last executing test programs:

6m14.572046546s ago: executing program 1 (id=1070):
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xf, 0x5}, 0x100e64, 0xc78}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="12000000220000000400000002"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000200), &(0x7f0000000140)=r0}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000040)=0x2, &(0x7f0000000240)=r0}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000100)={r3, &(0x7f0000000300)="90b733b775", &(0x7f00000003c0)=""/176}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000140)=ANY=[@ANYBLOB="61158c000000000061134c0000000000bfa00000000000001705000008004ef02d3501000000000095000000000000006916000000000000bf67000000000000350605000fff07206706000004000000160302000ee60060bf500000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9d0cc7d3b4814261bdb94a050000a28a404be266df76965947c73c00c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b540dcfc7ad0500c4063b3b8754c0686cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44e2a2235c8ac86d8a297dff0445a15f21dce431e567238809000000000000000ae2fb494059bba8e3b680324a188090eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb40000000000000000000000000040007abf9c20d89cbc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000007b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eb29000000000000003cc3aa39ee4b1386bab561cda886fa64ffffff7f473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59801fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d00000000d3114dbc7e2bf2402a75fd7a5573336004088000000000000000fb38c7f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf73400000000000000cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce91798adc2dca8710d5c617df01f82a73f6bd61d1f5b2a443faa9bda0577383dc18402cde8bf777b2eaa45c940aabc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db009acaba9eaea90000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5dfd188ff555285b9743d3aac000583f42d168613151d681a2f71373f20d92c9048407c91fabecfe8a10300004d127edab14ba61ba1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7ac756f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a80756447322207b4007dff12eb95066cc6bc256f0a12282224bb031bbee6d23cef7074f6d718b06ca80b57aa183dd0c39e9d8547c666b6764a3c7dd62a94eee45881441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf855689232f4fc5135790662dc1419a365b5b11df7216652b5703f31e078ecdefe8e6bfc45a9980a7a8de863e3477dd47d0f11611ca92d89641a183c8f629f17cfc28fde209a793d9c0cdde3bb3f82670d33396982988b9f5207a732908fdf1506f307ccae47a69319ee2242272e4f7ceb7a40e49a21ce6405af3ecb3381bf0668749c81fc6c2d97e68a693e3e622af52e572f4fa7b20d5c72cf5ff8016461130a46803de45029489921a48bd7688dd593e4a3e9803263ecbd8ae8570293508ebe5fabc1842cbc01ae8fabbf41820c31b7bb83a3439d4540f839ed5c23828a33d7645baa1ec32bb7aa8a786bb0997ccf6bba0a2cf6ef2157a63974d5e525a3f3f7f993ea9e82732ccc2e12c631012175d5d474bef818bdf8f27a7e563684a225dee6ca5f5ff18a89ac6c627ff0e0e4769b6fbcfc847b20960704a4b13e962333bddb966de8bcade6f6bd3915a580ddec2e1bd88fbfdb749789cdc946822212f1cbacb03ba8d3e51e48ccdae20a43bf79ca0131b830620a97877242989e78dfec1d6df5f97ca5cddece50d0cae5d6eabbc1913aa3660e0b00000000000000000000000000bc16b71cb118d93461aa2914d6e454ef05c41beab7382787ba46b68c8d8b35da9fb58b259b4447b59c667ddcac0bb2d066eb0579be84bdca8ed5d693411b7e5b21efaceddacef03daa9772f2715b5613ae0d88f8d109e36f8b8871b646d9ebbcc25d527ad3f828c92cb6597f82ed4d496a511007781be0c7cac07fc508a585f415ef81a887475286df80fb6ff9c6524d0e22d50f88ca15545bc688063b04eb8e0248aca60b9983dd5966216499ccfc0551f6e0323859ae64f55e4d496a695f8e6382aa714b92f95dcfd0b456d9ce7a24f736e4009ef64230e8f83f8283a4cc5f178d4698b94ccd8d0e0e3e2e35e1a7ac0cb3ee52013e8c2802d2f89b3f708fb53c17c3e4fbe0326ee510c4317b5f5f1eb34ca8441c23755acfc469909b16fba134de01d484c1b380622d37"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x37de6c8a68769c38}, 0x48)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x5, 0x2, 0x0, 0x0, 0x0, 0x4d, 0x8080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

6m14.247107722s ago: executing program 1 (id=1076):
perf_event_open(&(0x7f0000000380)={0x2, 0x80, 0xf4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0xc6, 0x0, 0x4, 0xc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="08000000040000000400000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1a, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000025000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x30, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x6, 0x14, &(0x7f00000002c0)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000b80)={r1, 0x2000012, 0xe, 0xf0, &(0x7f0000000c40)="63eced8e46dc3f2ddf33c9e9b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xc}, 0x50)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x9, 0xffffffffffffffff, 0x0)
ustat(0x11, 0x0)

6m14.183855345s ago: executing program 1 (id=1078):
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000200)=@name={0x1e, 0x2, 0x3, {{0x42, 0x1}}}, 0x10)
bind$tipc(r0, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x1, {0x42, 0x0, 0x2}}, 0x10)
r1 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r1, &(0x7f00000000c0)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
bind$tipc(r1, &(0x7f0000000140)=@name={0x1e, 0x2, 0x0, {{0x42, 0x2}}}, 0x10)
bind$tipc(r1, &(0x7f00000001c0)=@nameseq={0x1e, 0x1, 0x2, {0x42, 0x1, 0x3}}, 0x10)
bind$tipc(r0, 0x0, 0x0)

6m14.114669839s ago: executing program 1 (id=1080):
mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
mount$bpf(0x200000000000, &(0x7f0000000440)='./file0/../file0\x00', 0x0, 0x989046, 0x0)
mount$bpf(0x0, &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x100000, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x989046, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000000)='.\x00', 0x0, 0x8b7848, 0x0)
mount$bpf(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x84000, 0x0)
mount$bpf(0x200000002000, &(0x7f0000000100)='./file0/../file0\x00', 0x0, 0x80000, 0x0)

6m14.043440412s ago: executing program 1 (id=1082):
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x50)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x543000, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x2a, 0x1, 0x0, 0x0, 0x0, 0x9, 0xf4039, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_bp={0x0, 0x6}, 0x204, 0x1, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x200b}, 0x0, 0x4000000000, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x1, &(0x7f0000000480)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
futex_waitv(&(0x7f0000001080)=[{0x3, &(0x7f0000001040)=0x3, 0x82}], 0x1, 0x0, 0x0, 0x1)

6m13.336171077s ago: executing program 1 (id=1087):
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000085c0)=@newtfilter={0x70, 0x2c, 0xd27, 0x70bd25, 0x25dfdbff, {0x0, 0x0, 0x0, r3, {0x0, 0xe}, {}, {0x8, 0xc}}, [@filter_kind_options=@f_flow={{0x9}, {0x40, 0x2, [@TCA_FLOW_EMATCHES={0x3c, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x30, 0x2, 0x0, 0x1, [@TCF_EM_U32={0x1c, 0x1, 0x0, 0x0, {{0x7, 0x3, 0x67e4}, {0x9, 0x3, 0x5, 0x9}}}, @TCF_EM_NBYTE={0x10, 0x2, 0x0, 0x0, {{0x24, 0x2, 0x3c}, {0x7d, 0x0, 0x2}}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x2}}]}]}}]}, 0x70}}, 0x0)

6m13.332412837s ago: executing program 32 (id=1087):
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000085c0)=@newtfilter={0x70, 0x2c, 0xd27, 0x70bd25, 0x25dfdbff, {0x0, 0x0, 0x0, r3, {0x0, 0xe}, {}, {0x8, 0xc}}, [@filter_kind_options=@f_flow={{0x9}, {0x40, 0x2, [@TCA_FLOW_EMATCHES={0x3c, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x30, 0x2, 0x0, 0x1, [@TCF_EM_U32={0x1c, 0x1, 0x0, 0x0, {{0x7, 0x3, 0x67e4}, {0x9, 0x3, 0x5, 0x9}}}, @TCF_EM_NBYTE={0x10, 0x2, 0x0, 0x0, {{0x24, 0x2, 0x3c}, {0x7d, 0x0, 0x2}}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x2}}]}]}}]}, 0x70}}, 0x0)

2m21.840449735s ago: executing program 0 (id=4529):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x8, 0x40008, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x9, 0x100000001}, 0x0, 0x2, 0x800000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
r1 = syz_io_uring_setup(0x10d4, &(0x7f0000000000)={0x0, 0x615e, 0x0, 0x0, 0x1000034f}, &(0x7f00000000c0)=<r2=>0x0, &(0x7f0000000340)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000002c0)={0x1, &(0x7f0000000200)=[{0x32, 0x0, 0x0, 0x4}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x8})
io_uring_enter(r1, 0x200047bc, 0x0, 0x0, 0x0, 0x5e)

2m21.581857428s ago: executing program 0 (id=4535):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x10000, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = perf_event_open(&(0x7f0000000680)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5a1c, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x200000800}, 0x0, 0x400004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000980)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000000000000000850000007d"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r2, 0x2006300, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x3800, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

2m21.241670005s ago: executing program 0 (id=4540):
socket$inet6(0xa, 0x1, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x2, @perf_bp={&(0x7f0000000140), 0x1}, 0x0, 0x0, 0x10000, 0x2, 0x2, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0x1)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3008046, &(0x7f00000003c0)={[{@dioread_nolock}, {@data_err_abort}, {@block_validity}, {@journal_dev={'journal_dev', 0x3d, 0xd5b}}, {@data_err_ignore}, {@nodiscard}, {@user_xattr}, {@grpquota}, {@init_itable}, {@user_xattr}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@errors_remount}, {@lazytime}]}, 0x11, 0x556, &(0x7f00000005c0)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8H7nZO7k3O/ebe7+m5OTckgKE1kf1TiHg5Ir5JIg5GRJKvG4185cTadqv3r85mSxKNxqd/Jc3tsnrrtVrP259XXoqI376KOF7Y2G5teWWhVC6ni3l9sl65NFlbXjlxoVKaT+fTi9MzM6fenpl+7913+hbrG2f/+f6T2x+e+vro6ne/3D10M4nTcSBf1x7HE7jWXpmIifw9GYvTj2w41YfGdoJd+f/JgPeD7RnJ83wssj7gYIzkWQ/8/30ZEQ1gSCXyH4ZUaxzQurbv03Xwc+PeB2sXQBvjH137bCT2NK+N9q0mD10ZZde7431oP2vj1z9v3cyW6N/nEABbunY9Ik6Ojm7s/5K8/9u+kz1s82gb+j94dm5n4583O41/Cuvjn+gw/tnfIXe3Y+v8L9ztQzNdZeO/9zuOf9cnrcZH8toLzTHfWHL+QjnN+rYXI+JYjO3O6pvN55xavdPotq59/JctWfutsWC+H3dHdz/8nLlSvfQkMbe7dz3ilY7j32T9+Ccdjn/2fpztsY0j6a3Xuq3bOv6nq/FTxOsdj/+DGa1k8/nJyeb5MNk6Kzb6+8aR37u1P+j4s+O/b/P4x5P2+dra47fx455/027rHoo/ej//dyWfNcut+ccrpXp9cSpiV/LxxsenHzy3VW9tn8V/7Ojm/V+n839vRHzeY/w3Dv/8ak/xD+j4zz3W8X/8wp2PvvihW/u99X9vNUvH8kd66f963cEnee8AAAAAAABgpylExIFICsX1cqFQLK7d33E49hXK1Vr9+Pnq0sW5aH5XdjzGCq2Z7oNt90NM5ffDturTj9RnIuJQRHw7srdZL85Wy3ODDh4AAAAAAAAAAAAAAAAAAAB2iP1dvv+f+WNk0HsHPHV+8huG15b5349fegJ2JH//YXjJfxhe8h+Gl/yH4SX/YXjJfxhe8h+Gl/wHAAAAAAAAAAAAAAAAAAAAAAAAAACAvjp75ky2NFbvX53N6nOXl5cWqpdPzKW1hWJlabY4W128VJyvVufLaXG2Wtnq9crV6qWp6Vi6MllPa/XJ2vLKuUp16WL93IVKaT49l449k6gAAAAAAAAAAAAAAAAAAADg+VJbXlkolcvpooLCtgqjO2M3FPpcGHTPBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP/BcAAP//xVY3tw==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
truncate(&(0x7f0000000940)='./file1\x00', 0x2fffffd)
sendfile(r0, r0, 0x0, 0xe3aa6ea)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r1, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
lsetxattr$trusted_overlay_opaque(&(0x7f0000000100)='./file1\x00', &(0x7f00000001c0), 0x0, 0x0, 0x3)

2m20.504911942s ago: executing program 0 (id=4556):
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r1, 0x5, &(0x7f00000005c0)='fd', 0x0, r0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x2)
r3 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r3, r3)
setpgid(0x0, r3)
fchdir(r2)
lsetxattr$trusted_overlay_upper(&(0x7f0000000040)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000200), 0x0, 0x0, 0x0)

2m20.415909886s ago: executing program 0 (id=4551):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000380)={0x0, 0xffffffffffffffff, 0x0, 0x1a, &(0x7f0000000000)='/\x00\x02\x00\x00/\x00\x82q\xee\xe5\xa0\xbd\xc2\x98#YP\xee\x9c2\xbe\xf0\x81x\x97'}, 0x30)
mount$bpf(0x200000000000, &(0x7f0000000440)='./file0/../file0\x00', 0x0, 0x989046, 0x0)
mount$bpf(0x0, &(0x7f0000000100)='./file0/../file0\x00', 0x0, 0x104000, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30)
mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0xa418be, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000140)='./file0/../file0\x00', 0x0, 0x125045, 0x0)
mount$bpf(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x84000, 0x0)

2m20.32829236s ago: executing program 0 (id=4552):
r0 = socket$inet(0x2, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000356ffc)=0xffffffffffffff40, 0x4)
bind$inet(r0, &(0x7f0000e15000)={0x2, 0x4e20, @multicast2}, 0x10)
r1 = socket$inet(0x2, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000356ffc)=0xffffffffffffff40, 0x4)
setsockopt$sock_int(r1, 0x1, 0x2, &(0x7f0000000040)=0x7f, 0x4)
bind$inet(r1, &(0x7f0000e15000)={0x2, 0x4e20, @empty=0xe0000002}, 0x10)
r2 = socket$inet(0x2, 0x1, 0x0)
setsockopt$sock_int(r2, 0x1, 0x2, &(0x7f0000000040)=0x7f, 0x4)
bind$inet(r2, &(0x7f0000e15000)={0x2, 0x4e20, @multicast2}, 0x10)

2m5.078018668s ago: executing program 33 (id=4552):
r0 = socket$inet(0x2, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000356ffc)=0xffffffffffffff40, 0x4)
bind$inet(r0, &(0x7f0000e15000)={0x2, 0x4e20, @multicast2}, 0x10)
r1 = socket$inet(0x2, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000356ffc)=0xffffffffffffff40, 0x4)
setsockopt$sock_int(r1, 0x1, 0x2, &(0x7f0000000040)=0x7f, 0x4)
bind$inet(r1, &(0x7f0000e15000)={0x2, 0x4e20, @empty=0xe0000002}, 0x10)
r2 = socket$inet(0x2, 0x1, 0x0)
setsockopt$sock_int(r2, 0x1, 0x2, &(0x7f0000000040)=0x7f, 0x4)
bind$inet(r2, &(0x7f0000e15000)={0x2, 0x4e20, @multicast2}, 0x10)

4.105403886s ago: executing program 4 (id=5751):
r0 = io_uring_setup(0x3559, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x42, 0x0)
pwrite64(r1, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
rename(&(0x7f0000000000)='./file1\x00', &(0x7f0000000080)='./file2\x00')
open(&(0x7f0000000040)='./file1\x00', 0x80242, 0x0)
ioctl$F2FS_IOC_FLUSH_DEVICE(r0, 0x4008f50a, &(0x7f0000000080)={0x6, 0x3})
getsockname$packet(0xffffffffffffffff, &(0x7f0000000600)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x800000, 0x3fff8001}, 0x0, 0x32, 0x43e1bd74, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0xffffffff, 0xfd}, 0x0, 0x0, 0x1, 0x0, 0x2, 0xff, 0xffff, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xfff8000000000001, 0xffffffffffffffff, 0x9)
syz_read_part_table(0x1057, &(0x7f0000001080)="$eJzsz82JwkAABeA3+5MNe0oJu6Vkr+vVk01YQsBaImhjViEjxiDoXUT4vsvjMW8GJjxVmWOYomb7fXP4fje/9v/jukmGn99s+rekTUqbpO8y/k01q/NsUbLrm5Tu82u+eBhrrZe3PrLcP/Z3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAaTgEAAP//LuQOEw==")
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f00000002c0))

3.547232894s ago: executing program 3 (id=5759):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="5c0000000206010400000000000000000000000314000780080011400000000005001500070000000500010007000000050005000a00000005000400001c00000900020073797a31000000000d000300686173683a6e6574"], 0x5c}, 0x1, 0x0, 0x0, 0x22004004}, 0x0)
perf_event_open(&(0x7f0000000580)={0x5, 0x80, 0xec, 0xa, 0x40, 0x7, 0x0, 0x0, 0xd000, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0xfffffffd, 0x2, @perf_bp={0x0, 0x2}, 0x986, 0xfc, 0x4, 0x9, 0x81, 0x9, 0x5, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f00000004c0)={0x5, 0x80, 0xa, 0x0, 0x0, 0xa, 0x0, 0x5, 0x44, 0x9, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, @perf_bp={0x0, 0x8}, 0x80, 0xa7, 0x2, 0x5, 0xa5, 0x9b9b, 0x7000, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xd, &(0x7f0000000100)=@framed={{0x18, 0x2, 0x0, 0x0, 0xfffffffb}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}}, @call={0x85, 0x0, 0x0, 0xd0}]}, &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4a, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x800, 0xffffffff, 0xbfe00000}, &(0x7f0000000000)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
ioctl$RTC_PIE_ON(r3, 0x7005)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, {0x75a9}})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x0, 0x74, 0x0, &(0x7f0000000100), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
perf_event_open(&(0x7f0000000580)={0x5, 0x80, 0xec, 0x7, 0x40, 0x8, 0x0, 0x0, 0xd000, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0xfffffffd, 0x2, @perf_bp={0x0, 0x2}, 0x986, 0xfc, 0x4, 0x0, 0x81, 0x9, 0x81, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)

3.385918403s ago: executing program 3 (id=5761):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6(0xa, 0x3, 0x5)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000380)=@raw={'raw\x00', 0x8, 0x3, 0x528, 0x0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x458, 0xffffffff, 0xffffffff, 0x458, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [0x0, 0x62], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0x358, 0x388, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'veth0_to_hsr\x00', {0x4, 0x8, 0x20, 0x5e1b2d47, 0xf91, 0x5, 0x4, 0x9f7, 0x18}, {0x8}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x588)
socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x39, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = dup(r2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
write$tun(r0, &(0x7f0000001500)={@val={0xa, 0x10}, @void, @eth={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @empty, @void, {@ipv6={0x86dd, @tcp={0xc, 0x6, "8249dc", 0x14, 0x6, 0x0, @local, @mcast2, {[], {{0x4e20, 0x4e23, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x6}}}}}}}}, 0x4e)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x21081e, &(0x7f0000000080)={[{@grpquota}, {@delalloc}, {@quota}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
openat(0xffffffffffffff9c, 0x0, 0x80642, 0x150)

3.22592656s ago: executing program 6 (id=5762):
socket$netlink(0x10, 0x3, 0x0)
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x2, 0xf4039, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x147b7e, 0x0, @perf_config_ext={0x1, 0xf60e}, 0x9092, 0x0, 0x43a1bd76, 0x2, 0x9, 0x6, 0x5, 0x0, 0x0, 0x0, 0x200b}, 0x0, 0x4000000000, 0xffffffffffffffff, 0x1)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000c3707bf4000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000080)={0x3c, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x40}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40040d4}, 0x4000000)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000100)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@abort}, {@resgid}, {@bh}, {@nouid32}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r2 = syz_io_uring_setup(0x4172, 0x0, 0x0, &(0x7f0000000140))
io_uring_enter(r2, 0x567, 0x0, 0x0, 0x0, 0x0)
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, 0x0, 0x0)
r3 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}, {0x6}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x14, 0x8002, [@TCA_FQ_PIE_FLOWS={0x8, 0x2, 0xd13a}, @TCA_FQ_PIE_TARGET={0x8}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x2}, 0x2000400c)

3.001289282s ago: executing program 3 (id=5765):
sched_setscheduler(0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x4}, 0x1c)
listen(r2, 0xfffffffc)
socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0xfff}, 0x1c)
close_range(r0, 0xffffffffffffffff, 0x0)

2.905873416s ago: executing program 4 (id=5766):
madvise(&(0x7f000042f000/0x800000)=nil, 0x80fd00, 0x66)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x15, 0x20000036, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unshare(0x20000400)
getdents64(0xffffffffffffffff, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r2, &(0x7f0000000540)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, &(0x7f00000001c0)=@gcm_256={{0x304}, "6ae04425ace3f60c", "acba84f0a6731f234db1cc7f3f382ad796bd667cb12ea99509873931d2873103", "0f9dafb4", "ec3fff9afd96e6c0"}, 0x38)
writev(r2, &(0x7f0000000080)=[{&(0x7f00000002c0)="ec", 0xfdef}], 0x1)

2.857331089s ago: executing program 6 (id=5767):
madvise(&(0x7f000042f000/0x800000)=nil, 0x80fd00, 0x66)
socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x15, 0x20000036, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r2, &(0x7f0000000540)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, &(0x7f00000001c0)=@gcm_256={{0x304}, "6ae04425ace3f60c", "acba84f0a6731f234db1cc7f3f382ad796bd667cb12ea99509873931d2873103", "0f9dafb4", "ec3fff9afd96e6c0"}, 0x38)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f0000000040)=0x2, 0x4)
writev(r2, &(0x7f0000000080)=[{&(0x7f00000002c0)="ec", 0xfdef}], 0x1)

2.82921831s ago: executing program 2 (id=5768):
bpf$TOKEN_CREATE(0x24, &(0x7f0000000000), 0x8)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0xa, 0x1, 0x6, 0xb}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000009e00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000001c0)={r1, 0x58, &(0x7f0000000340)}, 0x10)
r2 = perf_event_open(&(0x7f00000012c0)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000200, 0xa224, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, @perf_config_ext={0xffffffffffffffc0, 0x469}, 0x0, 0x1, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x3, 0x8, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000004000000850000006100000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000bc02000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @sched_cls=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000004c0)={r4, 0x18000000000002a0, 0x36, 0x0, &(0x7f0000000300)="d2ff03076003008cb89e08f086ddeff9be34b6dae4a93a276032b785807d48097d74bddc47527f7f0851ee059c08006e1068ea961d36", 0x0, 0xd5b1, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x3, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="1802000000000000000000000000000085000000220000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8feffffb702000008000000b703000000000000850000000500000095"], &(0x7f0000000040)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r5, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0xe00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xf4240, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

2.805565521s ago: executing program 4 (id=5769):
timer_create(0x0, &(0x7f0000000080)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000300))
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
fcntl$lock(r0, 0x26, &(0x7f0000000280)={0x1, 0x0, 0x9, 0x9})
fcntl$lock(r0, 0x7, &(0x7f0000000140)={0x1, 0x1, 0x7, 0x5})
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
fcntl$lock(r0, 0x7, &(0x7f00000000c0)={0x1, 0x2, 0x8, 0x73e9})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

2.702459356s ago: executing program 2 (id=5770):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'vlan0\x00', <r3=>0x0})
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010002000000000000000000000a18010000090a010400000000000008000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001cd40009800800014000000006c80002"], 0x140}}, 0x20000000)
sendmsg$ETHTOOL_MSG_PAUSE_SET(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000000780)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100d2f2d16eb32902ce2f0000000c00018008000100", @ANYRES32=r3], 0x20}}, 0x0)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, r1, 0x400, 0x70bd26, 0x25dfdbfd, {}, [@ETHTOOL_A_COALESCE_TX_MAX_FRAMES={0x8, 0x7, 0xfffffc62}]}, 0x1c}, 0x1, 0x0, 0x0, 0x2004a081}, 0x48001)
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x2a, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0, 0x9}, 0x106200, 0x10004, 0x20da, 0x5, 0xa, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r6=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x44, 0x10, 0x401, 0xfffffffc, 0x80, {0x0, 0x0, 0x0, 0x0, 0x24403}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r6}, @IFLA_MASTER={0x8, 0xa, r6}]}, 0x44}, 0x1, 0x0, 0x0, 0x2004d808}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x20, 0x16, &(0x7f0000000940)=ANY=[@ANYRESOCT=0x0], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x0, 0x1}, 0x8}, 0x94)

2.552558444s ago: executing program 2 (id=5771):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=@delchain={0x24, 0x65, 0x400, 0x70bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x509d884560ba1ba6, 0x3}, {}, {0x8, 0x10}}}, 0x24}}, 0x10)
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f0000000100)=ANY=[@ANYBLOB="60b80000", @ANYRES16, @ANYBLOB="050427bd7000fedbdf250100000008000100", @ANYRES32, @ANYBLOB="4400028040000100240001006d6f6465000000000000000000000000000000000000000000000000000000000500030005"], 0x60}, 0x1, 0x0, 0x0, 0x4000401}, 0x4040084)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x44, 0x24, 0x1, 0x80000000, 0x4, {0x0, 0x0, 0x0, 0x0, {0x8, 0x3}, {0xa, 0xffe0}, {0xfff1, 0x9}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x14, 0x8002, [@TCA_FQ_PIE_LIMIT={0x8, 0x1, 0xf4b6}, @TCA_FQ_PIE_FLOWS={0x8, 0x2, 0xfe2a}]}}]}, 0x44}}, 0x20004055)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x44, 0x24, 0x4, 0xc0000000, 0x0, {0x0, 0x0, 0x0, 0x0, {0x3, 0x3}, {0xa, 0xe}, {0x0, 0x9}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x14, 0x8002, [@TCA_FQ_PIE_FLOWS={0x8, 0x2, 0xe7e7}, @TCA_FQ_PIE_TARGET={0x8, 0x3, 0x4}]}}]}, 0x44}}, 0x20004015)
syz_open_procfs$namespace(0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0)

2.447144079s ago: executing program 2 (id=5772):
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xfffffffd, 0x1, @perf_config_ext={0x3fffffffc, 0xfffffffffffffffc}, 0x0, 0xd, 0x26, 0x3, 0xfff, 0x8001, 0x7fff, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
clock_gettime(0xfffffffffffffff6, 0x0)
syz_emit_ethernet(0x56, &(0x7f0000000440)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0xd, 0x4, 0x0, 0x0, 0x48, 0x0, 0x0, 0x0, 0x5, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x34}, {[@timestamp_addr={0x44, 0x14, 0x9, 0x3, 0x0, [{@empty}, {@local}]}, @ssrr={0x89, 0x7, 0xce, [@broadcast]}, @generic={0x83, 0x2}]}}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x0, 0x1}}}}}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x840}, 0x80)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB="9800000010001ffffcffffff8000400000000000", @ANYRES32=<r1=>0x0, @ANYBLOB="00030000003f000008000a00", @ANYRES32, @ANYBLOB="700012800b00010062726964676500006000028008001c40090000000c00220008280000000000000c0021"], 0x98}, 0x1, 0x0, 0x0, 0x2000c0c1}, 0x40000)
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x9}]}, &(0x7f00000002c0)=0x10)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r3, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r4=>0x0}, &(0x7f00000010c0)=0x8)
setsockopt$inet_sctp_SCTP_RESET_STREAMS(r2, 0x84, 0x77, &(0x7f0000000100)=ANY=[@ANYRES8=r1], 0x14)
getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000000)={r4, 0xb}, &(0x7f0000000080)=0x8)

2.095972116s ago: executing program 3 (id=5774):
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
connect$rxrpc(0xffffffffffffffff, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x8, @multicast2}}, 0x24)
recvmmsg(0xffffffffffffffff, &(0x7f0000000d00), 0xf000, 0x10002, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000680), 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x2, @perf_config_ext={0x100000001, 0xdd5}, 0x0, 0x0, 0x10000, 0x2, 0x2, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0x1)
r0 = getpid()
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
sendmsg$DEVLINK_CMD_RELOAD(r1, &(0x7f0000000400)={0x0, 0x100000, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r2, 0x1, 0x70bd27, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r0}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0xb0)

1.981026262s ago: executing program 6 (id=5775):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
socketpair(0x1, 0x3, 0x0, &(0x7f0000000400)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x8914, &(0x7f0000000080))
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000002c0)={'syzkaller0\x00', 0x7101})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20000000}, [@call={0x85, 0x0, 0x0, 0x2e}, @printk={@lx, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x72}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$TUNSETFILTEREBPF(r2, 0x800454e1, &(0x7f00000001c0)=r4)
write$cgroup_devices(r3, &(0x7f0000000280)=ANY=[@ANYBLOB="1e030600bc5cb60128876360864666702c1ffe80000000000000", @ANYRESDEC], 0xffdd)

1.756845413s ago: executing program 5 (id=5778):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x7, 0x7, 0x3, 0x401, 0x0, 0x9, 0xa, 0x8, 0xc}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x40088c1}, 0xc000)
sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000200)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x25dfdc01, {0x0, 0x0, 0x0, r3, {0x0, 0x10}, {0xffe0, 0xb}, {0x5, 0xfff3}}, [@qdisc_kind_options=@q_bfifo={{0xa}, {0x8, 0x2, 0xa}}]}, 0x38}, 0x1, 0x0, 0x0, 0x200040e4}, 0x4890)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r4, 0x107, 0xf, &(0x7f0000000100)=0x4207, 0x4)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'syzkaller0\x00', <r5=>0x0})
sendto$packet(r4, &(0x7f00000002c0)="05031400d3fc220000004788031c09102c28", 0xfce0, 0x4, &(0x7f0000000140)={0x11, 0x86dd, r5, 0x1, 0x0, 0x6, @multicast}, 0x14)

1.677279357s ago: executing program 5 (id=5779):
madvise(&(0x7f000042f000/0x800000)=nil, 0x80fd00, 0x66)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x15, 0x20000036, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unshare(0x20000400)
getdents64(0xffffffffffffffff, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r2, &(0x7f0000000540)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, &(0x7f00000001c0)=@gcm_256={{0x304}, "6ae04425ace3f60c", "acba84f0a6731f234db1cc7f3f382ad796bd667cb12ea99509873931d2873103", "0f9dafb4", "ec3fff9afd96e6c0"}, 0x38)
writev(r2, &(0x7f0000000080)=[{&(0x7f00000002c0)="ec", 0xfdef}], 0x1)

1.666312868s ago: executing program 6 (id=5780):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x42890)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
r1 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r0)
syz_open_dev$tty1(0xc, 0x4, 0x4)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
open$dir(&(0x7f0000000000)='./file0\x00', 0x0, 0x18)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000c40)={0x0, 0x0, &(0x7f0000000c00)={&(0x7f0000000080)=ANY=[@ANYBLOB], 0x58}, 0x1, 0x0, 0x0, 0x4000041}, 0x30008880)

1.569046043s ago: executing program 2 (id=5781):
r0 = open(&(0x7f0000000180)='.\x00', 0x82000, 0x0)
flock(r0, 0x2)
r1 = open(&(0x7f0000000300)='.\x00', 0x100000, 0x0)
flock(r1, 0x1)
r2 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r2, 0x2)
r3 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r3, 0x2)
timer_create(0x0, &(0x7f0000000180)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r4=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x2})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r4, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)

1.432422029s ago: executing program 5 (id=5782):
socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
pipe2(&(0x7f0000000000), 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000580)={'batadv_slave_0\x00', <r1=>0x0})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_inet6_SIOCADDRT(r2, 0x890b, &(0x7f0000000800)={@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private0, 0x0, 0x6, 0x0, 0x100, 0x6, 0x180107, r1})
socket$packet(0x11, 0x3, 0x300)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f00000000c0)={'batadv_slave_0\x00', <r4=>0x0})
ioctl$sock_inet6_SIOCADDRT(r3, 0x890b, &(0x7f0000000240)={@mcast2, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}, @dev={0xfe, 0x80, '\x00', 0x36}, 0x1, 0x6, 0x0, 0x100, 0x4, 0x86020086, r4})

1.340224324s ago: executing program 5 (id=5783):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000006c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x10}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x8}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040084)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000b80)=@newtfilter={0x44, 0x2c, 0xd27, 0x170bd2b, 0x3, {0x0, 0x0, 0x0, r6, {0x0, 0x10}, {}, {0x8, 0x4}}, [@filter_kind_options=@f_flow={{0x9}, {0x14, 0x2, [@TCA_FLOW_MODE={0x8, 0x2, 0x1}, @TCA_FLOW_KEYS={0x8, 0x1, 0x1e3a9}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0xc804}, 0x2)
r7 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000c00)=@newtfilter={0x34, 0x2c, 0xd27, 0x70bd2b, 0x2, {0x0, 0x0, 0x0, r8, {0x0, 0x10}, {}, {0x0, 0x4}}, [@filter_kind_options=@f_flow={{0x9}, {0x4}}]}, 0x34}}, 0x2)

1.140282824s ago: executing program 4 (id=5784):
r0 = fsopen(&(0x7f0000000180)='proc\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x1)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
fchdir(r1)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000580)='.\x00', 0x8880, 0x85)
lseek(r3, 0x100, 0x0)
getdents(r3, &(0x7f0000001fc0)=""/184, 0xb8)

1.128445325s ago: executing program 5 (id=5785):
syz_io_uring_setup(0x86f, &(0x7f0000000400)={0x0, 0x79ab, 0x400, 0xfffffffe, 0x214}, 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x4, 0x3}, 0x4)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000140)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x7ff, 0x2, 0x3b}, 0x1c)
socket(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b00)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="259a53f271a76d2673004c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x5, 0x4, 0xffffffffffffffdd, 0x400000, 0x0, 0xffffffffffffff1b, 0x3c}, 0x0, &(0x7f0000000040)={0x3fc, 0x0, 0x0, 0x1, 0x100, 0x0, 0x80000003}, 0x0, 0x0)

1.064272098s ago: executing program 4 (id=5786):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f00000005c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_SET(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01060000000000000000090000002c000480"], 0x40}}, 0x0)

807.37238ms ago: executing program 3 (id=5787):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4)
bind$inet(r0, &(0x7f0000000240)={0x2, 0x0, @local}, 0x6f)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x300)
setsockopt$inet_int(r0, 0x0, 0x17, &(0x7f00000001c0)=0x7f, 0x4)
setsockopt$inet_int(r0, 0x0, 0xd, &(0x7f0000000100)=0x3, 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r1 = io_uring_setup(0x1562, &(0x7f0000000040)={0x0, 0x36d, 0xc000, 0xc, 0xa0002f5})
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x80000000, 0xfffffffffffffda2, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x24, &(0x7f0000000000)=0xa, 0x4)
io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0)

770.175382ms ago: executing program 6 (id=5788):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0)
getsockname$packet(r1, &(0x7f0000000600)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c0000001000850600000000ff6122314a000800", @ANYRES32=r2, @ANYBLOB="f5ff0f00252155b21c0012000c000100626f6e64000000000c0002000800010001"], 0x3c}}, 0x40020)
r3 = socket(0x10, 0x803, 0x0)
r4 = socket(0x10, 0x803, 0x2)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r4)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r6, @ANYRES16=r5], 0x3c}, 0x1, 0x0, 0x0, 0x40020c1}, 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(r7, 0x8916, &(0x7f0000000100)={@ipv4={'\x00', '\xff\xff', @multicast2}, 0x56, r2})
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="3c00000010000305000000000007000000000000", @ANYRES32=0x0, @ANYBLOB="0000000006100000140012800b00010062726964676500000400028008000a00", @ANYRES32=r2], 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x440b0)

270.672217ms ago: executing program 6 (id=5789):
ioprio_set$uid(0x3, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
pipe(&(0x7f0000000500)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r1, 0x5, &(0x7f00000005c0)='fd', 0x0, r0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x2)
r3 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r3, r3)
setpgid(0x0, r3)
fchdir(r2)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000003040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00')

136.292784ms ago: executing program 4 (id=5790):
r0 = socket$netlink(0x10, 0x3, 0x6)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001cc0)=@acquire={0x16c, 0x17, 0x1, 0x0, 0x0, {{@in=@loopback}, @in6=@remote, {@in=@remote, @in=@broadcast, 0x4e21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x56befe125658cb64}, {{@in6=@private2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa, 0x80, 0x20, 0x0, 0x0, 0xee00}, {}, {}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x2}, 0xfffffff9}, [@tmpl={0x44, 0x5, [{{@in6=@loopback, 0x4d5, 0x6c}, 0xa, @in=@remote, 0x3505, 0x3, 0x1, 0xf9, 0x2000009, 0x3, 0x200}]}]}, 0x16c}}, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x25dfdbfc, {{@in, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x4, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x200000000000}, 0x0, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in6=@empty, 0x2, 0x2b}, 0xa, @in6=@local, 0x0, 0x4}]}]}, 0xfc}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
bind$inet(r2, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x17}}, 0x10)
setsockopt$sock_int(r2, 0x1, 0x6, &(0x7f0000000140)=0x8, 0x4)
connect$inet(r2, &(0x7f0000000280)={0x2, 0x0, @broadcast}, 0x10)
sendmmsg$inet(r2, &(0x7f0000004d00)=[{{0x0, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x30000}}], 0x300, 0xf00)

134.587434ms ago: executing program 5 (id=5800):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000280)={'virt_wifi0\x00', 0xc1eb461a2917d087})
socket$nl_route(0x10, 0x3, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r0=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x1022002, 0x0)
syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000240)='./file1\x00', 0x80c406, &(0x7f0000000640)=ANY=[], 0x1, 0x291, &(0x7f0000000280)="$eJzs3M9r034YwPGn6dZ0+7Ifpy/oxQe96CXMelQPVTYQC0q3inoQMpZpaG1HErQVwZw97e8YHr0J4j+w/8LbEGSnnYyszbKs+4Wza2f7fkHJkzz5tE8SUp5PId16uv66uupbq3YgRl7FEAllR2RWXNmTiZe5dpxLtsvdgoRyY+7N9sfFZ88fFkul+bLqQnHpVkFVp698ffv+09VvwX9PPk+bpmzOvtj6Wfi++f/mpa1fS69cX11f641AbV1uNAJ7ueboiutXLdXHNcf2HXXrvuMdyK/WGmtrLbXrK1OTa57j+2rXW2pIS4OG5uOq6mpZlk5N7sZ5GSG5Px5R2SiX7eK5FIMLw/OKdlZEJg7dDZWNwVQEAAAG6fj+30j22ev/je7+X+SU/v9DvNf0l573/1lJ+v+q0+7/A6+l9kvbTff/ONHZ+n/jfIrB38iEqZV7B1KeV5w4ehD9PwAAAAAAAAAAAAAAAAAAAAAA/4KdKJqJomhmd2mISBSvmyKSTa0fMXSknq0fVunrH6VeZnyBT7j+GAKpB/fyIj/CZqVZybSXnfzCg9L8nLalHvzbbjYr2SR/s5PXg/lxmYzzhSPzObl+rZPfzd1/VErn15uVCVk5sfKwV6cAAAAAAIChZ2liNtmYl2R+b1lqSne+PX/vROH+7wNd8/sxuTzWv+MAAAAAAADH81vvqnat5nj9CbJ9/KwzByJnG347MntSRlZETtmnvCgy+BN1KDDlQpQxzMGdnr1hlBHpbBmPvwy67gIAAAAAw2V/PjDoSgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGF39+OuyQR8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcFH8DgAA//8sg70h")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x12)
write(r2, &(0x7f0000000a00)="c7", 0x1)
sendfile(r2, r1, 0x0, 0x3ffff)
sendfile(r2, r1, 0x0, 0x7ffff000)

52.308398ms ago: executing program 3 (id=5791):
mkdir(0x0, 0x180)
socket$nl_netfilter(0x10, 0x3, 0xc)
symlink(&(0x7f0000000080)='.\x00', &(0x7f0000000200)='./file0\x00')
chmod(0x0, 0x2c6)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0xfffffffa}, [@call={0x85, 0x0, 0x0, 0x2c}, @call={0x85, 0x0, 0x0, 0x2a}]}, &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r2, 0x27, 0x0, 0x0, 0x0, 0x0, 0x1400, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0}, 0x50)

0s ago: executing program 2 (id=5792):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0))
socket$netlink(0x10, 0x3, 0x8000000004)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x40080}, 0x0)
socket$netlink(0x10, 0x3, 0x9)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x3, 0x20000000000000bb, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb714000008"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x29, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340)={0x6, 0x200008, 0x5, 0x409}, 0x10, 0x0, r1, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000001800010800000000000000850a600000000000000500000014000500200100000000000000000300000000001c00090008000000", @ANYRES32=r0], 0x4c}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x28, 0x10, 0x801, 0x41, 0x25dfdbf7, {0x0, 0x0, 0x0, 0x0, 0x2202e}, [@IFLA_GROUP={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x20048050}, 0x40014)

kernel console output (not intermixed with test programs):

ge0: port 2(bridge_slave_1) entered blocking state
[  347.129028][T21752] bridge0: port 2(bridge_slave_1) entered disabled state
[  347.146491][T21752] bridge_slave_1: entered allmulticast mode
[  347.165543][T21752] bridge_slave_1: entered promiscuous mode
[  347.217579][T21752] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  347.331200][T21752] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  347.383167][T21752] team0: Port device team_slave_0 added
[  347.396285][T21752] team0: Port device team_slave_1 added
[  347.447127][T21752] batman_adv: batadv0: Adding interface: batadv_slave_0
[  347.454110][T21752] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  347.500602][   T28] audit: type=1326 audit(1774070638.595:6890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21801 comm="syz.4.4623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98521ec799 code=0x7fc00000
[  347.511157][T21752] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  347.754946][   T28] audit: type=1326 audit(1774070638.645:6891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21801 comm="syz.4.4623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f98521ec799 code=0x7fc00000
[  347.795684][T21752] batman_adv: batadv0: Adding interface: batadv_slave_1
[  347.811270][T21752] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  347.845018][   T28] audit: type=1326 audit(1774070638.675:6892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21801 comm="syz.4.4623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98521ec799 code=0x7fc00000
[  347.913685][T21752] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  348.017045][T21752] hsr_slave_0: entered promiscuous mode
[  348.035610][T21752] hsr_slave_1: entered promiscuous mode
[  348.053317][T21752] debugfs: 'hsr0' already exists in 'hsr'
[  348.073194][T21752] Cannot create hsr debugfs directory
[  348.185360][ T6337] bond2 (unregistering): (slave ip6gre2): Releasing backup interface
[  348.299824][ T6337] bond4 (unregistering): (slave gretap1): Releasing active interface
[  348.330233][ T6337] bond3 (unregistering): (slave geneve4): Releasing active interface
[  348.737025][ T6337] bond5 (unregistering): (slave bridge8): Releasing active interface
[  348.797086][ T6337] .` (unregistering): Released all slaves
[  348.816872][ T6337] bond1 (unregistering): Released all slaves
[  348.835693][ T6337] bond0 (unregistering): Released all slaves
[  348.843907][ T6337] bond2 (unregistering): Released all slaves
[  348.867857][ T6337] bond3 (unregistering): Released all slaves
[  348.879313][ T6337] bond4 (unregistering): Released all slaves
[  348.897678][ T6337] bond5 (unregistering): Released all slaves
[  348.943956][T21815] lo speed is unknown, defaulting to 1000
[  349.048089][ T6337] hsr_slave_0: left promiscuous mode
[  349.055398][ T6337] hsr_slave_1: left promiscuous mode
[  349.169933][T21847] netlink: 'syz.5.4634': attribute type 11 has an invalid length.
[  349.356581][T21853] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4636'.
[  349.555524][T21752] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  349.626895][T21752] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  349.655874][T21752] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  349.737556][T21752] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  350.028713][T21752] 8021q: adding VLAN 0 to HW filter on device bond0
[  350.049819][T21752] 8021q: adding VLAN 0 to HW filter on device team0
[  350.066378][ T6339] bridge0: port 1(bridge_slave_0) entered blocking state
[  350.073474][ T6339] bridge0: port 1(bridge_slave_0) entered forwarding state
[  350.095010][ T6339] bridge0: port 2(bridge_slave_1) entered blocking state
[  350.102103][ T6339] bridge0: port 2(bridge_slave_1) entered forwarding state
[  350.118152][ T6337] IPVS: stop unused estimator thread 0...
[  350.139550][T21893] macsec1: left promiscuous mode
[  350.144755][T21893] geneve2: left promiscuous mode
[  350.286313][T21752] 8021q: adding VLAN 0 to HW filter on device batadv0
[  350.573919][   T28] audit: type=1400 audit(1774070897.672:6893): avc:  denied  { ioctl } for  pid=21934 comm="syz.2.4645" path="socket:[95291]" dev="sockfs" ino=95291 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  350.624415][T21752] veth0_vlan: entered promiscuous mode
[  350.640803][T21752] veth1_vlan: entered promiscuous mode
[  350.677159][T21752] veth0_macvtap: entered promiscuous mode
[  350.709398][T21752] veth1_macvtap: entered promiscuous mode
[  350.727868][T21752] batman_adv: batadv0: Interface activated: batadv_slave_0
[  350.765674][T21752] batman_adv: batadv0: Interface activated: batadv_slave_1
[  350.794161][ T2175] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  350.824229][ T2175] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  350.852958][ T2175] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  350.869031][ T2175] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  351.655688][T21977] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=21977 comm=syz.3.4653
[  351.668796][T21977] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=21977 comm=syz.3.4653
[  351.705069][T21977] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=21977 comm=syz.3.4653
[  351.730311][T21977] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=21977 comm=syz.3.4653
[  351.793457][T21977] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=21977 comm=syz.3.4653
[  351.806931][T21977] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=21977 comm=syz.3.4653
[  351.819696][T21977] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=21977 comm=syz.3.4653
[  351.832331][T21977] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=21977 comm=syz.3.4653
[  351.860016][T21977] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=21977 comm=syz.3.4653
[  351.873260][T21977] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=21977 comm=syz.3.4653
[  352.578116][T22003] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  352.646294][T22003] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  352.836371][T22003] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  352.928211][T22003] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  352.961316][T22000] loop6: detected capacity change from 0 to 512
[  353.006524][ T6311] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  353.033411][ T6311] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  353.046027][ T6311] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  353.070903][ T6311] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  353.086664][T22000] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  353.184009][T22020] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4671'.
[  353.704828][T22033] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4676'.
[  353.780541][T22033] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4676'.
[  354.138355][T22043] lo speed is unknown, defaulting to 1000
[  354.171035][T22044] loop6: detected capacity change from 0 to 1024
[  354.206165][T22044] EXT4-fs: Ignoring removed nobh option
[  354.227893][T22044] EXT4-fs: inline encryption not supported
[  354.257273][T22044] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  354.317132][   T28] audit: type=1400 audit(1774070901.412:6894): avc:  denied  { nlmsg_write } for  pid=22041 comm="syz.6.4680" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1
[  354.730615][T21752] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  354.921271][T22065] lo speed is unknown, defaulting to 1000
[  355.104142][T22065] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4688'.
[  355.116952][T22065] gtp0: entered promiscuous mode
[  355.747738][   T28] audit: type=1326 audit(1774070902.852:6895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22089 comm="syz.6.4697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f195492c799 code=0x7ffc0000
[  355.777039][   T28] audit: type=1326 audit(1774070902.852:6896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22089 comm="syz.6.4697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f195492c799 code=0x7ffc0000
[  355.801048][   T28] audit: type=1326 audit(1774070902.872:6897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22089 comm="syz.6.4697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f195492c799 code=0x7ffc0000
[  355.826418][   T28] audit: type=1326 audit(1774070902.872:6898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22089 comm="syz.6.4697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f195492c799 code=0x7ffc0000
[  355.850910][   T28] audit: type=1326 audit(1774070902.872:6899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22089 comm="syz.6.4697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f195492c799 code=0x7ffc0000
[  355.877039][   T28] audit: type=1326 audit(1774070902.872:6900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22089 comm="syz.6.4697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f195492c799 code=0x7ffc0000
[  355.901232][   T28] audit: type=1326 audit(1774070902.932:6901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22089 comm="syz.6.4697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f195492c799 code=0x7ffc0000
[  355.926181][   T28] audit: type=1326 audit(1774070902.932:6902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22089 comm="syz.6.4697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f195492c502 code=0x7ffc0000
[  355.949921][   T28] audit: type=1326 audit(1774070902.932:6903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22089 comm="syz.6.4697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7f195492c597 code=0x7ffc0000
[  357.488285][T22129] syzkaller0: entered allmulticast mode
[  357.494441][T22129] syzkaller0: entered promiscuous mode
[  357.508712][T22129] syzkaller0 (unregistering): left promiscuous mode
[  357.537276][T22129] syzkaller0 (unregistering): left allmulticast mode
[  358.078798][T22157] tipc: Started in network mode
[  358.083790][T22157] tipc: Node identity 7f000001, cluster identity 4711
[  358.090910][T22157] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  358.102394][T22157] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[  358.110621][T22157] tipc: Enabled bearer <udp:syz0>, priority 10
[  358.184076][T22163] netlink: 96 bytes leftover after parsing attributes in process `syz.4.4723'.
[  359.235470][T10050] tipc: Node number set to 2130706433
[  362.114722][T22269] IPVS: sync thread started: state = BACKUP, mcast_ifn = dummy0, syncid = 2, id = 0
[  362.401701][T22302] bond5: left promiscuous mode
[  362.478517][T22307] lo speed is unknown, defaulting to 1000
[  363.217732][T22331] lo speed is unknown, defaulting to 1000
[  363.804046][   T28] kauditd_printk_skb: 175 callbacks suppressed
[  363.804060][   T28] audit: type=1400 audit(1774070910.902:7079): avc:  denied  { watch watch_reads } for  pid=22341 comm="syz.4.4765" path="/1054/file0" dev="tmpfs" ino=5472 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1
[  366.235534][   T28] audit: type=1400 audit(1774070913.332:7080): avc:  denied  { connect } for  pid=22400 comm="syz.5.4788" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  366.372226][T22402] syz.3.4787 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[  366.407128][T22402] CPU: 0 UID: 0 PID: 22402 Comm: syz.3.4787 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  366.407201][T22402] Tainted: [W]=WARN
[  366.407211][T22402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  366.407227][T22402] Call Trace:
[  366.407235][T22402]  <TASK>
[  366.407244][T22402]  __dump_stack+0x1d/0x30
[  366.407279][T22402]  dump_stack_lvl+0x95/0xd0
[  366.407389][T22402]  dump_stack+0x15/0x1b
[  366.407430][T22402]  dump_header+0x80/0x240
[  366.407460][T22402]  oom_kill_process+0x295/0x350
[  366.407489][T22402]  out_of_memory+0x97d/0xb80
[  366.407593][T22402]  try_charge_memcg+0x62e/0xa10
[  366.407651][T22402]  __mem_cgroup_charge+0x65/0x150
[  366.407688][T22402]  shmem_get_folio_gfp+0x47b/0xd60
[  366.407801][T22402]  shmem_write_begin+0xfc/0x1f0
[  366.407836][T22402]  generic_perform_write+0x183/0x490
[  366.407876][T22402]  shmem_file_write_iter+0xc5/0xf0
[  366.407916][T22402]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  366.407960][T22402]  vfs_write+0x5a6/0x9f0
[  366.408059][T22402]  ksys_write+0xdc/0x1a0
[  366.408081][T22402]  __x64_sys_write+0x40/0x50
[  366.408102][T22402]  x64_sys_call+0x27e1/0x3020
[  366.408135][T22402]  do_syscall_64+0x12c/0x370
[  366.408167][T22402]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  366.408193][T22402] RIP: 0033:0x7ff7e617c799
[  366.408211][T22402] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  366.408232][T22402] RSP: 002b:00007ff7e4bb6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  366.408256][T22402] RAX: ffffffffffffffda RBX: 00007ff7e63f6090 RCX: 00007ff7e617c799
[  366.408288][T22402] RDX: 00000000ffffffc1 RSI: 0000200000000200 RDI: 0000000000000007
[  366.408305][T22402] RBP: 00007ff7e6212c99 R08: 0000000000000000 R09: 0000000000000000
[  366.408320][T22402] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  366.408334][T22402] R13: 00007ff7e63f6128 R14: 00007ff7e63f6090 R15: 00007ffe59ab7b18
[  366.408390][T22402]  </TASK>
[  366.414051][T22402] memory: usage 305384kB, limit 307200kB, failcnt 417
[  366.732210][T22411] lo speed is unknown, defaulting to 1000
[  366.742548][T22412] netlink: 136 bytes leftover after parsing attributes in process `syz.6.4791'.
[  366.784766][T22402] memory+swap: usage 308712kB, limit 9007199254740988kB, failcnt 0
[  366.864366][T22402] kmem: usage 156236kB, limit 9007199254740988kB, failcnt 0
[  366.919505][T22402] Memory cgroup stats for /syz3:
[  366.919771][T22402] cache 70086656
[  366.975953][T22402] rss 9228288
[  366.997959][T22402] shmem 69558272
[  367.028264][T22402] mapped_file 53248
[  367.067132][T22402] dirty 36864
[  367.090417][T22402] writeback 0
[  367.163736][T22402] workingset_refault_anon 4221
[  367.177059][T22420] loop6: detected capacity change from 0 to 1024
[  367.193868][T22402] workingset_refault_file 3057
[  367.202936][T22402] swap 46669824
[  367.203844][T22420] EXT4-fs (loop6): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  367.223094][T22420] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[  367.225142][T22402] swapcached 48848896
[  367.242265][T22420] EXT4-fs (loop6): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  367.263348][T22402] pgpgin 373426
[  367.267025][T22402] pgpgout 354049
[  367.270699][T22402] pgfault 300572
[  367.274365][T22402] pgmajfault 568
[  367.280835][T22420] EXT4-fs error (device loop6): ext4_get_journal_inode:5863: inode #5: comm syz.6.4805: unexpected bad inode w/o EXT4_IGET_BAD
[  367.307585][T22411] net_ratelimit: 352 callbacks suppressed
[  367.307599][T22411] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[  367.311092][T22420] loop6: lost file I/O error report for ino 5 type 5 pos 0x0 len 0x0 error -117
[  367.338948][T22402] inactive_anon 25493504
[  367.362647][T22420] EXT4-fs (loop6): no journal found
[  367.367933][    C1] EXT4-fs (loop6): error count since last fsck: 1
[  367.367951][    C1] EXT4-fs (loop6): initial error at time 1774070914: ext4_get_journal_inode:5863: inode 5
[  367.367982][    C1] EXT4-fs (loop6): last error at time 1774070914: ext4_get_journal_inode:5863: inode 5
[  367.405091][T22402] active_anon 53346304
[  367.415382][T22402] inactive_file 0
[  367.425381][T22402] active_file 528384
[  367.437248][T22402] unevictable 0
[  367.441876][T22420] EXT4-fs (loop6): can't get journal size
[  367.451969][T22402] hierarchical_memory_limit 314572800
[  367.462877][T22420] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  367.479929][T22402] hierarchical_memsw_limit 9223372036854771712
[  367.493108][T22402] total_cache 70086656
[  367.509600][T22402] total_rss 9228288
[  367.513493][T22402] total_shmem 69558272
[  367.522691][T22402] total_mapped_file 53248
[  367.529635][T22402] total_dirty 36864
[  367.533548][T22402] total_writeback 0
[  367.538424][T22402] total_workingset_refault_anon 4221
[  367.543853][T22402] total_workingset_refault_file 3057
[  367.549201][T22402] total_swap 46669824
[  367.553309][T22402] total_swapcached 48848896
[  367.558021][T22402] total_pgpgin 373426
[  367.562043][T22402] total_pgpgout 354049
[  367.566926][T22402] total_pgfault 300572
[  367.571104][T22402] total_pgmajfault 568
[  367.575330][T22402] total_inactive_anon 25493504
[  367.580128][T22402] total_active_anon 53346304
[  367.584798][T22402] total_inactive_file 0
[  367.589090][T22402] total_active_file 528384
[  367.593558][T22402] total_unevictable 0
[  367.599353][T22402] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.4787,pid=22398,uid=0
[  367.614237][T22402] Memory cgroup out of memory: Killed process 22402 (syz.3.4787) total-vm:96344kB, anon-rss:9620kB, file-rss:22076kB, shmem-rss:0kB, UID:0 pgtables:144kB oom_score_adj:0
[  367.662993][T21752] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  367.777585][T22430] loop6: detected capacity change from 0 to 4096
[  367.826420][T22430] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  367.868596][T22430] tipc: Started in network mode
[  367.873596][T22430] tipc: Node identity bridge_s., cluster identity 4711
[  367.891516][T21752] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  368.064172][T22453] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  368.413186][T22466] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4811'.
[  368.426442][T22466] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4811'.
[  368.524840][T22461] syz.6.4809 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  368.581048][T22461] CPU: 1 UID: 0 PID: 22461 Comm: syz.6.4809 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  368.581083][T22461] Tainted: [W]=WARN
[  368.581092][T22461] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  368.581153][T22461] Call Trace:
[  368.581160][T22461]  <TASK>
[  368.581169][T22461]  __dump_stack+0x1d/0x30
[  368.581264][T22461]  dump_stack_lvl+0x95/0xd0
[  368.581297][T22461]  dump_stack+0x15/0x1b
[  368.581325][T22461]  dump_header+0x80/0x240
[  368.581362][T22461]  oom_kill_process+0x295/0x350
[  368.581394][T22461]  out_of_memory+0x97d/0xb80
[  368.581431][T22461]  try_charge_memcg+0x62e/0xa10
[  368.581483][T22461]  __mem_cgroup_charge+0x65/0x150
[  368.581579][T22461]  shmem_get_folio_gfp+0x47b/0xd60
[  368.581625][T22461]  shmem_write_begin+0xfc/0x1f0
[  368.581658][T22461]  generic_perform_write+0x183/0x490
[  368.581772][T22461]  shmem_file_write_iter+0xc5/0xf0
[  368.581809][T22461]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  368.581846][T22461]  vfs_write+0x5a6/0x9f0
[  368.581914][T22461]  ksys_write+0xdc/0x1a0
[  368.581939][T22461]  __x64_sys_write+0x40/0x50
[  368.581964][T22461]  x64_sys_call+0x27e1/0x3020
[  368.582014][T22461]  do_syscall_64+0x12c/0x370
[  368.582092][T22461]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  368.582121][T22461] RIP: 0033:0x7f195492c799
[  368.582144][T22461] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  368.582255][T22461] RSP: 002b:00007f195335e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  368.582292][T22461] RAX: ffffffffffffffda RBX: 00007f1954ba6090 RCX: 00007f195492c799
[  368.582311][T22461] RDX: 00000000ffffffc1 RSI: 0000200000000200 RDI: 0000000000000007
[  368.582329][T22461] RBP: 00007f19549c2c99 R08: 0000000000000000 R09: 0000000000000000
[  368.582348][T22461] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  368.582363][T22461] R13: 00007f1954ba6128 R14: 00007f1954ba6090 R15: 00007ffd6c78cf98
[  368.582384][T22461]  </TASK>
[  368.826855][T22461] memory: usage 256480kB, limit 307200kB, failcnt 154
[  368.833661][T22461] memory+swap: usage 252840kB, limit 9007199254740988kB, failcnt 0
[  368.844969][T22473] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4813'.
[  368.962118][T22461] kmem: usage 123520kB, limit 9007199254740988kB, failcnt 0
[  368.974779][T22478] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4824'.
[  368.984294][T22478] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4824'.
[  368.993225][T22461] Memory cgroup stats for /syz6:
[  368.993551][T22461] cache 5677056
[  369.002849][T22461] rss 8601600
[  369.006774][T22461] shmem 5677056
[  369.012194][T22461] mapped_file 0
[  369.033660][T22461] dirty 0
[  369.085796][T22461] writeback 0
[  369.159802][T22461] workingset_refault_anon 0
[  369.169776][T22461] workingset_refault_file 0
[  369.178544][T22461] swap 0
[  369.181495][T22461] swapcached 0
[  369.185093][T22461] pgpgin 10141
[  369.221614][T22487] 8021q: adding VLAN 0 to HW filter on device bond0
[  369.231736][T22487] 8021q: adding VLAN 0 to HW filter on device team0
[  369.242330][T22461] pgpgout 6655
[  369.354537][T22461] pgfault 10819
[  369.360871][T22461] pgmajfault 0
[  369.364287][T22461] inactive_anon 0
[  369.374800][T22487] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  369.390277][T22461] active_anon 14278656
[  369.394362][T22461] inactive_file 0
[  369.406676][T22461] active_file 0
[  369.410221][T22461] unevictable 0
[  369.416044][T22461] hierarchical_memory_limit 314572800
[  369.421578][T22461] hierarchical_memsw_limit 9223372036854771712
[  369.427903][T22461] total_cache 5677056
[  369.431928][T22461] total_rss 8601600
[  369.437137][T22461] total_shmem 5677056
[  369.441382][T22461] total_mapped_file 0
[  369.502630][T22461] total_dirty 0
[  369.514004][T22461] total_writeback 0
[  369.524238][T22461] total_workingset_refault_anon 0
[  369.529776][T22461] total_workingset_refault_file 0
[  369.535005][T22461] total_swap 0
[  369.538462][T22461] total_swapcached 0
[  369.542461][T22461] total_pgpgin 10141
[  369.546605][T22461] total_pgpgout 6655
[  369.550572][T22461] total_pgfault 10819
[  369.554649][T22461] total_pgmajfault 0
[  369.559559][T22461] total_inactive_anon 0
[  369.563832][T22461] total_active_anon 14278656
[  369.584051][T22461] total_inactive_file 0
[  369.590622][T22461] total_active_file 0
[  369.595378][T22461] total_unevictable 0
[  369.599415][T22461] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz6,task_memcg=/syz6,task=syz.6.4809,pid=22459,uid=0
[  369.614213][T22461] Memory cgroup out of memory: Killed process 22461 (syz.6.4809) total-vm:96344kB, anon-rss:9620kB, file-rss:22112kB, shmem-rss:0kB, UID:0 pgtables:148kB oom_score_adj:1000
[  369.899147][T22508] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4826'.
[  369.942513][T22508] x_tables: duplicate underflow at hook 2
[  370.145468][T22529] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  370.288330][T22540] lo speed is unknown, defaulting to 1000
[  370.384120][T22543] lo speed is unknown, defaulting to 1000
[  370.851208][T22569] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4847'.
[  370.876921][T22569] selinux_netlink_send: 57 callbacks suppressed
[  370.876938][T22569] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=22569 comm=syz.2.4847
[  371.733086][ T3325] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  371.755017][ T3325] CPU: 1 UID: 0 PID: 3325 Comm: syz-executor Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  371.755053][ T3325] Tainted: [W]=WARN
[  371.755062][ T3325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  371.755081][ T3325] Call Trace:
[  371.755088][ T3325]  <TASK>
[  371.755094][ T3325]  __dump_stack+0x1d/0x30
[  371.755156][ T3325]  dump_stack_lvl+0x95/0xd0
[  371.755186][ T3325]  dump_stack+0x15/0x1b
[  371.755223][ T3325]  dump_header+0x80/0x240
[  371.755246][ T3325]  oom_kill_process+0x295/0x350
[  371.755332][ T3325]  out_of_memory+0x97d/0xb80
[  371.755368][ T3325]  try_charge_memcg+0x62e/0xa10
[  371.755414][ T3325]  __mem_cgroup_charge+0x65/0x150
[  371.755454][ T3325]  filemap_add_folio+0x110/0x350
[  371.755550][ T3325]  __filemap_get_folio_mpol+0x326/0x680
[  371.755585][ T3325]  filemap_fault+0x486/0xb90
[  371.755652][ T3325]  __do_fault+0xbc/0x200
[  371.755672][ T3325]  handle_mm_fault+0x11e2/0x3020
[  371.755787][ T3325]  ? vma_start_read+0x1c7/0x2c0
[  371.755823][ T3325]  do_user_addr_fault+0x62f/0x1050
[  371.755933][ T3325]  ? trace_page_fault_user+0x1f/0xe0
[  371.755989][ T3325]  exc_page_fault+0x62/0xa0
[  371.756071][ T3325]  asm_exc_page_fault+0x26/0x30
[  371.756096][ T3325] RIP: 0033:0x7f98520ba7b4
[  371.756114][ T3325] Code: 85 62 0a 00 00 48 b8 db 34 b6 d7 82 de 1b 43 48 f7 a4 24 98 00 00 00 48 8b 05 00 b0 ed 00 48 69 8c 24 90 00 00 00 e8 03 00 00 <8b> 78 08 48 8b 44 24 18 48 c1 ea 12 4c 8b 0d f9 ae ed 00 48 01 d1
[  371.756135][ T3325] RSP: 002b:00007ffe32a8d420 EFLAGS: 00010202
[  371.756236][ T3325] RAX: 0000001b33f24000 RBX: 0000000000000d66 RCX: 000000000005a938
[  371.756253][ T3325] RDX: 000000000af0cf6f RSI: 00007ffe32a8d4b0 RDI: 0000000000000001
[  371.756270][ T3325] RBP: 00007ffe32a8d45c R08: 0000000029bc3e4c R09: 7fffffffffffffff
[  371.756284][ T3325] R10: 3fffffffffffffff R11: 0000000000000202 R12: 0000000000001388
[  371.756298][ T3325] R13: 00000000000927c0 R14: 000000000005ab11 R15: 00007ffe32a8d4b0
[  371.756324][ T3325]  </TASK>
[  371.758608][ T3325] memory: usage 307200kB, limit 307200kB, failcnt 5008
[  371.957963][ T3325] memory+swap: usage 366044kB, limit 9007199254740988kB, failcnt 0
[  372.005043][ T3325] kmem: usage 261760kB, limit 9007199254740988kB, failcnt 0
[  372.037680][ T3325] Memory cgroup stats for /syz4:
[  372.037933][ T3325] cache 11755520
[  372.078267][ T3325] rss 557056
[  372.092815][ T3325] shmem 11755520
[  372.106385][ T3325] mapped_file 0
[  372.136161][ T3325] dirty 0
[  372.139164][ T3325] writeback 0
[  372.142462][ T3325] workingset_refault_anon 2495
[  372.166802][ T3325] workingset_refault_file 2824
[  372.175114][ T3325] swap 69308416
[  372.189645][ T3325] swapcached 70701056
[  372.206035][ T3325] pgpgin 373460
[  372.229004][ T3325] pgpgout 370449
[  372.387518][ T3325] pgfault 381065
[  372.411109][ T3325] pgmajfault 345
[  372.440416][ T3325] inactive_anon 12333056
[  372.468076][ T3325] active_anon 0
[  372.491236][ T3325] inactive_file 0
[  372.521824][ T3325] active_file 0
[  372.548744][ T3325] unevictable 0
[  372.581045][ T3325] hierarchical_memory_limit 314572800
[  372.625992][ T3325] hierarchical_memsw_limit 9223372036854771712
[  372.674919][ T3325] total_cache 11755520
[  372.679021][ T3325] total_rss 557056
[  372.682756][ T3325] total_shmem 11755520
[  372.694926][ T3325] total_mapped_file 0
[  372.698931][ T3325] total_dirty 0
[  372.702447][ T3325] total_writeback 0
[  372.722914][ T3325] total_workingset_refault_anon 2495
[  372.737098][ T3325] total_workingset_refault_file 2824
[  372.750196][ T3325] total_swap 69308416
[  372.755479][ T3325] total_swapcached 70701056
[  372.762438][ T3325] total_pgpgin 373460
[  372.770977][ T3325] total_pgpgout 370449
[  372.778138][ T3325] total_pgfault 381065
[  372.784979][ T3325] total_pgmajfault 345
[  372.793573][ T3325] total_inactive_anon 12333056
[  372.803545][ T3325] total_active_anon 0
[  372.812642][ T3325] total_inactive_file 0
[  372.820277][ T3325] total_active_file 0
[  372.827938][ T3325] total_unevictable 0
[  372.854775][ T3325] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.4851,pid=22577,uid=0
[  372.908576][ T3325] Memory cgroup out of memory: OOM victim 22577 (syz.4.4851) is already exiting. Skip killing the task
[  374.766815][T22771] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4872'.
[  374.806678][T22771] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=22771 comm=syz.5.4872
[  375.889341][T22829] lo speed is unknown, defaulting to 1000
[  376.293937][T22842] lo speed is unknown, defaulting to 1000
[  377.047219][T22867] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4919'.
[  377.069296][T22867] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4919'.
[  377.086256][T22869] lo speed is unknown, defaulting to 1000
[  377.531043][T22878] lo speed is unknown, defaulting to 1000
[  377.650024][T22883] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4912'.
[  377.730193][T22878] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[  377.746464][T22885] x_tables: duplicate underflow at hook 2
[  378.139862][T22893] 8021q: adding VLAN 0 to HW filter on device bond0
[  378.176058][   T28] audit: type=1400 audit(1774070925.282:7081): avc:  denied  { write } for  pid=22898 comm="syz.2.4921" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  378.212347][   T28] audit: type=1400 audit(1774070925.302:7082): avc:  denied  { read } for  pid=22898 comm="syz.2.4921" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  378.235726][T22893] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  378.979009][T22929] lo speed is unknown, defaulting to 1000
[  380.224682][T22959] tipc: Failed to remove unknown binding: 66,1,1/2130706433:762311659/762311661
[  380.927618][T22999] lo speed is unknown, defaulting to 1000
[  381.715409][T23002] loop6: detected capacity change from 0 to 2048
[  381.998459][T23002] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  382.013232][T23002] ext4 filesystem being mounted at /59/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  382.194359][T23014] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.4956: bg 0: block 345: padding at end of block bitmap is not set
[  382.208917][T23014] EXT4-fs (loop6): Remounting filesystem read-only
[  382.292547][T21752] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  382.439410][T23032] 8021q: adding VLAN 0 to HW filter on device bond0
[  382.453066][T23032] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  382.469373][T10027] lo speed is unknown, defaulting to 1000
[  382.492058][T10027] syz2: Port: 1 Link ACTIVE
[  382.535939][T23040] netlink: 399 bytes leftover after parsing attributes in process `syz.4.4979'.
[  382.545317][T23040] openvswitch: netlink: ufid size 36 bytes exceeds the range (1, 16)
[  382.553576][T23040] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  383.200208][   T28] audit: type=1326 audit(1774070930.302:7083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23052 comm="syz.4.4974" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98521ec799 code=0x7ffc0000
[  383.204424][T23049] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4973'.
[  383.257983][   T28] audit: type=1326 audit(1774070930.332:7084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23052 comm="syz.4.4974" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98521ec799 code=0x7ffc0000
[  383.310669][   T28] audit: type=1326 audit(1774070930.332:7085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23052 comm="syz.4.4974" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98521ec799 code=0x7ffc0000
[  383.334631][   T28] audit: type=1326 audit(1774070930.332:7086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23052 comm="syz.4.4974" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f98521ec799 code=0x7ffc0000
[  383.358517][   T28] audit: type=1326 audit(1774070930.332:7087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23052 comm="syz.4.4974" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98521ec799 code=0x7ffc0000
[  383.385309][   T28] audit: type=1326 audit(1774070930.332:7088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23052 comm="syz.4.4974" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98521ec799 code=0x7ffc0000
[  383.409869][   T28] audit: type=1326 audit(1774070930.342:7089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23052 comm="syz.4.4974" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98521ec799 code=0x7ffc0000
[  383.433424][   T28] audit: type=1326 audit(1774070930.342:7090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23052 comm="syz.4.4974" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98521ec799 code=0x7ffc0000
[  383.514947][   T28] audit: type=1326 audit(1774070930.342:7091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23052 comm="syz.4.4974" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98521ec799 code=0x7ffc0000
[  383.584963][   T28] audit: type=1326 audit(1774070930.342:7092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23052 comm="syz.4.4974" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f98521ec799 code=0x7ffc0000
[  384.239301][T23101] lo speed is unknown, defaulting to 1000
[  384.467194][T23118] xfrm0: entered promiscuous mode
[  384.518132][T23121] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4993'.
[  384.591938][T23121] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=23121 comm=syz.3.4993
[  384.633371][T23124] netlink: 132 bytes leftover after parsing attributes in process `syz.4.4994'.
[  384.741104][T23126] lo speed is unknown, defaulting to 1000
[  384.790497][T23128] lo speed is unknown, defaulting to 1000
[  384.816278][T23130] lo speed is unknown, defaulting to 1000
[  385.629562][T23161] cgroup: Setting release_agent not allowed
[  385.650215][T23164] xfrm0: entered promiscuous mode
[  385.952877][T23182] veth1_to_team: entered allmulticast mode
[  385.976931][T23185] loop6: detected capacity change from 0 to 512
[  386.077935][T23185] EXT4-fs warning (device loop6): ext4_enable_quotas:7236: Failed to enable quota tracking (type=0, err=-13, ino=3). Please run e2fsck to fix.
[  386.092676][T23185] EXT4-fs (loop6): mount failed
[  386.373994][T23192] lo speed is unknown, defaulting to 1000
[  386.655935][T23208] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2560 sclass=netlink_route_socket pid=23208 comm=syz.4.5024
[  386.669407][T23208] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2563 sclass=netlink_route_socket pid=23208 comm=syz.4.5024
[  386.683283][T23208] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5024'.
[  387.692121][ T6691] bridge_slave_1: left allmulticast mode
[  387.698028][ T6691] bridge_slave_1: left promiscuous mode
[  387.703752][ T6691] bridge0: port 2(bridge_slave_1) entered disabled state
[  387.712024][ T6691] bridge_slave_0: left allmulticast mode
[  387.718876][ T6691] bridge_slave_0: left promiscuous mode
[  387.724747][ T6691] bridge0: port 1(bridge_slave_0) entered disabled state
[  387.807498][T23234] tipc: Failed to remove unknown binding: 66,1,1/0:598744703/598744705
[  387.898201][ T6691] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  387.921782][ T6691] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  387.942151][ T6691] bond0 (unregistering): Released all slaves
[  388.050361][ T6691] batman_adv: batadv0: Removing interface: batadv_slave_0
[  388.060356][ T6691] batman_adv: batadv0: Removing interface: batadv_slave_1
[  388.143518][ T6691] team0 (unregistering): Port device team_slave_1 removed
[  388.177886][ T6691] team0 (unregistering): Port device team_slave_0 removed
[  388.273302][T23257] xfrm0: entered promiscuous mode
[  388.578660][ T6691] IPVS: stop unused estimator thread 0...
[  389.388668][T23343] lo speed is unknown, defaulting to 1000
[  390.295150][T23370] lo speed is unknown, defaulting to 1000
[  390.481531][   T28] kauditd_printk_skb: 357 callbacks suppressed
[  390.481571][   T28] audit: type=1400 audit(1774070937.582:7450): avc:  denied  { write } for  pid=23377 comm="syz.5.5063" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  390.648742][T23381] bridge_slave_0: left allmulticast mode
[  390.664601][T23381] bridge_slave_0: left promiscuous mode
[  390.677921][T23381] bridge0: port 1(bridge_slave_0) entered disabled state
[  390.696718][T23390] netlink: 80 bytes leftover after parsing attributes in process `syz.6.5064'.
[  390.727058][T23381] bridge_slave_1: left allmulticast mode
[  390.732735][T23381] bridge_slave_1: left promiscuous mode
[  390.755544][T23381] bridge0: port 2(bridge_slave_1) entered disabled state
[  390.776470][T23381] bond0: (slave bond_slave_0): Releasing backup interface
[  390.797372][T23381] bond0: (slave bond_slave_1): Releasing backup interface
[  390.830977][T23381] team0: Port device team_slave_0 removed
[  390.843263][T23381] team0: Port device team_slave_1 removed
[  390.868013][T23381] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  390.884945][T23381] batman_adv: batadv0: Removing interface: batadv_slave_0
[  390.894000][T23381] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  390.909083][T23381] batman_adv: batadv0: Removing interface: batadv_slave_1
[  390.921338][T23396] netlink: 'syz.2.5068': attribute type 1 has an invalid length.
[  390.930283][T23396] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5068'.
[  390.933781][T23381] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  391.115746][T23401] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=23401 comm=syz.6.5070
[  391.131501][T23405] netlink: 'syz.4.5071': attribute type 11 has an invalid length.
[  391.143842][T23401] kernel profiling enabled (shift: 9)
[  393.797950][T23428] bridge_slave_0: invalid flags given to default FDB implementation
[  394.246270][T23444] lo speed is unknown, defaulting to 1000
[  395.903449][T23445] loop6: detected capacity change from 0 to 2048
[  395.948576][T23481] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5095'.
[  396.326006][T23445] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  396.492286][T23445] ext4 filesystem being mounted at /90/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  396.537526][T23499] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5102'.
[  396.565544][T23499] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=23499 comm=syz.3.5102
[  396.600838][T23463] syz.2.5088 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=0
[  396.671283][T23463] CPU: 0 UID: 0 PID: 23463 Comm: syz.2.5088 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  396.671327][T23463] Tainted: [W]=WARN
[  396.671336][T23463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  396.671354][T23463] Call Trace:
[  396.671362][T23463]  <TASK>
[  396.671372][T23463]  __dump_stack+0x1d/0x30
[  396.671502][T23463]  dump_stack_lvl+0x95/0xd0
[  396.671527][T23463]  dump_stack+0x15/0x1b
[  396.671549][T23463]  dump_header+0x80/0x240
[  396.671582][T23463]  oom_kill_process+0x295/0x350
[  396.671609][T23463]  out_of_memory+0x97d/0xb80
[  396.671700][T23463]  try_charge_memcg+0x62e/0xa10
[  396.671829][T23463]  obj_cgroup_charge_pages+0x23/0xc0
[  396.671997][T23463]  __memcg_kmem_charge_page+0x9e/0x170
[  396.672078][T23463]  __alloc_frozen_pages_noprof+0x18a/0x360
[  396.672123][T23463]  alloc_pages_mpol+0xb3/0x260
[  396.672196][T23463]  alloc_pages_noprof+0x8f/0x130
[  396.672299][T23463]  __vmalloc_node_range_noprof+0xa46/0x12b0
[  396.672362][T23463]  __kvmalloc_node_noprof+0x3d4/0x650
[  396.672431][T23463]  ? ip_set_alloc+0x24/0x30
[  396.672541][T23463]  ? ip_set_alloc+0x24/0x30
[  396.672574][T23463]  ? __kmalloc_cache_noprof+0x18a/0x410
[  396.672601][T23463]  ip_set_alloc+0x24/0x30
[  396.672731][T23463]  hash_netiface_create+0x282/0x740
[  396.672800][T23463]  ? __pfx_hash_netiface_create+0x10/0x10
[  396.672835][T23463]  ip_set_create+0x3cf/0x970
[  396.672957][T23463]  ? __nla_parse+0x40/0x60
[  396.672995][T23463]  nfnetlink_rcv_msg+0x509/0x5d0
[  396.673036][T23463]  netlink_rcv_skb+0x123/0x220
[  396.673065][T23463]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  396.673150][T23463]  nfnetlink_rcv+0x167/0x1720
[  396.673174][T23463]  ? __kfree_skb+0x109/0x150
[  396.673198][T23463]  ? nlmon_xmit+0x4f/0x60
[  396.673240][T23463]  ? consume_skb+0x4b/0x160
[  396.673278][T23463]  ? nlmon_xmit+0x4f/0x60
[  396.673294][T23463]  ? dev_hard_start_xmit+0x3b9/0x3f0
[  396.673325][T23463]  ? __dev_queue_xmit+0x136c/0x1f20
[  396.673408][T23463]  ? __dev_queue_xmit+0x148/0x1f20
[  396.673447][T23463]  ? ref_tracker_free+0x37d/0x3e0
[  396.673486][T23463]  ? __netlink_deliver_tap+0x4dc/0x500
[  396.673607][T23463]  netlink_unicast+0x5c0/0x690
[  396.673644][T23463]  netlink_sendmsg+0x5c8/0x6f0
[  396.673686][T23463]  ? __pfx_netlink_sendmsg+0x10/0x10
[  396.673742][T23463]  ____sys_sendmsg+0x563/0x5b0
[  396.673815][T23463]  ___sys_sendmsg+0x195/0x1e0
[  396.673911][T23463]  __x64_sys_sendmsg+0xd4/0x160
[  396.674019][T23463]  x64_sys_call+0x194c/0x3020
[  396.674054][T23463]  do_syscall_64+0x12c/0x370
[  396.674127][T23463]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  396.674201][T23463] RIP: 0033:0x7f3853d4c799
[  396.674223][T23463] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  396.674247][T23463] RSP: 002b:00007f38527a7028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  396.674267][T23463] RAX: ffffffffffffffda RBX: 00007f3853fc5fa0 RCX: 00007f3853d4c799
[  396.674284][T23463] RDX: 0000000000000880 RSI: 0000200000000040 RDI: 0000000000000003
[  396.674303][T23463] RBP: 00007f3853de2c99 R08: 0000000000000000 R09: 0000000000000000
[  396.674336][T23463] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  396.674353][T23463] R13: 00007f3853fc6038 R14: 00007f3853fc5fa0 R15: 00007ffc3e7d85c8
[  396.674381][T23463]  </TASK>
[  396.674389][T23463] memory: usage 307200kB, limit 307200kB, failcnt 1177
[  397.012799][T23463] memory+swap: usage 307736kB, limit 9007199254740988kB, failcnt 0
[  397.024783][T23463] kmem: usage 280024kB, limit 9007199254740988kB, failcnt 0
[  397.032216][T23463] Memory cgroup stats for /syz2:
[  397.032563][T23463] cache 10526720
[  397.041088][T23463] rss 17084416
[  397.044496][T23463] shmem 10526720
[  397.048592][T23463] mapped_file 0
[  397.052057][T23463] dirty 0
[  397.055031][T23463] writeback 0
[  397.058341][T23463] workingset_refault_anon 2948
[  397.063134][T23463] workingset_refault_file 860
[  397.067864][T23463] swap 548864
[  397.071190][T23463] swapcached 5873664
[  397.077537][T23463] pgpgin 296012
[  397.085191][T23463] pgpgout 289218
[  397.088803][T23463] pgfault 374417
[  397.092412][T23463] pgmajfault 409
[  397.096574][T23463] inactive_anon 1269760
[  397.104685][T23463] active_anon 26558464
[  397.109598][T23463] inactive_file 0
[  397.113950][T23463] active_file 0
[  397.120718][T23463] unevictable 0
[  397.125579][T23463] hierarchical_memory_limit 314572800
[  397.131997][T23463] hierarchical_memsw_limit 9223372036854771712
[  397.141221][T23463] total_cache 10526720
[  397.145830][T23507] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.5083: bg 0: block 345: padding at end of block bitmap is not set
[  397.160227][T23463] total_rss 17084416
[  397.164243][T23463] total_shmem 10526720
[  397.169481][T23507] EXT4-fs (loop6): Remounting filesystem read-only
[  397.176102][T23463] total_mapped_file 0
[  397.180166][T23463] total_dirty 0
[  397.183666][T23463] total_writeback 0
[  397.187681][T23463] total_workingset_refault_anon 2948
[  397.193004][T23463] total_workingset_refault_file 860
[  397.200497][T23463] total_swap 548864
[  397.204371][T23463] total_swapcached 5873664
[  397.208930][T23463] total_pgpgin 296012
[  397.212943][T23463] total_pgpgout 289218
[  397.217513][T23463] total_pgfault 374417
[  397.221632][T23463] total_pgmajfault 409
[  397.226644][T23463] total_inactive_anon 1269760
[  397.231467][T23463] total_active_anon 26558464
[  397.236230][T23463] total_inactive_file 0
[  397.240449][T23463] total_active_file 0
[  397.244484][T23463] total_unevictable 0
[  397.248728][T23463] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.5088,pid=23462,uid=0
[  397.265033][T23463] Memory cgroup out of memory: Killed process 23462 (syz.2.5088) total-vm:100580kB, anon-rss:17812kB, file-rss:26392kB, shmem-rss:0kB, UID:0 pgtables:164kB oom_score_adj:0
[  397.361009][T21752] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  397.544835][T23517] bond0: (slave batadv0): Releasing backup interface
[  397.566678][T23517] bridge_slave_0: left allmulticast mode
[  397.572437][T23517] bridge_slave_0: left promiscuous mode
[  397.578549][T23517] bridge0: port 1(bridge_slave_0) entered disabled state
[  397.592314][T23517] bridge_slave_1: left allmulticast mode
[  397.596394][T23521] netlink: 80 bytes leftover after parsing attributes in process `syz.4.5109'.
[  397.599959][T23517] bridge_slave_1: left promiscuous mode
[  397.617545][T23520] 9pnet: p9_errstr2errno: server reported unknown error 0x00000000
[  397.623017][T23517] bridge0: port 2(bridge_slave_1) entered disabled state
[  397.779379][T23517] bond0: (slave bond_slave_0): Releasing backup interface
[  397.866483][T23517] bond0: (slave bond_slave_1): Releasing backup interface
[  397.875553][T23517] batman_adv: batadv0: Removing interface: batadv_slave_0
[  397.958523][T23517] bond2: (slave veth13): Releasing active interface
[  397.967732][T23517] batman_adv: batadv0: Removing interface: ip6gretap1
[  398.025326][T23517] bond6: (slave ip6gre1): Releasing backup interface
[  398.113471][T23517] bond8: (slave geneve2): Releasing active interface
[  398.136770][  T312] netdevsim netdevsim4 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  398.146082][  T312] netdevsim netdevsim4 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  398.154446][  T312] netdevsim netdevsim4 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  398.172501][T23534] syzkaller0: entered promiscuous mode
[  398.178336][T23534] syzkaller0: entered allmulticast mode
[  398.186335][  T312] netdevsim netdevsim4 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  398.523929][T23546] ------------[ cut here ]------------
[  398.529540][T23546] verifier bug: REG INVARIANTS VIOLATION (true_reg2): range bounds violation u64=[0x0, 0x7800000000] s64=[0x0, 0xffffffffffffffff] u32=[0x80000000, 0x0] s32=[0x0, 0xffffffff] var_off=(0x0, 0x7800000000)
[  398.549350][T23546] WARNING: kernel/bpf/verifier.c:2823 at reg_bounds_sanity_check+0x15b/0x660, CPU#1: syz.4.5116/23546
[  398.560358][T23546] Modules linked in:
[  398.564274][T23546] CPU: 1 UID: 0 PID: 23546 Comm: syz.4.5116 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  398.575301][T23546] Tainted: [W]=WARN
[  398.579117][T23546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  398.589285][T23546] RIP: 0010:reg_bounds_sanity_check+0x27d/0x660
[  398.595584][T23546] Code: 24 78 4c 8b 44 24 70 4c 8b 4c 24 60 41 ff 74 24 20 41 55 53 ff 74 24 68 ff 74 24 78 ff b4 24 90 00 00 00 ff b4 24 b0 00 00 00 <67> 48 0f b9 3a 48 83 c4 38 4c 8b ac 24 98 00 00 00 49 8d 85 80 08
[  398.615301][T23546] RSP: 0018:ffffc9000be57370 EFLAGS: 00010246
[  398.621394][T23546] RAX: ffff88818a56ac48 RBX: 00000000ffffffff RCX: 0000000000000000
[  398.629452][T23546] RDX: ffffffff86818eef RSI: ffffffff8682d453 RDI: ffffffff871d2140
[  398.637608][T23546] RBP: ffff88814fdbc840 R08: 0000007800000000 R09: 0000000000000000
[  398.645627][T23546] R10: 00000000000000d0 R11: 0000000000000002 R12: ffff88814fdbc800
[  398.653612][T23546] R13: 0000000000000000 R14: ffff88814fdbc84c R15: ffff88814fdbc838
[  398.661670][T23546] FS:  00007f9850bfd6c0(0000) GS:ffff8882ae9db000(0000) knlGS:0000000000000000
[  398.670634][T23546] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  398.677336][T23546] CR2: 00007f9850bfcff8 CR3: 000000017772e000 CR4: 00000000003506f0
[  398.685350][T23546] DR0: fffffffffffffffe DR1: 0000000000000000 DR2: 0000000000000000
[  398.693336][T23546] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  398.701343][T23546] Call Trace:
[  398.704645][T23546]  <TASK>
[  398.707689][T23546]  reg_set_min_max+0x1f2/0x260
[  398.712560][T23546]  check_cond_jmp_op+0x13b2/0x1a80
[  398.717723][T23546]  do_check+0x4a9b/0x9860
[  398.722091][T23546]  do_check_common+0xd0b/0x1630
[  398.727001][T23546]  bpf_check+0x2f78/0xcc30
[  398.731445][T23546]  ? __perf_event_task_sched_out+0x192/0x710
[  398.737521][T23546]  ? _raw_spin_unlock+0x9/0x30
[  398.742334][T23546]  ? pcpu_block_update_hint_alloc+0x640/0x660
[  398.748476][T23546]  ? pcpu_block_update_hint_alloc+0x640/0x660
[  398.754597][T23546]  ? css_rstat_updated+0xbb/0x280
[  398.759692][T23546]  ? mod_memcg_state+0x182/0x270
[  398.764775][T23546]  ? __rcu_read_unlock+0x4e/0x70
[  398.769777][T23546]  ? avc_has_perm_noaudit+0xab/0x130
[  398.775138][T23546]  ? avc_has_perm+0x101/0x190
[  398.779849][T23546]  ? selinux_bpf_prog_load+0x197/0x1c0
[  398.785348][T23546]  ? security_bpf_prog_load+0x9e/0x140
[  398.790907][T23546]  bpf_prog_load+0xf76/0x1140
[  398.795638][T23546]  ? security_bpf+0x2b/0x90
[  398.800194][T23546]  __sys_bpf+0x505/0x7e0
[  398.804463][T23546]  __x64_sys_bpf+0x41/0x50
[  398.809013][T23546]  x64_sys_call+0x10cb/0x3020
[  398.813706][T23546]  do_syscall_64+0x12c/0x370
[  398.818449][T23546]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  398.824366][T23546] RIP: 0033:0x7f98521ec799
[  398.828822][T23546] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  398.848521][T23546] RSP: 002b:00007f9850bfd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  398.857043][T23546] RAX: ffffffffffffffda RBX: 00007f9852466180 RCX: 00007f98521ec799
[  398.865131][T23546] RDX: 0000000000000048 RSI: 00002000000054c0 RDI: 0000000000000005
[  398.873182][T23546] RBP: 00007f9852282c99 R08: 0000000000000000 R09: 0000000000000000
[  398.881361][T23546] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  398.889431][T23546] R13: 00007f9852466218 R14: 00007f9852466180 R15: 00007ffe32a8d0b8
[  398.897449][T23546]  </TASK>
[  398.900553][T23546] ---[ end trace 0000000000000000 ]---
[  399.147113][T23551] lo speed is unknown, defaulting to 1000
[  400.617503][T23619] syzkaller0: entered promiscuous mode
[  400.623664][T23619] syzkaller0: entered allmulticast mode
[  403.808954][T23699] lo speed is unknown, defaulting to 1000
[  403.815639][T23699] lo speed is unknown, defaulting to 1000
[  403.821558][T23699] lo speed is unknown, defaulting to 1000
[  403.919751][T10050] lo speed is unknown, defaulting to 1000
[  403.927931][T23699] infiniband syU×: set active
[  403.938833][T23699] infiniband syU×: added lo
[  403.975571][T23699] RDS/IB: syU×: added
[  403.979598][T23699] smc: adding ib device syU× with port count 1
[  403.988722][T23699] smc:    ib device syU× port 1 has no pnetid
[  403.994847][T10050] lo speed is unknown, defaulting to 1000
[  404.000918][T23699] lo speed is unknown, defaulting to 1000
[  404.069033][T23699] lo speed is unknown, defaulting to 1000
[  404.187159][T23699] lo speed is unknown, defaulting to 1000
[  404.248244][T23699] lo speed is unknown, defaulting to 1000
[  404.286792][T23699] lo speed is unknown, defaulting to 1000
[  404.407625][T23708] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5152'.
[  404.431717][T23706] lo speed is unknown, defaulting to 1000
[  404.457341][T23706] lo speed is unknown, defaulting to 1000
[  404.523577][   T28] audit: type=1400 audit(1774070951.602:7451): avc:  denied  { cmd } for  pid=23705 comm="syz.2.5150" path="/1075/file0" dev="tmpfs" ino=5544 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=io_uring permissive=1
[  404.562283][   T28] audit: type=1400 audit(1774070951.652:7452): avc:  denied  { connect } for  pid=23712 comm="syz.3.5154" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  404.678129][T23721] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=23721 comm=syz.5.5167
[  404.729374][T23728] netlink: 'syz.5.5167': attribute type 1 has an invalid length.
[  404.850362][T23721] bond3: (slave gretap1): making interface the new active one
[  404.893521][T23721] bond3: (slave gretap1): Enslaving as an active interface with an up link
[  404.915387][T23731] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5160'.
[  404.924755][T23731] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5160'.
[  404.952245][T23728] vlan3: entered allmulticast mode
[  404.957613][T23728] bond3: entered allmulticast mode
[  404.962855][T23728] gretap1: entered allmulticast mode
[  404.968842][T23728] bond3: (slave vlan3): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[  405.110025][T23734] loop6: detected capacity change from 0 to 128
[  405.130480][T23734] vfat: Unknown parameter '017777777777777777777770xffffffffffffffff00000000000000000000000'
[  405.142164][T23744] netlink: 'syz.5.5166': attribute type 4 has an invalid length.
[  406.615695][T23775] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5176'.
[  406.625191][T23775] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5176'.
[  406.672591][   T28] audit: type=1326 audit(1774070953.772:7453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23777 comm="syz.2.5179" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3853d4c799 code=0x0
[  406.780669][   T28] audit: type=1326 audit(1774070953.882:7454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23780 comm="syz.4.5180" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f98521ec799 code=0x0
[  407.648242][T23801] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5185'.
[  407.683627][T23801] bond9: entered promiscuous mode
[  407.695365][T23801] 8021q: adding VLAN 0 to HW filter on device bond9
[  407.817191][T23801] 8021q: adding VLAN 0 to HW filter on device bond9
[  407.835922][T23801] bond9: (slave sit4): The slave device specified does not support setting the MAC address
[  407.856196][T23801] bond9: (slave sit4): Error -95 calling set_mac_address
[  408.848474][T23849] syzkaller0: entered promiscuous mode
[  408.862668][T23849] syzkaller0: entered allmulticast mode
[  408.883382][T23849] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  409.017529][T23848] tipc: Resetting bearer <eth:syzkaller0>
[  409.026593][T23848] tipc: Disabling bearer <eth:syzkaller0>
[  409.392502][   T28] audit: type=1326 audit(1774070956.492:7455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23863 comm="syz.5.5206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc94211c799 code=0x7ffc0000
[  409.559660][   T28] audit: type=1326 audit(1774070956.522:7456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23863 comm="syz.5.5206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc94211c799 code=0x7ffc0000
[  409.583582][   T28] audit: type=1326 audit(1774070956.522:7457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23863 comm="syz.5.5206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc94211c799 code=0x7ffc0000
[  409.607417][   T28] audit: type=1326 audit(1774070956.522:7458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23863 comm="syz.5.5206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc94211c799 code=0x7ffc0000
[  409.631269][   T28] audit: type=1326 audit(1774070956.522:7459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23863 comm="syz.5.5206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=268 compat=0 ip=0x7fc94211c799 code=0x7ffc0000
[  409.655163][   T28] audit: type=1326 audit(1774070956.522:7460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23863 comm="syz.5.5206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc94211c799 code=0x7ffc0000
[  409.679082][   T28] audit: type=1326 audit(1774070956.522:7461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23863 comm="syz.5.5206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc94211c799 code=0x7ffc0000
[  409.702869][   T28] audit: type=1326 audit(1774070956.522:7462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23863 comm="syz.5.5206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc94211c799 code=0x7ffc0000
[  409.737113][   T28] audit: type=1326 audit(1774070956.522:7463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23863 comm="syz.5.5206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc94211c799 code=0x7ffc0000
[  409.814919][   T28] audit: type=1326 audit(1774070956.522:7464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23863 comm="syz.5.5206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fc94211c799 code=0x7ffc0000
[  409.865918][   T28] audit: type=1326 audit(1774070956.522:7465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23863 comm="syz.5.5206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc94211c799 code=0x7ffc0000
[  410.565193][T23897] lo speed is unknown, defaulting to 1000
[  410.571600][T23897] lo speed is unknown, defaulting to 1000
[  411.045061][T23901] lo speed is unknown, defaulting to 1000
[  411.067195][T23901] lo speed is unknown, defaulting to 1000
[  411.340180][T23910] syz.4.5223 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[  411.414580][T23910] CPU: 0 UID: 0 PID: 23910 Comm: syz.4.5223 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  411.414611][T23910] Tainted: [W]=WARN
[  411.414617][T23910] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  411.414629][T23910] Call Trace:
[  411.414635][T23910]  <TASK>
[  411.414672][T23910]  __dump_stack+0x1d/0x30
[  411.414698][T23910]  dump_stack_lvl+0x95/0xd0
[  411.414725][T23910]  dump_stack+0x15/0x1b
[  411.414828][T23910]  dump_header+0x80/0x240
[  411.414853][T23910]  oom_kill_process+0x295/0x350
[  411.414940][T23910]  out_of_memory+0x97d/0xb80
[  411.414968][T23910]  try_charge_memcg+0x62e/0xa10
[  411.415042][T23910]  __mem_cgroup_charge+0x65/0x150
[  411.415148][T23910]  do_wp_page+0xf84/0x2590
[  411.415188][T23910]  ? __rcu_read_lock+0x36/0x50
[  411.415252][T23910]  handle_mm_fault+0x8cb/0x3020
[  411.415286][T23910]  ? mt_find+0x291/0x3d0
[  411.415320][T23910]  do_user_addr_fault+0x3fd/0x1050
[  411.415380][T23910]  exc_page_fault+0x62/0xa0
[  411.415409][T23910]  asm_exc_page_fault+0x26/0x30
[  411.415496][T23910] RIP: 0010:rep_movs_alternative+0x4a/0x90
[  411.415532][T23910] Code: 19 02 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 e9 8f 19 02 00 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[  411.415584][T23910] RSP: 0018:ffffc90002667868 EFLAGS: 00050206
[  411.415604][T23910] RAX: ffff88810e1cef48 RBX: ffff888189ee0000 RCX: 0000000000003e40
[  411.415621][T23910] RDX: 0000000000000000 RSI: ffff888189ee01c0 RDI: 000020000026a000
[  411.415634][T23910] RBP: 0000200000269e40 R08: 000000000000031d R09: 0000000000000000
[  411.415693][T23910] R10: 0001888189ee0000 R11: 0001888189ee3fff R12: 000020000026de40
[  411.415710][T23910] R13: ffffc90002667e70 R14: 0000000000004000 R15: 00007ffffffff000
[  411.415735][T23910]  _copy_to_iter+0x141/0xea0
[  411.415772][T23910]  ? _raw_spin_unlock+0x9/0x30
[  411.415859][T23910]  ? finish_task_switch+0x7d/0x280
[  411.415878][T23910]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  411.415917][T23910]  __skb_datagram_iter+0x2f4/0x680
[  411.415956][T23910]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  411.416035][T23910]  skb_copy_datagram_iter+0x3f/0x120
[  411.416073][T23910]  unix_stream_read_actor+0x43/0x70
[  411.416095][T23910]  unix_stream_read_generic+0x6e9/0x1630
[  411.416138][T23910]  ? __pfx_autoremove_wake_function+0x10/0x10
[  411.416179][T23910]  unix_stream_recvmsg+0xff/0x130
[  411.416259][T23910]  ? __pfx_unix_stream_read_actor+0x10/0x10
[  411.416304][T23910]  ? __pfx_unix_stream_recvmsg+0x10/0x10
[  411.416328][T23910]  sock_recvmsg+0xf5/0x120
[  411.416405][T23910]  ____sys_recvmsg+0xf5/0x280
[  411.416530][T23910]  ___sys_recvmsg+0x11f/0x3b0
[  411.416625][T23910]  __x64_sys_recvmsg+0xd1/0x160
[  411.416669][T23910]  x64_sys_call+0x2b1a/0x3020
[  411.416744][T23910]  do_syscall_64+0x12c/0x370
[  411.416828][T23910]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  411.416854][T23910] RIP: 0033:0x7f98521ec799
[  411.416927][T23910] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  411.416948][T23910] RSP: 002b:00007f9850bfd028 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  411.416968][T23910] RAX: ffffffffffffffda RBX: 00007f9852466180 RCX: 00007f98521ec799
[  411.416983][T23910] RDX: 0000000040000100 RSI: 0000200000001140 RDI: 0000000000000005
[  411.416999][T23910] RBP: 00007f9852282c99 R08: 0000000000000000 R09: 0000000000000000
[  411.417068][T23910] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  411.417079][T23910] R13: 00007f9852466218 R14: 00007f9852466180 R15: 00007ffe32a8d0b8
[  411.417102][T23910]  </TASK>
[  411.915713][T23910] memory: usage 93612kB, limit 307200kB, failcnt 5176
[  411.922591][T23910] memory+swap: usage 161296kB, limit 9007199254740988kB, failcnt 0
[  411.945567][T23910] kmem: usage 78648kB, limit 9007199254740988kB, failcnt 0
[  411.995223][T23910] Memory cgroup stats for /syz4:
[  411.995495][T23910] cache 11763712
[  412.013126][T23910] rss 3272704
[  412.055073][T23910] shmem 11755520
[  412.058741][T23910] mapped_file 4096
[  412.062552][T23910] dirty 0
[  412.101041][T23910] writeback 0
[  412.104480][T23910] workingset_refault_anon 2495
[  412.145405][T23910] workingset_refault_file 3080
[  412.150234][T23910] swap 69308416
[  412.153725][T23910] swapcached 70926336
[  412.166287][T23910] pgpgin 404456
[  412.196508][T23910] pgpgout 400780
[  412.211328][T23910] pgfault 419521
[  412.216430][T23904] loop6: detected capacity change from 0 to 2048
[  412.362375][T23910] pgmajfault 347
[  412.374601][T23910] inactive_anon 14061568
[  412.487685][T23904] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  412.501221][T23910] active_anon 987136
[  412.516077][T23910] inactive_file 8192
[  412.559527][T23904] ext4 filesystem being mounted at /111/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  412.590693][T23910] active_file 0
[  412.618473][T23910] unevictable 0
[  412.675409][T23910] hierarchical_memory_limit 314572800
[  412.697607][T23910] hierarchical_memsw_limit 9223372036854771712
[  412.703829][T23910] total_cache 11763712
[  412.714933][T23910] total_rss 3272704
[  412.728792][T23910] total_shmem 11755520
[  412.736231][T23910] total_mapped_file 4096
[  412.745042][T23910] total_dirty 0
[  412.752865][T23910] total_writeback 0
[  412.764471][T23910] total_workingset_refault_anon 2495
[  412.779266][T23910] total_workingset_refault_file 3080
[  412.793266][T23910] total_swap 69308416
[  412.805608][T23910] total_swapcached 70926336
[  412.824823][T23910] total_pgpgin 404456
[  412.838899][T23910] total_pgpgout 400780
[  412.858989][T23910] total_pgfault 419521
[  412.874385][T23938] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.5221: bg 0: block 345: padding at end of block bitmap is not set
[  412.902095][T23910] total_pgmajfault 347
[  412.919710][T23910] total_inactive_anon 14061568
[  412.939943][T23910] total_active_anon 987136
[  412.944426][T23910] total_inactive_file 8192
[  412.978890][T23938] EXT4-fs (loop6): Remounting filesystem read-only
[  412.995816][T23910] total_active_file 0
[  413.000546][T23910] total_unevictable 0
[  413.067662][T23910] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.5223,pid=23907,uid=0
[  413.124783][T21752] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  413.144731][T23910] Memory cgroup out of memory: Killed process 23907 (syz.4.5223) total-vm:100580kB, anon-rss:3892kB, file-rss:26252kB, shmem-rss:0kB, UID:0 pgtables:140kB oom_score_adj:0
[  414.148069][T23984] netlink: 'syz.6.5246': attribute type 1 has an invalid length.
[  414.162712][T23984] 8021q: adding VLAN 0 to HW filter on device bond1
[  414.178185][T23984] netlink: 20 bytes leftover after parsing attributes in process `syz.6.5246'.
[  414.187429][T23984] bond1: entered allmulticast mode
[  414.199790][T23984] bond1: (slave ip6gretap1): making interface the new active one
[  414.207766][T23984] ip6gretap1: entered allmulticast mode
[  414.213799][T23984] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[  414.750099][T24019] netlink: 'syz.2.5257': attribute type 1 has an invalid length.
[  414.790130][T24022] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5258'.
[  414.799554][T24022] netlink: 'syz.5.5258': attribute type 30 has an invalid length.
[  414.814244][T24019] 8021q: adding VLAN 0 to HW filter on device bond11
[  414.822782][T24019] bond10: (slave bond11): making interface the new active one
[  414.830815][T24019] bond10: (slave bond11): Enslaving as an active interface with an up link
[  414.845477][  T263] netdevsim netdevsim5 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  414.857372][  T263] netdevsim netdevsim5 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  414.869903][T24019] bond10: (slave gretap3): Enslaving as a backup interface with an up link
[  414.899828][  T263] netdevsim netdevsim5 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  414.908150][  T263] netdevsim netdevsim5 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  415.016716][T24031] netlink: 'syz.5.5261': attribute type 27 has an invalid length.
[  415.059880][T24031] xfrm0: left promiscuous mode
[  415.079983][  T263] netdevsim netdevsim5 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  415.089178][  T263] netdevsim netdevsim5 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  415.097782][  T263] netdevsim netdevsim5 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  415.106357][  T263] netdevsim netdevsim5 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  415.150703][T24031] 8021q: adding VLAN 0 to HW filter on device bond0
[  415.160069][T24031] 8021q: adding VLAN 0 to HW filter on device team0
[  415.201262][T24031] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  415.412732][T24041] rdma_rxe: rxe_newlink: failed to add lo
[  415.516921][   T28] kauditd_printk_skb: 27 callbacks suppressed
[  415.516935][   T28] audit: type=1326 audit(1774070962.622:7493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24042 comm="syz.2.5266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3853d4c799 code=0x7ffc0000
[  415.618731][   T28] audit: type=1326 audit(1774070962.622:7494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24042 comm="syz.2.5266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3853d4c799 code=0x7ffc0000
[  415.655767][   T28] audit: type=1326 audit(1774070962.622:7495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24042 comm="syz.2.5266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3853d4c799 code=0x7ffc0000
[  415.720732][   T28] audit: type=1326 audit(1774070962.622:7496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24042 comm="syz.2.5266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3853d4c799 code=0x7ffc0000
[  415.777013][   T28] audit: type=1326 audit(1774070962.622:7497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24042 comm="syz.2.5266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=268 compat=0 ip=0x7f3853d4c799 code=0x7ffc0000
[  415.825609][   T28] audit: type=1326 audit(1774070962.622:7498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24042 comm="syz.2.5266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3853d4c799 code=0x7ffc0000
[  415.894934][   T28] audit: type=1326 audit(1774070962.622:7499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24042 comm="syz.2.5266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3853d4c799 code=0x7ffc0000
[  415.933887][T24064] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5274'.
[  415.937518][   T28] audit: type=1326 audit(1774070962.622:7500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24042 comm="syz.2.5266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3853d4c799 code=0x7ffc0000
[  415.992422][T24064] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=24064 comm=syz.4.5274
[  416.005453][   T28] audit: type=1326 audit(1774070962.622:7501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24042 comm="syz.2.5266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3853d4c799 code=0x7ffc0000
[  416.185060][   T28] audit: type=1326 audit(1774070962.622:7502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24042 comm="syz.2.5266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f3853d4c799 code=0x7ffc0000
[  416.274828][T24085] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5283'.
[  416.306402][T24087] bridge0: port 1(gretap0) entered blocking state
[  416.312971][T24087] bridge0: port 1(gretap0) entered disabled state
[  416.319884][T24087] gretap0: entered allmulticast mode
[  416.326489][T24087] gretap0: entered promiscuous mode
[  416.331938][T24087] bridge0: port 1(gretap0) entered blocking state
[  416.338433][T24087] bridge0: port 1(gretap0) entered forwarding state
[  416.428497][T24097] openvswitch: netlink: Missing key (keys=40, expected=100)
[  416.560981][T24110] tipc: Failed to remove unknown binding: 66,0,0/2886997007:554503293/554503294
[  417.526350][T24139] netlink: 40 bytes leftover after parsing attributes in process `syz.5.5305'.
[  419.774206][T24190] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5324'.
[  419.836275][T24190] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=24190 comm=syz.4.5324
[  419.891161][T24200] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5329'.
[  419.926199][T24200] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=24200 comm=syz.3.5329
[  419.962240][T24208] lo: entered allmulticast mode
[  419.967696][T24208] lo: left allmulticast mode
[  420.508492][T24217] netlink: 'syz.5.5337': attribute type 1 has an invalid length.
[  420.530232][T24217] 8021q: adding VLAN 0 to HW filter on device bond4
[  420.542984][T24217] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5337'.
[  420.544000][T24222] netlink: 'syz.2.5338': attribute type 2 has an invalid length.
[  420.552608][T24217] bond4: up delay (136) is not a multiple of miimon (100), value rounded to 100 ms
[  420.570122][T24217] bond4: entered allmulticast mode
[  420.590486][T24217] bond4: (slave ip6gretap1): Enslaving as an active interface with an up link
[  421.420905][T24253] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  421.496811][T24253] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  421.566540][T24253] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  421.644141][T24253] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  421.748602][ T6311] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  421.774402][ T6311] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  421.800422][ T6339] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  421.813709][ T6339] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  422.017831][T24286] bridge0: port 1(gretap0) entered blocking state
[  422.025753][T24288] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5362'.
[  422.034775][T24286] bridge0: port 1(gretap0) entered disabled state
[  422.042362][T24286] gretap0: entered allmulticast mode
[  422.048457][T24286] gretap0: entered promiscuous mode
[  422.869775][T24303] loop6: detected capacity change from 0 to 2048
[  423.168055][   T28] kauditd_printk_skb: 31 callbacks suppressed
[  423.168150][   T28] audit: type=1400 audit(1774070970.272:7534): avc:  denied  { listen } for  pid=24310 comm="syz.4.5371" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  423.195645][T24311] netlink: 'syz.4.5371': attribute type 2 has an invalid length.
[  423.203400][T24311] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5371'.
[  423.526307][T24303] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  423.990578][T24320] ref_ctr_offset mismatch. inode: 0xf offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x1000000
[  424.089219][T21752] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  425.306395][T24352] netlink: 'syz.6.5383': attribute type 1 has an invalid length.
[  425.345767][T24352] veth3: entered promiscuous mode
[  425.446403][T24356] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -2360, delta: 1
[  425.465909][T24356] ref_ctr increment failed for inode: 0x15a9 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff88813d1521c0
[  425.702189][T24354] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -2360, delta: -1
[  425.711014][T24354] ref_ctr decrement failed for inode: 0x15a9 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff88813d1521c0
[  425.745205][T24354] uprobe: syz.3.5384:24354 failed to unregister, leaking uprobe
[  426.328578][T24377] lo speed is unknown, defaulting to 1000
[  426.355969][T24377] lo speed is unknown, defaulting to 1000
[  427.405288][   T28] audit: type=1326 audit(1774070974.512:7535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24412 comm="syz.3.5402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7e617c799 code=0x7ffc0000
[  427.535682][   T28] audit: type=1326 audit(1774070974.532:7536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24412 comm="syz.3.5402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7ff7e617c799 code=0x7ffc0000
[  427.560067][   T28] audit: type=1326 audit(1774070974.542:7537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24412 comm="syz.3.5402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7e617c799 code=0x7ffc0000
[  427.583973][   T28] audit: type=1326 audit(1774070974.542:7538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24412 comm="syz.3.5402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7e617c799 code=0x7ffc0000
[  427.659474][   T28] audit: type=1326 audit(1774070974.542:7539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24412 comm="syz.3.5402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=113 compat=0 ip=0x7ff7e617c799 code=0x7ffc0000
[  427.719634][   T28] audit: type=1326 audit(1774070974.542:7540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24412 comm="syz.3.5402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7e617c799 code=0x7ffc0000
[  427.771910][   T28] audit: type=1326 audit(1774070974.542:7541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24412 comm="syz.3.5402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=255 compat=0 ip=0x7ff7e617c799 code=0x7ffc0000
[  427.816645][   T28] audit: type=1326 audit(1774070974.552:7542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24412 comm="syz.3.5402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7e617c799 code=0x7ffc0000
[  427.892952][   T28] audit: type=1326 audit(1774070974.552:7543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24412 comm="syz.3.5402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7e617c799 code=0x7ffc0000
[  428.994335][T24439] delete_channel: no stack
[  430.736519][   T28] kauditd_printk_skb: 6 callbacks suppressed
[  430.736536][   T28] audit: type=1326 audit(1774070977.842:7550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24488 comm="syz.4.5426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98521ec799 code=0x7ffc0000
[  430.884298][   T28] audit: type=1326 audit(1774070977.842:7551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24488 comm="syz.4.5426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98521ec799 code=0x7ffc0000
[  430.913375][   T28] audit: type=1326 audit(1774070977.842:7552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24488 comm="syz.4.5426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98521ec799 code=0x7ffc0000
[  430.937655][   T28] audit: type=1326 audit(1774070977.842:7553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24488 comm="syz.4.5426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98521ec799 code=0x7ffc0000
[  430.975728][   T28] audit: type=1326 audit(1774070977.842:7554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24488 comm="syz.4.5426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f98521ec799 code=0x7ffc0000
[  431.000332][   T28] audit: type=1326 audit(1774070977.912:7555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24488 comm="syz.4.5426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98521ec799 code=0x7ffc0000
[  431.024038][   T28] audit: type=1326 audit(1774070977.912:7556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24488 comm="syz.4.5426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98521ec799 code=0x7ffc0000
[  431.052326][   T28] audit: type=1326 audit(1774070977.912:7557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24488 comm="syz.4.5426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98521ec799 code=0x7ffc0000
[  431.076784][   T28] audit: type=1326 audit(1774070977.912:7558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24488 comm="syz.4.5426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98521ec799 code=0x7ffc0000
[  431.102030][   T28] audit: type=1326 audit(1774070977.932:7559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24488 comm="syz.4.5426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f98521ec799 code=0x7ffc0000
[  431.216995][T24499] Ÿë
: port 1(veth0_to_bridge) entered blocking state
[  431.223880][T24499] Ÿë
: port 1(veth0_to_bridge) entered disabled state
[  431.230886][T24499] veth0_to_bridge: entered allmulticast mode
[  431.237674][T24499] veth0_to_bridge: entered promiscuous mode
[  431.250211][T24499] Ÿë
: port 2(veth0_to_team) entered blocking state
[  431.265359][T24499] Ÿë
: port 2(veth0_to_team) entered disabled state
[  431.272470][T24499] veth0_to_team: entered allmulticast mode
[  431.280668][T24499] veth0_to_team: entered promiscuous mode
[  431.458560][T24505] x_tables: ip_tables: dccp match: only valid for protocol 33
[  431.863804][T24522] lo speed is unknown, defaulting to 1000
[  431.895584][T24522] lo speed is unknown, defaulting to 1000
[  431.984074][T24527] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5441'.
[  432.861595][T24567] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5452'.
[  432.870779][T24567] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5452'.
[  432.946036][T24576] A link change request failed with some changes committed already. Interface ipvlan0 may have been left with an inconsistent configuration, please check.
[  432.967526][T24580] loop6: detected capacity change from 0 to 512
[  432.980045][T24570] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5453'.
[  432.989412][T24580] EXT4-fs (loop6): couldn't mount as ext3 due to feature incompatibilities
[  434.509876][T24605] netlink: 24 bytes leftover after parsing attributes in process `syz.5.5464'.
[  434.561184][T24605] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=24605 comm=syz.5.5464
[  434.741919][T24612] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  434.897929][T24612] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  434.921944][T24618] loop6: detected capacity change from 0 to 164
[  434.986942][T24612] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  435.015012][T24618] rock: corrupted directory entry. extent=32, offset=131072, size=237
[  435.049134][T24612] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  435.149131][ T6337] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  435.166810][ T6337] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  435.183927][ T6337] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  435.199877][ T6337] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  435.561310][T24649] loop6: detected capacity change from 0 to 512
[  435.607940][T24649] EXT4-fs: Ignoring removed oldalloc option
[  435.723757][T24649] EXT4-fs error (device loop6): ext4_get_branch:178: inode #11: block 4294967295: comm syz.6.5483: invalid block
[  435.748613][T24649] loop6: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[  435.754941][    C0] EXT4-fs (loop6): error count since last fsck: 1
[  435.770621][    C0] EXT4-fs (loop6): initial error at time 1774070982: ext4_get_branch:178: inode 11: block 4294967295
[  435.781531][    C0] EXT4-fs (loop6): last error at time 1774070982: ext4_get_branch:178: inode 11: block 4294967295
[  435.795433][T24649] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #11: comm syz.6.5483: invalid indirect mapped block 4294967295 (level 1)
[  435.815749][T24649] loop6: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[  435.819249][T24649] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #11: comm syz.6.5483: invalid indirect mapped block 4294967295 (level 1)
[  435.849511][T24649] loop6: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[  435.852371][T24649] EXT4-fs (loop6): 2 truncates cleaned up
[  435.979908][T24649] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  436.378514][T21752] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  436.473406][   T28] kauditd_printk_skb: 190 callbacks suppressed
[  436.473423][   T28] audit: type=1326 audit(1774070983.572:7750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24682 comm="syz.4.5493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98521ec799 code=0x7ffc0000
[  436.491835][T24681] loop6: detected capacity change from 0 to 4096
[  436.525403][   T28] audit: type=1326 audit(1774070983.612:7751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24682 comm="syz.4.5493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98521ec799 code=0x7ffc0000
[  436.566059][   T28] audit: type=1326 audit(1774070983.622:7752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24682 comm="syz.4.5493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f98521ec799 code=0x7ffc0000
[  436.590834][T24681] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  436.609132][T24687] SELinux: security_context_str_to_sid (9) failed with errno=-22
[  436.625131][   T28] audit: type=1326 audit(1774070983.622:7753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24682 comm="syz.4.5493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f98521ec502 code=0x7ffc0000
[  436.649415][   T28] audit: type=1326 audit(1774070983.622:7754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24682 comm="syz.4.5493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f98521acfce code=0x7ffc0000
[  436.673085][   T28] audit: type=1326 audit(1774070983.622:7755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24682 comm="syz.4.5493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f98521ec5c7 code=0x7ffc0000
[  436.698550][   T28] audit: type=1326 audit(1774070983.622:7756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24682 comm="syz.4.5493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f98521acfce code=0x7ffc0000
[  436.722419][   T28] audit: type=1326 audit(1774070983.622:7757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24682 comm="syz.4.5493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f98521acfce code=0x7ffc0000
[  436.735508][T24681] EXT4-fs error (device loop6): ext4_do_update_inode:5569: inode #15: comm syz.6.5492: corrupted inode contents
[  436.748340][   T28] audit: type=1326 audit(1774070983.622:7758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24682 comm="syz.4.5493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98521ec799 code=0x7ffc0000
[  436.782143][   T28] audit: type=1326 audit(1774070983.622:7759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24682 comm="syz.4.5493" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f98521ec799 code=0x7ffc0000
[  436.807110][T24681] EXT4-fs error (device loop6): ext4_dirty_inode:6450: inode #15: comm syz.6.5492: mark_inode_dirty error
[  436.818966][T24681] EXT4-fs error (device loop6): ext4_do_update_inode:5569: inode #15: comm syz.6.5492: corrupted inode contents
[  436.831375][T24681] EXT4-fs error (device loop6): __ext4_ext_dirty:207: inode #15: comm syz.6.5492: mark_inode_dirty error
[  436.843611][T24681] EXT4-fs error (device loop6): ext4_do_update_inode:5569: inode #15: comm syz.6.5492: corrupted inode contents
[  436.855868][T24681] EXT4-fs error (device loop6): __ext4_ext_dirty:207: inode #15: comm syz.6.5492: mark_inode_dirty error
[  436.868234][T24681] EXT4-fs error (device loop6): ext4_do_update_inode:5569: inode #15: comm syz.6.5492: corrupted inode contents
[  436.880755][T24681] EXT4-fs error (device loop6): ext4_truncate:4587: inode #15: comm syz.6.5492: mark_inode_dirty error
[  436.892755][T24681] EXT4-fs error (device loop6) in ext4_setattr:5983: Corrupt filesystem
[  436.902274][T24688] EXT4-fs error (device loop6): ext4_do_update_inode:5569: inode #15: comm syz.6.5492: corrupted inode contents
[  436.953742][T21752] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  437.054167][T24698] delete_channel: no stack
[  437.158099][T24710] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5502'.
[  437.172598][T24710] batman_adv: batadv0: Removing interface: batadv_slave_0
[  437.476086][T24730] tipc: Enabled bearer <eth:batadv0>, priority 28
[  437.583975][T24739] netlink: 44 bytes leftover after parsing attributes in process `syz.4.5512'.
[  437.641901][T24743] can-isotp: isotp_sendmsg: can_send_ret -ENETDOWN
[  437.651973][T24743] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5513'.
[  439.017555][T24782] xt_hashlimit: size too large, truncated to 1048576
[  439.186908][T24787] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5528'.
[  439.259454][T24787] vlan0: entered allmulticast mode
[  439.264972][T24787] bridge11: entered allmulticast mode
[  439.521183][T24787] bridge11: port 1(veth15) entered blocking state
[  439.537610][T24787] bridge11: port 1(veth15) entered disabled state
[  439.561103][T24787] veth15: entered allmulticast mode
[  439.582646][T24787] veth15: entered promiscuous mode
[  441.645721][   T28] kauditd_printk_skb: 435 callbacks suppressed
[  441.645738][   T28] audit: type=1326 audit(1774071244.751:8195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24808 comm="syz.5.5536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fc94211c799 code=0x7ffc0000
[  441.980036][T24833] lo speed is unknown, defaulting to 1000
[  442.015783][T24833] lo speed is unknown, defaulting to 1000
[  443.283578][T24865] loop6: detected capacity change from 0 to 1764
[  443.690231][T24877] syzkaller0: create flow: hash 4207115315 index 1
[  443.774439][T24877] syzkaller0: delete flow: hash 4207115315 index 1
[  444.003749][T24890] Set syz0 is full, maxelem 0 reached
[  445.024452][T24904] netlink: 'syz.4.5571': attribute type 1 has an invalid length.
[  445.070962][T24904] 8021q: adding VLAN 0 to HW filter on device bond9
[  445.188989][T24904] bond9: (slave gretap1): making interface the new active one
[  445.217896][T24904] bond9: (slave gretap1): Enslaving as an active interface with an up link
[  445.636524][T24921] netlink: 24 bytes leftover after parsing attributes in process `syz.6.5576'.
[  445.738515][T24923] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=24923 comm=syz.6.5576
[  447.064903][   T28] audit: type=1400 audit(1774071250.161:8196): avc:  denied  { create } for  pid=24961 comm="syz.6.5591" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  447.140982][   T28] audit: type=1400 audit(1774071250.161:8197): avc:  denied  { bind } for  pid=24961 comm="syz.6.5591" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  447.161924][   T28] audit: type=1400 audit(1774071250.161:8198): avc:  denied  { write } for  pid=24961 comm="syz.6.5591" path="socket:[122194]" dev="sockfs" ino=122194 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  447.186931][   T28] audit: type=1400 audit(1774071250.161:8199): avc:  denied  { read } for  pid=24961 comm="syz.6.5591" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  447.444650][T24975] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  447.456582][   T28] audit: type=1326 audit(1774071250.551:8200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24974 comm="syz.3.5604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7e617c799 code=0x7ffc0000
[  447.534956][   T28] audit: type=1326 audit(1774071250.551:8201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24974 comm="syz.3.5604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7e617c799 code=0x7ffc0000
[  447.595007][   T28] audit: type=1326 audit(1774071250.561:8202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24974 comm="syz.3.5604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=98 compat=0 ip=0x7ff7e617c799 code=0x7ffc0000
[  447.664971][   T28] audit: type=1326 audit(1774071250.561:8203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24974 comm="syz.3.5604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7e617c799 code=0x7ffc0000
[  447.724934][   T28] audit: type=1326 audit(1774071250.561:8204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24974 comm="syz.3.5604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7e617c799 code=0x7ffc0000
[  447.777242][T24981] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5606'.
[  447.796152][T24981] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5606'.
[  448.004893][   T28] audit: type=1326 audit(1774071250.581:8205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24974 comm="syz.3.5604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7ff7e617c799 code=0x7ffc0000
[  448.084494][T24984] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5596'.
[  448.118030][T24986] xt_limit: Overflow, try lower: 0/0
[  450.144133][T25022] syzkaller0: entered promiscuous mode
[  450.150278][T25022] syzkaller0: entered allmulticast mode
[  451.419689][T25059] netlink: 24 bytes leftover after parsing attributes in process `syz.6.5626'.
[  451.589804][T25063] loop6: detected capacity change from 0 to 512
[  451.617320][T25063] EXT4-fs: Ignoring removed bh option
[  451.649998][T25063] EXT4-fs: inline encryption not supported
[  451.676002][T25063] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  451.750468][T25063] EXT4-fs warning (device loop6): ext4_update_dynamic_rev:1142: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  451.793839][T25063] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.5627: bg 0: block 248: padding at end of block bitmap is not set
[  451.825563][T25063] loop6: lost filesystem error report for type 5 error -117
[  451.825971][T25063] EXT4-fs error (device loop6): ext4_acquire_dquot:7001: comm syz.6.5627: Failed to acquire dquot type 1
[  451.844588][    C0] EXT4-fs (loop6): error count since last fsck: 1
[  451.844602][    C0] EXT4-fs (loop6): last error at time 1774071254: ext4_validate_block_bitmap:441
[  451.875088][T25063] loop6: lost filesystem error report for type 5 error -117
[  451.875600][T25063] EXT4-fs (loop6): 1 truncate cleaned up
[  451.905448][T25063] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback.
[  452.006613][T21752] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0008-000000000000.
[  452.220948][T25072] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  452.415787][T25072] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  452.454030][T25083] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5634'.
[  452.503231][T25083] netlink: 'syz.4.5634': attribute type 5 has an invalid length.
[  452.511706][T25083] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5634'.
[  452.570716][T25081] syz.5.5632 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[  452.580614][T25081] CPU: 0 UID: 0 PID: 25081 Comm: syz.5.5632 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  452.580661][T25081] Tainted: [W]=WARN
[  452.580670][T25081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  452.580687][T25081] Call Trace:
[  452.580761][T25081]  <TASK>
[  452.580770][T25081]  __dump_stack+0x1d/0x30
[  452.580886][T25081]  dump_stack_lvl+0x95/0xd0
[  452.580918][T25081]  dump_stack+0x15/0x1b
[  452.580947][T25081]  dump_header+0x80/0x240
[  452.580977][T25081]  oom_kill_process+0x295/0x350
[  452.581085][T25081]  out_of_memory+0x97d/0xb80
[  452.581114][T25081]  try_charge_memcg+0x62e/0xa10
[  452.581243][T25081]  __mem_cgroup_charge+0x65/0x150
[  452.581358][T25081]  shmem_get_folio_gfp+0x47b/0xd60
[  452.581402][T25081]  shmem_write_begin+0xfc/0x1f0
[  452.581439][T25081]  generic_perform_write+0x183/0x490
[  452.581576][T25081]  shmem_file_write_iter+0xc5/0xf0
[  452.581670][T25081]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  452.581712][T25081]  vfs_write+0x5a6/0x9f0
[  452.581780][T25081]  ksys_write+0xdc/0x1a0
[  452.581804][T25081]  __x64_sys_write+0x40/0x50
[  452.581837][T25081]  x64_sys_call+0x27e1/0x3020
[  452.581952][T25081]  do_syscall_64+0x12c/0x370
[  452.581984][T25081]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  452.582011][T25081] RIP: 0033:0x7fc9420dcfce
[  452.582031][T25081] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  452.582056][T25081] RSP: 002b:00007fc940b4dda8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  452.582161][T25081] RAX: ffffffffffffffda RBX: 00007fc940b4e6c0 RCX: 00007fc9420dcfce
[  452.582180][T25081] RDX: 0000000000400000 RSI: 00007fc93872e000 RDI: 0000000000000006
[  452.582197][T25081] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  452.582213][T25081] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006
[  452.582306][T25081] R13: 00007fc940b4dee0 R14: 00007fc940b4dea0 R15: 00007fc93872e000
[  452.582333][T25081]  </TASK>
[  452.582376][T25081] memory: usage 307200kB, limit 307200kB, failcnt 2888
[  452.826978][T25072] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  452.953999][T25090] netlink: 'syz.4.5636': attribute type 4 has an invalid length.
[  452.957720][T25072] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  452.972563][T25090] netlink: 17 bytes leftover after parsing attributes in process `syz.4.5636'.
[  452.987445][T25081] memory+swap: usage 202924kB, limit 9007199254740988kB, failcnt 0
[  452.995698][T25081] kmem: usage 112928kB, limit 9007199254740988kB, failcnt 0
[  453.003070][T25081] Memory cgroup stats for /syz5:
[  453.003280][T25081] cache 84787200
[  453.012234][T25081] rss 602112
[  453.024786][T25081] shmem 84787200
[  453.028647][T25081] mapped_file 12288
[  453.032470][T25081] dirty 0
[  453.035694][T25081] writeback 0
[  453.038989][T25081] workingset_refault_anon 668
[  453.043665][T25081] workingset_refault_file 0
[  453.048562][T25081] swap 10960896
[  453.058296][T25081] swapcached 18538496
[  453.062604][T25081] pgpgin 310959
[  453.066683][T25081] pgpgout 290105
[  453.075698][T25081] pgfault 310195
[  453.079352][  T263] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  453.079735][T25081] pgmajfault 125
[  453.091752][T25081] inactive_anon 4096
[  453.096948][T25081] active_anon 85413888
[  453.099540][  T263] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  453.102378][T25081] inactive_file 0
[  453.117406][T25081] active_file 0
[  453.123938][  T263] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  453.128763][T25081] unevictable 0
[  453.142332][T25081] hierarchical_memory_limit 314572800
[  453.142963][  T263] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  453.153638][T25081] hierarchical_memsw_limit 9223372036854771712
[  453.178804][T25100] syz_tun: entered allmulticast mode
[  453.192332][T25081] total_cache 84787200
[  453.197234][T25081] total_rss 602112
[  453.204986][T25081] total_shmem 84787200
[  453.213487][T25081] total_mapped_file 12288
[  453.222503][T25081] total_dirty 0
[  453.230857][T25081] total_writeback 0
[  453.237992][T25081] total_workingset_refault_anon 668
[  453.249333][T25081] total_workingset_refault_file 0
[  453.259594][T25081] total_swap 10960896
[  453.267887][T25081] total_swapcached 18538496
[  453.278753][T25081] total_pgpgin 310959
[  453.282787][T25081] total_pgpgout 290105
[  453.288203][T25081] total_pgfault 310195
[  453.292316][T25081] total_pgmajfault 125
[  453.296792][T25081] total_inactive_anon 4096
[  453.301428][T25081] total_active_anon 85413888
[  453.306195][T25081] total_inactive_file 0
[  453.310426][T25081] total_active_file 0
[  453.314711][T25081] total_unevictable 0
[  453.319177][T25081] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz5,task_memcg=/syz5,task=syz.5.5632,pid=25077,uid=0
[  453.334194][T25081] Memory cgroup out of memory: Killed process 25077 (syz.5.5632) total-vm:231380kB, anon-rss:1444kB, file-rss:22164kB, shmem-rss:12kB, UID:0 pgtables:140kB oom_score_adj:0
[  453.381021][T25100] syz_tun: left allmulticast mode
[  453.483941][   T28] kauditd_printk_skb: 5 callbacks suppressed
[  453.483956][   T28] audit: type=1400 audit(1774071256.581:8209): avc:  denied  { accept } for  pid=25110 comm="syz.5.5644" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  453.568896][   T28] audit: type=1400 audit(1774071256.671:8210): avc:  denied  { audit_write } for  pid=25116 comm="syz.6.5646" capability=29  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  453.710955][T25127] netlink: 27 bytes leftover after parsing attributes in process `syz.6.5647'.
[  453.766270][T25129] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5651'.
[  453.776061][T25129] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5651'.
[  453.794239][   T28] audit: type=1326 audit(1774071256.891:8211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25131 comm="syz.5.5652" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc94211c799 code=0x0
[  453.841449][T25134] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5653'.
[  453.856759][   T28] audit: type=1326 audit(1774071256.961:8212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25131 comm="syz.5.5652" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc94211c799 code=0x7ffc0000
[  453.912363][   T28] audit: type=1326 audit(1774071256.961:8213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25131 comm="syz.5.5652" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc94211c799 code=0x7ffc0000
[  453.940097][   T28] audit: type=1326 audit(1774071256.961:8214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25131 comm="syz.5.5652" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc94211c799 code=0x7ffc0000
[  453.965993][   T28] audit: type=1326 audit(1774071256.961:8215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25131 comm="syz.5.5652" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fc94211c799 code=0x7ffc0000
[  453.991690][   T28] audit: type=1326 audit(1774071256.961:8216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25131 comm="syz.5.5652" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc94211c799 code=0x7ffc0000
[  454.050232][T25138] netlink: 'syz.6.5654': attribute type 83 has an invalid length.
[  454.071604][   T28] audit: type=1326 audit(1774071256.981:8217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25131 comm="syz.5.5652" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc94211c799 code=0x7ffc0000
[  454.122849][   T28] audit: type=1326 audit(1774071256.981:8218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25131 comm="syz.5.5652" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc94211c799 code=0x7ffc0000
[  454.769915][T25153] bond7: (slave veth21): Enslaving as an active interface with a down link
[  455.089685][T25157] bond7: (slave veth23): Enslaving as an active interface with a down link
[  455.235642][T25174] netlink: 'syz.3.5667': attribute type 1 has an invalid length.
[  455.265778][T25174] 8021q: adding VLAN 0 to HW filter on device bond8
[  455.294019][T25176] netlink: 'syz.6.5666': attribute type 3 has an invalid length.
[  455.302212][T25176] netlink: 'syz.6.5666': attribute type 3 has an invalid length.
[  455.333362][T25176] netlink: 'syz.6.5666': attribute type 3 has an invalid length.
[  455.356586][T25176] netlink: 'syz.6.5666': attribute type 3 has an invalid length.
[  455.394636][T25176] netlink: 'syz.6.5666': attribute type 3 has an invalid length.
[  455.408697][T25176] netlink: 'syz.6.5666': attribute type 3 has an invalid length.
[  455.470638][T25174] bond8: (slave gretap2): making interface the new active one
[  455.508396][T25174] bond8: (slave gretap2): Enslaving as an active interface with an up link
[  456.073291][T25209] netlink: 20 bytes leftover after parsing attributes in process `syz.5.5679'.
[  457.242524][T25236] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5685'.
[  457.764354][T25245] netlink: 27 bytes leftover after parsing attributes in process `syz.3.5689'.
[  457.829687][T25250] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  457.887471][T25250] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  457.986353][T25250] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  458.048356][T25250] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  458.256761][  T312] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  458.278800][  T312] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  458.453110][  T312] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  458.577345][T25261] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5694'.
[  458.602549][ T6315] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  458.624727][T25261] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5694'.
[  458.673510][T25267] validate_nla: 46 callbacks suppressed
[  458.673526][T25267] netlink: 'syz.3.5695': attribute type 21 has an invalid length.
[  458.836179][T25272] loop6: detected capacity change from 0 to 128
[  458.873335][T25275] syU×: rxe_newlink: already configured on lo
[  458.945906][T25272] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  458.977643][T25272] ext4 filesystem being mounted at /200/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  459.140995][   T28] kauditd_printk_skb: 362 callbacks suppressed
[  459.141011][   T28] audit: type=1326 audit(1774071262.241:8581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25286 comm="syz.2.5703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3853d4c799 code=0x7ffc0000
[  459.228602][   T28] audit: type=1326 audit(1774071262.241:8582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25286 comm="syz.2.5703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3853d4c799 code=0x7ffc0000
[  459.315689][   T28] audit: type=1326 audit(1774071262.241:8583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25286 comm="syz.2.5703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3853d4c799 code=0x7ffc0000
[  459.339294][   T28] audit: type=1326 audit(1774071262.241:8584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25286 comm="syz.2.5703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3853d4c799 code=0x7ffc0000
[  459.421054][   T28] audit: type=1326 audit(1774071262.271:8585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25286 comm="syz.2.5703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f3853d4c799 code=0x7ffc0000
[  459.469321][   T28] audit: type=1326 audit(1774071262.271:8586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25286 comm="syz.2.5703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3853d4c799 code=0x7ffc0000
[  459.554280][T25303] netlink: 'syz.4.5708': attribute type 15 has an invalid length.
[  459.563720][   T28] audit: type=1326 audit(1774071262.271:8587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25286 comm="syz.2.5703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3853d4c799 code=0x7ffc0000
[  459.599603][T21752] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  459.615694][T25303] netlink: 11930 bytes leftover after parsing attributes in process `syz.4.5708'.
[  459.636075][   T28] audit: type=1326 audit(1774071262.271:8588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25286 comm="syz.2.5703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3853d4c799 code=0x7ffc0000
[  459.682876][   T28] audit: type=1326 audit(1774071262.271:8590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25286 comm="syz.2.5703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3853d4c799 code=0x7ffc0000
[  459.707440][   T28] audit: type=1326 audit(1774071262.271:8591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25286 comm="syz.2.5703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3853d4c799 code=0x7ffc0000
[  460.172640][T25294] syz.2.5705 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=0
[  460.222602][T25294] CPU: 0 UID: 0 PID: 25294 Comm: syz.2.5705 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  460.222653][T25294] Tainted: [W]=WARN
[  460.222768][T25294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  460.222782][T25294] Call Trace:
[  460.222799][T25294]  <TASK>
[  460.222808][T25294]  __dump_stack+0x1d/0x30
[  460.222840][T25294]  dump_stack_lvl+0x95/0xd0
[  460.222878][T25294]  dump_stack+0x15/0x1b
[  460.222908][T25294]  dump_header+0x80/0x240
[  460.222939][T25294]  oom_kill_process+0x295/0x350
[  460.222989][T25294]  out_of_memory+0x97d/0xb80
[  460.223039][T25294]  try_charge_memcg+0x62e/0xa10
[  460.223093][T25294]  obj_cgroup_charge_pages+0x23/0xc0
[  460.223127][T25294]  __memcg_kmem_charge_page+0x9e/0x170
[  460.223163][T25294]  __alloc_frozen_pages_noprof+0x18a/0x360
[  460.223205][T25294]  alloc_pages_mpol+0xb3/0x260
[  460.223246][T25294]  alloc_pages_noprof+0x8f/0x130
[  460.223331][T25294]  __vmalloc_node_range_noprof+0xa46/0x12b0
[  460.223378][T25294]  __kvmalloc_node_noprof+0x3d4/0x650
[  460.223436][T25294]  ? ip_set_alloc+0x24/0x30
[  460.223471][T25294]  ? ip_set_alloc+0x24/0x30
[  460.223559][T25294]  ? __kmalloc_cache_noprof+0x18a/0x410
[  460.223594][T25294]  ip_set_alloc+0x24/0x30
[  460.223630][T25294]  hash_netiface_create+0x282/0x740
[  460.223671][T25294]  ? __pfx_hash_netiface_create+0x10/0x10
[  460.223740][T25294]  ip_set_create+0x3cf/0x970
[  460.223804][T25294]  ? __nla_parse+0x40/0x60
[  460.223842][T25294]  nfnetlink_rcv_msg+0x509/0x5d0
[  460.223920][T25294]  netlink_rcv_skb+0x123/0x220
[  460.223957][T25294]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  460.223998][T25294]  nfnetlink_rcv+0x167/0x1720
[  460.224032][T25294]  ? __kfree_skb+0x109/0x150
[  460.224143][T25294]  ? nlmon_xmit+0x4f/0x60
[  460.224161][T25294]  ? consume_skb+0x4b/0x160
[  460.224190][T25294]  ? nlmon_xmit+0x4f/0x60
[  460.224217][T25294]  ? dev_hard_start_xmit+0x3b9/0x3f0
[  460.224293][T25294]  ? __dev_queue_xmit+0x136c/0x1f20
[  460.224331][T25294]  ? __dev_queue_xmit+0x148/0x1f20
[  460.224400][T25294]  ? ref_tracker_free+0x37d/0x3e0
[  460.224445][T25294]  ? __netlink_deliver_tap+0x4dc/0x500
[  460.224554][T25294]  netlink_unicast+0x5c0/0x690
[  460.224583][T25294]  netlink_sendmsg+0x5c8/0x6f0
[  460.224620][T25294]  ? __pfx_netlink_sendmsg+0x10/0x10
[  460.224682][T25294]  ____sys_sendmsg+0x563/0x5b0
[  460.224746][T25294]  ___sys_sendmsg+0x195/0x1e0
[  460.224802][T25294]  __x64_sys_sendmsg+0xd4/0x160
[  460.224913][T25294]  x64_sys_call+0x194c/0x3020
[  460.224950][T25294]  do_syscall_64+0x12c/0x370
[  460.224983][T25294]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  460.225012][T25294] RIP: 0033:0x7f3853d4c799
[  460.225029][T25294] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  460.225123][T25294] RSP: 002b:00007f38527a7028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  460.225168][T25294] RAX: ffffffffffffffda RBX: 00007f3853fc5fa0 RCX: 00007f3853d4c799
[  460.225186][T25294] RDX: 0000000000000880 RSI: 0000200000000040 RDI: 0000000000000003
[  460.225204][T25294] RBP: 00007f3853de2c99 R08: 0000000000000000 R09: 0000000000000000
[  460.225221][T25294] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  460.225277][T25294] R13: 00007f3853fc6038 R14: 00007f3853fc5fa0 R15: 00007ffc3e7d85c8
[  460.225303][T25294]  </TASK>
[  460.648026][T25294] memory: usage 51880kB, limit 307200kB, failcnt 1284
[  460.655244][T25294] memory+swap: usage 52668kB, limit 9007199254740988kB, failcnt 0
[  460.663244][T25294] kmem: usage 40992kB, limit 9007199254740988kB, failcnt 0
[  460.670544][T25294] Memory cgroup stats for /syz2:
[  460.670985][T25294] cache 10641408
[  460.679680][T25294] rss 311296
[  460.682940][T25294] shmem 10637312
[  460.686588][T25294] mapped_file 57344
[  460.690475][T25294] dirty 4096
[  460.693717][T25294] writeback 0
[  460.698729][T25294] workingset_refault_anon 2948
[  460.703588][T25294] workingset_refault_file 990
[  460.708350][T25294] swap 548864
[  460.711680][T25294] swapcached 5873664
[  460.724194][T25294] pgpgin 341803
[  460.727823][T25294] pgpgout 339076
[  460.731410][T25294] pgfault 435311
[  460.735084][T25294] pgmajfault 410
[  460.738659][T25294] inactive_anon 53248
[  460.742698][T25294] active_anon 11001856
[  460.801582][T25331] netlink: 24 bytes leftover after parsing attributes in process `syz.6.5715'.
[  460.831128][T25331] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5715'.
[  460.844543][T25294] inactive_file 0
[  460.857838][T25294] active_file 4096
[  460.902621][T25294] unevictable 0
[  460.945057][T25294] hierarchical_memory_limit 314572800
[  460.950475][T25294] hierarchical_memsw_limit 9223372036854771712
[  461.000892][T25294] total_cache 10641408
[  461.010742][T25294] total_rss 311296
[  461.014499][T25294] total_shmem 10637312
[  461.141466][T25294] total_mapped_file 57344
[  461.146015][T25294] total_dirty 4096
[  461.149749][T25294] total_writeback 0
[  461.153561][T25294] total_workingset_refault_anon 2948
[  461.159763][T25294] total_workingset_refault_file 990
[  461.165207][T25294] total_swap 548864
[  461.169028][T25294] total_swapcached 5873664
[  461.173458][T25294] total_pgpgin 341803
[  461.177939][T25294] total_pgpgout 339076
[  461.182094][T25294] total_pgfault 435311
[  461.187072][T25294] total_pgmajfault 410
[  461.191170][T25294] total_inactive_anon 53248
[  461.195996][T25294] total_active_anon 11001856
[  461.200614][T25294] total_inactive_file 0
[  461.204778][T25294] total_active_file 4096
[  461.215202][T25294] total_unevictable 0
[  461.219209][T25294] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.5705,pid=25293,uid=0
[  461.520046][T25294] Memory cgroup out of memory: Killed process 25293 (syz.2.5705) total-vm:96344kB, anon-rss:1424kB, file-rss:22376kB, shmem-rss:484kB, UID:0 pgtables:128kB oom_score_adj:0
[  461.985315][T25355] netlink: 'syz.3.5723': attribute type 11 has an invalid length.
[  462.134975][T25364] bond7: option mode: unable to set because the bond device has slaves
[  462.163908][T25364] vlan1: entered allmulticast mode
[  462.179323][T25364] bond7: entered allmulticast mode
[  465.485911][T25421] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5744'.
[  465.514573][T25421] vlan1: entered allmulticast mode
[  465.520070][T25421] bridge17: entered allmulticast mode
[  465.532872][T25421] bridge17: port 1(erspan0) entered blocking state
[  465.539593][T25421] bridge17: port 1(erspan0) entered disabled state
[  465.555028][T25421] erspan0: entered allmulticast mode
[  465.565925][T25421] erspan0: entered promiscuous mode
[  465.585462][T25421] bridge17: port 1(erspan0) entered blocking state
[  465.592028][T25421] bridge17: port 1(erspan0) entered forwarding state
[  465.705173][T25427] syz.3.5747 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  465.969201][T25430] xt_CT: No such helper "pptp"
[  466.983795][T25451] netlink: 24 bytes leftover after parsing attributes in process `syz.6.5755'.
[  467.016814][T25451] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=25451 comm=syz.6.5755
[  467.097171][T25453] netlink: 'syz.5.5754': attribute type 2 has an invalid length.
[  467.111474][T25453] netlink: 199792 bytes leftover after parsing attributes in process `syz.5.5754'.
[  467.123242][   T28] kauditd_printk_skb: 50 callbacks suppressed
[  467.123258][   T28] audit: type=1326 audit(1774071270.221:8641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25454 comm="syz.3.5756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7e617c799 code=0x7ffc0000
[  467.202132][   T28] audit: type=1326 audit(1774071270.221:8642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25454 comm="syz.3.5756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7e617c799 code=0x7ffc0000
[  467.284698][   T28] audit: type=1326 audit(1774071270.221:8643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25454 comm="syz.3.5756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7e617c799 code=0x7ffc0000
[  467.354686][   T28] audit: type=1326 audit(1774071270.221:8644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25454 comm="syz.3.5756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7e617c799 code=0x7ffc0000
[  467.399829][T25468] xt_hashlimit: size too large, truncated to 1048576
[  467.454984][   T28] audit: type=1326 audit(1774071270.221:8645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25454 comm="syz.3.5756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7ff7e617c799 code=0x7ffc0000
[  467.505492][   T28] audit: type=1326 audit(1774071270.231:8646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25454 comm="syz.3.5756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7e617c799 code=0x7ffc0000
[  467.622364][T25474] loop6: detected capacity change from 0 to 1024
[  467.635142][T25474] EXT4-fs: Ignoring removed bh option
[  467.641049][   T28] audit: type=1326 audit(1774071270.231:8647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25454 comm="syz.3.5756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7e617c799 code=0x7ffc0000
[  467.714852][   T28] audit: type=1326 audit(1774071270.231:8648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25454 comm="syz.3.5756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7e617c799 code=0x7ffc0000
[  467.762616][T25474] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  467.799628][   T28] audit: type=1326 audit(1774071270.231:8649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25454 comm="syz.3.5756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7e617c799 code=0x7ffc0000
[  467.847994][   T28] audit: type=1326 audit(1774071270.231:8650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25454 comm="syz.3.5756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7e617c799 code=0x7ffc0000
[  467.924499][T21752] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  468.083386][T25503] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5770'.
[  468.117192][T25503] bridge0: port 1(macsec1) entered blocking state
[  468.123910][T25503] bridge0: port 1(macsec1) entered disabled state
[  468.131199][T25503] macsec1: entered allmulticast mode
[  468.136928][T25503] bridge0: entered allmulticast mode
[  468.142988][T25503] macsec1: left allmulticast mode
[  468.149319][T25503] bridge0: left allmulticast mode
[  468.234128][T25507] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5771'.
[  468.247858][T25507] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5771'.
[  468.254958][ T6337] netdevsim netdevsim2 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  468.271019][T25507] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5771'.
[  468.280507][ T6337] netdevsim netdevsim2 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  468.288854][ T6337] netdevsim netdevsim2 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  468.298247][ T6337] netdevsim netdevsim2 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  468.309083][T25507] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5771'.
[  468.414454][T25509] netlink: 60 bytes leftover after parsing attributes in process `syz.2.5772'.
[  468.736220][T25509] bridge12: trying to set multicast query interval above maximum, setting to 8640000 (86400000ms)
[  468.749192][T25509] bridge12: entered promiscuous mode
[  468.755608][T25509] bridge12: entered allmulticast mode
[  468.852649][T25517] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  468.918928][T25523] syzkaller0: entered promiscuous mode
[  468.924434][T25523] syzkaller0: entered allmulticast mode
[  468.952042][T25517] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  469.056863][T25517] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  469.133674][T25517] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  469.221175][ T6315] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  469.244788][ T6315] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  469.283147][ T6315] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  469.315826][ T6315] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  469.919113][T25565] netlink: 40 bytes leftover after parsing attributes in process `syz.4.5786'.
[  470.091864][T25569] netlink: 'syz.6.5788': attribute type 1 has an invalid length.
[  470.197544][T25569] bond3: entered promiscuous mode
[  470.230160][T25569] 8021q: adding VLAN 0 to HW filter on device bond3
[  470.277156][T25571] bond3: entered allmulticast mode
[  470.395469][T25569] bond3: (slave bridge2): making interface the new active one
[  470.403075][T25569] bridge2: entered promiscuous mode
[  470.408490][T25569] bridge2: entered allmulticast mode
[  470.415262][T25569] bond3: (slave bridge2): Enslaving as an active interface with an up link
[  470.810012][T25585] xfrm0: left promiscuous mode
[  470.831945][T25585] vlan0: left allmulticast mode
[  470.863078][T25585] bridge11: left allmulticast mode
[  470.880156][T25583] ==================================================================
[  470.888304][T25583] BUG: KCSAN: data-race in shmem_file_splice_read / shmem_file_splice_read
[  470.896968][T25583] 
[  470.899320][T25583] write to 0xffff88817c4320a8 of 8 bytes by task 25578 on cpu 1:
[  470.907051][T25583]  shmem_file_splice_read+0x470/0x600
[  470.912460][T25583]  splice_direct_to_actor+0x26e/0x670
[  470.917844][T25583]  do_splice_direct+0x119/0x1a0
[  470.922712][T25583]  do_sendfile+0x382/0x650
[  470.927158][T25583]  __x64_sys_sendfile64+0x105/0x150
[  470.932396][T25583]  x64_sys_call+0x2dc4/0x3020
[  470.937118][T25583]  do_syscall_64+0x12c/0x370
[  470.941763][T25583]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  470.947686][T25583] 
[  470.950030][T25583] write to 0xffff88817c4320a8 of 8 bytes by task 25583 on cpu 0:
[  470.957775][T25583]  shmem_file_splice_read+0x470/0x600
[  470.963180][T25583]  splice_direct_to_actor+0x26e/0x670
[  470.968591][T25583]  do_splice_direct+0x119/0x1a0
[  470.973477][T25583]  do_sendfile+0x382/0x650
[  470.977914][T25583]  __x64_sys_sendfile64+0x105/0x150
[  470.983127][T25583]  x64_sys_call+0x2dc4/0x3020
[  470.987834][T25583]  do_syscall_64+0x12c/0x370
[  470.992452][T25583]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  470.998371][T25583] 
[  471.000704][T25583] value changed: 0x0000000000000f26 -> 0x0000000000000f2e
[  471.007824][T25583] 
[  471.010159][T25583] Reported by Kernel Concurrency Sanitizer on:
[  471.016326][T25583] CPU: 0 UID: 0 PID: 25583 Comm: syz.5.5800 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  471.027330][T25583] Tainted: [W]=WARN
[  471.031159][T25583] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  471.041266][T25583] ==================================================================
[  471.096603][T10052] lo speed is unknown, defaulting to 1000
[  471.102763][ T6311] netdevsim netdevsim2 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  471.119114][ T6311] netdevsim netdevsim2 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  471.144697][T10052] syz2: Port: 1 Link DOWN
[  471.149510][ T6311] netdevsim netdevsim2 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  471.157967][ T6311] netdevsim netdevsim2 eth3: unset [0, 0] type 1 family 0 port 8472 - 0