last executing test programs:

9m52.698963369s ago: executing program 32 (id=132):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendto$inet6(r0, &(0x7f0000000400)="2ae0e710", 0x4, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1}, 0x1c)
setsockopt$inet6_int(r0, 0x29, 0x31, &(0x7f00000000c0)=0x6, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0xf, &(0x7f0000000e80)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffd}, {}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
recvmmsg(r0, &(0x7f0000000d80), 0x4000000000001e9, 0x10162, 0x0)

9m45.96063674s ago: executing program 33 (id=301):
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x2b, 0x1, 0x0, 0x0, 0x0, 0x10009, 0xf40b9, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x7, 0x100}, 0x204, 0x0, 0x43a1bd78, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x200b}, 0x0, 0x4000000000, 0xffffffffffffffff, 0xa)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
arch_prctl$ARCH_SET_GS(0x1001, 0x0)

9m33.045409163s ago: executing program 34 (id=588):
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
r1 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r0)
syslog(0x3, &(0x7f00000000c0)=""/179, 0xb3)

9m23.358966834s ago: executing program 35 (id=763):
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000120000007f00000001"], 0x48)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000000)={r0, 0x58, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r1=>0x0}}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x6, 0x3, &(0x7f0000000600)=ANY=[@ANYBLOB="1818000004000000000000000000000095"], &(0x7f0000000040)='GPL\x00', 0x5, 0x0, 0x0, 0x1f00, 0x0, '\x00', r1, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)

8m35.130497297s ago: executing program 36 (id=1958):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000002c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x3800, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

8m9.774119672s ago: executing program 37 (id=2510):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000000), &(0x7f0000000040)=0x4)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r1 = socket$inet(0x2, 0x3, 0xd)
getsockopt$inet_mreqsrc(r1, 0x0, 0x53, &(0x7f0000000000)={@dev, @local, @broadcast}, &(0x7f0000000040)=0x28)

7m52.089051364s ago: executing program 38 (id=2915):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000040)={0x0, 0x6d207ee5}, 0x8)
bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r0, &(0x7f00000018c0)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x1, @loopback, 0x1}, 0x1c, &(0x7f0000000580)=[{&(0x7f0000001680)='\t', 0x1}], 0x1}}], 0x1, 0x0)
setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r0, 0x84, 0x78, &(0x7f0000000080), 0x4)

7m15.90923562s ago: executing program 39 (id=3898):
r0 = syz_io_uring_setup(0xa3d, &(0x7f0000000180)={0x0, 0x43ed, 0x0, 0x2000001, 0x8002ae}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x109880})
io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf)

7m6.086932672s ago: executing program 40 (id=4154):
r0 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a58000000060a010400000000000000000a0000010900010073797a31000000002c0004802800018007000100637400001c0002800500030001000000080002400000000c08000140000000090900020073797a320000000014000000110001"], 0x80}, 0x1, 0x0, 0x0, 0x4008091}, 0x24000000)

6m48.642884833s ago: executing program 41 (id=4548):
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x100000001, 0xdd5}, 0x0, 0x0, 0xfffc, 0x2, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0x1)
r0 = syz_io_uring_setup(0x10d4, &(0x7f0000000100)={0x0, 0x7f36, 0x0, 0x0, 0x322}, &(0x7f00000000c0)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_RECVMSG={0xa, 0x29, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000001c0)=[{0x0}, {0x0}], 0x2}, 0x0, 0x40000000, 0x1, {0x3}})
io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0)

6m43.380648685s ago: executing program 42 (id=4675):
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x2a, 0x1, 0x0, 0x0, 0x0, 0x10, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_bp={0x0, 0x1}, 0x2002, 0x32, 0x43a1bd56, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
symlink(&(0x7f0000001780)='./file0/../file0\x00', &(0x7f00000017c0)='./file0\x00')
readlink(&(0x7f0000000040)='./file0/../file0\x00', &(0x7f0000000080)=""/121, 0x79)

6m29.1908309s ago: executing program 43 (id=5057):
unshare(0x2a020400)
r0 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x88)
r2 = openat$cgroup_int(r1, &(0x7f0000000040)='cpu.idle\x00', 0x2, 0x0)
sendfile(r2, r2, 0x0, 0x7ffff000)

6m22.415737045s ago: executing program 44 (id=5152):
rt_sigprocmask(0x0, &(0x7f000078b000)={[0xfffffffffffffff9]}, 0x0, 0x8)
r0 = getpid()
r1 = gettid()
rt_tgsigqueueinfo(r0, r1, 0xb, &(0x7f00000004c0)={0x0, 0x0, 0x4})
r2 = signalfd(0xffffffffffffffff, &(0x7f00007aeff8)={[0xfffffffffffffffc]}, 0x8)
read(r2, &(0x7f0000000340)=""/384, 0x180)

6m12.768465322s ago: executing program 45 (id=5091):
ioctl$HIDIOCGUSAGES(0xffffffffffffffff, 0xd01c4813, &(0x7f0000000240)={{0x3, 0x2, 0x5, 0xb7a4, 0x1, 0xffff}, 0x341, [0xc, 0x40, 0xcd7, 0x4, 0x6, 0x0, 0x80000000, 0x7, 0x9, 0x7a18fde9, 0x9, 0xf12, 0x4, 0x3, 0x378, 0x9, 0x4, 0x0, 0x1, 0xffff06bd, 0x0, 0xf, 0x1a, 0xf2, 0x10, 0x9, 0x8, 0x10001, 0x401, 0x80000000, 0x401, 0x3ca5, 0x1, 0x0, 0xff, 0x4, 0x4, 0x3, 0x0, 0xaa80, 0x40000000, 0x80000000, 0x7fff, 0x7, 0x5, 0xa, 0x0, 0x10000, 0x405, 0x8, 0xffff, 0x91ba, 0x7, 0x9, 0x9, 0xb6, 0x24, 0xcb, 0x5, 0x7f, 0x5, 0x311, 0x66d1, 0xfffffffc, 0xa7d6, 0xb6eb, 0xc74, 0x77, 0x1, 0xc0000000, 0x5cb5, 0xfffffffd, 0x401, 0xedf4, 0x4, 0x1000, 0x6, 0xfffffffe, 0x8001, 0xc1, 0x1, 0x8, 0x1, 0x32, 0x98, 0x7f, 0xffff, 0x401, 0x2, 0x2, 0x4680, 0x9a7f, 0xe665, 0x3c6e, 0x3, 0x7, 0x80, 0x4b, 0x9, 0x2, 0xb, 0x6, 0x4fa4, 0x80000000, 0x1, 0xb, 0x0, 0xfffffffa, 0x3, 0x9, 0xfd, 0x101, 0x4, 0x0, 0xa, 0x1b, 0x202, 0x7ff, 0x9, 0x80000000, 0xffff, 0x9, 0x0, 0x6, 0x2, 0xffffff87, 0xe, 0xd, 0xf, 0x8, 0x9, 0x7, 0x6, 0x400, 0x8, 0xff2, 0x6, 0x0, 0x6, 0x0, 0x8, 0x1, 0x3, 0x664, 0x4, 0x9, 0x9, 0x2, 0x8, 0xfffffffd, 0x10, 0x0, 0x9, 0x10000, 0x1, 0x9, 0x9, 0xc6, 0x1, 0x4, 0x7ff, 0xe6, 0x6, 0x10001, 0x9, 0x68, 0x7, 0x201, 0x5, 0x2, 0x9a3f, 0x400000, 0x0, 0x80000067, 0xffffff7e, 0x7, 0x10000000, 0x10001, 0x7, 0x3, 0x10, 0x10a, 0xa, 0x40, 0x18, 0x7d, 0xb5f8, 0x8bc, 0x3, 0x8000103, 0x5, 0x63, 0x4, 0x18000, 0x10, 0x1000, 0x288c, 0x1ffe, 0x73ee, 0x1, 0x5, 0x9, 0x7fffffff, 0x73, 0x6, 0x8, 0x6, 0x400, 0x40, 0xffffffff, 0xa, 0x0, 0x546c, 0x981, 0x5aa, 0x7fff, 0x7, 0x4, 0x7, 0xc4c, 0x45e3, 0x5, 0x7, 0x3, 0x7, 0x3, 0x0, 0x1, 0x2, 0xffffffff, 0x4, 0x200000ce, 0xf, 0x0, 0x1, 0xa, 0x3, 0x0, 0x9, 0x9, 0x37c, 0x10001, 0x8, 0x1, 0x5, 0x2, 0x6, 0x4, 0x6, 0x1, 0x8, 0x6, 0xfffffffa, 0x5, 0x0, 0x9, 0x5, 0x2, 0x7, 0x3, 0xffffff1b, 0x9, 0x2, 0xd, 0x34ea, 0x43, 0x0, 0x80002001, 0x8, 0x8000, 0x4, 0x10, 0x8, 0x9, 0x5, 0x1, 0x6, 0x10001, 0x0, 0x4, 0x10000, 0x4, 0xffff, 0x2, 0x89, 0x2, 0x3, 0x1, 0x73, 0x3, 0x9, 0x4, 0x1, 0x9, 0x0, 0x8, 0x0, 0x81, 0x80000004, 0x9, 0x9, 0x0, 0x4, 0x10000004, 0x0, 0x1, 0x4, 0x5, 0x4, 0x10001, 0xf, 0x9, 0x100, 0x4, 0x59b, 0x7, 0x8, 0x9, 0x3, 0x2, 0x4, 0x6, 0x0, 0x8, 0x40, 0xd3, 0x7, 0xffffffff, 0x89aa, 0x8, 0x0, 0xf0ce, 0x4, 0x1, 0x0, 0x2, 0xc6, 0x1000, 0x800001, 0x937, 0xa, 0x6, 0x3, 0xffffffff, 0x5, 0x9, 0x5, 0xffffffff, 0xbe, 0x1, 0x7, 0x0, 0xffffffff, 0x0, 0x3d6, 0x0, 0xae, 0x6, 0x1, 0xfffffeff, 0x4, 0x5, 0x7fff, 0x103, 0x7, 0x6, 0x709, 0x2, 0x49, 0xffff0000, 0xfffffff7, 0xfffff772, 0x8, 0x80000000, 0x3, 0x7, 0xa9c, 0x9, 0x8, 0x1, 0x2, 0x5, 0x1000, 0x69f, 0x1ff, 0x9, 0x10, 0x3, 0x10000, 0xffff0000, 0xf, 0x1, 0x3, 0xffffa9b4, 0x1, 0x4, 0x5, 0xd58, 0x4b5f, 0x6, 0x7fffffff, 0xffffffff, 0x1, 0x80000000, 0xb, 0x0, 0x88d, 0x1, 0x7, 0x9, 0x1, 0x89, 0x6, 0x818a, 0x10, 0x8, 0x10, 0xfffffffc, 0xfffff001, 0xa, 0xfffffff7, 0x8000005, 0xd3, 0xffd, 0x9, 0x10, 0xfffffffd, 0x4, 0xc2, 0x400, 0x4, 0x2, 0x80000000, 0xd, 0x2, 0x1, 0x0, 0x20000005, 0xb6, 0x101, 0x401, 0x2, 0x7, 0xc, 0x6623258, 0xf2, 0x741, 0xfffffffc, 0x9, 0xffffa0a6, 0xc, 0x11, 0x5, 0x8, 0x9, 0x1, 0x7f, 0x98, 0x9, 0xb, 0x800, 0x4, 0x9, 0x5, 0x7, 0x7, 0x8, 0xfe, 0x7f, 0x9, 0x4, 0x6, 0x20000000, 0x2, 0x8000, 0x0, 0x0, 0x1000, 0xb, 0x0, 0x7, 0x8000000, 0x0, 0xfff, 0x8101, 0x4, 0x0, 0x9, 0xc, 0x5, 0xffe, 0x100, 0xffff, 0x1, 0x401, 0xf0, 0x0, 0xfffff53d, 0x9, 0x2, 0x6, 0x0, 0x4, 0x4b15, 0x10000, 0x1, 0x6, 0x1, 0xd, 0x8, 0x4, 0xfffffe01, 0x1, 0x6, 0x0, 0x2, 0x10001, 0x1, 0x7, 0xe4ce, 0x5, 0x4, 0xffffc487, 0x204, 0x10002, 0x1000, 0x7, 0x7, 0x6, 0x8, 0xfffffe00, 0x1, 0x1, 0x0, 0xe, 0x2, 0x2, 0xf, 0x80000000, 0xb66d, 0x3, 0x1000, 0x1eb4bce6, 0x10, 0x8, 0x1, 0x5, 0x1, 0x5, 0x9, 0x1000, 0x7, 0x62f2f805, 0x5, 0x3, 0xffffffff, 0x2, 0x7f, 0x6, 0x9, 0x40, 0x5, 0x2, 0xa, 0x5, 0x6, 0x80000000, 0x25, 0x8, 0x7, 0x7, 0x1, 0x5, 0x9, 0x6709, 0x10001, 0x0, 0x80, 0x8, 0x6, 0x0, 0xa95a, 0xff, 0x5, 0x2, 0x2, 0x4, 0xfffc, 0x80000001, 0x5, 0x1, 0x8c0, 0x0, 0xb7, 0x3, 0xff, 0x9, 0x0, 0x80, 0xfea5, 0x7fff, 0x7, 0x7, 0x7, 0x7485, 0x193, 0x8, 0x0, 0x5, 0xf, 0x3, 0xe, 0x8, 0x1000, 0x3, 0x7, 0x382d, 0x459, 0xcad, 0x9, 0x0, 0x20000002, 0x109, 0x6, 0x20000a4, 0xe0, 0xfffffffb, 0x5, 0xffffffff, 0x2, 0x4007, 0xa05a, 0x0, 0x0, 0x0, 0x35, 0x8, 0x1, 0x2, 0x30, 0xb, 0x101, 0x2, 0x9, 0x3, 0x7, 0x8, 0x8, 0x1, 0x2, 0x4, 0x15294b70, 0x3, 0x3, 0x2, 0x1, 0x3, 0x9, 0x1, 0x80000000, 0x9, 0x0, 0x5, 0x800081, 0x1, 0x2, 0x3fd, 0x1df, 0x6, 0x6, 0xfffffffa, 0x81, 0x9, 0x2, 0x9, 0x1, 0x9, 0x7, 0x2c1, 0x9e95, 0x0, 0xfffffedd, 0x30c8, 0x2, 0x38a0, 0x7b, 0x0, 0x8, 0x4, 0x6, 0x9, 0x0, 0x8, 0x5, 0x8, 0x1ff, 0x7fff, 0x3, 0x9, 0x8, 0x2b, 0x200006, 0x4, 0x7, 0x2, 0x0, 0xbfb, 0x7, 0x405, 0x6, 0x4, 0x8001, 0x9, 0x8, 0x3, 0x6ae574d2, 0x6, 0xfffffe00, 0x1000, 0x5, 0x92, 0xffffffff, 0x7fffffff, 0xd7, 0x8001, 0x905, 0x3, 0x6, 0xfffffb31, 0xb, 0x4, 0x7, 0x8, 0x1, 0x6, 0x1, 0xff, 0x100, 0x10000004, 0x3, 0x6, 0x80000001, 0x0, 0x100a, 0x7fffffff, 0x7fff, 0x2, 0xfffffff8, 0x2, 0x9af, 0x10001, 0x8, 0x4, 0x8, 0x6, 0x7742348d, 0x5, 0x5, 0x1f, 0x40, 0x0, 0x6, 0xfffffffc, 0x7, 0x7, 0x8, 0x17f, 0x6, 0x2, 0x1, 0x6, 0x14827783, 0xb, 0xe, 0x2, 0x1, 0xfe7, 0xfffffffc, 0x8, 0x7ff, 0x3e9, 0x0, 0x3, 0x2000, 0xa, 0x3, 0x9, 0x3, 0x81, 0x8, 0x14, 0x8, 0x9, 0x80, 0xd, 0xf28c, 0x7, 0x6, 0x4, 0x7fffffff, 0xffff, 0x7fffffff, 0xc9, 0x2, 0xfffffffe, 0x924, 0x499, 0x100, 0x1, 0x5, 0xffff351b, 0x7, 0xfffffffb, 0x3, 0x9, 0x2, 0x5, 0x4, 0x4, 0x4, 0xff, 0xee, 0x2, 0x4, 0x8, 0x9f, 0x7, 0x3, 0x9, 0xc9, 0x1, 0x1, 0x1, 0xfffffff7, 0x0, 0x6, 0x5, 0x6, 0x400, 0x51, 0x7, 0xefb, 0x200000b8, 0x1, 0x5, 0xfffffff7, 0x7, 0x7, 0x4, 0x6330, 0xff, 0x6, 0xea, 0xbb2d, 0xfff, 0x7, 0x6, 0x0, 0x6, 0xffff, 0xfffffffa, 0x3, 0x0, 0x1, 0x6, 0xfffffc00, 0x5, 0x7, 0x64c822e3, 0x9, 0x6, 0x80, 0x6, 0xfff, 0x0, 0xa7b, 0x62cc, 0xfffffff7, 0x7, 0x40, 0xa, 0x9b, 0x3, 0xe, 0xf01, 0x1, 0x3, 0x40, 0x3, 0x4, 0x5, 0x5, 0x7ff, 0x5, 0x8, 0x5, 0x3, 0x9, 0x2, 0x80000001, 0x54, 0x400, 0x1, 0x8, 0xa, 0x9, 0x10000c0, 0x3, 0x72, 0x80, 0x1000, 0x7, 0x800, 0x6, 0xd19, 0x3, 0x93c, 0x6, 0x20000000, 0x0, 0xe, 0x5, 0x3, 0xfffffffa, 0xa01, 0xf3, 0xffffff00, 0x8, 0xe, 0x3, 0x3ff, 0x5, 0x2, 0x6, 0xa3, 0xffff, 0xfffffff9, 0x9, 0x5, 0x62, 0x2, 0x1, 0xfffffffa, 0x2, 0x2, 0x9, 0x7, 0x0, 0x7, 0x8, 0x10000, 0x42, 0xaa1, 0x7, 0x2b, 0x6, 0x10, 0x5, 0x200, 0x9, 0x6, 0x800003, 0x8, 0x10, 0x4, 0x6, 0x633, 0xf05, 0x0, 0x101, 0x200, 0x8, 0x7ff, 0x0, 0x40, 0x1, 0x10000, 0x9, 0x40, 0x9, 0x0, 0x7f, 0x8, 0x6, 0xe, 0x3, 0x80000001, 0x4, 0x8, 0x8, 0x7, 0xdd, 0x6, 0x89, 0x0, 0x100, 0x1, 0x9, 0x6, 0x400, 0x1, 0x0, 0x200, 0xe9ab, 0x3, 0x8000, 0x13, 0x2, 0x2, 0x43, 0x3ff, 0x0, 0x7, 0x9, 0x401, 0x6, 0x7, 0xa, 0xf, 0xf39d, 0x71, 0xfff, 0x5, 0x8]})
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x2, 0x8c2b01)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080)=0xffffffff)
sendfile(0xffffffffffffffff, r0, 0x0, 0x162)
fsopen(0x0, 0x1)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x12d8)

5m52.383010221s ago: executing program 46 (id=5706):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r0, 0xffffffffffffffff, 0x2000000000000)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000100)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x2, {0x2, 0x0, @empty}}, 0x80, 0x0, 0x0, &(0x7f0000000180)=ANY=[], 0x18, 0x68000000}, 0x0)
r1 = socket$kcm(0xa, 0x5, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x6, 0x4, &(0x7f0000002280)=ANY=[@ANYBLOB="18020000e2ffffff00000000000000c685000000360000009500001800000000922ae83713ab9600010000801b10fb54a8cb72d232ad558c46fff4208d4990ec11ce9413ac30e00bd0081f8504e19a5183d769676520e98a263345e44d5ad12bca35510100c4d86abeb12303ff1c9fe0d0020000d60400000007d3670000008aff66d6b3181ffc1d62a3954c1198bbc4fa13aee48ca9e8969faebf3183fe803ab3f5024b52dc265b36fc9dae00a09404f01f9504d0976d252bd8d24538556e5e57bee3b8cf464ef3c6a7def8bad3ca6e3abdb21696e340bb8e2a093add57196b40def3858ef569147fa4108328392d322ab5df10a2f69a6bdf72ee7944e810d0223917c3d042410f57466f59544047d6d8ac44060000000000ee16c729300d2301800000000000002b5a8b05fcc154ad5290a8cdb97c343f454ff69dd6cbde49b28a6cb5f4fc0001745cff6e00e7ffffff0000acf3209a08439f1ff01779b6f6df7e02aa6d7760525b595fe1f697bc114ed1778e97a3f0395f946974cfb458be2a34cf924dc37b5592bf17956f3547497aba814382ff67b345b677a9d6523d87008000000400000000003fe8613ca29ff92be0d8deffff7b68136b0046d535dd39c0f35408869e9b342b953f91447e6b9eab304f134306320600a44095254b45a6c1312a13696c7202df5f764713504facc532c5a6d44d99ec7530ed7b0311000000000000e54e9072a22d911f4a2c2e2fa806e63c5cd98a8569a6d6bcfb000064885117e2ad910eae67e0ebe380d0f648713e68153579e02d71c58d147b00821ab9a6475b31e1ebf1369a04000000fbf3983f283f2f00000000992774814d63c933912d000006000000a66acb0a38856929e7d8b1b06c9bd5d7e5490f3b8596b694ea9483bd4bd287c83dd998a74694d18bdd8ad0983bc90770bbd26a82b9d99d5fc04563b523c47ef8c33400e90d02000000000000000edf1147a7afe772cd45af8aeffe2753088e02ca6bb2feec446ce7dbce66f0a93a03371320980865c7c62ea4d8f8a864dce9fa85aeb0454349100296ee2dba39c3f6fd6cf96714e11fe03b5062809a7418b165dd0336d226bac1e1223be1c97b15175d0e664beb126000e96549e1a1228c686edb475b705eaa9515c96f4fc6b3c925ea404e0f1de61026dc6c6618580fd6ce9eac602c1756f6d1056712412131ed9925989e01eae489ec7052e0ed72c326c7a8aa63999e2297c54ce1822d14b7c7699a9d0600f11f2e7f474cffbc35bc8623cd5eb68af82275a940be0400000000423346da092cbe220de96d6a8e9f32f18d1f606b381e4903b500000000000000000000004a2357ba5f03000000000000005dcf4f2aaee86d4802000000000000007cdb686d5da2a42e4b5024b6535811f362201d4f82012e6af704973d04ea923c19e6cb723c1923b3eea2d73e176dff383c9fbbac53dfdcb1a68c98e96fe39eec23963faf3ebed3409144c7c53d6318ced678a621450a9b01e9f2772e5f2999d3435da02556e36c3215d2bd4e96c93bff3ad04a82ff3cfadcf65eb92adc6c68d66b11cb2d7556414a86dfa94bb7aa52c7febb1e9b2efcbbc5bccf9d39bed802f4f056976a9a362ee9cc624ec454b90200fd9603f96908bddc14500000000000000000000000000044d917c62b27679913075731e8fddb07c10c82002d60181588ae63a440454287de9e340f611267f37bdd0f2d21cb06fcaf45a0a297e396f428d43371424b307eef82c5d6d19f3ef0d3b8f7fa51957e3099caab31133b34a1d3eebc0f0c9056df2e9667ba0b55695c7894010079b07e7aef7785e248deb8c83ab6eb2c72c484241dc3b66da78260f800fffd39368b952f6f4a10295c50c887a31d8b543c5d10f2dbd4d0b84eaad43feb6e169a9f2fcff7000000000000000000e011bc6366f56fa787f212c1f8c0f47f5078191c8a02ad436725771738a2a98891971e3b932352896e1ea10f62e8ef7a87e16151b39d6c27575714540d8c293a3fa4b5a825360423c1cbc8b5d19167152823ed853140edda002c16c842b168bb55f6bb713deb57d0aa78d6d4e5fc5be2c402bd77125d98120358900000892b135a92e8c844938aa98ba4839a1408a696454d40e5eed4d4dce481ca86bfac54c330331b7f2cde17cbaeb0377696faf546ecbe742d73d47d726a50f6e752f3325255bd7e8b5923aa3cfb6f7e06494f21ca450139c558000000000000000000000800000000000000000075aa0000000000000000000000005560bd9eb81e839e4992e64b074a66cccccf00334fa94da8477be7d99b558ec6a5b1596ac1e7617c6b32eed0cc70286caf2c5189a103f4b0b04aff171c4d388ccf67fea37e782f025c94c853cde330a193a967d907a8c88fcb033e680f559a72150cb900bafcd536f48797915a2fe9922ce27300009e1b36aa4730117d9b00000000003c630000000000008fbbd11b015c415ca04192fbfb1a8b0e3460af35771dbac10062835c9bab3ad09f7a022c52d8000000000000000000004000000000000000000000000000000000000000000400000000000000000000000000006ec473c54399b7b8aa1ee46132fc45da8292631178cecf19550108b8b8423de4295777a17bf4dfdfee5de0f3e4dadf51ab9562827b762fa611ba5f32861c19dffe1dc9fd5c41cd46cf131fd6b0c2ddad90ac33f768f9ecc70327c59918fa5a249befe98262f53c8182d95f6da3698a6a88c2c31d801a8f1f5e0ce05138d5422da0a6a62b9dfe1f39775d1d0c9186096415f544aaf76b0a1c877a6c826a5adcfb22c4a0e5a46271caa3eaf4f389dd5f3c20dbddc0377a4266d7b9fd61b9287e9b4be0a413ee31be0ddecab0ef7b25cba1fb3654ddf291ecb7768ac1e177042cb4c452fa6b3966950000000000000000c187da23d6855500fe8510b51e13a890e394b84a6ea2cc8d42b97c697c29122298d55e2e1cca8e07abda2606a3f381c64b9fec0000000a7965e4854e8e3572ad5149b3872342dea9252132860c9af1bd5fe263c0313dea5d6e0c11a466d6892ed65f34667dd79b07b5cbdd8aa7dd561a26b5562d4861a7e1b0f48930e0b696ea3bee7eb72794e163d7aeac9a0fa5403ac9cb421eae283b0550f1d0d339cd7b96e71d3ab48ad9d7975e0c9b117f71d3ab80a0c9b0284ecc469fa6181c9c71fce07a6ffb23296a107763138e8d9876291af2076890c47925ac773d95d2ca42acb3e5f3a1550665b898462c139ffd0106bc8a61b6117d252efcab7106b4c3a3c13a70ff452e9d2096142c517b0e91b5cf88332faca5b3ee96363065c3ce32d3d39ec36e20d597e05664f2526bd918090649da11f7299789d00f502cdf1e99d3efecb9b457642fe810370ba4fbe00fa60a28af966a27a1659e448bbe43a1dcd2ea760018b57a36ac41ef2051a7b703d55c0602540663016e20d50385766df4dac47802a55bd38dd767ee9960c6daa704fc5d01a14591f26b7b538c9bb22f6a2f7a34d1b9edfd125a9e25a110228c64253588ff420644dbc0854e69a7bdda72f93ceaccf92cfe7dd6296c950db10f6dd8a5ef9b73cf6a12a1ba16fdc7e35b805f4fd2fcff0a623722149c1465e4de2d53f0f10b14c21865027abc71a12cb1e9f8029c7a20000000eeb0d53a83e518c8d2052c08b515d9d0bde24ac4e798040c7db0bb03c019507d6377f3d5dd94a27abc6d6b120d61f772407e0d2cb50d29168b68aef9f176b4c3aa8b21279d4ea9c1f669aa8c2c17d5b3a8d1dda58d26f1019af04b7774c85d5bce8be010f27c5211938031c3404680b01279c778bd1fe1b48c4b5b8e0fe756e54a8d76b7cec5e3407d93b4eadc446440607de844acf5524a4657e33af2115547b735b57b5092d0bc8fa6acb832509abe0882d570ce400aaebd7baff88526608d6991aac95751671174129457e4a03aca69d82b64b89e6ad6ed1e275ec5002e48170e4c7b4f3971481098dedb88fba90770e44bf404d5a97fefe2fe8e459fe45933b78c7ab5fe985a480193a20fb07da1455fb283df68af569ac82aa6dc703e29bf158931fb79f2abfa6ff7eb8c4f381c9da58bea460e2ead969933e5391970ca4fddd64da2e5df9c4d82044068caaaab771b37bb06bbe673056d849825525f1120b2250f6b8520381f7a74b1c687781cb6b23e67b918844b83dbaeeb559ec8520d710dd6d6b4e64838bd434a36ed03fc0c488b24571032ffbc9f8ce97041e1bc4729d539358dc9599c1266b9ce2cb6dd0ad57a6e9d3d4a11a27f70b2934c96237e2ba09c58eeda678d4d08b6da99b7a86e946215afb1b48792fde54492e306cb5342e2589874b603a1de972b1f09cc350096f5c3e814118af9ba0793cfdf20c77b34eacfdf63ce59ec4d2f867bf884e941559b068d908325667672b5e1cf71f4829c0493e8b141399ed926b822becead7a0a2b4a4c008ab16b616d60f347e4da54f06443507efe57ea62399ef4eb11b2f559e1b056456a53998bf1c6d13c92e75136147f91ae3a75ca15eb1b51bf700b3c0bf54bc3745ff313c5e75dc66386897f6ee45429371b8d0878c442ad2fe9baf85c1390da13efc353ccbef950c29f39ddf436f0d9bf1be1515ed251d8b6f11ecb16b1e8d1ed04196e9b6c2f9e068b7749bb6c1f533e493f22c901662c65cb761dc2eeff2f698bd4dbae83e2dfdc4f1c7f918a00515c1bc189d10ec22b35c92725cbf0ba244fd029c4f026f68e000000060000ab0476c3fd7f7c1e5c000000000000000000000011e43e39d3f4394fbfa13c416b1c443c5e52eea726491ad75100ebad7c6d5a665c59a3fb158e43da904f19e7e8daa4e90390b8da945f6cd78536c0d2be07221f85ad46b180f256d4d84592691d15d65896b66b63a46705338b67b72dc1c3075fcdc5cbffb0366151632ba5be8ae815dfea9fadfd31c473a24a73d3e5116c3023b3563c72d26fbd59877132bde5ca4ef8d92fd3613c768b35223f6fd0b5e9a8b98cccf1e2b4612e620e3a159d6365c9045aaa826aa0ee6d26cf0397ce674c20824584b464ebdc2f3ea26a7aec4570b242a6677a4e9187f8591c3a9bdc0000001a002364bbd93964a8d0bdc802b9be2500"/3636], &(0x7f0000000040)='GPL\x00', 0x4, 0xfdc0, &(0x7f0000000300)=""/4096, 0x0, 0x0, '\x00', 0x0, @xdp}, 0x70)
setsockopt$sock_attach_bpf(r1, 0x29, 0x22, &(0x7f0000000100)=r2, 0x120)

5m35.812596845s ago: executing program 47 (id=5966):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x11, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000ffffffff000000000000000085000000a8000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000000000000850000007500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x11, &(0x7f0000000200)=ANY=[], &(0x7f0000000b00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x11, &(0x7f0000000200)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x43}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000080)={r1}, 0xc)

5m32.79669531s ago: executing program 48 (id=5771):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)=<r1=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x47f2, 0x5})
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
timer_settime(r1, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
recvmmsg(r0, &(0x7f0000003bc0)=[{{0x0, 0x0, 0x0}, 0x8}], 0x1, 0x2, 0x0)

5m23.426154953s ago: executing program 49 (id=6192):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000980)=@base={0x1, 0x101, 0x8, 0x8, 0x40, 0xffffffffffffffff, 0x8}, 0x50)
r1 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x2a, 0x1, 0x0, 0x0, 0x0, 0x10, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x0, @perf_bp={0x0, 0x1}, 0x2002, 0x32, 0x43a1bd56, 0x7, 0x9, 0x3, 0x2, 0x0, 0x0, 0x0, 0x1ff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000340)={r0, 0x0, 0x0}, 0x20)

3m32.446973233s ago: executing program 0 (id=8919):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000000)={0x200000000000001}, 0x8)
sendto$inet6(r0, 0x0, 0x0, 0x4c881, &(0x7f0000000540)={0xa, 0x4e24, 0x10, @mcast2}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000001480)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000080)='B', 0x1}], 0x1}}], 0x1, 0x400c404)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x9}]})
getsockopt$inet_mtu(0xffffffffffffffff, 0x0, 0xa, 0x0, 0x0)
sendmmsg$inet6(r0, &(0x7f0000000e80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40001)

3m31.57661577s ago: executing program 0 (id=8934):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file0\x00', 0x408e, &(0x7f0000000a80)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@min_batch_time={'min_batch_time', 0x3d, 0xfff}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x200}}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@errors_remount}, {@max_batch_time={'max_batch_time', 0x3d, 0x4}}]}, 0x3, 0x43a, &(0x7f0000000340)="$eJzs28tvG0UYAPBv13FKXySU8ugDCBRExCNp0gI9cAGBxAEkJDiUY0jSqtRtUBMkWlUQECpHVIk74ojEX8AJLgg4IXGFO6pUoVxaOBmtvZs4jp0mwY5L/ftJm8zsjjPzeXbs2Z1sAH1rJPuRROyJiN8jYqieXV1gpP7r5tLl6b+XLk8nUa2+9VdSK3dj6fJ0UbR43e48M5pGpJ8lcahFvfMXL52dqlRmL+T58YVz74/PX7z07JlzU6dnT8+enzxx4vixiReen3yuI3Fmbbpx8KO5wwdee+fqG9Mnr77787dJEX9THB0yst7BJ6rVDlfXW3sb0slADxvCppQiIuuucm38D0UpVjpvKF79tKeNA7qqWq1Wd7c/vFgF7mBJbLTk2fzzArgzFF/02fVvsW3T1OO2cP2l+gVQFvfNfKsfGYg0L1Nuur7tpJGIOLn4z1fZFt25DwEAsMr32fznmVbzvzTubyh3d742NBwR90TEvoi4NyL2R8R9EbWyD0TEg5usv3mRZO38J722pcA2KJv/vZivba2e/xWzvxgu5bm9tfjLyakzldmj+XsyGuUdWX5inTp+eOW3L9oda5z/ZVtWfzEXzNtxbWDH6tfMTC1M/ZeYG13/JOLgQKv4k+WVgCQiDkTEwS3Wceapbw63O9Yu/vJG/nAH1pmqX0c8We//xWiKv5Csvz45fldUZo+OF2fFWr/8euXNdvXfuv+7K+v/XS3P/+X4h5PG9dr5zddx5Y/P217TbPX8H0zerqUH830fTi0sXJiIGExerze6cf/kymuLfFE+i3/0SOvxvy9W3olDEZGdxA9FxMMR8Uje9kcj4rGIOLJO/D+9/Ph7W4+/u7L4ZzbV/yuJwWje0zpROvvjd6sqHd5M/Fn/H6+lRvM9G/n820i7tnY2AwAAwP9PGhF7IknHltNpOjZW/3/5/bErrczNLzx9au6D8zP1ZwSGo5wWd7qGGu6HTuSX9UV+sil/LL9v/GVpZy0/Nj1Xmel18NDndrcZ/5k/S71uHdB1nteC/mX8Q/8y/qF/Gf/Qv1qM/529aAew/Vp9/3/cg3YA269p/Fv2gz7i+h/6l/EP/cv4h740vzNu/ZC8hMSaRKS3RTMkupTo9ScTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZ/wbAAD//9E940M=")
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0x4e20, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000240)=ANY=[@ANYBLOB="01000000000000000a0000000000ff00ff010000000000000000000000000001000001000000000000000000e0ff00000000000000bd0000000000000000001300e4ec010000000040000000000000000000000000000000000000013da51fd47aa2e2f70000000000000000000000000000000000000000000000000000000000000067ff0000000000000005"], 0x310)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000200)={0x1, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x10}}, {{0xa, 0x10, 0x7, @ipv4={'\x00', '\xff\xff', @local}, 0x6}}}, 0x108)
r1 = syz_open_procfs(0x0, &(0x7f0000000c80)='net/mcfilter6\x00')
preadv(r1, &(0x7f0000000180)=[{&(0x7f0000000080)=""/110, 0x6e}], 0x1, 0xa7, 0x0)

3m31.439000322s ago: executing program 0 (id=8938):
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x24020000)
r2 = syz_clone(0xb21e0000, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = syz_pidfd_open(r2, 0x0)
setns(r3, 0x24020000)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x9902)

3m31.371693098s ago: executing program 0 (id=8942):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x800040, &(0x7f00000002c0)={[{@min_batch_time={'min_batch_time', 0x3d, 0x2}}, {@bsdgroups}, {@nouid32}, {@i_version}, {@delalloc}, {@oldalloc}, {@stripe={'stripe', 0x3d, 0x5}}]}, 0x2, 0x487, &(0x7f0000000340)="$eJzs3MtvG0UcAODfrpO09JVQyqOlQKBCRDySJi3QAxcQSByKQIJDgVNw0qpq2qAmSLSKaECovSChSnAGjkj8Bdy4IOCEhMQJ7qhSBb20cApae7e1XTtPN27j75OczHhmPTOend3ZHdsBdK3B7E8SsS0i/oiI/mq0PsNg9d+1K3Plf6/MlZNYWHjz76SS7+qVuXKRtdhuax4ZSiPST5O8kHozZ86eGJ+amjydx0dmT74/MnPm7DPHT44fmzw2eWrs0KGDB0aff27s2ba0M2vX1T0fTe/d/erbF18rH7n43s/fZfXdlqfXtmNV+m5+ajBr+D8LFY1pj8ddayrudrO9Jpz0dLAirEgpIrLu6q2M//4oxY3O649XPulo5YBbKjs3bWqdPL8AbGBJdLoGQGcUJ/oLfXPl7Bp4zdfBd5jLL1YvgLJ2X8sf1ZSeSPM8vQ3Xt+00GBFH5v/7KntEO+5DAAAs4bPyl4fj6eq8o37+l8Z9Nfl25GsoAxFxd0TsjIh7ImJXRNwbUcl7f0Q8sMLyG5eGbp7/pJdW1bBlyuZ/L+RrW/Xzv2L2FwOlPLa90v7e5Ojxqcn9+XsyFL2bsvjoImX88PJvn7dKq53/ZY+s/GIumNfjUk/DDbqJ8dnxyqS0DS5/HLGnp1n7k+srAUlE7I6IPSt76R1F4PiT3+5tlSlZsv2LaMM608I3EU9U+38+GtpfW8dF1idHNsfU5P6RYq+42S+/nn+jVflL938z7Vs7zPp/S/3+n6d8fSYPDLxbu147s/LSz/95oeU1zWr3/77krcrxqFh2/XB8dvb0aERfcrgSr3t+7Ma2RbzIn7V/aF/z8b8z3ybr/wcjItuJH4qIhyPikbzuj0bEYxGxb5H2//RS67TV9X/7ZO2faHr8u77/DyR1/b/yQOnEj9+3Kn95/X+wEhrKn6kc/5aw3Aqu5b0DAACAO0Va+Qx8kg5fD6fp8HD1M/y7Yks6NT0z+9TR6Q9OTVQ/Kz8QvWlxp6u/5n7oaDKfv2I1PpbfKy7SD+T3jb8oRSU+XJ6emuhw26HbbW0x/jN/lTpdO+CWa7aONtbkC23AxtM4/tP66LnX17MywLryfW3oXkuM/3S96gGsP+d/6F7Nxv+5hri1ANiYVnv+39zmegDrz/wfupfxD92rYfyX4vdO1QRYR2v5Xv8dEdia/1rF7VKfDROItGOl7+qJWNFWy/89iFsdeOf2qMYyAp0+MgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALTH/wEAAP//tADp4w==")
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000180)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000300)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000140)='./file0/file0\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x10a78c0, 0x0)
mount(0x0, &(0x7f00000002c0)='./file0/../file0\x00', &(0x7f0000000340)='proc\x00', 0x0, 0x0)

3m31.166437546s ago: executing program 0 (id=8944):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0xffff, 0x3}}, [@qdisc_kind_options=@q_pfifo_head_drop={{0x14}, {0x8}}]}, 0x40}}, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x20040040)

3m30.650877511s ago: executing program 0 (id=8953):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x408e, &(0x7f0000000240)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@min_batch_time={'min_batch_time', 0x3d, 0xfff}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x80}}, {@stripe={'stripe', 0x3d, 0x4000}}, {@errors_remount}, {@max_batch_time={'max_batch_time', 0x3d, 0x4}}]}, 0x3, 0x43a, &(0x7f0000000340)="$eJzs28tvG0UYAPBv13FKXySU8ugDCBRExCNp0gI9cAGBxAEkJDiUY0jSqtRtUBMkWlUQECpHVIk74ojEX8AJLgg4IXGFO6pUoVxaOBmtvZs4jp0mwY5L/ftJm8zsjjPzeXbs2Z1sAH1rJPuRROyJiN8jYqieXV1gpP7r5tLl6b+XLk8nUa2+9VdSK3dj6fJ0UbR43e48M5pGpJ8lcahFvfMXL52dqlRmL+T58YVz74/PX7z07JlzU6dnT8+enzxx4vixiReen3yuI3Fmbbpx8KO5wwdee+fqG9Mnr77787dJEX9THB0yst7BJ6rVDlfXW3sb0slADxvCppQiIuuucm38D0UpVjpvKF79tKeNA7qqWq1Wd7c/vFgF7mBJbLTk2fzzArgzFF/02fVvsW3T1OO2cP2l+gVQFvfNfKsfGYg0L1Nuur7tpJGIOLn4z1fZFt25DwEAsMr32fznmVbzvzTubyh3d742NBwR90TEvoi4NyL2R8R9EbWyD0TEg5usv3mRZO38J722pcA2KJv/vZivba2e/xWzvxgu5bm9tfjLyakzldmj+XsyGuUdWX5inTp+eOW3L9oda5z/ZVtWfzEXzNtxbWDH6tfMTC1M/ZeYG13/JOLgQKv4k+WVgCQiDkTEwS3Wceapbw63O9Yu/vJG/nAH1pmqX0c8We//xWiKv5Csvz45fldUZo+OF2fFWr/8euXNdvXfuv+7K+v/XS3P/+X4h5PG9dr5zddx5Y/P217TbPX8H0zerqUH830fTi0sXJiIGExerze6cf/kymuLfFE+i3/0SOvxvy9W3olDEZGdxA9FxMMR8Uje9kcj4rGIOLJO/D+9/Ph7W4+/u7L4ZzbV/yuJwWje0zpROvvjd6sqHd5M/Fn/H6+lRvM9G/n820i7tnY2AwAAwP9PGhF7IknHltNpOjZW/3/5/bErrczNLzx9au6D8zP1ZwSGo5wWd7qGGu6HTuSX9UV+sil/LL9v/GVpZy0/Nj1Xmel18NDndrcZ/5k/S71uHdB1nteC/mX8Q/8y/qF/Gf/Qv1qM/529aAew/Vp9/3/cg3YA269p/Fv2gz7i+h/6l/EP/cv4h740vzNu/ZC8hMSaRKS3RTMkupTo9ScTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZ/wbAAD//9E940M=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000980)='./file1\x00', 0x42, 0xc2)
pwrite64(r0, &(0x7f0000000080)="cc", 0x1, 0x200980)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x15)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
process_vm_writev(r2, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x20, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0xd8d0481}], 0x1, 0x0)

3m30.622114844s ago: executing program 50 (id=8953):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x408e, &(0x7f0000000240)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@min_batch_time={'min_batch_time', 0x3d, 0xfff}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x80}}, {@stripe={'stripe', 0x3d, 0x4000}}, {@errors_remount}, {@max_batch_time={'max_batch_time', 0x3d, 0x4}}]}, 0x3, 0x43a, &(0x7f0000000340)="$eJzs28tvG0UYAPBv13FKXySU8ugDCBRExCNp0gI9cAGBxAEkJDiUY0jSqtRtUBMkWlUQECpHVIk74ojEX8AJLgg4IXGFO6pUoVxaOBmtvZs4jp0mwY5L/ftJm8zsjjPzeXbs2Z1sAH1rJPuRROyJiN8jYqieXV1gpP7r5tLl6b+XLk8nUa2+9VdSK3dj6fJ0UbR43e48M5pGpJ8lcahFvfMXL52dqlRmL+T58YVz74/PX7z07JlzU6dnT8+enzxx4vixiReen3yuI3Fmbbpx8KO5wwdee+fqG9Mnr77787dJEX9THB0yst7BJ6rVDlfXW3sb0slADxvCppQiIuuucm38D0UpVjpvKF79tKeNA7qqWq1Wd7c/vFgF7mBJbLTk2fzzArgzFF/02fVvsW3T1OO2cP2l+gVQFvfNfKsfGYg0L1Nuur7tpJGIOLn4z1fZFt25DwEAsMr32fznmVbzvzTubyh3d742NBwR90TEvoi4NyL2R8R9EbWyD0TEg5usv3mRZO38J722pcA2KJv/vZivba2e/xWzvxgu5bm9tfjLyakzldmj+XsyGuUdWX5inTp+eOW3L9oda5z/ZVtWfzEXzNtxbWDH6tfMTC1M/ZeYG13/JOLgQKv4k+WVgCQiDkTEwS3Wceapbw63O9Yu/vJG/nAH1pmqX0c8We//xWiKv5Csvz45fldUZo+OF2fFWr/8euXNdvXfuv+7K+v/XS3P/+X4h5PG9dr5zddx5Y/P217TbPX8H0zerqUH830fTi0sXJiIGExerze6cf/kymuLfFE+i3/0SOvxvy9W3olDEZGdxA9FxMMR8Uje9kcj4rGIOLJO/D+9/Ph7W4+/u7L4ZzbV/yuJwWje0zpROvvjd6sqHd5M/Fn/H6+lRvM9G/n820i7tnY2AwAAwP9PGhF7IknHltNpOjZW/3/5/bErrczNLzx9au6D8zP1ZwSGo5wWd7qGGu6HTuSX9UV+sil/LL9v/GVpZy0/Nj1Xmel18NDndrcZ/5k/S71uHdB1nteC/mX8Q/8y/qF/Gf/Qv1qM/529aAew/Vp9/3/cg3YA269p/Fv2gz7i+h/6l/EP/cv4h740vzNu/ZC8hMSaRKS3RTMkupTo9ScTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZ/wbAAD//9E940M=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000980)='./file1\x00', 0x42, 0xc2)
pwrite64(r0, &(0x7f0000000080)="cc", 0x1, 0x200980)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x15)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
process_vm_writev(r2, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x20, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0xd8d0481}], 0x1, 0x0)

2m43.705803422s ago: executing program 9 (id=9812):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000380)={'bond0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001400b59500000000000000000a000000", @ANYRES32=r2, @ANYBLOB="14000200fe8000000000000000000000000000aa080009003f0c0000140001"], 0x48}}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0))
sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000140)=ANY=[], 0x50}}, 0x0)
sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0x1500)

2m43.648395407s ago: executing program 9 (id=9814):
r0 = fsopen(&(0x7f0000001140)='hugetlbfs\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
fchdir(r1)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents(r2, &(0x7f00000000c0)=""/31, 0x1f)
getdents(r2, 0x0, 0x58)

2m43.546106615s ago: executing program 9 (id=9816):
socket$packet(0x11, 0x3, 0x300)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x2, @perf_bp={0x0, 0x8}, 0x2, 0x0, 0x10ffe, 0x0, 0x2, 0x80000011, 0x3, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0xb)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r0, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
io_uring_enter(0xffffffffffffffff, 0x47bc, 0x0, 0x0, 0x0, 0x0)
kexec_load(0xfffffffffffffffc, 0x1, &(0x7f0000000900)=[{0x0, 0x0, 0x200400000}], 0x0)

2m41.849895144s ago: executing program 9 (id=9851):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c636865636b3d7374726963742c756d61736b3d30303030303030303030303030303030303133363033302c756e695f786c6174653d312c756e695f786c6174653d302c666d61736b3d30303030303030303030303030303030303030303034302c757466383d302c6e6f6e756d7461696c3d302c73686f72746e616d653d77696e39352c73686f72746e616d653d6c6f7765722c73686f72746e616d653d77696e6e742c756e695f786c6174653d312c74696d655f6f66667365743d3078303030303030303030303030303166622c666c7573682c756e695f786c6174653d302c73686f72746e616d653d77696e39352c00208893fdd4787adad4209069"], 0x6, 0x2ab, &(0x7f0000000a80)="$eJzs3b1rLFUUAPAzyX6pxW5hJYIDWlg9Xl5rs0HyILiVsoVa6MP3Hkh2ERII+IFrKlsbS/8CQbDzn7CxsBdsBTtTBEZmZya7ibObTHATP36/Jjd3zrn3zOQmYYs9+/6L04PHaTw9+eyX6PWS2BrGME6TGMRWVL6IC4ZfBQDwb3aaZfF7VmiSl0REb3NlAQAb1Pj///cbLwkA2LC33n7njd3RaO/NNO3Fw+mXx+P8lX3+tbi++zQ+jEk8ifvRj7OI7Fwxfphl2ayV5gbxynR2PM4zp+/9WK6/+1vEPH8n+jGYT13M3x/t7aSFpfxZXsez5f7DPP9B9OP5mv33R3sPavJj3IlXX16q/17046cP4qOYxON5EYv8z3fS9PXs6z8+fTcvL89PZsfj7jxuIdu+5R8NAAAAAAAAAAAAAAAAAAAAAAD/YffK3jndmPfvyafK/jvbZ/k37Ugrg4v9eYr8pFroUn+gWRbfVP117qdpmpWBi/xWvNCK1t3cNQAAAAAAAAAAAAAAAAAAAPyzHH38ycGjyeTJ4d8yqLoBVG/rv+k6w6WZl6ImZhDnM93FllvltmtWju0qJolYW0a+YqPi21fvvmLwzKqsb79r+uh6V8e0b1Bhw0F1ug4eJfXPsBvVTK86JD8sx3Timnt1Vl3KGh2/Tu2lfuN77zw3H8zWxESyrrDXfi2eXDmTXL6Lzvyp1qa3y0Hxu1B3Nhqd57/+rUh06wAAAAAAAAAAAAAAAAAAgI1avOm35uLJiqSf94sP+Y/BhqsDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNux+Pz/BoNZmXyN4E4cHt3xLQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA/8GcAAAD//wrtYeE=")
mount$nfs(&(0x7f0000000100)='+\x80.', 0x0, 0x0, 0x136808, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
quotactl$Q_GETINFO(0xffffffff80000501, 0x0, 0x0, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
acct(&(0x7f0000000100)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x1c0)

2m41.728443985s ago: executing program 9 (id=9854):
socket$inet_udp(0x2, 0x2, 0x0)
unshare(0x40200)
r0 = semget(0x1, 0x4, 0x39c)
semop(r0, &(0x7f0000000080)=[{0x1, 0x8001, 0x1000}], 0x1)
semop(r0, &(0x7f0000000000)=[{0x3, 0xbbdd, 0x1000}, {0x2, 0x100, 0x800}], 0x2)
semctl$SETALL(r0, 0x0, 0x11, &(0x7f0000000140)=[0x6, 0x7fff])
unshare(0x40400)

2m40.960712033s ago: executing program 9 (id=9860):
r0 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4)
setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @broadcast}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)
setsockopt$inet_opts(r0, 0x0, 0x4, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000140), 0x4)

2m40.912058926s ago: executing program 51 (id=9860):
r0 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4)
setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @broadcast}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)
setsockopt$inet_opts(r0, 0x0, 0x4, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000140), 0x4)

2m13.958954632s ago: executing program 5 (id=10284):
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r0)
write$selinux_load(0xffffffffffffffff, 0x0, 0x65)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newlink={0x3c, 0x10, 0x44b, 0x0, 0x0, {0x7a}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_ROUTER={0x5, 0x16, 0x2}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x400c000}, 0x44)

2m13.64073832s ago: executing program 5 (id=10289):
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000940)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000900)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="480000001000370400000000ffdbdf2500000000", @ANYRES32=r3, @ANYBLOB="01f10500000000001800128008000100677470000c00028008000100", @ANYRES32], 0x48}, 0x1, 0x0, 0x0, 0x4011}, 0x40004)
sendmmsg$inet(r0, &(0x7f00000006c0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @multicast1=0xe000030a}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @empty, @multicast2}}}], 0x20}}], 0x1, 0x80)

2m13.285094601s ago: executing program 5 (id=10293):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, &(0x7f0000000040)="5766b1020affff20c311df259149e300", 0x10)
listen(r0, 0x0)
r1 = syz_io_uring_setup(0x239, &(0x7f0000000680)={0x0, 0x405e5, 0x10100, 0x2, 0x2e0}, &(0x7f0000000180)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000500)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x31a0}})
io_uring_enter(r1, 0x663e, 0x0, 0x2, 0x0, 0x0)
shutdown(r0, 0x1)

2m13.236298976s ago: executing program 5 (id=10295):
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f00000002c0)='./file0/../file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x23e9c9e, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000280)='./file0/../file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x28a5291, 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x44000, 0x0)

2m13.159097352s ago: executing program 5 (id=10297):
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
r1 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r0)
r2 = io_uring_setup(0x7d3, &(0x7f0000000580)={0x0, 0x355b, 0x2, 0xfffffffe, 0x181})
close_range(r2, r2, 0x0)
clock_nanosleep(0xfffffff2, 0x0, &(0x7f0000000140)={0x77359400}, 0x0)

2m12.839150961s ago: executing program 5 (id=10301):
syz_io_uring_submit(0x0, 0x0, 0x0)
syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000000)='./file2\x00', 0x2010410, &(0x7f00000002c0)=ANY=[], 0x1, 0x214, &(0x7f0000000840)="$eJzs3D1rW1cYB/AjWa6tlhZPhXbpoV3a5bb10qVDS3GhVNCSRCEv0zWWEyFFAl8NksmgOVM+RwhkCWQL+QL+DFmymYDx5Ck3OJKs2NixE0dy4vx+ix6e/z1X5+jARVy9bP5+91ZjNUtW004ozRdC8Y/QDzuFsBCKYaQffnpwZfvOxavX/v2zUlm6MDvsx/jVd4+v377//ZPOF5cf7nYKIYStxWcbX298s/ni0s16FutZbLU7MY3L7XYnXW7W4ko9ayQx/t+spVkt1ltZbW1fvtpsj5861LIspq1ebNR6sdOOnbVeTG+k9VZMkiTOB06lem8nz8NWnuf5XD/kef62JyhMZl5Myyn3n4/c3kU97l5Nn/e71W518DjI//6nsvRLfGVhPGq7263O7OW/DvK4P58Nnw/zxUPzz8KPPwzy3eyv/yoH8nJYmfzyAQAAAADgXErinkPv7yfJUfmgeu3zgQP370vh29K4MzP5pQAAAABHyHrrjbS5Mrs2KJq1Myvmwv7Ob4+GUzxu+M9Pjz9mQsWXwyK843nKIYSjjymGM9+U6RSj75EPO6PfF5xseOl9TaP8gbwao2I+HBaVw3pjbjqbAgAAnC/jN/0nHlKc6IQAAAAAAAAAAAAAAAAAAADgEzSNPzM76zUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALzJywAAAP//ixdW4w==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
ftruncate(r0, 0x5)

2m12.83906181s ago: executing program 52 (id=10301):
syz_io_uring_submit(0x0, 0x0, 0x0)
syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000000)='./file2\x00', 0x2010410, &(0x7f00000002c0)=ANY=[], 0x1, 0x214, &(0x7f0000000840)="$eJzs3D1rW1cYB/AjWa6tlhZPhXbpoV3a5bb10qVDS3GhVNCSRCEv0zWWEyFFAl8NksmgOVM+RwhkCWQL+QL+DFmymYDx5Ck3OJKs2NixE0dy4vx+ix6e/z1X5+jARVy9bP5+91ZjNUtW004ozRdC8Y/QDzuFsBCKYaQffnpwZfvOxavX/v2zUlm6MDvsx/jVd4+v377//ZPOF5cf7nYKIYStxWcbX298s/ni0s16FutZbLU7MY3L7XYnXW7W4ko9ayQx/t+spVkt1ltZbW1fvtpsj5861LIspq1ebNR6sdOOnbVeTG+k9VZMkiTOB06lem8nz8NWnuf5XD/kef62JyhMZl5Myyn3n4/c3kU97l5Nn/e71W518DjI//6nsvRLfGVhPGq7263O7OW/DvK4P58Nnw/zxUPzz8KPPwzy3eyv/yoH8nJYmfzyAQAAAADgXErinkPv7yfJUfmgeu3zgQP370vh29K4MzP5pQAAAABHyHrrjbS5Mrs2KJq1Myvmwv7Ob4+GUzxu+M9Pjz9mQsWXwyK843nKIYSjjymGM9+U6RSj75EPO6PfF5xseOl9TaP8gbwao2I+HBaVw3pjbjqbAgAAnC/jN/0nHlKc6IQAAAAAAAAAAAAAAAAAAADgEzSNPzM76zUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALzJywAAAP//ixdW4w==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
ftruncate(r0, 0x5)

1m33.223061098s ago: executing program 8 (id=10967):
r0 = perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000300), 0x4}, 0x4044}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000142020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000e02800850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000feffffff0000000000040000851000000200000085000000230000009500000000000000"], 0x0, 0xfffffffe, 0x0, 0x0, 0x727c45cd4283345, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
syz_open_procfs$namespace(0x0, &(0x7f0000000300)='ns/ipc\x00')
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')

1m33.216811158s ago: executing program 8 (id=10969):
r0 = socket$kcm(0x2d, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f0000000340)={r0})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1f, 0x2, &(0x7f0000001c40)=ANY=[@ANYBLOB="85000000a800000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x13}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18080000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000580)="d8001c00180081064e81f782db44fd56170d12a0b9b545c7", 0x18}], 0x1}, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e3, &(0x7f0000000180)={r0, r2})

1m33.044079803s ago: executing program 8 (id=10981):
r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000)
r1 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000080), 0x802, 0x0)
write$UHID_CREATE2(r1, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x70f9a000)
r2 = syz_open_dev$hidraw(&(0x7f0000000340), 0x0, 0x2)
ioctl$HIDIOCGFEATURE(r2, 0xc0404807, &(0x7f00000000c0)={0x4, "ccc0dde4b00a6d2c16b99a7fd0d48117b817abfccfa3806091bcc9f67e3de361a9172be4c429adba1c63d1674a55890c3e46ca658ca8939b7fc9c8f133dd3351"})
close_range(r0, 0xffffffffffffffff, 0x0)

1m32.530161448s ago: executing program 8 (id=10978):
mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b)
mount$bpf(0x200000000000, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x989046, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x20000, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000000)='..\x00')
mount$bpf(0x200000000000, &(0x7f0000000440)='./file0\x00', 0x0, 0x98d046, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000440)='./file0\x00', 0x0, 0x98d046, 0x0)

1m32.431191877s ago: executing program 8 (id=10979):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = epoll_create1(0x0)
r3 = fcntl$dupfd(r1, 0x0, r2)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f00000002c0)={0xa0000013})
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000580))
close_range(r0, 0xffffffffffffffff, 0x0)

1m31.227094913s ago: executing program 8 (id=10990):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r3, {0xffff, 0xfff2}, {}, {0xa}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x8, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0x4}]}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x22044028}, 0x0)

1m31.221858243s ago: executing program 53 (id=10990):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r3, {0xffff, 0xfff2}, {}, {0xa}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x8, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0x4}]}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x22044028}, 0x0)

1m20.797231488s ago: executing program 6 (id=11205):
r0 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=@newqdisc={0x58, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x3ff, 0x1, 0xfffffff8, 0x0, 0x7, 0x7f, 0x8, 0x5, 0x1}}}}]}, 0x58}}, 0x44884)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000680)=@newtfilter={0x34, 0x2c, 0xd27, 0x70bd2d, 0x25dfdffd, {0x0, 0x0, 0x0, r1, {0x6}, {}, {0x8, 0xffe0}}, [@filter_kind_options=@f_basic={{0xa}, {0x4}}]}, 0x34}}, 0x2000c800)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)

1m20.747140863s ago: executing program 6 (id=11207):
capset(&(0x7f0000000140)={0x20080522}, &(0x7f0000000180)={0xe, 0x9e, 0x0, 0x0, 0x1, 0xa41ef7c})
prlimit64(0x0, 0x8, &(0x7f0000000000)={0x2, 0x10001}, 0x0)
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000080)=ANY=[], 0x4, 0x127d, &(0x7f00000011c0)="$eJzs3U1rJMUfB/DfJJPH/SeTv66ruyAWelGEcZODJy9BdkEMKNEsqKdeM9EhkwcyQyAi7njyJPgyRD16E8Q3kIsXz4IgkovHPYgtyUw085BsYjIJyOdz6aK6vlXV6U5DD1303itfrK2u1MsrWSOGCoUobo5E8WGKFEMxHC3NeOHeTz8//dY7774+v7BwZzGlu/Nvz76cUpp+5vv3Pv7m2R8a1+59O/3dWOzODO39PvfL7o3dm3t/fh3VeqrW0/pGI2Xp/sZGI7tfq6Tlan21nNKbtUpWr6Tqer2y1bF/pbaxubmTsvXlqcnNrUq9nrL1nbRa2UmNQmps7aTsg6y6nsrlcpqaDM5j6auHeZ5H5PlIjEae5/lETMa1+F9MxXSUYib+H4/F43E9nogb8WQ8FTcPWl31vAEAAAAAAAAAAAAAAAAAAOC/5RHr/wvW/wMAAAAAAAAAAAAAAAAAAMDgda//L0b4/j8AAAAAAAAAAAAAAAAAAABcskd8/79r/f+L1v8DAAAAAAAAAAAAAAAAAADAIIy3NospjUesfba9tL3U2rbq51eiGrWoxO0oxR9xsPq/pVW++9rCndvpwEy8tPagnX+wvTTcmZ8dKcVMoW9+diIiUkqd+bGYPJqfi1Jc7z/+XGv8rvx4PP/cfv7TVr4cpfjx/diIWixHFNpHf5D/ZDalV99YmOjM39pvd6zhAZ8WAAAAuEjl9Lfe5/dmu1Hf/a1d7efz1G5ZOOH3ga7n82LcKl7VUXOovvPRalarVbb+ZWH0+H5Gz9dzT6EQEVkcrZme/HVxf/BT9nN4uV3QfI4Uhi+6wxMLIye3Occ5jeKp/5gDKkSzuyYvRZy1n9++PFIzfub4+QpD7cssqzVPfbFFM88HOrG+/4xjJ6WOv2cUBnxP4vL8c9KveiYAAAAAAAAAAACcRd+3/yYioud9wA97ag5fD++M9/Z8/OifX8IRAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB/sQPHAgAAAADC/K3T6NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgK8CAAD//w+Ty90=")
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8)
sendto$inet6(r0, 0x0, 0x0, 0x4c881, &(0x7f0000000540)={0xa, 0x4e24, 0x10, @mcast2}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003080)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000740)='6|', 0x2}], 0x1, &(0x7f0000001840)=ANY=[], 0x130}}], 0x1, 0x400c404)

1m20.587275227s ago: executing program 6 (id=11209):
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
fchdir(r1)
symlink(&(0x7f0000000540)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000380)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
readlinkat(0xffffffffffffff9c, &(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xffffffffffffffff, 0xb4)
readlink(&(0x7f0000000280)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f00000004c0)=""/79, 0x4f)

1m20.526874402s ago: executing program 6 (id=11211):
syz_io_uring_setup(0x3a65, &(0x7f0000000700)={0x0, 0xa011, 0x10100, 0x0, 0xffffffff}, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
flock(r0, 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
flock(r1, 0x1)
r2 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/4\x00')
read$watch_queue(r2, &(0x7f0000000000)=""/196, 0xc4)

1m20.516367773s ago: executing program 6 (id=11212):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b)
mount$bpf(0x200000000000, &(0x7f0000000440)='./file0/../file0\x00', 0x0, 0x989046, 0x0)
mount$bpf(0x0, &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x100000, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x989046, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30)
mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0)

1m20.427061521s ago: executing program 6 (id=11214):
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
perf_event_open(&(0x7f0000000380)={0x2, 0x80, 0x2b, 0x1, 0x0, 0x0, 0x0, 0x10003, 0xf40b9, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x1, @perf_config_ext={0x7, 0x100}, 0x204, 0x0, 0x43a1b976, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x200b}, 0x0, 0x4000000000, 0xffffffffffffffff, 0xa)
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
syz_emit_ethernet(0x2e, &(0x7f0000000080)={@broadcast, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x1, 0x4e20, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
recvfrom(r0, &(0x7f0000001a80)=""/4043, 0xfcb, 0x20, 0x0, 0x0)

1m5.357787373s ago: executing program 54 (id=11214):
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
perf_event_open(&(0x7f0000000380)={0x2, 0x80, 0x2b, 0x1, 0x0, 0x0, 0x0, 0x10003, 0xf40b9, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x1, @perf_config_ext={0x7, 0x100}, 0x204, 0x0, 0x43a1b976, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x200b}, 0x0, 0x4000000000, 0xffffffffffffffff, 0xa)
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
syz_emit_ethernet(0x2e, &(0x7f0000000080)={@broadcast, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x1, 0x4e20, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
recvfrom(r0, &(0x7f0000001a80)=""/4043, 0xfcb, 0x20, 0x0, 0x0)

6.351733412s ago: executing program 4 (id=12104):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xf, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000110850000008600000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000180)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f00000000c0)=r4, 0x4)
sendmsg$unix(r1, &(0x7f00000006c0)={0x0, 0xfffffffffffffe96, 0x0, 0x0, 0x0, 0x0, 0x20000001}, 0x40000)

6.318261655s ago: executing program 4 (id=12105):
syz_usb_connect(0x3, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x1108, &(0x7f0000000880)={0x0, 0x2, 0x80, 0x2, 0x21e}, &(0x7f00000003c0)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r0, 0x471b, 0xfffffffe, 0x20, 0x0, 0xffffffffffffff68)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_RECVMSG={0xa, 0x20, 0x2, 0xffffffffffffffff, 0x0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0, 0x20042, 0x1})
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000740)='./file1\x00', 0x1000000, &(0x7f0000003580)=ANY=[], 0xfe, 0x19c, &(0x7f0000000200)="$eJzs281qE1EYBuA3tdW2LtKFK3Ex4MZVaHsFFqkgBgSlCwVBsQ1IRwIWArqw2bnwJrwct3olLrsQRppp7Q+piNoMJM+zyQfnvMl3DiSZMzAvbr3Z3e7v9Z73vmSx1crc3arKQSsrmcuxYQCAaXJQVfleVVV1bZilz6mqqumOAIDL5v8fAGbPk6fPHm50u5uPi2IxKT8OtgZb9Ws9vtHL65TZyWra+ZHDC4QjdX3/QXdztRhZyady/yi/P9i6cja/lnZWxufX6nxxNr+Q5dP59bRzY3x+fWz+au7cPpXvpJ1vr9JPme0cZk/yH9aK4t6j7rn89dE8AAAAmAad4pex5/dO56LxOr/R+uP7A+fO1/O5Od/s2gFgVu29e7/7six33jZWJBn+Zs7X5brRyTVW/GX8eEub3Mx/K5by/995Ic2va3qK/txlf8RiklHR4I8SMBEn3/6mOwEAAAAAAAAAAAAAAC4yiUeXml4jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALPnZwAAAP//RL2Oaw==")
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000700)={0xffffffffffffffff, 0x20, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0}}, 0x10)

4.753884673s ago: executing program 4 (id=12143):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x1, &(0x7f0000006680))
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x8})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x51857000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x0)
mincore(&(0x7f0000ffb000/0x3000)=nil, 0x3000, &(0x7f00000000c0)=""/101)

3.785663418s ago: executing program 2 (id=12155):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x2, @perf_config_ext={0x100000001, 0xdd5}, 0x0, 0x0, 0x10000, 0x2, 0x2, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0x1)
syz_mount_image$vfat(&(0x7f0000001200), &(0x7f0000001240)='./file0\x00', 0x2004000, &(0x7f0000000180)=ANY=[@ANYRES64=0x0], 0xfe, 0x122e, &(0x7f0000001280)="$eJzs3E1rXFUYB/DHSdrExLyotVpBerAb3VySLNwoSJAUpANK2witINyaiQ65zoTcITAiRldu3fgB3IpLd4K4001c+BncZePShXqlM+lL7GjQau8Qfr/NPMy5f3jO3OHAGebcg5c+fW9rs8w28140Hno5GtsRk7+lSNGIWz6K51/87vtnrly7fmm12Vy7nNLF1avLL6SU5s9/8+YHXz77bW/2ja/mv56K/cW3Dn5e+Wn/7P65g9+vvtsuU7tMnW4v5elGt9vLbxSttNEut7KUXi9aedlK7U7Z2jkyvll0t7f7Ke9szM1s77TKMuWdftpq9VOvm3o7/ZS/k7c7KcuyNDcT3I/1L36pqiqiqk7F6aiqqno4ZqIRj8RczMdCLMaj8Vg8HmfiiTgbT8ZTcW5wVd19AwAAAAAAAAAAAAAAAAAAwMky6vz/7D3n/z+LGHX+/3zNzQMAAAAAAAAAAAAAAAAAAMAJceXa9Uurzeba5ZSmI4pPdtd314evw/HVzWhHEa1YioX4NQan/4eG9elori2lgcX4uNg7zO/trk8czS8PHidwT/7iq8215WE+Hc1Pxczd+ZVYiDOj8yt/yl8Y5KfjuQt35bNYiB/fjm4UsRE3s3fyHy6n9Mprzdv5H/aHc9+o8b4AAADAfylLt43cv2fZX40P88f9PnBzf710Z38eixGH+cl4erLeuRNR9t/fyouitVN7cauj4Tt7ETEmjf3rohERY9DG3xSnjr1mtobGPp+NuI/4xJEv0lh8zmNeTI8aOm7lmPhf1yUejMObPlV3HwAAAAAAAAAAAPwzD+IPhnXPEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/mAHjgUAAAAAhPlbp9GxAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXwUAAP//3m/GvA==")
r0 = open(&(0x7f0000000200)='./file1\x00', 0x4827e, 0xdc)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg$inet(r1, 0x0, 0x0, 0x2400c0a2)
fallocate(r0, 0x0, 0x0, 0x8800000)
r2 = open(&(0x7f0000000140)='./file1\x00', 0x66842, 0x21)
pwritev2(r2, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x1600, 0x0, 0x3)

3.685906256s ago: executing program 4 (id=12156):
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(0xffffffffffffffff, 0x40a85321, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c)
sendto$inet6(r2, &(0x7f0000847fff)='X', 0x34000, 0xe0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

3.394039332s ago: executing program 2 (id=12158):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r2}, &(0x7f0000000380), &(0x7f00000005c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0xc, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r3, r1, 0x25, 0x4, @void}, 0x10)
syz_emit_ethernet(0x2a, &(0x7f00000013c0)={@random="2dbdc828205c", @multicast, @void, {@mpls_uc={0x8847, {[], @ipv4=@icmp={{0x5, 0x4, 0x3, 0x6, 0x1c, 0x64, 0x0, 0x99, 0x1, 0x0, @multicast1, @empty}, @echo={0x8, 0x0, 0x0, 0x3, 0x8000}}}}}}, 0x0)

3.184977161s ago: executing program 2 (id=12162):
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x11, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000003000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
r2 = io_uring_setup(0x115c, &(0x7f0000000440)={0x0, 0x8270, 0x40, 0x3, 0x117})
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f0000000640)=[{0x0}], 0x178)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="6a0ac4ff02"], 0x0}, 0x94)
io_uring_register$IORING_REGISTER_FILES(r2, 0x1e, &(0x7f0000000000)=[r2], 0x1)

3.158595833s ago: executing program 4 (id=12163):
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
r1 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x210000000013, &(0x7f00000000c0)=0x1, 0x4)
connect$inet(r2, &(0x7f0000000140)={0x2, 0x4e20, @remote}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000000), 0x20000328)

2.980705658s ago: executing program 1 (id=12170):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000b80)={[{@grpjquota}, {@nobh}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@max_batch_time={'max_batch_time', 0x3d, 0x7}}, {@dioread_lock}]}, 0x3, 0x439, &(0x7f0000002380)="$eJzs3MtvG0UYAPBv105LXyRU5dEHECiIikfSpKX0wAUEEgeQkOBQjiFJq1K3QU2QaFVBQKgcUSXuiCMSfwEnuCDghMQV7qhShXJp4WS09m5iO3aauE5c8O8nrTuzO9bM592xZ3a6CWBgjWYvScTuiPg9Iobr2eYCo/V/bi1dmf576cp0EtXqW38ltXI3l65MF0WL9+0qMuWI9LMkDrapd/7S5XNTlcrsxTw/vnD+/fH5S5efO3t+6szsmdkLkydPHj828cKJyed7EmcW180DH80d2v/aO9femD517d2fv02K+Fvi6JHRtQ4+Wa32uLr+2tOQTsp9bAgbUqp30xiq9f/hKMXKyRuOVz/ta+OATVWtVqsPdD68WAX+x5LodwuA/ih+6LP5b7Ft0dDjrnDjpfoEKIv7Vr7Vj5QjzcsMtcxve2k0Ik4t/vNVtsXm3IcAAGjyfTb+ebbd+C+NxvtC9+ZrKCMRcV9E7I2IExGxLyLuj6iVfTAiHtpg/a2LJKvHP+n1rgJbp2z892K+ttU8/itGfzFSynN7avEPJafPVmaP5p/JkRjanuUn1qjjh1d++6LTscbxX7Zl9Rdjwbwd18vbm98zM7UwdScxN7rxScSBcrv4k+WVgCQi9kfEgS7rOPv0N4c6Hbt9/GvowTpT9euIp+rnfzFa4i8ka69Pjt8Tldmj48VVsdovv159s1P9dxR/D2Tnf2fb6385/pGkcb12fuN1XP3j845zmm6v/23J2037PpxaWLg4EbEteb3e6JX9pYuTLeUmV8pn8R853L7/742VT+JgRGQX8cMR8UhEPJq3/bGIeDwiDq8R/08vP/Fe9/Fvriz+mQ2d/5XEtmjd0z5ROvfjd02Vjmwk/uz8H6+ljuR71vP9t552dXc1AwAAwH9PGhG7I0nHltNpOjZW/z/8+2JnWpmbX3jm9NwHF2bqzwiMxFBa3OkabrgfOpFP64v8ZEv+WH7f+MvSjlp+bHquMtPv4GHA7erQ/zN/lvrdOmDTdbeOlva8HcDW87wmDC79HwaX/g+Dq03/39GPdgBbr93v/8d9aAew9coNr/nfBAMGhPk/DC79HwaX/g8DaX5H3P4heQmJVYlI74pmSGxSot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL3xbwAAAP//1Xjmag==")
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xe0, 0x1, 0x0, 0x0, 0x0, 0x8, 0x40008, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x2, @perf_bp={0x0}, 0x0, 0x40a, 0x800000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000000), 0x208e24b)
openat$full(0xffffffffffffff9c, 0x0, 0x400080, 0x0)

2.260318102s ago: executing program 2 (id=12171):
socket$nl_xfrm(0x10, 0x3, 0x6)
unshare(0x68040200)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0xfdffa000)
renameat2(0xffffffffffffff9c, 0x0, 0xffffffffffffff9c, 0x0, 0x0)
getsockopt$IP6T_SO_GET_INFO(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
r0 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000080)={0x0, 0x1, 0xfc}, 0xc)
setsockopt$MRT6_FLUSH(r0, 0x29, 0xd4, &(0x7f00000000c0)=0x8, 0x4)

2.259451012s ago: executing program 3 (id=12182):
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
syz_emit_ethernet(0x68, &(0x7f0000000080)={@broadcast, @dev, @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x3, 0x6, 0x5a, 0x0, 0x0, 0x0, 0x2f, 0x0, @private, @multicast1}, {{0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x4, 0x8100}, {0x0, 0x0, 0x0, 0x0, 0x11}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd, [0x7f]}, {0x8, 0x88be, 0x0, {{0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4}}}, {0x8, 0x22eb, 0x1, {{0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x2, {0x0, 0xfffd}}}}}}}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20030, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400001}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r0)
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)

2.259278342s ago: executing program 7 (id=12172):
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x0, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a8000000850000005000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x1f, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1f, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x8}, 0x48)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)

2.180085649s ago: executing program 7 (id=12173):
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x2b, 0x1, 0x0, 0x0, 0x0, 0x9, 0xf0029, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x7, 0x100}, 0x204, 0x0, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x200b}, 0x0, 0x4000000000, 0xffffffffffffffff, 0x8)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000000)={0x4, 0x0, &(0x7f00000004c0)=[@enter_looper], 0x0, 0x0, 0x0})
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000, 0x0, 0x0, 0x8})
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r2, &(0x7f0000000000), 0x6)

1.994463065s ago: executing program 7 (id=12174):
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(0xffffffffffffffff, 0x40a85321, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c)
sendto$inet6(r2, &(0x7f0000847fff)='X', 0x34000, 0xe0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

1.70555067s ago: executing program 1 (id=12175):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}, 0x1, 0x0, 0x0, 0xc000}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@newqdisc={0x3c, 0x24, 0xe0b, 0xfefffffc, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0x9}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_WASH={0x8, 0xd, 0x1}]}}]}, 0x3c}}, 0x0)
sendto$packet(r0, &(0x7f0000000080)="39c394e534ecf02e7e0e9ca208004b54", 0x10, 0x0, &(0x7f00000000c0)={0x11, 0x0, r3, 0x1, 0x95, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}, 0x14)

1.294513157s ago: executing program 7 (id=12176):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e21, @multicast1}, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000001200)=0x8a4, 0x4)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000100)=[{0x6, 0x7, 0x0, 0x8001}]}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='veno', 0x4)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)

1.271677678s ago: executing program 3 (id=12177):
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x15, 0x2000000000000216, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$can_raw(0x1d, 0x3, 0x1)
bind$can_raw(r0, &(0x7f0000000000), 0x10)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
memfd_create(&(0x7f0000000280)='\x01\xfd\xae.+\xa6\x8c\xb6?2\x199\x94S,|x?Ue[\xbd\xe1!\x033\xbc\'#\xff\x17\x9b%\xf3[d  \x97\xf5G\x97A\xc2\xd8\xf0Uq\xe6+\xa5l\x94\v\xb6\a\x17\\\xfb\x04!\xe4\xc4\xb1\xa2\x1c\xffC;\x94Q\r\xb6}\x9c\xecC\v\xcf\xeb\xe4\x9aR\xe5,\x82\x03\x00\x19\x8d\xe8\xc6\xb9\xe4\xb4\x99\x8a\x19P\xb8\x8cx\b\x99\x04R\x05\xaf\xa2\xea5\f\xcc\x1a\x9b\x00Uf\xa5\xf7\x80Tgiz\nX\b\x91\xfd0\x8e\xb6\xa3\v#\xa1\xdf\xb4\xc0\xe6\xb4\xef\xa8i\xd8\xa2\xd2(\x98\x9bA\x8f\x13\xeb\xf4b/\xef!\x8f\xf6]-\xe9k\xb62\x89gEv\x13\xf4\xc7\xb2\xf5\\\x17\x90\xb5\xa6\xa8\xb8o\x0f\xe2 \xe7\x9c$\xd7\xf2@\xf7cdv[\t\x00\x8d\xf3\xcc1\r$\x1e\xff\xf0P\xb2\x97\xb8\xbc\xeb\x91\x87\x8bu\xbf\xd4\'\xff\x1f\f\x016\x9dQ\xeeT\xe8\bY\x00\xb2\x06\xa6\xbel\x9b.o\xbe\x80\x9dx\xd5O\xd6h\\I\xc9\x8d\a\x1d\xc9\x0f\x82\xdbs\xc7\x83L\x9e\xa2\xd1\xb3\xac\x8d\xd8\xb4\xb4\xea\x90Q\xd8\xc7\xeb%\x8bOp\x1ab\x96\xcf\xbb\x15\xcf\xfcN\xed\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00s\xaf\xa2\x14]p+\x96\x1ei|n\xda\xee\\\xae\x96*\x82*\xb8j\xda\xaa\x14\x1f\x1d\xf8\xf8\xae\xfcH\xc4\xb3j\xe8\xcfO\xef\x0e\xafe\xb5*\x89\x18\xb2w\x96\b\x1by\xeaT\xdd\xb3g6\xbc\x85\xb2Y\xccv\x06\x00\x00\x00\xc5e\x90\xc51\x9f\v_# \b\xa5\xbcP,|\xe9\xd6s\x1f\x1f\xbe\xd3\x80\xb1\xa8 \xce|df\x903\v\x02\xea.\x03X\xb5\xe4,8\xb7\xadEI\xdcA\xa7\xcc\xd7\xf9n\x1b\x95\xf8\x11Z\xe6:\x03\xce\xfe\x02\x8ctdy~_oC\x9e\xef\xf0\xa2K\xe9;\x8e:\x01\x03C\x92\xeb\x16\x1c\xbf\xbe\xef\xccUxhg\xffY\xe6\x83\xa6z\xff\x01\x9d o_{!O\xaajU\x84 \xe9\xb59r\x9cw\x18Z\xd3\xcd\x0e\xba\\\xdb\xf0\xe1\x86\t\xaf\vi\xdc\xbf?\xf5\n\xbd^\x05\xc0\xceuC}\xa8\xc7\xad\x86\xd7\x15&\xb9]1\x05J\x96\xf0\x84\xc1\f\xa6p\x96\xb8\x02\x13pA\x19\tf\x12\x88\xc8\x9c\xc9Cn\xd4\xa47V\'+\xcc\xbf\r\xa9\x10\x1d\xcf\xebKlb\xe5:\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00G\xdf\xbb\xc0_\x99F\xf4n]\x14\xbc\xcd\xd3\x9f\x9fe\xc5\xe6\xe8Mb\xc6\x82\x82\xcc\xcaXe\xe1\xa2\xaa\x02\x86\xb8\x18\xe2C\xeb\xa9\x17&\x01&\'w\xa1t0\x80\xf0\x93\x80\x9f\x9b\xe0\x9f\xea\xb9\x9eD]#V\xda\x92\xca\xc6\xfa.\xd6\xe31\xfe\xe8\x02\xebX\xbd\nz\x01O\xd3r\xa2\xa9u\x93', 0x6)
setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f00000000c0), 0xf00)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r1, 0xffffffffffffffff, 0x0)

1.211198374s ago: executing program 7 (id=12178):
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
r0 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x80, 0x2, 0x1ce}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000300)=<r2=>0x0)
ioctl$sock_inet6_SIOCSIFDSTADDR(0xffffffffffffffff, 0x8918, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x5, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, r0, 0x0, &(0x7f0000000040)='./file0\x00', 0x64, 0x183000, 0x12345})
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0)
read$rfkill(r3, &(0x7f0000000040), 0x8)
io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0)

1.210912024s ago: executing program 3 (id=12180):
r0 = socket$kcm(0xa, 0x2, 0x0)
r1 = socket(0x2, 0x80805, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r1, 0x0, 0x482, &(0x7f0000000240)={0x84, @multicast2, 0x4e20, 0x3, 'wlc\x00', 0x1f, 0xa7e, 0x40070}, 0x2c)
unshare(0x26020480)
syz_io_uring_setup(0x3426, 0x0, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000040))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
setsockopt$IP_VS_SO_SET_ADDDEST(r1, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0xa010101, 0x4f29, 0x3, 'wlc\x00', 0x5, 0xc, 0x6c}, {@loopback, 0x4e23, 0x3, 0xcd, 0x1}}, 0x44)
sendmsg$sock(r0, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e20, 0x0, @dev}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14, 0x1, 0x24, 0x3}}], 0x18}, 0x0)

1.202030544s ago: executing program 1 (id=12181):
r0 = syz_io_uring_setup(0x44cd, &(0x7f00000004c0)={0x0, 0x5331, 0x10100, 0x1000006, 0x1e5}, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, 0x0, 0x0}, 0x94)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='8'], 0x38}}, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1})
io_uring_enter(r0, 0x2d3e, 0xec84, 0x0, 0x0, 0x0)

1.065333566s ago: executing program 2 (id=12183):
r0 = socket$netlink(0x10, 0x3, 0x10)
socket$inet(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r1 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x2a, 0x1, 0x0, 0x0, 0x0, 0x6, 0xf4039, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x147b7e, 0x0, @perf_config_ext={0x7, 0xf60d}, 0x9092, 0x4, 0x43a1bd76, 0x2, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x200b}, 0x0, 0x4000000000, 0xffffffffffffffff, 0x8)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000c3707bf4000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x48, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RELOAD(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r3, 0x1, 0x70bd27, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x40}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x30)

1.064932596s ago: executing program 3 (id=12193):
r0 = syz_io_uring_setup(0x6440, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r1, 0x0, &(0x7f00000001c0)=@IORING_OP_FILES_UPDATE={0x14, 0x45, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, {0x0, r3}})
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r4, &(0x7f00000001c0)=ANY=[@ANYBLOB='3'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r4, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x55, 0x2000, @fd_index=0xd, 0x7, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

1.064598516s ago: executing program 1 (id=12184):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='dctcp', 0x5)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x2, 0x200, @loopback, 0x7}, 0x1c)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r0, &(0x7f0000000300)="a6a7", 0x2, 0x24000045, &(0x7f00000001c0)={0xa, 0x2, 0xffff, @loopback, 0x9}, 0x1c)
syz_open_procfs(0x0, 0x0)
syz_read_part_table(0x4066, &(0x7f0000008100)="$eJzszzFKw3AUBvAvrcEogSLoJIjFwU3i5pRbdJeewclBxdzEUTyA9/AOjl4hDpJIrYNLQeX3m97Hx3vJP/wR1TgVSZ6XT3tJjufpmuaj3Br6nc+l5jzlbjVJneRq/ebicfP/DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/FKTlXSbpHu5Ph1yNTbLw3Q3bS7qpDqYJffTlO1Rkf1kfvbN3WnymqRI8pZkMdvsMwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/+JyJW1/rethuFtffThJ15Zj2/d9/+PPVsk7u3MsAAAAgACMMskoY+jfCJa+VwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMYOHAgAAAAAAPm/NkJVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVUVduBABgAAAECYv3Ue7QcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbgoAAP//SIAVRg==")
shutdown(r0, 0x1)

1.064492286s ago: executing program 7 (id=12185):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
r1 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2a, &(0x7f0000000080)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @broadcast}, 0x2}}}, 0x108)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2b, &(0x7f0000000200)={0x0, {{0xa, 0x4000, 0x0, @mcast2}}, {{0xa, 0x4e23, 0x3, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0xfffffffe}}}, 0x108)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r2, &(0x7f0000000740)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000300)=ANY=[@ANYBLOB="20000000110001000000000000000000100000e60b"], 0x20}], 0x1}, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

983.079033ms ago: executing program 3 (id=12186):
r0 = getpid()
r1 = gettid()
timer_create(0x1, &(0x7f0000000800)={0x0, 0x21, 0x4, @tid=r1}, &(0x7f0000000000))
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x3ed4, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9)
timer_settime(0x0, 0x1, &(0x7f0000000040), 0x0)
r2 = syz_pidfd_open(r0, 0x0)
process_madvise(r2, 0x0, 0x0, 0x12, 0x0)

977.017384ms ago: executing program 3 (id=12187):
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)
r0 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x3, &(0x7f0000000140)=@framed={{0x18, 0x2, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x9}}, 0x0}, 0x94)
r1 = openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff)
close(r1)
execveat$binfmt(0xffffffffffffff9c, r0, 0x0, &(0x7f0000000880)={[], 0xf000}, 0x0)

909.35292ms ago: executing program 4 (id=12188):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0x3, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="5c0000000206030000000000000000000000000005000100070000000900020073797a31000000001400078005001500070000000800124000000000050005000200000005000400000000000d000300686173683a6e6574"], 0x5c}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @dev={0xac, 0x14, 0x14, 0x14}}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @loopback}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x30040043}, 0x240008c4)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
openat$selinux_load(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f512, 0x0)

105.94185ms ago: executing program 2 (id=12189):
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x40f00, 0x1c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
r1 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x7, 0x2}]}, 0x10)
sendmmsg$inet(r2, &(0x7f0000002c40)=[{{0x0, 0x0, &(0x7f0000000e80)=[{&(0x7f0000000a80)="2a73ed35", 0x732a}], 0x1}}], 0x400000000000292, 0x0)

103.070781ms ago: executing program 1 (id=12200):
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0x20)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4, 0x12, r1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000003c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000280)='./file0\x00', &(0x7f0000000300)=[0x5], 0x0, 0x0, 0x1, 0x1}}, 0x40)
mbind(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4002, &(0x7f0000000000)=0x1, 0x7, 0x0)
mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x2, &(0x7f0000000080)=0x3, 0x8, 0x0)

0s ago: executing program 1 (id=12190):
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
syz_emit_ethernet(0x68, &(0x7f0000000080)={@broadcast, @dev, @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x3, 0x6, 0x5a, 0x0, 0x0, 0x0, 0x2f, 0x0, @private, @multicast1}, {{0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x4, 0x8100}, {0x0, 0x0, 0x0, 0x0, 0x11}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd, [0x7f]}, {0x8, 0x88be, 0x0, {{0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4}}}, {0x8, 0x22eb, 0x1, {{0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x2, {0x0, 0xfffd}}}}}}}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20030, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400001}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r0)
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)

kernel console output (not intermixed with test programs):

ode
[  528.190468][ T3825] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  528.280668][T22951] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  528.463974][ T2069] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  528.589326][   T28] audit: type=1400 audit(1771844177.562:13436): avc:  denied  { map } for  pid=3846 comm="syz.8.10874" path="socket:[120073]" dev="sockfs" ino=120073 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1
[  528.811387][ T3864] loop2: detected capacity change from 0 to 128
[  529.005421][ T3879] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10889'.
[  529.028971][ T3879] netlink: 'syz.2.10889': attribute type 5 has an invalid length.
[  529.038891][ T3879] netlink: 4 bytes leftover after parsing attributes in process `syz.2.10889'.
[  529.051008][ T3879] geneve2: entered promiscuous mode
[  529.057329][ T3879] geneve2: entered allmulticast mode
[  529.068956][ T4381] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 38630 - 0
[  529.086929][ T4381] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 38630 - 0
[  529.099556][ T4381] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 38630 - 0
[  529.111112][ T4381] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 38630 - 0
[  529.245957][ T3900] loop2: detected capacity change from 0 to 512
[  529.254514][ T3900] EXT4-fs: Ignoring removed i_version option
[  529.288149][ T3900] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  529.300842][ T3900] EXT4-fs (loop2): 1 truncate cleaned up
[  529.307342][ T3900] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  529.397853][T32735] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  529.473071][ T3929] netlink: 1363 bytes leftover after parsing attributes in process `syz.6.10910'.
[  529.838407][ T3942] syzkaller0: entered promiscuous mode
[  529.848239][ T3942] syzkaller0: entered allmulticast mode
[  530.317464][ T3959] loop8: detected capacity change from 0 to 512
[  530.350578][ T3959] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  530.383454][ T3959] ext4 filesystem being mounted at /855/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  530.442216][T22951] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  531.367690][   T28] audit: type=1326 audit(1771844180.342:13437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3978 comm="syz.2.10933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f603475c629 code=0x7fc00000
[  531.996224][   T28] audit: type=1326 audit(1771844180.962:13438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3978 comm="syz.2.10933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f60346fda19 code=0x7fc00000
[  532.046836][ T4037] loop2: detected capacity change from 0 to 128
[  532.274143][ T4037] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  532.297112][ T4037] FAT-fs (loop2): Filesystem has been set read-only
[  532.323509][ T4037] bio_check_eod: 73 callbacks suppressed
[  532.323524][ T4037] syz.2.10951: attempt to access beyond end of device
[  532.323524][ T4037] loop2: rw=8912896, sector=2065, nr_sectors = 8 limit=128
[  532.364397][ T4037] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  532.402438][ T4037] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  532.415019][ T4037] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  532.433794][ T4037] syz.2.10951: attempt to access beyond end of device
[  532.433794][ T4037] loop2: rw=8912896, sector=2065, nr_sectors = 8 limit=128
[  532.499683][ T4037] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  532.509144][ T4056] loop8: detected capacity change from 0 to 512
[  532.526581][   T28] audit: type=1326 audit(1771844181.432:13439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4055 comm="syz.8.10957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75d3c8c629 code=0x7ffc0000
[  532.565869][ T4037] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  532.589991][   T28] audit: type=1326 audit(1771844181.432:13440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4055 comm="syz.8.10957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f75d3c8c629 code=0x7ffc0000
[  532.625019][ T4037] syz.2.10951: attempt to access beyond end of device
[  532.625019][ T4037] loop2: rw=8388608, sector=2065, nr_sectors = 8 limit=128
[  532.652133][   T28] audit: type=1326 audit(1771844181.452:13441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4055 comm="syz.8.10957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75d3c8c629 code=0x7ffc0000
[  532.695005][ T4037] syz.2.10951: attempt to access beyond end of device
[  532.695005][ T4037] loop2: rw=8388608, sector=2065, nr_sectors = 8 limit=128
[  532.710092][   T28] audit: type=1326 audit(1771844181.452:13442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4055 comm="syz.8.10957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75d3c8c629 code=0x7ffc0000
[  532.759127][ T4037] syz.2.10951: attempt to access beyond end of device
[  532.759127][ T4037] loop2: rw=8388608, sector=2065, nr_sectors = 8 limit=128
[  532.784607][ T4037] syz.2.10951: attempt to access beyond end of device
[  532.784607][ T4037] loop2: rw=8388608, sector=2065, nr_sectors = 8 limit=128
[  532.784686][   T28] audit: type=1326 audit(1771844181.462:13443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4055 comm="syz.8.10957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f75d3c8c629 code=0x7ffc0000
[  532.816268][ T4037] syz.2.10951: attempt to access beyond end of device
[  532.816268][ T4037] loop2: rw=8388608, sector=2065, nr_sectors = 8 limit=128
[  532.850833][ T4037] syz.2.10951: attempt to access beyond end of device
[  532.850833][ T4037] loop2: rw=8388608, sector=2065, nr_sectors = 8 limit=128
[  532.864908][   T28] audit: type=1326 audit(1771844181.462:13444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4055 comm="syz.8.10957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75d3c8c629 code=0x7ffc0000
[  532.889428][   T28] audit: type=1326 audit(1771844181.462:13445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4055 comm="syz.8.10957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f75d3c8c629 code=0x7ffc0000
[  532.904450][ T4037] syz.2.10951: attempt to access beyond end of device
[  532.904450][ T4037] loop2: rw=8388608, sector=2065, nr_sectors = 8 limit=128
[  532.932833][   T28] audit: type=1326 audit(1771844181.462:13446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4055 comm="syz.8.10957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75d3c8c629 code=0x7ffc0000
[  532.943291][ T4037] syz.2.10951: attempt to access beyond end of device
[  532.943291][ T4037] loop2: rw=8388608, sector=2065, nr_sectors = 8 limit=128
[  533.309345][ T4070] loop6: detected capacity change from 0 to 128
[  533.559854][ T4088] loop6: detected capacity change from 0 to 512
[  533.568743][T20058] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[  533.650913][T20058] hid-generic 0000:0000:0000.0015: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  533.699183][ T4088] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  533.757047][ T4088] ext4 filesystem being mounted at /96/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  533.802896][ T2069] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  533.859896][ T4103] loop6: detected capacity change from 0 to 128
[  534.171013][ T4103] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100)
[  534.203706][ T4103] FAT-fs (loop6): Filesystem has been set read-only
[  534.218614][ T4103] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100)
[  534.235476][ T4103] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100)
[  534.788906][ T4118] netlink: 76 bytes leftover after parsing attributes in process `syz.2.10983'.
[  535.196753][T24547] bond6: (slave syz_tun): Releasing active interface
[  535.322194][ T4134] netlink: 'syz.7.10989': attribute type 11 has an invalid length.
[  535.340627][ T4134] netlink: 4 bytes leftover after parsing attributes in process `syz.7.10989'.
[  535.360079][ T4134] netlink: 'syz.7.10989': attribute type 11 has an invalid length.
[  535.376261][ T4134] netlink: 4 bytes leftover after parsing attributes in process `syz.7.10989'.
[  535.566649][ T4149] 9pnet: p9_errstr2errno: server reported unknown error 0x00000
[  535.725150][ T4140] chnl_net:caif_netlink_parms(): no params data found
[  535.803234][ T4140] bridge0: port 1(bridge_slave_0) entered blocking state
[  535.810391][ T4140] bridge0: port 1(bridge_slave_0) entered disabled state
[  535.817903][ T4140] bridge_slave_0: entered allmulticast mode
[  535.824637][ T4140] bridge_slave_0: entered promiscuous mode
[  535.831672][ T4140] bridge0: port 2(bridge_slave_1) entered blocking state
[  535.838855][ T4140] bridge0: port 2(bridge_slave_1) entered disabled state
[  535.846089][ T4140] bridge_slave_1: entered allmulticast mode
[  535.852812][ T4140] bridge_slave_1: entered promiscuous mode
[  535.871841][ T4140] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  535.882378][ T4140] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  535.909908][ T4140] team0: Port device team_slave_0 added
[  535.916862][ T4140] team0: Port device team_slave_1 added
[  535.934409][ T4140] batman_adv: batadv0: Adding interface: batadv_slave_0
[  535.943982][ T4140] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  535.970015][ T4140] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  536.006919][ T4140] batman_adv: batadv0: Adding interface: batadv_slave_1
[  536.013878][ T4140] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  536.064124][ T4140] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  536.127789][ T4140] hsr_slave_0: entered promiscuous mode
[  536.133986][ T4140] hsr_slave_1: entered promiscuous mode
[  536.141405][ T4140] debugfs: 'hsr0' already exists in 'hsr'
[  536.147274][ T4140] Cannot create hsr debugfs directory
[  536.365361][ T4186] netlink: 'syz.1.11004': attribute type 4 has an invalid length.
[  536.410897][ T4186] netlink: 'syz.1.11004': attribute type 4 has an invalid length.
[  536.528365][   T28] kauditd_printk_skb: 20 callbacks suppressed
[  536.528379][   T28] audit: type=1400 audit(1771844185.502:13467): avc:  denied  { listen } for  pid=4200 comm="syz.6.11007" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  536.643333][ T4140] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  536.673946][ T4140] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  536.706514][ T4140] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  536.736592][ T4140] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  536.900205][ T4140] 8021q: adding VLAN 0 to HW filter on device bond0
[  536.934408][ T4140] 8021q: adding VLAN 0 to HW filter on device team0
[  536.950719][ T4381] bridge0: port 1(bridge_slave_0) entered blocking state
[  536.957832][ T4381] bridge0: port 1(bridge_slave_0) entered forwarding state
[  536.984294][ T4381] bridge0: port 2(bridge_slave_1) entered blocking state
[  536.991477][ T4381] bridge0: port 2(bridge_slave_1) entered forwarding state
[  537.308351][ T4274] syzkaller0: entered promiscuous mode
[  537.315029][ T4274] syzkaller0: entered allmulticast mode
[  537.341974][ T4140] 8021q: adding VLAN 0 to HW filter on device batadv0
[  537.558432][ T4140] veth0_vlan: entered promiscuous mode
[  537.586662][ T4140] veth1_vlan: entered promiscuous mode
[  537.628247][ T4140] veth0_macvtap: entered promiscuous mode
[  537.656538][ T4140] veth1_macvtap: entered promiscuous mode
[  537.687133][ T4140] batman_adv: batadv0: Interface activated: batadv_slave_0
[  537.722927][ T4140] batman_adv: batadv0: Interface activated: batadv_slave_1
[  537.745921][T19022] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  537.772966][T19022] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  537.783585][T19022] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  537.808672][T19022] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  538.157344][ T4356] netlink: 'syz.6.11033': attribute type 2 has an invalid length.
[  538.188427][ T4356] netlink: 8 bytes leftover after parsing attributes in process `syz.6.11033'.
[  538.219812][ T4356] netlink: 'syz.6.11033': attribute type 2 has an invalid length.
[  538.254809][ T4356] netlink: 8 bytes leftover after parsing attributes in process `syz.6.11033'.
[  538.428598][ T4390] loop3: detected capacity change from 0 to 128
[  538.518175][ T4403] netlink: 'syz.3.11038': attribute type 1 has an invalid length.
[  538.659712][ T4416] loop3: detected capacity change from 0 to 512
[  538.676596][ T4416] EXT4-fs: Ignoring removed i_version option
[  538.698937][ T4416] EXT4-fs: Ignoring removed bh option
[  538.787156][ T4416] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  538.814415][ T4416] ext4 filesystem being mounted at /2/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  538.884247][ T4140] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  538.895917][ T4441] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11047'.
[  538.953437][ T4452] loop3: detected capacity change from 0 to 128
[  539.067161][ T4465] loop2: detected capacity change from 0 to 512
[  539.129973][ T4465] EXT4-fs: Ignoring removed bh option
[  539.135400][ T4465] EXT4-fs: inline encryption not supported
[  539.200473][ T4477] loop6: detected capacity change from 0 to 128
[  539.227890][ T4452] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  539.236001][ T4452] FAT-fs (loop3): Filesystem has been set read-only
[  539.243172][ T4465] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  539.261466][ T4477] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  539.279932][ T4452] bio_check_eod: 9959 callbacks suppressed
[  539.279946][ T4452] syz.3.11046: attempt to access beyond end of device
[  539.279946][ T4452] loop3: rw=8912896, sector=2065, nr_sectors = 8 limit=128
[  539.315372][ T4465] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1142: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  539.338051][ T4477] ext4 filesystem being mounted at /115/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  539.348593][ T4465] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.11053: bg 0: block 248: padding at end of block bitmap is not set
[  539.363356][ T4452] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  539.368188][ T4465] loop2: lost filesystem error report for type 5 error -117
[  539.373450][ T4465] Quota error (device loop2): write_blk: dquota write failed
[  539.380805][    C0] EXT4-fs (loop2): error count since last fsck: 1
[  539.380824][    C0] EXT4-fs (loop2): last error at time 1771844188: ext4_validate_block_bitmap:441
[  539.386541][ T4452] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  539.388512][ T4465] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  539.397682][ T4452] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  539.405153][ T4465] EXT4-fs error (device loop2): ext4_acquire_dquot:7001: comm syz.2.11053: Failed to acquire dquot type 1
[  539.421923][ T4465] loop2: lost filesystem error report for type 5 error -117
[  539.442267][ T4452] syz.3.11046: attempt to access beyond end of device
[  539.442267][ T4452] loop3: rw=8912896, sector=2065, nr_sectors = 8 limit=128
[  539.443414][   T28] audit: type=1400 audit(1771844188.382:13468): avc:  denied  { setopt } for  pid=4492 comm="syz.7.11059" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  539.449757][ T4452] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  539.478537][   T28] audit: type=1400 audit(1771844188.382:13469): avc:  denied  { read } for  pid=4492 comm="syz.7.11059" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  539.512456][ T4465] EXT4-fs (loop2): 1 truncate cleaned up
[  539.526676][ T4465] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback.
[  539.541050][ T4452] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  539.551135][ T4452] syz.3.11046: attempt to access beyond end of device
[  539.551135][ T4452] loop3: rw=8388608, sector=2065, nr_sectors = 8 limit=128
[  539.612175][ T4452] syz.3.11046: attempt to access beyond end of device
[  539.612175][ T4452] loop3: rw=8388608, sector=2065, nr_sectors = 8 limit=128
[  539.631210][ T4452] syz.3.11046: attempt to access beyond end of device
[  539.631210][ T4452] loop3: rw=8388608, sector=2065, nr_sectors = 8 limit=128
[  539.648476][ T4452] syz.3.11046: attempt to access beyond end of device
[  539.648476][ T4452] loop3: rw=8388608, sector=2065, nr_sectors = 8 limit=128
[  539.674493][ T4452] syz.3.11046: attempt to access beyond end of device
[  539.674493][ T4452] loop3: rw=8388608, sector=2065, nr_sectors = 8 limit=128
[  539.689837][ T4465] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.11053'.
[  539.697174][ T4452] syz.3.11046: attempt to access beyond end of device
[  539.697174][ T4452] loop3: rw=8388608, sector=2065, nr_sectors = 8 limit=128
[  539.728700][ T4452] syz.3.11046: attempt to access beyond end of device
[  539.728700][ T4452] loop3: rw=8388608, sector=2065, nr_sectors = 8 limit=128
[  539.751638][ T4452] syz.3.11046: attempt to access beyond end of device
[  539.751638][ T4452] loop3: rw=8388608, sector=2065, nr_sectors = 8 limit=128
[  540.027959][ T2069] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  540.029947][T32735] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0008-000000000000.
[  540.110879][ T4515] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  540.131385][ T4515] SELinux: failed to load policy
[  540.141158][   T28] audit: type=1400 audit(1771844189.112:13470): avc:  denied  { read } for  pid=4514 comm="syz.3.11062" name="msr" dev="devtmpfs" ino=85 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  540.179534][   T28] audit: type=1400 audit(1771844189.112:13471): avc:  denied  { open } for  pid=4514 comm="syz.3.11062" path="/dev/cpu/0/msr" dev="devtmpfs" ino=85 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  540.180618][ T4527] netlink: 8 bytes leftover after parsing attributes in process `syz.7.11066'.
[  540.266205][ T4527] netlink: 4 bytes leftover after parsing attributes in process `syz.7.11066'.
[  540.279811][ T4527] netlink: 8 bytes leftover after parsing attributes in process `syz.7.11066'.
[  540.317032][ T4527] netlink: 4 bytes leftover after parsing attributes in process `syz.7.11066'.
[  540.369966][ T4539] netlink: 44 bytes leftover after parsing attributes in process `syz.7.11071'.
[  540.407440][ T4541] netlink: 4 bytes leftover after parsing attributes in process `syz.2.11070'.
[  540.653474][ T4543] loop3: detected capacity change from 0 to 1024
[  540.707080][ T4543] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  540.724992][ T4543] ext4 filesystem being mounted at /6/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  540.748219][ T4543] EXT4-fs error (device loop3): ext4_map_blocks:818: inode #15: block 3: comm syz.3.11072: lblock 3 mapped to illegal pblock 3 (length 3)
[  540.766777][ T4543] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  540.780336][ T4543] EXT4-fs (loop3): This should not happen!! Data will be lost
[  540.780336][ T4543] 
[  540.809502][ T4381] EXT4-fs error (device loop3): ext4_map_blocks:818: inode #15: block 8: comm kworker/u8:15: lblock 8 mapped to illegal pblock 8 (length 8)
[  540.824722][ T4381] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[  540.837413][ T4381] EXT4-fs (loop3): This should not happen!! Data will be lost
[  540.837413][ T4381] 
[  540.848416][ T4140] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  540.946398][ T4573] tipc: Started in network mode
[  540.951371][ T4573] tipc: Node identity ac1414aa, cluster identity 4711
[  540.958444][ T4573] tipc: New replicast peer: 10.1.1.2
[  540.963917][ T4573] tipc: Enabled bearer <udp:syz2>, priority 10
[  541.051851][ T4577] loop3: detected capacity change from 0 to 128
[  541.293891][ T4587] netlink: 8 bytes leftover after parsing attributes in process `syz.2.11090'.
[  541.519531][ T4603] netlink: 20 bytes leftover after parsing attributes in process `syz.1.11097'.
[  541.999674][ T4624] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11106'.
[  542.016169][ T4624] netlink: 12 bytes leftover after parsing attributes in process `syz.1.11106'.
[  542.037555][   T40] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  542.048486][   T40] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  542.082113][   T40] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  542.104144][T20063] tipc: Node number set to 2886997162
[  542.112327][   T40] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  543.059227][ T4681] netlink: 'syz.7.11131': attribute type 1 has an invalid length.
[  543.077045][ T4681] gretap3: entered allmulticast mode
[  543.084576][ T4681] bond9: (slave gretap3): making interface the new active one
[  543.092869][ T4681] bond9: (slave gretap3): Enslaving as an active interface with an up link
[  543.357745][ T4701] netlink: 'syz.1.11137': attribute type 29 has an invalid length.
[  543.366340][ T4701] netlink: 'syz.1.11137': attribute type 29 has an invalid length.
[  543.621494][   T28] audit: type=1400 audit(1771844192.592:13472): avc:  denied  { append } for  pid=4719 comm="syz.3.11148" name="random" dev="devtmpfs" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[  544.577434][ T4832] vlan0: entered promiscuous mode
[  544.673950][ T4831] vlan0: left promiscuous mode
[  544.709615][   T28] audit: type=1400 audit(1771844193.682:13473): avc:  denied  { read write } for  pid=4846 comm="syz.6.11177" name="nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  544.743930][   T28] audit: type=1400 audit(1771844193.682:13474): avc:  denied  { open } for  pid=4846 comm="syz.6.11177" path="/dev/nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  544.745179][ T4849] netlink: 'syz.7.11178': attribute type 1 has an invalid length.
[  544.891199][ T4849] bond10: (slave ip6gretap2): making interface the new active one
[  544.899475][ T4849] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured!
[  544.909872][ T4849] ip6_tunnel: ip6gretap2 xmit: Local address not yet configured!
[  544.917766][ T4849] bond10: (slave ip6gretap2): Enslaving as an active interface with an up link
[  545.047399][ T4885] loop2: detected capacity change from 0 to 1024
[  545.146694][ T4885] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  545.174733][ T4885] ext4 filesystem being mounted at /265/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  545.268370][ T4885] EXT4-fs error (device loop2): ext4_map_blocks:818: inode #15: block 3: comm syz.2.11185: lblock 3 mapped to illegal pblock 3 (length 3)
[  545.294395][ T4885] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  545.323331][ T4885] EXT4-fs (loop2): This should not happen!! Data will be lost
[  545.323331][ T4885] 
[  545.357457][   T12] EXT4-fs error (device loop2): ext4_map_blocks:818: inode #15: block 8: comm kworker/u8:0: lblock 8 mapped to illegal pblock 8 (length 8)
[  545.381235][   T12] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[  545.400185][   T12] EXT4-fs (loop2): This should not happen!! Data will be lost
[  545.400185][   T12] 
[  545.412911][T32735] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  545.413357][ T4899] netlink: 'syz.6.11191': attribute type 2 has an invalid length.
[  545.429999][ T4899] __nla_validate_parse: 8 callbacks suppressed
[  545.430014][ T4899] netlink: 40 bytes leftover after parsing attributes in process `syz.6.11191'.
[  545.624025][ T4915] syzkaller1: entered promiscuous mode
[  545.632842][ T4915] syzkaller1: entered allmulticast mode
[  545.806927][T14478] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  545.809695][ T3521] Bluetooth: hci0: command 0x1003 tx timeout
[  545.851915][ T4934] loop3: detected capacity change from 0 to 256
[  545.961147][ T4936] loop6: detected capacity change from 0 to 8192
[  546.097571][   T28] audit: type=1400 audit(1771844195.072:13475): avc:  denied  { mounton } for  pid=4946 comm="syz.6.11212" path="/139/file0" dev="cgroup" ino=543 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[  547.355941][ T4982] netlink: 12 bytes leftover after parsing attributes in process `syz.1.11224'.
[  547.406874][ T4982] netlink: 4 bytes leftover after parsing attributes in process `syz.1.11224'.
[  547.436425][ T4982] netlink: 12 bytes leftover after parsing attributes in process `syz.1.11224'.
[  547.476930][ T4982] netlink: 4 bytes leftover after parsing attributes in process `syz.1.11224'.
[  561.372248][ T4986] chnl_net:caif_netlink_parms(): no params data found
[  561.405441][ T4986] bridge0: port 1(bridge_slave_0) entered blocking state
[  561.412616][ T4986] bridge0: port 1(bridge_slave_0) entered disabled state
[  561.420364][ T4986] bridge_slave_0: entered allmulticast mode
[  561.426925][ T4986] bridge_slave_0: entered promiscuous mode
[  561.433565][ T4986] bridge0: port 2(bridge_slave_1) entered blocking state
[  561.440743][ T4986] bridge0: port 2(bridge_slave_1) entered disabled state
[  561.448685][ T4986] bridge_slave_1: entered allmulticast mode
[  561.455224][ T4986] bridge_slave_1: entered promiscuous mode
[  561.465756][ T4362] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  561.492689][ T4986] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  561.503684][ T4986] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  561.521363][ T4362] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  561.539314][ T4986] team0: Port device team_slave_0 added
[  561.546632][ T4986] team0: Port device team_slave_1 added
[  561.562477][ T4986] batman_adv: batadv0: Adding interface: batadv_slave_0
[  561.586426][ T4986] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  561.632776][ T4986] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  561.646049][ T4362] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  561.658403][ T4986] batman_adv: batadv0: Adding interface: batadv_slave_1
[  561.665387][ T4986] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  561.691320][ T4986] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  561.718880][ T4362] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  561.734817][ T4986] hsr_slave_0: entered promiscuous mode
[  561.742360][ T4986] hsr_slave_1: entered promiscuous mode
[  561.755263][ T4986] debugfs: 'hsr0' already exists in 'hsr'
[  561.761154][ T4986] Cannot create hsr debugfs directory
[  561.762104][ T5002] loop3: detected capacity change from 0 to 2048
[  561.837848][ T5002] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  561.924430][ T4362] bridge_slave_1: left allmulticast mode
[  561.950323][ T4362] bridge_slave_1: left promiscuous mode
[  561.956005][ T4362] bridge0: port 2(bridge_slave_1) entered disabled state
[  561.968722][ T5017] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1315: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  562.007946][ T4362] bridge_slave_0: left allmulticast mode
[  562.013621][ T4362] bridge_slave_0: left promiscuous mode
[  562.026336][ T4362] bridge0: port 1(bridge_slave_0) entered disabled state
[  562.079777][ T4364] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 462 with error 28
[  562.100647][ T4364] EXT4-fs (loop3): This should not happen!! Data will be lost
[  562.100647][ T4364] 
[  562.120585][ T4364] EXT4-fs (loop3): Total free blocks count 0
[  562.135353][ T4364] EXT4-fs (loop3): Free/Dirty block details
[  562.149182][ T4364] EXT4-fs (loop3): free_blocks=2415919504
[  562.155047][ T4364] EXT4-fs (loop3): dirty_blocks=464
[  562.162468][ T4364] EXT4-fs (loop3): Block reservation details
[  562.169477][ T4364] EXT4-fs (loop3): i_reserved_data_blocks=29
[  562.180528][ T4140] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  562.236817][ T4362] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  562.252204][ T4362] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  562.262822][ T4362] bond0 (unregistering): Released all slaves
[  562.356106][ T4362] hsr_slave_0: left promiscuous mode
[  562.362551][ T4362] hsr_slave_1: left promiscuous mode
[  562.376195][   T28] audit: type=1400 audit(1771844211.342:13476): avc:  denied  { unmount } for  pid=5049 comm="syz.1.11239" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  562.401010][ T4362] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  562.418589][ T4362] batman_adv: batadv0: Removing interface: batadv_slave_0
[  562.433937][ T4362] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  562.441965][ T4362] batman_adv: batadv0: Removing interface: batadv_slave_1
[  562.453576][ T4362] veth1_macvtap: left promiscuous mode
[  562.459425][ T4362] veth0_macvtap: left promiscuous mode
[  562.465523][ T4362] veth1_vlan: left promiscuous mode
[  562.471261][ T4362] veth0_vlan: left promiscuous mode
[  562.539915][ T5067] netlink: 8 bytes leftover after parsing attributes in process `syz.7.11249'.
[  562.549312][ T5067] netlink: 12 bytes leftover after parsing attributes in process `syz.7.11249'.
[  562.583704][ T4362] team0 (unregistering): Port device team_slave_1 removed
[  562.593287][ T4362] team0 (unregistering): Port device team_slave_0 removed
[  562.635832][ T5065] geneve2: entered promiscuous mode
[  562.641917][ T5065] geneve2: entered allmulticast mode
[  562.652839][ T5067] netlink: 8 bytes leftover after parsing attributes in process `syz.7.11249'.
[  562.661897][ T5067] netlink: 12 bytes leftover after parsing attributes in process `syz.7.11249'.
[  562.695213][  T238] netdevsim netdevsim3 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  562.705594][  T238] netdevsim netdevsim3 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  562.714867][  T238] netdevsim netdevsim3 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  562.724772][  T238] netdevsim netdevsim3 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  562.759106][  T238] netdevsim netdevsim7 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  562.773931][  T238] netdevsim netdevsim7 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  562.796391][  T238] netdevsim netdevsim7 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  562.828863][ T5075] syz_tun: entered allmulticast mode
[  562.836637][  T238] netdevsim netdevsim7 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  562.858498][ T5075] SELinux: failure in sel_netif_sid_slow(), invalid network interface (0)
[  562.867068][ T5075] mroute: pending queue full, dropping entries
[  562.873898][ T5074] syz_tun: left allmulticast mode
[  563.083202][ T5091] syzkaller1: entered promiscuous mode
[  563.088810][ T5091] syzkaller1: entered allmulticast mode
[  563.230882][ T4362] IPVS: stop unused estimator thread 0...
[  563.298270][ T5121] netlink: 24 bytes leftover after parsing attributes in process `syz.7.11262'.
[  563.394086][ T5137] loop3: detected capacity change from 0 to 1024
[  563.419519][ T4986] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  563.438522][ T4986] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  563.451536][ T5137] EXT4-fs: Ignoring removed orlov option
[  563.459686][ T5137] EXT4-fs: Ignoring removed nobh option
[  563.468361][ T4986] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  563.485726][ T5137] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  563.499624][ T4986] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  563.558350][ T4986] 8021q: adding VLAN 0 to HW filter on device bond0
[  563.577589][ T4986] 8021q: adding VLAN 0 to HW filter on device team0
[  563.592651][  T238] bridge0: port 1(bridge_slave_0) entered blocking state
[  563.599777][  T238] bridge0: port 1(bridge_slave_0) entered forwarding state
[  563.617984][ T4140] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  563.645282][  T238] bridge0: port 2(bridge_slave_1) entered blocking state
[  563.652540][  T238] bridge0: port 2(bridge_slave_1) entered forwarding state
[  563.811768][ T4986] 8021q: adding VLAN 0 to HW filter on device batadv0
[  563.950630][ T4986] veth0_vlan: entered promiscuous mode
[  563.959143][ T4986] veth1_vlan: entered promiscuous mode
[  563.988459][ T4986] veth0_macvtap: entered promiscuous mode
[  563.998354][ T4986] veth1_macvtap: entered promiscuous mode
[  564.011613][ T4986] batman_adv: batadv0: Interface activated: batadv_slave_0
[  564.030651][ T4986] batman_adv: batadv0: Interface activated: batadv_slave_1
[  564.055752][T19026] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  564.084194][T19026] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  564.101769][T19026] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  564.122945][T19026] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  564.406275][ T5253] loop4: detected capacity change from 0 to 1024
[  564.533829][ T5253] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  564.563946][ T5253] ext4 filesystem being mounted at /0/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  564.610461][   T28] audit: type=1400 audit(1771844213.582:13477): avc:  denied  { read } for  pid=5301 comm="syz.3.11284" path="socket:[126613]" dev="sockfs" ino=126613 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  564.721060][ T5309] loop3: detected capacity change from 0 to 256
[  564.733954][ T5316] loop2: detected capacity change from 0 to 512
[  564.740972][ T5316] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  564.787024][ T5316] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a84ec01c, mo2=0003]
[  564.825952][ T5316] System zones: 1-2, 4-12, 8-8
[  564.835366][ T5253] EXT4-fs error (device loop4): ext4_map_blocks:818: inode #15: block 3: comm syz.4.11227: lblock 3 mapped to illegal pblock 3 (length 3)
[  564.874835][ T5316] EXT4-fs error (device loop2): ext4_orphan_get:1391: inode #15: comm syz.2.11286: iget: bad i_size value: 38620345925642
[  564.890412][ T5253] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  564.904366][ T5316] loop2: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  564.904618][ T5316] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.11286: couldn't read orphan inode 15 (err -117)
[  564.913915][    C0] EXT4-fs (loop2): error count since last fsck: 1
[  564.913938][    C0] EXT4-fs (loop2): initial error at time 1771844213: ext4_orphan_get:1391: inode 15
[  564.913969][    C0] EXT4-fs (loop2): last error at time 1771844213: ext4_orphan_get:1391: inode 15
[  564.954221][ T5253] EXT4-fs (loop4): This should not happen!! Data will be lost
[  564.954221][ T5253] 
[  564.974580][ T5316] loop2: lost filesystem error report for type 5 error -117
[  564.975305][ T5316] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  565.062855][ T5334] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  565.089892][ T5334] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  565.193863][ T4385] EXT4-fs error (device loop4): ext4_map_blocks:818: inode #15: block 8: comm kworker/u8:17: lblock 8 mapped to illegal pblock 8 (length 8)
[  565.265537][ T4385] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[  565.282521][ T5349] loop3: detected capacity change from 0 to 1024
[  565.300044][ T4385] EXT4-fs (loop4): This should not happen!! Data will be lost
[  565.300044][ T4385] 
[  565.317283][ T4986] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  565.357321][ T5349] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e040c01c, mo2=0002]
[  565.365694][ T5349] System zones: 0-1, 3-36
[  565.373932][ T5349] EXT4-fs error (device loop3): ext4_orphan_get:1417: comm syz.3.11287: bad orphan inode 134217728
[  565.400574][ T5349] loop3: lost filesystem error report for type 5 error -117
[  565.401100][ T5349] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  565.541821][T19026] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm kworker/u8:23: bg 0: block 5: invalid block bitmap
[  565.560756][T19026] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  565.587240][T19026] EXT4-fs (loop2): This should not happen!! Data will be lost
[  565.587240][T19026] 
[  565.606166][T19026] EXT4-fs (loop2): Total free blocks count 0
[  565.619994][T19026] EXT4-fs (loop2): Free/Dirty block details
[  565.636243][T19026] EXT4-fs (loop2): free_blocks=0
[  565.641264][T19026] EXT4-fs (loop2): dirty_blocks=16020
[  565.655955][T19026] EXT4-fs (loop2): Block reservation details
[  565.684813][T19026] EXT4-fs (loop2): i_reserved_data_blocks=16020
[  565.961235][ T4140] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  566.060271][ T5392] netlink: 24 bytes leftover after parsing attributes in process `syz.7.11295'.
[  566.105989][ T5398] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11306'.
[  566.155232][ T5398] netlink: 'syz.1.11306': attribute type 1 has an invalid length.
[  566.176282][ T5398] netlink: 'syz.1.11306': attribute type 2 has an invalid length.
[  566.350385][  T238] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  566.643774][ T5450] netlink: 12 bytes leftover after parsing attributes in process `syz.1.11312'.
[  566.681837][ T5450] bond9: entered promiscuous mode
[  566.690373][ T5450] bond9: entered allmulticast mode
[  566.695728][ T5450] 8021q: adding VLAN 0 to HW filter on device bond9
[  566.703877][ T5450] A link change request failed with some changes committed already. Interface bond9 may have been left with an inconsistent configuration, please check.
[  567.198243][ T5488] netlink: 12 bytes leftover after parsing attributes in process `syz.7.11318'.
[  567.223749][ T5488] netlink: 12 bytes leftover after parsing attributes in process `syz.7.11318'.
[  567.890254][ T5507] loop3: detected capacity change from 0 to 8192
[  568.142444][   T28] audit: type=1400 audit(1771844217.112:13478): avc:  denied  { relabelfrom } for  pid=5536 comm="syz.3.11341" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  568.183263][   T28] audit: type=1400 audit(1771844217.132:13479): avc:  denied  { relabelto } for  pid=5536 comm="syz.3.11341" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  568.230024][ T5543] netlink: 20 bytes leftover after parsing attributes in process `syz.4.11344'.
[  568.337682][ T5554] loop4: detected capacity change from 0 to 512
[  568.363528][ T5554] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  568.391382][ T5554] ext4 filesystem being mounted at /8/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  568.435515][ T4986] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  568.542642][ T5570] loop3: detected capacity change from 0 to 256
[  569.123847][ T5599] bond3: (slave lo): Releasing backup interface
[  569.144241][ T5599] bond3: (slave lo): last VLAN challenged slave left bond - VLAN blocking is removed
[  569.159408][ T5599] syz_tun: left promiscuous mode
[  569.167362][ T5599] bridge0: port 3(syz_tun) entered disabled state
[  569.174918][ T5599] dummy0: left allmulticast mode
[  569.191483][ T5599] team0: Port device dummy0 removed
[  569.206601][ T5599] bridge_slave_0: left allmulticast mode
[  569.221749][ T5599] bridge_slave_0: left promiscuous mode
[  569.229584][ T5599] bridge0: port 1(bridge_slave_0) entered disabled state
[  569.239005][ T5599] bridge_slave_1: left allmulticast mode
[  569.244840][ T5599] bridge_slave_1: left promiscuous mode
[  569.260643][ T5599] bridge0: port 2(bridge_slave_1) entered disabled state
[  569.271183][ T5620] loop4: detected capacity change from 0 to 2048
[  569.287068][ T5599] bond0: (slave bond_slave_0): Releasing backup interface
[  569.295070][ T5620] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  569.307489][ T5599] bond_slave_0: left promiscuous mode
[  569.313025][ T5599] bond_slave_0: left allmulticast mode
[  569.319161][ T5620] ext4 filesystem being mounted at /14/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  569.330860][ T5599] bond0: (slave bond_slave_1): Releasing backup interface
[  569.335428][ T5620] EXT4-fs (loop4): shut down requested (0)
[  569.349523][ T5599] bond_slave_1: left promiscuous mode
[  569.359138][ T5599] bond_slave_1: left allmulticast mode
[  569.365109][ T5599] team_slave_0: left allmulticast mode
[  569.371294][ T5599] team0: Port device team_slave_0 removed
[  569.378566][ T5599] team_slave_1: left allmulticast mode
[  569.384669][ T5599] team0: Port device team_slave_1 removed
[  569.391019][ T5599] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  569.465878][ T4986] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  569.542173][ T5632] xt_hashlimit: size too large, truncated to 1048576
[  569.917759][ T5642] sock: sock_set_timeout: `syz.3.11381' (pid 5642) tries to set negative timeout
[  570.031250][ T5648] sd 0:0:1:0: device reset
[  570.350966][ T5654] loop2: detected capacity change from 0 to 128
[  570.762967][ T5663] netlink: 'syz.4.11389': attribute type 1 has an invalid length.
[  570.784775][ T5663] netlink: 'syz.4.11389': attribute type 4 has an invalid length.
[  570.796892][ T5663] netlink: 9462 bytes leftover after parsing attributes in process `syz.4.11389'.
[  570.852424][ T5667] loop4: detected capacity change from 0 to 256
[  571.366842][ T5679] netlink: 8 bytes leftover after parsing attributes in process `syz.2.11392'.
[  572.018995][ T5689] loop2: detected capacity change from 0 to 4096
[  572.038594][ T5689] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  572.091297][ T5689] EXT4-fs (loop2): shut down requested (1)
[  572.134628][ T5689] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  572.153732][ T5689] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  572.185917][ T5689] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  572.213766][ T5689] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  572.246870][ T5689] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  572.265935][ T5689] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop2 ino=12
[  572.271412][   T28] audit: type=1400 audit(1771844221.232:13480): avc:  denied  { add_name } for  pid=5688 comm="syz.2.11398" name=E91F7189591E9233614B scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  572.331255][T32735] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  572.429962][   T28] audit: type=1400 audit(1771844221.402:13481): avc:  denied  { ioctl } for  pid=5715 comm="syz.3.11411" path="/dev/ptp0" dev="devtmpfs" ino=247 ioctlcmd=0x3d04 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  573.689737][ T5800] loop4: detected capacity change from 0 to 8192
[  573.867007][ T5800] FAT-fs (loop4): error, clusters badly computed (2 != 1)
[  573.874263][ T5800] FAT-fs (loop4): Filesystem has been set read-only
[  574.242375][   T10] Process accounting resumed
[  574.255510][ T5825] batadv_slave_1: entered promiscuous mode
[  574.269211][ T5825] batadv_slave_0: entered promiscuous mode
[  574.281873][ T5824] batadv_slave_0: left promiscuous mode
[  574.294357][ T5824] batadv_slave_1: left promiscuous mode
[  574.510271][ T5837] netlink: 'syz.1.11449': attribute type 1 has an invalid length.
[  574.525107][ T5837] 8021q: adding VLAN 0 to HW filter on device bond10
[  574.539630][ T5837] bond10: option tlb_dynamic_lb: unable to set because the bond device is up
[  574.844801][ T5849] SELinux: failure in selinux_parse_skb(), unable to parse packet
[  575.801656][ T5913] SELinux: failure in selinux_parse_skb(), unable to parse packet
[  575.913400][ T5917] netlink: 4 bytes leftover after parsing attributes in process `syz.3.11482'.
[  575.944701][ T4364] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  575.944727][ T5917] netlink: 4 bytes leftover after parsing attributes in process `syz.3.11482'.
[  576.086443][ T4364] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  576.125780][ T4364] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  576.161361][ T4364] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  576.330773][ T5943] loop2: detected capacity change from 0 to 8192
[  577.380553][ T5974] loop2: detected capacity change from 0 to 8192
[  577.437680][ T5974] FAT-fs (loop2): error, clusters badly computed (2 != 1)
[  577.444878][ T5974] FAT-fs (loop2): Filesystem has been set read-only
[  577.575907][ T5989] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  577.583540][ T5989] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  577.591451][ T5989] vhci_hcd vhci_hcd.4: default hub control req: 0016 v0014 i0000 l0
[  577.865722][ T6025] loop3: detected capacity change from 0 to 1024
[  577.889749][ T6025] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a802c01c, mo2=0003]
[  577.936910][ T6025] System zones: 0-1, 3-8
[  577.943779][ T6025] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  577.956205][ T6025] ext4 filesystem being mounted at /102/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  578.004906][ T4140] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  578.018655][ T6035] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6035 comm=syz.7.11524
[  578.452341][ T6081] geneve4: entered promiscuous mode
[  579.476540][   T28] audit: type=1400 audit(1771844228.442:13482): avc:  denied  { setopt } for  pid=6141 comm="syz.7.11549" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  579.744189][ T6156] netlink: 24 bytes leftover after parsing attributes in process `syz.2.11554'.
[  579.910657][   T28] audit: type=1400 audit(1771844228.872:13483): avc:  denied  { ioctl } for  pid=6165 comm="syz.3.11557" path="socket:[129091]" dev="sockfs" ino=129091 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  580.065543][   T28] audit: type=1400 audit(1771844229.032:13484): avc:  denied  { shutdown } for  pid=6171 comm="syz.3.11560" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  580.324835][ T6191] netlink: 8 bytes leftover after parsing attributes in process `syz.4.11569'.
[  580.333993][ T6191] netlink: 4 bytes leftover after parsing attributes in process `syz.4.11569'.
[  580.347704][ T6193] netlink: 12 bytes leftover after parsing attributes in process `syz.7.11566'.
[  580.395327][ T4385] Bluetooth: hci0: Frame reassembly failed (-84)
[  580.455761][   T28] audit: type=1400 audit(1771844229.422:13485): avc:  denied  { getopt } for  pid=6198 comm="syz.7.11572" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  580.637609][ T6203] netlink: 4 bytes leftover after parsing attributes in process `syz.3.11574'.
[  580.958463][ T6216] bridge_slave_0: invalid flags given to default FDB implementation
[  581.139547][   T28] audit: type=1326 audit(1771844230.112:13486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6224 comm="syz.3.11583" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f1cec99c629 code=0x0
[  581.467852][ T6240] netlink: 1028 bytes leftover after parsing attributes in process `syz.7.11587'.
[  581.940794][   T28] audit: type=1326 audit(1771844230.912:13487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6261 comm="syz.7.11598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a119ec629 code=0x7ffc0000
[  581.974580][   T28] audit: type=1326 audit(1771844230.912:13488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6261 comm="syz.7.11598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a119ec629 code=0x7ffc0000
[  581.998920][   T28] audit: type=1326 audit(1771844230.912:13489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6261 comm="syz.7.11598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f1a119ec629 code=0x7ffc0000
[  582.023923][   T28] audit: type=1326 audit(1771844230.912:13490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6261 comm="syz.7.11598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a119ec629 code=0x7ffc0000
[  582.057455][   T28] audit: type=1326 audit(1771844230.912:13491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6261 comm="syz.7.11598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a119ec629 code=0x7ffc0000
[  582.446708][T14478] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  582.799024][ T6314] netlink: 4 bytes leftover after parsing attributes in process `syz.2.11617'.
[  582.808772][ T6314] netlink: 12 bytes leftover after parsing attributes in process `syz.2.11617'.
[  582.849752][ T6316] loop2: detected capacity change from 0 to 512
[  582.856754][ T6316] EXT4-fs: Ignoring removed nobh option
[  582.875659][ T6316] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  582.892058][ T6316] EXT4-fs (loop2): 1 truncate cleaned up
[  582.899017][ T6316] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  583.026725][T32735] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  583.172720][ T6331] loop4: detected capacity change from 0 to 512
[  583.190687][ T6331] EXT4-fs (loop4): 1 orphan inode deleted
[  583.197013][ T6331] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  583.238035][ T6298] syz.7.11610 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=0
[  583.252315][ T6298] CPU: 1 UID: 0 PID: 6298 Comm: syz.7.11610 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  583.252418][ T6298] Tainted: [W]=WARN
[  583.252427][ T6298] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  583.252443][ T6298] Call Trace:
[  583.252451][ T6298]  <TASK>
[  583.252461][ T6298]  __dump_stack+0x1d/0x30
[  583.252499][ T6298]  dump_stack_lvl+0x95/0xd0
[  583.252597][ T6298]  dump_stack+0x15/0x1b
[  583.252697][ T6298]  dump_header+0x80/0x240
[  583.252723][ T6298]  oom_kill_process+0x295/0x350
[  583.252796][ T6298]  out_of_memory+0x97d/0xb80
[  583.252874][ T6298]  try_charge_memcg+0x62e/0xa10
[  583.252908][ T6298]  obj_cgroup_charge_pages+0x23/0xc0
[  583.253012][ T6298]  __memcg_kmem_charge_page+0x9e/0x170
[  583.253043][ T6298]  __alloc_frozen_pages_noprof+0x18a/0x360
[  583.253075][ T6298]  alloc_pages_mpol+0xb3/0x260
[  583.253109][ T6298]  alloc_pages_noprof+0x8f/0x130
[  583.253174][ T6298]  __vmalloc_node_range_noprof+0xa46/0x12b0
[  583.253267][ T6298]  __kvmalloc_node_noprof+0x3d4/0x650
[  583.253359][ T6298]  ? ip_set_alloc+0x24/0x30
[  583.253383][ T6298]  ? ip_set_alloc+0x24/0x30
[  583.253407][ T6298]  ? __kmalloc_cache_noprof+0x18a/0x410
[  583.253433][ T6298]  ip_set_alloc+0x24/0x30
[  583.253460][ T6298]  hash_netiface_create+0x282/0x740
[  583.253484][ T6298]  ? __pfx_hash_netiface_create+0x10/0x10
[  583.253535][ T6298]  ip_set_create+0x3cf/0x970
[  583.253576][ T6298]  ? __nla_parse+0x40/0x60
[  583.253638][ T6298]  nfnetlink_rcv_msg+0x509/0x5d0
[  583.253750][ T6298]  netlink_rcv_skb+0x123/0x220
[  583.253781][ T6298]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  583.253812][ T6298]  nfnetlink_rcv+0x167/0x1720
[  583.253872][ T6298]  ? __list_del_entry_valid_or_report+0x65/0x130
[  583.253902][ T6298]  ? __rmqueue_pcplist+0x9b0/0xb70
[  583.253935][ T6298]  ? _raw_spin_lock_bh+0x56/0xb0
[  583.253997][ T6298]  ? _raw_spin_unlock_bh+0x18/0x20
[  583.254024][ T6298]  ? selinux_nlmsg_lookup+0x99/0x890
[  583.254195][ T6298]  ? __rcu_read_unlock+0x33/0x70
[  583.254220][ T6298]  ? __netlink_lookup+0x276/0x2b0
[  583.254254][ T6298]  netlink_unicast+0x5c0/0x690
[  583.254304][ T6298]  netlink_sendmsg+0x5c8/0x6f0
[  583.254337][ T6298]  ? __pfx_netlink_sendmsg+0x10/0x10
[  583.254428][ T6298]  ____sys_sendmsg+0x5af/0x600
[  583.254459][ T6298]  ___sys_sendmsg+0x195/0x1e0
[  583.254501][ T6298]  __x64_sys_sendmsg+0xd4/0x160
[  583.254600][ T6298]  x64_sys_call+0x194c/0x3020
[  583.254666][ T6298]  do_syscall_64+0x12c/0x370
[  583.254706][ T6298]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  583.254743][ T6298] RIP: 0033:0x7f1a119ec629
[  583.254759][ T6298] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  583.254781][ T6298] RSP: 002b:00007f1a1043f028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  583.254805][ T6298] RAX: ffffffffffffffda RBX: 00007f1a11c65fa0 RCX: 00007f1a119ec629
[  583.254820][ T6298] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000003
[  583.254901][ T6298] RBP: 00007f1a11a82b39 R08: 0000000000000000 R09: 0000000000000000
[  583.254915][ T6298] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  583.254928][ T6298] R13: 00007f1a11c66038 R14: 00007f1a11c65fa0 R15: 00007fff28a4b488
[  583.254946][ T6298]  </TASK>
[  583.277255][ T6298] memory: usage 307200kB, limit 307200kB, failcnt 2529
[  583.587745][ T6298] memory+swap: usage 309476kB, limit 9007199254740988kB, failcnt 0
[  583.591056][ T4986] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  583.595675][ T6298] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[  583.611921][ T6298] Memory cgroup stats for /syz7:
[  583.612263][ T6298] cache 16384
[  583.621355][ T6298] rss 0
[  583.624161][ T6298] shmem 16384
[  583.627883][ T6298] mapped_file 0
[  583.631358][ T6298] dirty 0
[  583.634284][ T6298] writeback 0
[  583.637788][ T6298] workingset_refault_anon 8513
[  583.652944][ T6298] workingset_refault_file 6714
[  583.667401][ T6298] swap 2330624
[  583.670904][ T6298] swapcached 19578880
[  583.699135][ T6298] pgpgin 926940
[  583.702666][ T6298] pgpgout 926935
[  583.707068][ T6298] pgfault 718003
[  583.710636][ T6298] pgmajfault 1288
[  583.715753][ T6298] inactive_anon 0
[  583.721725][ T6298] active_anon 0
[  583.726817][ T6298] inactive_file 0
[  583.740771][ T6298] active_file 4096
[  583.744558][ T6298] unevictable 16384
[  583.755855][ T6298] hierarchical_memory_limit 314572800
[  583.766164][ T6298] hierarchical_memsw_limit 9223372036854771712
[  583.779413][ T6298] total_cache 16384
[  583.783307][ T6298] total_rss 0
[  583.788623][ T6298] total_shmem 16384
[  583.792632][ T6298] total_mapped_file 0
[  583.797758][ T6298] total_dirty 0
[  583.801372][ T6298] total_writeback 0
[  583.805244][ T6298] total_workingset_refault_anon 8513
[  583.812399][ T6298] total_workingset_refault_file 6714
[  583.826231][ T6298] total_swap 2330624
[  583.830197][ T6298] total_swapcached 19578880
[  583.836877][ T6298] total_pgpgin 926940
[  583.840876][ T6298] total_pgpgout 926935
[  583.851812][ T6298] total_pgfault 718003
[  583.861983][ T6298] total_pgmajfault 1288
[  583.876221][ T6298] total_inactive_anon 0
[  583.884758][ T6298] total_active_anon 0
[  583.889892][ T6298] total_inactive_file 0
[  583.904236][ T6298] total_active_file 4096
[  583.908742][ T6298] total_unevictable 16384
[  583.913072][ T6298] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz7,task_memcg=/syz7,task=syz.7.11610,pid=6297,uid=0
[  583.946244][ T6298] Memory cgroup out of memory: Killed process 6297 (syz.7.11610) total-vm:96208kB, anon-rss:1224kB, file-rss:22364kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:0
[  584.110872][ T6357] loop4: detected capacity change from 0 to 1024
[  584.132359][ T6357] EXT4-fs: Ignoring removed mblk_io_submit option
[  584.189291][ T6357] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  584.238548][ T6357] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4222: comm syz.4.11632: Allocating blocks 497-513 which overlap fs metadata
[  584.299452][ T6357] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4222: comm syz.4.11632: Allocating blocks 497-513 which overlap fs metadata
[  584.318572][ T6356] EXT4-fs (loop4): pa ffff888107ee98c0: logic 0, phys. 113, len 25
[  584.326564][ T6356] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5465: group 0, free 0, pa_free 1
[  584.362127][ T4986] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  584.894285][ T6400] netlink: 24 bytes leftover after parsing attributes in process `syz.1.11649'.
[  585.138719][   T28] kauditd_printk_skb: 2 callbacks suppressed
[  585.138757][   T28] audit: type=1400 audit(1771844234.112:13494): avc:  denied  { module_load } for  pid=6409 comm="syz.1.11655" path=2F6D656D66643A20C736BE918D183229219A25A2D238D606070EFCFE128F2613AE254054A3B03E5CECA9F951403641108C6E7C202864656C6574656429 dev="hugetlbfs" ino=129457 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=system permissive=1
[  585.305954][ T6417] loop3: detected capacity change from 0 to 256
[  585.316480][ T6412] Invalid ELF header magic: != ELF
[  585.335000][ T6417] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  585.414430][   T28] audit: type=1400 audit(1771844234.382:13495): avc:  denied  { mounton } for  pid=6424 comm="syz.1.11659" path="/file0" dev="autofs" ino=129471 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=dir permissive=1
[  585.448092][   T28] audit: type=1400 audit(1771844234.382:13496): avc:  denied  { watch } for  pid=6426 comm="syz.7.11660" path="/bus" dev="sysfs" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=dir permissive=1
[  585.584736][ T6442] netlink: 204 bytes leftover after parsing attributes in process `syz.7.11666'.
[  585.724366][ T6455] loop4: detected capacity change from 0 to 128
[  585.741480][ T6455] bio_check_eod: 2949 callbacks suppressed
[  585.741495][ T6455] syz.4.11672: attempt to access beyond end of device
[  585.741495][ T6455] loop4: rw=2049, sector=154, nr_sectors = 8 limit=128
[  585.761947][ T6455] syz.4.11672: attempt to access beyond end of device
[  585.761947][ T6455] loop4: rw=8390657, sector=160, nr_sectors = 2 limit=128
[  585.783788][ T6455] Buffer I/O error on dev loop4, logical block 80, lost async page write
[  585.793555][ T6455] syz.4.11672: attempt to access beyond end of device
[  585.793555][ T6455] loop4: rw=2049, sector=162, nr_sectors = 8 limit=128
[  585.918404][ T6455] syz.4.11672: attempt to access beyond end of device
[  585.918404][ T6455] loop4: rw=8390657, sector=154, nr_sectors = 2 limit=128
[  585.943340][ T6455] Buffer I/O error on dev loop4, logical block 77, lost async page write
[  585.974936][ T6473] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  585.992119][ T6476] loop2: detected capacity change from 0 to 512
[  586.230858][ T6489] netlink: 48 bytes leftover after parsing attributes in process `syz.4.11686'.
[  586.458199][ T6500] netlink: 'syz.2.11690': attribute type 10 has an invalid length.
[  586.672799][   T28] audit: type=1400 audit(1771844235.642:13497): avc:  denied  { watch watch_reads } for  pid=6513 comm="syz.4.11695" path="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=dir permissive=1
[  586.978640][ T6516] loop4: detected capacity change from 0 to 128
[  587.060196][ T6516] syz.4.11697: attempt to access beyond end of device
[  587.060196][ T6516] loop4: rw=8390657, sector=129, nr_sectors = 1 limit=128
[  587.116183][ T6516] Buffer I/O error on dev loop4, logical block 129, lost async page write
[  587.124795][ T6516] syz.4.11697: attempt to access beyond end of device
[  587.124795][ T6516] loop4: rw=8390657, sector=130, nr_sectors = 1 limit=128
[  587.147141][ T6516] Buffer I/O error on dev loop4, logical block 130, lost async page write
[  587.165887][ T6516] syz.4.11697: attempt to access beyond end of device
[  587.165887][ T6516] loop4: rw=8390657, sector=131, nr_sectors = 1 limit=128
[  587.211081][ T6516] Buffer I/O error on dev loop4, logical block 131, lost async page write
[  587.224373][ T6516] syz.4.11697: attempt to access beyond end of device
[  587.224373][ T6516] loop4: rw=8390657, sector=132, nr_sectors = 1 limit=128
[  587.240088][ T6516] Buffer I/O error on dev loop4, logical block 132, lost async page write
[  587.249513][ T6516] syz.4.11697: attempt to access beyond end of device
[  587.249513][ T6516] loop4: rw=8390657, sector=133, nr_sectors = 1 limit=128
[  587.264323][ T6516] Buffer I/O error on dev loop4, logical block 133, lost async page write
[  587.275904][ T6516] syz.4.11697: attempt to access beyond end of device
[  587.275904][ T6516] loop4: rw=8390657, sector=129, nr_sectors = 1 limit=128
[  587.291838][ T6516] Buffer I/O error on dev loop4, logical block 129, lost async page write
[  587.301685][ T6516] Buffer I/O error on dev loop4, logical block 130, lost async page write
[  587.310981][ T6516] Buffer I/O error on dev loop4, logical block 131, lost async page write
[  587.446873][ T6527] loop2: detected capacity change from 0 to 256
[  587.455060][ T6527] FAT-fs (loop2): Directory bread(block 1285) failed
[  587.463398][ T6527] FAT-fs (loop2): Directory bread(block 1286) failed
[  587.529675][ T6527] FAT-fs (loop2): Directory bread(block 1287) failed
[  587.537218][ T6527] FAT-fs (loop2): Directory bread(block 1288) failed
[  587.564200][ T6527] FAT-fs (loop2): Directory bread(block 1285) failed
[  587.572045][ T6527] FAT-fs (loop2): Directory bread(block 1286) failed
[  587.579004][ T6527] FAT-fs (loop2): Directory bread(block 1287) failed
[  587.585905][ T6527] FAT-fs (loop2): Directory bread(block 1288) failed
[  587.593468][ T6527] FAT-fs (loop2): FAT read failed (blocknr 1281)
[  587.701985][ T6522] syz.1.11699 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  587.806523][ T6522] CPU: 1 UID: 0 PID: 6522 Comm: syz.1.11699 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  587.806554][ T6522] Tainted: [W]=WARN
[  587.806561][ T6522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  587.806628][ T6522] Call Trace:
[  587.806636][ T6522]  <TASK>
[  587.806644][ T6522]  __dump_stack+0x1d/0x30
[  587.806668][ T6522]  dump_stack_lvl+0x95/0xd0
[  587.806688][ T6522]  dump_stack+0x15/0x1b
[  587.806762][ T6522]  dump_header+0x80/0x240
[  587.806786][ T6522]  oom_kill_process+0x295/0x350
[  587.806845][ T6522]  out_of_memory+0x97d/0xb80
[  587.806869][ T6522]  try_charge_memcg+0x62e/0xa10
[  587.806907][ T6522]  mem_cgroup_swapin_charge_folio+0x103/0x1f0
[  587.806952][ T6522]  __swap_cache_prepare_and_add+0x386/0x530
[  587.806986][ T6522]  swap_cache_alloc_folio+0xa2/0x120
[  587.807016][ T6522]  swap_cluster_readahead+0x26e/0x3d0
[  587.807103][ T6522]  swapin_readahead+0xde/0x840
[  587.807128][ T6522]  ? _raw_spin_unlock+0x9/0x30
[  587.807182][ T6522]  ? swap_put_entries_cluster+0x385/0x3a0
[  587.807211][ T6522]  ? swap_put_entries_cluster+0xa1/0x3a0
[  587.807238][ T6522]  ? __rcu_read_unlock+0x4e/0x70
[  587.807261][ T6522]  ? swap_cache_get_folio+0x26f/0x280
[  587.807366][ T6522]  do_swap_page+0x309/0x2210
[  587.807397][ T6522]  ? css_rstat_updated+0xbb/0x280
[  587.807417][ T6522]  ? __rcu_read_lock+0x36/0x50
[  587.807438][ T6522]  ? pte_offset_map_rw_nolock+0x19e/0x200
[  587.807492][ T6522]  handle_mm_fault+0xb40/0x3020
[  587.807525][ T6522]  ? vma_start_read+0x1c7/0x2c0
[  587.807554][ T6522]  do_user_addr_fault+0x62f/0x1050
[  587.807729][ T6522]  ? arch_exit_to_user_mode_prepare+0x26/0x80
[  587.807752][ T6522]  ? trace_page_fault_user+0x1f/0xe0
[  587.807820][ T6522]  exc_page_fault+0x62/0xa0
[  587.807846][ T6522]  asm_exc_page_fault+0x26/0x30
[  587.807864][ T6522] RIP: 0033:0x7fd8fa53a04c
[  587.807878][ T6522] Code: 4a 31 13 00 eb 24 66 66 2e 0f 1f 84 00 00 00 00 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 81 c3 f0 00 00 00 48 39 dd 74 24 <80> 7b 20 00 74 ee 8b 43 0c 85 c0 74 e7 48 89 df 48 81 c3 f0 00 00
[  587.807944][ T6522] RSP: 002b:00007ffd93279450 EFLAGS: 00010206
[  587.807964][ T6522] RAX: 0000000000000000 RBX: 00007fd8fa8e5fa0 RCX: 000055556f880808
[  587.807979][ T6522] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  587.807993][ T6522] RBP: 00007fd8fa8e7da0 R08: 0000000000000000 R09: 0000000000000000
[  587.808040][ T6522] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000008f909
[  587.808054][ T6522] R13: 00007fd8fa8e618c R14: 000000000008f662 R15: 00007fd8fa8e6180
[  587.808078][ T6522]  </TASK>
[  587.808149][ T6522] memory: usage 241316kB, limit 307200kB, failcnt 438
[  588.067053][ T6544] loop2: detected capacity change from 0 to 512
[  588.164536][ T6522] memory+swap: usage 102820kB, limit 9007199254740988kB, failcnt 0
[  588.183115][ T6550] loop3: detected capacity change from 0 to 128
[  588.219156][ T6544] EXT4-fs (loop2): 1 orphan inode deleted
[  588.239616][ T6544] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  588.242537][ T6522] kmem: usage 111252kB, limit 9007199254740988kB, failcnt 0
[  588.315673][ T6522] Memory cgroup stats for /syz1:
[  588.315937][ T6522] cache 94208
[  588.344861][ T6522] rss 4096
[  588.351280][ T6522] shmem 0
[  588.357529][ T6522] mapped_file 94208
[  588.365061][ T6522] dirty 0
[  588.372863][ T6522] writeback 0
[  588.382090][ T6522] workingset_refault_anon 3283
[  588.395665][ T6522] workingset_refault_file 3577
[  588.415431][ T6522] swap 2392064
[  588.432269][ T6522] swapcached 26615808
[  588.464113][ T6522] pgpgin 481539
[  588.503011][ T6522] pgpgout 481512
[  588.534196][ T6522] pgfault 451927
[  588.535407][T32735] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  588.549629][   T28] audit: type=1326 audit(1771844237.502:13498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6557 comm="syz.4.11712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3953a9c629 code=0x7ffc0000
[  588.550327][ T6522] pgmajfault 535
[  588.616986][ T6522] inactive_anon 8192
[  588.621008][ T6522] active_anon 0
[  588.624467][ T6522] inactive_file 102400
[  588.685887][ T6522] active_file 0
[  588.700146][   T28] audit: type=1326 audit(1771844237.502:13499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6557 comm="syz.4.11712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3953a9c629 code=0x7ffc0000
[  588.709923][ T6522] unevictable 0
[  588.747052][ T6564] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  588.766160][   T28] audit: type=1326 audit(1771844237.502:13500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6557 comm="syz.4.11712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3953a9c629 code=0x7ffc0000
[  588.779014][ T6564] batman_adv: batadv0: Removing interface: batadv_slave_0
[  588.797260][   T28] audit: type=1326 audit(1771844237.502:13501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6557 comm="syz.4.11712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3953a9c629 code=0x7ffc0000
[  588.878774][ T6564] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  588.886393][ T6564] batman_adv: batadv0: Removing interface: batadv_slave_1
[  588.903653][   T28] audit: type=1326 audit(1771844237.512:13502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6557 comm="syz.4.11712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f3953a9c629 code=0x7ffc0000
[  588.928111][ T6522] hierarchical_memory_limit 314572800
[  588.933563][ T6522] hierarchical_memsw_limit 9223372036854771712
[  588.960106][   T28] audit: type=1326 audit(1771844237.512:13503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6557 comm="syz.4.11712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3953a9c629 code=0x7ffc0000
[  588.986964][ T6522] total_cache 94208
[  588.990789][ T6522] total_rss 4096
[  589.014567][ T6522] total_shmem 0
[  589.019037][ T6522] total_mapped_file 94208
[  589.034768][ T6522] total_dirty 0
[  589.045272][ T6522] total_writeback 0
[  589.064309][ T6522] total_workingset_refault_anon 3283
[  589.076021][ T6522] total_workingset_refault_file 3577
[  589.084183][ T6522] total_swap 2392064
[  589.119178][ T6522] total_swapcached 26615808
[  589.128028][ T6522] total_pgpgin 481539
[  589.137089][ T6522] total_pgpgout 481512
[  589.145932][ T6522] total_pgfault 451927
[  589.150350][ T6522] total_pgmajfault 535
[  589.154728][ T6522] total_inactive_anon 8192
[  589.161345][ T6522] total_active_anon 0
[  589.165419][ T6522] total_inactive_file 102400
[  589.173085][ T6522] total_active_file 0
[  589.177331][ T6522] total_unevictable 0
[  589.181376][ T6522] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.11699,pid=6522,uid=0
[  589.196495][ T6522] Memory cgroup out of memory: Killed process 6522 (syz.1.11699) total-vm:96340kB, anon-rss:1224kB, file-rss:22340kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:0
[  589.260521][ T6572] bond1: (slave lo): Releasing backup interface
[  589.268212][ T6572] bond1: (slave lo): last VLAN challenged slave left bond - VLAN blocking is removed
[  589.280790][ T6572] team0: Port device dummy0 removed
[  589.290102][ T6572] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  589.571977][ T6578] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  589.638907][ T6588] netlink: 'syz.1.11721': attribute type 29 has an invalid length.
[  589.661445][ T6588] netlink: 'syz.1.11721': attribute type 29 has an invalid length.
[  589.683485][ T6588] netlink: 'syz.1.11721': attribute type 29 has an invalid length.
[  590.892955][ T6619] loop2: detected capacity change from 0 to 128
[  590.953949][ T6619] bio_check_eod: 33 callbacks suppressed
[  590.953964][ T6619] syz.2.11734: attempt to access beyond end of device
[  590.953964][ T6619] loop2: rw=2049, sector=154, nr_sectors = 8 limit=128
[  590.996713][ T6619] syz.2.11734: attempt to access beyond end of device
[  590.996713][ T6619] loop2: rw=8390657, sector=160, nr_sectors = 2 limit=128
[  591.021324][ T6619] buffer_io_error: 17 callbacks suppressed
[  591.021341][ T6619] Buffer I/O error on dev loop2, logical block 80, lost async page write
[  591.057190][ T6619] syz.2.11734: attempt to access beyond end of device
[  591.057190][ T6619] loop2: rw=8390657, sector=154, nr_sectors = 2 limit=128
[  591.081920][ T6619] Buffer I/O error on dev loop2, logical block 77, lost async page write
[  591.089171][ T6627] netlink: 12 bytes leftover after parsing attributes in process `syz.4.11737'.
[  591.124494][ T6619] syz.2.11734: attempt to access beyond end of device
[  591.124494][ T6619] loop2: rw=8390657, sector=156, nr_sectors = 2 limit=128
[  591.145681][ T6627] 8021q: adding VLAN 0 to HW filter on device bond2
[  591.147841][ T6619] Buffer I/O error on dev loop2, logical block 78, lost async page write
[  591.153625][ T6627] bond1: (slave bond2): Enslaving as an active interface with an up link
[  591.173762][ T6627] netlink: 28 bytes leftover after parsing attributes in process `syz.4.11737'.
[  591.192599][ T6627] 8021q: adding VLAN 0 to HW filter on device bond1
[  591.196246][ T6619] syz.2.11734: attempt to access beyond end of device
[  591.196246][ T6619] loop2: rw=8390657, sector=158, nr_sectors = 2 limit=128
[  591.226002][ T6642] netlink: 16 bytes leftover after parsing attributes in process `syz.4.11744'.
[  591.236871][ T6619] Buffer I/O error on dev loop2, logical block 79, lost async page write
[  591.256477][ T6619] syz.2.11734: attempt to access beyond end of device
[  591.256477][ T6619] loop2: rw=8390657, sector=160, nr_sectors = 2 limit=128
[  591.273209][ T6619] Buffer I/O error on dev loop2, logical block 80, lost async page write
[  591.288135][ T6624] syz.2.11734: attempt to access beyond end of device
[  591.288135][ T6624] loop2: rw=2049, sector=154, nr_sectors = 2 limit=128
[  591.332842][ T6640] netlink: 4 bytes leftover after parsing attributes in process `syz.1.11742'.
[  591.372239][ T6655] netlink: 12 bytes leftover after parsing attributes in process `syz.4.11749'.
[  591.788699][ T6691] netlink: 8 bytes leftover after parsing attributes in process `syz.2.11765'.
[  592.155524][ T6704] program syz.2.11771 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  592.530830][ T6721] loop2: detected capacity change from 0 to 128
[  592.608771][ T6721] syz.2.11779: attempt to access beyond end of device
[  592.608771][ T6721] loop2: rw=2049, sector=154, nr_sectors = 8 limit=128
[  592.652396][ T6721] syz.2.11779: attempt to access beyond end of device
[  592.652396][ T6721] loop2: rw=8390657, sector=154, nr_sectors = 2 limit=128
[  592.676909][ T6721] Buffer I/O error on dev loop2, logical block 77, lost async page write
[  594.120912][ T6749] netlink: 8 bytes leftover after parsing attributes in process `syz.2.11790'.
[  594.154497][ T6751] netlink: 4 bytes leftover after parsing attributes in process `syz.7.11791'.
[  594.194983][ T6751] netlink: 12 bytes leftover after parsing attributes in process `syz.7.11791'.
[  594.534184][   T28] kauditd_printk_skb: 34 callbacks suppressed
[  594.534199][   T28] audit: type=1326 audit(1771844243.502:13538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6758 comm="syz.1.11794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8fa66c629 code=0x7fc00000
[  594.775690][   T28] audit: type=1400 audit(1771844243.742:13539): avc:  denied  { rmdir } for  pid=6773 comm="syz.3.11798" name="syz1" dev="cgroup" ino=395 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0"
[  595.424485][ T6798] A link change request failed with some changes committed already. Interface bond_slave_1 may have been left with an inconsistent configuration, please check.
[  595.606976][   T28] audit: type=1326 audit(1771844244.492:13540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6758 comm="syz.1.11794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd8fa666417 code=0x7fc00000
[  595.719235][   T28] audit: type=1326 audit(1771844244.502:13541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6758 comm="syz.1.11794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd8fa60da19 code=0x7fc00000
[  595.811450][   T28] audit: type=1326 audit(1771844244.502:13542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6758 comm="syz.1.11794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fd8fa60dadd code=0x7fc00000
[  595.881273][   T28] audit: type=1326 audit(1771844244.502:13543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6758 comm="syz.1.11794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fd8fa66c629 code=0x7fc00000
[  596.139256][ T6814] netlink: 'syz.2.11816': attribute type 10 has an invalid length.
[  596.156426][ T6814] geneve1: entered promiscuous mode
[  596.182919][ T6814] bond0: (slave geneve1): Enslaving as an active interface with an up link
[  596.626080][ T6847] bridge_slave_1: entered promiscuous mode
[  596.636728][ T6847] bridge_slave_1: entered allmulticast mode
[  596.674841][  T238] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  596.699563][  T238] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  596.727461][  T238] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 38630 - 0
[  596.811434][  T238] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  596.839649][  T238] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  596.862157][  T238] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 38630 - 0
[  596.940235][  T238] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  596.961862][  T238] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  596.987378][  T238] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 38630 - 0
[  597.071990][  T238] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  597.083121][  T238] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  597.136208][  T238] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 38630 - 0
[  597.258639][  T238] bridge_slave_1: left allmulticast mode
[  597.264939][  T238] bridge_slave_1: left promiscuous mode
[  597.277048][  T238] bridge0: port 2(bridge_slave_1) entered disabled state
[  597.291601][  T238] bridge_slave_0: left allmulticast mode
[  597.300005][  T238] bridge_slave_0: left promiscuous mode
[  597.305876][  T238] bridge0: port 1(bridge_slave_0) entered disabled state
[  597.338020][ T6842] syz.4.11823 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  597.362952][ T6842] CPU: 1 UID: 0 PID: 6842 Comm: syz.4.11823 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  597.362991][ T6842] Tainted: [W]=WARN
[  597.363000][ T6842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  597.363015][ T6842] Call Trace:
[  597.363022][ T6842]  <TASK>
[  597.363030][ T6842]  __dump_stack+0x1d/0x30
[  597.363113][ T6842]  dump_stack_lvl+0x95/0xd0
[  597.363142][ T6842]  dump_stack+0x15/0x1b
[  597.363166][ T6842]  dump_header+0x80/0x240
[  597.363241][ T6842]  oom_kill_process+0x295/0x350
[  597.363261][ T6842]  out_of_memory+0x97d/0xb80
[  597.363282][ T6842]  try_charge_memcg+0x62e/0xa10
[  597.363326][ T6842]  obj_cgroup_charge_pages+0x23/0xc0
[  597.363389][ T6842]  __memcg_kmem_charge_page+0x9e/0x170
[  597.363428][ T6842]  __alloc_frozen_pages_noprof+0x18a/0x360
[  597.363458][ T6842]  alloc_pages_mpol+0xb3/0x260
[  597.363552][ T6842]  alloc_pages_noprof+0x8f/0x130
[  597.363579][ T6842]  __vmalloc_node_range_noprof+0xa46/0x12b0
[  597.363692][ T6842]  __kvmalloc_node_noprof+0x3d4/0x650
[  597.363716][ T6842]  ? ip_set_alloc+0x24/0x30
[  597.363739][ T6842]  ? ip_set_alloc+0x24/0x30
[  597.363839][ T6842]  ? hash_netiface_create+0x21b/0x740
[  597.363904][ T6842]  ? __kmalloc_cache_noprof+0x18a/0x410
[  597.363927][ T6842]  ip_set_alloc+0x24/0x30
[  597.363953][ T6842]  hash_netiface_create+0x282/0x740
[  597.364003][ T6842]  ? __pfx_hash_netiface_create+0x10/0x10
[  597.364031][ T6842]  ip_set_create+0x3cf/0x970
[  597.364070][ T6842]  ? __nla_parse+0x40/0x60
[  597.364163][ T6842]  nfnetlink_rcv_msg+0x509/0x5d0
[  597.364204][ T6842]  netlink_rcv_skb+0x123/0x220
[  597.364228][ T6842]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  597.364255][ T6842]  nfnetlink_rcv+0x167/0x1720
[  597.364363][ T6842]  ? __kfree_skb+0x109/0x150
[  597.364386][ T6842]  ? nlmon_xmit+0x4f/0x60
[  597.364424][ T6842]  ? consume_skb+0x4b/0x160
[  597.364450][ T6842]  ? nlmon_xmit+0x4f/0x60
[  597.364526][ T6842]  ? dev_hard_start_xmit+0x3b9/0x3f0
[  597.364557][ T6842]  ? __dev_queue_xmit+0x1393/0x1f40
[  597.364587][ T6842]  ? __dev_queue_xmit+0x148/0x1f40
[  597.364618][ T6842]  ? ref_tracker_free+0x37d/0x3e0
[  597.364692][ T6842]  ? __netlink_deliver_tap+0x4dc/0x500
[  597.364769][ T6842]  netlink_unicast+0x5c0/0x690
[  597.364857][ T6842]  netlink_sendmsg+0x5c8/0x6f0
[  597.364893][ T6842]  ? __pfx_netlink_sendmsg+0x10/0x10
[  597.364994][ T6842]  ____sys_sendmsg+0x5af/0x600
[  597.365055][ T6842]  ___sys_sendmsg+0x195/0x1e0
[  597.365092][ T6842]  __x64_sys_sendmsg+0xd4/0x160
[  597.365125][ T6842]  x64_sys_call+0x194c/0x3020
[  597.365155][ T6842]  do_syscall_64+0x12c/0x370
[  597.365241][ T6842]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  597.365266][ T6842] RIP: 0033:0x7f3953a9c629
[  597.365283][ T6842] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  597.365349][ T6842] RSP: 002b:00007f39524ef028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  597.365368][ T6842] RAX: ffffffffffffffda RBX: 00007f3953d15fa0 RCX: 00007f3953a9c629
[  597.365395][ T6842] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000003
[  597.365408][ T6842] RBP: 00007f3953b32b39 R08: 0000000000000000 R09: 0000000000000000
[  597.365425][ T6842] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  597.365438][ T6842] R13: 00007f3953d16038 R14: 00007f3953d15fa0 R15: 00007ffe87afc5a8
[  597.365468][ T6842]  </TASK>
[  597.365788][ T6842] memory: usage 307200kB, limit 307200kB, failcnt 337
[  597.567133][   T28] audit: type=1326 audit(1771844246.532:13544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6849 comm="syz.7.11827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a119ec629 code=0x7fc00000
[  597.573486][ T6842] memory+swap: usage 307400kB, limit 9007199254740988kB, failcnt 0
[  597.734741][ T6842] kmem: usage 307184kB, limit 9007199254740988kB, failcnt 0
[  597.742288][ T6842] Memory cgroup stats for /syz4:
[  597.742476][ T6842] cache 0
[  597.750710][ T6842] rss 0
[  597.753465][ T6842] shmem 0
[  597.756604][ T6842] mapped_file 0
[  597.760112][ T6842] dirty 0
[  597.763043][ T6842] writeback 0
[  597.766715][ T6842] workingset_refault_anon 1359
[  597.771486][ T6842] workingset_refault_file 628
[  597.776393][ T6842] swap 204800
[  597.779732][ T6842] swapcached 2527232
[  597.783631][ T6842] pgpgin 194913
[  597.787451][ T6842] pgpgout 194909
[  597.790999][ T6842] pgfault 177619
[  597.794542][ T6842] pgmajfault 224
[  597.798453][ T6842] inactive_anon 0
[  597.802085][ T6842] active_anon 0
[  597.807245][ T6842] inactive_file 0
[  597.811003][ T6842] active_file 16384
[  597.814855][ T6842] unevictable 0
[  597.836209][ T6842] hierarchical_memory_limit 314572800
[  597.852102][ T6842] hierarchical_memsw_limit 9223372036854771712
[  597.865173][ T6842] total_cache 0
[  597.872028][ T6842] total_rss 0
[  597.875317][ T6842] total_shmem 0
[  597.889266][ T6842] total_mapped_file 0
[  597.893339][ T6842] total_dirty 0
[  597.897160][ T6842] total_writeback 0
[  597.901811][ T6842] total_workingset_refault_anon 1359
[  597.914867][ T6842] total_workingset_refault_file 628
[  597.920410][ T6842] total_swap 204800
[  597.931616][ T6842] total_swapcached 2527232
[  597.936307][ T6842] total_pgpgin 194913
[  597.940306][ T6842] total_pgpgout 194909
[  597.944442][ T6842] total_pgfault 177619
[  597.948815][ T6842] total_pgmajfault 224
[  597.956337][ T6842] total_inactive_anon 0
[  597.960576][ T6842] total_active_anon 0
[  597.964557][ T6842] total_inactive_file 0
[  597.969215][ T6842] total_active_file 16384
[  597.973587][ T6842] total_unevictable 0
[  597.977935][ T6842] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.11823,pid=6841,uid=0
[  597.992861][ T6842] Memory cgroup out of memory: Killed process 6841 (syz.4.11823) total-vm:96340kB, anon-rss:1220kB, file-rss:22340kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  598.125497][  T238] bond1 (unregistering): (slave vti0): Releasing backup interface
[  598.149362][  T238] vti0 (unregistering): left promiscuous mode
[  598.168488][  T238] bond0 (unregistering): (slave geneve1): Releasing backup interface
[  598.378445][  T238] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  598.395810][  T238] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  598.414967][  T238] bond0 (unregistering): Released all slaves
[  598.423757][  T238] bond1 (unregistering): Released all slaves
[  598.439477][ T6856] chnl_net:caif_netlink_parms(): no params data found
[  598.565045][ T6856] bridge0: port 1(bridge_slave_0) entered blocking state
[  598.596187][ T6856] bridge0: port 1(bridge_slave_0) entered disabled state
[  598.642951][ T6856] bridge_slave_0: entered allmulticast mode
[  598.660054][ T6856] bridge_slave_0: entered promiscuous mode
[  598.667308][ T6856] bridge0: port 2(bridge_slave_1) entered blocking state
[  598.674543][ T6856] bridge0: port 2(bridge_slave_1) entered disabled state
[  598.682219][ T6856] bridge_slave_1: entered allmulticast mode
[  598.689350][ T6856] bridge_slave_1: entered promiscuous mode
[  598.709490][ T6856] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  598.724954][ T6856] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  598.775487][ T6856] team0: Port device team_slave_0 added
[  598.789011][ T6856] team0: Port device team_slave_1 added
[  598.894292][   T28] audit: type=1400 audit(1771844247.862:13545): avc:  denied  { mounton } for  pid=6948 comm="syz.1.11847" path="/file0" dev="ramfs" ino=134470 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=dir permissive=1
[  599.031258][  T238] hsr_slave_0: left promiscuous mode
[  599.039150][  T238] hsr_slave_1: left promiscuous mode
[  599.055496][  T238] veth1_macvtap: left promiscuous mode
[  599.088473][  T238] veth0_macvtap: left promiscuous mode
[  599.094081][  T238] veth1_vlan: left promiscuous mode
[  599.099637][  T238] veth0_vlan: left promiscuous mode
[  599.258101][  T238] team0 (unregistering): Port device team_slave_1 removed
[  599.274089][  T238] team0 (unregistering): Port device team_slave_0 removed
[  599.298523][ T6980] netlink: 4 bytes leftover after parsing attributes in process `syz.7.11860'.
[  599.341952][ T6856] batman_adv: batadv0: Adding interface: batadv_slave_0
[  599.351719][ T6856] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  599.378839][ T6856] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  599.413942][ T6856] batman_adv: batadv0: Adding interface: batadv_slave_1
[  599.430724][ T6856] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  599.462388][ T6856] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  599.541746][ T6856] hsr_slave_0: entered promiscuous mode
[  599.559233][ T6856] hsr_slave_1: entered promiscuous mode
[  599.570999][ T6856] debugfs: 'hsr0' already exists in 'hsr'
[  599.581152][ T6856] Cannot create hsr debugfs directory
[  599.667716][  T238] IPVS: stop unused estimator thread 0...
[  599.961500][ T6856] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  600.024942][ T6856] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  600.120256][ T6856] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  600.165001][ T6856] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  600.268398][ T6856] 8021q: adding VLAN 0 to HW filter on device bond0
[  600.296557][ T6856] 8021q: adding VLAN 0 to HW filter on device team0
[  600.332327][   T40] bridge0: port 1(bridge_slave_0) entered blocking state
[  600.339471][   T40] bridge0: port 1(bridge_slave_0) entered forwarding state
[  600.371762][   T40] bridge0: port 2(bridge_slave_1) entered blocking state
[  600.378866][   T40] bridge0: port 2(bridge_slave_1) entered forwarding state
[  600.542390][ T6856] 8021q: adding VLAN 0 to HW filter on device batadv0
[  600.669616][ T7073] netlink: 12 bytes leftover after parsing attributes in process `syz.3.11874'.
[  600.688218][ T6856] veth0_vlan: entered promiscuous mode
[  600.704621][ T6856] veth1_vlan: entered promiscuous mode
[  600.739961][ T6974] kexec: Could not allocate control_code_buffer
[  600.752122][ T6856] veth0_macvtap: entered promiscuous mode
[  600.787252][ T6856] veth1_macvtap: entered promiscuous mode
[  600.803817][ T6856] batman_adv: batadv0: Interface activated: batadv_slave_0
[  600.814646][ T6856] batman_adv: batadv0: Interface activated: batadv_slave_1
[  600.838505][  T238] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  600.851840][  T238] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  600.871872][  T238] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  600.889976][  T238] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  601.381167][   T28] audit: type=1326 audit(1771844250.352:13546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7063 comm="syz.1.11873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8fa66c629 code=0x7fc00000
[  602.502040][   T28] audit: type=1400 audit(1771844251.472:13547): avc:  denied  { bind } for  pid=7137 comm="syz.1.11898" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  602.908820][ T7154] netlink: 'syz.1.11905': attribute type 1 has an invalid length.
[  602.939067][ T7154] bond11: (slave ip6gre3): The slave device specified does not support setting the MAC address
[  602.976490][ T7154] bond11: (slave ip6gre3): Setting fail_over_mac to active for active-backup mode
[  603.018023][ T7154] bond11: (slave ip6gre3): making interface the new active one
[  603.057293][ T7154] bond11: (slave ip6gre3): Enslaving as an active interface with an up link
[  603.083591][ T7159] bond11: option fail_over_mac: unable to set because the bond device has slaves
[  603.172172][ T7165] loop2: detected capacity change from 0 to 1024
[  603.209027][ T7165] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  603.222036][ T7165] ext4 filesystem being mounted at /4/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  603.349623][ T6856] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  603.503617][ T7194] netlink: 'syz.2.11918': attribute type 1 has an invalid length.
[  603.512416][ T7194] netlink: 28 bytes leftover after parsing attributes in process `syz.2.11918'.
[  603.523913][ T7194] vcan0: entered promiscuous mode
[  603.530440][ T7194] vcan0: entered allmulticast mode
[  603.794960][ T7205] loop3: detected capacity change from 0 to 8192
[  604.044490][ T7214] loop3: detected capacity change from 0 to 1024
[  604.067429][ T7214] EXT4-fs: Ignoring removed oldalloc option
[  604.080465][ T7214] EXT4-fs: Ignoring removed bh option
[  604.131825][ T7214] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  604.398131][   T28] audit: type=1400 audit(1771844253.362:13548): avc:  denied  { setopt } for  pid=7222 comm="syz.2.11930" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  604.949073][ T7214] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4222: comm syz.3.11927: Allocating blocks 1-17 which overlap fs metadata
[  604.965204][ T7219] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4222: comm syz.3.11927: Allocating blocks 1-17 which overlap fs metadata
[  605.186732][ T4140] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  605.521851][ T7257] loop3: detected capacity change from 0 to 128
[  606.419012][   T28] audit: type=1400 audit(1771844255.392:13549): avc:  denied  { write } for  pid=7278 comm="syz.1.11953" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  606.688525][ T7290] netlink: 4 bytes leftover after parsing attributes in process `syz.7.11957'.
[  606.698950][ T7294] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11958'.
[  606.740562][ T7294] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  606.766391][ T7294] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  606.810505][ T7303] netlink: 2036 bytes leftover after parsing attributes in process `syz.2.11961'.
[  606.824244][ T7303] netlink: 24 bytes leftover after parsing attributes in process `syz.2.11961'.
[  606.837077][ T7294] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  606.856989][ T7294] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  606.898747][ T7294] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  606.909748][ T7294] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  606.987765][ T7294] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  607.008281][ T7294] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 20004 - 0
[  607.104729][T19026] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  607.114302][T19026] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 20004 - 0
[  607.159665][T19026] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  607.198198][T19026] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 20004 - 0
[  607.227214][T19026] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  607.274252][T19026] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 20004 - 0
[  607.310448][T19026] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  607.350332][T19026] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 20004 - 0
[  608.109902][ T7336] netlink: 4 bytes leftover after parsing attributes in process `syz.2.11974'.
[  608.124633][ T7336] netlink: 12 bytes leftover after parsing attributes in process `syz.2.11974'.
[  608.147877][ T7336] netlink: 3 bytes leftover after parsing attributes in process `syz.2.11974'.
[  608.291969][ T7341] netlink: 8 bytes leftover after parsing attributes in process `syz.2.11976'.
[  608.357515][ T7343] netlink: 12 bytes leftover after parsing attributes in process `syz.3.11977'.
[  608.710209][ T7353] netlink: 4 bytes leftover after parsing attributes in process `syz.7.11982'.
[  608.970041][T20069] Process accounting resumed
[  611.510064][ T7405] loop2: detected capacity change from 0 to 1024
[  611.535062][ T7405] EXT4-fs: Ignoring removed orlov option
[  611.579561][ T7405] EXT4-fs: Ignoring removed nobh option
[  611.639592][ T7405] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  611.858302][ T6856] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  611.940496][ T7420] pim6reg: entered allmulticast mode
[  611.955622][ T7420] pim6reg: left allmulticast mode
[  612.227272][ T7424] loop2: detected capacity change from 0 to 128
[  612.274012][   T28] audit: type=1400 audit(1771844261.242:13550): avc:  denied  { bind } for  pid=7425 comm="syz.1.12000" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  612.327168][ T7432] __nla_validate_parse: 3 callbacks suppressed
[  612.327183][ T7432] netlink: 12 bytes leftover after parsing attributes in process `syz.3.12010'.
[  612.385403][ T7430] netlink: 8 bytes leftover after parsing attributes in process `syz.7.12009'.
[  612.480022][ T7436] netlink: 12 bytes leftover after parsing attributes in process `syz.3.12011'.
[  612.566970][ T7430] netdevsim netdevsim7 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  612.586297][ T7430] netdevsim netdevsim7 eth3 (unregistering): unset [1, 0] type 2 family 0 port 53875 - 0
[  612.665794][ T7439] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12012'.
[  612.680932][ T7430] netdevsim netdevsim7 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  612.691802][ T7439] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12012'.
[  612.701656][ T7430] netdevsim netdevsim7 eth2 (unregistering): unset [1, 0] type 2 family 0 port 53875 - 0
[  612.855745][ T7430] netdevsim netdevsim7 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  612.875844][ T7430] netdevsim netdevsim7 eth1 (unregistering): unset [1, 0] type 2 family 0 port 53875 - 0
[  612.968074][ T7430] netdevsim netdevsim7 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  612.978902][ T7430] netdevsim netdevsim7 eth0 (unregistering): unset [1, 0] type 2 family 0 port 53875 - 0
[  613.055301][   T40] netdevsim netdevsim7 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  613.064930][   T40] netdevsim netdevsim7 eth0: set [1, 0] type 2 family 0 port 53875 - 0
[  613.119979][   T40] netdevsim netdevsim7 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  613.185540][   T40] netdevsim netdevsim7 eth1: set [1, 0] type 2 family 0 port 53875 - 0
[  613.204441][   T40] netdevsim netdevsim7 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  613.224109][   T40] netdevsim netdevsim7 eth2: set [1, 0] type 2 family 0 port 53875 - 0
[  613.305477][   T40] netdevsim netdevsim7 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  613.324659][   T40] netdevsim netdevsim7 eth3: set [1, 0] type 2 family 0 port 53875 - 0
[  613.555873][   T28] audit: type=1326 audit(1771844262.462:13551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7463 comm="syz.3.12023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cec99c629 code=0x7ffc0000
[  613.632437][   T28] audit: type=1326 audit(1771844262.462:13552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7463 comm="syz.3.12023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cec99c629 code=0x7ffc0000
[  613.793326][   T28] audit: type=1326 audit(1771844262.462:13553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7463 comm="syz.3.12023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7f1cec99c629 code=0x7ffc0000
[  613.842932][   T28] audit: type=1326 audit(1771844262.462:13554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7463 comm="syz.3.12023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cec99c629 code=0x7ffc0000
[  613.888017][   T28] audit: type=1326 audit(1771844262.462:13555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7463 comm="syz.3.12023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f1cec99c629 code=0x7ffc0000
[  613.917530][   T28] audit: type=1326 audit(1771844262.462:13556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7463 comm="syz.3.12023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cec99c629 code=0x7ffc0000
[  613.998431][   T28] audit: type=1326 audit(1771844262.472:13557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7465 comm="syz.3.12023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f1cec95cece code=0x7ffc0000
[  614.039890][   T28] audit: type=1326 audit(1771844262.472:13558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7463 comm="syz.3.12023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7f1cec99c629 code=0x7ffc0000
[  614.070230][   T28] audit: type=1326 audit(1771844262.472:13559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7463 comm="syz.3.12023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cec99c629 code=0x7ffc0000
[  614.317654][ T7483] loop4: detected capacity change from 0 to 128
[  614.416846][ T7489] netlink: 8 bytes leftover after parsing attributes in process `syz.3.12031'.
[  614.819887][ T7489] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  614.844656][ T7489] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  614.858696][ T7489] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  614.887171][ T7494] netlink: 60 bytes leftover after parsing attributes in process `syz.7.12033'.
[  614.940369][ T7506] netlink: 12 bytes leftover after parsing attributes in process `syz.2.12038'.
[  614.951966][ T7489] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  614.962473][ T7489] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  614.973609][ T7489] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  615.054449][ T7489] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  615.082602][ T7489] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  615.118776][ T7489] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  615.207323][ T7489] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  615.256338][ T7489] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  615.290178][ T7489] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  615.412458][   T12] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  615.435620][   T12] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 20000 - 0
[  615.453369][   T12] netdevsim netdevsim3 eth0: set [1, 1] type 2 family 0 port 6081 - 0
[  615.456152][T20061] IPVS: starting estimator thread 0...
[  615.488771][   T12] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  615.532155][   T12] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 20000 - 0
[  615.547309][   T12] netdevsim netdevsim3 eth1: set [1, 1] type 2 family 0 port 6081 - 0
[  615.575340][   T12] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  615.586239][ T7520] IPVS: using max 1968 ests per chain, 98400 per kthread
[  615.613837][   T12] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 20000 - 0
[  615.634334][   T12] netdevsim netdevsim3 eth2: set [1, 1] type 2 family 0 port 6081 - 0
[  615.662603][   T12] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  615.690228][   T12] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 20000 - 0
[  615.721597][   T12] netdevsim netdevsim3 eth3: set [1, 1] type 2 family 0 port 6081 - 0
[  615.784339][ T7525] loop3: detected capacity change from 0 to 128
[  617.577665][ T7564] netlink: 8 bytes leftover after parsing attributes in process `syz.2.12063'.
[  617.943671][   T28] kauditd_printk_skb: 5 callbacks suppressed
[  617.943686][   T28] audit: type=1400 audit(1771844266.912:13565): avc:  denied  { watch watch_reads } for  pid=7583 comm="syz.3.12071" path="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=dir permissive=1
[  618.614102][ T7611] loop4: detected capacity change from 0 to 8192
[  619.375142][ T7619] netlink: 8 bytes leftover after parsing attributes in process `syz.4.12086'.
[  619.400369][ T7622] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=45 sclass=netlink_audit_socket pid=7622 comm=syz.7.12084
[  619.423336][ T7619] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  619.446616][ T7628] uprobe: syz.2.12088:7628 failed to unregister, leaking uprobe
[  619.467756][ T7619] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  619.524384][ T7638] netlink: 24 bytes leftover after parsing attributes in process `syz.1.12093'.
[  619.547539][ T7619] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  619.608046][ T7619] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  619.691898][   T12] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  619.705895][   T12] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  619.724649][   T12] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  619.733205][ T7659] netlink: 20 bytes leftover after parsing attributes in process `syz.1.12100'.
[  619.773741][   T12] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  619.886106][ T7646] syz.7.12097 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  619.928657][ T7661] pim6reg: entered allmulticast mode
[  619.934251][ T7646] CPU: 0 UID: 0 PID: 7646 Comm: syz.7.12097 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  619.934314][ T7646] Tainted: [W]=WARN
[  619.934322][ T7646] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  619.934336][ T7646] Call Trace:
[  619.934344][ T7646]  <TASK>
[  619.934353][ T7646]  __dump_stack+0x1d/0x30
[  619.934433][ T7646]  dump_stack_lvl+0x95/0xd0
[  619.934466][ T7646]  dump_stack+0x15/0x1b
[  619.934490][ T7646]  dump_header+0x80/0x240
[  619.934516][ T7646]  oom_kill_process+0x295/0x350
[  619.934540][ T7646]  out_of_memory+0x97d/0xb80
[  619.934564][ T7646]  try_charge_memcg+0x62e/0xa10
[  619.934680][ T7646]  mem_cgroup_swapin_charge_folio+0x103/0x1f0
[  619.934712][ T7646]  __swap_cache_prepare_and_add+0x386/0x530
[  619.934749][ T7646]  swap_cache_alloc_folio+0xa2/0x120
[  619.934830][ T7646]  swap_cluster_readahead+0x36b/0x3d0
[  619.934866][ T7646]  swapin_readahead+0xde/0x840
[  619.934895][ T7646]  ? _raw_spin_unlock+0x9/0x30
[  619.934976][ T7646]  ? swap_put_entries_cluster+0x385/0x3a0
[  619.935006][ T7646]  ? swap_put_entries_cluster+0xa1/0x3a0
[  619.935117][ T7646]  ? __rcu_read_unlock+0x4e/0x70
[  619.935141][ T7646]  ? swap_cache_get_folio+0x26f/0x280
[  619.935179][ T7646]  do_swap_page+0x309/0x2210
[  619.935212][ T7646]  ? css_rstat_updated+0xbb/0x280
[  619.935233][ T7646]  ? __rcu_read_lock+0x36/0x50
[  619.935332][ T7646]  ? pte_offset_map_rw_nolock+0x19e/0x200
[  619.935369][ T7646]  handle_mm_fault+0xb40/0x3020
[  619.935402][ T7646]  ? vma_start_read+0x1c7/0x2c0
[  619.935507][ T7646]  do_user_addr_fault+0x62f/0x1050
[  619.935542][ T7646]  ? arch_exit_to_user_mode_prepare+0x26/0x80
[  619.935618][ T7646]  ? trace_page_fault_user+0x1f/0xe0
[  619.935650][ T7646]  exc_page_fault+0x62/0xa0
[  619.935679][ T7646]  asm_exc_page_fault+0x26/0x30
[  619.935744][ T7646] RIP: 0033:0x7f1a119acea0
[  619.935778][ T7646] Code: 6f 46 50 0f 29 44 24 50 f3 0f 6f 46 60 0f 29 44 24 60 f3 0f 6f 46 70 0f 29 44 24 70 e9 5d ff ff ff e8 c4 1c 04 00 0f 1f 40 00 <8b> 07 f6 07 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89
[  619.935798][ T7646] RSP: 002b:00007fff28a4b568 EFLAGS: 00010246
[  619.935818][ T7646] RAX: 0000000000000000 RBX: 0000555564784500 RCX: 0000000000000000
[  619.935833][ T7646] RDX: 0000000000000000 RSI: 00000000000000e6 RDI: 0000555564784808
[  619.935849][ T7646] RBP: 00007f1a11c67da0 R08: 00007fff28a4b5c0 R09: 0000000000000000
[  619.935918][ T7646] R10: 0000000000000000 R11: 0000555564784808 R12: 000000000009776f
[  619.935934][ T7646] R13: 00007f1a11c6609c R14: 00000000000974a2 R15: 00007f1a11c66090
[  619.935956][ T7646]  </TASK>
[  620.235413][ T7661] pim6reg: left allmulticast mode
[  620.243404][ T7646] memory: usage 45896kB, limit 307200kB, failcnt 4150
[  620.250474][ T7646] memory+swap: usage 48404kB, limit 9007199254740988kB, failcnt 0
[  620.258486][ T7646] kmem: usage 45404kB, limit 9007199254740988kB, failcnt 0
[  620.265761][ T7646] Memory cgroup stats for /syz7:
[  620.266070][ T7646] cache 32768
[  620.275409][ T7646] rss 4096
[  620.305617][ T7646] shmem 16384
[  620.312270][ T7646] mapped_file 0
[  620.325642][ T7646] dirty 0
[  620.332879][ T7646] writeback 0
[  620.339693][ T7646] workingset_refault_anon 8652
[  620.349774][ T7646] workingset_refault_file 7030
[  620.358880][ T7646] swap 2568192
[  620.366929][ T7667] loop4: detected capacity change from 0 to 128
[  620.375563][ T7646] swapcached 36835328
[  620.384128][ T7646] pgpgin 982815
[  620.387938][ T7646] pgpgout 982804
[  620.392326][ T7667] FAT-fs (loop4): Directory bread(block 32) failed
[  620.400566][ T7646] pgfault 770853
[  620.404251][ T7667] FAT-fs (loop4): Directory bread(block 33) failed
[  620.412286][ T7646] pgmajfault 1386
[  620.415959][ T7646] inactive_anon 0
[  620.423080][ T7646] active_anon 0
[  620.427451][ T7667] FAT-fs (loop4): Directory bread(block 34) failed
[  620.434122][ T7646] inactive_file 0
[  620.437992][ T7646] active_file 4096
[  620.446304][ T7646] unevictable 16384
[  620.453620][ T7667] FAT-fs (loop4): Directory bread(block 35) failed
[  620.462032][ T7646] hierarchical_memory_limit 314572800
[  620.468046][ T7646] hierarchical_memsw_limit 9223372036854771712
[  620.484449][ T7646] total_cache 32768
[  620.495200][ T7667] FAT-fs (loop4): Directory bread(block 36) failed
[  620.502970][ T7646] total_rss 4096
[  620.517773][ T7667] FAT-fs (loop4): Directory bread(block 37) failed
[  620.547272][ T7646] total_shmem 16384
[  620.564332][ T7667] FAT-fs (loop4): Directory bread(block 38) failed
[  620.571255][ T7646] total_mapped_file 0
[  620.581297][ T7646] total_dirty 0
[  620.584847][ T7646] total_writeback 0
[  620.589610][ T7667] FAT-fs (loop4): Directory bread(block 39) failed
[  620.599663][ T7646] total_workingset_refault_anon 8652
[  620.604967][ T7646] total_workingset_refault_file 7030
[  620.610621][ T7667] FAT-fs (loop4): Directory bread(block 40) failed
[  620.624852][ T7682] loop3: detected capacity change from 0 to 1024
[  620.636360][ T7667] FAT-fs (loop4): Directory bread(block 41) failed
[  620.661298][ T7682] EXT4-fs: Ignoring removed mblk_io_submit option
[  620.666343][ T7646] total_swap 2568192
[  620.671777][ T7646] total_swapcached 36835328
[  620.681556][ T7646] total_pgpgin 982815
[  620.685739][ T7646] total_pgpgout 982804
[  620.699330][ T7646] total_pgfault 770853
[  620.703788][ T7646] total_pgmajfault 1386
[  620.708210][ T7682] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  620.715407][ T7646] total_inactive_anon 0
[  620.717848][ T7682] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  620.730051][ T7646] total_active_anon 0
[  620.736636][ T7646] total_inactive_file 0
[  620.742770][ T7646] total_active_file 4096
[  620.748178][ T7646] total_unevictable 16384
[  620.766634][ T7690] netlink: 24 bytes leftover after parsing attributes in process `syz.1.12115'.
[  620.787703][ T7682] EXT4-fs error (device loop3): ext4_ext_check_inode:521: inode #11: comm syz.3.12111: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  620.802498][ T7646] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null)
[  620.816373][ T7682] loop3: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[  620.826165][    C1] EXT4-fs (loop3): error count since last fsck: 1
[  620.841735][    C1] EXT4-fs (loop3): initial error at time 1771844269: ext4_ext_check_inode:521: inode 11
[  620.851587][    C1] EXT4-fs (loop3): last error at time 1771844269: ext4_ext_check_inode:521: inode 11
[  620.861701][T20063] Process accounting resumed
[  620.867413][ T7646] ,cpuset=/,mems_allowed=0,oom_memcg=/syz7,task_memcg=/syz7,task=syz.7.12097,pid=7646,uid=0
[  620.877671][ T7682] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.12111: couldn't read orphan inode 11 (err -117)
[  620.889908][ T7682] loop3: lost filesystem error report for type 5 error -117
[  620.889919][ T7646] Memory cgroup out of memory: Killed process 7646 (syz.7.12097) total-vm:94160kB, anon-rss:1224kB, file-rss:22428kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:0
[  620.949920][ T7682] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  621.003345][ T7682] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.12111: Invalid block bitmap block 0 in block_group 0
[  621.047489][ T7682] Quota error (device loop3): write_blk: dquota write failed
[  621.055897][ T7682] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  621.066778][ T7682] EXT4-fs error (device loop3): ext4_acquire_dquot:7001: comm syz.3.12111: Failed to acquire dquot type 0
[  621.098049][ T4140] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  621.135844][T19022] Quota error (device loop3): do_check_range: Getting block 0 out of range 1-8
[  621.181529][T19022] EXT4-fs error (device loop3): ext4_release_dquot:7037: comm kworker/u8:20: Failed to release dquot type 0
[  621.205198][T19022] loop3: lost filesystem error report for type 5 error -117
[  621.450979][   T28] audit: type=1326 audit(1771844270.422:13566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7729 comm="syz.7.12131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a119ec629 code=0x7ffc0000
[  621.497552][   T28] audit: type=1326 audit(1771844270.452:13567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7729 comm="syz.7.12131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f1a119ec629 code=0x7ffc0000
[  621.523686][   T28] audit: type=1326 audit(1771844270.452:13568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7729 comm="syz.7.12131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a119ec629 code=0x7ffc0000
[  621.563629][   T28] audit: type=1326 audit(1771844270.452:13569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7729 comm="syz.7.12131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a119ec629 code=0x7ffc0000
[  621.608953][ T7749] loop3: detected capacity change from 0 to 512
[  621.616868][   T28] audit: type=1326 audit(1771844270.452:13570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7729 comm="syz.7.12131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=327 compat=0 ip=0x7f1a119ec629 code=0x7ffc0000
[  621.691743][ T7749] EXT4-fs: Ignoring removed nobh option
[  621.702614][ T7760] netlink: 12 bytes leftover after parsing attributes in process `syz.2.12141'.
[  621.706246][   T28] audit: type=1326 audit(1771844270.452:13571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7729 comm="syz.7.12131" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1a119ec629 code=0x7ffc0000
[  621.736001][ T7749] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  621.755359][ T7749] EXT4-fs (loop3): 1 truncate cleaned up
[  621.771304][ T7749] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  621.846857][ T7770] netlink: 24 bytes leftover after parsing attributes in process `syz.2.12144'.
[  622.291043][ T7797] netlink: 'syz.2.12145': attribute type 4 has an invalid length.
[  622.631451][ T7845] syzkaller0: entered promiscuous mode
[  622.637077][ T7845] syzkaller0: entered allmulticast mode
[  622.930362][ T7850] loop2: detected capacity change from 0 to 8192
[  622.967741][ T4140] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  623.078124][ T7855] loop3: detected capacity change from 0 to 2048
[  623.137695][ T7855] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  623.291153][ T4140] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  623.386505][ T7865] netlink: 24 bytes leftover after parsing attributes in process `syz.3.12159'.
[  625.172048][ T7903] pim6reg: entered allmulticast mode
[  625.197022][   T28] kauditd_printk_skb: 1 callbacks suppressed
[  625.197050][   T28] audit: type=1400 audit(1771844274.162:13573): avc:  denied  { recv } for  pid=7898 comm="syz.3.12182" saddr=10.128.0.163 src=49896 daddr=10.128.0.23 dest=22 netif=eth0 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1
[  625.210355][ T7903] pim6reg: left allmulticast mode
[  625.293377][ T7912] netlink: 12 bytes leftover after parsing attributes in process `syz.1.12175'.
[  625.374504][   T35] IPVS: starting estimator thread 0...
[  625.507275][ T7921] IPVS: using max 2304 ests per chain, 115200 per kthread
[  625.549635][ T7930] netlink: 8 bytes leftover after parsing attributes in process `syz.2.12183'.
[  625.587908][ T7930] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  625.698043][ T7930] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  625.740560][ T7930] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  625.783038][ T7925] syz.7.12185 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=0
[  625.816213][ T7925] CPU: 1 UID: 0 PID: 7925 Comm: syz.7.12185 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  625.816277][ T7925] Tainted: [W]=WARN
[  625.816284][ T7925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  625.816298][ T7925] Call Trace:
[  625.816305][ T7925]  <TASK>
[  625.816314][ T7925]  __dump_stack+0x1d/0x30
[  625.816427][ T7925]  dump_stack_lvl+0x95/0xd0
[  625.816451][ T7925]  dump_stack+0x15/0x1b
[  625.816482][ T7925]  dump_header+0x80/0x240
[  625.816510][ T7925]  oom_kill_process+0x295/0x350
[  625.816542][ T7925]  out_of_memory+0x97d/0xb80
[  625.816564][ T7925]  try_charge_memcg+0x62e/0xa10
[  625.816660][ T7925]  obj_cgroup_charge_pages+0x23/0xc0
[  625.816688][ T7925]  __memcg_kmem_charge_page+0x9e/0x170
[  625.816758][ T7925]  __alloc_frozen_pages_noprof+0x18a/0x360
[  625.816787][ T7925]  alloc_pages_mpol+0xb3/0x260
[  625.816817][ T7925]  alloc_pages_noprof+0x8f/0x130
[  625.816850][ T7925]  __vmalloc_node_range_noprof+0xa46/0x12b0
[  625.816890][ T7925]  __kvmalloc_node_noprof+0x3d4/0x650
[  625.816948][ T7925]  ? ip_set_alloc+0x24/0x30
[  625.816971][ T7925]  ? ip_set_alloc+0x24/0x30
[  625.816992][ T7925]  ? __kmalloc_cache_noprof+0x18a/0x410
[  625.817015][ T7925]  ip_set_alloc+0x24/0x30
[  625.817106][ T7925]  hash_netiface_create+0x282/0x740
[  625.817131][ T7925]  ? __pfx_hash_netiface_create+0x10/0x10
[  625.817202][ T7925]  ip_set_create+0x3cf/0x970
[  625.817317][ T7925]  ? __nla_parse+0x40/0x60
[  625.817343][ T7925]  nfnetlink_rcv_msg+0x509/0x5d0
[  625.817486][ T7925]  netlink_rcv_skb+0x123/0x220
[  625.817510][ T7925]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  625.817541][ T7925]  nfnetlink_rcv+0x167/0x1720
[  625.817582][ T7925]  ? __list_del_entry_valid_or_report+0x65/0x130
[  625.817617][ T7925]  ? __rmqueue_pcplist+0x9b0/0xb70
[  625.817649][ T7925]  ? _raw_spin_lock_bh+0x56/0xb0
[  625.817670][ T7925]  ? _raw_spin_unlock_bh+0x18/0x20
[  625.817728][ T7925]  ? selinux_nlmsg_lookup+0x99/0x890
[  625.817757][ T7925]  ? __rcu_read_unlock+0x33/0x70
[  625.817779][ T7925]  ? __netlink_lookup+0x276/0x2b0
[  625.817808][ T7925]  netlink_unicast+0x5c0/0x690
[  625.817856][ T7925]  netlink_sendmsg+0x5c8/0x6f0
[  625.817891][ T7925]  ? __pfx_netlink_sendmsg+0x10/0x10
[  625.817918][ T7925]  ____sys_sendmsg+0x5af/0x600
[  625.818012][ T7925]  ___sys_sendmsg+0x195/0x1e0
[  625.818049][ T7925]  __x64_sys_sendmsg+0xd4/0x160
[  625.818081][ T7925]  x64_sys_call+0x194c/0x3020
[  625.818120][ T7925]  do_syscall_64+0x12c/0x370
[  625.818195][ T7925]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  625.818218][ T7925] RIP: 0033:0x7f1a119ec629
[  625.818236][ T7925] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  625.818284][ T7925] RSP: 002b:00007f1a1043f028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  625.818306][ T7925] RAX: ffffffffffffffda RBX: 00007f1a11c65fa0 RCX: 00007f1a119ec629
[  625.818321][ T7925] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000003
[  625.818392][ T7925] RBP: 00007f1a11a82b39 R08: 0000000000000000 R09: 0000000000000000
[  625.818405][ T7925] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  625.818488][ T7925] R13: 00007f1a11c66038 R14: 00007f1a11c65fa0 R15: 00007fff28a4b488
[  625.818512][ T7925]  </TASK>
[  625.819200][ T7925] memory: usage 279640kB, limit 307200kB, failcnt 4286
[  626.151156][ T7930] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  626.154596][ T7925] memory+swap: usage 256624kB, limit 9007199254740988kB, failcnt 0
[  626.192459][ T7925] kmem: usage 203012kB, limit 9007199254740988kB, failcnt 0
[  626.228193][ T7925] Memory cgroup stats for /syz7:
[  626.228436][ T7925] cache 16384
[  626.247047][ T7925] rss 28672
[  626.250320][ T7925] shmem 16384
[  626.253694][ T7925] mapped_file 0
[  626.257611][ T7925] dirty 0
[  626.262751][ T7925] writeback 0
[  626.271783][ T7925] workingset_refault_anon 8706
[  626.284837][T19027] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  626.295451][ T7925] workingset_refault_file 7410
[  626.302494][T19027] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  626.312145][ T7925] swap 2527232
[  626.331879][ T7925] swapcached 36974592
[  626.346215][T19027] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  626.356199][ T7925] pgpgin 983967
[  626.359753][ T7925] pgpgout 983953
[  626.363138][T19027] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  626.363334][ T7925] pgfault 772950
[  626.363353][ T7925] pgmajfault 1419
[  626.436998][ T7925] inactive_anon 0
[  626.441646][ T7925] active_anon 36864
[  626.447557][ T7925] inactive_file 0
[  626.451373][ T7925] active_file 4096
[  626.455111][ T7925] unevictable 16384
[  626.459291][ T7925] hierarchical_memory_limit 314572800
[  626.492150][ T7925] hierarchical_memsw_limit 9223372036854771712
[  626.506364][ T7925] total_cache 16384
[  626.510200][ T7925] total_rss 28672
[  626.535646][ T7925] total_shmem 16384
[  626.544437][ T7925] total_mapped_file 0
[  626.548671][ T7925] total_dirty 0
[  626.553725][ T7925] total_writeback 0
[  626.558757][ T7925] total_workingset_refault_anon 8706
[  626.564070][ T7925] total_workingset_refault_file 7410
[  626.569724][ T7925] total_swap 2527232
[  626.573611][ T7925] total_swapcached 36974592
[  626.578291][ T7925] total_pgpgin 983967
[  626.582405][ T7925] total_pgpgout 983953
[  626.590629][ T7925] total_pgfault 772950
[  626.594943][ T7925] total_pgmajfault 1419
[  626.599148][ T7925] total_inactive_anon 0
[  626.603349][ T7925] total_active_anon 36864
[  626.607871][ T7925] total_inactive_file 0
[  626.612050][ T7925] total_active_file 4096
[  626.616361][ T7925] total_unevictable 16384
[  626.620704][ T7925] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz7,task_memcg=/syz7,task=syz.7.12185,pid=7924,uid=0
[  626.620897][ T2988] ==================================================================
[  626.635503][ T7925] Memory cgroup out of memory: Killed process 7925 (syz.7.12185) total-vm:96208kB, anon-rss:1336kB, file-rss:22400kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:0
[  626.643486][ T2988] BUG: KCSAN: data-race in _prb_read_valid / prb_reserve_in_last
[  626.667990][ T2988] 
[  626.670302][ T2988] write to 0xffffffff86c83a38 of 8 bytes by task 7925 on cpu 1:
[  626.677914][ T2988]  prb_reserve_in_last+0x9f1/0xb30
[  626.683025][ T2988]  vprintk_store+0x457/0x910
[  626.687599][ T2988]  vprintk_emit+0x1a4/0x600
[  626.692089][ T2988]  vprintk_default+0x26/0x30
[  626.696663][ T2988]  vprintk+0x1d/0x30
[  626.700549][ T2988]  _printk+0x79/0xa0
[  626.704429][ T2988]  mem_cgroup_print_oom_context+0x89/0xd0
[  626.710138][ T2988]  dump_oom_victim+0x67/0xe0
[  626.714715][ T2988]  oom_kill_process+0x2a0/0x350
[  626.719551][ T2988]  out_of_memory+0x97d/0xb80
[  626.724132][ T2988]  try_charge_memcg+0x62e/0xa10
[  626.728980][ T2988]  obj_cgroup_charge_pages+0x23/0xc0
[  626.734262][ T2988]  __memcg_kmem_charge_page+0x9e/0x170
[  626.739711][ T2988]  __alloc_frozen_pages_noprof+0x18a/0x360
[  626.745506][ T2988]  alloc_pages_mpol+0xb3/0x260
[  626.750257][ T2988]  alloc_pages_noprof+0x8f/0x130
[  626.755190][ T2988]  __vmalloc_node_range_noprof+0xa46/0x12b0
[  626.761075][ T2988]  __kvmalloc_node_noprof+0x3d4/0x650
[  626.766440][ T2988]  ip_set_alloc+0x24/0x30
[  626.770764][ T2988]  hash_netiface_create+0x282/0x740
[  626.775950][ T2988]  ip_set_create+0x3cf/0x970
[  626.780532][ T2988]  nfnetlink_rcv_msg+0x509/0x5d0
[  626.785458][ T2988]  netlink_rcv_skb+0x123/0x220
[  626.790216][ T2988]  nfnetlink_rcv+0x167/0x1720
[  626.794892][ T2988]  netlink_unicast+0x5c0/0x690
[  626.799644][ T2988]  netlink_sendmsg+0x5c8/0x6f0
[  626.804404][ T2988]  ____sys_sendmsg+0x5af/0x600
[  626.809158][ T2988]  ___sys_sendmsg+0x195/0x1e0
[  626.813825][ T2988]  __x64_sys_sendmsg+0xd4/0x160
[  626.818665][ T2988]  x64_sys_call+0x194c/0x3020
[  626.823336][ T2988]  do_syscall_64+0x12c/0x370
[  626.827938][ T2988]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  626.833851][ T2988] 
[  626.836161][ T2988] read to 0xffffffff86c83a30 of 16 bytes by task 2988 on cpu 0:
[  626.843772][ T2988]  _prb_read_valid+0x1bc/0x950
[  626.848536][ T2988]  prb_read_valid+0x3c/0x60
[  626.853036][ T2988]  syslog_print+0x258/0x560
[  626.857527][ T2988]  do_syslog+0x52b/0x7f0
[  626.861755][ T2988]  __x64_sys_syslog+0x41/0x50
[  626.866418][ T2988]  x64_sys_call+0x2b9e/0x3020
[  626.871097][ T2988]  do_syscall_64+0x12c/0x370
[  626.875684][ T2988]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  626.881566][ T2988] 
[  626.883877][ T2988] Reported by Kernel Concurrency Sanitizer on:
[  626.890016][ T2988] CPU: 0 UID: 0 PID: 2988 Comm: klogd Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  626.900421][ T2988] Tainted: [W]=WARN
[  626.904205][ T2988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  626.914248][ T2988] ==================================================================