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5856 comm="syz.2.814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39131daeb9 code=0x7ffc0000
[   75.393866][   T29] audit: type=1326 audit(1770488964.472:2325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5856 comm="syz.2.814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39131daeb9 code=0x7ffc0000
[   75.453829][ T5860] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   75.474998][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.555671][ T5878] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   75.585663][ T5878] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   75.685263][ T5894] FAULT_INJECTION: forcing a failure.
[   75.685263][ T5894] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   75.698425][ T5894] CPU: 1 UID: 0 PID: 5894 Comm: syz.1.828 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   75.698483][ T5894] Tainted: [W]=WARN
[   75.698490][ T5894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[   75.698502][ T5894] Call Trace:
[   75.698508][ T5894]  <TASK>
[   75.698515][ T5894]  __dump_stack+0x1d/0x30
[   75.698538][ T5894]  dump_stack_lvl+0x95/0xd0
[   75.698654][ T5894]  dump_stack+0x15/0x1b
[   75.698673][ T5894]  should_fail_ex+0x263/0x280
[   75.698716][ T5894]  should_fail+0xb/0x20
[   75.698822][ T5894]  should_fail_usercopy+0x1a/0x20
[   75.698868][ T5894]  _copy_from_user+0x1c/0xb0
[   75.698893][ T5894]  br_dev_siocdevprivate+0x82/0xf40
[   75.698920][ T5894]  ? _raw_spin_lock_irqsave+0x57/0xb0
[   75.698996][ T5894]  ? __list_del_entry_valid_or_report+0x65/0x130
[   75.699023][ T5894]  ? __mutex_lock+0xa20/0xe30
[   75.699123][ T5894]  ? full_name_hash+0x92/0xe0
[   75.699157][ T5894]  dev_ifsioc+0x923/0xf60
[   75.699218][ T5894]  ? __mutex_lock_slowpath+0xa/0x10
[   75.699246][ T5894]  dev_ioctl+0x78c/0x960
[   75.699272][ T5894]  sock_ioctl+0x593/0x610
[   75.699366][ T5894]  ? __pfx_sock_ioctl+0x10/0x10
[   75.699387][ T5894]  __se_sys_ioctl+0xce/0x140
[   75.699487][ T5894]  __x64_sys_ioctl+0x43/0x50
[   75.699520][ T5894]  x64_sys_call+0x14b0/0x3000
[   75.699543][ T5894]  do_syscall_64+0xc0/0x2a0
[   75.699619][ T5894]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.699640][ T5894] RIP: 0033:0x7fcd7834aeb9
[   75.699659][ T5894] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   75.699746][ T5894] RSP: 002b:00007fcd76d9f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   75.699770][ T5894] RAX: ffffffffffffffda RBX: 00007fcd785c5fa0 RCX: 00007fcd7834aeb9
[   75.699786][ T5894] RDX: 0000200000001440 RSI: 00000000000089f0 RDI: 0000000000000003
[   75.699799][ T5894] RBP: 00007fcd76d9f090 R08: 0000000000000000 R09: 0000000000000000
[   75.699811][ T5894] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   75.699822][ T5894] R13: 00007fcd785c6038 R14: 00007fcd785c5fa0 R15: 00007ffd5c9ffe58
[   75.699909][ T5894]  </TASK>
[   76.217728][ T5934] bridge1: entered promiscuous mode
[   76.393809][ T5941] set_capacity_and_notify: 2 callbacks suppressed
[   76.393882][ T5941] loop4: detected capacity change from 0 to 2048
[   76.481596][ T5947] loop2: detected capacity change from 0 to 512
[   76.497908][ T5947] msdos: Bad value for 'umask'
[   76.516305][ T5947] tmpfs: Unknown parameter 'mcb0Ûint…rleave(7-N:0/N'
[   76.526813][ T3000] ==================================================================
[   76.534962][ T3000] BUG: KCSAN: data-race in d_delete / path_lookupat
[   76.541612][ T3000] 
[   76.543964][ T3000] read-write to 0xffff888107a86480 of 4 bytes by task 3724 on cpu 0:
[   76.552061][ T3000]  d_delete+0xbe/0xe0
[   76.556079][ T3000]  d_delete_notify+0x32/0x100
[   76.560788][ T3000]  vfs_unlink+0x331/0x440
[   76.565149][ T3000]  do_unlinkat+0x1e2/0x4b0
[   76.569618][ T3000]  __x64_sys_unlink+0x2e/0x40
[   76.574326][ T3000]  x64_sys_call+0x2f48/0x3000
[   76.579042][ T3000]  do_syscall_64+0xc0/0x2a0
[   76.583576][ T3000]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.589519][ T3000] 
[   76.591874][ T3000] read to 0xffff888107a86480 of 4 bytes by task 3000 on cpu 1:
[   76.599450][ T3000]  path_lookupat+0x1d8/0x500
[   76.604090][ T3000]  filename_lookup+0x190/0x390
[   76.608899][ T3000]  do_readlinkat+0x7d/0x340
[   76.613437][ T3000]  __x64_sys_readlink+0x47/0x60
[   76.618329][ T3000]  x64_sys_call+0x2af1/0x3000
[   76.623049][ T3000]  do_syscall_64+0xc0/0x2a0
[   76.627591][ T3000]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.633534][ T3000] 
[   76.635888][ T3000] value changed: 0x00300180 -> 0x00004080
[   76.641630][ T3000] 
[   76.643976][ T3000] Reported by Kernel Concurrency Sanitizer on:
[   76.650152][ T3000] CPU: 1 UID: 0 PID: 3000 Comm: udevd Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   76.661042][ T3000] Tainted: [W]=WARN
[   76.664866][ T3000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[   76.674954][ T3000] ==================================================================