last executing test programs:

12m9.454556326s ago: executing program 0 (id=37):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000340)='./file1\x00', 0x200000, &(0x7f00000000c0), 0x3, 0x578, &(0x7f0000000380)="$eJzs3V1rFFcYAOB3NonfbSKItL0ogV7UYt2YpJ9Q0F63UqG91yUZg2TjSnYjJhXUi3pdpFBKhdIf0PteSv9Af0WhFaSItJTebJnNrFmTXTeJq4md54HRc2bGfffszDn7npldN4DCGs/+KEW8GhFfJxGjHduGI984vrrfwwfXZrIliWbz8z+TSPJ17f2T/O+DeeWViPjlq4jjpY1x68sr85VqNV3M6xONhcsT9eWVExcXKnPpXHppanr6g3enpz58/72BtfWts39/99ndoexZf/vTvcO3kzgdh/Jtne14Cjc6K+Mxnr8mI3F63Y6TAwi2myT9duhyDrDzhvJ+PhLZGDAaQ3mvB/7/rkdEEyioRP+HgmrnAe25/YDmwS+M+x+vToA2tn949dpI7GvNjQ48TB6bGWXz3bEBxM9i/PzHndvZEn2uQ1wfQDyAths3I+Lk8PDG8S/Jx7/tO7mJq37rYxTt/Qd20t0s/3m7W/5TepT/RJf852CXvrsda49x/kx07f+lewMI01OW/33UJf/dv7bL2FB+++KlVs43kly4WE1PRsTLEXEsRvZm9S3cz3nsAntn/pctWfx2LriqdG947+MPMFtpVLbd4HXu34x4bS3/TWLD+L+vleuuP/7Z63F2kzGOpnde77Wtf/s7DT4Dbv4Y8WbX+c/aHa3kyfcnJ1rnw0T7rNjor1tHf+0Vf2vtH7zs+B94cvvHks77tfWtx/hh379pr23bPf/3JF+0ynvydVcrjcbiZMSe5NON66fW/m1e/6eZ75+1/9gbTx7/up3/2fhwfpPtv3Wkdxq0G47/7JaO/9YLv33y5fe94m/u+L/TKh3L12xm/NvsE3ya1w4AAAAAAAB2m1JEHIqkVH5ULpXK5dXPdxyJA6Vqrd44fqG2dGk2Wt+VHYuRUvtO92jH5yEm88/DtutT6+rTEXE4Ir4Z2t+ql2dq1dmdbjwAAAAAAAAAAAAAAAAAAADsEgd7fP8/8/vQo92e2/9HDjxnfvIbiqtv/x/ELz0Bu5L3fygu/R+KS/+H4tL/obj0fygu/R+KS/+H4tL/AQAAAAAAAAAAAAAAAAAAAAAAAAAAYKDOnjmTLc2HD67NZPXZK8tL87UrJ2bT+nx5YWmmPFNbvFyeq9Xmqml5prbQ7/GqtdrlyalYujrRSOuNifryyrmF2tKlxrmLC5W59Fw68lxaBQAAAAAAAAAAAAAAAAAAAC+W+vLKfKVaTRdfgML1HYp+Kna+7U9TSPod5VP5ybCtEMM730CFZ1DoP3Y0R5/16AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAq/4LAAD//6d0Moc=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xc, 0x28011, r0, 0x0)
madvise(&(0x7f000008a000/0x3000)=nil, 0x3000, 0x3)

12m9.222158118s ago: executing program 0 (id=47):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000f0cd00000000000004000000850000002a00000095"], &(0x7f0000000000)='GPL\x00'}, 0x90)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000440)=ANY=[@ANYRES32=r2, @ANYRES32=r3, @ANYBLOB="05", @ANYBLOB], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r2}, &(0x7f00000006c0), &(0x7f0000000700)=r1}, 0x20)
sendmsg$unix(r0, &(0x7f0000001500)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000140)="e687", 0x2}], 0x1, 0x0, 0x0, 0x44190}, 0x2004c001)

12m9.108895674s ago: executing program 0 (id=52):
r0 = socket(0x40000000015, 0x5, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r1=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r1, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
recvmmsg(r0, &(0x7f0000000000)=[{{0x0, 0x0, 0x0}}], 0x1, 0x60010000, 0x0)

12m8.171627433s ago: executing program 0 (id=72):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1000040, &(0x7f0000000880)={[{@jqfmt_vfsv0}, {@nodioread_nolock}, {@noquota}, {@delalloc}, {@journal_dev={'journal_dev', 0x3d, 0x1}}, {@nodioread_nolock}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x6}}]}, 0x1, 0x5a3, &(0x7f00000002c0)="$eJzs3T1sG3UbAPDnznHTj7xv+krvK72gDhUgFamqk/QDClO7IipV6oDEApHjRlWcuIodaKJIpHuF6IAAdSkbDIwgBgbEwsjKwseMVNEIpKYDGDk+p2nqFCfEMcS/n3TJ/3939vP8fX7OvtOdHEDfOtr4k0Y8EREXk4jhdcsGIlt4tLneyvJi8f7yYjGJev3Sz0kkEXFvebHYWj/J/h+KiKWI+H9EfJWPOJ6uPeW+VqM6vzA1Xi6XZrP+SG366kh1fuHElenxydJkaebU8y+cOXv6zNjJsfXp3q+v7+W3NtYb3998+8Y3L92++fEnR5aK744ncS6GsmXrx7GTmq9JPs5tmH+6G8F6KOl1AmxLLqvzRin9L4Yjl1V9O/X1O4fBXUkP6KL6YER9zbom0AcSRQ99qvU9oHH825p28/vHnfPNA5BG3JXlxeJb0Yo/0Dw3EftXj00O/pI8dGTSON48vJuJsictXY+I0YGBR9//Sfb+277RnUiQrvryfHNDPbr907X9T7TZ/wy1zp3+Ra3930q2/1tpEz+3yf7vYocxfnv1xw82jX99MJ5sGz9Zi5+0iZ9GxOsdxr/1yudnN1tW/zDiWLSP35I8/vzwyOUr5dJo82/bGF8cO/Li5uOPOLhJ/OY52/2riawf/74sp7TD8X/29adPLT0m/rNPP377t3v9D0TEOx3G/8+9j17ebNmd68ndxreArW7/JPJxu8P4z507+l3WdNYQAAAAAAAAAAB2ULp6LVuSFtbaaVooNO/h/W8cTMuVau345crczETzmrfDkU9bV1oNN/tJoz+WXY/b6p/c0D+VywLmDqz2C8VKeaLHYwcAAAAAAAAAAAAAAAAAAIC/i0Mb7v//Nbd6///Gn6sG9qrNf/Ib2OvUP/Svh+s/6VkewO7z+Q99q67+oX+pf+hf6h/6l/qH/tW2/g/sfh7A7vP5D/1L/QMAAAAAAAAAAAAAAAAAAAAAAAAAQFdcvHChMdXvLy8WG/2Jgfm5qcobJyZK1anC9FyxUKzMXi1MViqT5VKhWJn+s+dLKpWrozEzd22kVqrWRqrzC69NV+ZmWr8pWsp3fUQAAAAAAAAAAAAAAAAAAADwzzO0OiVpISLf7KdpoRDxr4g4nERy+Uq5NBoR/46Ib3P5wUZ/rNdJAwAAAAAAAAAAAAAAAAAAwB5TnV+YGi+XS7PdawxkoTp71A+1ruYzsJWVI2JpZ9NoPOOWH5XPXsDubqY+aeQ6fB/2faOHOyUAAAAAAAAAAAAAAAAAAOhTD2767fQRv3c3IQAAAAAAAAAAAAAAAAAAAOhL6U9JRDSmY8PPDG1cui9Zya3+j4g3b11679p4rTY71ph/d21+7f1s/sle5A90qlWnaUQ06hgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4oDq/MDVeLpdmt9kY7GCdXo8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYDv+CAAA//9bQM66")
chroot(&(0x7f0000000100)='./file0\x00')
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000003c0)='./file0\x00', 0x0, 0x2a05004, 0x0)
chroot(&(0x7f0000000140)='./file0/../file0\x00')
pivot_root(&(0x7f0000000600)='./file0\x00', &(0x7f00000001c0)='./file0/../file0\x00')

12m8.059239898s ago: executing program 0 (id=75):
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
r0 = creat(&(0x7f0000000000)='./file0\x00', 0xc9a9c042ad77c5e5)
lsetxattr$security_capability(&(0x7f0000002580)='./file0\x00', &(0x7f00000025c0), 0x0, 0x0, 0x0)
write$binfmt_elf32(r0, &(0x7f0000000580)=ANY=[@ANYBLOB="7f454c460504028d04000000000000000200060004000000f1020000380000005e020000080400000400200002"], 0x78)
close(r0)
execve(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)

12m7.372200253s ago: executing program 0 (id=82):
r0 = socket$inet6(0xa, 0x3, 0x7)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001680)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x40001}, 0x4040850)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000001c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x76a9bba1a690db0f, 0x0, 0x0, {0xa, 0x0, 0x5}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x3cb140bb}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x3}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x68}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)
connect$inet6(r0, &(0x7f0000001940)={0xa, 0x0, 0x200, @mcast1, 0x9}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000002200)=[{{0x0, 0x0, 0x0}}], 0x40000000000027f, 0x0)

12m7.371968284s ago: executing program 32 (id=82):
r0 = socket$inet6(0xa, 0x3, 0x7)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001680)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x40001}, 0x4040850)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000001c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x76a9bba1a690db0f, 0x0, 0x0, {0xa, 0x0, 0x5}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x3cb140bb}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x3}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x68}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)
connect$inet6(r0, &(0x7f0000001940)={0xa, 0x0, 0x200, @mcast1, 0x9}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000002200)=[{{0x0, 0x0, 0x0}}], 0x40000000000027f, 0x0)

11m58.562011178s ago: executing program 2 (id=294):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x2000094}, 0x4000800)
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000080)={'vxcan1\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="440000001800010000000001fddbdf251d01020008000a00", @ANYRES32, @ANYBLOB='\b\x00\t\x00', @ANYRES32=r2], 0x44}, 0x1, 0x0, 0x0, 0x20000080}, 0x0)
sendmmsg(r0, &(0x7f0000000000), 0x400000000000235, 0x0)

11m58.478073922s ago: executing program 2 (id=296):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x20, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x48}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a480000000e"], 0x70}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)=ANY=[], 0x68}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)

11m58.430291534s ago: executing program 2 (id=297):
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000000900)='./file1\x00', 0x200000, &(0x7f0000000180), 0x3, 0x566, &(0x7f0000002080)="$eJzs3V9rW+UfAPDvSdv9//3WwRjqhRR24WQuXVv/TBA2L0WHA72foc3KaLqMJh1rHWy7cDfeyBBEHIgvwHsvh2/AVyHoYMgoeuFN5aQnW9YkTZtlNvN8PnC25znnpN/z5DnPk+/JSUgAuTWR/lOIeDkivkoiDrdsG41s48TGfmuPbsymSxLr65/8kUSSrWvun2T/H8wqL0XEz19EnCy0x62trC6UKpXyUlafrC9enaytrJ66vFiaL8+Xr0zPzJx5a2b63XfeHlhbX7/w17cf3//gzJfH17758cGRu0mci0PZttZ2PINbrZWJmMiek7E4t2nHqQEEGyZJrx06nAPsvpFsnI9FOgccjpFs1AP/fTcjYh3IqcT4h5xq5gHNa/sBXQe/MB6+v3EB1N7+0Y33RmJf49rowFry1JVRer07PoD4aYyffr93N12ix/sQNwcQD6Dp1u2IOD062j7/Jdn817/T23jXb3OMvL3+wG66n+Y/b3TKfwqP85/okP8c7DB2+9F7/BceDCBMV2n+917H/Pfx1DU+ktX+18j5xpJLlyvl0xHx/4g4EWN703q/93Na8790SeM3c8HsOB6M7n36MXOleqnPcG0e3o545Un+m0Tb/L+vketu7v/0+biwzRjHyvde7batd/tbDT4DXv8h4rWO/f/kjlay9f3Jycb5MNk8K9r9eefYL93i76z9g5f2/4Gt2z+etN6vre08xvf7/i5329bv+b8n+bRR3pOtu16q15emIvYkH7Wvn37y2Ga9uX/a/hPHt57/Op3/+yPis222/87R7mnQMPT/3I76f+eFXz/8/Ltu8bfX/282SieyNduZ/7Z7gM/y3AEAAAAAAMCwKUTEoUgKxcflQqFY3Ph8x9E4UKhUa/WTl6rLV+ai8V3Z8RgrNO90H275PMRU9nnYZn16U30mIo5ExNcj+xv14my1MrfbjQcAAAAAAAAAAAAAAAAAAIAhcbDL9/9Tv43s9tEBz52f/Ib86jn+B/FLT8BQ8voP+WX8Q34Z/5Bfxj/kl/EP+WX8Q34Z/5Bfxj8AAAAAAAAAAAAAAAAAAAAAAAAAAAAM1IXz59Nlfe3Rjdm0PndtZXmheu3UXLm2UFxcni3OVpeuFuer1flKuThbXez19yrV6tWp6Vi+Plkv1+qTtZXVi4vV5Sv1i5cXS/Pli+Wxf6VVAAAAAAAAAAAAAAAAAAAA8GKprawulCqV8pJC18LZGIrD6LuQ9Orls9nJ0FeI0d1voMJzKOzyxAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALf4JAAD//5CPL9Y=")
r0 = open(&(0x7f0000000200)='./file1\x00', 0x4827e, 0x20)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4002011, r0, 0x9000)
fallocate(r0, 0x10, 0x0, 0x8800000)
r1 = open(&(0x7f0000000140)='./file1\x00', 0x66842, 0x21)
pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x5a00, 0x0, 0x3)

11m58.246557734s ago: executing program 2 (id=298):
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000140)='./bus\x00', 0x208894, &(0x7f0000000640)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000", @ANYRESOCT, @ANYRES32, @ANYRES8, @ANYRESOCT, @ANYBLOB="0ea1a3ed758749a35b0cf19e7301710a8a7c5e7fe9b7c49589266bd5045f15f1817fcc4ea04eeac3f0df37b8beaeafc22a5a08a1a70024"], 0x1, 0x2c3, &(0x7f0000000180)="$eJzs3cFqE1EUxvFjU5s0pU0EERTUg250M7TxATRIC2JAqY2oC2FqJxoyJmUmVCJisxG3Pkdx6U5QX6AbcePeXREEN12II52ZtJM2bdM2TWL7/0GZO3Pux71N0nISSLLy4N3zUsE1CmZVBhIqAyJ1WRVJr41CJ8LjgD8ekqi6XB35/f38vYePbmdzuclp1anszLWMqo5d/PTi1ftLX6oj9z+MfYzLcvrxyq/Mj+Wh5bMrf2eeFV0tulquVNXU2Uqlas7als4V3ZKhete2TNfSYtm1nKZ6wa7Mz9fULM+NJucdy3XVLNe0ZNW0WtGqU1PzqVksq2EYOpqU422wjTn5pelpM7tt2Yt1dEc4dMOtLjpOtt66mF/qwp4AAECf2bn/D3r97fr/je5wL/3/md37f5Fo/58IF6H/74B609ku/T+OBMfJmsnw77cZ/T8AAAAAAAAAAAAAAAAAAAAAAP+DVc9LeZ6XWjuGl/zzuIgkgreA++c93iYOSfT+9yI/6/d/eL4pdr1H20WHRd64lxCx3y7kF/LBMahnC1IUWywZl5T88R8PoWA8dSs3Oa6+tHy2F8P84kI+JvFGviHdKn/h1ESQ1+b8SUlG189ISk63Xj/TMj8kVy5H8oak5OsTqYgtc/7jeiP/ekL15p3cpvywPw8AAAAAgKPA0HVbnr/7dX9CQrbWg3zk9QHP8xZ3en1g0/PrQTnXzkdUAgAAAACAA3NrL0umbVvOPgZxETlAvPMDzxPp/TZi0h+3RvPghoj0wTa6NUiISHBF9xP/uR5vK+W1MWcw/AaO/rh9dh/0+j8TAAAAgE7baPr3EPr25hB3BAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA8dPu54E15m8pNQo7xCPLxbr+CwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB95F8AAAD//6loFW8=")
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000280)='./bus\x00', 0x2901481, 0x0, 0x0, 0x0, &(0x7f000009de00))
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000003c0)='./file0\x00', 0x0, 0x2a05004, 0x0)
chroot(&(0x7f0000000080)='./file0/../file0/file0\x00')
pivot_root(&(0x7f0000000140)='./file0/../file0\x00', 0x0)

11m58.050696844s ago: executing program 2 (id=302):
socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x2a, 0x1, 0x0, 0x0, 0x0, 0x0, 0xb801b, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x147b7e, 0x0, @perf_config_ext={0x1, 0xf60e}, 0xb093, 0x800000, 0x43a1bd76, 0x2, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x200b}, 0x0, 0x4000000000, 0xffffffffffffffff, 0x8)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000bc0)=ANY=[@ANYBLOB="54010000100001000000000800000000ac1414bb00000000000000000000000000000000000000000000000000000001000200004e2000500000200016000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8000000000000000000000000000aafffffffc33000000ac1414aa00000000000000000000f0000000000000000000070000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffffffffffff000000805600000000000000000000000000000000000000000001000000000001040000090000000000000000000000000000000a00010090000000000000004800010073686132353600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c0017"], 0x154}}, 0x24000058)

11m57.428155186s ago: executing program 2 (id=314):
write$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$kcm(0xa, 0x2, 0x0)
r1 = socket(0x2, 0x80805, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r1, 0x0, 0x482, &(0x7f0000000240)={0x84, @rand_addr=0x64010102, 0x4e20, 0x3, 'ovf\x00', 0x0, 0x660f537f, 0x70}, 0x2c)
setsockopt$IP_VS_SO_SET_ADDDEST(r1, 0x0, 0x487, &(0x7f0000000280)={{0x84, @multicast2, 0x4f29, 0x3, 'nq\x00', 0x5, 0xc, 0x6c}, {@loopback, 0x4e26, 0x3, 0x1, 0x1}}, 0x44)
sendmsg$sock(r0, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e20, 0x0, @dev={0xfe, 0x80, '\x00', 0xfd}}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14, 0x1, 0x24, 0x3}}], 0x18}, 0x0)

11m57.421172067s ago: executing program 33 (id=314):
write$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$kcm(0xa, 0x2, 0x0)
r1 = socket(0x2, 0x80805, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r1, 0x0, 0x482, &(0x7f0000000240)={0x84, @rand_addr=0x64010102, 0x4e20, 0x3, 'ovf\x00', 0x0, 0x660f537f, 0x70}, 0x2c)
setsockopt$IP_VS_SO_SET_ADDDEST(r1, 0x0, 0x487, &(0x7f0000000280)={{0x84, @multicast2, 0x4f29, 0x3, 'nq\x00', 0x5, 0xc, 0x6c}, {@loopback, 0x4e26, 0x3, 0x1, 0x1}}, 0x44)
sendmsg$sock(r0, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e20, 0x0, @dev={0xfe, 0x80, '\x00', 0xfd}}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14, 0x1, 0x24, 0x3}}], 0x18}, 0x0)

10m40.252712575s ago: executing program 6 (id=1790):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'dummy0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newqdisc={0x58, 0x24, 0xd0f, 0xc70bd30, 0x25dfdbfb, {0x60, 0x0, 0x0, r2, {0x0, 0xfff2}, {0xfff1, 0xffff}, {0x5, 0x2}}, [@qdisc_kind_options=@q_ingress={0xc}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x8, 0x0, 0x1, 0x9ed, 0x0, 0x81, 0x9, 0x1}}, {0x6, 0x2, [0x6]}}]}]}, 0x58}, 0x1, 0x0, 0x0, 0x4004001}, 0x44080)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x4000)

10m40.218249976s ago: executing program 6 (id=1792):
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x1000, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x20842, 0x93)
fcntl$setstatus(r0, 0x4, 0x2000)
r1 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20d42, 0x4)
fcntl$setstatus(r1, 0x4, 0x42000)
write$cgroup_subtree(r0, &(0x7f0000000100)={[{0x2d, 'hugetlb'}]}, 0x9)

10m40.198554038s ago: executing program 6 (id=1794):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x1f, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000fcffffff0000000007000000850000007b0000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000005000000850000000400000095"], 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x34, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a5df"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
r0 = perf_event_open(&(0x7f0000000fc0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x400, 0xf6103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, @perf_bp={0x0, 0x8}, 0x40, 0x0, 0x0, 0x0, 0x7, 0x20000000, 0xffff, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffc)

10m40.124613692s ago: executing program 6 (id=1800):
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@newsa={0x144, 0x10, 0x1, 0xbffffffe, 0x100, {{@in=@empty, @in6=@ipv4={'\x00', '\xff\xff', @remote}, 0x1, 0x394, 0x4e23, 0x3, 0x0, 0x80, 0x0, 0x3a}, {@in6=@local, 0x4d4, 0x6c}, @in=@remote, {0x0, 0x9, 0x6, 0xffff, 0x8251c, 0x2, 0xfffffffffffffff8}, {0x6, 0x0, 0x1000000000000000, 0x1ff}, {0x2, 0xfffffffc}, 0x70bd2a, 0x3504, 0xa, 0x1, 0xfd, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @offload={0xc, 0x1c, {0x0, 0x1}}]}, 0x144}, 0x1, 0x0, 0x0, 0x4008885}, 0x40014)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, 0x0)
sendmsg$RDMA_NLDEV_CMD_RES_GET(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000380)={0x0}, 0x1, 0x0, 0x0, 0x20004000}, 0x20008000)

10m40.049152705s ago: executing program 6 (id=1805):
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x2b, 0x1, 0x0, 0x0, 0x0, 0x8, 0xfc2bd, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, @perf_config_ext={0xa, 0x100}, 0x204, 0x2, 0x43a1bd78, 0x7, 0x9, 0x3ff, 0x2, 0x0, 0x0, 0x0, 0xffffffffffffc46f}, 0x0, 0x4000000000, 0xffffffffffffffff, 0xb)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x48, '\x00', 0x0, @fallback=0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30)
mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0)

10m39.939654351s ago: executing program 6 (id=1810):
r0 = socket$inet6(0xa, 0x2, 0x0)
close(0x3)
r1 = socket$l2tp6(0xa, 0x2, 0x73)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000280)={@mcast1, 0x800, 0x0, 0x103, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000040)=0x5, 0x4)
sendmsg$inet6(r1, &(0x7f0000000100)={&(0x7f0000000000)={0xa, 0x4e20, 0x80000, @local, 0xfffffffe}, 0x1c, 0x0, 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="680000000000000001"], 0x238}, 0x40440f0)

10m24.902532876s ago: executing program 34 (id=1810):
r0 = socket$inet6(0xa, 0x2, 0x0)
close(0x3)
r1 = socket$l2tp6(0xa, 0x2, 0x73)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000280)={@mcast1, 0x800, 0x0, 0x103, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000040)=0x5, 0x4)
sendmsg$inet6(r1, &(0x7f0000000100)={&(0x7f0000000000)={0xa, 0x4e20, 0x80000, @local, 0xfffffffe}, 0x1c, 0x0, 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="680000000000000001"], 0x238}, 0x40440f0)

10m1.820929256s ago: executing program 4 (id=2419):
r0 = epoll_create1(0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = epoll_create1(0x0)
pselect6(0x40, &(0x7f00000001c0)={0x7f}, 0x0, 0x0, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000000)={0xa0000001})
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000040)={0x2004})

10m1.701098392s ago: executing program 4 (id=2420):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x42, 0xc0)
write$P9_RREADLINK(r0, &(0x7f0000000000)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0xfffffdab)
acct(&(0x7f0000000100)='./file1\x00')
acct(0x0)
acct(0x0)
acct(0x0)

10m1.210095497s ago: executing program 4 (id=2424):
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ccb000/0x9000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f00009e9000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ff9000/0x4000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r0 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1700000004"], 0x50)
io_uring_enter(r0, 0x2219, 0x7721, 0x33, 0x0, 0x0)

10m1.019337097s ago: executing program 4 (id=2426):
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
chroot(&(0x7f0000000100)='./file0\x00')
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000008c0)='./file0\x00', 0x0, 0x2a05004, 0x0)
pivot_root(&(0x7f0000000500)='./file0/../file0\x00', &(0x7f0000000540)='./file0/../file0\x00')
pivot_root(&(0x7f0000000600)='./file0\x00', &(0x7f00000001c0)='./file0/../file0\x00')

10m0.951987591s ago: executing program 4 (id=2427):
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff7000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r0 = io_uring_setup(0x830, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1})
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0xe22, 0x2, @empty}, 0x1c)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='6L\x00\x00'], 0x48)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)

10m0.417084928s ago: executing program 4 (id=2438):
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff0000/0xd000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fec000/0x14000)=nil, &(0x7f0000ff1000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffe000/0x1000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r0 = io_uring_setup(0x1c79, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1})
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x17, 0x3, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)

10m0.379329111s ago: executing program 35 (id=2438):
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff0000/0xd000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fec000/0x14000)=nil, &(0x7f0000ff1000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffe000/0x1000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r0 = io_uring_setup(0x1c79, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1})
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x17, 0x3, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)

8m20.09396733s ago: executing program 7 (id=4476):
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xfffffffd, 0x1, @perf_config_ext={0x3fffffffc}, 0x0, 0x0, 0x3, 0x3, 0xfff, 0x8001, 0x7fff}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x1)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000050400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001c0012800b0001006d"], 0x3c}}, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x2, &(0x7f0000000100)=0x5, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

8m19.886895971s ago: executing program 7 (id=4478):
syz_mount_image$ext4(&(0x7f0000000200)='ext3\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000340), 0xff, 0x44d, &(0x7f0000000900)="$eJzs3MtvG8UfAPDvrp30/Ut+UB4tLQQKouKRNOnzwKUIJA4gIcGhiFNI0qrUbaAJEq0qKBzKEVXijjgi8RdwggsCTkhc4Y4qVaiXFiQko13vpsa107hx6rb+fKRNZrzjzHx3d+zZGTsBDKyx7EcSsTkifouIkUb2vwXGGr+uXTk389eVczNJ1Otv/Jnk5a5eOTdTFi2ft6mRqdeL/Lo29V54O2K6Vps7XeQnFk++N7Fw5uzzx09OH5s7Nndq6tChfXt3Dh+Y2t+TOLO4rm7/aH7HtlfeuvjazJGL7/z0TdbezcX+5jh6ZaxxdNt6qteV9dmWpnRS7WND6EolIrLTNZT3/5GoxIalfSPx8qd9bRywpur1er3d+3PhfB24hyXR7xYA/VG+0Wf3v+V2m4Yed4TLhyPeP9iI/1qxNfZUIy3KDLXc3/bSWEQcOf/3l9kWazQPAQDQ7LvDEfFcu/FfGg82lftfsYYyGhH/j4j7IuL+iNgaEQ9E5GUfioiHu6y/dYXkxvFPeumWAluhbPz3QrG2tTT++6eex18YrRS5LXn8Q8nR47W5PcUx2R1D67L85DJ1fP/Sr5932tc8/su2rP5yLNiQXqq2TNDNTi9OrzLsJZc/idhebYk/l0S5jJNExLaI2N7VX75+h3H8ma93dCp18/iX0YN1pvpXEU83zv/5aIm/lHRcn5w8eGBq/8T6qM3tmSivihv9/MuF1zvVv6r4eyA7/xtbr//cUvyjyfqIhTNnT+TrtQvd13Hh98863tPc6vU/nLyZp4eLxz6cXlw8PRkxnLx64+NT159b5svyWfy7d7WLP81f48oj8UhEZBfxzoh4NCIeK9r+eEQ8ERG7lon/xxeffLf7+JeZle+hLP7Zm53/aD7/3ScqJ374tvv4S9n535endhePrOT1b6UNXM2xAwAAgLtFmn8GPknHl9JpOj7e+Az/1tiY1uYXFp89Ov/BqdnGZ+VHYygtZ7pGmuZDJ4u54TI/1ZLfW8wbf1HZkOfHZ+Zrs/0OHgbcpg79P/NHpd+tA9ac72vB4NL/YXDp/zC49H8YXPo/DK52/f/jPrQDuP28/8Pg0v9hcOn/MLj0fxhIHb8bn67qK/8S93wi0u6fVY07pPF3U6K64n9mcYuJdW139fuVCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDf+DQAA//9X4u4v")
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000180)=ANY=[], 0x8)
connect$inet6(r0, &(0x7f00000004c0)={0xa, 0x0, 0x0, @mcast2, 0x7}, 0x1c)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='bridge0\x00', 0x10)
sendmmsg$inet6(r0, &(0x7f0000000040)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000500)="82", 0x1}, {&(0x7f0000000180)='KD', 0x2}], 0x2}}], 0x1, 0x4400c800)
sendto$inet6(r0, &(0x7f00000000c0)="cfc850defd", 0x5, 0x3b00, 0x0, 0x0)

8m19.816087755s ago: executing program 7 (id=4480):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={<r2=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000001280)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x7a, &(0x7f0000000340)={r2, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
getsockopt$bt_hci(r0, 0x84, 0x82, &(0x7f0000000080)=""/4057, &(0x7f0000000000)=0xfd9)

8m18.53455025s ago: executing program 7 (id=4483):
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000200)='./file0\x00', 0xc8d0, &(0x7f0000000280)=ANY=[@ANYRES32=0x0], 0x1, 0x314, &(0x7f00000002c0)="$eJzs3M9rE1sUwPGTNEnTlHayeLzHE6QX3ehmaONeDNKCNGCpjfgDxGkz0ZAxKZlQiYhtV25ciH+Ei9JldwXtP9CNO1du3HUjuLALcSQzkx9tE1vTpLH2+4Eyh7n3zNybacK5AzM7d14/yWdtPWuUJRhVEhAR2RWJS1BqAv426MYRabYil4e/fjx/6+696WQqNTmr1FRy7kpCKTU69u7p8yG/2+agbMcf7HxJfN7+d/v/nR9zj3O2ytmqUCwrQ80XP5WNectUmZyd15WasUzDNlWuYJslr91ZFrFMlbWKi4sVZRQyI7HFkmnbyihUVN6sqHJRlUsVZTwycgWl67oaiQkOk16bnTWSHSYvdHkw6JFSKWkMiMjQgZb0Wl8GBAAA+sqv/+vVfrBa0ndS/4emk6mQv7NR/69f2CoP394Y9ev/zUi1/hdpqv8fNo5lqkywXv9HRaRR/xe99UG36/+DFdHp9mrvxRHHqYeRVv2PVf/jlKjW/zH/++tavb8+7gbU/wAAAAAAAAAAAAAAAAAAAAAAnAa7jqM5jqN52wF/r6MNikjUfYLEa+/zMNEje69/44/rfzY0XtwRGhWxXi6ll9Le1u+wJSKWmDIumnx3/x981TiyotxOqiou761lP395Ke39liSzknPzJ0ST+P58x5m6kZqcUJ69+WGJNecnRJN/Wucn9ueHq9uIXLrYlK+LJh8WpCiWZPwn42r5LyaUun4zte/8Q24/AAAAAAD+Brqqq6/fB5vb9YPt3vrYa/fW1yFpfX/AW1+Pt1zfh+RcqF+zBgAAAADgbLErz/KGZZmlHgWrItLjU7QJajM8albtBblt+gQk0K6pC0Ht5J2lV8fWtfGEj/SJBTsa6ljkNy9Ky6B226hdH5np5MiOJnLcz/C/N2+//bqPd2dM5CgHvLoRPWSmnQaRw2YaPrEfIAAAAAAnplH01/Zc6++AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4g07iVXz9niMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwp/gZAAD//8mG/kg=")
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001240)='/proc/vmallocinfo\x00', 0x0, 0x0)
read$hiddev(r2, &(0x7f00000000c0)=""/4092, 0xffc)

8m17.494243494s ago: executing program 7 (id=4496):
mkdir(&(0x7f0000001a80)='./file0\x00', 0x1cb)
mount$bpf(0x200000000000, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x909046, 0x0)
mount$bpf(0x0, &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x100000, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000200)='.\x00', 0x0, 0x8b7840, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30)
mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0)
mount$bpf(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x84000, 0x0)

8m17.431432597s ago: executing program 7 (id=4500):
pipe(&(0x7f00000045c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet(0x2, 0x3, 0x7f)
bind$inet(r2, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
setsockopt$inet_int(r2, 0x0, 0x3, &(0x7f0000000080)=0xfffffffa, 0x4)
write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[], 0x78)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10)
splice(r0, 0x0, r2, 0x0, 0x5, 0x0)

8m2.275359009s ago: executing program 36 (id=4500):
pipe(&(0x7f00000045c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet(0x2, 0x3, 0x7f)
bind$inet(r2, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
setsockopt$inet_int(r2, 0x0, 0x3, &(0x7f0000000080)=0xfffffffa, 0x4)
write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[], 0x78)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10)
splice(r0, 0x0, r2, 0x0, 0x5, 0x0)

4.907558186s ago: executing program 1 (id=10961):
r0 = io_uring_setup(0x650b, &(0x7f0000000180)={0x0, 0x2c3f, 0x0, 0x21, 0xab})
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r1)
r2 = socket(0x28, 0x5, 0x0)
r3 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r3, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
listen(r3, 0x4)
connect$vsock_stream(r2, &(0x7f0000000080)={0x28, 0x0, 0x0, @local}, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r4}, &(0x7f0000000000), &(0x7f0000000080)=r1}, 0x20)
recvfrom$inet_nvme(r2, 0x0, 0x0, 0x40000002, 0x0, 0x0)
accept$inet(r2, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

4.758210344s ago: executing program 1 (id=10966):
socket(0x10, 0x80002, 0x0)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x1}, 0x44, 0x2, 0xfffffffe, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socket$nl_generic(0x10, 0x3, 0x10)
socket$netlink(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000012c0)={0x3, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000002000000000000000008500000061000000850000007d00000095"], &(0x7f0000000200)='GPL\x00'}, 0x90)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)=@o_path={0x0, 0xffffffffffffffff, 0x4000, r0}, 0x18)
r1 = socket$kcm(0x10, 0x2, 0x4)
close(r1)
socket$kcm(0x10, 0x400000002, 0x0)
sendmsg$inet(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000000c0)="1800000068007f089e", 0x59}, {&(0x7f0000000640)="68cabf2dfb58fc021d6b689866f05d480004fbffffffff0200258f2e4409b8f9e6aaeb88bea123dc2c6726e89b1ae24f89a565ee52dcd729cd39093c510293bca0b646a3ce904f6e6b788b3204c233e60ddc36024aa400", 0x57}], 0x2}, 0x0)

4.650408019s ago: executing program 1 (id=10967):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xf101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETOFFLOAD(r2, 0x400454c9, 0xba98575a95aeb70d)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x8914, &(0x7f0000000080))
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f00000002c0)={'syzkaller0\x00', 0x7101})
write$cgroup_devices(r4, &(0x7f0000000280)=ANY=[@ANYBLOB="1e030600bc5cb601288763"], 0xffdd)
close(r1)
close(r0)

4.474344619s ago: executing program 3 (id=10968):
socket$nl_route(0x10, 0x3, 0x0)
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4c)
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
fcntl$lock(r0, 0x410, &(0x7f00000000c0)={0x1, 0x1, 0x1, 0xfffe})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r0, 0xa9525000)
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r1=>0x0)
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0xfd8b, 0x5})
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r1, 0x1, &(0x7f0000000040)={{}, {0x77359400}}, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x1000000)
link(&(0x7f00000006c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000380)='./file0\x00')

3.543088186s ago: executing program 3 (id=10969):
socket$inet6(0xa, 0x2, 0x0)
socket(0x10, 0x803, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180))
pipe(&(0x7f0000000080))
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
socket(0x10, 0x3, 0x0)
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r1, 0x29, 0x36, &(0x7f0000000300)=ANY=[@ANYBLOB="3c34000000000000040100c910fc02000000000000000000000000000107", @ANYRES32=r0], 0x1b0)
setsockopt$inet6_IPV6_HOPOPTS(r1, 0x29, 0x36, 0x0, 0x0)

3.49187042s ago: executing program 3 (id=10970):
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_blackhole={0xe}]}, 0x34}}, 0x0)
r6 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@getchain={0x24, 0x66, 0x903, 0x70bd2c, 0x25dfdbff, {0x0, 0x0, 0x0, r7, {0xe, 0x7}, {0x2, 0xfff1}, {0xfff2}}}, 0x24}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804)
setsockopt$bt_hci_HCI_DATA_DIR(r0, 0x0, 0x1, 0x0, 0x0)

3.148945747s ago: executing program 1 (id=10973):
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000500)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x4, @perf_bp={0x0, 0xc}, 0xc000, 0x0, 0x0, 0x3, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_procs(r2, &(0x7f0000000180)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r3, &(0x7f0000000080), 0x12)
socketpair(0x21, 0x6, 0x800, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x84, 0x1e, &(0x7f0000000000), 0x4)

3.030793383s ago: executing program 3 (id=10974):
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401f, 0x68180, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x6f, 0x1, @perf_bp={0x0, 0x1}, 0x10c0e8, 0x0, 0x0, 0x3, 0x6, 0x8001, 0x7fff}, 0x0, 0xff6fbfffffffffff, 0xffffffffffffffff, 0x1)
bind$unix(0xffffffffffffffff, &(0x7f0000000000)=@abs, 0x6e)
r0 = socket(0x2, 0x2, 0x1)
bind$unix(r0, &(0x7f0000000000)=@abs, 0x6e)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/icmp\x00')
preadv(r1, &(0x7f0000000700)=[{&(0x7f0000000640)=""/165, 0xa5}], 0x1, 0x180, 0x9)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, 0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x16, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000040)='GPL\x00'}, 0x94)
r3 = epoll_create1(0x0)
r4 = fcntl$dupfd(r3, 0x2, 0xffffffffffffffff)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000140)={@cgroup=r4, r2, 0x11, 0x0, r4}, 0x14)
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x9, 0x5, 0x8000, 0x1, 0x80}, 0x50)
set_mempolicy(0x8000, &(0x7f00000008c0)=0x2, 0x0)

2.89988268s ago: executing program 9 (id=10975):
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x2a, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8006, 0x6}, 0x0, 0x10001, 0xda, 0x5, 0xa, 0x20005, 0xa, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x3, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x5, 0x8}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0x10, 0x3, {0x101, 0x2, 0x6}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x20000880)
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=@newqdisc={0x48, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xffffbddc, {0x0, 0x0, 0x0, r4, {0xffff}, {}, {0x2, 0xc}}, [@qdisc_kind_options=@q_cbq={{0x8}, {0x1c, 0x2, [@TCA_CBS_PARMS={0x18, 0x1, {0x85, '\x00', 0xfffff000, 0x9359, 0x3, 0x581}}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x44098}, 0x0)
r5 = socket(0x400000000010, 0x3, 0x0)
r6 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@gettfilter={0x24, 0x2e, 0x1, 0x703d2c, 0x25dfdb01, {0x0, 0x0, 0x0, r7, {0xc, 0xc}, {0xffff, 0xfff1}, {0x8, 0xfff2}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000801}, 0x24045000)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x10, &(0x7f0000000180)=@framed={{0x18, 0x8}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {}, {0x7, 0x0, 0xb, 0x9}}, @printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xfa6}, {0x85, 0x0, 0x0, 0x76}}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

2.865732911s ago: executing program 3 (id=10976):
socketpair(0x8, 0x2, 0x3, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="120000000a000000040000000200000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r1}, &(0x7f0000000040), &(0x7f0000000140)=r0}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r1}, &(0x7f0000000080)=0x2, &(0x7f00000005c0)}, 0x20)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xfffffffe, 0x1, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000200), 0x20802, 0x0)
write$tun(r3, &(0x7f00000026c0)=ANY=[], 0x1012)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000040)=@ipv6_newrule={0x54, 0x20, 0x1, 0x70bd2a, 0x25dfdbf9, {0xa, 0x80, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1, 0x10012}, [@FRA_DST={0x14, 0x1, @loopback}, @FIB_RULE_POLICY=@FRA_TABLE={0x8, 0xf, 0xffffffff}, @FRA_SRC={0x14, 0x2, @empty}, @FIB_RULE_POLICY=@FRA_IP_PROTO={0x5, 0x16, 0x3a}]}, 0x54}, 0x1, 0x0, 0x0, 0x800}, 0x0)
r5 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000400), r2)
sendmsg$NLBL_CIPSOV4_C_ADD(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000b40)=ANY=[@ANYBLOB="14020000", @ANYRES16=r5, @ANYBLOB="01002bbd7000fbdbdf250100030008000100010000000c0004800500030080ff000008000200010000002000088008"], 0x214}, 0x1, 0x0, 0x0, 0x1}, 0x48084)

2.744130958s ago: executing program 3 (id=10977):
r0 = epoll_create1(0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0xc, 0x0, 0x0, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
pipe2$9p(&(0x7f0000000400)={<r1=>0xffffffffffffffff}, 0x80800)
r2 = syz_usb_connect$cdc_ncm(0x0, 0x8f, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r2, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r2, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r2, 0x0, &(0x7f0000000000)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000280)={0x20, 0x80, 0x1c, {0x10ff, 0x2, 0x4003c, 0x6, 0x4, 0x7fff, 0xfffd, 0xef, 0x1, 0xfff4, 0x4, 0x2fb}}, 0x0, 0x0, 0x0, 0x0})
mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f00000003c0), 0x10000, &(0x7f0000000080)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESDEC=r0])
r3 = eventfd2(0xffffffff, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r3, &(0x7f0000000b80)={0xa0001011})

2.723004429s ago: executing program 9 (id=10978):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x4008032, 0xffffffffffffffff, 0xf8e77000)
unshare(0x20000400)
r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0)
close(r0)
socket$phonet_pipe(0x23, 0x5, 0x2)
getsockopt$PNPIPE_HANDLE(r0, 0x113, 0x3, 0x0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x20081, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x2, @perf_bp={0x0, 0xe}, 0x2, 0x0, 0x10ffe, 0x0, 0x20000002, 0xb1fe, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0x9)
set_mempolicy(0x3, &(0x7f0000000040)=0xe3, 0x8)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x143bc2, 0x1c0)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r1, 0x10e, 0x1, &(0x7f0000000000)=0x5, 0x4)
setxattr$system_posix_acl(&(0x7f00000000c0)='./bus\x00', &(0x7f0000000180)='system.posix_acl_default\x00', &(0x7f0000000440)=ANY=[@ANYBLOB="0200000008"], 0xff3c, 0x1)
munlockall()

2.627245674s ago: executing program 8 (id=10979):
perf_event_open(&(0x7f0000001340)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000300)={'sit0\x00', &(0x7f00000001c0)={'syztnl2\x00', 0x0, 0x8000, 0x7, 0xff, 0x200, {{0x5, 0x4, 0x1, 0x3a, 0x14, 0x65, 0x0, 0x2, 0x4, 0x0, @empty, @multicast2}}}})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x30c)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
r1 = openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
pread64(r1, 0x0, 0x0, 0x7662)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x8946, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000)={0x0, <r2=>0x0}, &(0x7f0000000040)=0x5)
setreuid(r2, 0x0)
r3 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0x4c)

2.542638728s ago: executing program 8 (id=10980):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x800700, &(0x7f0000000580)={[{@grpjquota}, {@stripe={'stripe', 0x3d, 0x3}}, {@norecovery}, {@noinit_itable}, {@init_itable_val={'init_itable', 0x3d, 0x1}}, {@minixdf}, {@usrjquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@errors_continue}, {@dioread_lock}, {@noblock_validity}, {@noquota}]}, 0x3, 0x465, &(0x7f0000000f00)="$eJzs3M9vFFUcAPDvzLYgP1sRf4CoVWJs/NHSgsrBi0YTDxhN9IDH2hZCWKihNRFCpBqDFxND1LPxaOJf4M2LUU8mXvVuSIhyAT3VzOwM7C67pYXtLnQ/n2SX92Ze+963b97Mm3m7BNC3RrK3JGJrRPwREUO1bGOBkdo/Vy+fnf738tnpJJaW3v47yctduXx2uixa/tyWIjOaRqSfJkUljeZPnzk+Va3Oniry4wsn3h+fP33muWMnpo7OHp09OXnw4IH9Ey++MPn8Mq3fuOI4s7iu7P5obs+u19+98Mb04Qvv/fJ91t6txf76ODplJAv8n6Vc3eYvs7cnO11Zj22rSycDPWwIq1KJiKy7BvPxPxSVuN55Q/HaJz1tHLCmsmvTMlfRxSVgHUtihcViZQWBu0V5oc/uf8tXl6Yed4RLL9dugLK4rxav2p6BSIsyg033t500EhGHF//7JnvFGj2HAACo9/n014fi2VbzvzQeqCu3vVhDGY6IeyNiR0TcFxE7I+L+iLzsgxHxUNuaNrTc2rw0dOP8J714y8GtQDb/e6lY22qc/5Wzv8pwpchty+MfTI4cq87uK/4mozG4MctPLFPHj6/+/kW7ffXzv+yV1V/OBYt2XBxoekA3M7UwlU9KO+DSxxG7B1rFn1xbCchu/XdFxO7V/ertZeLY09/taVfo5vEvowPrTEvfRjxV6//FaIq/lCy/Pjl+T1Rn942XR8WNfv3t/Fvt6r+t+Dsg6//Njcd/c5HhpH69dn71dZz/87O29zS3evxvSN7J+6U8q3w4tbBwaiJiQ3Iozzdsn7z+s2W+LJ/FP7q39fjfUUtsyt4ejojsIH4kIh6NiMeKtj8eEU9ExN5l4v/5lfb77oT+n2l5/rt2/Df1/+oTleM//dCu/pX1/4E8NVpsyc9/N7HSBt7O3w4AAADuFmn+GfgkHbuWTtOxsdpn+HfG5rQ6N7/wzJG5D07O1D4rPxyDafmka6jueehEslj8xlp+snhWXO7fXzw3/qqyKc+PTc9VZ3ocO/S7LW3Gf+avSq9bB6y5Vutoky3Xaxu+yAasA83jP23Mnnuzm40Busr3taF/3WT8p91qB9B9rv/Qv1qN/3NNeWsBsD65/kP/Mv6hfxn/0L+Mf+hLt/O9/n5OZKfMO6AZ1aGiH7tfe6S9jl1iLRKt/58mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAu9X/AQAA//9l+OT1")
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x2b, 0x1, 0x0, 0x0, 0x0, 0x1004, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_config_ext={0xffffffffffffc, 0x9}, 0x102270, 0xfffd, 0x0, 0x1, 0x8, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x2000000820000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r0 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, 0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=@newqdisc={0x90, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xfffffffd, {0x0, 0x0, 0x0, r2, {0x0, 0xfff3}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x60, 0x2, {{0xc, 0x1000, 0x2, 0xff, 0x817, 0x80}, [@TCA_NETEM_CORR={0x10, 0x1, {0x3, 0x6, 0x2}}, @TCA_NETEM_RATE={0x14, 0x6, {0x24, 0xd, 0x4, 0x8}}, @TCA_NETEM_DELAY_DIST={0x14, 0x2, "e6e7e3b3895cdb38013792921c91bea2"}, @TCA_NETEM_REORDER={0xc, 0x3, {0x3, 0x2}}]}}}]}, 0x90}}, 0x4c850)
r3 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
ioctl$BTRFS_IOC_DEFRAG(r3, 0x50009402, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000100)='./bus\x00', 0xa10844, &(0x7f0000000000), 0x1, 0x51a, &(0x7f0000000ac0)="$eJzs3c9vI1cdAPCvnThxfnSTlh4AQbu0hQWt1km8bVT1AOWIUCVEjyBtQ+KNothxFDulCXtIz1yRqMSJHvkDOPfEgRsXBDcuywGJHxFog8TBaMaTrDdrb6xNYqfx5yON5r2ZWX+/L868t36O/QIYWTcj4iAiJiLig4iYy47nsi3ebW/JdY8OH6weHT5YzUWr9f4/c+n55Fh0/JvETPaYxYj44acRP8k9Hbext7+5Uq1WdrL6QrO2vdDY27+zUVtZr6xXtsrl5aXlxbfvvlW+sLa+WpvISl99+IeDb/0sSWs2O9LZjovUbnrhJE5iPCK+fxnBhmAsa8/EsBPhueQj4qWIeC29/+diLH02AYDrrNWai9ZcZx0AuO7y6RxYLl/K5gJmI58vldpzeC/HdL5abzRv36/vbq2158rmo5C/v1GtLGZzhfNRyCX1pbT8uF4+Vb8bES9GxC8mp9J6abVeXRvmf3wAYITNnBr//zPZHv8BgGuuOOwEAICB6zH+Hww6DwBgcLz+B4DRY/wHgNFTTL/DYWrYaQAAA+T1PwCMHuM/AIyUH7z3XrK1jrLvv177cG93s/7hnbVKY7NU210trdZ3tkvr9fp6+p09tbMer1qvby+9GbsfzX97u9FcaOzt36vVd7ea99Lv9b5XKaRX+WQBAAzTi69+9udcMiK/M5Vu0bGWQ2GomQGXLT/sBIChGetRBq4/q33B6DrHa3zTA3BNdFmi9wnF6PIBoVar1bq8lIBLdutL5v9hVHXM//srYBgx5vxhdJn/h9HVauX6XfM/+r0QALjazPEDPd7/fynb/yZ7c+DHa6ev+OQyswIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICr7Xj931K2Fvhs5POlUsQLETEfhdz9jWplMSJuRMSfJguTSX1pyDkDAOeV/1suW//r1twbs0+cemXmpDgRET/91fu//Gil2dz5Y8RE7l+Tx8ebn2THy4PPHgA42/E4ne47Xsg/OnywerwNMp+/fzciiu34R4cTcXQSfzzG030xChEx/e9cVm/LdcxdnMfBxxHxxW7tz8VsOgfSXvn0dPwk9gsDjZ9/In4+PdfeJz+LL1xALjBqPkv6n3e73X/5uJnuu9//xbSHOr+s/0seavUo7QMfxz/u/8Z69H83+43x5u++1y5NPX3u44gvj0ccxz7q6H+O4+d6xH+jz/h/+corr/U61/p1xK3oHr8z1kKztr3Q2Nu/s1FbWa+sV7bK5eWl5cW3775VXkjnqBd6jwb/eOf2jV7nkvZP94hfPKP9X++z/Z/+74Mffe0Z8b/5erf4+Xj5GfGTMfEbfcZfmf5tsde5JP5aj/af9fzf7jP+w7/uP7VsOAAwPI29/c2VarWy86zCjaOIs675XBaiv4t/n/2wrkTOI11InoUrkEbXwnc6jszEJcaa6HEz/vz19q/pZETnL3ar9VyxevUYFzHrBlwFJzd9RPx32MkAAAAAAAAAAAAAAABdDeLTUcNuIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANfX/wMAAP//jMfJaQ==")
openat$dir(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x4)
mknod$loop(&(0x7f0000000080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, 0x1)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x1, 0x0, 0x7, 0x2)

2.330277529s ago: executing program 8 (id=10981):
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r0)
r2 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x0)
fchdir(r3)
open(0x0, 0x143142, 0x80)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x1c1840, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000e80)='./bus\x00', 0x1c1002, 0x0)
write(r5, &(0x7f0000004200)='t', 0x1)
sendfile(r5, r4, 0x0, 0x7fffffff)

2.250659243s ago: executing program 9 (id=10982):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = socket(0x11, 0x3, 0x0)
setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000000)=@req3={0x10000, 0x1, 0x100, 0x100, 0x100, 0x0, 0x4}, 0x1c)
syz_genetlink_get_family_id$devlink(&(0x7f0000000200), r0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeeb, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000340)=ANY=[@ANYBLOB="280000001e00030903000000fedbdf2507"], 0x28}, 0x1, 0x0, 0x0, 0x2000c090}, 0x50)

2.097756771s ago: executing program 8 (id=10983):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000b, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x403000)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$inet_udp(0x2, 0x2, 0x0)
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x20081, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x2, @perf_bp={0x0, 0x8}, 0x2, 0x0, 0x10ffe, 0x0, 0x2, 0x80000011, 0x1, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0x9)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000c3707bf4000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x15)
r2 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r2, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
bind$inet(r2, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f00000004c0)='\x00\x00\x00', 0x3}], 0x1}, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

1.635603525s ago: executing program 8 (id=10985):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$kcm(0x10, 0x3, 0x0)
sendmsg$kcm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000600)="d8000000180081054e81f782db4cb904021d0800fe207c05e8fe55a10a0015000200142603600e12080005007f370401a8001600200006000500027c035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2e98a61e284ce5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e970392", 0xd8}], 0x1}, 0x0)
r1 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_elf64(r1, &(0x7f00000000c0)=ANY=[@ANYBLOB="7f454c46030007"], 0x120)
lsetxattr$security_capability(0x0, 0x0, 0x0, 0x0, 0x0)
close(r1)
execve(0x0, 0x0, 0x0)
close(0xffffffffffffffff)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'syz_tun\x00'})
r3 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r3, 0x89f1, &(0x7f0000001040)={'sit0\x00', &(0x7f0000001000)={'syztnl2\x00', 0x0, 0x0, 0xa000, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x65, 0x0, 0x0, 0x4, 0x0, @empty, @rand_addr=0x3}}}})

1.475350264s ago: executing program 8 (id=10987):
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1008412, &(0x7f00000007c0)={[{@delalloc}, {@data_journal}, {@stripe={'stripe', 0x3d, 0x81}}, {@nolazytime}, {@auto_da_alloc}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4}}, {@data_err_ignore}, {@nouid32}, {@quota}, {@user_xattr}, {@noacl}, {@noauto_da_alloc}]}, 0x1, 0x561, &(0x7f0000000240)="$eJzs3c9rHOUbAPBnNtn+/n6bQikqIoEerNRumsQfFTzUo2i1oPcakmko2XRLdlOaWLA92IsXKYKIvXjXuycp/gP+FQUtFClBD14is5lNts1udpNuu6n7+cC077szO+88O/O8eWffXTaAgTWa/VOIeDEivk4iDkdEkq8bjnzl6Np2Kw+vT2dLEqurn/yZ1LfL6o19NZ53MK+8EBG/fhlxsrC53erS8txUuZwu5PWx2vyVserS8qlL81Oz6Wx6eWJy8sybkxPvvP1Wz2J97fzf33189/0zXx1f+fan+0duJ3E2DuXrmuN4AjeaK6Mxmr8mxTj72Ibja//1os1dIen3AbAjQ3meFyPrAw7HUJ71wH/fFxGxCgyoRP7DgGqMAxr39j26D35uPHhv7QZoc/zDa++NxL76vdGBleSRO6PsfnekB+1nbfz8x53b2RK9ex8CoKMbNyPi9PDw5v4vyfu/nTvdxTaPt6H/g2fnbjb+eb3V+KewPv6JFuOfgy1ydyc653/hfg+aaSsb/73bcvy7Pmk1MpTX/lcf8xWTi5fKada3/T8iTkRxb1Yf36KNMyv3Vtutax7/ZUvWfmMsmB/H/eG9jz5nZqo29SQxN3twM+KlluPfZP38Jy3Of/Z6nO+yjWPpnVfaresc/9O1+kPEqy3P/8aMVrL1/ORY/XoYa1wVm/1169hv7drvd/zZ+T+wdfwjSfN8bXUbO29Meu77J223ySPxR/fX/57k03p5T/7YtalabWE8Yk/y4ebHJzae26g3ts/iP3F86/5v4/r/ZX0/+yPisy5fhltHf3x5Xzfx9+n8z2zr/G+/cO+Dz79v1353/d8b9dKJ/JFu+r8Ox1WM7V/NAAAAAAAAsOsVIuJQJIXSerlQKJXWPt9xNA4UypVq7eTFyuLlmah/V3YkioXGTPfhps9DjOefh23UJx6rT0bEkYj4Zmh/vV6arpRn+h08AAAAAAAAAAAAAAAAAAAA7BIH23z/P/P7UL+PDnjq/OQ3DK6O+d+LX3oCdiV//2FwyX8YXPIfBpf8h8El/2FwyX8YXPIfBpf8BwAAAAAAAAAAAAAAAAAAAAAAAAAAgJ46f+5ctqyuPLw+ndVnri4tzlWunppJq3Ol+cXp0nRl4UpptlKZLael6cp8p/2VK5Ur4xOxeG2sllZrY9Wl5QvzlcXLtQuXPjo0m15Ii88kKgAAAAAAAAAAAAAAAAAAAHi+VJeW56bK5XRBQWFHheHdcRgKPS70u2cCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgA3/BgAA//+kdDcZ")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
mknodat$null(0xffffffffffffffff, &(0x7f0000002200)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xef981d8a7733b4fb, 0x103)
r1 = socket$nl_sock_diag(0x10, 0x3, 0x4)
syz_usb_connect$uac1(0x0, 0x81, &(0x7f00000000c0)={{0x12, 0x1, 0x201, 0x0, 0x0, 0x0, 0x20, 0x763, 0x2001, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x6f, 0x3, 0x1, 0x9, 0x40, 0x3f, "", {{{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0xd2, 0xa}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x3ff, 0x78, 0x8, 0xba, {0x7, 0x25, 0x1, 0x8, 0x4, 0x3}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_discrete={0x8, 0x24, 0x2, 0x1, 0xfc, 0x3, 0x8, 0x1}, @as_header={0x7, 0x24, 0x1, 0x8, 0x5, 0x1002}]}, {{0x9, 0x5, 0x82, 0x9, 0x20, 0x3, 0x2, 0x0, {0x7, 0x25, 0x1, 0x0, 0x6, 0x3}}}}}}}}]}}, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0})
shutdown(r1, 0x1)
pwrite64(r0, &(0x7f0000000180)='3', 0x1, 0x4fed0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
futex(&(0x7f000000cffc)=0x4, 0x10b, 0x4, 0x0, &(0x7f0000048000), 0x0)
ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r2, 0x8010671f, &(0x7f00000000c0)={&(0x7f0000000080)=""/49, 0x31})
futex(&(0x7f000000cffc), 0x5, 0x0, 0x0, &(0x7f0000001600), 0x42fffffe)
sendfile(r2, r2, 0x0, 0xe3aa6ea)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x8541, 0x1a9)
fallocate(r3, 0x8, 0x4000, 0x8000)

1.223525026s ago: executing program 1 (id=10988):
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300))
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0xfd8b, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
sigaltstack(&(0x7f0000001000)={&(0x7f00000010c0)=""/4114, 0x80000001, 0xfef1}, 0x0)
sigaltstack(0x0, &(0x7f0000001080)={0x0})
r0 = io_uring_setup(0x5005, &(0x7f00000000c0)={0x0, 0x3, 0x1000, 0x1004003, 0x38})
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r0, 0x18, &(0x7f0000000000), 0x1)
ioctl$KDGETMODE(0xffffffffffffffff, 0x4b3b, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, 0x0, 0x0)
r1 = mq_open(&(0x7f0000000480)='!sel\x00\x00\x00\x10\x00\x00\x00\x00\xd7\\P\xc1\xde.O\xcb]0y\x00\x00\x00\x00\x00\x00\x00\x00', 0x6e93ebbbcc0884f2, 0x196, &(0x7f0000000440)={0x2000000000002000, 0x1, 0x56, 0x3})
mq_timedsend(r1, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r1, 0x0, 0x0, 0x9, 0x0)

1.119217252s ago: executing program 9 (id=10989):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffd000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000400)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
io_submit(0x0, 0x0, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000dc0)=@polexpire={0xcc, 0x1b, 0x1, 0x0, 0x25dfdbff, {{{@in6=@local, @in=@local, 0x0, 0x0, 0xffff, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x0, 0x1}, 0xfa}, [@sec_ctx={0xc, 0x8, {0x8, 0x8, 0x1, 0x80}}]}, 0xcc}}, 0x0)

1.053737145s ago: executing program 5 (id=10990):
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x52, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0xae9, 0x30, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x1}, 0x14100}, 0x0, 0xffffffffffffffff, r0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe2$watch_queue(0x0, 0x80)
socket$inet6(0xa, 0x800000000000002, 0x0)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x0, 0x81, 0x1ff, 0x1, 0x1}, 0x1c)
recvmmsg$unix(r1, &(0x7f0000002cc0)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000980)=""/4096, 0x1000}], 0x1}}, {{0x0, 0x0, &(0x7f0000000100)=[{0x0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000300)}}], 0x3, 0x400122a0, 0x0)
connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x4e22, @multicast2}, 0x0, 0x0, 0x4, 0x1}}, 0x2e)
sendmmsg(r1, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCSETA(r2, 0x560a, &(0x7f0000001040)={0x0, 0x1, 0x4, 0x20, 0x0, "0000e5ff0100"})
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$PPPIOCATTACH(r3, 0x4004743d, 0x0)

927.157312ms ago: executing program 5 (id=10991):
socket(0xf, 0x6, 0x7)
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
open_by_handle_at(r1, &(0x7f0000002580)=ANY=[@ANYBLOB="0c000000fe"], 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
socket$inet_udp(0x2, 0x2, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000a00)=@newtaction={0x88c, 0x30, 0xffff, 0xfffffffe, 0x0, {}, [{0x878, 0x1, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x1000, 0xffff, 0xd, 0x81, 0x7, 0x6, 0x7, 0x9, 0x4, 0x4, 0x6, 0x3, 0x5, 0x3, 0x6, 0x6, 0xffff, 0x3, 0x4, 0x6, 0x0, 0x20, 0xb, 0x5, 0x5, 0x2, 0x62, 0x9, 0xfffffff8, 0x6338, 0x70, 0x7, 0x9, 0x8, 0x9, 0x7, 0x80000000, 0x7, 0xfff, 0x2, 0x9, 0xfffffff9, 0x6, 0xfffffffe, 0x600000, 0x6, 0x1, 0x8, 0x1, 0xbc0, 0x9bf1, 0x5, 0x2, 0x0, 0xe, 0x9, 0x1ff, 0xb9, 0xc741, 0x6, 0x5, 0x1, 0xed, 0x1, 0x8001, 0xb, 0x5b96, 0xffff, 0x2, 0x20000000, 0xff, 0x1, 0x4, 0x9, 0x401, 0x2, 0x1000, 0x101, 0x50, 0x4, 0xffffffff, 0x1, 0x0, 0x5, 0x7, 0x8a6b, 0xfffffbff, 0x4, 0x2, 0x1, 0x5, 0x6, 0x2, 0x5, 0xffffffff, 0x80, 0x10000008, 0x0, 0x8, 0xfffffff4, 0x3b98, 0xfffff800, 0x8, 0x3, 0x2000f, 0xf8b, 0x10001, 0x3, 0x2, 0xa78, 0x3, 0xcb0, 0x6, 0x9, 0x9, 0x0, 0x7, 0x80000001, 0x7, 0x9, 0x0, 0x40, 0x8, 0x8, 0x5, 0x7, 0xaa92, 0x800, 0x3, 0x9, 0x10001, 0x9, 0x1, 0xd12, 0x0, 0x23487474, 0x3cce, 0x0, 0x7, 0x6, 0x5, 0xb1, 0x2, 0x6, 0x9, 0x2, 0xaa83, 0x40, 0xff, 0x9, 0x9, 0x1, 0x5, 0x0, 0x2, 0x1, 0x4, 0x9, 0x4, 0x2, 0x7, 0xffffffff, 0x1, 0xd76a, 0x6, 0xfffffff6, 0x4, 0x1, 0xfffffffd, 0xfffffffc, 0x50, 0x7359, 0x8, 0x7, 0xb, 0xa, 0x2d5, 0x6, 0xf, 0x1, 0x773a, 0x6b7b, 0x10001, 0x3, 0x4, 0x5, 0x7, 0x4, 0x800, 0x2, 0x5, 0x0, 0x6, 0x3ff, 0x9, 0x5, 0x5, 0xfff, 0x7, 0x8, 0xffff, 0x3, 0x4, 0xa, 0xae2b, 0x1, 0x6, 0x1a71, 0x0, 0x10001000, 0x0, 0x3, 0x7, 0x1, 0x1, 0x3c34, 0x6, 0x10000, 0x5, 0x100, 0x0, 0x8, 0x3, 0x3, 0xc, 0x100, 0x0, 0x2, 0xb, 0x5, 0xc8, 0x557c, 0x9, 0x8, 0x9, 0x3, 0x80, 0x8000, 0x7bc, 0x1, 0x8, 0x6, 0xe, 0x5, 0xfff, 0x9, 0x5, 0x279, 0x8000, 0x8, 0x5, 0x1, 0x80000000, 0x3, 0x9, 0x1ff]}, @TCA_POLICE_RATE={0x404, 0x2, [0x2, 0x9, 0xd, 0x7, 0x9, 0x6, 0x0, 0x4, 0x81, 0x1, 0x100, 0x7, 0x3f, 0x3, 0x8, 0x9, 0x2, 0x6, 0x6dbf, 0x8, 0x5, 0x12c, 0x3, 0x5, 0x5, 0x7, 0x100, 0x7, 0x8, 0x9, 0x0, 0x3, 0xffffffff, 0x200, 0xfffffffe, 0x328d, 0xfffffe01, 0x9, 0x8, 0x3, 0xffff8000, 0x4f, 0x0, 0xd, 0x3, 0x8000, 0x2, 0x17, 0x88, 0x8, 0xc, 0xffff, 0x0, 0x3, 0x2, 0x42f, 0xffffff2c, 0x5, 0xbd, 0xe0, 0x6, 0xc26, 0x8e, 0x6, 0x3, 0xe, 0x1, 0x800, 0x1bf, 0x4, 0x5, 0x4, 0x8, 0x7ce7c36c, 0x3, 0x1eb, 0x10001, 0x8, 0x5102, 0x6ce, 0x6, 0x8000, 0x2, 0x5, 0xfffffff9, 0x2, 0x4e30, 0x6, 0x6, 0x2, 0x90, 0x2, 0x2, 0xc80e, 0x4, 0x5, 0x450, 0xe0, 0x6, 0x5, 0xd, 0x5, 0x5, 0x9, 0x1045800, 0xfffffffd, 0xffffffde, 0x6a4, 0x5, 0x9, 0x6, 0x1f, 0xb89, 0x6, 0x7, 0x1ff, 0x6, 0xfffff77b, 0x3, 0xffffffff, 0xfffff400, 0x6, 0x6, 0x8, 0x9, 0x2, 0x7, 0x401, 0xa7d, 0x6, 0xfffff9f3, 0x1, 0x9, 0x1, 0xb4, 0x2, 0xc, 0x8, 0x7, 0x0, 0x5891, 0x8, 0x7, 0xb, 0x0, 0x8, 0xb, 0x0, 0xff, 0x4f, 0x8, 0x33f, 0x70fc7f4f, 0x0, 0x4, 0x0, 0xc, 0x9, 0x5, 0x6, 0x3, 0x2, 0x1, 0x0, 0x2c46512a, 0x7, 0x2640, 0x0, 0x10000, 0x0, 0x9, 0x3, 0x6, 0x7fffffff, 0xdc, 0x80000000, 0x26, 0xbb16, 0x2, 0x9, 0xbd1, 0x44, 0xffffff7f, 0xa3, 0x1, 0x4, 0x0, 0x3, 0x2, 0x5, 0x0, 0x9, 0x4, 0x4b, 0x1, 0x8000, 0x2, 0x4, 0x2e4, 0xc7, 0x4, 0x4, 0x2, 0x81, 0xff, 0x6, 0x1, 0x10, 0x6, 0x9, 0x1, 0x4e2, 0x104, 0x7, 0x3ff, 0x10000, 0x4, 0x1, 0x3, 0x800, 0x101, 0x800, 0x6, 0x9, 0x6, 0x101, 0x9, 0x9, 0x6, 0x800, 0x101, 0xf07, 0x0, 0x2, 0x81, 0xfff, 0x80000001, 0x8, 0x2, 0xee8, 0x1ff, 0x81, 0x24000, 0x6, 0x2, 0x2, 0x2, 0x10, 0x8001, 0xa, 0x8, 0x200, 0x6, 0x9, 0x7fff, 0x2]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x8, 0x4, 0x4, 0x2, 0x7, {0x3, 0x2, 0x4, 0x40, 0x6, 0x1ff}, {0x2, 0x0, 0x2, 0xcd4, 0x9, 0x8}, 0x0, 0x7ff}}]]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x88c}, 0x1, 0x0, 0x0, 0x8000}, 0x4)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x207, &(0x7f0000000000), 0x1, 0x46f, &(0x7f0000001200)="$eJzs3M1vFOUfAPDv7G7hx2v3h/gCoqJoJL60tKBy8KKJiQdNTPSAx1oKQRZqaE2ENLYYghcTJeFuTLyY+Bd48kTUk4lXvBsSYriAelkz3dllu91tt91tt3U/n2To83Sf3ef7nZln55kZpgH0rYPpP0nEzoi4GRGDEZGrb7CtsqTt7t2ZGf/rzsx4EuXyu38m6dvi7p2Z8WrTJPu5o1IppB+Uu5JEsUm/UxcvnR0rlSYuZPXh6XMfDU9dvPTimXNjpydOT5wfPX782NGRV14efakreaYx3d3/6eSBfW++f+3t8RPXPvj5+0q85fL1G0cW5NEdAxExU1snjZ7pbmc9t6uunBR6GAgrsjUiCtneejMGI39ld+21wXjjs54GB6ypcrlcHm398lwZ+A9LotcRAL1RPdCn57/VpX4C8M/aTj967vZrlROgNO972VJ5pRCXszYDDee33XQwIk7M/f11ukTD9RQAgLXwYzr/eaHJ/K8Y8VBdu93ZvaFiRPw/IvZExAMRsTciHoxK24cj4pEV9n+wob54/pO7tbrM2pPO/17N7m0tnP/V7oIV81lt13z+A8mpM6WJI9k6ORwDW9P6SNNPTyLm0p+/fdmq//r5X7qk/VfnglkctwpbF77n5Nj0WMeJZ25fjthfaJZ/EoX7WcS+iNi/yj7OPPfdgYW/yddKy+e/hC7cZyp/E/FsZfvPRUP+VcnS9yeH/xeliSPD1b1isV9+vfpOq/47yr8L0u2/ven+X8u/mNTfr51a9BFbluvj6u+ftzynWe3+vyV5b0Hnn4xNT18YidiSvLX493UXuKv1avs0/8OHmo//PXF/TTwaEelO/FhEPB4RT2SxPxkRT0XEoSXy/+n1pz9cff5rK81/dkXbf+WF/NkbP7Tqv73tf6xamQ+qne+/dgPsZN0BAADAZpGLiJ2R5IZq5VxuaKjy/+X3xvZcaXJq+vlTkx+fP1l5RqAYA7nqla7BuuuhI9m14Wp9NKvPZvWj2XXj6/lt8/Wh8cnSyV4nD31uR4vxn/oj3+vogDXneS3oX8Y/9K/Vj3/fHLDZLTOKc+sVB7D+HMWhfzUb/7M9iANYf47/0L9q4/+rNhrXPe7V+PAmsPk4/kP/Mv6hL3XyXP+GKMS3EUu3STZKqCsqfNHJ2wvrEGHkNsaKWsfCaD6ih2EU2v2rFnGxPNtxp73+ZgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiOfwMAAP//Oyno9g==")
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1a4a438, &(0x7f00000008c0)=ANY=[], 0xc, 0x0, &(0x7f000001f940))
lsetxattr$trusted_overlay_upper(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000240), &(0x7f00000002c0)=ANY=[], 0x381, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x808719, &(0x7f0000000300)={[{@nogrpid}, {@noblock_validity}, {@discard}, {@errors_remount}, {@mblk_io_submit, 0x0}, {@noauto_da_alloc}, {@mblk_io_submit}, {@journal_checksum}, {@mblk_io_submit}, {@i_version}, {@minixdf}, {@nolazytime}, {@dax_inode}, {@prjquota}, {@nouid32}, {@data_writeback}, {@resgid}], [{@smackfshat={'smackfshat', 0x3d, '-@):.#})#'}}, {@fsmagic={'fsmagic', 0x3d, 0x4}}, {@fsname={'fsname', 0x3d, 'errors=remount-ro'}}], 0x2c}, 0x2, 0x4fc, &(0x7f0000000e40)="$eJzs3MtrXNUfAPDvnSRN0ja/5FeffWhHqxAUmyZ9Lly0RaEbQVCkLmOSltq0lSZCW4JNRVpwofQvUNwJ/gWudCMqLhS3FrciFMmm0YWM3Jl7x0kmk1cnGdN8PjDTc+5j7vnee0/nPOYmgE2rmL4lEdsj4peI6K1k525QrPwzOzM18ufM1EgSpdJrfyTl7e7NTI3km+b7bcsy/YWIwgdJ7K4/bOfE1Wvnh8fHxy5nCwYmC1nqwvDZsbNjF4eOHTt0sPvokaHDTYkzLdO9Xe9d2rPz1Ju3Xxk5ffut775Iy1vK1tfGUdFXft+y7CO01S0pRnHuuazx7PKLviH01KST9vS90LrCsGzpXZtero5y/e+NtnKuojdefr+lhQPWVKlUKnXWLa1+l02XaiVJZYdS6UYJeAAk0eoSAK2Rf9Hfm0l7qlMj9f3gB9vdE1HuAaVxz3ZFRDX+9nIPtthX6Rt1rNHxH46I09N/fZK+YsFxCACA5vrqRMStk5V2R/6qrCnEozXb/S+bG+qLiP9HxI6IeChrvzwSUd72sYh4vGafnmXMAhTn5evbPz91Z4na5mrTpO2/F7O5rfxVWVMteV9bluspx9+RnDk3PnYgOyf90dGZ5gfrP7o6rPb1Sz9/3Oj4xZr2X/pKj5+3BbNy/N4+b4BudHhy+H7jzt29UT6x1+vjT6I9yVMROyNi1yo+Pz1n5577fE+j9XPi76y0v+fG/1HjD29fRYEafMTszNR0zIs/svm/pDw/eeGdgYmr1144Vzs/OXj0yNDhga4YHzswkN8V9b7/8earWbKuG7HI9c+rxppOpKXXf+uC93915rIvTVXnaydWfoybd2417NOs/P7fWr7/tySvl3P5/OyV4cnJy4MRW5Lp+uVD/+59Zbh7zvZp/P37Fq7/OyL+/jTbb3dEpDfxExHxZETszcr+VEQ8HRH7Fon/25PPvN2oC7l0/GsrjX90Rde/UeL4DxELr2o7/82XdQf+sFgXf0c0uv6Hyqn+bMno8GTXUnEtVtLaxH2fQAAAANgA9kbE9kgK+7OBpu1RKOzfH7GtOoIyMfn8mUvvXhytPCPQFx2FfKSrt2Y8dDAbG07z6V5DNfl0/cHyuHGpVCp1p/m0/z7e09rQYdPb1qD+p36rf6QFeNCsaB6t0RNtwIY0v/7fWfaezf9BBrC+mvA7GmCDUv9h81p2/V+rp+CAllmo/l+PmG1BUYB1tlD9f6NuyfF1KQuwvvT/YfNaff33YwDY6Hz/w6a0rIfkV5HYcWqRbZL2tTlo40QhFv8rAH0R+ZK8TbP4B/5aiGhOCduaGmn3nGtaWHCbrmjGsaKw5DbtK/hDDOubKPw3ilFJdEbEEndv9Wa7nieurXXBypXgs9b+7wQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHD//gkAAP//hALPcw==")
inotify_init1(0x0)

895.492013ms ago: executing program 5 (id=10992):
perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x71, 0x5, 0x8, 0x8, 0x0, 0x1f, 0x1369a, 0x8, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x2, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x2, @perf_bp={0x0, 0x1}, 0xb06, 0x3, 0x8, 0x1, 0x7f, 0x8800, 0x5, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open$cgroup(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x4, @perf_bp={0x0, 0x8}, 0x4010, 0x0, 0x0, 0x0, 0x3, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open$cgroup(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000002c0)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20004, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x2}, 0x2600, 0x0, 0x0, 0x4, 0x0, 0x0, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x2a, 0x1, 0x0, 0x0, 0x0, 0x10, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_bp={0x0, 0x1}, 0x3026, 0x32, 0x43a1bd56, 0x7, 0x400, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x1, 0x0, 0x0, 0x41000, 0x48, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x2, 0x56d, 0x2}, 0x48)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000009a40)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000040900010073797a30000000002c000000030a01080000000000000000010000000900030073797a32000000000900010073797a300000000050000000060a010400000000000000000100000008000b40000000000900010073797a30000000002800048024000180090001006d6574610000000014000280080001400000001208000240000000", @ANYRES64=r0], 0xc4}, 0x1, 0x0, 0x0, 0x10}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, 0xfffffffffffffffd, 0x0)
sendmsg$IPCTNL_MSG_EXP_GET(0xffffffffffffffff, 0x0, 0x20000004)

828.045457ms ago: executing program 5 (id=10993):
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x1)
sendmsg(0xffffffffffffffff, 0x0, 0x4)
bpf$MAP_CREATE(0x100000000000000, 0x0, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0xb, 0x0, &(0x7f0000000040)='syzkaller\x00'}, 0x94)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x8, 0x830d}, 0x0, 0x2, 0xfffffffe, 0x0, 0x101}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)=@newtaction={0x88, 0x30, 0x1, 0x0, 0x0, {0x0, 0x0, 0x1300}, [{0x74, 0x1, [@m_mirred={0x70, 0x1, 0x0, 0x0, {{0xb}, {0x44, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x1, 0x0, 0xffffffffffffffff, 0x800ff, 0xfffffffb}, 0x4}}, @TCA_MIRRED_PARMS={0x20, 0x4, {{0xffdff7e8, 0x0, 0x4, 0xffffff00, 0x7}, 0x1}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x2404c080}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000000)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000080)='%ps    \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000100)={r3}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x10, &(0x7f0000000640)=@framed={{}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x54}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$nl_route_sched(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000480)=@newtaction={0x5c, 0x30, 0xb, 0x0, 0x0, {}, [{0x48, 0x1, [@m_ct={0x44, 0x1, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xfdb, 0x0, 0x8}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x20004000}, 0x10000000)

760.87365ms ago: executing program 5 (id=10994):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000006c0)=ANY=[@ANYBLOB="440000001000030428bd78000000000000000000", @ANYRES32=0x0, @ANYBLOB="46060900000000001c0012800b0001006970766c616e00000c000280060002000100000008000500", @ANYRES32=r5], 0x44}, 0x1, 0x0, 0x0, 0x600}, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
r7 = socket(0x10, 0x803, 0x4)
sendmsg$IPVS_CMD_SET_INFO(r7, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r7, &(0x7f0000000340)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0xffffff1f, 0x0, 0x80, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00}, [@IFLA_MASTER={0x8, 0xa, r8}, @IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2000c0c1}, 0x40000)

607.543399ms ago: executing program 5 (id=10995):
syz_genetlink_get_family_id$wireguard(0x0, 0xffffffffffffffff)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, 0x0, 0x0)
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x8000, 0x3ff})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
mknodat(0xffffffffffffff9c, &(0x7f0000000140)='./file4\x00', 0x11c0, 0x4080000)
openat2$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file4\x00', &(0x7f0000000380)={0x80}, 0x18)
openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file4\x00', 0x20000, 0x8)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x15)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'syz_tun\x00'})

317.600283ms ago: executing program 1 (id=10996):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
getrlimit(0x7, 0x0)
r0 = getpid()
prlimit64(r0, 0xf, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x7, 0x17, &(0x7f0000000880)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bf0900000000000046090100000003e71600000006000000180100002020702500000000002020207b9af8ff00000000ad9100000000000037010000f8ffffffb702000008000000b70300000000000024090000060000005c93000000000000b5030000000000008500000076000000b70000000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

182.88059ms ago: executing program 9 (id=10997):
perf_event_open(&(0x7f00000004c0)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
socket$unix(0x1, 0x1, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = fsmount(0xffffffffffffffff, 0x1, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x9, 0x1}, {0x4}, {0xe, 0xd}}, [@TCA_EGRESS_BLOCK={0x8, 0xe, 0x401}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x491, 0x0, 0x0, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x90}, 0x4000c00)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
recvmmsg(r2, 0x0, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x1a, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x40000400}, 0x94)
r3 = perf_event_open(0x0, 0x0, 0xc, r1, 0xb)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff)
io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)

0s ago: executing program 9 (id=10998):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0xfffff000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0xcf, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x2, @perf_config_ext={0x1, 0x6}, 0x1004, 0x0, 0x10000, 0x3, 0x2, 0x80004001, 0x0, 0x0, 0x0, 0x0, 0xbf}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/asound/seq/clients\x00', 0x0, 0x0)
lseek(r3, 0x9, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)

kernel console output (not intermixed with test programs):

-0000-0000-0000-000000000000.
[  594.861436][T29138] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  594.911164][T29143] netlink: 'syz.1.9379': attribute type 1 has an invalid length.
[  594.968424][ T7104] batman_adv: batadv0: Local translation table size (72) exceeds maximum packet size (-320); Ignoring new local tt entry: 33:33:ff:aa:aa:2a
[  594.975556][T29143] 8021q: adding VLAN 0 to HW filter on device bond12
[  595.805318][T29163] netlink: 8 bytes leftover after parsing attributes in process `syz.9.9386'.
[  595.817291][T29163] netlink: 8 bytes leftover after parsing attributes in process `syz.9.9386'.
[  595.833512][T29168] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9384'.
[  595.843711][T29168] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  595.866343][T29168] batman_adv: batadv0: Removing interface: batadv_slave_1
[  595.876275][T29168] batman_adv: batadv0: Interface deactivated: dummy0
[  595.887501][T29168] batman_adv: batadv0: Removing interface: dummy0
[  595.894939][T29172] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9390'.
[  599.053494][T29194] bond3: (slave lo): Releasing backup interface
[  599.069679][T29194] bond3: (slave lo): last VLAN challenged slave left bond - VLAN blocking is removed
[  599.091344][T29200] __nla_validate_parse: 1 callbacks suppressed
[  599.091442][T29200] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9399'.
[  599.176109][T29194] team0: Port device team_slave_0 removed
[  599.205911][T29194] team0: Port device team_slave_1 removed
[  599.224158][T29206] loop8: detected capacity change from 0 to 512
[  599.247230][T29194] net_ratelimit: 23 callbacks suppressed
[  599.247267][T29194] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  599.309218][T29201] team0: Mode changed to "activebackup"
[  599.348274][T29206] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  599.761076][T10346] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  599.838072][T29222] netlink: 12 bytes leftover after parsing attributes in process `syz.8.9406'.
[  599.892861][T29222] bond11: (slave vxcan3): The slave device specified does not support setting the MAC address
[  599.905707][T29222] bond11: (slave vxcan3): Error -95 calling set_mac_address
[  599.963635][T29224] macvlan0: entered promiscuous mode
[  600.009040][T29224] macvlan0: entered allmulticast mode
[  600.033858][T29224] bond11: (slave macvlan0): Error -98 calling set_mac_address
[  600.242988][T29235] loop9: detected capacity change from 0 to 128
[  600.273539][T27840] udevd[27840]: incorrect jbd checksum on /dev/loop9
[  600.281557][T29235] EXT4-fs warning (device loop9): ext4_init_metadata_csum:4681: metadata_csum and uninit_bg are redundant flags; please run fsck.
[  600.300499][T29229] loop8: detected capacity change from 0 to 8192
[  600.314778][T29235] EXT4-fs (loop9): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[  600.320621][T27840] udevd[27840]: incorrect jbd checksum on /dev/loop9
[  600.480170][T29229]  loop8: p1 < > p2 < > p3 p4 < >
[  600.480430][   T28] kauditd_printk_skb: 2631 callbacks suppressed
[  600.480445][   T28] audit: type=1326 audit(856.456:6062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29233 comm="syz.9.9410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91caa2cdd9 code=0x7ffc0000
[  600.534694][T29229] loop8: partition table partially beyond EOD, truncated
[  600.552197][T29229] loop8: p1 start 67108864 is beyond EOD, truncated
[  600.586925][T29229] loop8: p3 start 100859904 is beyond EOD, truncated
[  600.594664][   T28] audit: type=1326 audit(856.456:6063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29233 comm="syz.9.9410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91caa2cdd9 code=0x7ffc0000
[  600.617901][   T28] audit: type=1326 audit(856.456:6064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29233 comm="syz.9.9410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=99 compat=0 ip=0x7f91caa2cdd9 code=0x7ffc0000
[  600.683903][   T28] audit: type=1326 audit(856.456:6065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29233 comm="syz.9.9410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91caa2cdd9 code=0x7ffc0000
[  600.759806][   T28] audit: type=1326 audit(856.456:6066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29233 comm="syz.9.9410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91caa2cdd9 code=0x7ffc0000
[  600.867199][T27841] udevd[27841]: inotify_add_watch(7, /dev/loop8p4, 10) failed: No such file or directory
[  600.878234][T27840] udevd[27840]: inotify_add_watch(7, /dev/loop8p2, 10) failed: No such file or directory
[  600.976377][T29262] netlink: 'syz.8.9421': attribute type 11 has an invalid length.
[  601.030870][T29263] netlink: 'syz.3.9422': attribute type 21 has an invalid length.
[  601.178986][T29267] loop8: detected capacity change from 0 to 164
[  601.259437][T29267] ISOFS: primary root directory is empty. Disabling Rock Ridge and switching to Joliet.
[  601.328695][T29278] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9427'.
[  601.349601][T29287] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9426'.
[  602.640376][T29329] netlink: 'syz.8.9445': attribute type 16 has an invalid length.
[  602.687019][T29326] syzkaller0: entered promiscuous mode
[  602.694695][T29326] syzkaller0: entered allmulticast mode
[  603.062013][   T28] audit: type=1400 audit(859.036:6067): avc:  denied  { getopt } for  pid=29337 comm="syz.3.9449" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  603.107255][  T118] netdevsim netdevsim8 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  603.119050][T29341] netlink: 24 bytes leftover after parsing attributes in process `syz.9.9450'.
[  603.144760][  T118] netdevsim netdevsim8 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  603.197233][  T118] netdevsim netdevsim8 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  603.214238][T29341] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=29341 comm=syz.9.9450
[  603.227876][  T118] netdevsim netdevsim8 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  603.278942][T29351] netlink: 24 bytes leftover after parsing attributes in process `syz.8.9454'.
[  603.299683][T29353] xfrm0 speed is unknown, defaulting to 1000
[  603.348173][T29351] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=29351 comm=syz.8.9454
[  603.421903][T29363] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  603.443254][T29353] lo speed is unknown, defaulting to 1000
[  603.457663][T29363] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  603.491506][T29363] netlink: 'syz.8.9458': attribute type 1 has an invalid length.
[  603.546676][T29363] 8021q: adding VLAN 0 to HW filter on device bond12
[  603.566819][T29353] wg1 speed is unknown, defaulting to 1000
[  603.829740][   T28] audit: type=1400 audit(859.806:6068): avc:  denied  { read } for  pid=29374 comm="syz.1.9463" name="loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  603.892195][   T28] audit: type=1400 audit(859.806:6069): avc:  denied  { open } for  pid=29374 comm="syz.1.9463" path="/dev/loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  603.970692][   T28] audit: type=1400 audit(859.836:6070): avc:  denied  { ioctl } for  pid=29374 comm="syz.1.9463" path="/dev/loop-control" dev="devtmpfs" ino=99 ioctlcmd=0x4c81 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  604.245632][T29394] xfrm0 speed is unknown, defaulting to 1000
[  604.353982][T29394] lo speed is unknown, defaulting to 1000
[  604.419682][T29394] wg1 speed is unknown, defaulting to 1000
[  604.507019][T29409] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  604.524581][T29409] team0: Mode changed to "activebackup"
[  606.016133][T29455] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9490'.
[  606.422733][T29485] netlink: 12 bytes leftover after parsing attributes in process `syz.9.9500'.
[  606.460216][T29485] xfrm2: entered promiscuous mode
[  606.477128][T29485] xfrm2: entered allmulticast mode
[  606.493796][T29485] netlink: 12 bytes leftover after parsing attributes in process `syz.9.9500'.
[  606.649570][T29499] loop8: detected capacity change from 0 to 512
[  606.704611][T29499] EXT4-fs error (device loop8): ext4_iget_extra_inode:5128: inode #15: comm syz.8.9507: corrupted in-inode xattr: invalid ea_ino
[  606.749741][T29499] loop8: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  606.751160][T29499] EXT4-fs error (device loop8): ext4_orphan_get:1402: comm syz.8.9507: couldn't read orphan inode 15 (err -117)
[  606.760420][    C0] EXT4-fs (loop8): error count since last fsck: 1
[  606.760446][    C0] EXT4-fs (loop8): initial error at time 862: ext4_iget_extra_inode:5128: inode 15
[  606.760491][    C0] EXT4-fs (loop8): last error at time 862: ext4_iget_extra_inode:5128: inode 15
[  606.761919][   T28] audit: type=1400 audit(862.726:6071): avc:  denied  { read } for  pid=29506 comm="syz.1.9510" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  606.824527][T29499] loop8: lost filesystem error report for type 5 error -117
[  606.842036][T29499] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  606.952962][T29516] netlink: 24 bytes leftover after parsing attributes in process `syz.5.9514'.
[  607.067104][T29518] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=29518 comm=syz.5.9514
[  607.119001][T10346] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  607.272622][T29524] 9pnet: p9_errstr2errno: server reported unknown error 00000000000
[  607.789165][T29556] loop8: detected capacity change from 0 to 128
[  607.910469][T29562] loop9: detected capacity change from 0 to 512
[  607.925713][T29562] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  607.950129][T29562] EXT4-fs (loop9): bad geometry: block count 8323328 exceeds size of device (256 blocks)
[  608.034316][T29556] syz.8.9529: attempt to access beyond end of device
[  608.034316][T29556] loop8: rw=2049, sector=154, nr_sectors = 6 limit=128
[  608.109019][T29556] syz.8.9529: attempt to access beyond end of device
[  608.109019][T29556] loop8: rw=2049, sector=158, nr_sectors = 2 limit=128
[  608.133578][T29556] Buffer I/O error on dev loop8, logical block 79, lost async page write
[  608.151614][T29556] syz.8.9529: attempt to access beyond end of device
[  608.151614][T29556] loop8: rw=2049, sector=160, nr_sectors = 2 limit=128
[  608.175540][T29556] Buffer I/O error on dev loop8, logical block 80, lost async page write
[  608.204890][T29556] syz.8.9529: attempt to access beyond end of device
[  608.204890][T29556] loop8: rw=2049, sector=162, nr_sectors = 6 limit=128
[  608.230172][T29556] syz.8.9529: attempt to access beyond end of device
[  608.230172][T29556] loop8: rw=2049, sector=166, nr_sectors = 2 limit=128
[  608.247923][T29556] Buffer I/O error on dev loop8, logical block 83, lost async page write
[  608.261486][T29556] syz.8.9529: attempt to access beyond end of device
[  608.261486][T29556] loop8: rw=2049, sector=168, nr_sectors = 2 limit=128
[  608.276745][T29556] Buffer I/O error on dev loop8, logical block 84, lost async page write
[  608.307489][T29556] syz.8.9529: attempt to access beyond end of device
[  608.307489][T29556] loop8: rw=2049, sector=186, nr_sectors = 6 limit=128
[  608.348374][T29556] syz.8.9529: attempt to access beyond end of device
[  608.348374][T29556] loop8: rw=2049, sector=190, nr_sectors = 2 limit=128
[  608.364039][T29556] Buffer I/O error on dev loop8, logical block 95, lost async page write
[  608.374055][T29570] loop9: detected capacity change from 0 to 164
[  608.374470][T29556] syz.8.9529: attempt to access beyond end of device
[  608.374470][T29556] loop8: rw=2049, sector=192, nr_sectors = 2 limit=128
[  608.374498][T29556] Buffer I/O error on dev loop8, logical block 96, lost async page write
[  608.374866][T29556] syz.8.9529: attempt to access beyond end of device
[  608.374866][T29556] loop8: rw=2049, sector=194, nr_sectors = 6 limit=128
[  608.395565][T29556] Buffer I/O error on dev loop8, logical block 99, lost async page write
[  608.477285][T29556] Buffer I/O error on dev loop8, logical block 100, lost async page write
[  608.561443][T29570] ISOFS: primary root directory is empty. Disabling Rock Ridge and switching to Joliet.
[  608.566094][T29556] Buffer I/O error on dev loop8, logical block 111, lost async page write
[  608.613602][T29556] Buffer I/O error on dev loop8, logical block 112, lost async page write
[  608.661955][T29576] netlink: 20 bytes leftover after parsing attributes in process `syz.1.9537'.
[  608.725493][   T28] audit: type=1400 audit(864.696:6072): avc:  denied  { getopt } for  pid=29575 comm="syz.1.9537" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  609.361083][   T28] audit: type=1400 audit(865.336:6073): avc:  denied  { create } for  pid=29610 comm="syz.5.9552" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1
[  610.138956][   T28] audit: type=1400 audit(866.116:6074): avc:  denied  { bind } for  pid=29643 comm="syz.8.9565" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  610.276676][T29630] syz.1.9558 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  610.288000][T29630] CPU: 0 UID: 0 PID: 29630 Comm: syz.1.9558 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  610.288127][T29630] Tainted: [W]=WARN
[  610.288138][T29630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  610.288155][T29630] Call Trace:
[  610.288165][T29630]  <TASK>
[  610.288174][T29630]  __dump_stack+0x1d/0x30
[  610.288204][T29630]  dump_stack_lvl+0x95/0xd0
[  610.288227][T29630]  dump_stack+0x15/0x1b
[  610.288246][T29630]  dump_header+0x80/0x240
[  610.288360][T29630]  oom_kill_process+0x295/0x350
[  610.288402][T29630]  out_of_memory+0x97d/0xb80
[  610.288460][T29630]  try_charge_memcg+0x62f/0xa10
[  610.288508][T29630]  charge_memcg+0x6d/0x120
[  610.288581][T29630]  __mem_cgroup_charge+0x28/0xb0
[  610.288617][T29630]  filemap_add_folio+0x110/0x350
[  610.288711][T29630]  __filemap_get_folio_mpol+0x326/0x680
[  610.288763][T29630]  filemap_fault+0x462/0xb70
[  610.288908][T29630]  ? __pfx_filemap_map_pages+0x10/0x10
[  610.288936][T29630]  handle_mm_fault+0x16cb/0x2e70
[  610.288965][T29630]  ? __pfx_filemap_fault+0x10/0x10
[  610.289023][T29630]  __get_user_pages+0x1290/0x1f10
[  610.289062][T29630]  __mm_populate+0x242/0x390
[  610.289188][T29630]  __se_sys_mlockall+0x35f/0x3c0
[  610.289298][T29630]  __x64_sys_mlockall+0x1f/0x30
[  610.289341][T29630]  x64_sys_call+0xf90/0x3020
[  610.289378][T29630]  do_syscall_64+0x12c/0x3b0
[  610.289413][T29630]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  610.289446][T29630] RIP: 0033:0x7f17db82cdd9
[  610.289462][T29630] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  610.289481][T29630] RSP: 002b:00007f17da266028 EFLAGS: 00000246 ORIG_RAX: 0000000000000097
[  610.289502][T29630] RAX: ffffffffffffffda RBX: 00007f17dbaa6090 RCX: 00007f17db82cdd9
[  610.289520][T29630] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  610.289565][T29630] RBP: 00007f17db8c2d69 R08: 0000000000000000 R09: 0000000000000000
[  610.289578][T29630] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  610.289594][T29630] R13: 00007f17dbaa6128 R14: 00007f17dbaa6090 R15: 00007ffde027d188
[  610.289619][T29630]  </TASK>
[  610.289641][T29630] memory: usage 306144kB, limit 307200kB, failcnt 11836
[  610.294240][T29648] loop9: detected capacity change from 0 to 8192
[  610.302695][T29630] memory+swap: usage 306548kB, limit 9007199254740988kB, failcnt 0
[  610.539410][T29655] xfrm0 speed is unknown, defaulting to 1000
[  610.614962][T29630] kmem: usage 164584kB, limit 9007199254740988kB, failcnt 0
[  610.632491][T29630] Memory cgroup stats for /syz1:
[  610.632907][T29630] cache 73936896
[  610.643682][T29655] lo speed is unknown, defaulting to 1000
[  610.652900][T29630] rss 225280
[  610.660049][T29630] shmem 69537792
[  610.668567][T29630] mapped_file 4399104
[  610.679176][T29630] dirty 8192
[  610.685602][T29630] writeback 0
[  610.693190][T29630] workingset_refault_anon 6937
[  610.703951][T29630] workingset_refault_file 19596
[  610.715546][T29630] swap 1486848
[  610.723316][T29630] swapcached 121585664
[  610.732969][T29630] pgpgin 770959
[  610.738180][T29655] wg1 speed is unknown, defaulting to 1000
[  610.744075][T29630] pgpgout 752847
[  610.747844][T29630] pgfault 581279
[  610.756626][T29630] pgmajfault 5179
[  610.764690][T29630] inactive_anon 0
[  610.772989][T29630] active_anon 69582848
[  610.782739][T29630] inactive_file 0
[  610.790889][T29630] active_file 0
[  610.794463][T29630] unevictable 4603904
[  610.803843][T29630] hierarchical_memory_limit 314572800
[  610.845185][T29630] hierarchical_memsw_limit 9223372036854771712
[  610.867761][T29630] total_cache 73936896
[  610.873178][T29630] total_rss 225280
[  610.877187][T29630] total_shmem 69537792
[  610.881415][T29630] total_mapped_file 4399104
[  610.886083][T29630] total_dirty 8192
[  610.889965][T29630] total_writeback 0
[  610.893985][T29630] total_workingset_refault_anon 6937
[  610.922119][T29630] total_workingset_refault_file 19596
[  610.938069][T29630] total_swap 1486848
[  610.951640][T29630] total_swapcached 121585664
[  610.967731][T29630] total_pgpgin 770959
[  610.981441][T29630] total_pgpgout 752847
[  610.997056][T29630] total_pgfault 581279
[  611.013111][T29630] total_pgmajfault 5179
[  611.019381][T29664] netlink: 'syz.9.9571': attribute type 11 has an invalid length.
[  611.036414][T29630] total_inactive_anon 0
[  611.049904][T29630] total_active_anon 69582848
[  611.061875][T29630] total_inactive_file 0
[  611.068288][T29630] total_active_file 0
[  611.072374][T29630] total_unevictable 4603904
[  611.077058][T29630] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.9558,pid=29624,uid=0
[  611.101380][T29630] Memory cgroup out of memory: Killed process 29630 (syz.1.9558) total-vm:94300kB, anon-rss:1440kB, file-rss:55060kB, shmem-rss:0kB, UID:0 pgtables:192kB oom_score_adj:1000
[  612.309882][T29692] netlink: 4 bytes leftover after parsing attributes in process `syz.8.9583'.
[  615.321360][T29707] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  615.342780][T29707] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  615.365562][   T28] audit: type=1400 audit(871.346:6075): avc:  denied  { mount } for  pid=29705 comm="syz.9.9588" name="/" dev="securityfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=filesystem permissive=1
[  615.587766][T29726] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9598'.
[  615.852631][T29741] netlink: 9 bytes leftover after parsing attributes in process `syz.1.9602'.
[  615.888316][T29741] netlink: 9 bytes leftover after parsing attributes in process `syz.1.9602'.
[  615.938354][T29747] netlink: 12 bytes leftover after parsing attributes in process `syz.9.9605'.
[  615.969055][T29750] netlink: 'syz.3.9606': attribute type 27 has an invalid length.
[  616.003211][T29750] bond8: left promiscuous mode
[  616.015502][T29750] bridge10: left promiscuous mode
[  616.063749][T29750] bond10: left promiscuous mode
[  616.073368][T29750] sit8: left promiscuous mode
[  616.152145][T29751] 8021q: adding VLAN 0 to HW filter on device bond0
[  616.193243][T29751] batadv_slave_0: left promiscuous mode
[  616.252243][T29751] batadv_slave_0: entered promiscuous mode
[  616.270490][T29751] 8021q: adding VLAN 0 to HW filter on device team0
[  616.291050][T29751] 8021q: adding VLAN 0 to HW filter on device bond1
[  616.320289][T29751] hsr0: Slave A (veth1_to_team) is not up; please bring it up to get a fully working HSR network
[  616.341453][T29751] hsr0: Slave B (gretap0) is not up; please bring it up to get a fully working HSR network
[  616.372508][T29751] 8021q: adding VLAN 0 to HW filter on device bond2
[  616.405485][T29751] A link change request failed with some changes committed already. Interface  may have been left with an inconsistent configuration, please check.
[  616.445373][ T7088] bridge0: port 1(bridge_slave_0) entered blocking state
[  616.452514][ T7088] bridge0: port 1(bridge_slave_0) entered listening state
[  616.486171][ T7088] bridge0: port 2(bridge_slave_1) entered blocking state
[  616.493420][ T7088] bridge0: port 2(bridge_slave_1) entered listening state
[  616.524348][ T7104] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  616.547116][ T7104] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  616.558538][ T7104] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  616.567572][ T7104] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  616.577954][ T7104] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  616.589819][ T7104] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  616.598487][ T7104] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  616.606897][ T7104] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  616.725532][T29778] netlink: 'syz.8.9615': attribute type 1 has an invalid length.
[  616.752906][T29778] 8021q: adding VLAN 0 to HW filter on device bond13
[  616.787991][T29778] macvlan0: entered promiscuous mode
[  616.793414][T29778] macvlan0: entered allmulticast mode
[  616.800177][T29778] bond13: entered promiscuous mode
[  616.807060][T29778] 8021q: adding VLAN 0 to HW filter on device macvlan0
[  616.817282][T29778] bond13: left promiscuous mode
[  617.100639][T29802] netlink: 'syz.8.9627': attribute type 27 has an invalid length.
[  617.266966][T29803] bridge0: port 4(syz_tun) entered blocking state
[  617.273501][T29803] bridge0: port 4(syz_tun) entered forwarding state
[  617.309326][T29803] 8021q: adding VLAN 0 to HW filter on device bond0
[  617.369661][T29803] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  617.380466][T29803] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  617.383795][T29805] loop9: detected capacity change from 0 to 128
[  617.402979][T29803] veth1_macvtap: left promiscuous mode
[  617.409509][T29803] veth0_macvtap: left promiscuous mode
[  617.416168][T29803] veth0_macvtap: entered promiscuous mode
[  617.422746][T29803] veth1_macvtap: entered promiscuous mode
[  617.539157][T29803] 8021q: adding VLAN 0 to HW filter on device bond1
[  617.568408][T29803] 8021q: adding VLAN 0 to HW filter on device bond2
[  617.570451][T29805] bio_check_eod: 32 callbacks suppressed
[  617.570495][T29805] syz.9.9628: attempt to access beyond end of device
[  617.570495][T29805] loop9: rw=2049, sector=138, nr_sectors = 2 limit=128
[  617.621608][T29805] syz.9.9628: attempt to access beyond end of device
[  617.621608][T29805] loop9: rw=2049, sector=138, nr_sectors = 6 limit=128
[  617.673567][T29803] 8021q: adding VLAN 0 to HW filter on device eth0
[  617.695182][T29803] 8021q: adding VLAN 0 to HW filter on device eth1
[  617.709802][T29805] syz.9.9628: attempt to access beyond end of device
[  617.709802][T29805] loop9: rw=2049, sector=142, nr_sectors = 2 limit=128
[  617.726211][T29803] 8021q: adding VLAN 0 to HW filter on device eth2
[  617.734403][T29803] 8021q: adding VLAN 0 to HW filter on device eth3
[  617.744802][T29805] buffer_io_error: 18 callbacks suppressed
[  617.744825][T29805] Buffer I/O error on dev loop9, logical block 71, lost async page write
[  617.773709][T29803] 8021q: adding VLAN 0 to HW filter on device bond3
[  617.798341][T29803] 8021q: adding VLAN 0 to HW filter on device bond4
[  617.818487][T29803] 8021q: adding VLAN 0 to HW filter on device bond5
[  617.832432][T29803] 8021q: adding VLAN 0 to HW filter on device batadv1
[  617.841385][T29803] 8021q: adding VLAN 0 to HW filter on device bond6
[  617.849740][T29803] 8021q: adding VLAN 0 to HW filter on device bond7
[  617.859607][T29803] 8021q: adding VLAN 0 to HW filter on device bond8
[  617.871212][T29803] 8021q: adding VLAN 0 to HW filter on device bond9
[  617.961192][T29803] 8021q: adding VLAN 0 to HW filter on device bond10
[  618.038344][T29803] 8021q: adding VLAN 0 to HW filter on device bond11
[  618.072416][T29803] 8021q: adding VLAN 0 to HW filter on device bond12
[  618.169352][T29803] 8021q: adding VLAN 0 to HW filter on device bond13
[  618.184577][ T9193] lo speed is unknown, defaulting to 1000
[  618.197361][ T9193] lyz2: Port: 1 Link ACTIVE
[  618.206187][ T7127] bridge0: port 1(bridge_slave_0) entered blocking state
[  618.213306][ T7127] bridge0: port 1(bridge_slave_0) entered forwarding state
[  618.237653][ T7127] bridge0: port 2(bridge_slave_1) entered blocking state
[  618.244848][ T7127] bridge0: port 2(bridge_slave_1) entered forwarding state
[  618.339356][ T9210] xfrm0 speed is unknown, defaulting to 1000
[  618.345475][ T7088] netdevsim netdevsim8 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  618.354062][ T9210] syz0: Port: 1 Link ACTIVE
[  618.359075][ T7088] netdevsim netdevsim8 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  618.376070][T29815] netdevsim netdevsim5 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  618.394017][T29815] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  618.404415][T29815] netdevsim netdevsim5 eth3 (unregistering): unset [1, 1] type 2 family 0 port 20004 - 0
[  618.419452][ T9193] lo speed is unknown, defaulting to 1000
[  618.422880][ T7111] ip6_tunnel: ^ xmit: Local address not yet configured!
[  618.445511][ T7111] ip6_tunnel: ^ xmit: Local address not yet configured!
[  618.460116][T16599] ip6_tunnel: ^ xmit: Local address not yet configured!
[  618.470170][ T9210] xfrm0 speed is unknown, defaulting to 1000
[  618.477873][ T7088] netdevsim netdevsim8 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  618.494849][ T7088] netdevsim netdevsim8 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  618.514079][T29815] netdevsim netdevsim5 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  618.524742][T29815] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  618.536088][T16599] ip6_tunnel: ^ xmit: Local address not yet configured!
[  618.546404][T29815] netdevsim netdevsim5 eth2 (unregistering): unset [1, 1] type 2 family 0 port 20004 - 0
[  618.566559][ T7088] netdevsim netdevsim8 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  618.575234][ T7088] netdevsim netdevsim8 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  618.600520][ T7088] netdevsim netdevsim8 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  618.612765][ T7088] netdevsim netdevsim8 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  618.623846][T29840] x_tables: duplicate underflow at hook 2
[  618.637691][T29815] netdevsim netdevsim5 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  618.648114][ T9210] ip6_tunnel: ^ xmit: Local address not yet configured!
[  618.661037][T29815] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  618.672281][T29815] netdevsim netdevsim5 eth1 (unregistering): unset [1, 1] type 2 family 0 port 20004 - 0
[  618.707969][T29834] xfrm0 speed is unknown, defaulting to 1000
[  618.738696][T29815] netdevsim netdevsim5 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  618.762078][T29815] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  618.772978][T29815] netdevsim netdevsim5 eth0 (unregistering): unset [1, 1] type 2 family 0 port 20004 - 0
[  618.811214][T29834] lo speed is unknown, defaulting to 1000
[  618.866358][ T7113] netdevsim netdevsim5 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  618.875590][ T7113] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 20004 - 0
[  618.884010][ T7113] netdevsim netdevsim5 eth0: set [1, 1] type 2 family 0 port 6081 - 0
[  618.902620][ T7113] netdevsim netdevsim5 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  618.911738][ T7113] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 20004 - 0
[  618.929165][ T7113] netdevsim netdevsim5 eth1: set [1, 1] type 2 family 0 port 6081 - 0
[  618.940160][T29834] wg1 speed is unknown, defaulting to 1000
[  618.953880][T29815] netdevsim netdevsim5 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  618.967644][T29815] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  618.977801][T29815] netdevsim netdevsim5 eth1 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  618.991551][T29848] netlink: 24 bytes leftover after parsing attributes in process `syz.8.9642'.
[  619.028448][T29848] netlink: 4 bytes leftover after parsing attributes in process `syz.8.9642'.
[  619.040888][T29815] netdevsim netdevsim5 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  619.051052][T29815] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  619.061323][T29815] netdevsim netdevsim5 eth0 (unregistering): unset [1, 1] type 2 family 0 port 6081 - 0
[  619.242886][T29856] netlink: 4 bytes leftover after parsing attributes in process `syz.8.9645'.
[  619.254917][T29856] bridge0: port 4(syz_tun) entered disabled state
[  619.273235][T29856] syz_tun (unregistering): left allmulticast mode
[  619.281746][T29856] syz_tun (unregistering): left promiscuous mode
[  619.294111][T29856] bridge0: port 4(syz_tun) entered disabled state
[  619.680374][T29872] netlink: 'syz.3.9653': attribute type 1 has an invalid length.
[  619.707295][T29872] 8021q: adding VLAN 0 to HW filter on device bond11
[  619.759574][T29872] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9653'.
[  619.788419][T29872] bond11: up delay (136) is not a multiple of miimon (100), value rounded to 100 ms
[  619.820551][T29872] bond11: entered allmulticast mode
[  619.863534][T29876] bond11: (slave ip6gretap1): Enslaving as an active interface with an up link
[  620.178247][T29894] loop8: detected capacity change from 0 to 2048
[  620.213342][T29894] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  620.233668][T29897] loop9: detected capacity change from 0 to 4096
[  620.266394][T29897] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  620.267696][T29894] random: crng reseeded on system resumption
[  620.294928][   T28] audit: type=1400 audit(876.246:6076): avc:  denied  { write } for  pid=29892 comm="syz.8.9658" name="snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  620.351478][   T28] audit: type=1400 audit(876.246:6077): avc:  denied  { open } for  pid=29892 comm="syz.8.9658" path="/dev/snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  620.470712][T16228] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  620.591736][T10346] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  621.226804][T29936] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  621.234213][T29936] IPv6: NLM_F_CREATE should be set when creating new route
[  621.303936][T29936] loop8: detected capacity change from 0 to 1024
[  621.326845][T29936] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e040c01c, mo2=0002]
[  621.337702][T29936] System zones: 0-1, 3-36
[  621.350470][T29936] EXT4-fs error (device loop8): ext4_orphan_get:1423: comm syz.8.9673: bad orphan inode 134217728
[  621.364541][T29936] loop8: lost filesystem error report for type 5 error -117
[  621.390595][T29936] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  621.462392][T10346] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  622.420169][T29972] xfrm0 speed is unknown, defaulting to 1000
[  622.441581][    C1] ip6_tunnel: ^ xmit: Local address not yet configured!
[  622.490022][T29972] lo speed is unknown, defaulting to 1000
[  622.630296][T29972] wg1 speed is unknown, defaulting to 1000
[  623.029080][T29979] netlink: 24 bytes leftover after parsing attributes in process `syz.3.9690'.
[  623.060671][T29979] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=29979 comm=syz.3.9690
[  623.864904][T30006] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9699'.
[  624.168455][   T28] audit: type=1326 audit(880.146:6078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30032 comm="syz.9.9709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91caa2cdd9 code=0x7ffc0000
[  624.208334][   T28] audit: type=1326 audit(880.146:6079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30032 comm="syz.9.9709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91caa2cdd9 code=0x7ffc0000
[  624.217436][T30033] netlink: 4 bytes leftover after parsing attributes in process `syz.9.9709'.
[  624.241449][   T28] audit: type=1326 audit(880.166:6080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30032 comm="syz.9.9709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91caa2cdd9 code=0x7ffc0000
[  624.268289][   T28] audit: type=1326 audit(880.166:6081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30032 comm="syz.9.9709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91caa2cdd9 code=0x7ffc0000
[  624.294796][   T28] audit: type=1326 audit(880.166:6082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30032 comm="syz.9.9709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f91caa2cdd9 code=0x7ffc0000
[  624.325309][   T28] audit: type=1326 audit(880.166:6083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30032 comm="syz.9.9709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91caa2cdd9 code=0x7ffc0000
[  624.348498][   T28] audit: type=1326 audit(880.166:6084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30032 comm="syz.9.9709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91caa2cdd9 code=0x7ffc0000
[  624.372270][   T28] audit: type=1326 audit(880.176:6085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30032 comm="syz.9.9709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91caa2cdd9 code=0x7ffc0000
[  624.396106][   T28] audit: type=1326 audit(880.176:6086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30032 comm="syz.9.9709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91caa2cdd9 code=0x7ffc0000
[  624.422397][   T28] audit: type=1326 audit(880.176:6087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30032 comm="syz.9.9709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=327 compat=0 ip=0x7f91caa2cdd9 code=0x7ffc0000
[  625.602136][T30087] netlink: 763 bytes leftover after parsing attributes in process `syz.8.9731'.
[  626.371971][T30114] xfrm0 speed is unknown, defaulting to 1000
[  626.441668][T30114] lo speed is unknown, defaulting to 1000
[  626.535694][T30114] wg1 speed is unknown, defaulting to 1000
[  627.320575][T30138] sctp: [Deprecated]: syz.9.9744 (pid 30138) Use of int in maxseg socket option.
[  627.320575][T30138] Use struct sctp_assoc_value instead
[  627.416774][T30143] loop9: detected capacity change from 0 to 512
[  627.454800][T30143] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  627.479777][T30143] EXT4-fs error (device loop9): ext4_orphan_get:1423: comm syz.9.9749: bad orphan inode 11
[  627.510260][T30143] loop9: lost filesystem error report for type 5 error -117
[  627.510467][T30143] ext4_test_bit(bit=10, block=4) = 1
[  627.517852][    C1] EXT4-fs (loop9): error count since last fsck: 1
[  627.517878][    C1] EXT4-fs (loop9): initial error at time 883: ext4_orphan_get:1423
[  627.517898][    C1] EXT4-fs (loop9): last error at time 883: ext4_orphan_get:1423
[  627.580693][T30143] is_bad_inode(inode)=0
[  627.594646][T30143] NEXT_ORPHAN(inode)=2080374784
[  627.606353][T30143] max_ino=32
[  627.614000][T30143] i_nlink=0
[  627.620556][T30143] EXT4-fs (loop9): 1 truncate cleaned up
[  627.633904][T30143] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  627.668532][T30143] netlink: 'syz.9.9749': attribute type 1 has an invalid length.
[  627.714215][T30143] 8021q: adding VLAN 0 to HW filter on device bond9
[  627.752663][T30143] vlan0: entered allmulticast mode
[  627.765705][T30143] bond9: entered allmulticast mode
[  627.800814][T30143] bond9: (slave geneve3): making interface the new active one
[  627.813256][T30143] geneve3: entered allmulticast mode
[  627.834387][T30143] bond9: (slave geneve3): Enslaving as an active interface with an up link
[  627.854909][  T118] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  627.871153][  T118] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  627.908639][  T118] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  627.936356][T16228] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  627.945739][  T118] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  628.108140][T30163] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  628.108140][T30163] The task syz.1.9753 (30163) triggered the difference, watch for misbehavior.
[  628.822304][T30199] gre0 speed is unknown, defaulting to 1000
[  628.844220][T30199] gre0 speed is unknown, defaulting to 1000
[  628.863529][T30199] gre0 speed is unknown, defaulting to 1000
[  629.035652][T16599] ip6_tunnel: ^ xmit: Local address not yet configured!
[  629.063820][T30199] infiniband syz1: set active
[  629.075025][T30199] infiniband syz1: added gre0
[  629.101385][T30199] RDS/IB: syz1: added
[  629.114564][T30199] smc: adding ib device syz1 with port count 1
[  629.176597][T16599] gre0 speed is unknown, defaulting to 1000
[  629.192195][T30199] smc:    ib device syz1 port 1 has no pnetid
[  629.222146][T30199] gre0 speed is unknown, defaulting to 1000
[  629.245987][ T3364] gre0 speed is unknown, defaulting to 1000
[  629.305393][T30199] gre0 speed is unknown, defaulting to 1000
[  629.321595][T30204] netlink: 'syz.1.9770': attribute type 11 has an invalid length.
[  629.329573][T30211] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  629.421617][T30199] gre0 speed is unknown, defaulting to 1000
[  629.481306][T30215] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9774'.
[  629.502318][T30199] gre0 speed is unknown, defaulting to 1000
[  629.571458][T30199] gre0 speed is unknown, defaulting to 1000
[  629.624766][T16599] ip6_tunnel: ^ xmit: Local address not yet configured!
[  630.194837][    C1] ip6_tunnel: ^ xmit: Local address not yet configured!
[  631.401384][T30276] xfrm0 speed is unknown, defaulting to 1000
[  631.452284][T30276] lo speed is unknown, defaulting to 1000
[  631.476580][    C1] bridge0: port 1(bridge_slave_0) entered learning state
[  631.497394][T30276] wg1 speed is unknown, defaulting to 1000
[  631.503817][T30276] gre0 speed is unknown, defaulting to 1000
[  631.682138][T30287] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  631.854930][T30291] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9804'.
[  631.911426][T30296] netlink: 44 bytes leftover after parsing attributes in process `syz.5.9807'.
[  631.921000][T30296] netlink: 43 bytes leftover after parsing attributes in process `syz.5.9807'.
[  631.930444][T30296] netlink: 'syz.5.9807': attribute type 6 has an invalid length.
[  631.938452][T30296] netlink: 'syz.5.9807': attribute type 5 has an invalid length.
[  631.955233][T30296] netlink: 43 bytes leftover after parsing attributes in process `syz.5.9807'.
[  632.018768][T30298] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=30298 comm=syz.5.9808
[  632.031343][T30298] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=30298 comm=syz.5.9808
[  632.043995][T30298] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=30298 comm=syz.5.9808
[  632.056607][T30298] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=30298 comm=syz.5.9808
[  632.069259][T30298] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=30298 comm=syz.5.9808
[  632.081977][T30298] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=30298 comm=syz.5.9808
[  632.094659][T30298] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=30298 comm=syz.5.9808
[  632.107375][T30298] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=30298 comm=syz.5.9808
[  632.120347][    C1] bridge0: port 2(bridge_slave_1) entered learning state
[  632.127816][T30298] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=30298 comm=syz.5.9808
[  632.140346][T30298] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=30298 comm=syz.5.9808
[  632.250819][   T28] kauditd_printk_skb: 93 callbacks suppressed
[  632.250837][   T28] audit: type=1400 audit(888.226:6181): avc:  denied  { watch_reads } for  pid=30299 comm="syz.8.9810" path="/1416/file0" dev="tmpfs" ino=7351 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1
[  632.496216][T30311] netlink: 8 bytes leftover after parsing attributes in process `syz.8.9814'.
[  632.510102][T30311] netlink: 8 bytes leftover after parsing attributes in process `syz.8.9814'.
[  632.794384][T30326] loop8: detected capacity change from 0 to 128
[  632.897220][T30332] netlink: 24 bytes leftover after parsing attributes in process `syz.1.9825'.
[  633.050263][T30347] bridge7: the hash_elasticity option has been deprecated and is always 16
[  633.066705][T30347] bridge7: entered promiscuous mode
[  633.169242][T30359] loop9: detected capacity change from 0 to 128
[  634.091308][T30372] ªªªªª6: renamed from wg2 (while UP)
[  634.342324][   T28] audit: type=1400 audit(890.316:6182): avc:  denied  { bind } for  pid=30385 comm="syz.8.9845" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  634.384346][ T7127] netdevsim netdevsim9 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  634.434768][ T7113] netdevsim netdevsim9 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  634.464522][ T7113] netdevsim netdevsim9 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  634.494508][ T7113] netdevsim netdevsim9 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  634.889380][T30411] netlink: 4 bytes leftover after parsing attributes in process `syz.8.9854'.
[  635.057287][T30421] netlink: 24 bytes leftover after parsing attributes in process `syz.8.9859'.
[  635.959432][T30428] netlink: 132 bytes leftover after parsing attributes in process `syz.3.9861'.
[  637.126595][   T28] audit: type=1400 audit(893.106:6183): avc:  denied  { listen } for  pid=30441 comm="syz.8.9867" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  637.197103][   T28] audit: type=1400 audit(893.176:6184): avc:  denied  { accept } for  pid=30441 comm="syz.8.9867" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  637.230721][T30439] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  637.242482][T30439] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  638.066113][T30476] netlink: 8 bytes leftover after parsing attributes in process `syz.9.9877'.
[  638.175536][   T28] audit: type=1326 audit(894.146:6185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30479 comm="syz.3.9879" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd08592cdd9 code=0x0
[  638.379362][T30487] loop8: detected capacity change from 0 to 512
[  638.415045][T30487] EXT4-fs (loop8): 1 truncate cleaned up
[  638.446631][T30487] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  638.581794][T10346] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  638.783590][T30504] netlink: 276 bytes leftover after parsing attributes in process `syz.9.9886'.
[  638.822415][T30504] netlink: 276 bytes leftover after parsing attributes in process `syz.9.9886'.
[  638.943470][   T28] audit: type=1400 audit(894.916:6186): avc:  denied  { connect } for  pid=30517 comm="syz.8.9891" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  639.076516][T30524] netlink: 60 bytes leftover after parsing attributes in process `syz.9.9893'.
[  639.166092][T30532] netlink: 'syz.1.9897': attribute type 4 has an invalid length.
[  639.179436][T30527] xfrm0 speed is unknown, defaulting to 1000
[  639.194415][T30530] netlink: 'syz.3.9895': attribute type 13 has an invalid length.
[  639.208902][T30532] netlink: 'syz.1.9897': attribute type 4 has an invalid length.
[  639.326717][T30530] A link change request failed with some changes committed already. Interface  may have been left with an inconsistent configuration, please check.
[  639.347706][T30527] lo speed is unknown, defaulting to 1000
[  639.458467][T30527] wg1 speed is unknown, defaulting to 1000
[  639.472403][T30527] gre0 speed is unknown, defaulting to 1000
[  639.848997][T30570] loop8: detected capacity change from 0 to 512
[  639.867415][T30570] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  639.903335][T30570] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  639.983034][T10346] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  640.098405][T30578] loop8: detected capacity change from 0 to 1024
[  640.139239][T30578] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e040c01c, mo2=0002]
[  640.151215][T30578] System zones: 0-1, 3-36
[  640.167135][T30578] EXT4-fs error (device loop8): ext4_orphan_get:1423: comm syz.8.9913: bad orphan inode 134217728
[  640.179375][T30578] loop8: lost filesystem error report for type 5 error -117
[  640.187365][T30578] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  640.608836][T30591] netlink: 12 bytes leftover after parsing attributes in process `syz.3.9918'.
[  640.718795][T30596] netlink: 'syz.3.9920': attribute type 9 has an invalid length.
[  643.775432][T10346] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  643.928181][T30627] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  643.944703][T30627] netdevsim netdevsim1 eth3 (unregistering): unset [0, 1] type 1 family 0 port 2816 - 0
[  643.975149][T30627] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  644.067217][T30627] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  644.104961][T30627] netdevsim netdevsim1 eth2 (unregistering): unset [0, 1] type 1 family 0 port 2816 - 0
[  644.137188][T30627] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  644.416685][T30616] xfrm0 speed is unknown, defaulting to 1000
[  644.460995][T30627] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  644.490788][T30627] netdevsim netdevsim1 eth1 (unregistering): unset [0, 1] type 1 family 0 port 2816 - 0
[  644.500871][T30627] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  644.567206][T30627] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  644.600469][T30627] netdevsim netdevsim1 eth0 (unregistering): unset [0, 1] type 1 family 0 port 2816 - 0
[  644.623894][T30627] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  644.710872][  T118] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  644.721004][  T118] netdevsim netdevsim1 eth0: set [0, 1] type 1 family 0 port 2816 - 0
[  644.749256][  T118] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  644.763440][T30616] lo speed is unknown, defaulting to 1000
[  644.770979][  T118] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  644.780957][  T118] netdevsim netdevsim1 eth1: set [0, 1] type 1 family 0 port 2816 - 0
[  644.789483][  T118] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  644.807207][  T118] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  644.815697][  T118] netdevsim netdevsim1 eth2: set [0, 1] type 1 family 0 port 2816 - 0
[  644.824029][  T118] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  644.851869][  T118] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  644.882994][  T118] netdevsim netdevsim1 eth3: set [0, 1] type 1 family 0 port 2816 - 0
[  644.893882][  T118] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  644.903111][T30666] tipc: Failed to remove unknown binding: 66,2,2/2886997162:1923848914/1923848918
[  644.914906][    C1] ip6_tunnel: ^ xmit: Local address not yet configured!
[  644.944842][T30616] wg1 speed is unknown, defaulting to 1000
[  644.964161][T30616] gre0 speed is unknown, defaulting to 1000
[  644.983736][T30670] xfrm0 speed is unknown, defaulting to 1000
[  645.027807][T30670] lo speed is unknown, defaulting to 1000
[  645.058540][   T28] audit: type=1326 audit(901.036:6187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30667 comm="syz.1.9948" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f17db82cdd9 code=0x0
[  645.098935][T30670] wg1 speed is unknown, defaulting to 1000
[  645.113764][T30670] gre0 speed is unknown, defaulting to 1000
[  646.128581][T30702] loop9: detected capacity change from 0 to 4096
[  646.147206][T30702] EXT4-fs: Ignoring removed nomblk_io_submit option
[  646.181119][T30702] EXT4-fs (loop9): stripe (97) is not aligned with cluster size (16), stripe is disabled
[  646.209166][T30702] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  646.335720][   T28] audit: type=1400 audit(902.316:6188): avc:  denied  { write } for  pid=30708 comm="syz.8.9961" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1
[  646.338995][T30710] netlink: 12 bytes leftover after parsing attributes in process `syz.8.9961'.
[  646.440193][T30710] bond14: (slave gretap0): Enslaving as an active interface with an up link
[  646.509140][T30710] bond14 (unregistering): (slave gretap0): Releasing backup interface
[  646.525615][T30710] bond14 (unregistering): Released all slaves
[  646.527859][T16228] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  646.742826][T30725] netlink: 24 bytes leftover after parsing attributes in process `syz.3.9964'.
[  646.849229][    C1] bridge0: port 1(bridge_slave_0) entered forwarding state
[  646.856858][    C1] bridge0: topology change detected, propagating
[  647.011932][T30720] loop9: detected capacity change from 0 to 764
[  647.185767][T30745] loop8: detected capacity change from 0 to 4096
[  647.196147][T30745] EXT4-fs: Ignoring removed nomblk_io_submit option
[  647.227746][T30745] EXT4-fs (loop8): stripe (97) is not aligned with cluster size (16), stripe is disabled
[  647.259983][T30745] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  647.389908][T10346] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  647.475805][    C1] bridge0: port 2(bridge_slave_1) entered forwarding state
[  647.484704][    C1] bridge0: topology change detected, propagating
[  648.468473][T30746] kexec: Could not allocate control_code_buffer
[  648.693783][T30772] netlink: 276 bytes leftover after parsing attributes in process `syz.3.9987'.
[  648.737834][T30772] netlink: 276 bytes leftover after parsing attributes in process `syz.3.9987'.
[  648.775065][    C1] ip6_tunnel: syztnl1 xmit: Local address not yet configured!
[  649.562421][T30795] loop9: detected capacity change from 0 to 1024
[  649.599041][T30795] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e040c01c, mo2=0002]
[  649.613819][T30795] System zones: 0-1, 3-36
[  649.642196][T30795] EXT4-fs error (device loop9): ext4_orphan_get:1423: comm syz.9.9993: bad orphan inode 134217728
[  649.656254][T30795] loop9: lost filesystem error report for type 5 error -117
[  649.660218][T30795] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  651.671331][T16228] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  651.681457][T30815] netlink: 'syz.5.10006': attribute type 1 has an invalid length.
[  651.748453][T30815] 8021q: adding VLAN 0 to HW filter on device bond12
[  651.772989][T30818] loop8: detected capacity change from 0 to 2048
[  651.838018][T30818] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  651.863953][T30822] vlan5: entered allmulticast mode
[  651.884752][T30822] bond12: entered allmulticast mode
[  651.933364][T30826] EXT4-fs error (device loop8): ext4_validate_block_bitmap:441: comm syz.8.9998: bg 0: block 345: padding at end of block bitmap is not set
[  651.954317][T30826] EXT4-fs (loop8): Remounting filesystem read-only
[  651.964296][ T7108] EXT4-fs warning (device loop8): ext4_convert_unwritten_extents:5075: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[  651.982834][T30825] bond12: (slave geneve5): making interface the new active one
[  651.990922][T30825] geneve5: entered allmulticast mode
[  652.008132][T30825] bond12: (slave geneve5): Enslaving as an active interface with an up link
[  652.294670][T30844] futex_wake_op: syz.9.10003 tries to shift op by -9; fix this program
[  652.368677][T10346] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  652.383288][T30846] netlink: 4 bytes leftover after parsing attributes in process `syz.9.10004'.
[  652.432359][T30848] syzkaller0: entered promiscuous mode
[  652.451196][T30848] syzkaller0: entered allmulticast mode
[  652.772294][T30863] loop9: detected capacity change from 0 to 128
[  653.126901][   T28] audit: type=1400 audit(909.096:6189): avc:  denied  { write } for  pid=30870 comm="syz.3.10017" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  653.246998][T30879] netlink: 4 bytes leftover after parsing attributes in process `syz.9.10020'.
[  653.276644][T30881] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10021'.
[  653.632179][T30859] kexec: Could not allocate control_code_buffer
[  653.792313][T30906] netlink: 276 bytes leftover after parsing attributes in process `syz.5.10040'.
[  653.814972][T30906] netlink: 276 bytes leftover after parsing attributes in process `syz.5.10040'.
[  653.979182][T30914] netlink: 12 bytes leftover after parsing attributes in process `syz.9.10032'.
[  654.047112][T30916] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10033'.
[  656.028456][T30914] veth13: entered allmulticast mode
[  656.039329][T30914] bond10: (slave veth13): Enslaving as an active interface with an up link
[  656.109389][T30918] bond10 (unregistering): (slave veth13): Releasing backup interface
[  656.133925][T30918] bond10 (unregistering): Released all slaves
[  656.174818][T30926] sctp: [Deprecated]: syz.3.10036 (pid 30926) Use of int in maxseg socket option.
[  656.174818][T30926] Use struct sctp_assoc_value instead
[  657.205630][T30951] netlink: 'syz.5.10047': attribute type 29 has an invalid length.
[  657.249868][T30951] netlink: 'syz.5.10047': attribute type 29 has an invalid length.
[  657.293320][T30953] syzkaller0: entered promiscuous mode
[  657.322806][T30953] syzkaller0: entered allmulticast mode
[  657.399403][T30963] netlink: 4 bytes leftover after parsing attributes in process `syz.5.10052'.
[  657.577778][T30971] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  658.374423][T30983] netlink: 4 bytes leftover after parsing attributes in process `syz.5.10057'.
[  658.751929][T31010] netlink: 4 bytes leftover after parsing attributes in process `syz.8.10066'.
[  658.797822][T31012] netlink: 4 bytes leftover after parsing attributes in process `syz.5.10077'.
[  659.037394][T31022] loop8: detected capacity change from 0 to 512
[  659.080919][T31022] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  659.190002][   T28] audit: type=1400 audit(915.166:6190): avc:  denied  { map } for  pid=31013 comm="syz.8.10068" path="/1478/file1/memory.stat" dev="loop8" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  659.438485][T10346] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  659.707266][T31031] netlink: 24 bytes leftover after parsing attributes in process `syz.9.10084'.
[  659.719449][T31034] netlink: 4 bytes leftover after parsing attributes in process `syz.8.10073'.
[  659.853891][T31038] syzkaller0: entered promiscuous mode
[  659.865834][T31038] syzkaller0: entered allmulticast mode
[  659.921575][T31032] sctp: [Deprecated]: syz.1.10074 (pid 31032) Use of int in maxseg socket option.
[  659.921575][T31032] Use struct sctp_assoc_value instead
[  659.983032][T31045] netlink: 'syz.8.10081': attribute type 11 has an invalid length.
[  660.021785][T31047] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10080'.
[  660.033016][T31047] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10080'.
[  660.071490][T31055] netlink: 12 bytes leftover after parsing attributes in process `syz.1.10094'.
[  660.087261][T31054] netlink: 'syz.9.10095': attribute type 39 has an invalid length.
[  660.149641][T31055] veth9: entered allmulticast mode
[  660.157218][T31055] bond13: (slave veth9): Enslaving as an active interface with an up link
[  660.169443][T31059] bond13 (unregistering): (slave veth9): Releasing backup interface
[  660.188507][T31059] bond13 (unregistering): Released all slaves
[  660.620979][T31067] loop9: detected capacity change from 0 to 164
[  661.384824][T31081] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  661.392655][T31081] IPv6: NLM_F_CREATE should be set when creating new route
[  661.400647][T31081] IPv6: NLM_F_CREATE should be set when creating new route
[  661.622014][T31085] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10096'.
[  661.903963][T31096] veth21: entered allmulticast mode
[  661.919924][T31096] bond12: (slave veth21): Enslaving as an active interface with an up link
[  661.967373][T31091] bond12 (unregistering): (slave veth21): Releasing backup interface
[  662.038896][T31091] bond12 (unregistering): Released all slaves
[  662.344943][T31108] xfrm0 speed is unknown, defaulting to 1000
[  662.521083][T31108] lo speed is unknown, defaulting to 1000
[  662.658138][T31108] wg1 speed is unknown, defaulting to 1000
[  662.676076][T31108] gre0 speed is unknown, defaulting to 1000
[  662.959380][T31120] sch_tbf: burst 19872 is lower than device lo mtu (32783) !
[  663.537200][T31127] sctp: [Deprecated]: syz.8.10111 (pid 31127) Use of int in maxseg socket option.
[  663.537200][T31127] Use struct sctp_assoc_value instead
[  663.764900][T31129] xfrm0 speed is unknown, defaulting to 1000
[  663.858220][T31139] bridge7: the hash_elasticity option has been deprecated and is always 16
[  663.902682][T31139] bridge7: entered promiscuous mode
[  664.456501][T31129] lo speed is unknown, defaulting to 1000
[  664.556654][T31129] wg1 speed is unknown, defaulting to 1000
[  664.574434][T31129] gre0 speed is unknown, defaulting to 1000
[  664.735516][T31147] loop8: detected capacity change from 0 to 128
[  666.117985][T31172] sctp: [Deprecated]: syz.5.10123 (pid 31172) Use of int in maxseg socket option.
[  666.117985][T31172] Use struct sctp_assoc_value instead
[  667.108290][T31188] __nla_validate_parse: 2 callbacks suppressed
[  667.108362][T31188] netlink: 4 bytes leftover after parsing attributes in process `syz.9.10132'.
[  667.264311][T31192] netlink: 28 bytes leftover after parsing attributes in process `syz.5.10134'.
[  667.309045][T31192] netlink: 28 bytes leftover after parsing attributes in process `syz.5.10134'.
[  667.514058][T31200] loop9: detected capacity change from 0 to 128
[  667.831420][T31209] sctp: [Deprecated]: syz.3.10138 (pid 31209) Use of int in maxseg socket option.
[  667.831420][T31209] Use struct sctp_assoc_value instead
[  668.117034][T31216] bridge0: port 2(bridge_slave_1) entered disabled state
[  668.125286][T31216] bridge0: port 1(bridge_slave_0) entered disabled state
[  668.505154][T31225] netlink: 4 bytes leftover after parsing attributes in process `syz.5.10144'.
[  669.674039][  T118] netdevsim netdevsim3 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  669.686691][  T118] netdevsim netdevsim3 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  669.702479][  T118] netdevsim netdevsim3 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  669.730126][  T118] netdevsim netdevsim3 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  669.745555][  T118] netdevsim netdevsim3 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  669.768597][  T118] netdevsim netdevsim3 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  669.777571][  T118] netdevsim netdevsim3 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  669.787585][  T118] netdevsim netdevsim3 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  669.840416][T31251] bridge8: the hash_elasticity option has been deprecated and is always 16
[  669.875380][T31251] bridge8: entered promiscuous mode
[  669.900099][T31253] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10156'.
[  670.046623][T31263] netlink: 8 bytes leftover after parsing attributes in process `syz.5.10159'.
[  670.361541][T31270] netlink: 12 bytes leftover after parsing attributes in process `syz.5.10161'.
[  670.467772][T31270] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  670.714261][T31286] netlink: 28 bytes leftover after parsing attributes in process `syz.1.10166'.
[  670.765451][T31286] netlink: 28 bytes leftover after parsing attributes in process `syz.1.10166'.
[  670.857541][T31297] bridge12: the hash_elasticity option has been deprecated and is always 16
[  670.870373][T31297] bridge12: entered promiscuous mode
[  670.989584][T31300] bond0: option active_slave: mode dependency failed, not supported in mode 802.3ad(4)
[  671.724365][T31332] syzkaller0: entered promiscuous mode
[  671.737779][T31332] syzkaller0: entered allmulticast mode
[  671.785741][T31329] loop9: detected capacity change from 0 to 164
[  671.864695][T31333] xfrm0 speed is unknown, defaulting to 1000
[  671.999011][T31338] loop9: detected capacity change from 0 to 512
[  672.055383][T31338] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  672.095157][T31338] EXT4-fs (loop9): 1 truncate cleaned up
[  672.106116][T31333] lo speed is unknown, defaulting to 1000
[  672.114403][T31338] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  672.334975][T31333] wg1 speed is unknown, defaulting to 1000
[  672.352741][T31333] gre0 speed is unknown, defaulting to 1000
[  672.362374][T16228] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  672.527886][T31352] loop9: detected capacity change from 0 to 2048
[  672.608922][T31352]  loop9: p1 p3 p4
[  672.626593][T31352] loop9: p1 size 67110656 extends beyond EOD, truncated
[  672.662418][T31352] loop9: p3 size 134217728 extends beyond EOD, truncated
[  672.702216][T31352] loop9: p4 size 4278190080 extends beyond EOD, truncated
[  673.724823][    C1] ip6_tunnel: ^ xmit: Local address not yet configured!
[  673.833481][T31383] ipt_REJECT: TCP_RESET invalid for non-tcp
[  675.209617][T31416] netlink: 'syz.8.10213': attribute type 1 has an invalid length.
[  675.321088][T31412] xfrm0 speed is unknown, defaulting to 1000
[  675.485451][T31417] bond14: (slave bridge8): Enslaving as a backup interface with an up link
[  675.551090][T31412] lo speed is unknown, defaulting to 1000
[  675.577349][T31421] macvlan0: entered promiscuous mode
[  675.584678][T31421] macvlan0: entered allmulticast mode
[  675.593591][T31421] bond14: entered promiscuous mode
[  675.609359][T31421] bridge8: entered promiscuous mode
[  675.625551][T31421] 8021q: adding VLAN 0 to HW filter on device macvlan0
[  675.649557][T31421] bond14: left promiscuous mode
[  675.654574][T31421] bridge8: left promiscuous mode
[  675.668574][T31412] wg1 speed is unknown, defaulting to 1000
[  675.675132][T31412] gre0 speed is unknown, defaulting to 1000
[  675.702142][T31424] xfrm0 speed is unknown, defaulting to 1000
[  675.853359][T31425] xfrm0 speed is unknown, defaulting to 1000
[  675.874039][T31424] lo speed is unknown, defaulting to 1000
[  676.057430][T31425] lo speed is unknown, defaulting to 1000
[  676.077206][T31424] wg1 speed is unknown, defaulting to 1000
[  676.095057][T31424] gre0 speed is unknown, defaulting to 1000
[  676.210069][T31425] wg1 speed is unknown, defaulting to 1000
[  676.263036][T31425] gre0 speed is unknown, defaulting to 1000
[  677.151513][T31453] bridge0: port 2(bridge_slave_1) entered disabled state
[  677.158839][T31453] bridge0: port 1(bridge_slave_0) entered disabled state
[  678.405271][T16599] gre0 speed is unknown, defaulting to 1000
[  678.414535][T16601] lo speed is unknown, defaulting to 1000
[  678.423678][ T3410] xfrm0 speed is unknown, defaulting to 1000
[  678.423694][ T7108] netdevsim netdevsim8 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  678.437145][T16599] syz1: Port: 1 Link DOWN
[  678.445449][T16601] lyz2: Port: 1 Link DOWN
[  678.454149][ T3410] syz0: Port: 1 Link DOWN
[  678.487056][ T7108] netdevsim netdevsim8 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  678.513233][ T7108] netdevsim netdevsim8 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  678.539620][ T7108] netdevsim netdevsim8 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  678.552211][ T3410] gre0 speed is unknown, defaulting to 1000
[  678.558508][T16601] lo speed is unknown, defaulting to 1000
[  678.564733][T16599] xfrm0 speed is unknown, defaulting to 1000
[  678.570883][ T7108] netdevsim netdevsim8 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  678.580325][ T7108] netdevsim netdevsim8 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  678.599071][ T7108] netdevsim netdevsim8 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  678.608150][ T7108] netdevsim netdevsim8 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  679.372225][T31493] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10238'.
[  679.401178][T31480] xfrm0 speed is unknown, defaulting to 1000
[  679.518770][T31480] lo speed is unknown, defaulting to 1000
[  679.604862][T31505] loop9: detected capacity change from 0 to 256
[  679.721050][T31510] xfrm0 speed is unknown, defaulting to 1000
[  679.759331][T31480] wg1 speed is unknown, defaulting to 1000
[  679.777843][T31480] gre0 speed is unknown, defaulting to 1000
[  679.923427][T31510] lo speed is unknown, defaulting to 1000
[  680.067639][T31510] wg1 speed is unknown, defaulting to 1000
[  680.082499][T31510] gre0 speed is unknown, defaulting to 1000
[  680.360662][T31517] bridge9: the hash_elasticity option has been deprecated and is always 16
[  680.387644][T31517] bridge9: entered promiscuous mode
[  680.468475][T31522] xfrm0 speed is unknown, defaulting to 1000
[  680.521589][T31525] uprobe: syz.8.10248:31525 failed to unregister, leaking uprobe
[  680.641131][T31522] lo speed is unknown, defaulting to 1000
[  680.654937][T31523] xfrm0 speed is unknown, defaulting to 1000
[  680.767889][T31535] netlink: 277 bytes leftover after parsing attributes in process `syz.8.10253'.
[  680.774264][T31520] netlink: 156 bytes leftover after parsing attributes in process `syz.3.10247'.
[  680.816680][T31536] loop8: detected capacity change from 0 to 512
[  680.838991][T31536] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  680.869267][T31536] EXT4-fs (loop8): 1 truncate cleaned up
[  680.872617][T31522] wg1 speed is unknown, defaulting to 1000
[  680.885087][T31536] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  680.901335][T31523] lo speed is unknown, defaulting to 1000
[  680.927109][T31522] gre0 speed is unknown, defaulting to 1000
[  681.038802][T10346] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  681.150101][T31523] wg1 speed is unknown, defaulting to 1000
[  681.160478][T31547] syzkaller0: entered promiscuous mode
[  681.184718][T31547] syzkaller0: entered allmulticast mode
[  681.203508][T31523] gre0 speed is unknown, defaulting to 1000
[  681.458388][T31556] uprobe: syz.1.10261:31556 failed to unregister, leaking uprobe
[  682.594258][T31573] loop9: detected capacity change from 0 to 8192
[  682.951818][T31577] netlink: 277 bytes leftover after parsing attributes in process `syz.5.10279'.
[  682.984187][T31578] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10268'.
[  683.832525][T31593] bridge0: port 4(macsec0) entered blocking state
[  683.844758][T31593] bridge0: port 4(macsec0) entered disabled state
[  683.857425][T31593] macsec0: entered allmulticast mode
[  683.863556][T31593] bridge0: entered allmulticast mode
[  683.881111][T31593] macsec0: left allmulticast mode
[  683.895354][T31593] bridge0: left allmulticast mode
[  684.100096][  T118] netdevsim netdevsim5 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  684.118589][  T118] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 20004 - 0
[  684.127573][  T118] netdevsim netdevsim5 eth0: set [1, 1] type 2 family 0 port 6081 - 0
[  684.177239][  T118] netdevsim netdevsim5 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  684.186685][  T118] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 20004 - 0
[  684.195142][  T118] netdevsim netdevsim5 eth1: set [1, 1] type 2 family 0 port 6081 - 0
[  684.212155][  T118] netdevsim netdevsim5 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  684.221192][  T118] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 20004 - 0
[  684.229885][  T118] netdevsim netdevsim5 eth2: set [1, 1] type 2 family 0 port 6081 - 0
[  684.250870][ T7104] netdevsim netdevsim5 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  684.259390][ T7104] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 20004 - 0
[  684.267830][ T7104] netdevsim netdevsim5 eth3: set [1, 1] type 2 family 0 port 6081 - 0
[  687.562333][T31633] netlink: 36 bytes leftover after parsing attributes in process `syz.3.10289'.
[  687.601057][T31633] netlink: 16 bytes leftover after parsing attributes in process `syz.3.10289'.
[  687.657162][T31633] netlink: 36 bytes leftover after parsing attributes in process `syz.3.10289'.
[  687.752761][T31628] loop8: detected capacity change from 0 to 164
[  688.117654][T31642] loop8: detected capacity change from 0 to 8192
[  688.768153][T31657] xfrm0 speed is unknown, defaulting to 1000
[  688.896264][T31657] lo speed is unknown, defaulting to 1000
[  688.939223][T31657] wg1 speed is unknown, defaulting to 1000
[  688.946175][T31657] gre0 speed is unknown, defaulting to 1000
[  689.315321][T31669] netlink: 116376 bytes leftover after parsing attributes in process `syz.1.10299'.
[  689.523157][T31673] tmpfs: Unknown parameter 'context6¿LòÃgñæ9¤†ª“1`w÷AšÙuújÍái#áôa•'
[  690.541407][T31690] netlink: 'syz.8.10307': attribute type 3 has an invalid length.
[  690.726320][T31692] loop9: detected capacity change from 0 to 4096
[  690.741772][T31692] EXT4-fs: Ignoring removed bh option
[  690.756968][T31692] ext4: Unknown parameter 'fsuuid'
[  691.201544][   T28] audit: type=1400 audit(947.166:6191): avc:  denied  { map } for  pid=31699 comm="syz.1.10310" path="/dev/sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  691.235717][   T28] audit: type=1400 audit(947.176:6192): avc:  denied  { execute } for  pid=31699 comm="syz.1.10310" path="/dev/sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  691.274443][T31692] loop9: detected capacity change from 0 to 512
[  691.299885][   T28] audit: type=1326 audit(947.276:6193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31706 comm="syz.1.10313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17db82cdd9 code=0x7ffc0000
[  691.328467][T31692] FAT-fs (loop9): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  691.331017][T31707] selinux_netlink_send: 69 callbacks suppressed
[  691.331078][T31707] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=31707 comm=syz.1.10313
[  691.367469][   T28] audit: type=1326 audit(947.276:6194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31706 comm="syz.1.10313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17db82cdd9 code=0x7ffc0000
[  691.403136][   T28] audit: type=1326 audit(947.296:6195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31706 comm="syz.1.10313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17db82cdd9 code=0x7ffc0000
[  691.491949][   T28] audit: type=1326 audit(947.296:6197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31706 comm="syz.1.10313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f17db82cdd9 code=0x7ffc0000
[  691.515285][   T28] audit: type=1326 audit(947.306:6198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31706 comm="syz.1.10313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17db82cdd9 code=0x7ffc0000
[  691.538745][   T28] audit: type=1326 audit(947.306:6199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31706 comm="syz.1.10313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17db82cdd9 code=0x7ffc0000
[  691.561905][   T28] audit: type=1326 audit(947.296:6196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31706 comm="syz.1.10313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17db82cdd9 code=0x7ffc0000
[  691.589292][   T28] audit: type=1326 audit(947.306:6200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31706 comm="syz.1.10313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17db82cdd9 code=0x7ffc0000
[  691.700673][T31718] loop8: detected capacity change from 0 to 8192
[  692.806156][T31768] loop8: detected capacity change from 0 to 4096
[  692.817370][T31768] EXT4-fs: Ignoring removed bh option
[  692.823258][T31768] ext4: Unknown parameter 'fsuuid'
[  692.883917][T31768] loop8: detected capacity change from 0 to 512
[  692.897493][T31768] FAT-fs (loop8): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  693.219344][T31783] loop9: detected capacity change from 0 to 128
[  695.971377][T31830] loop8: detected capacity change from 0 to 256
[  696.350127][T16601] wg1 speed is unknown, defaulting to 1000
[  696.432254][T31838] xfrm0 speed is unknown, defaulting to 1000
[  696.573865][T31838] lo speed is unknown, defaulting to 1000
[  696.714986][T31838] wg1 speed is unknown, defaulting to 1000
[  696.731516][T31838] gre0 speed is unknown, defaulting to 1000
[  696.762796][T31845] xfrm0 speed is unknown, defaulting to 1000
[  696.818208][T31845] lo speed is unknown, defaulting to 1000
[  696.985853][T31852] loop9: detected capacity change from 0 to 128
[  697.009007][T31849] xfrm0 speed is unknown, defaulting to 1000
[  697.698047][T31845] wg1 speed is unknown, defaulting to 1000
[  697.725534][T31845] gre0 speed is unknown, defaulting to 1000
[  697.903897][T31876] netlink: 20 bytes leftover after parsing attributes in process `syz.8.10374'.
[  697.924742][T31849] lo speed is unknown, defaulting to 1000
[  697.936798][   T28] kauditd_printk_skb: 51 callbacks suppressed
[  697.936812][   T28] audit: type=1400 audit(953.916:6252): avc:  denied  { append } for  pid=31875 comm="syz.8.10374" name="ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  698.129235][T31849] wg1 speed is unknown, defaulting to 1000
[  698.142227][T31849] gre0 speed is unknown, defaulting to 1000
[  698.361224][T31892] random: crng reseeded on system resumption
[  698.469322][T31895] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10380'.
[  698.479917][T31895] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10380'.
[  698.492935][T31895] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10380'.
[  698.506874][T31895] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10380'.
[  698.517918][T31895] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10380'.
[  698.527628][T31895] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10380'.
[  698.537938][T31899] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2573 sclass=netlink_route_socket pid=31899 comm=syz.1.10380
[  698.551058][T31895] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10380'.
[  698.942778][T31917] netlink: 28 bytes leftover after parsing attributes in process `syz.8.10388'.
[  698.976863][T31915] SELinux: failed to load policy
[  698.997834][T31919] tmpfs: Bad value for 'size'
[  699.757039][T31963] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10403'.
[  699.996789][   T28] audit: type=1326 audit(955.976:6253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31972 comm="syz.1.10408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17db82cdd9 code=0x7ffc0000
[  700.020086][   T28] audit: type=1326 audit(955.976:6255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31972 comm="syz.1.10408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=138 compat=0 ip=0x7f17db82cdd9 code=0x7ffc0000
[  700.044703][   T28] audit: type=1326 audit(955.976:6256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31972 comm="syz.1.10408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17db82cdd9 code=0x7ffc0000
[  700.068665][   T28] audit: type=1326 audit(955.976:6257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31972 comm="syz.1.10408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17db82cdd9 code=0x7ffc0000
[  700.091976][   T28] audit: type=1326 audit(955.976:6254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31972 comm="syz.1.10408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17db82cdd9 code=0x7ffc0000
[  700.115330][   T28] audit: type=1326 audit(955.976:6258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31972 comm="syz.1.10408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17db82cdd9 code=0x7ffc0000
[  700.138562][   T28] audit: type=1326 audit(955.976:6259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31972 comm="syz.1.10408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17db82cdd9 code=0x7ffc0000
[  700.161840][   T28] audit: type=1326 audit(955.976:6260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31972 comm="syz.1.10408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17db82cdd9 code=0x7ffc0000
[  700.185339][   T28] audit: type=1326 audit(955.976:6261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31972 comm="syz.1.10408" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f17db82cdd9 code=0x7ffc0000
[  700.466944][T31983] loop8: detected capacity change from 0 to 128
[  702.351606][T32056] loop8: detected capacity change from 0 to 256
[  703.186644][T32067] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -22741, delta: 1
[  703.205208][T32067] ref_ctr increment failed for inode: 0x28e5 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff888104f5c380
[  703.234818][T32067] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -22741, delta: -1
[  703.260433][T32067] ref_ctr decrement failed for inode: 0x28e5 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff888104f5c380
[  703.291639][T32067] uprobe: syz.1.10444:32067 failed to unregister, leaking uprobe
[  703.543859][T32077] __nla_validate_parse: 3 callbacks suppressed
[  703.543886][T32077] netlink: 32 bytes leftover after parsing attributes in process `syz.9.10449'.
[  703.618639][   T28] kauditd_printk_skb: 30 callbacks suppressed
[  703.618657][   T28] audit: type=1400 audit(959.596:6292): avc:  denied  { shutdown } for  pid=32076 comm="syz.9.10449" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  703.729647][T32081] loop9: detected capacity change from 0 to 512
[  703.777836][T32081] EXT4-fs error (device loop9): ext4_quota_enable:7221: comm syz.9.10450: Bad quota inum: 2, type: 1
[  703.818442][T32081] loop9: lost filesystem error report for type 5 error -117
[  703.818645][T32081] EXT4-fs warning (device loop9): ext4_enable_quotas:7269: Failed to enable quota tracking (type=1, err=-117, ino=2). Please run e2fsck to fix.
[  703.826145][    C1] EXT4-fs (loop9): error count since last fsck: 1
[  703.826170][    C1] EXT4-fs (loop9): initial error at time 959: ext4_quota_enable:7221
[  703.826219][    C1] EXT4-fs (loop9): last error at time 959: ext4_quota_enable:7221
[  704.005687][T32081] EXT4-fs (loop9): mount failed
[  704.149628][T32092] netlink: 12 bytes leftover after parsing attributes in process `syz.8.10455'.
[  704.172198][T32092] netlink: 12 bytes leftover after parsing attributes in process `syz.8.10455'.
[  704.272170][T32098] loop8: detected capacity change from 0 to 512
[  704.332503][T32103] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -22741, delta: 1
[  704.346933][T32098] EXT4-fs (loop8): feature flags set on rev 0 fs, running e2fsck is recommended
[  704.374851][T32103] ref_ctr increment failed for inode: 0x16bf offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff888157dfd100
[  704.398041][T32098] EXT4-fs (loop8): orphan cleanup on readonly fs
[  704.412235][T32098] EXT4-fs error (device loop8): ext4_mb_mark_diskspace_used:4222: comm syz.8.10458: Allocating blocks 41-42 which overlap fs metadata
[  704.427091][T32100] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10460'.
[  704.436230][T32103] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -22741, delta: -1
[  704.446049][T32098] loop8: lost filesystem error report for type 5 error -117
[  704.446264][T32098] Quota error (device loop8): write_blk: dquota write failed
[  704.461064][    C0] EXT4-fs (loop8): error count since last fsck: 1
[  704.461086][    C0] EXT4-fs (loop8): initial error at time 960: ext4_mb_mark_diskspace_used:4222
[  704.461132][    C0] EXT4-fs (loop8): last error at time 960: ext4_mb_mark_diskspace_used:4222
[  704.485449][T32098] Quota error (device loop8): qtree_write_dquot: Error -117 occurred while creating quota
[  704.495444][T32098] EXT4-fs error (device loop8): ext4_acquire_dquot:7034: comm syz.8.10458: Failed to acquire dquot type 0
[  704.501601][T32103] ref_ctr decrement failed for inode: 0x16bf offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff888157dfd100
[  704.507092][T32098] loop8: lost filesystem error report for type 5 error -117
[  704.518456][T32098] EXT4-fs error (device loop8): mb_free_blocks:2049: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  704.527717][T32100] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10460'.
[  704.554643][T32103] uprobe: syz.9.10459:32103 failed to unregister, leaking uprobe
[  704.562909][T32098] EXT4-fs error (device loop8): ext4_do_update_inode:5690: inode #12: comm syz.8.10458: corrupted inode contents
[  704.585368][T32098] loop8: lost file I/O error report for ino 12 type 5 pos 0x0 len 0x0 error -117
[  704.586921][T32098] EXT4-fs error (device loop8): ext4_dirty_inode:6587: inode #12: comm syz.8.10458: mark_inode_dirty error
[  704.613819][T32104] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2573 sclass=netlink_route_socket pid=32104 comm=syz.3.10460
[  704.637536][T32100] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10460'.
[  704.638913][T32098] loop8: lost file I/O error report for ino 12 type 5 pos 0x0 len 0x0 error -117
[  704.652941][T32098] EXT4-fs error (device loop8): ext4_do_update_inode:5690: inode #12: comm syz.8.10458: corrupted inode contents
[  704.658165][T32100] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10460'.
[  704.681864][T32098] loop8: lost file I/O error report for ino 12 type 5 pos 0x0 len 0x0 error -117
[  704.683624][T32098] EXT4-fs error (device loop8): __ext4_ext_dirty:207: inode #12: comm syz.8.10458: mark_inode_dirty error
[  704.696600][T32100] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10460'.
[  704.714913][T32098] loop8: lost file I/O error report for ino 12 type 5 pos 0x0 len 0x0 error -117
[  704.715625][T32100] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10460'.
[  704.733909][T32098] EXT4-fs error (device loop8): ext4_do_update_inode:5690: inode #12: comm syz.8.10458: corrupted inode contents
[  704.746066][T32098] loop8: lost file I/O error report for ino 12 type 5 pos 0x0 len 0x0 error -117
[  704.746248][T32098] EXT4-fs error (device loop8) in ext4_orphan_del:303: Corrupt filesystem
[  704.764179][T32100] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10460'.
[  704.773540][T32098] loop8: lost filesystem error report for type 5 error -117
[  704.773899][T32098] EXT4-fs error (device loop8): ext4_do_update_inode:5690: inode #12: comm syz.8.10458: corrupted inode contents
[  704.793370][T32098] loop8: lost file I/O error report for ino 12 type 5 pos 0x0 len 0x0 error -117
[  704.794755][T32098] EXT4-fs error (device loop8): ext4_truncate:4690: inode #12: comm syz.8.10458: mark_inode_dirty error
[  704.818653][T32098] loop8: lost file I/O error report for ino 12 type 5 pos 0x0 len 0x0 error -117
[  704.818834][T32098] EXT4-fs error (device loop8) in ext4_process_orphan:345: Corrupt filesystem
[  704.839141][T32098] loop8: lost filesystem error report for type 5 error -117
[  704.840506][T32098] EXT4-fs (loop8): 1 truncate cleaned up
[  704.859109][T32098] EXT4-fs (loop8): pa ffff88810795c230: logic 1, phys. 41, len 23
[  704.867019][T32098] EXT4-fs error (device loop8): ext4_mb_release_inode_pa:5459: group 0, free 22, pa_free 23
[  704.878091][T32098] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  704.891462][T32098] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  705.118083][T32126] syzkaller0: entered promiscuous mode
[  705.127922][T32126] syzkaller0: entered allmulticast mode
[  705.658464][T32147] SELinux:  Context u:r:untrusted_app:s0:c512,c768 is not valid (left unmapped).
[  705.697881][   T28] audit: type=1400 audit(961.676:6293): avc:  denied  { relabelto } for  pid=32146 comm="syz.9.10484" name="1122" dev="tmpfs" ino=5834 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="u:r:untrusted_app:s0:c512,c768"
[  705.765112][   T28] audit: type=1400 audit(961.706:6294): avc:  denied  { associate } for  pid=32146 comm="syz.9.10484" name="1122" dev="tmpfs" ino=5834 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="u:r:untrusted_app:s0:c512,c768"
[  705.842842][   T28] audit: type=1400 audit(961.816:6295): avc:  denied  { remove_name } for  pid=16228 comm="syz-executor" name="binderfs" dev="tmpfs" ino=5838 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="u:r:untrusted_app:s0:c512,c768"
[  705.887483][T32158] loop9: detected capacity change from 0 to 128
[  705.912500][T32158] msdos: Unknown parameter 'E-'
[  705.927898][   T28] audit: type=1400 audit(961.816:6296): avc:  denied  { rmdir } for  pid=16228 comm="syz-executor" name="1122" dev="tmpfs" ino=5834 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="u:r:untrusted_app:s0:c512,c768"
[  706.030769][T32158] loop9: detected capacity change from 0 to 512
[  706.099630][T32158] EXT4-fs (loop9): mounting ext3 file system using the ext4 subsystem
[  706.158126][T32158] EXT4-fs (loop9): failed to open journal device unknown-block(0,0) -6
[  706.676213][T32181] xfrm0 speed is unknown, defaulting to 1000
[  706.836362][T32181] lo speed is unknown, defaulting to 1000
[  706.902196][T32181] wg1 speed is unknown, defaulting to 1000
[  706.908774][T32181] gre0 speed is unknown, defaulting to 1000
[  707.103414][T32206] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2573 sclass=netlink_route_socket pid=32206 comm=syz.9.10494
[  708.495474][T32252] IPVS: persistence engine module ip_vs_pe_€ not found
[  708.545673][T32259] tmpfs: Bad value for 'size'
[  708.958570][T32311] __nla_validate_parse: 7 callbacks suppressed
[  708.958593][T32311] netlink: 32 bytes leftover after parsing attributes in process `syz.5.10520'.
[  709.399880][T32335] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  709.469751][T32336] netlink: 116376 bytes leftover after parsing attributes in process `syz.9.10523'.
[  709.479498][T32336] netlink: zone id is out of range
[  709.575714][T32335] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  710.530996][T32345] -: renamed from syzkaller0
[  711.148151][T32368] netlink: 8 bytes leftover after parsing attributes in process `syz.8.10538'.
[  711.418416][T32381] loop8: detected capacity change from 0 to 512
[  711.468105][T32381] EXT4-fs error (device loop8): ext4_quota_enable:7221: comm syz.8.10544: Bad quota inum: 2, type: 1
[  711.514867][T32381] loop8: lost filesystem error report for type 5 error -117
[  711.524609][    C0] EXT4-fs (loop8): error count since last fsck: 1
[  711.524890][T32381] EXT4-fs warning (device loop8): ext4_enable_quotas:7269: Failed to enable quota tracking (type=1, err=-117, ino=2). Please run e2fsck to fix.
[  711.531992][    C0] EXT4-fs (loop8): initial error at time 967: ext4_quota_enable:7221
[  711.561137][    C0] EXT4-fs (loop8): last error at time 967: ext4_quota_enable:7221
[  711.578173][T32381] EXT4-fs (loop8): mount failed
[  712.788499][T32425] netlink: 8 bytes leftover after parsing attributes in process `syz.8.10556'.
[  712.853424][T32434] loop8: detected capacity change from 0 to 128
[  712.866363][T32434] msdos: Unknown parameter 'E-'
[  712.949670][T32434] loop8: detected capacity change from 0 to 512
[  712.968456][T32434] EXT4-fs (loop8): mounting ext3 file system using the ext4 subsystem
[  713.038240][T32434] EXT4-fs (loop8): failed to open journal device unknown-block(0,0) -6
[  713.396216][T32446] netlink: 8 bytes leftover after parsing attributes in process `syz.5.10565'.
[  714.339894][T32469] loop8: detected capacity change from 0 to 512
[  714.365126][T32469] EXT4-fs: Ignoring removed oldalloc option
[  714.385247][T32469] EXT4-fs: dax option not supported
[  714.506821][T32469] loop8: detected capacity change from 0 to 1024
[  714.529552][T32469] EXT4-fs: inline encryption not supported
[  714.562477][T32469] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  714.645141][T32469] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  714.709426][T10346] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  715.464964][T32477] futex_wake_op: syz.1.10586 tries to shift op by 32; fix this program
[  715.542224][T32481] loop9: detected capacity change from 0 to 128
[  715.576727][T32481] FAT-fs (loop9): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  717.872066][   T28] audit: type=1400 audit(973.846:6297): avc:  denied  { listen } for  pid=32497 comm="syz.8.10579" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  717.970013][T32503] netlink: 9 bytes leftover after parsing attributes in process `syz.8.10581'.
[  718.028537][T32503] gretap0: entered promiscuous mode
[  718.081131][T32503] netlink: 5 bytes leftover after parsing attributes in process `syz.8.10581'.
[  718.127122][T32503] 0ªî{X¹¦: renamed from gretap0
[  718.159930][T32506] loop8: detected capacity change from 0 to 1024
[  718.226995][T32506] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e040c01c, mo2=0002]
[  718.279927][T32506] System zones: 0-1, 3-36
[  718.286390][T32506] EXT4-fs error (device loop8): ext4_orphan_get:1423: comm syz.8.10581: bad orphan inode 134217728
[  718.289174][T32503] 0ªî{X¹¦: left promiscuous mode
[  718.303410][T32506] loop8: lost filesystem error report for type 5 error -117
[  718.304079][T32506] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  718.325168][T32503] 0ªî{X¹¦: entered allmulticast mode
[  718.347743][T32503] A link change request failed with some changes committed already. Interface 
30ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[  718.459124][T10346] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  721.616092][T32572] IPVS: dh: FWM 3 0x00000003 - no destination available
[  721.769904][T32580] lo: entered promiscuous mode
[  721.776157][T32580] tunl0: entered promiscuous mode
[  721.782713][T32580] gre0: entered promiscuous mode
[  721.791576][T32580] gretap0: entered promiscuous mode
[  721.803115][T32580] erspan0: entered promiscuous mode
[  721.814957][T32580] ip_vti0: entered promiscuous mode
[  721.827387][T32580] ip6_vti0: entered promiscuous mode
[  721.840067][T32580] sit0: entered promiscuous mode
[  721.853526][T32580] ip6tnl0: entered promiscuous mode
[  721.864122][T32580] ip6gre0: entered promiscuous mode
[  721.869990][T32580] syz_tun: entered promiscuous mode
[  721.875995][T32580] ip6gretap0: entered promiscuous mode
[  721.882818][T32580] bridge0: entered promiscuous mode
[  721.889550][T32580] nlmon0: entered promiscuous mode
[  721.895229][T32580] vxcan0: entered promiscuous mode
[  721.900700][T32580] vxcan1: entered promiscuous mode
[  721.906600][T32580] veth0: entered promiscuous mode
[  721.911998][T32580] veth1: entered promiscuous mode
[  721.917779][T32580] wg0: entered promiscuous mode
[  721.923065][T32580] wg2: entered promiscuous mode
[  721.928514][T32580] veth1_to_bridge: entered promiscuous mode
[  721.935176][T32580] bridge_slave_1: entered promiscuous mode
[  721.941621][T32580] veth0_to_bond: entered promiscuous mode
[  721.948058][T32580] bond_slave_0: entered promiscuous mode
[  721.954436][T32580] veth1_to_bond: entered promiscuous mode
[  721.962738][T32580] bond_slave_1: entered promiscuous mode
[  721.969002][T32580] veth0_to_team: entered promiscuous mode
[  721.975280][T32580] team_slave_0: entered promiscuous mode
[  721.981674][T32580] veth1_to_team: entered promiscuous mode
[  721.987989][T32580] team_slave_1: entered promiscuous mode
[  721.994237][T32580] veth0_to_batadv: entered promiscuous mode
[  722.000971][T32580] batadv_slave_0: entered promiscuous mode
[  722.007888][T32580] veth1_to_batadv: entered promiscuous mode
[  722.014318][T32580] batadv_slave_1: entered promiscuous mode
[  722.020859][T32580] xfrm0: entered promiscuous mode
[  722.026596][T32580] veth0_to_hsr: entered promiscuous mode
[  722.032996][T32580] veth1_to_hsr: entered promiscuous mode
[  722.188339][T32601] loop8: detected capacity change from 0 to 128
[  722.238949][T32601] FAT-fs (loop8): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  724.700370][T32657] netlink: 204 bytes leftover after parsing attributes in process `syz.1.10637'.
[  724.741489][T32657] bond13: Removing last ns target with arp_interval on
[  726.874948][T32704] netlink: 'syz.3.10661': attribute type 1 has an invalid length.
[  726.922255][T32704] 8021q: adding VLAN 0 to HW filter on device bond12
[  726.952163][T32710] netlink: 8 bytes leftover after parsing attributes in process `syz.8.10652'.
[  726.970913][T32704] bond12: (slave veth23): Enslaving as an active interface with a down link
[  727.028528][T32704] 8021q: adding VLAN 0 to HW filter on device batadv0
[  727.060597][T32704] bond12: (slave batadv0): making interface the new active one
[  727.094143][T32704] batadv0: entered promiscuous mode
[  727.108429][T32704] bond12: (slave batadv0): Enslaving as an active interface with an up link
[  727.150876][T32713] bond12 (unregistering): (slave veth23): Releasing active interface
[  727.193725][T32713] bond12 (unregistering): (slave batadv0): Releasing active interface
[  727.219515][T32713] bond12 (unregistering): Released all slaves
[  728.138754][T32736] xfrm0 speed is unknown, defaulting to 1000
[  728.245569][T32742] netlink: 'syz.3.10663': attribute type 10 has an invalid length.
[  728.296405][T32736] lo speed is unknown, defaulting to 1000
[  728.368773][T32736] wg1 speed is unknown, defaulting to 1000
[  728.376588][T32736] gre0 speed is unknown, defaulting to 1000
[  728.398546][T32747] netlink: 12 bytes leftover after parsing attributes in process `syz.3.10665'.
[  728.442726][T32747] bond12: (slave ip6_vti0): The slave device specified does not support setting the MAC address
[  728.471008][T32747] bond12: (slave ip6_vti0): Error -95 calling set_mac_address
[  728.562981][   T28] audit: type=1400 audit(984.536:6298): avc:  denied  { relabelto } for  pid=32743 comm="syz.8.10666" name="1602" dev="tmpfs" ino=8335 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:"
[  728.595954][   T28] audit: type=1400 audit(984.566:6299): avc:  denied  { associate } for  pid=32743 comm="syz.8.10666" name="1602" dev="tmpfs" ino=8335 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:"
[  728.628071][T32753] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10669'.
[  728.637357][T32753] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10669'.
[  728.658461][   T28] audit: type=1400 audit(984.636:6300): avc:  denied  { remove_name } for  pid=10346 comm="syz-executor" name="binderfs" dev="tmpfs" ino=8339 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:"
[  728.698950][   T28] audit: type=1400 audit(984.666:6301): avc:  denied  { rmdir } for  pid=10346 comm="syz-executor" name="1602" dev="tmpfs" ino=8335 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:"
[  728.726140][T32757] netlink: 'syz.8.10670': attribute type 1 has an invalid length.
[  728.751661][T32757] 8021q: adding VLAN 0 to HW filter on device bond15
[  728.998727][  T311] bond5: entered allmulticast mode
[  729.046916][  T311] netlink: 4 bytes leftover after parsing attributes in process `syz.8.10676'.
[  732.073262][  T342] netlink: 'syz.3.10682': attribute type 10 has an invalid length.
[  732.100611][  T342] netlink: 2 bytes leftover after parsing attributes in process `syz.3.10682'.
[  732.129736][  T342] veth1_virt_wifi: entered promiscuous mode
[  732.153561][  T342] bridge0: port 4(veth1_virt_wifi) entered blocking state
[  732.169855][  T342] bridge0: port 4(veth1_virt_wifi) entered disabled state
[  732.186043][  T342] veth1_virt_wifi: entered allmulticast mode
[  732.291514][  T366] netlink: 20 bytes leftover after parsing attributes in process `syz.9.10692'.
[  732.311387][  T366] netlink: 'syz.9.10692': attribute type 10 has an invalid length.
[  732.326985][  T366] bridge0: left promiscuous mode
[  732.337221][  T366] bridge0: entered promiscuous mode
[  732.349018][  T366] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  732.443112][  T376] netlink: 'syz.9.10695': attribute type 16 has an invalid length.
[  732.463942][  T368] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=56 sclass=netlink_route_socket pid=368 comm=syz.5.10691
[  733.524671][  T425] netlink: 'syz.5.10710': attribute type 1 has an invalid length.
[  733.539285][  T425] 8021q: adding VLAN 0 to HW filter on device bond13
[  733.573903][  T425] bond13: (slave veth13): Enslaving as an active interface with a down link
[  733.617605][  T429] 8021q: adding VLAN 0 to HW filter on device batadv0
[  733.644073][  T429] bond13: (slave batadv0): making interface the new active one
[  733.657695][  T429] batadv0: entered promiscuous mode
[  733.663218][  T429] bond13: (slave batadv0): Enslaving as an active interface with an up link
[  733.690404][   T28] audit: type=1400 audit(989.666:6302): avc:  denied  { map } for  pid=407 comm="syz.3.10702" path="socket:[113636]" dev="sockfs" ino=113636 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  733.749983][  T420] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  733.776599][  T420] netdevsim netdevsim1 eth3 (unregistering): unset [0, 1] type 1 family 0 port 2816 - 0
[  733.808286][  T420] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  733.875272][  T425] bond13 (unregistering): (slave veth13): Releasing active interface
[  733.905044][  T425] bond13 (unregistering): (slave batadv0): Releasing active interface
[  733.945942][  T425] bond13 (unregistering): Released all slaves
[  733.995983][  T420] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  734.014996][  T420] netdevsim netdevsim1 eth2 (unregistering): unset [0, 1] type 1 family 0 port 2816 - 0
[  734.035640][  T420] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  734.122131][  T420] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  734.148646][  T420] netdevsim netdevsim1 eth1 (unregistering): unset [0, 1] type 1 family 0 port 2816 - 0
[  734.173750][  T420] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  734.257740][  T420] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  734.298775][  T420] netdevsim netdevsim1 eth0 (unregistering): unset [0, 1] type 1 family 0 port 2816 - 0
[  734.329390][  T420] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  734.366593][  T441] netlink: 12 bytes leftover after parsing attributes in process `syz.8.10715'.
[  734.402529][  T444] bridge0: port 1(macvlan0) entered blocking state
[  734.411107][  T444] bridge0: port 1(macvlan0) entered disabled state
[  734.419200][  T444] macvlan0: entered allmulticast mode
[  734.425241][  T444] ip6gretap0: entered allmulticast mode
[  734.433230][  T444] macvlan0: entered promiscuous mode
[  734.455069][  T441] 8021q: adding VLAN 0 to HW filter on device bond16
[  734.536834][  T445] bond16: (slave gretap0): Enslaving as an active interface with an up link
[  734.583921][T32303] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  734.608604][T32303] netdevsim netdevsim1 eth0: set [0, 1] type 1 family 0 port 2816 - 0
[  734.641939][T32303] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  734.681815][T32303] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  734.696964][T32303] netdevsim netdevsim1 eth1: set [0, 1] type 1 family 0 port 2816 - 0
[  734.711674][   T28] audit: type=1326 audit(990.686:6303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=460 comm="syz.3.10728" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd08592cdd9 code=0x0
[  734.734022][T32303] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  734.761340][T32303] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  734.772227][T32303] netdevsim netdevsim1 eth2: set [0, 1] type 1 family 0 port 2816 - 0
[  734.786157][T32303] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  734.807683][   T28] audit: type=1400 audit(990.786:6304): avc:  denied  { accept } for  pid=460 comm="syz.3.10728" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  734.827670][T32303] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  734.844110][T32303] netdevsim netdevsim1 eth3: set [0, 1] type 1 family 0 port 2816 - 0
[  734.860250][T32303] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  736.028389][  T501] netlink: 'syz.5.10730': attribute type 1 has an invalid length.
[  736.075411][  T501] bond13: entered promiscuous mode
[  736.110224][  T501] 8021q: adding VLAN 0 to HW filter on device bond13
[  736.133676][  T508] netlink: 24 bytes leftover after parsing attributes in process `syz.8.10732'.
[  736.195677][  T508] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=508 comm=syz.8.10732
[  736.661232][  T531] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=531 comm=syz.1.10739
[  736.998452][   T28] audit: type=1400 audit(992.976:6305): avc:  denied  { getopt } for  pid=537 comm="syz.5.10741" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  737.047051][   T28] audit: type=1400 audit(992.976:6306): avc:  denied  { create } for  pid=537 comm="syz.5.10741" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_nflog_socket permissive=1
[  737.107043][  T543] netlink: 8 bytes leftover after parsing attributes in process `syz.5.10743'.
[  737.131850][  T543] netlink: 8 bytes leftover after parsing attributes in process `syz.5.10743'.
[  737.197789][  T547] netlink: 12 bytes leftover after parsing attributes in process `syz.5.10745'.
[  737.251743][  T547] bond14: entered promiscuous mode
[  737.269644][  T547] bond14: entered allmulticast mode
[  737.488446][  T558] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10751'.
[  737.530698][  T569] netlink: 80 bytes leftover after parsing attributes in process `syz.8.10752'.
[  737.556201][  T573] netlink: 20 bytes leftover after parsing attributes in process `syz.5.10753'.
[  737.576621][  T573] netlink: 'syz.5.10753': attribute type 10 has an invalid length.
[  737.606319][  T578] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  737.634396][   T28] audit: type=1400 audit(993.606:6307): avc:  denied  { accept } for  pid=577 comm="syz.9.10756" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  737.634992][  T582] netlink: 24 bytes leftover after parsing attributes in process `syz.5.10758'.
[  737.708523][  T582] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=582 comm=syz.5.10758
[  737.802573][   T28] audit: type=1326 audit(993.776:6308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=589 comm="syz.8.10762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2ebfecdd9 code=0x7ffc0000
[  737.854635][   T28] audit: type=1326 audit(993.776:6309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=589 comm="syz.8.10762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2ebfecdd9 code=0x7ffc0000
[  737.877915][   T28] audit: type=1326 audit(993.776:6310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=589 comm="syz.8.10762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2ebfecdd9 code=0x7ffc0000
[  737.912185][   T28] audit: type=1326 audit(993.776:6311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=589 comm="syz.8.10762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2ebfecdd9 code=0x7ffc0000
[  738.656144][  T612] netlink: 'syz.8.10769': attribute type 16 has an invalid length.
[  738.719702][  T614] netlink: 80 bytes leftover after parsing attributes in process `syz.3.10768'.
[  738.974093][  T624] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=56 sclass=netlink_route_socket pid=624 comm=syz.9.10774
[  739.072833][  T629] netlink: 4 bytes leftover after parsing attributes in process `syz.9.10776'.
[  739.332874][  T635] syz.8.10778 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  739.927864][  T650] netlink: 24 bytes leftover after parsing attributes in process `syz.3.10782'.
[  740.095647][  T654] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=654 comm=syz.3.10782
[  741.953405][  T706] 8021q: adding VLAN 0 to HW filter on device bond17
[  741.989513][  T714] IPVS: sync thread started: state = MASTER, mcast_ifn = bridge_slave_0, syncid = 3, id = 0
[  742.014471][  T713] 8021q: adding VLAN 0 to HW filter on device bond0
[  742.041732][  T713] bond17: (slave bond0): Enslaving as an active interface with an up link
[  742.077413][  T716] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=716 comm=syz.9.10799
[  742.111836][  T718] bond14: entered promiscuous mode
[  742.124331][  T706] netlink: 'syz.8.10796': attribute type 10 has an invalid length.
[  742.714778][  T744] __nla_validate_parse: 8 callbacks suppressed
[  742.714797][  T744] netlink: 16 bytes leftover after parsing attributes in process `syz.8.10810'.
[  742.765460][  T744] ´(Y}ñB: renamed from veth1_to_bridge
[  743.337987][  T753] netlink: 'syz.5.10822': attribute type 1 has an invalid length.
[  743.369544][  T753] 8021q: adding VLAN 0 to HW filter on device bond15
[  743.438499][  T753] bond15: (slave veth17): Enslaving as an active interface with a down link
[  743.479104][   T28] kauditd_printk_skb: 16 callbacks suppressed
[  743.479132][   T28] audit: type=1326 audit(999.456:6328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=759 comm="syz.1.10815" exe="/root/syz-executor" sig=9 arch=c000003e syscall=39 compat=0 ip=0x7f17db826b57 code=0x0
[  743.535858][  T753] bond15: (slave dummy0): making interface the new active one
[  743.544886][  T753] dummy0: entered promiscuous mode
[  743.559253][  T753] bond15: (slave dummy0): Enslaving as an active interface with an up link
[  743.570192][  T753] netlink: 14 bytes leftover after parsing attributes in process `syz.5.10822'.
[  743.589408][   T28] audit: type=1400 audit(999.556:6329): avc:  denied  { getopt } for  pid=765 comm="syz.8.10817" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  743.615045][  T753] bond15: (slave dummy0): Releasing active interface
[  743.621980][  T753] dummy0 (unregistering): left promiscuous mode
[  743.765875][  T776] vlan5: entered allmulticast mode
[  743.772582][  T776] bond0: entered allmulticast mode
[  743.779281][  T776] bond_slave_0: entered allmulticast mode
[  743.785954][  T776] bond_slave_1: entered allmulticast mode
[  743.792840][  T776] bridge0: entered allmulticast mode
[  743.800635][  T776] netlink: 14 bytes leftover after parsing attributes in process `syz.8.10823'.
[  743.812141][  T776] bond17: (slave bond0): Releasing backup interface
[  743.837793][  T776] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  743.847044][  T776] bond_slave_0: left allmulticast mode
[  743.853544][  T776] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  743.862886][  T776] bond_slave_1: left allmulticast mode
[  743.869387][  T776] bond0 (unregistering): (slave bridge0): Releasing backup interface
[  743.878778][  T776] bridge0: left allmulticast mode
[  743.885267][  T776] bond0 (unregistering): Released all slaves
[  744.228519][  T790] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10828'.
[  744.316106][  T795] SET target dimension over the limit!
[  744.339310][   T28] audit: type=1400 audit(1000.316:6330): avc:  denied  { accept } for  pid=796 comm="syz.1.10831" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  744.370009][  T800] openvswitch: netlink: EtherType 0 is less than min 600
[  744.390075][  T804] syzkaller1: left promiscuous mode
[  744.396753][  T804] syzkaller1: left allmulticast mode
[  744.533227][  T811] 9pnet: p9_errstr2errno: server reported unknown error 0x0000000000
[  744.948354][  T828] syz.5.10839 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[  745.016753][  T828] CPU: 1 UID: 0 PID: 828 Comm: syz.5.10839 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  745.016791][  T828] Tainted: [W]=WARN
[  745.016799][  T828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  745.016812][  T828] Call Trace:
[  745.016819][  T828]  <TASK>
[  745.016826][  T828]  __dump_stack+0x1d/0x30
[  745.016879][  T828]  dump_stack_lvl+0x95/0xd0
[  745.016912][  T828]  dump_stack+0x15/0x1b
[  745.016933][  T828]  dump_header+0x80/0x240
[  745.016956][  T828]  oom_kill_process+0x295/0x350
[  745.017021][  T828]  out_of_memory+0x97d/0xb80
[  745.017065][  T828]  try_charge_memcg+0x62f/0xa10
[  745.017107][  T828]  charge_memcg+0x6d/0x120
[  745.017171][  T828]  __mem_cgroup_charge+0x28/0xb0
[  745.017201][  T828]  shmem_get_folio_gfp+0x47b/0xd60
[  745.017333][  T828]  shmem_write_begin+0xfc/0x1f0
[  745.017372][  T828]  generic_perform_write+0x183/0x490
[  745.017410][  T828]  shmem_file_write_iter+0xc5/0xf0
[  745.017488][  T828]  iter_file_splice_write+0x6c4/0xa80
[  745.017590][  T828]  ? __pfx_iter_file_splice_write+0x10/0x10
[  745.017635][  T828]  direct_splice_actor+0x156/0x2a0
[  745.017675][  T828]  ? shmem_file_open+0x31/0x40
[  745.017709][  T828]  splice_direct_to_actor+0x311/0x670
[  745.017827][  T828]  ? __pfx_direct_splice_actor+0x10/0x10
[  745.017870][  T828]  do_splice_direct+0x119/0x1a0
[  745.017903][  T828]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  745.017950][  T828]  do_sendfile+0x382/0x650
[  745.017981][  T828]  __x64_sys_sendfile64+0x105/0x150
[  745.018025][  T828]  x64_sys_call+0x2dc4/0x3020
[  745.018060][  T828]  do_syscall_64+0x12c/0x3b0
[  745.018092][  T828]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  745.018121][  T828] RIP: 0033:0x7f70fb37cdd9
[  745.018148][  T828] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  745.018168][  T828] RSP: 002b:00007f70f9dae028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  745.018188][  T828] RAX: ffffffffffffffda RBX: 00007f70fb5f6090 RCX: 00007f70fb37cdd9
[  745.018262][  T828] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000006
[  745.018292][  T828] RBP: 00007f70fb412d69 R08: 0000000000000000 R09: 0000000000000000
[  745.018373][  T828] R10: 000000000e3aa6ea R11: 0000000000000246 R12: 0000000000000000
[  745.018443][  T828] R13: 00007f70fb5f6128 R14: 00007f70fb5f6090 R15: 00007ffcbff2a178
[  745.018471][  T828]  </TASK>
[  745.282031][  T828] memory: usage 307196kB, limit 307200kB, failcnt 879
[  745.306497][  T828] memory+swap: usage 375844kB, limit 9007199254740988kB, failcnt 0
[  745.348066][  T828] kmem: usage 302936kB, limit 9007199254740988kB, failcnt 0
[  745.388648][  T828] Memory cgroup stats for /syz5:
[  745.389206][  T828] cache 3727360
[  745.509193][  T828] rss 577536
[  745.543844][  T828] shmem 3727360
[  745.547994][  T828] mapped_file 0
[  745.572782][  T828] dirty 0
[  745.577011][  T828] writeback 0
[  745.613810][  T828] workingset_refault_anon 6193
[  745.622586][  T828] workingset_refault_file 9271
[  745.639040][  T828] swap 70291456
[  745.644345][  T828] swapcached 116133888
[  745.648697][  T828] pgpgin 911432
[  745.652313][  T828] pgpgout 910366
[  745.655973][  T828] pgfault 733884
[  745.659575][  T828] pgmajfault 4985
[  745.663311][  T828] inactive_anon 2957312
[  745.684672][  T828] active_anon 1409024
[  745.706791][  T828] inactive_file 0
[  745.718317][  T828] active_file 0
[  745.751191][  T847] netlink: 209836 bytes leftover after parsing attributes in process `syz.9.10847'.
[  745.768024][  T828] unevictable 0
[  745.780825][  T828] hierarchical_memory_limit 314572800
[  745.794694][  T847] netlink: 3074 bytes leftover after parsing attributes in process `syz.9.10847'.
[  745.816645][  T850] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10848'.
[  745.837556][  T828] hierarchical_memsw_limit 9223372036854771712
[  745.863415][  T850] netlink: 12 bytes leftover after parsing attributes in process `syz.3.10848'.
[  745.889229][  T828] total_cache 3727360
[  745.904621][  T828] total_rss 577536
[  745.917463][  T828] total_shmem 3727360
[  745.929447][  T828] total_mapped_file 0
[  745.933713][  T850] vlan2: entered promiscuous mode
[  745.944690][  T828] total_dirty 0
[  745.949622][  T850] bridge13: entered promiscuous mode
[  745.966156][  T828] total_writeback 0
[  745.975511][  T850] vlan2: entered allmulticast mode
[  745.980723][  T828] total_workingset_refault_anon 6193
[  745.994685][  T828] total_workingset_refault_file 9271
[  745.994694][  T850] bridge13: entered allmulticast mode
[  746.007290][  T856] IPVS: Unknown mcast interface: bridge_slave_0
[  746.028790][  T828] total_swap 70291456
[  746.036228][  T828] total_swapcached 116133888
[  746.057142][  T828] total_pgpgin 911433
[  746.064773][  T828] total_pgpgout 910367
[  746.076419][  T828] total_pgfault 733888
[  746.088263][  T828] total_pgmajfault 4985
[  746.111988][  T828] total_inactive_anon 2957312
[  746.126807][  T828] total_active_anon 1409024
[  746.143219][  T828] total_inactive_file 0
[  746.147811][  T828] total_active_file 0
[  746.155339][  T828] total_unevictable 0
[  746.163856][  T828] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz5,task_memcg=/syz5,task=syz.5.3856,pid=14296,uid=0
[  746.201285][  T828] Memory cgroup out of memory: Killed process 14296 (syz.5.3856) total-vm:96084kB, anon-rss:1232kB, file-rss:20804kB, shmem-rss:0kB, UID:0 pgtables:100kB oom_score_adj:1000
[  746.234729][  T869] netlink: 'syz.9.10856': attribute type 8 has an invalid length.
[  746.488383][   T28] audit: type=1400 audit(1002.466:6331): avc:  denied  { bind } for  pid=875 comm="syz.9.10858" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  751.809931][  T924] netlink: 14 bytes leftover after parsing attributes in process `syz.1.10874'.
[  751.888153][  T924] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  751.919992][  T924] bond_slave_0: left promiscuous mode
[  751.934819][  T924] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  751.949855][  T924] bond_slave_1: left promiscuous mode
[  751.963736][  T924] bond0 (unregistering): (slave bridge_slave_1): Releasing backup interface
[  751.979445][  T924] bridge_slave_1: left promiscuous mode
[  752.001541][  T924] bond0 (unregistering): Released all slaves
[  752.259282][  T934] netlink: 4 bytes leftover after parsing attributes in process `syz.5.10878'.
[  752.304298][  T934] netlink: 4 bytes leftover after parsing attributes in process `syz.5.10878'.
[  753.243782][  T958] netlink: 24 bytes leftover after parsing attributes in process `syz.9.10888'.
[  753.285851][  T958] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=958 comm=syz.9.10888
[  753.633750][  T967] SET target dimension over the limit!
[  753.743077][  T973] netlink: 132 bytes leftover after parsing attributes in process `syz.9.10894'.
[  754.041378][  T988] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10900'.
[  754.379748][ T1007] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10906'.
[  755.044644][ T1045] netlink: 12 bytes leftover after parsing attributes in process `syz.8.10919'.
[  755.089616][ T1045] bond0: entered promiscuous mode
[  755.100405][ T1045] bond0: entered allmulticast mode
[  756.175241][ T1096] bridge0: port 1(macvlan0) entered blocking state
[  756.181882][ T1096] bridge0: port 1(macvlan0) entered listening state
[  756.405591][ T1107] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.10937'.
[  756.425222][ T1107] netlink: 3074 bytes leftover after parsing attributes in process `syz.1.10937'.
[  757.597425][ T1123] xfrm0 speed is unknown, defaulting to 1000
[  757.755171][ T1124] Option '                                              W' to dns_resolver key: bad/missing value
[  757.768306][ T1123] lo speed is unknown, defaulting to 1000
[  757.862962][ T1123] wg1 speed is unknown, defaulting to 1000
[  757.887815][ T1123] gre0 speed is unknown, defaulting to 1000
[  759.216858][ T1156] netlink: 'syz.3.10950': attribute type 1 has an invalid length.
[  759.230000][ T1153] __nla_validate_parse: 1 callbacks suppressed
[  759.230053][ T1153] netlink: 12 bytes leftover after parsing attributes in process `syz.9.10948'.
[  759.236392][ T1156] bond13: entered promiscuous mode
[  759.255704][ T1156] 8021q: adding VLAN 0 to HW filter on device bond13
[  759.300596][ T1153] netlink: 12 bytes leftover after parsing attributes in process `syz.9.10948'.
[  759.326347][ T1156] 8021q: adding VLAN 0 to HW filter on device bond13
[  759.353698][ T1156] bond13: (slave vcan0): The slave device specified does not support setting the MAC address
[  759.472855][ T1156] bond13: (slave vcan0): Setting fail_over_mac to active for active-backup mode
[  759.486111][ T1156] bond13: (slave vcan0): making interface the new active one
[  759.493555][ T1156] vcan0: entered promiscuous mode
[  759.500681][ T1156] bond13: (slave vcan0): Enslaving as an active interface with an up link
[  759.533092][ T1161] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  759.561107][ T1153] netlink: 12 bytes leftover after parsing attributes in process `syz.9.10948'.
[  761.803083][ T1178] xfrm0 speed is unknown, defaulting to 1000
[  763.152081][ T1188] veth0_macvtap: left allmulticast mode
[  763.592715][ T1188] team2: left promiscuous mode
[  763.597712][ T1188] team2: left allmulticast mode
[  763.602820][ T1188] team3: left promiscuous mode
[  763.607932][ T1188] team3: left allmulticast mode
[  763.613139][ T1188] bond7: left promiscuous mode
[  763.618123][ T1188] erspan1: left promiscuous mode
[  763.623335][ T1188] bond7: left allmulticast mode
[  763.628560][ T1188] erspan1: left allmulticast mode
[  763.635866][ T1188] bond10: left promiscuous mode
[  763.640882][ T1188] bond10: left allmulticast mode
[  763.648352][ T1188] vlan4: left allmulticast mode
[  763.653391][ T1188] macvtap0: left allmulticast mode
[  763.660993][ T1188] bond11: left allmulticast mode
[  763.666380][ T1188] bridge6: left promiscuous mode
[  763.671559][ T1188] bridge6: left allmulticast mode
[  763.679479][ T1188] vlan5: left allmulticast mode
[  763.684477][ T1188] bond12: left allmulticast mode
[  763.689580][ T1188] geneve5: left allmulticast mode
[  763.698336][ T1188] bridge8: left promiscuous mode
[  763.705149][ T1188] bond13: left promiscuous mode
[  763.711453][ T1188] bond14: left promiscuous mode
[  763.716739][ T1188] bond14: left allmulticast mode
[  763.724839][ T1178] lo speed is unknown, defaulting to 1000
[  763.737609][ T7088] netdevsim netdevsim5 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  763.770064][ T7088] netdevsim netdevsim5 eth0: unset [1, 0] type 2 family 0 port 20004 - 0
[  763.788814][ T7088] netdevsim netdevsim5 eth0: unset [1, 1] type 2 family 0 port 6081 - 0
[  763.803500][ T7088] netdevsim netdevsim5 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  763.815538][ T7088] netdevsim netdevsim5 eth1: unset [1, 0] type 2 family 0 port 20004 - 0
[  763.824104][ T7088] netdevsim netdevsim5 eth1: unset [1, 1] type 2 family 0 port 6081 - 0
[  763.834668][ T7088] netdevsim netdevsim5 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  763.868876][ T7088] netdevsim netdevsim5 eth2: unset [1, 0] type 2 family 0 port 20004 - 0
[  763.906822][ T7088] netdevsim netdevsim5 eth2: unset [1, 1] type 2 family 0 port 6081 - 0
[  763.926210][ T7088] netdevsim netdevsim5 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  763.944035][ T7088] netdevsim netdevsim5 eth3: unset [1, 0] type 2 family 0 port 20004 - 0
[  763.973835][ T7088] netdevsim netdevsim5 eth3: unset [1, 1] type 2 family 0 port 6081 - 0
[  763.994613][ T1178] wg1 speed is unknown, defaulting to 1000
[  764.019571][ T1178] gre0 speed is unknown, defaulting to 1000
[  764.433054][ T1262] batadv_slave_0: Caught tx_queue_len zero misconfig
[  764.455457][ T1262] netem: change failed
[  765.010324][ T1282] netlink: 8 bytes leftover after parsing attributes in process `syz.9.10982'.
[  765.308071][ T1284] netlink: 'syz.8.10985': attribute type 21 has an invalid length.
[  765.321839][ T1284] netlink: 'syz.8.10985': attribute type 6 has an invalid length.
[  765.336668][ T1284] netlink: 132 bytes leftover after parsing attributes in process `syz.8.10985'.
[  766.121942][ T1310] netlink: 'syz.5.10993': attribute type 4 has an invalid length.
[  766.181841][ T1312] netlink: 'syz.5.10994': attribute type 1 has an invalid length.
[  766.216590][ T1312] 8021q: adding VLAN 0 to HW filter on device bond16
[  766.238711][ T1312] ipvlan2: entered allmulticast mode
[  766.244131][ T1312] bond16: entered allmulticast mode
[  766.272057][ T1312] bond16: (slave bridge9): making interface the new active one
[  766.281231][ T1312] bridge9: entered allmulticast mode
[  766.288660][ T1312] bond16: (slave bridge9): Enslaving as an active interface with an up link
[  766.763406][ T1324] netlink: 'syz.9.10997': attribute type 13 has an invalid length.
[  766.792094][ T1324] gretap0: refused to change device tx_queue_len
[  766.810564][ T1324] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  767.181236][ T1316] ==================================================================
[  767.189407][ T1316] BUG: KCSAN: data-race in fifo_open / wait_for_partner
[  767.196418][ T1316] 
[  767.198772][ T1316] read-write to 0xffff88815bc03124 of 4 bytes by task 1315 on cpu 0:
[  767.206854][ T1316]  fifo_open+0x86/0x5d0
[  767.211057][ T1316]  do_dentry_open+0x4be/0xa90
[  767.215771][ T1316]  vfs_open+0x37/0x1e0
[  767.219869][ T1316]  path_openat+0x1b70/0x2050
[  767.224489][ T1316]  do_file_open+0x16c/0x290
[  767.229027][ T1316]  do_sys_openat2+0x94/0x130
[  767.233661][ T1316]  __se_sys_openat2+0x193/0x1f0
[  767.238550][ T1316]  __x64_sys_openat2+0x55/0x70
[  767.243353][ T1316]  x64_sys_call+0x2170/0x3020
[  767.248100][ T1316]  do_syscall_64+0x12c/0x3b0
[  767.252726][ T1316]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  767.258647][ T1316] 
[  767.260998][ T1316] read to 0xffff88815bc03124 of 4 bytes by task 1316 on cpu 1:
[  767.268564][ T1316]  wait_for_partner+0xd5/0x1e0
[  767.273375][ T1316]  fifo_open+0x462/0x5d0
[  767.277694][ T1316]  do_dentry_open+0x4be/0xa90
[  767.282414][ T1316]  vfs_open+0x37/0x1e0
[  767.286527][ T1316]  path_openat+0x1b70/0x2050
[  767.291154][ T1316]  do_file_open+0x16c/0x290
[  767.295695][ T1316]  do_sys_openat2+0x94/0x130
[  767.300325][ T1316]  __x64_sys_openat+0xf2/0x120
[  767.305126][ T1316]  x64_sys_call+0x1e39/0x3020
[  767.309833][ T1316]  do_syscall_64+0x12c/0x3b0
[  767.314465][ T1316]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  767.320383][ T1316] 
[  767.322729][ T1316] value changed: 0x00000001 -> 0x00000002
[  767.328480][ T1316] 
[  767.330814][ T1316] Reported by Kernel Concurrency Sanitizer on:
[  767.336983][ T1316] CPU: 1 UID: 0 PID: 1316 Comm: syz.5.10995 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  767.348075][ T1316] Tainted: [W]=WARN
[  767.351910][ T1316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  767.361985][ T1316] ==================================================================