last executing test programs:

2m7.82475431s ago: executing program 32 (id=184):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
close(r1)
socket$inet_udp(0x2, 0x2, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x0)
writev(r0, &(0x7f0000000040)=[{&(0x7f0000000100)="89e7ee2c78dad9b4b473fec988cafb", 0x240}], 0x1)

2m6.084850938s ago: executing program 3 (id=214):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = add_key$fscrypt_v1(&(0x7f0000000600), &(0x7f0000000280)={'fscrypt:', @desc2}, &(0x7f0000000740)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300", 0x1c}, 0x48, 0xffffffffffffffff)
r3 = add_key$fscrypt_v1(&(0x7f0000000400), &(0x7f0000000440)={'fscrypt:', @desc1}, &(0x7f0000000480)={0x0, "6035ae1e0fe721441700322225930e6c1e3e2a51a92fd796bc34d7cf6e0236805b4377f7ab1a9b01c103a4c6de6269613800"}, 0x48, 0xfffffffffffffffd)
keyctl$KEYCTL_MOVE(0x4, r3, r2, 0x0, 0x0)
r4 = add_key$fscrypt_v1(&(0x7f00000003c0), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300", 0x2}, 0x48, 0xffffffffffffffff)
keyctl$KEYCTL_MOVE(0x4, r2, r4, 0x0, 0x0)

2m5.967334779s ago: executing program 3 (id=216):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x6)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000400)=@newqdisc={0x48, 0x24, 0x5820a61ca228651, 0x0, 0x2, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x7fffffff, 0x1}}]}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000480)=@newtfilter={0x64, 0x28, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x1}, {0xfffb}, {0xfff1, 0x3d}}, [@filter_kind_options=@f_bpf={{0x8}, {0x38, 0x2, [@TCA_BPF_ACT={0x34, 0x1, [@m_ctinfo={0x30, 0x1c, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}]}, 0x64}}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0xfffffffd, 0x0, {0x0, 0x0, 0x0, r3, {0x7, 0xfff2}, {}, {0x8, 0xfff1}}}, 0x24}}, 0x40004)

2m5.870443381s ago: executing program 3 (id=220):
r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x2, @perf_bp={0x0, 0x1}, 0x1100, 0x5dd8, 0x3a65, 0x9, 0x0, 0x8, 0x5, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x5, 0x3, &(0x7f0000000500)=ANY=[], &(0x7f0000000c00)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
r2 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41, 0x0, 0x4}}, 0x10)
listen(r2, 0x0)
r3 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r3, &(0x7f0000002300)={&(0x7f0000000040)=@id={0x1e, 0x3, 0x0, {0x4e22, 0x1}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x44}, 0x4)
sendmsg$tipc(r3, &(0x7f00000002c0)={&(0x7f0000000080)=@nameseq={0x1e, 0x2, 0x0, {0x41}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x480c0}, 0x0)
accept4(r2, 0x0, 0x0, 0x400000000000000)

2m5.821851442s ago: executing program 3 (id=222):
syz_mount_image$ext4(&(0x7f00000005c0)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x800700, &(0x7f0000000580), 0x3, 0x465, &(0x7f0000000f00)="$eJzs3M9vFFUcAPDvzLYgP1sRf4CoVWJs/NHSgsrBi0YTDxhN9IDH2hZCWKihNRFCpBqDFxND1LPxaOJf4M2LUU8mXvVuSIhyAT3VzOwM7C67pYXtLnQ/n2SX92Ze+963b97Mm3m7BNC3RrK3JGJrRPwREUO1bGOBkdo/Vy+fnf738tnpJJaW3v47yctduXx2uixa/tyWIjOaRqSfJkUljeZPnzk+Va3Oniry4wsn3h+fP33muWMnpo7OHp09OXnw4IH9Ey++MPn8Mq3fuOI4s7iu7P5obs+u19+98Mb04Qvv/fJ91t6txf76ODplJAv8n6Vc3eYvs7cnO11Zj22rSycDPWwIq1KJiKy7BvPxPxSVuN55Q/HaJz1tHLCmsmvTMlfRxSVgHUtihcViZQWBu0V5oc/uf8tXl6Yed4RLL9dugLK4rxav2p6BSIsyg033t500EhGHF//7JnvFGj2HAACo9/n014fi2VbzvzQeqCu3vVhDGY6IeyNiR0TcFxE7I+L+iLzsgxHxUNuaNrTc2rw0dOP8J714y8GtQDb/e6lY22qc/5Wzv8pwpchty+MfTI4cq87uK/4mozG4MctPLFPHj6/+/kW7ffXzv+yV1V/OBYt2XBxoekA3M7UwlU9KO+DSxxG7B1rFn1xbCchu/XdFxO7V/ertZeLY09/taVfo5vEvowPrTEvfRjxV6//FaIq/lCy/Pjl+T1Rn942XR8WNfv3t/Fvt6r+t+Dsg6//Njcd/c5HhpH69dn71dZz/87O29zS3evxvSN7J+6U8q3w4tbBwaiJiQ3Iozzdsn7z+s2W+LJ/FP7q39fjfUUtsyt4ejojsIH4kIh6NiMeKtj8eEU9ExN5l4v/5lfb77oT+n2l5/rt2/Df1/+oTleM//dCu/pX1/4E8NVpsyc9/N7HSBt7O3w4AAADuFmn+GfgkHbuWTtOxsdpn+HfG5rQ6N7/wzJG5D07O1D4rPxyDafmka6jueehEslj8xlp+snhWXO7fXzw3/qqyKc+PTc9VZ3ocO/S7LW3Gf+avSq9bB6y5Vutoky3Xaxu+yAasA83jP23Mnnuzm40Busr3taF/3WT8p91qB9B9rv/Qv1qN/3NNeWsBsD65/kP/Mv6hfxn/0L+Mf+hLt/O9/n5OZKfMO6AZ1aGiH7tfe6S9jl1iLRKt/58mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAu9X/AQAA//9l+OT1")
syz_usb_connect(0x0, 0x3d, 0x0, 0x0)
chdir(&(0x7f0000000400)='./file0\x00')
openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
creat(&(0x7f0000000340)='./bus\x00', 0x11a)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x41800, 0x0)
r0 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x84)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2000003, 0x28011, r0, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000440)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x2800053, 0x0, 0xfc, 0x0, &(0x7f00000000c0))

2m5.082225184s ago: executing program 3 (id=238):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='sysfs\x00', 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x53, 0xfffffffc, 0x0, 0x0, 0x0, 0x6f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
lsetxattr$security_capability(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), &(0x7f00000006c0)=@v3={0x3000000, [{0xffffffff, 0x80000001}, {0x8009, 0x56}], 0xee01}, 0x18, 0x0)

2m3.986507571s ago: executing program 3 (id=254):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7fe}, 0xe)
getsockopt$sock_buf(r0, 0x1, 0x1c, 0x0, &(0x7f0000000180))
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180), 0x40e02, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x6)
write$rfkill(r1, &(0x7f0000000300)={0x0, 0x2, 0x3, 0x1, 0x1}, 0x8)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
renameat(0xffffffffffffff9c, 0x0, 0xffffffffffffffff, 0x0)
write$rfkill(r1, &(0x7f0000000340)={0x53, 0x8, 0x0, 0x1, 0xcc}, 0x8)

2m3.942270811s ago: executing program 33 (id=254):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7fe}, 0xe)
getsockopt$sock_buf(r0, 0x1, 0x1c, 0x0, &(0x7f0000000180))
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180), 0x40e02, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x6)
write$rfkill(r1, &(0x7f0000000300)={0x0, 0x2, 0x3, 0x1, 0x1}, 0x8)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
renameat(0xffffffffffffff9c, 0x0, 0xffffffffffffffff, 0x0)
write$rfkill(r1, &(0x7f0000000340)={0x53, 0x8, 0x0, 0x1, 0xcc}, 0x8)

1m29.166982271s ago: executing program 2 (id=1156):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_config_ext={0x4, 0x1}, 0x1100, 0x5dd9, 0x0, 0x5, 0x0, 0x8, 0xfffc, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f00000003c0))
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0)
r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r3)
sendmsg$NFC_CMD_DEV_UP(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010028bd7000fedbdf250200000008000100", @ANYRES32=r2], 0x1c}, 0x1, 0x0, 0x0, 0x4040}, 0x8000)
timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)

1m28.970733614s ago: executing program 2 (id=1161):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40000100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x7}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000001c0)={'sit0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x600, 0x25dfdbfb, {0x0, 0x0, 0x0, r4, {0x0, 0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0x4}}, @TCA_RATE={0x6}]}, 0x38}, 0x1, 0x0, 0x0, 0x48801}, 0x0)

1m28.850519006s ago: executing program 2 (id=1162):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x5, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000750000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r1}, &(0x7f0000000800), &(0x7f0000000840)=r2}, 0x17)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='workqueue_activate_work\x00', r0}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='workqueue_activate_work\x00', r3}, 0x10)
bpf$MAP_LOOKUP_ELEM(0x5, &(0x7f00000000c0)={0xffffffffffffffff, 0x0, 0x0}, 0x20)

1m28.795783506s ago: executing program 2 (id=1165):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x12b)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000300)='configfs\x00', 0x0, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
move_mount(r0, &(0x7f0000000080)='./file0/file0\x00', r0, &(0x7f0000000040)='./file0/../file0\x00', 0x0)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0\x00', 0x0, 0x12f451, 0x0)

1m28.739551918s ago: executing program 2 (id=1166):
unshare(0x2c020600)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0xffffffffffffff6c)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1, 0x0, 0xfffffffffffffffe}, 0x18)
r2 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r2, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x4, 0x3, 0x3}, 0x10)
sendmsg$tipc(r2, &(0x7f0000000400)={&(0x7f00000008c0), 0x58, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x20)

1m27.914277461s ago: executing program 2 (id=1178):
r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x106, 0x40001, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x2, @perf_config_ext={0x0, 0x10000}, 0x1320, 0xfffffffd, 0x3, 0x7, 0x4, 0x1088f105, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002380)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f00000001c0)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xc, 0xf}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8001}, 0x20008850)
sendmsg$nl_route_sched(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x34, 0x2c, 0xd27, 0x70bd28, 0x0, {0x0, 0x0, 0x0, r5, {0xf000, 0xffff}, {}, {0x7}}, [@filter_kind_options=@f_route={{0xa}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x80}, 0x20000800)

1m27.91406921s ago: executing program 34 (id=1178):
r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x106, 0x40001, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x2, @perf_config_ext={0x0, 0x10000}, 0x1320, 0xfffffffd, 0x3, 0x7, 0x4, 0x1088f105, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002380)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f00000001c0)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xc, 0xf}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8001}, 0x20008850)
sendmsg$nl_route_sched(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x34, 0x2c, 0xd27, 0x70bd28, 0x0, {0x0, 0x0, 0x0, r5, {0xf000, 0xffff}, {}, {0x7}}, [@filter_kind_options=@f_route={{0xa}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x80}, 0x20000800)

1m25.669444696s ago: executing program 5 (id=1227):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x1d, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r4}, 0x10)
r5 = dup(r2)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[], [], 0x6b}})

1m25.529802558s ago: executing program 5 (id=1236):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000300)=""/180}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
futex(0x0, 0x87, 0x0, 0x0, 0x0, 0x0)
r1 = socket$inet6(0x10, 0x3, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r3}, 0x10)
sendto$inet6(r1, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0)

1m25.42213814s ago: executing program 5 (id=1247):
r0 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x3, 0x3, 0x3}, 0x10)
r1 = socket$tipc(0x1e, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r2, @ANYBLOB="0000000000000000b70800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r3}, 0x18)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
close(r0)

1m25.388428461s ago: executing program 5 (id=1239):
syz_mount_image$ext4(&(0x7f00000005c0)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x800700, &(0x7f0000000580), 0x3, 0x465, &(0x7f0000000f00)="$eJzs3M9vFFUcAPDvzLYgP1sRf4CoVWJs/NHSgsrBi0YTDxhN9IDH2hZCWKihNRFCpBqDFxND1LPxaOJf4M2LUU8mXvVuSIhyAT3VzOwM7C67pYXtLnQ/n2SX92Ze+963b97Mm3m7BNC3RrK3JGJrRPwREUO1bGOBkdo/Vy+fnf738tnpJJaW3v47yctduXx2uixa/tyWIjOaRqSfJkUljeZPnzk+Va3Oniry4wsn3h+fP33muWMnpo7OHp09OXnw4IH9Ey++MPn8Mq3fuOI4s7iu7P5obs+u19+98Mb04Qvv/fJ91t6txf76ODplJAv8n6Vc3eYvs7cnO11Zj22rSycDPWwIq1KJiKy7BvPxPxSVuN55Q/HaJz1tHLCmsmvTMlfRxSVgHUtihcViZQWBu0V5oc/uf8tXl6Yed4RLL9dugLK4rxav2p6BSIsyg033t500EhGHF//7JnvFGj2HAACo9/n014fi2VbzvzQeqCu3vVhDGY6IeyNiR0TcFxE7I+L+iLzsgxHxUNuaNrTc2rw0dOP8J714y8GtQDb/e6lY22qc/5Wzv8pwpchty+MfTI4cq87uK/4mozG4MctPLFPHj6/+/kW7ffXzv+yV1V/OBYt2XBxoekA3M7UwlU9KO+DSxxG7B1rFn1xbCchu/XdFxO7V/ertZeLY09/taVfo5vEvowPrTEvfRjxV6//FaIq/lCy/Pjl+T1Rn942XR8WNfv3t/Fvt6r+t+Dsg6//Njcd/c5HhpH69dn71dZz/87O29zS3evxvSN7J+6U8q3w4tbBwaiJiQ3Iozzdsn7z+s2W+LJ/FP7q39fjfUUtsyt4ejojsIH4kIh6NiMeKtj8eEU9ExN5l4v/5lfb77oT+n2l5/rt2/Df1/+oTleM//dCu/pX1/4E8NVpsyc9/N7HSBt7O3w4AAADuFmn+GfgkHbuWTtOxsdpn+HfG5rQ6N7/wzJG5D07O1D4rPxyDafmka6jueehEslj8xlp+snhWXO7fXzw3/qqyKc+PTc9VZ3ocO/S7LW3Gf+avSq9bB6y5Vutoky3Xaxu+yAasA83jP23Mnnuzm40Busr3taF/3WT8p91qB9B9rv/Qv1qN/3NNeWsBsD65/kP/Mv6hfxn/0L+Mf+hLt/O9/n5OZKfMO6AZ1aGiH7tfe6S9jl1iLRKt/58mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAu9X/AQAA//9l+OT1")
syz_usb_connect(0x0, 0x3d, 0x0, 0x0)
chdir(&(0x7f0000000400)='./file0\x00')
openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
creat(&(0x7f0000000340)='./bus\x00', 0x11a)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x41800, 0x0)
r0 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x84)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2000003, 0x28011, r0, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000440)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x2800053, 0x0, 0xfc, 0x0, &(0x7f00000000c0))

1m24.562385813s ago: executing program 5 (id=1260):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0xfff0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4)
connect$inet(r0, &(0x7f00000006c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2}}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r1}, 0x38)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2, 0x0, 0x2}, 0x18)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000140)=0x1, 0x4)
sendmmsg$inet(r0, &(0x7f0000003780)=[{{0x0, 0x0, &(0x7f0000001340)=[{&(0x7f0000001280)='<', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000001600)=[{&(0x7f0000001500)='&', 0x1}], 0x1}}], 0x2, 0x24004441)

1m24.262417088s ago: executing program 5 (id=1266):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
socket$kcm(0x10, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
recvmsg(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f00000007c0)=""/259, 0x103}], 0x1}, 0x0)
close(r1)
sendmsg$tipc(r2, &(0x7f0000000240)={0x0, 0x810100, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1, 0x0, 0x0, 0x3}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)

1m24.262242368s ago: executing program 35 (id=1266):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
socket$kcm(0x10, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
recvmsg(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f00000007c0)=""/259, 0x103}], 0x1}, 0x0)
close(r1)
sendmsg$tipc(r2, &(0x7f0000000240)={0x0, 0x810100, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1, 0x0, 0x0, 0x3}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)

1m6.539251528s ago: executing program 7 (id=1635):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000004800000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000050000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, 0x0)
pipe(0x0)
accept4$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a31000000002c0003800800014000000000180003801400010076657468315f746f5f626f6e6400000008000240000000006c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a30000000004000038008000140000000002c0003801400010067656e657665300000000000000000001400010076657468315f746f5f626f6e64000000080002"], 0x10c}}, 0x0)

1m6.482861339s ago: executing program 7 (id=1636):
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
r1 = inotify_init1(0x0)
fcntl$setstatus(r1, 0x4, 0x4a000)
r2 = gettid()
rt_sigprocmask(0x0, &(0x7f0000000080)={[0xfffffffffffffffd]}, 0x0, 0x8)
fcntl$setownex(r1, 0xf, &(0x7f0000000100)={0x0, r2})
prlimit64(0x0, 0xb, &(0x7f000002fff0), 0x0)
inotify_add_watch(r1, &(0x7f00000000c0)='./file0\x00', 0xa2002874)
fcntl$notify(r1, 0xa, 0x34)
fsetxattr$security_capability(r0, &(0x7f0000000000), 0x0, 0x0, 0x0)

1m6.456559649s ago: executing program 7 (id=1637):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000400)='io_uring_create\x00', r0}, 0x18)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500000057"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x6e, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000400)='io_uring_create\x00', r3}, 0x18)
io_uring_setup(0x1de0, &(0x7f00000000c0)={0x0, 0x45d6, 0x0, 0x0, 0x0, 0x0, r3})

1m6.43357903s ago: executing program 7 (id=1638):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x12b)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000300)='configfs\x00', 0x0, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
move_mount(r0, &(0x7f0000000080)='./file0/file0\x00', r0, &(0x7f0000000040)='./file0/../file0\x00', 0x0)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0\x00', 0x0, 0x12f451, 0x0)

1m6.41120974s ago: executing program 7 (id=1639):
syz_io_uring_setup(0x16e, 0x0, 0x0, &(0x7f0000001340))
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b7030000f8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x2000000, 0x80010, 0xffffffffffffffff, 0xffffc000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='mm_page_alloc\x00', r0}, 0x10)
io_submit(0x0, 0x1, &(0x7f0000000080)=[&(0x7f0000000140)={0x0, 0x4, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f00000000c0)}])
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x2)
r1 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'wg2\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newqdisc={0x44, 0x24, 0xf0b, 0x0, 0x0, {0x60, 0x0, 0x0, r3, {0x0, 0x3}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_DIFFSERV_MODE={0x8, 0x3, 0x1}, @TCA_CAKE_DIFFSERV_MODE={0x8, 0x3, 0x1}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x40010}, 0x0)

1m6.343124571s ago: executing program 7 (id=1641):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_config_ext={0x4, 0x1}, 0x1100, 0x5dd9, 0x0, 0x5, 0x0, 0x8, 0xfffc, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f00000003c0))
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0)
r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r3)
sendmsg$NFC_CMD_DEV_UP(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010028bd7000fedbdf250200000008000100", @ANYRES32=r2], 0x1c}, 0x1, 0x0, 0x0, 0x4040}, 0x8000)
timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)

1m6.328651842s ago: executing program 36 (id=1641):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_config_ext={0x4, 0x1}, 0x1100, 0x5dd9, 0x0, 0x5, 0x0, 0x8, 0xfffc, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f00000003c0))
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0)
r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r3)
sendmsg$NFC_CMD_DEV_UP(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010028bd7000fedbdf250200000008000100", @ANYRES32=r2], 0x1c}, 0x1, 0x0, 0x0, 0x4040}, 0x8000)
timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)

52.544019699s ago: executing program 9 (id=1856):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x0, 0x2, 0xbbdffffc}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, r0, 0x0, &(0x7f0000000040)='./file0\x00', 0x64, 0x183000, 0x23456})
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x6, r3}, 0x38)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r4, 0x0, 0x80000000000}, 0x18)
io_uring_enter(r0, 0x47f6, 0x0, 0x2, 0x0, 0x0)

52.168048465s ago: executing program 9 (id=1863):
r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x7, 0x590, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x5, 0xa5d4}, 0x4c58, 0x6, 0x0, 0x1, 0x8, 0x1ffff, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x3)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="05000000070000000800000005"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r2}, 0x10)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000003, 0x13, r0, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030609100000000000004c9e0000000200130002000000da16c167d803f1f805000600200000000a00060000000000ff0000000000000000001ffeff0001000003f1dc7f7c6e7c0200010000000000004000020000000005000500000000000a"], 0x80}}, 0x0)
sendmmsg(r3, &(0x7f0000000180), 0x400008a, 0x0)

52.114482816s ago: executing program 9 (id=1866):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r3, 0x3)
syz_emit_ethernet(0x36, &(0x7f00000005c0)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x10, 0x0, 0x0, 0x7}}}}}}, 0x0)

52.075452067s ago: executing program 9 (id=1868):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x12b)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000300)='configfs\x00', 0x0, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
move_mount(r0, &(0x7f0000000080)='./file0/file0\x00', r0, &(0x7f0000000040)='./file0/../file0\x00', 0x0)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0\x00', 0x0, 0x12f451, 0x0)

52.034986328s ago: executing program 9 (id=1870):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bf"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f00000000c0), 0x4}, 0x8002, 0x0, 0x0, 0x2, 0x0, 0x1}, 0x0, 0x4, 0xffffffffffffffff, 0x2)
socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
write$UHID_CREATE2(r1, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_open_dev$hidraw(&(0x7f00000004c0), 0xfffffffffefffffc, 0x10a002)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0xe, 0x7fff0000}]})
close_range(r2, 0xffffffffffffffff, 0x0)

51.840730461s ago: executing program 9 (id=1877):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f00000000c0), 0xfc, 0x574, &(0x7f0000001980)="$eJzs3c9rHFUcAPDvbJI2/aFJoRT1IIEerNRumsQfFTzUk4gWC3qvS7INJZtuyW5KEwu2B3vxIkUQsSB69+6x+A/4VxS0UKQEPXiJzGY2XZPZNNlumm3384Fp35uZzZvvvvm+fbOzywbQt8bSfwoRL0fEN0nESMu2wcg2jq3tt/Lw+nS6JLG6+ulfSSTZuub+Sfb/oazyUkT89lXEycLmdmtLy3OlSqW8kNXH6/NXxmtLy6cuzZdmy7Ply5NTU2fempp89523uxbr6+f/+f6Tux+e+fr4yne/3D9yO4mzcTjb1hrHE7jRWhmLsew5GYqzG3ac6EJjvSTZ6wOgIwNZng9FOgaMxECW9blWR57moQG77Ms0rYE+lch/6FPNeUDz2r5L18HPjAfvr10AbY5/cO29kRhuXBsdXEn+d2WUXu+OdqH9tI1f/7xzO12i3fsQ+7vQEMAGN25GxOnBwc3jX5KNf507vY19NrbRb68/sJfupvOfN/LmP4X1+U/kzH8O5eRuJx6f/4X7XWimrXT+917u/Hf9ptXoQFZ7oTHnG0ouXqqU07HtxYg4EUP70/pERHyQfxPk88LKvdV27bfO/9Ilbb85F8yO4/7ghvnfTKleevLI1zy4GfFK7vw3We//JKf/0+fj/DbbOFa+82q7bY+Pf3et/hTxWm7/P+rMZOv7k+ON82G8eVZs9vetY7+3a3+v40/7/+DW8Y8mrfdraztv48fhf8vttnV6/u9LPmuU92XrrpXq9YWJiH3Jx5vXTz56bLPe3D+N/8Txrce/vPP/QJrY24z/1tFbrbsO7yz+3ZXGP7Oj/t954d5HX/zQrv3t9f+bjdKJbM12xr/tHuCTPHcAAAAAAADQawoRcTiSQnG9XCgUi2uf7zgaBwuVaq1+8mJ18fJMNL4rOxpDhead7pGWz0NMZJ+HbdYnN9SnIuJIRHw7cKBRL05XKzN7HTwAAAAAAAAAAAAAAAAAAAD0iEMRw3nf/0/9MZD/mDargWfRFj/5DTzn2ud/tqUbv/QE9CSv/9C/5D/0L/kP/Uv+Q/+S/9C/5D/0L/kP/Wsn+f/zuV08EAAAAAAAAAAAAAAAAAAAAAAAAAAAAHg+nD93Ll1WVx5en07rM1eXFueqV0/NlGtzxfnF6eJ0deFKcbZana2Ui9PV+cf9vUq1emViMhavjdfLtfp4bWn5wnx18XL9wqX50mz5QnnoqUQFAAAAAAAAAAAAAAAAAAAAz5ba0vJcqVIpLygodFQY7I3D6MFCoTcOo8PCXo9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDIfwEAAP//wGE62g==")
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r3}, 0x10)
write$P9_RVERSION(r1, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
r4 = dup(r1)
write$P9_RLERRORu(r4, &(0x7f0000000500)=ANY=[@ANYBLOB='S'], 0x53)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])

51.825069461s ago: executing program 37 (id=1877):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f00000000c0), 0xfc, 0x574, &(0x7f0000001980)="$eJzs3c9rHFUcAPDvbJI2/aFJoRT1IIEerNRumsQfFTzUk4gWC3qvS7INJZtuyW5KEwu2B3vxIkUQsSB69+6x+A/4VxS0UKQEPXiJzGY2XZPZNNlumm3384Fp35uZzZvvvvm+fbOzywbQt8bSfwoRL0fEN0nESMu2wcg2jq3tt/Lw+nS6JLG6+ulfSSTZuub+Sfb/oazyUkT89lXEycLmdmtLy3OlSqW8kNXH6/NXxmtLy6cuzZdmy7Ply5NTU2fempp89523uxbr6+f/+f6Tux+e+fr4yne/3D9yO4mzcTjb1hrHE7jRWhmLsew5GYqzG3ac6EJjvSTZ6wOgIwNZng9FOgaMxECW9blWR57moQG77Ms0rYE+lch/6FPNeUDz2r5L18HPjAfvr10AbY5/cO29kRhuXBsdXEn+d2WUXu+OdqH9tI1f/7xzO12i3fsQ+7vQEMAGN25GxOnBwc3jX5KNf507vY19NrbRb68/sJfupvOfN/LmP4X1+U/kzH8O5eRuJx6f/4X7XWimrXT+917u/Hf9ptXoQFZ7oTHnG0ouXqqU07HtxYg4EUP70/pERHyQfxPk88LKvdV27bfO/9Ilbb85F8yO4/7ghvnfTKleevLI1zy4GfFK7vw3We//JKf/0+fj/DbbOFa+82q7bY+Pf3et/hTxWm7/P+rMZOv7k+ON82G8eVZs9vetY7+3a3+v40/7/+DW8Y8mrfdraztv48fhf8vttnV6/u9LPmuU92XrrpXq9YWJiH3Jx5vXTz56bLPe3D+N/8Txrce/vPP/QJrY24z/1tFbrbsO7yz+3ZXGP7Oj/t954d5HX/zQrv3t9f+bjdKJbM12xr/tHuCTPHcAAAAAAADQawoRcTiSQnG9XCgUi2uf7zgaBwuVaq1+8mJ18fJMNL4rOxpDhead7pGWz0NMZJ+HbdYnN9SnIuJIRHw7cKBRL05XKzN7HTwAAAAAAAAAAAAAAAAAAAD0iEMRw3nf/0/9MZD/mDargWfRFj/5DTzn2ud/tqUbv/QE9CSv/9C/5D/0L/kP/Uv+Q/+S/9C/5D/0L/kP/Wsn+f/zuV08EAAAAAAAAAAAAAAAAAAAAAAAAAAAAHg+nD93Ll1WVx5en07rM1eXFueqV0/NlGtzxfnF6eJ0deFKcbZana2Ui9PV+cf9vUq1emViMhavjdfLtfp4bWn5wnx18XL9wqX50mz5QnnoqUQFAAAAAAAAAAAAAAAAAAAAz5ba0vJcqVIpLygodFQY7I3D6MFCoTcOo8PCXo9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDIfwEAAP//wGE62g==")
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r3}, 0x10)
write$P9_RVERSION(r1, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
r4 = dup(r1)
write$P9_RLERRORu(r4, &(0x7f0000000500)=ANY=[@ANYBLOB='S'], 0x53)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])

2.130441666s ago: executing program 4 (id=2712):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000002ffff0000000000000000008500d7f3dfe314000011000000955413"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x9, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, @perf_bp={0x0}, 0x410, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair(0x5, 0x1, 0x20, &(0x7f0000000200))
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x10010, 0xc8, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x80000000000000, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r0}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
close(r2)
recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r3=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r3, &(0x7f00000002c0)=ANY=[@ANYBLOB="8fedcb791f6f9875f37538e486dd6317ce81ea031100fe08000e40000200875a65969ff57b00ff020000000000000000000000000001", @ANYRES8, @ANYRESHEX=0x0], 0xfdef)

2.043523987s ago: executing program 4 (id=2714):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[], 0x48)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_lru_insertion\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_lru_insertion\x00', r1}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r3, &(0x7f0000000180), 0x40010)

1.740612682s ago: executing program 4 (id=2720):
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x800000000003}, 0x1100, 0x5dd8, 0x0, 0x5, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
creat(&(0x7f0000000380)='./file0\x00', 0x0)

1.695842123s ago: executing program 1 (id=2724):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x32, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', <r4=>0x0})
openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/bus/input/devices\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000700)=@newqdisc={0x7c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x4c, 0x2, {{0x0, 0x0, 0x57b2}, [@TCA_NETEM_LOSS={0x4}, @TCA_NETEM_SLOT={0x2c, 0xc, {0x7, 0x100, 0x40, 0x9, 0x2, 0x94}}]}}}]}, 0x7c}}, 0x0)

1.678410894s ago: executing program 1 (id=2726):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000bf7c069300850000e27c00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b70400000000000085000000330000009500000000000000"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
close(0xffffffffffffffff)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r2, &(0x7f0000000c40), 0x12)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_subtree(r3, &(0x7f0000000080), 0x2, 0x0)
write$cgroup_subtree(r4, &(0x7f0000000040)=ANY=[@ANYBLOB='+pids'], 0x6)

1.660470074s ago: executing program 4 (id=2727):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000980), 0x0)
getsockopt$inet_sctp6_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r1=>0x0}, &(0x7f00000004c0)=0x27)
setsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000680)={r1, 0xfff, 0x7f, 0x3, 0x1, 0x1ff}, 0x14)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x12, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r2}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000004700)={'team0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r5, {}, {}, {0x8, 0x5}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x8881}, 0x0)

1.655405134s ago: executing program 1 (id=2729):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e8500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f0000000740)={<r3=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r2, 0xc0182101, &(0x7f00000000c0)={r3})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f0000002780)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r2, 0x40182103, &(0x7f0000000080)={r4, 0x3, r2, 0x5})

1.526043276s ago: executing program 1 (id=2735):
socketpair$tipc(0x1e, 0x2, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000380)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x0, 0xe3d08660d3cd4684})
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x80000)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="4c000000020681010000000000000000000000000500050002000000050001000700000005000400030000000900020073797a310000000011000300686173683a6e65742c6e6574"], 0x4c}, 0x1, 0x0, 0x0, 0x4040000}, 0x800)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000580)={0x50, 0x9, 0x6, 0x201, 0x0, 0x0, {0x3}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x28, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @remote}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @rand_addr=0x64010101}}]}]}, 0x50}, 0x1, 0x0, 0x0, 0xd24f4d5778621d46}, 0x4)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)={0x1c, 0x7, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x1c}}, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

1.509370926s ago: executing program 4 (id=2736):
connect$inet(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$pptp(0x18, 0x1, 0x2)
bind$pptp(r0, &(0x7f0000000000)={0x18, 0x2, {0x0, @local}}, 0x1e)
connect$pptp(r0, &(0x7f0000000080)={0x18, 0x2, {0x0, @rand_addr=0x64010102}}, 0x1e)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000100), 0x2300, 0x0)
ioctl$PPPIOCATTCHAN(r1, 0x40047438, &(0x7f0000000040)=0x1)
ioctl$PPPIOCSFLAGS1(r1, 0x40047459, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
pselect6(0x40, &(0x7f0000000100), &(0x7f0000000000)={0x1f}, 0x0, 0x0, 0x0)

1.508905746s ago: executing program 1 (id=2737):
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x1, 0x800001, 0x0, 0x0, 0x0)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
mlock2(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x1)
mincore(&(0x7f0000ff5000/0x4000)=nil, 0x4000, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r0 = socket$caif_stream(0x25, 0x1, 0x3)
recvmsg(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=""/204, 0xcc}, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x2}}, 0x20)

1.480487216s ago: executing program 0 (id=2738):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x7, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000)
r3 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r3, &(0x7f0000000040)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc)
r4 = syz_io_uring_setup(0x497, &(0x7f0000000200)={0x0, 0x4661, 0x400, 0x3, 0x288}, &(0x7f0000000340)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r3, 0x0, 0x0})
io_uring_enter(r4, 0x40f9, 0x217, 0xa5, 0x0, 0x0)
close_range(r2, r3, 0x0)

1.430339938s ago: executing program 6 (id=2739):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
ioctl$RTC_ALM_READ(0xffffffffffffffff, 0x40187013, &(0x7f0000000040))
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000140)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = dup(r3)
add_key(&(0x7f0000000040)='ceph\x00', 0x0, &(0x7f0000000bc0)="0100000200373a4541062101a59ea940d2cb0b36b8f5020000a00000050000000000eb000000a5e5be21c44e328e68f3922af831e4e51bfb30f7788fd57e51bc464355bd646d037ccc16ddb08a7b3a697aedb66ddd793acf37119e61f502d8bbb016f701890700000068d945af468c1c9090c76906b94e0f27761c75e58c82da54d010078660684a4106855beaf5e813ed18aa4acabb5bee7f082d24a16b01fc91471eba59152e716af8776ab90ac48bcbee6570df22513808ecab7a9680aa613a56aa11bfa73af4c4e94b5cfc855f0e910186d7e68ac24f8b125140ac5f7f4819168ce1c25550c6773b41011999d8d9827757d96c5e8aa4617cc54c5e67060a92661f84e698d1fe3cee10a85882cbecb29f2a22535ac50e64d95ecbab66f54373b94475e05b79a0a61bc2ae1e", 0x12d, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000680)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@msize={'msize', 0x3d, 0x1000}}], [], 0x6b}})

1.419548498s ago: executing program 8 (id=2740):
socket$packet(0x11, 0x2, 0x300)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
socket$packet(0x11, 0xa, 0x300)
socket$packet(0x11, 0xa, 0x300)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x6, 0x3, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f271a76d2608064c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0x7, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000fcffffff18110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000100850000008600000095"], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x18)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[], 0x54}}, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)

1.376878348s ago: executing program 0 (id=2741):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x7, 0x2, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000640), &(0x7f0000000740), 0x75, r2}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000818110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r1}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r3}, 0x10)
r4 = socket$inet6(0xa, 0x800000000000002, 0x0)
sendto$inet6(r4, 0x0, 0x5c4, 0x404c844, &(0x7f0000000540)={0xa, 0x4e24, 0x0, @local}, 0x1c)

1.328994019s ago: executing program 6 (id=2742):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket(0x10, 0x803, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0x7}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x2}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtfilter={0x50, 0x2c, 0xd27, 0x30bd29, 0x2, {0x0, 0x0, 0x0, r5, {0x0, 0xc}, {}, {0x7, 0xa}}, [@filter_kind_options=@f_basic={{0xa}, {0x20, 0x2, [@TCA_BASIC_EMATCHES={0x1c, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}, @TCA_EMATCH_TREE_LIST={0x10, 0x2, 0x0, 0x1, [@TCF_EM_META={0xc, 0x1, 0x0, 0x0, {{0x7, 0x4, 0x4}}}]}]}]}}]}, 0x50}}, 0x0)

1.24250452s ago: executing program 0 (id=2743):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000e41621eb70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r2}, 0x10)
syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x0, 0x2, 0x4}, 0x0, 0x0)

1.23082546s ago: executing program 6 (id=2744):
r0 = io_uring_setup(0xbbc, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x3, 0x159})
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8000, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x14, 0xffffffff}, 0x0, 0x0, 0x3, 0x5, 0x0, 0x800001, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, &(0x7f0000000040)})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r1 = perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x2)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{}, &(0x7f0000000180), 0x0}, 0x20)
close(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r2, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r2, 0x0)
io_uring_enter(r0, 0x100000, 0x2, 0xf, &(0x7f0000000000), 0x18)

1.185631451s ago: executing program 8 (id=2746):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e8500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f0000000740)={<r3=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r2, 0xc0182101, &(0x7f00000000c0)={r3})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f0000002780)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r2, 0x40182103, &(0x7f0000000080)={r4, 0x3, r2, 0x5})

1.033918353s ago: executing program 6 (id=2747):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet6(0xa, 0x2, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f0000000180)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001000370400000000ffffffff00000000", @ANYRES32=r4, @ANYBLOB="0b12050000000000240012800b00010069703667726500001400028008000100", @ANYRES32=r4], 0x44}, 0x1, 0x0, 0x0, 0x48800}, 0x4000010)
sendmmsg$inet(r2, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @local}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r4, @empty, @multicast1}}}], 0x20}}], 0x1, 0x8000004)

1.024704364s ago: executing program 8 (id=2748):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x0, 0x0, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6_vti0\x00', 0x200})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000013c0)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r1}, 0x10)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb, 0x0, 0x0, 0x0, 0x5ff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x89f1, &(0x7f0000000080))

958.572765ms ago: executing program 8 (id=2749):
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
setsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, 0x0, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth1_to_team\x00', <r1=>0x0})
bind$packet(r0, &(0x7f0000000280)={0x11, 0x0, r1, 0x1, 0x1, 0x6, @local}, 0x14)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="180100000100a7d9000000000020b208850000007b00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x810)
mknod(0x0, 0x8000, 0x4)
bind$packet(r0, &(0x7f0000000100)={0x11, 0x3}, 0x14)

958.068214ms ago: executing program 6 (id=2759):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000c80)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f0000000280)={0x2, 0x0, @local}, 0x10)
connect$inet(r1, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r1, &(0x7f0000007fc0), 0x800001d, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r1, 0x0, 0x482, &(0x7f0000000040)={0x100000011, @multicast2, 0x0, 0x0, 'wlc\x00', 0x15, 0x88, 0xc000067}, 0x2c)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

914.015975ms ago: executing program 8 (id=2750):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe2(&(0x7f0000000000)={<r0=>0xffffffffffffffff}, 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe2(&(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
tee(r0, r2, 0xfffffffffffffc01, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r4, 0x0, 0x6}, 0x18)

778.290197ms ago: executing program 6 (id=2751):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b70400000000000085000000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1, 0x0, 0x2}, 0x18)
r2 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
sendfile(r2, r2, 0x0, 0x800000009)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f00000000c0)=[@in={0x2, 0x4e20, @remote}, @in6={0xa, 0x4e22, 0x6, @empty, 0x72b}], 0x2c)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000940), 0x81000, 0x0)
ioctl$PTP_SYS_OFFSET(r5, 0x43403d05, &(0x7f0000001f80))
recvmsg(r3, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r4, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)

310.472645ms ago: executing program 0 (id=2752):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f0000000000)=@newtaction={0xa0, 0x30, 0x9, 0x2, 0x0, {}, [{0x8c, 0x1, [@m_bpf={0x88, 0x1, 0x0, 0x0, {{0x8}, {0x60, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x7}, @TCA_ACT_BPF_OPS={0x3c, 0x4, [{}, {}, {0x3}, {0x0, 0x7}, {0x8}, {}, {0x6, 0xfe}]}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0x0, 0x0, 0x0, 0x0, 0xfffffff7}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa0}, 0x1, 0x0, 0x0, 0x24000004}, 0x0)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r3, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)

310.304335ms ago: executing program 4 (id=2753):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffffff0000000000100000850000"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000800), r0)
r1 = gettid()
timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe(&(0x7f00000008c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
splice(0xffffffffffffffff, 0x0, r3, 0x0, 0x7, 0x9)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f00000007c0)={'syztnl0\x00', &(0x7f0000000740)={'ip6gre0\x00', 0x0, 0x2f, 0x7, 0x3, 0x6, 0x10, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}, @empty, 0x80, 0x7, 0x2}})
read(r2, &(0x7f0000032440)=""/102364, 0x18fdc)

302.583655ms ago: executing program 1 (id=2754):
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
tkill(0x0, 0x12)
faccessat2(0xffffffffffffffff, &(0x7f0000000000)='\x00', 0x2, 0x1100)
write(r1, &(0x7f0000004200)='t', 0x1)
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7ffff000)

39.751529ms ago: executing program 0 (id=2755):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mbind(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x80)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000500)='./file0\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x29ed4d1, 0x0)
mount$tmpfs(0x0, &(0x7f0000000400)='./file0/../file0\x00', &(0x7f00000001c0), 0x0, 0x0)
umount2(&(0x7f00000002c0)='./file0\x00', 0x0)

29.405699ms ago: executing program 8 (id=2756):
syz_open_procfs$namespace(0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000034ed00000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x2d)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)

0s ago: executing program 0 (id=2757):
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_route(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="5c00000010000104000000000000000000002000", @ANYRES32=0x0, @ANYBLOB="03000000000000002c0012800c0001006d6163766c616e001c000280080001000800000006ef0200010000001ffe02000000000008000500", @ANYRES32=r2, @ANYBLOB='\b\x00\n'], 0x5c}, 0x1, 0x0, 0x0, 0x4}, 0xc010)

kernel console output (not intermixed with test programs):

 comm syz.6.1578: invalid indirect mapped block 4294967295 (level 1)
[  102.757747][ T7947] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #11: comm syz.6.1578: invalid indirect mapped block 4294967295 (level 1)
[  102.774741][ T7947] EXT4-fs (loop6): 2 truncates cleaned up
[  102.782245][ T7947] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  102.848075][ T4301] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.215804][ T7985] bridge: RTM_NEWNEIGH with invalid ether address
[  103.278493][ T7990] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1593'.
[  103.288043][ T7990] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1593'.
[  103.297315][ T7990] netlink: 16 bytes leftover after parsing attributes in process `syz.7.1593'.
[  103.482039][   T29] kauditd_printk_skb: 241 callbacks suppressed
[  103.482084][   T29] audit: type=1326 audit(1748912907.103:2165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7992 comm="syz.1.1608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7fb04271e969 code=0x7ffc0000
[  103.512191][   T29] audit: type=1326 audit(1748912907.103:2166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7992 comm="syz.1.1608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb04271e969 code=0x7ffc0000
[  103.536054][   T29] audit: type=1326 audit(1748912907.103:2167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7992 comm="syz.1.1608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb04271e969 code=0x7ffc0000
[  103.593456][   T29] audit: type=1326 audit(1748912907.103:2168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7992 comm="syz.1.1608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=82 compat=0 ip=0x7fb04271e969 code=0x7ffc0000
[  103.617766][   T29] audit: type=1326 audit(1748912907.103:2169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7992 comm="syz.1.1608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb04271e969 code=0x7ffc0000
[  103.641367][   T29] audit: type=1326 audit(1748912907.103:2170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7992 comm="syz.1.1608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb04271e969 code=0x7ffc0000
[  103.698884][   T29] audit: type=1326 audit(1748912907.323:2171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8004 comm="syz.4.1603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61bf40e969 code=0x7ffc0000
[  103.722363][   T29] audit: type=1326 audit(1748912907.323:2172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8004 comm="syz.4.1603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61bf40e969 code=0x7ffc0000
[  103.749666][   T29] audit: type=1326 audit(1748912907.323:2173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8004 comm="syz.4.1603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f61bf40e969 code=0x7ffc0000
[  103.773440][   T29] audit: type=1326 audit(1748912907.323:2174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8004 comm="syz.4.1603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61bf40e969 code=0x7ffc0000
[  103.828933][ T8002] x_tables: ip_tables: bpf.1 match: invalid size 528 (kernel) != (user) 536
[  103.851795][ T8011] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  103.881214][ T8010] netlink: 96 bytes leftover after parsing attributes in process `syz.6.1605'.
[  103.928318][ T8017] syz_tun: entered allmulticast mode
[  103.938149][ T8017] syz_tun (unregistering): left allmulticast mode
[  103.979416][ T8021] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  104.083744][ T8023] netlink: 'syz.1.1613': attribute type 4 has an invalid length.
[  104.285399][ T8059] tipc: New replicast peer: 255.255.255.255
[  104.291645][ T8059] tipc: Enabled bearer <udp:syz2>, priority 10
[  104.732446][ T8088] lo speed is unknown, defaulting to 1000
[  104.818809][ T8088] chnl_net:caif_netlink_parms(): no params data found
[  104.864833][ T8088] bridge0: port 1(bridge_slave_0) entered blocking state
[  104.872086][ T8088] bridge0: port 1(bridge_slave_0) entered disabled state
[  104.879821][ T8088] bridge_slave_0: entered allmulticast mode
[  104.886621][ T8088] bridge_slave_0: entered promiscuous mode
[  104.893632][ T8088] bridge0: port 2(bridge_slave_1) entered blocking state
[  104.900861][ T8088] bridge0: port 2(bridge_slave_1) entered disabled state
[  104.908134][ T8088] bridge_slave_1: entered allmulticast mode
[  104.914628][ T8088] bridge_slave_1: entered promiscuous mode
[  104.932429][ T8088] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  104.942929][ T8088] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  104.963437][ T8088] team0: Port device team_slave_0 added
[  104.970223][ T8088] team0: Port device team_slave_1 added
[  104.986806][ T8088] batman_adv: batadv0: Adding interface: batadv_slave_0
[  104.993873][ T8088] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  105.020227][ T8088] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  105.031766][ T8088] batman_adv: batadv0: Adding interface: batadv_slave_1
[  105.038813][ T8088] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  105.065038][ T8088] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  105.093920][ T8088] hsr_slave_0: entered promiscuous mode
[  105.100338][ T8088] hsr_slave_1: entered promiscuous mode
[  105.106379][ T8088] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  105.114055][ T8088] Cannot create hsr debugfs directory
[  105.217293][ T8088] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  105.229369][ T8088] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  105.239094][ T8088] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  105.253235][ T8088] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  105.282297][ T8088] bridge0: port 2(bridge_slave_1) entered blocking state
[  105.289624][ T8088] bridge0: port 2(bridge_slave_1) entered forwarding state
[  105.297508][ T8088] bridge0: port 1(bridge_slave_0) entered blocking state
[  105.306000][ T8088] bridge0: port 1(bridge_slave_0) entered forwarding state
[  105.306465][ T7408] tipc: Node number set to 2163862513
[  105.362146][ T8123] xt_hashlimit: size too large, truncated to 1048576
[  105.387218][ T8088] 8021q: adding VLAN 0 to HW filter on device bond0
[  105.400066][ T8088] 8021q: adding VLAN 0 to HW filter on device team0
[  105.446863][ T8119] lo speed is unknown, defaulting to 1000
[  105.577286][ T8088] 8021q: adding VLAN 0 to HW filter on device batadv0
[  105.712814][ T8088] veth0_vlan: entered promiscuous mode
[  105.721069][ T8088] veth1_vlan: entered promiscuous mode
[  105.749452][ T8088] veth0_macvtap: entered promiscuous mode
[  105.757399][ T8088] veth1_macvtap: entered promiscuous mode
[  105.769345][ T8088] batman_adv: batadv0: Interface activated: batadv_slave_0
[  105.784193][ T8088] batman_adv: batadv0: Interface activated: batadv_slave_1
[  105.794439][ T8088] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  105.803453][ T8088] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  105.812369][ T8088] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  105.821354][ T8088] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  105.884840][ T8159] -1: renamed from syzkaller0
[  106.065888][ T8171] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  106.575561][ T8196] loop8: detected capacity change from 0 to 512
[  106.583262][ T8196] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  106.601108][ T8196] EXT4-fs warning (device loop8): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  106.618494][ T8196] EXT4-fs (loop8): 1 truncate cleaned up
[  106.624783][ T8196] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  106.667089][ T7033] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.696302][ T8202] loop8: detected capacity change from 0 to 512
[  106.703242][ T8202] EXT4-fs (loop8): bad s_want_extra_isize: 11962
[  106.724935][ T8202] loop8: detected capacity change from 0 to 512
[  106.738940][ T8202] EXT4-fs (loop8): 1 orphan inode deleted
[  106.745599][ T8202] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  106.758315][ T5529] EXT4-fs error (device loop8): ext4_release_dquot:6969: comm kworker/u8:10: Failed to release dquot type 1
[  106.770910][ T8202] ext4 filesystem being mounted at /60/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  106.802585][ T7033] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.869322][ T8166] syz.6.1664 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  106.880531][ T8166] CPU: 1 UID: 0 PID: 8166 Comm: syz.6.1664 Not tainted 6.15.0-syzkaller-11121-gfe4281644c62 #0 PREEMPT(voluntary) 
[  106.880565][ T8166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  106.880581][ T8166] Call Trace:
[  106.880588][ T8166]  <TASK>
[  106.880598][ T8166]  __dump_stack+0x1d/0x30
[  106.880674][ T8166]  dump_stack_lvl+0xe8/0x140
[  106.880696][ T8166]  dump_stack+0x15/0x1b
[  106.880725][ T8166]  dump_header+0x81/0x220
[  106.880764][ T8166]  oom_kill_process+0x334/0x3f0
[  106.880842][ T8166]  out_of_memory+0x979/0xb80
[  106.880934][ T8166]  try_charge_memcg+0x5e6/0x9e0
[  106.880979][ T8166]  charge_memcg+0x51/0xc0
[  106.881000][ T8166]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  106.881026][ T8166]  __read_swap_cache_async+0x1df/0x350
[  106.881119][ T8166]  swap_cluster_readahead+0x277/0x3e0
[  106.881161][ T8166]  swapin_readahead+0xde/0x6f0
[  106.881197][ T8166]  ? __filemap_get_folio+0x49f/0x650
[  106.881220][ T8166]  ? swap_cache_get_folio+0x77/0x200
[  106.881259][ T8166]  do_swap_page+0x301/0x2430
[  106.881284][ T8166]  ? css_rstat_updated+0xcd/0x5b0
[  106.881354][ T8166]  ? __pfx_default_wake_function+0x10/0x10
[  106.881383][ T8166]  handle_mm_fault+0x9a5/0x2be0
[  106.881407][ T8166]  ? mas_walk+0x4e/0x120
[  106.881435][ T8166]  ? __sanitizer_cov_trace_pc+0x4/0x70
[  106.881504][ T8166]  ? mas_walk+0xf2/0x120
[  106.881542][ T8166]  do_user_addr_fault+0x636/0x1090
[  106.881581][ T8166]  ? fpregs_assert_state_consistent+0xb4/0xe0
[  106.881661][ T8166]  exc_page_fault+0x62/0xa0
[  106.881689][ T8166]  asm_exc_page_fault+0x26/0x30
[  106.881721][ T8166] RIP: 0033:0x7f7d2fd2d9bf
[  106.881744][ T8166] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 41 89 fb 44 8d 56 04 4c 8d 0d 52 46 35 00 89 f0 4c 8d 05 49 26 35 00 89 c2 81 e2 ff 1f 00 00 <49> 8b 0c d1 48 39 f1 74 28 48 85 c9 74 29 45 38 1c 10 75 23 83 c0
[  106.881764][ T8166] RSP: 002b:00007fff3cca5248 EFLAGS: 00010202
[  106.881780][ T8166] RAX: 0000000081959426 RBX: 00007f7d30bc5720 RCX: 0000000000000004
[  106.881834][ T8166] RDX: 0000000000001426 RSI: ffffffff81959426 RDI: 0000000000000009
[  106.881847][ T8166] RBP: ffffffff81959426 R08: 00007f7d30080000 R09: 00007f7d30082000
[  106.881860][ T8166] R10: 000000008195942a R11: 0000000000000009 R12: 0000000000000009
[  106.881873][ T8166] R13: 0000000000000004 R14: ffffffff8195939a R15: 0000000000000004
[  106.881941][ T8166]  ? fdget+0xfa/0x110
[  106.881983][ T8166]  ? fdget_raw+0x66/0xc0
[  106.882010][ T8166]  ? fdget_raw+0x66/0xc0
[  106.882036][ T8166]  </TASK>
[  106.882113][ T8166] memory: usage 307200kB, limit 307200kB, failcnt 158
[  106.994808][ T8213] lo speed is unknown, defaulting to 1000
[  106.996874][ T8166] memory+swap: usage 307376kB, limit 9007199254740988kB, failcnt 0
[  106.996895][ T8166] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0
[  106.996911][ T8166] Memory cgroup stats for /syz6:
[  107.152447][ T8166] cache 0
[  107.160859][ T8166] rss 0
[  107.163660][ T8166] shmem 0
[  107.166784][ T8166] mapped_file 0
[  107.170277][ T8166] dirty 0
[  107.173236][ T8166] writeback 12288
[  107.176916][ T8166] workingset_refault_anon 23
[  107.181614][ T8166] workingset_refault_file 0
[  107.186193][ T8166] swap 180224
[  107.189567][ T8166] swapcached 20480
[  107.193299][ T8166] nr_memmap_boot_pages 38073
[  107.197919][ T8166] pgpgin 38068
[  107.201744][ T8166] pglazyfree 53422
[  107.205500][ T8166] pgfault 8
[  107.208735][ T8166] a_other 12288
[  107.212285][ T8166] inactive_anon 8192
[  107.216262][ T8166] active_anon 0
[  107.219775][ T8166] inactive_file 0
[  107.223550][ T8166] active_file 0
[  107.227095][ T8166] hierarchical_memory_limit 314572800
[  107.232886][ T8166] hierarchical_memsw_limit 9223372036854771712
[  107.239281][ T8166] total_cache 0
[  107.242767][ T8166] total_rss 0
[  107.246398][ T8166] total_shmem 0
[  107.249894][ T8166] total_mapped_file 0
[  107.253892][ T8166] total_dirty 0
[  107.257496][ T8166] total_writeback 12288
[  107.261685][ T8166] total_workingset_refault_anon 23
[  107.267167][ T8166] total_workingset_refault_file 0
[  107.272215][ T8166] total_swap 180224
[  107.276125][ T8166] total_swapcached 20480
[  107.280422][ T8166] total_nr_memmap_boot_pages 38073
[  107.285933][ T8166] total_pgpgin 38068
[  107.290115][ T8166] total_pglazyfree 53422
[  107.294554][ T8166] total_pgfault 8
[  107.298316][ T8166] total_a_other 12288
[  107.302340][ T8166] total_inactive_anon 8192
[  107.306867][ T8166] total_active_anon 0
[  107.310947][ T8166] total_inactive_file 0
[  107.315257][ T8166] total_active_file 0
[  107.319244][ T8166] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz6,task_memcg=/syz6,task=syz.6.1664,pid=8166,uid=0
[  107.334200][ T8166] Memory cgroup out of memory: Killed process 8166 (syz.6.1664) total-vm:95664kB, anon-rss:1044kB, file-rss:22312kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  107.602009][ T8242] loop6: detected capacity change from 0 to 1024
[  107.612266][ T8242] EXT4-fs (loop6): stripe (8) is not aligned with cluster size (16), stripe is disabled
[  107.628407][ T8242] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  107.666213][ T8251] __nla_validate_parse: 3 callbacks suppressed
[  107.666235][ T8251] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1691'.
[  107.698790][ T4301] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.708652][ T8253] lo speed is unknown, defaulting to 1000
[  107.866016][ T8267] netlink: 92 bytes leftover after parsing attributes in process `syz.4.1700'.
[  107.875320][ T8267] netem: unknown loss type 0
[  108.184002][ T8282] infiniband srz1: RDMA CMA: cma_listen_on_dev, error -98
[  108.242570][ T8286] lo speed is unknown, defaulting to 1000
[  108.284352][ T8290] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1711'.
[  108.322865][ T8290] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1711'.
[  108.460703][ T8293] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1712'.
[  108.599293][ T8310] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1720'.
[  108.615367][   T29] kauditd_printk_skb: 167 callbacks suppressed
[  108.615437][   T29] audit: type=1326 audit(1748912912.243:2341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8298 comm="syz.4.1713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f61bf40e969 code=0x7ffc0000
[  108.674631][   T29] audit: type=1326 audit(1748912912.243:2342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8294 comm="syz.4.1713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f61bf3aab39 code=0x7ffc0000
[  108.698247][   T29] audit: type=1326 audit(1748912912.243:2343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8294 comm="syz.4.1713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61bf40e969 code=0x7ffc0000
[  108.722068][   T29] audit: type=1326 audit(1748912912.243:2344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8294 comm="syz.4.1713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61bf40e969 code=0x7ffc0000
[  108.801268][ T8315] loop8: detected capacity change from 0 to 2048
[  108.839056][   T29] audit: type=1326 audit(1748912912.463:2345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8319 comm="syz.6.1733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d2fe6e969 code=0x7ffc0000
[  108.877944][ T8315] Alternate GPT is invalid, using primary GPT.
[  108.884423][ T8315]  loop8: p2 p3 p7
[  108.922793][ T8318] siw: device registration error -23
[  108.924720][   T29] audit: type=1326 audit(1748912912.493:2346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8319 comm="syz.6.1733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7d2fe6e969 code=0x7ffc0000
[  108.952410][   T29] audit: type=1326 audit(1748912912.493:2347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8319 comm="syz.6.1733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d2fe6e969 code=0x7ffc0000
[  108.976615][   T29] audit: type=1326 audit(1748912912.493:2348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8319 comm="syz.6.1733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d2fe6e969 code=0x7ffc0000
[  109.000377][   T29] audit: type=1326 audit(1748912912.493:2349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8319 comm="syz.6.1733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f7d2fe6e969 code=0x7ffc0000
[  109.023743][   T29] audit: type=1326 audit(1748912912.493:2350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8319 comm="syz.6.1733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d2fe6e969 code=0x7ffc0000
[  109.134867][ T8326] lo speed is unknown, defaulting to 1000
[  109.284022][ T8335] netlink: 'syz.8.1729': attribute type 4 has an invalid length.
[  109.302438][ T8335] netlink: 'syz.8.1729': attribute type 4 has an invalid length.
[  110.017947][ T8353] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1732'.
[  110.254932][ T8361] siw: device registration error -23
[  110.358792][ T8365] loop6: detected capacity change from 0 to 2048
[  110.418552][ T8365] Alternate GPT is invalid, using primary GPT.
[  110.425022][ T8365]  loop6: p2 p3 p7
[  110.759429][ T8371] lo speed is unknown, defaulting to 1000
[  111.212172][ T8390] siw: device registration error -23
[  111.223783][ T8392] netlink: 12 bytes leftover after parsing attributes in process `syz.9.1762'.
[  111.368093][ T8408] lo speed is unknown, defaulting to 1000
[  111.417296][ T8408] IPVS: You probably need to specify IP address on multicast interface.
[  111.425854][ T8408] IPVS: Error connecting to the multicast addr
[  112.215027][ T8420] netlink: 4 bytes leftover after parsing attributes in process `syz.9.1761'.
[  112.441919][ T8429] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1766'.
[  113.131485][ T8419] syz.1.1764 (8419) used greatest stack depth: 5824 bytes left
[  113.429894][ T8460] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1779'.
[  113.603175][ T8478] netlink: 'syz.6.1786': attribute type 1 has an invalid length.
[  113.616831][ T8478] 8021q: adding VLAN 0 to HW filter on device bond1
[  113.638223][ T8478] bond1: (slave veth5): Enslaving as an active interface with a down link
[  113.660243][ T8478] vlan2: entered allmulticast mode
[  113.666341][ T8478] bond1: entered allmulticast mode
[  113.672621][ T8478] bond1: (slave vlan2): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[  113.763840][ T8487] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1787'.
[  114.479361][ T8504] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1795'.
[  114.675873][ T8525] serio: Serial port ptm0
[  114.793134][ T8528] netlink: 28 bytes leftover after parsing attributes in process `kfree'.
[  114.802074][ T8528] netlink: 28 bytes leftover after parsing attributes in process `kfree'.
[  114.810830][ T8528] netlink: 28 bytes leftover after parsing attributes in process `kfree'.
[  114.867644][ T8528] netlink: 28 bytes leftover after parsing attributes in process `kfree'.
[  114.876495][ T8528] netlink: 28 bytes leftover after parsing attributes in process `kfree'.
[  114.885211][ T8528] netlink: 28 bytes leftover after parsing attributes in process `kfree'.
[  114.961400][ T8528] netlink: 28 bytes leftover after parsing attributes in process `kfree'.
[  115.013479][ T8088] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  115.024663][ T8088] CPU: 0 UID: 0 PID: 8088 Comm: syz-executor Not tainted 6.15.0-syzkaller-11121-gfe4281644c62 #0 PREEMPT(voluntary) 
[  115.024698][ T8088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  115.024739][ T8088] Call Trace:
[  115.024746][ T8088]  <TASK>
[  115.024755][ T8088]  __dump_stack+0x1d/0x30
[  115.024789][ T8088]  dump_stack_lvl+0xe8/0x140
[  115.024815][ T8088]  dump_stack+0x15/0x1b
[  115.024878][ T8088]  dump_header+0x81/0x220
[  115.024916][ T8088]  oom_kill_process+0x334/0x3f0
[  115.024963][ T8088]  out_of_memory+0x979/0xb80
[  115.025008][ T8088]  try_charge_memcg+0x5e6/0x9e0
[  115.025096][ T8088]  charge_memcg+0x51/0xc0
[  115.025126][ T8088]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  115.025156][ T8088]  __read_swap_cache_async+0x1df/0x350
[  115.025232][ T8088]  swap_cluster_readahead+0x277/0x3e0
[  115.025284][ T8088]  swapin_readahead+0xde/0x6f0
[  115.025401][ T8088]  ? __filemap_get_folio+0x49f/0x650
[  115.025422][ T8088]  ? kvm_sched_clock_read+0x11/0x20
[  115.025461][ T8088]  ? swap_cache_get_folio+0x77/0x200
[  115.025505][ T8088]  do_swap_page+0x301/0x2430
[  115.025529][ T8088]  ? finish_task_switch+0xad/0x2b0
[  115.025561][ T8088]  ? __pfx_default_wake_function+0x10/0x10
[  115.025597][ T8088]  handle_mm_fault+0x9a5/0x2be0
[  115.025657][ T8088]  ? mas_walk+0xf2/0x120
[  115.025721][ T8088]  do_user_addr_fault+0x636/0x1090
[  115.025765][ T8088]  ? fpregs_restore_userregs+0xe2/0x1d0
[  115.025806][ T8088]  ? switch_fpu_return+0xe/0x20
[  115.025856][ T8088]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  115.025883][ T8088]  exc_page_fault+0x62/0xa0
[  115.025915][ T8088]  asm_exc_page_fault+0x26/0x30
[  115.025946][ T8088] RIP: 0033:0x7f6da7c811e5
[  115.026016][ T8088] Code: 00 00 00 00 00 83 ff 03 74 7b 83 ff 02 b8 fa ff ff ff 49 89 ca 0f 44 f8 80 3d 5e 33 1c 00 00 74 14 b8 e6 00 00 00 0f 05 f7 d8 <c3> 66 2e 0f 1f 84 00 00 00 00 00 48 83 ec 28 48 89 54 24 10 89 74
[  115.026041][ T8088] RSP: 002b:00007ffe6a49afd8 EFLAGS: 00010246
[  115.026061][ T8088] RAX: 0000000000000000 RBX: 0000000000000039 RCX: 00007f6da7c811e3
[  115.026078][ T8088] RDX: 00007ffe6a49aff0 RSI: 0000000000000000 RDI: 0000000000000000
[  115.026095][ T8088] RBP: 00007ffe6a49b05c R08: 000000003953a8f6 R09: 0000000000000000
[  115.026112][ T8088] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000001388
[  115.026192][ T8088] R13: 00000000000927c0 R14: 000000000001be2c R15: 00007ffe6a49b0b0
[  115.026213][ T8088]  </TASK>
[  115.262551][ T8088] memory: usage 307200kB, limit 307200kB, failcnt 127
[  115.269465][ T8088] memory+swap: usage 307360kB, limit 9007199254740988kB, failcnt 0
[  115.277421][ T8088] kmem: usage 307172kB, limit 9007199254740988kB, failcnt 0
[  115.284733][ T8088] Memory cgroup stats for /syz9:
[  115.325783][ T8088] cache 0
[  115.334212][ T8088] rss 0
[  115.337136][ T8088] shmem 0
[  115.340373][ T8088] mapped_file 0
[  115.343883][ T8088] dirty 0
[  115.347072][ T8088] writeback 8192
[  115.350933][ T8088] workingset_refault_anon 19
[  115.355712][ T8088] workingset_refault_file 0
[  115.360786][ T8088] swap 180224
[  115.364091][ T8088] swapcached 12288
[  115.367848][ T8088] nr_memmap_boot_pages 6268
[  115.372424][ T8088] pgpgin 6265
[  115.375857][ T8088] pglazyfree 10409
[  115.379647][ T8088] pgfault 4
[  115.382798][ T8088] a_other 12288
[  115.386468][ T8088] inactive_anon 0
[  115.390123][ T8088] active_anon 0
[  115.393617][ T8088] inactive_file 0
[  115.397399][ T8088] active_file 0
[  115.400881][ T8088] hierarchical_memory_limit 314572800
[  115.406400][ T8088] hierarchical_memsw_limit 9223372036854771712
[  115.412799][ T8088] total_cache 0
[  115.416348][ T8088] total_rss 0
[  115.419647][ T8088] total_shmem 0
[  115.423177][ T8088] total_mapped_file 0
[  115.427321][ T8088] total_dirty 0
[  115.430870][ T8088] total_writeback 8192
[  115.435203][ T8088] total_workingset_refault_anon 19
[  115.440485][ T8088] total_workingset_refault_file 0
[  115.445590][ T8088] total_swap 180224
[  115.449435][ T8088] total_swapcached 12288
[  115.454144][ T8088] total_nr_memmap_boot_pages 6268
[  115.459555][ T8088] total_pgpgin 6265
[  115.463528][ T8088] total_pglazyfree 10409
[  115.468003][ T8088] total_pgfault 4
[  115.471896][ T8088] total_a_other 12288
[  115.475930][ T8088] total_inactive_anon 0
[  115.480172][ T8088] total_active_anon 0
[  115.484259][ T8088] total_inactive_file 0
[  115.488572][ T8088] total_active_file 0
[  115.492588][ T8088] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz9,task_memcg=/syz9,task=syz.9.1789,pid=8493,uid=0
[  115.507657][ T8088] Memory cgroup out of memory: Killed process 8493 (syz.9.1789) total-vm:95592kB, anon-rss:932kB, file-rss:22444kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  115.579229][   T29] kauditd_printk_skb: 36 callbacks suppressed
[  115.579247][   T29] audit: type=1326 audit(1748912919.203:2387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8552 comm="syz.6.1813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d2fe6e969 code=0x7ffc0000
[  115.608991][   T29] audit: type=1326 audit(1748912919.203:2388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8552 comm="syz.6.1813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d2fe6e969 code=0x7ffc0000
[  115.656273][   T29] audit: type=1326 audit(1748912919.243:2389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8552 comm="syz.6.1813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=193 compat=0 ip=0x7f7d2fe6e969 code=0x7ffc0000
[  115.680234][   T29] audit: type=1326 audit(1748912919.243:2390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8552 comm="syz.6.1813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d2fe6e969 code=0x7ffc0000
[  115.703942][   T29] audit: type=1326 audit(1748912919.243:2391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8552 comm="syz.6.1813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d2fe6e969 code=0x7ffc0000
[  115.727435][   T29] audit: type=1326 audit(1748912919.243:2392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8552 comm="syz.6.1813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=97 compat=0 ip=0x7f7d2fe6e969 code=0x7ffc0000
[  115.750876][   T29] audit: type=1326 audit(1748912919.243:2393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8552 comm="syz.6.1813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d2fe6e969 code=0x7ffc0000
[  115.774423][   T29] audit: type=1326 audit(1748912919.243:2394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8552 comm="syz.6.1813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d2fe6e969 code=0x7ffc0000
[  115.906555][ T8556] serio: Serial port ptm0
[  116.198576][ T8565] loop9: detected capacity change from 0 to 128
[  116.206024][ T8565] FAT-fs (loop9): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  116.221776][ T8565] FAT-fs (loop9): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  116.475950][ T5534] FAT-fs (loop9): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  116.747350][ T8587] loop8: detected capacity change from 0 to 128
[  116.801393][ T8587] syz.8.1824: attempt to access beyond end of device
[  116.801393][ T8587] loop8: rw=0, sector=2065, nr_sectors = 1 limit=128
[  116.814860][ T8587] buffer_io_error: 6 callbacks suppressed
[  116.814875][ T8587] Buffer I/O error on dev loop8, logical block 2065, async page read
[  116.835222][ T8587] syz.8.1824: attempt to access beyond end of device
[  116.835222][ T8587] loop8: rw=0, sector=2066, nr_sectors = 1 limit=128
[  116.848822][ T8587] Buffer I/O error on dev loop8, logical block 2066, async page read
[  116.860131][ T8587] syz.8.1824: attempt to access beyond end of device
[  116.860131][ T8587] loop8: rw=0, sector=2067, nr_sectors = 1 limit=128
[  116.873791][ T8587] Buffer I/O error on dev loop8, logical block 2067, async page read
[  116.882905][   T29] audit: type=1326 audit(1748912920.483:2395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8590 comm="syz.1.1836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb04271e969 code=0x7ffc0000
[  116.884364][ T8587] syz.8.1824: attempt to access beyond end of device
[  116.884364][ T8587] loop8: rw=0, sector=2068, nr_sectors = 1 limit=128
[  116.906629][   T29] audit: type=1326 audit(1748912920.483:2396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8590 comm="syz.1.1836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb04271e969 code=0x7ffc0000
[  116.919833][ T8587] Buffer I/O error on dev loop8, logical block 2068, async page read
[  116.922581][ T8587] syz.8.1824: attempt to access beyond end of device
[  116.922581][ T8587] loop8: rw=0, sector=2069, nr_sectors = 1 limit=128
[  116.965068][ T8587] Buffer I/O error on dev loop8, logical block 2069, async page read
[  117.007341][ T8587] syz.8.1824: attempt to access beyond end of device
[  117.007341][ T8587] loop8: rw=0, sector=2070, nr_sectors = 1 limit=128
[  117.020653][ T8587] Buffer I/O error on dev loop8, logical block 2070, async page read
[  117.092220][ T8587] syz.8.1824: attempt to access beyond end of device
[  117.092220][ T8587] loop8: rw=0, sector=2071, nr_sectors = 1 limit=128
[  117.106007][ T8587] Buffer I/O error on dev loop8, logical block 2071, async page read
[  117.121447][ T8600] netlink: 'syz.6.1829': attribute type 1 has an invalid length.
[  117.129776][ T8587] syz.8.1824: attempt to access beyond end of device
[  117.129776][ T8587] loop8: rw=0, sector=2072, nr_sectors = 1 limit=128
[  117.143480][ T8587] Buffer I/O error on dev loop8, logical block 2072, async page read
[  117.152146][ T8587] syz.8.1824: attempt to access beyond end of device
[  117.152146][ T8587] loop8: rw=0, sector=2065, nr_sectors = 1 limit=128
[  117.165756][ T8587] Buffer I/O error on dev loop8, logical block 2065, async page read
[  117.182125][ T8587] syz.8.1824: attempt to access beyond end of device
[  117.182125][ T8587] loop8: rw=0, sector=2066, nr_sectors = 1 limit=128
[  117.184615][ T8600] 8021q: adding VLAN 0 to HW filter on device bond2
[  117.195693][ T8587] Buffer I/O error on dev loop8, logical block 2066, async page read
[  117.231651][ T8600] bond2: entered promiscuous mode
[  117.420026][ T8624] netlink: 'syz.9.1837': attribute type 4 has an invalid length.
[  117.434757][ T8624] netlink: 'syz.9.1837': attribute type 4 has an invalid length.
[  117.656286][ T8642] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  117.707792][ T8635] lo speed is unknown, defaulting to 1000
[  118.208868][ T8654] lo speed is unknown, defaulting to 1000
[  118.233208][ T8657] 8021q: adding VLAN 0 to HW filter on device team1
[  118.412687][ T3391] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  118.421203][ T3391] hid-generic 0000:0000:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  118.569539][ T8680] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  118.610508][ T8680] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  118.671443][ T8680] lo speed is unknown, defaulting to 1000
[  118.720380][ T8683] netlink: 'syz.6.1862': attribute type 4 has an invalid length.
[  118.910559][ T8701] __nla_validate_parse: 12 callbacks suppressed
[  118.910581][ T8701] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1881'.
[  118.969593][ T8706] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1873'.
[  119.079375][ T5562] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.131257][ T5562] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.173171][ T8711] lo speed is unknown, defaulting to 1000
[  119.209997][ T5562] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.284676][ T5562] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.410595][ T5562] bridge_slave_1: left allmulticast mode
[  119.416902][ T5562] bridge_slave_1: left promiscuous mode
[  119.422720][ T5562] bridge0: port 2(bridge_slave_1) entered disabled state
[  119.487131][ T5562] bridge_slave_0: left allmulticast mode
[  119.493026][ T5562] bridge_slave_0: left promiscuous mode
[  119.498988][ T5562] bridge0: port 1(bridge_slave_0) entered disabled state
[  119.553172][ T8738] loop8: detected capacity change from 0 to 1024
[  119.561595][ T8743] netlink: 'syz.4.1887': attribute type 1 has an invalid length.
[  119.569711][ T8743] netlink: 'syz.4.1887': attribute type 2 has an invalid length.
[  119.605173][ T8743] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1887'.
[  119.651439][ T8738] EXT4-fs (loop8): mounted filesystem 00000000-0500-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  119.689249][ T7033] EXT4-fs (loop8): unmounting filesystem 00000000-0500-0000-0000-000000000000.
[  119.700595][ T5562] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  119.713984][ T5562] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  119.738437][ T8755] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1890'.
[  119.747675][ T8755] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1890'.
[  119.749304][ T8753] loop8: detected capacity change from 0 to 1024
[  119.756757][ T8755] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1890'.
[  119.772969][ T8753] EXT4-fs (loop8): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  119.773372][ T5562] bond0 (unregistering): Released all slaves
[  119.784043][ T8753] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  119.802400][ T8743] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1887'.
[  119.813678][ T8753] JBD2: no valid journal superblock found
[  119.819857][ T8753] EXT4-fs (loop8): Could not load journal inode
[  119.828742][ T8755] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1890'.
[  119.838079][ T8755] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1890'.
[  119.838194][ T8720] lo speed is unknown, defaulting to 1000
[  119.847054][ T8755] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1890'.
[  119.887498][ T5562] hsr_slave_0: left promiscuous mode
[  119.893340][ T5562] hsr_slave_1: left promiscuous mode
[  119.896048][ T8761] xt_connbytes: Forcing CT accounting to be enabled
[  119.899914][ T5562] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  119.913125][ T5562] batman_adv: batadv0: Removing interface: batadv_slave_0
[  119.915253][ T8761] Cannot find set identified by id 0 to match
[  119.945626][ T5562] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  119.953164][ T5562] batman_adv: batadv0: Removing interface: batadv_slave_1
[  119.969573][ T5562] veth1_vlan: left promiscuous mode
[  119.976162][ T5562] veth0_vlan: left promiscuous mode
[  120.044518][ T5562] team0 (unregistering): Port device team_slave_1 removed
[  120.059171][ T5562] team0 (unregistering): Port device team_slave_0 removed
[  120.216404][ T8771] loop8: detected capacity change from 0 to 4096
[  120.280127][ T8771] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  120.298586][ T8720] chnl_net:caif_netlink_parms(): no params data found
[  120.416196][ T8771] lo speed is unknown, defaulting to 1000
[  120.522460][ T7033] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  120.525263][ T8720] bridge0: port 1(bridge_slave_0) entered blocking state
[  120.539168][ T8720] bridge0: port 1(bridge_slave_0) entered disabled state
[  120.547188][ T8720] bridge_slave_0: entered allmulticast mode
[  120.553926][ T8720] bridge_slave_0: entered promiscuous mode
[  120.560865][ T8720] bridge0: port 2(bridge_slave_1) entered blocking state
[  120.567986][ T8720] bridge0: port 2(bridge_slave_1) entered disabled state
[  120.575524][ T8720] bridge_slave_1: entered allmulticast mode
[  120.582141][ T8720] bridge_slave_1: entered promiscuous mode
[  120.620758][ T8720] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  120.642352][ T8720] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  120.672928][ T8720] team0: Port device team_slave_0 added
[  120.679779][ T8720] team0: Port device team_slave_1 added
[  120.700458][   T29] kauditd_printk_skb: 137 callbacks suppressed
[  120.700488][   T29] audit: type=1326 audit(1748912924.323:2534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8790 comm="syz.1.1900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb04271e969 code=0x7ffc0000
[  120.733256][   T29] audit: type=1326 audit(1748912924.353:2535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8790 comm="syz.1.1900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb04271e969 code=0x7ffc0000
[  120.871065][   T29] audit: type=1326 audit(1748912924.493:2536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8790 comm="syz.1.1900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=244 compat=0 ip=0x7fb04271e969 code=0x7ffc0000
[  120.895040][   T29] audit: type=1326 audit(1748912924.493:2537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8790 comm="syz.1.1900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb04271e969 code=0x7ffc0000
[  121.028253][ T8720] batman_adv: batadv0: Adding interface: batadv_slave_0
[  121.035432][ T8720] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  121.062497][ T8720] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  121.117240][ T8720] batman_adv: batadv0: Adding interface: batadv_slave_1
[  121.124445][ T8720] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  121.151625][ T8720] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  121.219429][ T8720] hsr_slave_0: entered promiscuous mode
[  121.225809][ T8720] hsr_slave_1: entered promiscuous mode
[  121.232346][ T8720] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  121.240148][ T8720] Cannot create hsr debugfs directory
[  121.248485][ T8794] lo speed is unknown, defaulting to 1000
[  121.446453][ T8802] netlink: 'syz.6.1915': attribute type 2 has an invalid length.
[  121.457112][ T8802] netlink: 'syz.6.1915': attribute type 1 has an invalid length.
[  121.715043][ T8821] netlink: 'syz.4.1910': attribute type 13 has an invalid length.
[  121.852002][ T8720] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  121.871399][ T8720] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  121.883966][ T8720] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  121.899616][ T8720] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  121.948240][ T8720] 8021q: adding VLAN 0 to HW filter on device bond0
[  121.965957][ T8720] 8021q: adding VLAN 0 to HW filter on device team0
[  121.978579][ T5570] bridge0: port 1(bridge_slave_0) entered blocking state
[  121.985796][ T5570] bridge0: port 1(bridge_slave_0) entered forwarding state
[  122.002838][ T5562] bridge0: port 2(bridge_slave_1) entered blocking state
[  122.010012][ T5562] bridge0: port 2(bridge_slave_1) entered forwarding state
[  122.155438][ T8720] 8021q: adding VLAN 0 to HW filter on device batadv0
[  122.388903][ T8720] veth0_vlan: entered promiscuous mode
[  122.416657][ T8720] veth1_vlan: entered promiscuous mode
[  122.483276][ T8720] veth0_macvtap: entered promiscuous mode
[  122.504933][ T8720] veth1_macvtap: entered promiscuous mode
[  122.535792][ T8720] batman_adv: batadv0: Interface activated: batadv_slave_0
[  122.564953][ T8720] batman_adv: batadv0: Interface activated: batadv_slave_1
[  122.588590][ T8720] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  122.597755][ T8720] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  122.606822][ T8720] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  122.615821][ T8720] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  122.755331][ T8849] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  123.122455][ T8863] lo speed is unknown, defaulting to 1000
[  123.371919][   T29] audit: type=1326 audit(1748912926.993:2538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8894 comm="syz.8.1946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbda4bbe969 code=0x7ffc0000
[  123.396073][   T29] audit: type=1326 audit(1748912926.993:2539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8894 comm="syz.8.1946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7fbda4bbe969 code=0x7ffc0000
[  123.419838][   T29] audit: type=1326 audit(1748912926.993:2540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8894 comm="syz.8.1946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbda4bbe969 code=0x7ffc0000
[  123.443437][   T29] audit: type=1326 audit(1748912926.993:2541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8894 comm="syz.8.1946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=286 compat=0 ip=0x7fbda4bbe969 code=0x7ffc0000
[  123.468304][   T29] audit: type=1326 audit(1748912926.993:2542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8894 comm="syz.8.1946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbda4bbe969 code=0x7ffc0000
[  124.034256][ T8919] lo speed is unknown, defaulting to 1000
[  124.738910][   T29] audit: type=1400 audit(1748912928.363:2543): avc:  denied  { setopt } for  pid=8931 comm="syz.8.1948" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  124.896464][ T8939] syz_tun: entered allmulticast mode
[  124.914479][ T8937] syz_tun: left allmulticast mode
[  125.759477][ T8959] __nla_validate_parse: 26 callbacks suppressed
[  125.759497][ T8959] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1960'.
[  126.046279][   T29] audit: type=1326 audit(1748912929.673:2544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8987 comm="syz.8.1982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbda4bbe969 code=0x7ffc0000
[  126.072118][   T29] audit: type=1326 audit(1748912929.673:2545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8987 comm="syz.8.1982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=428 compat=0 ip=0x7fbda4bbe969 code=0x7ffc0000
[  126.096064][   T29] audit: type=1326 audit(1748912929.673:2546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8987 comm="syz.8.1982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbda4bbe969 code=0x7ffc0000
[  126.120669][   T29] audit: type=1326 audit(1748912929.673:2547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8987 comm="syz.8.1982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=332 compat=0 ip=0x7fbda4bbe969 code=0x7ffc0000
[  126.144907][   T29] audit: type=1326 audit(1748912929.673:2548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8987 comm="syz.8.1982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbda4bbe969 code=0x7ffc0000
[  126.173947][ T8990] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  126.196154][ T8992] netlink: 96 bytes leftover after parsing attributes in process `syz.8.1972'.
[  126.228659][ T8990] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  126.246790][   T29] audit: type=1326 audit(1748912929.873:2549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8993 comm="syz.8.1973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbda4bbe969 code=0x7ffc0000
[  126.271015][   T29] audit: type=1326 audit(1748912929.873:2550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8993 comm="syz.8.1973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbda4bbe969 code=0x7ffc0000
[  126.295009][   T29] audit: type=1326 audit(1748912929.873:2551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8993 comm="syz.8.1973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7fbda4bbe969 code=0x7ffc0000
[  126.319134][   T29] audit: type=1326 audit(1748912929.873:2552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8993 comm="syz.8.1973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbda4bbe969 code=0x7ffc0000
[  126.343631][   T29] audit: type=1326 audit(1748912929.873:2553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8993 comm="syz.8.1973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbda4bbe969 code=0x7ffc0000
[  126.371732][ T8990] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  126.450258][ T8990] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  126.494033][ T8990] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  126.506064][ T8990] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  126.518175][ T8990] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  126.530114][ T8990] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  126.916707][ T9038] netlink: 'syz.6.1991': attribute type 1 has an invalid length.
[  126.933452][ T9038] 8021q: adding VLAN 0 to HW filter on device bond3
[  126.943766][ T9038] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1991'.
[  126.964858][ T9038] bond3 (unregistering): Released all slaves
[  127.068052][ T9048] batadv_slave_1: entered promiscuous mode
[  127.078595][ T9048] batadv_slave_1: left promiscuous mode
[  127.133750][   T36] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  127.142844][   T36] hid-generic 0000:0000:0000.0005: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  127.223255][ T9058] bridge0: port 2(bridge_slave_1) entered disabled state
[  127.230611][ T9058] bridge0: port 1(bridge_slave_0) entered disabled state
[  127.241922][ T9058] bridge0: entered allmulticast mode
[  127.261799][ T9058] bridge_slave_1: left allmulticast mode
[  127.263043][ T9061] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2003'.
[  127.267529][ T9058] bridge_slave_1: left promiscuous mode
[  127.282442][ T9058] bridge0: port 2(bridge_slave_1) entered disabled state
[  127.294147][ T9058] bridge_slave_0: left allmulticast mode
[  127.300049][ T9058] bridge_slave_0: left promiscuous mode
[  127.306178][ T9058] bridge0: port 1(bridge_slave_0) entered disabled state
[  127.602839][ T9074] infiniband syz2: set down
[  127.607503][ T9074] infiniband syz2: added veth0_to_bond
[  127.619681][ T9074] RDS/IB: syz2: added
[  127.623747][ T9074] smc: adding ib device syz2 with port count 1
[  127.630026][ T9074] smc:    ib device syz2 port 1 has pnetid 
[  128.161961][ T9085] netlink: 'syz.6.2010': attribute type 1 has an invalid length.
[  128.184721][ T9085] bond3: entered promiscuous mode
[  128.190209][ T9085] bond3: entered allmulticast mode
[  128.198182][ T9085] 8021q: adding VLAN 0 to HW filter on device bond3
[  128.214071][ T9085] bridge2: entered promiscuous mode
[  128.219520][ T9085] bridge2: entered allmulticast mode
[  128.243770][ T9085] bond3: (slave bridge2): Enslaving as a backup interface with an up link
[  128.410248][ T9092] bridge: RTM_NEWNEIGH with invalid ether address
[  128.423511][ T5567] bond3: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  128.473578][ T9098] lo speed is unknown, defaulting to 1000
[  128.535595][ T5548] bond3: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  128.786950][ T9114] loop8: detected capacity change from 0 to 512
[  128.793858][ T9114] EXT4-fs: Ignoring removed mblk_io_submit option
[  128.806435][ T9114] EXT4-fs (loop8): revision level too high, forcing read-only mode
[  128.814519][ T9114] EXT4-fs (loop8): orphan cleanup on readonly fs
[  128.821465][ T9114] EXT4-fs warning (device loop8): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  128.836405][ T9114] EXT4-fs (loop8): Cannot turn on quotas: error -117
[  128.843778][ T9114] EXT4-fs error (device loop8): ext4_validate_block_bitmap:441: comm syz.8.2020: bg 0: block 40: padding at end of block bitmap is not set
[  128.863390][ T9114] EXT4-fs error (device loop8) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  128.872708][ T9114] EXT4-fs (loop8): 1 truncate cleaned up
[  128.882018][ T9114] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  128.914864][ T7033] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.938464][ T9119] loop8: detected capacity change from 0 to 128
[  128.951444][ T9119] batadv_slave_0: entered promiscuous mode
[  128.958074][ T9119] netlink: 76 bytes leftover after parsing attributes in process `syz.8.2022'.
[  128.971279][ T9119] batadv_slave_0 (unregistering): left promiscuous mode
[  128.978993][ T9119] batman_adv: batadv0: Removing interface: batadv_slave_0
[  129.068563][ T9127] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2026'.
[  129.210097][ T9134] lo speed is unknown, defaulting to 1000
[  129.510166][ T9154] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2036'.
[  129.525804][ T9154] 8021q: adding VLAN 0 to HW filter on device team3
[  131.088743][ T9176] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2040'.
[  131.103541][ T9176] team0: Port device team_slave_0 removed
[  131.206161][ T9180] SELinux: security_context_str_to_sid (Eá…) failed with errno=-22
[  131.237273][ T9182] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2042'.
[  131.237808][   T29] kauditd_printk_skb: 52 callbacks suppressed
[  131.237826][   T29] audit: type=1400 audit(1748912934.863:2605): avc:  denied  { wake_alarm } for  pid=9185 comm="syz.4.2044" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  131.420361][ T9196] syzkaller1: entered promiscuous mode
[  131.426137][ T9196] syzkaller1: entered allmulticast mode
[  131.781456][ T9203] bridge0: entered promiscuous mode
[  131.796162][ T9203] bridge0: port 3(macvlan2) entered blocking state
[  131.804819][ T9203] bridge0: port 3(macvlan2) entered disabled state
[  131.829728][ T9203] macvlan2: entered allmulticast mode
[  131.836519][ T9203] bridge0: entered allmulticast mode
[  131.854732][ T9203] macvlan2: left allmulticast mode
[  131.862312][ T9203] bridge0: left allmulticast mode
[  131.887309][ T9203] bridge0: left promiscuous mode
[  132.134525][ T9226] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2067'.
[  132.166217][ T9222] syzkaller0: entered promiscuous mode
[  132.172117][ T9222] syzkaller0: entered allmulticast mode
[  132.217595][ T9226] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2067'.
[  132.304607][   T29] audit: type=1326 audit(1748912935.923:2606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9235 comm="syz.6.2070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d2fe6e969 code=0x7ffc0000
[  132.569859][ T9243] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2074'.
[  132.681874][   T29] audit: type=1326 audit(1748912935.953:2607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9235 comm="syz.6.2070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d2fe6e969 code=0x7ffc0000
[  132.705669][   T29] audit: type=1326 audit(1748912936.033:2608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9235 comm="syz.6.2070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7d2fe6e969 code=0x7ffc0000
[  132.729389][   T29] audit: type=1326 audit(1748912936.033:2609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9235 comm="syz.6.2070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d2fe6e969 code=0x7ffc0000
[  132.753742][   T29] audit: type=1326 audit(1748912936.033:2610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9235 comm="syz.6.2070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f7d2fe6e969 code=0x7ffc0000
[  132.777698][   T29] audit: type=1326 audit(1748912936.033:2611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9235 comm="syz.6.2070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d2fe6e969 code=0x7ffc0000
[  132.801644][   T29] audit: type=1326 audit(1748912936.033:2612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9235 comm="syz.6.2070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7d2fe6e969 code=0x7ffc0000
[  132.825238][   T29] audit: type=1326 audit(1748912936.033:2613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9235 comm="syz.6.2070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d2fe6e969 code=0x7ffc0000
[  132.849474][   T29] audit: type=1326 audit(1748912936.033:2614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9235 comm="syz.6.2070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d2fe6e969 code=0x7ffc0000
[  132.982362][ T9254] hub 9-0:1.0: USB hub found
[  132.989459][ T9254] hub 9-0:1.0: 8 ports detected
[  134.114306][ T9298] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2090'.
[  134.115399][ T9296] lo speed is unknown, defaulting to 1000
[  134.264345][ T9302] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2092'.
[  134.368978][ T9302] 8021q: adding VLAN 0 to HW filter on device team4
[  134.413525][ T9309] netlink: 1343 bytes leftover after parsing attributes in process `syz.6.2095'.
[  134.646347][ T9329] netlink: 60 bytes leftover after parsing attributes in process `syz.8.2104'.
[  134.758687][ T9333] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2106'.
[  135.005125][ T9351] loop8: detected capacity change from 0 to 512
[  135.027943][ T9351] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  135.063090][ T9351] EXT4-fs (loop8): 1 truncate cleaned up
[  135.069576][ T9351] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  135.111611][ T9324] Set syz1 is full, maxelem 65536 reached
[  135.435728][ T9379] lo speed is unknown, defaulting to 1000
[  135.470189][ T9382] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=0 sclass=netlink_xfrm_socket pid=9382 comm=syz.0.2120
[  136.153524][ T7033] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.214088][ T9420] loop8: detected capacity change from 0 to 512
[  136.243788][ T9420] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  136.275604][ T9420] EXT4-fs (loop8): 1 truncate cleaned up
[  136.281694][ T9420] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  136.329525][   T29] kauditd_printk_skb: 101 callbacks suppressed
[  136.329594][   T29] audit: type=1400 audit(1748912939.953:2716): avc:  denied  { watch watch_reads } for  pid=9419 comm="syz.8.2134" path="/148/file0" dev="loop8" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  136.421528][ T7033] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.576357][ T9439] SELinux: ebitmap start bit (1728054080) is beyond the end of the bitmap (1472)
[  136.586934][ T9439] SELinux: failed to load policy
[  136.951601][ T9472] pim6reg1: entered promiscuous mode
[  136.957133][ T9472] pim6reg1: entered allmulticast mode
[  136.969861][   T29] audit: type=1400 audit(1748912940.593:2717): avc:  denied  { lock } for  pid=9473 comm="syz.6.2155" path="socket:[25216]" dev="sockfs" ino=25216 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1
[  136.998970][   T29] audit: type=1326 audit(1748912940.623:2718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9475 comm="syz.1.2156" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb04271e969 code=0x0
[  137.154231][ T9486] netlink: 'syz.6.2161': attribute type 3 has an invalid length.
[  137.162492][ T9486] netlink: 'syz.6.2161': attribute type 3 has an invalid length.
[  137.171522][ T9488] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  137.172876][ T9486] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2161'.
[  137.214155][ T9491] netlink: 'syz.8.2162': attribute type 10 has an invalid length.
[  137.222829][ T9491] netlink: 2 bytes leftover after parsing attributes in process `syz.8.2162'.
[  137.233258][ T9488] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  137.244873][ T9491] team0: entered promiscuous mode
[  137.258018][ T9491] team_slave_0: entered promiscuous mode
[  137.264039][ T9491] team_slave_1: entered promiscuous mode
[  137.270477][ T9491] bridge0: port 3(team0) entered blocking state
[  137.276926][ T9491] bridge0: port 3(team0) entered disabled state
[  137.286576][ T9491] team0: entered allmulticast mode
[  137.291915][ T9491] team_slave_0: entered allmulticast mode
[  137.297832][ T9491] team_slave_1: entered allmulticast mode
[  137.309110][ T9488] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  137.334172][   T29] audit: type=1400 audit(1748912940.953:2719): avc:  denied  { unmount } for  pid=4301 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  137.372445][ T9498] netlink: 340 bytes leftover after parsing attributes in process `syz.6.2164'.
[  137.388263][ T9488] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  137.420906][   T29] audit: type=1326 audit(1748912941.043:2720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9502 comm="syz.4.2168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61bf40e969 code=0x7ffc0000
[  137.445613][   T29] audit: type=1326 audit(1748912941.043:2721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9502 comm="syz.4.2168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61bf40e969 code=0x7ffc0000
[  137.469951][   T29] audit: type=1326 audit(1748912941.043:2722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9502 comm="syz.4.2168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f61bf40e969 code=0x7ffc0000
[  137.497327][   T29] audit: type=1326 audit(1748912941.073:2723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9502 comm="syz.4.2168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61bf40e969 code=0x7ffc0000
[  137.520846][   T29] audit: type=1326 audit(1748912941.073:2724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9502 comm="syz.4.2168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61bf40e969 code=0x7ffc0000
[  137.545427][   T29] audit: type=1326 audit(1748912941.073:2725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9502 comm="syz.4.2168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f61bf40e969 code=0x7ffc0000
[  137.577033][ T9488] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  137.589519][ T9488] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  137.608233][ T9488] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  137.627068][ T9488] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  137.634004][ T9512] loop8: detected capacity change from 0 to 2048
[  137.649397][ T9512] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  137.698151][ T7033] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.738209][ T9522] tipc: Started in network mode
[  137.743207][ T9522] tipc: Node identity ac14140f, cluster identity 4711
[  137.752344][ T9522] tipc: New replicast peer: 10.1.1.2
[  137.757791][ T9522] tipc: Enabled bearer <udp:syz0>, priority 10
[  137.765530][ T9520] loop8: detected capacity change from 0 to 8192
[  138.892417][ T3396] tipc: Node number set to 2886997007
[  139.294616][ T9593] rdma_rxe: rxe_newlink: failed to add veth0_virt_wifi
[  139.306611][ T9593] lo speed is unknown, defaulting to 1000
[  139.601566][ T9604] loop8: detected capacity change from 0 to 8192
[  139.788310][ T9628] netlink: 'syz.1.2216': attribute type 3 has an invalid length.
[  139.796594][ T9628] netlink: 'syz.1.2216': attribute type 3 has an invalid length.
[  139.804592][ T9628] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2216'.
[  140.230407][ T9660] loop8: detected capacity change from 0 to 512
[  140.287412][ T9660] EXT4-fs warning (device loop8): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  140.305610][ T9660] EXT4-fs (loop8): mount failed
[  140.842041][ T9676] loop8: detected capacity change from 0 to 4096
[  140.878523][ T9676] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  140.994705][ T7033] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.327386][ T9701] netlink: 12 bytes leftover after parsing attributes in process `syz.8.2244'.
[  141.423938][ T9701] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  141.514494][ T9708] 8021q: adding VLAN 0 to HW filter on device bond1
[  141.677123][   T29] kauditd_printk_skb: 83 callbacks suppressed
[  141.677146][   T29] audit: type=1400 audit(1748912945.293:2808): avc:  denied  { shutdown } for  pid=9713 comm="syz.0.2249" laddr=fe80::f lport=50171 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  141.734328][ T9725] netlink: 12 bytes leftover after parsing attributes in process `syz.8.2250'.
[  141.743510][ T9725] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2250'.
[  141.850799][   T29] audit: type=1326 audit(1748912945.473:2809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9729 comm="syz.0.2254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ad439e969 code=0x7ffc0000
[  141.874734][   T29] audit: type=1326 audit(1748912945.473:2810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9729 comm="syz.0.2254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ad439e969 code=0x7ffc0000
[  141.898470][   T29] audit: type=1326 audit(1748912945.473:2811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9729 comm="syz.0.2254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f9ad439e969 code=0x7ffc0000
[  141.922145][   T29] audit: type=1326 audit(1748912945.473:2812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9729 comm="syz.0.2254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ad439e969 code=0x7ffc0000
[  141.945713][   T29] audit: type=1326 audit(1748912945.473:2813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9729 comm="syz.0.2254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ad439e969 code=0x7ffc0000
[  141.969765][   T29] audit: type=1326 audit(1748912945.473:2814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9729 comm="syz.0.2254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f9ad439e969 code=0x7ffc0000
[  141.994063][   T29] audit: type=1326 audit(1748912945.473:2815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9729 comm="syz.0.2254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ad439e969 code=0x7ffc0000
[  142.018164][   T29] audit: type=1326 audit(1748912945.473:2816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9729 comm="syz.0.2254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ad439e969 code=0x7ffc0000
[  142.042011][   T29] audit: type=1326 audit(1748912945.473:2817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9729 comm="syz.0.2254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9ad439e969 code=0x7ffc0000
[  142.250510][ T9743] ip6gre1: entered allmulticast mode
[  142.403088][ T9754] netlink: 'syz.4.2264': attribute type 3 has an invalid length.
[  142.562686][ T9765] lo speed is unknown, defaulting to 1000
[  142.757324][ T9786] siw: device registration error -23
[  142.867300][ T9792] netlink: 96 bytes leftover after parsing attributes in process `syz.0.2278'.
[  143.080448][ T9813] xt_hashlimit: size too large, truncated to 1048576
[  143.716483][ T9851] netlink: 'syz.1.2300': attribute type 13 has an invalid length.
[  143.724460][ T9851] netlink: 44 bytes leftover after parsing attributes in process `syz.1.2300'.
[  143.769516][ T9855] netlink: 'syz.6.2302': attribute type 13 has an invalid length.
[  143.777598][ T9855] netlink: 64 bytes leftover after parsing attributes in process `syz.6.2302'.
[  143.837827][ T9862] atomic_op ffff8881026cf928 conn xmit_atomic 0000000000000000
[  143.879926][ T9866] xt_hashlimit: max too large, truncated to 1048576
[  143.909542][ T9858] tipc: Started in network mode
[  143.914485][ T9858] tipc: Node identity 06b002139bbd, cluster identity 4711
[  143.921975][ T9858] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  143.930613][ T9857] tipc: Resetting bearer <eth:syzkaller0>
[  143.953463][ T9857] tipc: Disabling bearer <eth:syzkaller0>
[  143.984634][ T9869] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2308'.
[  144.018270][ T9880] netlink: 'syz.8.2311': attribute type 27 has an invalid length.
[  144.070752][ T9880] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2311'.
[  144.079845][ T9880] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2311'.
[  145.123265][ T9906] syz.0.2319 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  145.137561][ T9906] CPU: 1 UID: 0 PID: 9906 Comm: syz.0.2319 Not tainted 6.15.0-syzkaller-11121-gfe4281644c62 #0 PREEMPT(voluntary) 
[  145.137675][ T9906] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  145.137693][ T9906] Call Trace:
[  145.137701][ T9906]  <TASK>
[  145.137813][ T9906]  __dump_stack+0x1d/0x30
[  145.137842][ T9906]  dump_stack_lvl+0xe8/0x140
[  145.137885][ T9906]  dump_stack+0x15/0x1b
[  145.138032][ T9906]  dump_header+0x81/0x220
[  145.138072][ T9906]  oom_kill_process+0x334/0x3f0
[  145.138217][ T9906]  out_of_memory+0x979/0xb80
[  145.138261][ T9906]  try_charge_memcg+0x5e6/0x9e0
[  145.138303][ T9906]  obj_cgroup_charge_pages+0xa6/0x150
[  145.138360][ T9906]  __memcg_kmem_charge_page+0x9f/0x170
[  145.138486][ T9906]  __alloc_frozen_pages_noprof+0x188/0x360
[  145.138518][ T9906]  alloc_pages_mpol+0xb3/0x250
[  145.138564][ T9906]  alloc_pages_noprof+0x90/0x130
[  145.138670][ T9906]  __vmalloc_node_range_noprof+0x6f2/0xe00
[  145.138754][ T9906]  __kvmalloc_node_noprof+0x312/0x4f0
[  145.138793][ T9906]  ? ip_set_alloc+0x1f/0x30
[  145.138827][ T9906]  ? ip_set_alloc+0x1f/0x30
[  145.138899][ T9906]  ? __kmalloc_cache_noprof+0x189/0x320
[  145.138976][ T9906]  ip_set_alloc+0x1f/0x30
[  145.139010][ T9906]  hash_netiface_create+0x282/0x740
[  145.139084][ T9906]  ? __pfx_hash_netiface_create+0x10/0x10
[  145.139116][ T9906]  ip_set_create+0x3c9/0x960
[  145.139167][ T9906]  ? __nla_parse+0x40/0x60
[  145.139201][ T9906]  nfnetlink_rcv_msg+0x4c3/0x590
[  145.139289][ T9906]  ? selinux_capable+0x1f9/0x270
[  145.139340][ T9906]  netlink_rcv_skb+0x123/0x220
[  145.139380][ T9906]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  145.139413][ T9906]  nfnetlink_rcv+0x16b/0x1690
[  145.139442][ T9906]  ? __kfree_skb+0x109/0x150
[  145.139540][ T9906]  ? nlmon_xmit+0x4f/0x60
[  145.139576][ T9906]  ? consume_skb+0x49/0x150
[  145.139611][ T9906]  ? nlmon_xmit+0x4f/0x60
[  145.139644][ T9906]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  145.139695][ T9906]  ? __dev_queue_xmit+0x11c0/0x1fb0
[  145.139735][ T9906]  ? __dev_queue_xmit+0x182/0x1fb0
[  145.139821][ T9906]  ? ref_tracker_free+0x37d/0x3e0
[  145.139859][ T9906]  ? __netlink_deliver_tap+0x4dc/0x500
[  145.139906][ T9906]  netlink_unicast+0x5a1/0x670
[  145.139998][ T9906]  netlink_sendmsg+0x58b/0x6b0
[  145.140033][ T9906]  ? __pfx_netlink_sendmsg+0x10/0x10
[  145.140071][ T9906]  __sock_sendmsg+0x142/0x180
[  145.140115][ T9906]  ____sys_sendmsg+0x31e/0x4e0
[  145.140157][ T9906]  ___sys_sendmsg+0x17b/0x1d0
[  145.140211][ T9906]  __x64_sys_sendmsg+0xd4/0x160
[  145.140252][ T9906]  x64_sys_call+0x2999/0x2fb0
[  145.140287][ T9906]  do_syscall_64+0xd2/0x200
[  145.140454][ T9906]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  145.140491][ T9906]  ? clear_bhb_loop+0x40/0x90
[  145.140517][ T9906]  ? clear_bhb_loop+0x40/0x90
[  145.140548][ T9906]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  145.140577][ T9906] RIP: 0033:0x7f9ad439e969
[  145.140645][ T9906] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  145.140665][ T9906] RSP: 002b:00007f9ad2a07038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  145.140684][ T9906] RAX: ffffffffffffffda RBX: 00007f9ad45c5fa0 RCX: 00007f9ad439e969
[  145.140697][ T9906] RDX: 0000000000000810 RSI: 0000200000000040 RDI: 0000000000000003
[  145.140711][ T9906] RBP: 00007f9ad4420ab1 R08: 0000000000000000 R09: 0000000000000000
[  145.140788][ T9906] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  145.140806][ T9906] R13: 0000000000000000 R14: 00007f9ad45c5fa0 R15: 00007ffd586121e8
[  145.140832][ T9906]  </TASK>
[  145.140841][ T9906] memory: usage 307200kB, limit 307200kB, failcnt 1131
[  145.501249][ T9906] memory+swap: usage 323824kB, limit 9007199254740988kB, failcnt 0
[  145.509194][ T9906] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[  145.516530][ T9906] Memory cgroup stats for /syz0:
[  145.516790][ T9906] cache 0
[  145.524695][ T9906] rss 0
[  145.527580][ T9906] shmem 0
[  145.530547][ T9906] mapped_file 0
[  145.534027][ T9906] dirty 0
[  145.537123][ T9906] writeback 0
[  145.540468][ T9906] workingset_refault_anon 298
[  145.545244][ T9906] workingset_refault_file 0
[  145.549771][ T9906] swap 17022976
[  145.553426][ T9906] swapcached 0
[  145.556867][ T9906] nr_memmap_boot_pages 40319
[  145.561670][ T9906] pgpgin 40319
[  145.565055][ T9906] pglazyfree 53588
[  145.568826][ T9906] pgfault 19
[  145.572032][ T9906] a_other 0
[  145.575187][ T9906] inactive_anon 0
[  145.578914][ T9906] active_anon 0
[  145.582392][ T9906] inactive_file 0
[  145.586068][ T9906] active_file 0
[  145.589558][ T9906] hierarchical_memory_limit 314572800
[  145.595000][ T9906] hierarchical_memsw_limit 9223372036854771712
[  145.601270][ T9906] total_cache 0
[  145.604880][ T9906] total_rss 0
[  145.608229][ T9906] total_shmem 0
[  145.611736][ T9906] total_mapped_file 0
[  145.615760][ T9906] total_dirty 0
[  145.619373][ T9906] total_writeback 0
[  145.623469][ T9906] total_workingset_refault_anon 298
[  145.628705][ T9906] total_workingset_refault_file 0
[  145.633786][ T9906] total_swap 17022976
[  145.637826][ T9906] total_swapcached 0
[  145.641829][ T9906] total_nr_memmap_boot_pages 40319
[  145.646997][ T9906] total_pgpgin 40319
[  145.651043][ T9906] total_pglazyfree 53588
[  145.655601][ T9906] total_pgfault 19
[  145.659385][ T9906] total_a_other 0
[  145.663034][ T9906] total_inactive_anon 0
[  145.667321][ T9906] total_active_anon 0
[  145.671425][ T9906] total_inactive_file 0
[  145.675631][ T9906] total_active_file 0
[  145.679671][ T9906] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.2319,pid=9904,uid=0
[  145.694593][ T9906] Memory cgroup out of memory: Killed process 9904 (syz.0.2319) total-vm:95928kB, anon-rss:916kB, file-rss:22212kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000
[  146.216845][ T9951] netlink: 'syz.1.2340': attribute type 1 has an invalid length.
[  146.248125][ T9951] 8021q: adding VLAN 0 to HW filter on device bond1
[  146.302841][ T9953] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2340'.
[  146.349004][ T9953] bond1 (unregistering): Released all slaves
[  147.020627][ T9991] pim6reg1: entered promiscuous mode
[  147.026086][ T9991] pim6reg1: entered allmulticast mode
[  147.036291][ T9992] lo speed is unknown, defaulting to 1000
[  147.220643][   T29] kauditd_printk_skb: 77 callbacks suppressed
[  147.220658][   T29] audit: type=1400 audit(1748912950.843:2895): avc:  denied  { mounton } for  pid=10000 comm="syz.6.2357" path="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=dir permissive=1
[  147.406001][T10010] syzkaller0: entered promiscuous mode
[  147.411618][T10010] syzkaller0: entered allmulticast mode
[  147.698949][T10012] netlink: 'syz.4.2363': attribute type 10 has an invalid length.
[  147.712833][T10012] 8021q: adding VLAN 0 to HW filter on device batadv0
[  147.722047][T10012] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  147.793392][T10017] netlink: 'syz.8.2364': attribute type 4 has an invalid length.
[  147.795999][T10008] Set syz1 is full, maxelem 65536 reached
[  147.819330][T10017] netlink: 'syz.8.2364': attribute type 4 has an invalid length.
[  148.070747][T10045] loop8: detected capacity change from 0 to 128
[  148.075609][T10019] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  148.107893][   T29] audit: type=1400 audit(1748912951.723:2896): avc:  denied  { module_load } for  pid=10044 comm="syz.8.2373" path="/193/file1/bus" dev="loop8" ino=22 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=system permissive=1
[  148.221124][T10052] bond4: entered promiscuous mode
[  148.226272][T10052] bond4: entered allmulticast mode
[  148.235642][T10052] 8021q: adding VLAN 0 to HW filter on device bond4
[  148.241587][T10054] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2376'.
[  148.251381][T10054] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2376'.
[  148.272732][T10052] bond4 (unregistering): Released all slaves
[  148.303981][   T29] audit: type=1326 audit(1748912951.923:2897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10059 comm="syz.1.2380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb04271e969 code=0x7ffc0000
[  148.328323][   T29] audit: type=1326 audit(1748912951.923:2898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10059 comm="syz.1.2380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb04271e969 code=0x7ffc0000
[  148.352483][   T29] audit: type=1326 audit(1748912951.923:2899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10059 comm="syz.1.2380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb04271e969 code=0x7ffc0000
[  148.376539][   T29] audit: type=1326 audit(1748912951.923:2900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10059 comm="syz.1.2380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb04271e969 code=0x7ffc0000
[  148.400398][   T29] audit: type=1326 audit(1748912951.923:2901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10059 comm="syz.1.2380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb04271e969 code=0x7ffc0000
[  148.424302][   T29] audit: type=1326 audit(1748912951.923:2902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10059 comm="syz.1.2380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb04271e969 code=0x7ffc0000
[  148.449095][   T29] audit: type=1326 audit(1748912951.923:2903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10059 comm="syz.1.2380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb04271e969 code=0x7ffc0000
[  148.473307][   T29] audit: type=1326 audit(1748912951.923:2904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10059 comm="syz.1.2380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb04271e969 code=0x7ffc0000
[  148.521934][T10067] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2381'.
[  148.572458][T10067] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=10067 comm=syz.4.2381
[  149.600224][T10117] 9pnet: p9_errstr2errno: server reported unknown error 
[  149.710610][T10122] syzkaller0: entered promiscuous mode
[  149.716305][T10122] syzkaller0: entered allmulticast mode
[  150.361855][T10191] hub 8-0:1.0: USB hub found
[  150.367346][T10191] hub 8-0:1.0: 8 ports detected
[  150.393544][T10198] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2434'.
[  150.407009][T10198] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2434'.
[  151.428095][T10318] atomic_op ffff888128878128 conn xmit_atomic 0000000000000000
[  151.988634][T10335] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.2450'.
[  152.187861][T10352] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2458'.
[  152.433525][T10362] loop8: detected capacity change from 0 to 512
[  152.445659][T10362] EXT4-fs: Ignoring removed orlov option
[  152.455395][T10362] ext4: Unknown parameter 'uid>00000000000000000000'
[  152.521248][T10364] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.2463'.
[  152.532247][T10357] lo speed is unknown, defaulting to 1000
[  152.649571][   T29] kauditd_printk_skb: 348 callbacks suppressed
[  152.649610][   T29] audit: type=1326 audit(1748912956.273:3253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10373 comm="syz.8.2468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbda4bbe969 code=0x7ffc0000
[  152.679869][   T29] audit: type=1326 audit(1748912956.273:3254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10373 comm="syz.8.2468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fbda4bbe969 code=0x7ffc0000
[  152.704172][   T29] audit: type=1326 audit(1748912956.273:3255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10373 comm="syz.8.2468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbda4bbe969 code=0x7ffc0000
[  152.727952][   T29] audit: type=1326 audit(1748912956.273:3256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10373 comm="syz.8.2468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=266 compat=0 ip=0x7fbda4bbe969 code=0x7ffc0000
[  152.751519][   T29] audit: type=1326 audit(1748912956.273:3257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10373 comm="syz.8.2468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbda4bbe969 code=0x7ffc0000
[  152.775655][   T29] audit: type=1326 audit(1748912956.273:3258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10373 comm="syz.8.2468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=19 compat=0 ip=0x7fbda4bbe969 code=0x7ffc0000
[  152.803821][   T29] audit: type=1326 audit(1748912956.273:3259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10373 comm="syz.8.2468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbda4bbe969 code=0x7ffc0000
[  152.827836][   T29] audit: type=1326 audit(1748912956.273:3260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10373 comm="syz.8.2468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=6 compat=0 ip=0x7fbda4bbe969 code=0x7ffc0000
[  152.851581][   T29] audit: type=1326 audit(1748912956.273:3261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10373 comm="syz.8.2468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbda4bbe969 code=0x7ffc0000
[  152.875293][   T29] audit: type=1326 audit(1748912956.273:3262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10373 comm="syz.8.2468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=48 compat=0 ip=0x7fbda4bbe969 code=0x7ffc0000
[  152.918892][T10376] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  153.078119][T10376] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  153.090919][T10347] syz.4.2456 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=0
[  153.105166][T10347] CPU: 1 UID: 0 PID: 10347 Comm: syz.4.2456 Not tainted 6.15.0-syzkaller-11121-gfe4281644c62 #0 PREEMPT(voluntary) 
[  153.105279][T10347] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  153.105296][T10347] Call Trace:
[  153.105304][T10347]  <TASK>
[  153.105311][T10347]  __dump_stack+0x1d/0x30
[  153.105339][T10347]  dump_stack_lvl+0xe8/0x140
[  153.105361][T10347]  dump_stack+0x15/0x1b
[  153.105401][T10347]  dump_header+0x81/0x220
[  153.105452][T10347]  oom_kill_process+0x334/0x3f0
[  153.105497][T10347]  out_of_memory+0x979/0xb80
[  153.105539][T10347]  try_charge_memcg+0x5e6/0x9e0
[  153.105580][T10347]  obj_cgroup_charge_pages+0xa6/0x150
[  153.105703][T10347]  __memcg_kmem_charge_page+0x9f/0x170
[  153.105743][T10347]  __alloc_frozen_pages_noprof+0x188/0x360
[  153.105777][T10347]  alloc_pages_mpol+0xb3/0x250
[  153.105822][T10347]  alloc_pages_noprof+0x90/0x130
[  153.105856][T10347]  __vmalloc_node_range_noprof+0x6f2/0xe00
[  153.105933][T10347]  __kvmalloc_node_noprof+0x312/0x4f0
[  153.106056][T10347]  ? ip_set_alloc+0x1f/0x30
[  153.106087][T10347]  ? ip_set_alloc+0x1f/0x30
[  153.106116][T10347]  ? __kmalloc_cache_noprof+0x189/0x320
[  153.106202][T10347]  ip_set_alloc+0x1f/0x30
[  153.106236][T10347]  hash_netiface_create+0x282/0x740
[  153.106313][T10347]  ? __pfx_hash_netiface_create+0x10/0x10
[  153.106352][T10347]  ip_set_create+0x3c9/0x960
[  153.106481][T10347]  ? __nla_parse+0x40/0x60
[  153.106535][T10347]  nfnetlink_rcv_msg+0x4c3/0x590
[  153.106590][T10347]  ? selinux_capable+0x1f9/0x270
[  153.106642][T10347]  netlink_rcv_skb+0x123/0x220
[  153.106682][T10347]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  153.106722][T10347]  nfnetlink_rcv+0x16b/0x1690
[  153.106808][T10347]  ? bpf_prog_216c997a1f42e404+0x43/0x48
[  153.106827][T10347]  ? __list_add_valid_or_report+0x38/0xe0
[  153.106868][T10347]  ? trace_event_reg+0xdc/0x170
[  153.106895][T10347]  ? perf_trace_add+0x176/0x1a0
[  153.106930][T10347]  ? event_sched_in+0x66f/0x720
[  153.106960][T10347]  ? should_fail_ex+0x30/0x280
[  153.106990][T10347]  ? selinux_nlmsg_lookup+0x99/0x890
[  153.107033][T10347]  ? selinux_netlink_send+0x59f/0x5f0
[  153.107104][T10347]  ? __rcu_read_unlock+0x34/0x70
[  153.107140][T10347]  ? __netlink_lookup+0x266/0x2a0
[  153.107187][T10347]  netlink_unicast+0x5a1/0x670
[  153.107229][T10347]  netlink_sendmsg+0x58b/0x6b0
[  153.107297][T10347]  ? __pfx_netlink_sendmsg+0x10/0x10
[  153.107343][T10347]  __sock_sendmsg+0x142/0x180
[  153.107376][T10347]  ____sys_sendmsg+0x31e/0x4e0
[  153.107484][T10347]  ___sys_sendmsg+0x17b/0x1d0
[  153.107601][T10347]  __x64_sys_sendmsg+0xd4/0x160
[  153.107651][T10347]  x64_sys_call+0x2999/0x2fb0
[  153.107683][T10347]  do_syscall_64+0xd2/0x200
[  153.107835][T10347]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  153.107869][T10347]  ? clear_bhb_loop+0x40/0x90
[  153.107896][T10347]  ? clear_bhb_loop+0x40/0x90
[  153.107972][T10347]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.107998][T10347] RIP: 0033:0x7f61bf40e969
[  153.108018][T10347] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  153.108043][T10347] RSP: 002b:00007f61bda77038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  153.108067][T10347] RAX: ffffffffffffffda RBX: 00007f61bf635fa0 RCX: 00007f61bf40e969
[  153.108162][T10347] RDX: 0000000004000000 RSI: 0000200000000040 RDI: 0000000000000004
[  153.108178][T10347] RBP: 00007f61bf490ab1 R08: 0000000000000000 R09: 0000000000000000
[  153.108195][T10347] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  153.108211][T10347] R13: 0000000000000000 R14: 00007f61bf635fa0 R15: 00007fff31f98e88
[  153.108233][T10347]  </TASK>
[  153.108250][T10347] memory: usage 307200kB, limit 307200kB, failcnt 1448
[  153.476880][T10347] memory+swap: usage 307820kB, limit 9007199254740988kB, failcnt 0
[  153.484804][T10347] kmem: usage 239780kB, limit 9007199254740988kB, failcnt 0
[  153.492207][T10347] Memory cgroup stats for /syz4:
[  153.495979][T10347] cache 69033984
[  153.504654][T10347] rss 4096
[  153.507743][T10347] shmem 0
[  153.510833][T10347] mapped_file 0
[  153.514344][T10347] dirty 0
[  153.517345][T10347] writeback 0
[  153.520819][T10347] workingset_refault_anon 380
[  153.525730][T10347] workingset_refault_file 2555
[  153.530606][T10347] swap 634880
[  153.534207][T10347] swapcached 4096
[  153.537997][T10347] nr_memmap_boot_pages 167949
[  153.542712][T10347] pgpgin 151094
[  153.546231][T10347] pglazyfree 177135
[  153.550142][T10347] pgfault 72
[  153.553359][T10347] a_other 4096
[  153.556765][T10347] inactive_anon 0
[  153.560413][T10347] active_anon 0
[  153.563886][T10347] inactive_file 0
[  153.567695][T10347] active_file 69033984
[  153.571788][T10347] hierarchical_memory_limit 314572800
[  153.577351][T10347] hierarchical_memsw_limit 9223372036854771712
[  153.583652][T10347] total_cache 69033984
[  153.587799][T10347] total_rss 4096
[  153.591372][T10347] total_shmem 0
[  153.594903][T10347] total_mapped_file 0
[  153.599000][T10347] total_dirty 0
[  153.602482][T10347] total_writeback 0
[  153.606348][T10347] total_workingset_refault_anon 380
[  153.611669][T10347] total_workingset_refault_file 2555
[  153.617024][T10347] total_swap 634880
[  153.620888][T10347] total_swapcached 4096
[  153.625286][T10347] total_nr_memmap_boot_pages 167949
[  153.630590][T10347] total_pgpgin 151094
[  153.634747][T10347] total_pglazyfree 177135
[  153.639169][T10347] total_pgfault 72
[  153.642962][T10347] total_a_other 4096
[  153.646937][T10347] total_inactive_anon 0
[  153.651298][T10347] total_active_anon 0
[  153.655357][T10347] total_inactive_file 0
[  153.659605][T10347] total_active_file 69033984
[  153.664210][T10347] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.5,pid=3485,uid=0
[  153.680004][T10347] Memory cgroup out of memory: Killed process 3485 (syz.4.5) total-vm:95592kB, anon-rss:964kB, file-rss:20736kB, shmem-rss:0kB, UID:0 pgtables:108kB oom_score_adj:1000
[  153.702386][T10376] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  153.738995][T10376] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  153.792606][T10376] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  153.808402][T10376] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  153.821846][T10346] syz.4.2456 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  153.833417][T10346] CPU: 0 UID: 0 PID: 10346 Comm: syz.4.2456 Not tainted 6.15.0-syzkaller-11121-gfe4281644c62 #0 PREEMPT(voluntary) 
[  153.833446][T10346] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  153.833459][T10346] Call Trace:
[  153.833503][T10346]  <TASK>
[  153.833513][T10346]  __dump_stack+0x1d/0x30
[  153.833541][T10346]  dump_stack_lvl+0xe8/0x140
[  153.833565][T10346]  dump_stack+0x15/0x1b
[  153.833588][T10346]  dump_header+0x81/0x220
[  153.833702][T10346]  oom_kill_process+0x334/0x3f0
[  153.833747][T10346]  out_of_memory+0x979/0xb80
[  153.833869][T10346]  try_charge_memcg+0x5e6/0x9e0
[  153.833931][T10346]  charge_memcg+0x51/0xc0
[  153.833956][T10346]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  153.833983][T10346]  __read_swap_cache_async+0x1df/0x350
[  153.834049][T10346]  swap_cluster_readahead+0x277/0x3e0
[  153.834102][T10346]  swapin_readahead+0xde/0x6f0
[  153.834266][T10346]  ? __filemap_get_folio+0x49f/0x650
[  153.834290][T10346]  ? swap_cache_get_folio+0x77/0x200
[  153.834387][T10346]  do_swap_page+0x301/0x2430
[  153.834414][T10346]  ? __rb_insert_augmented+0x2b4/0x2c0
[  153.834453][T10346]  ? __pfx_min_vruntime_cb_rotate+0x10/0x10
[  153.834552][T10346]  ? update_curr+0x1e1/0x320
[  153.834658][T10346]  ? enqueue_task_fair+0x35e/0x980
[  153.834685][T10346]  ? tracing_record_taskinfo_sched_switch+0x71/0x260
[  153.834774][T10346]  ? __pfx_default_wake_function+0x10/0x10
[  153.834808][T10346]  handle_mm_fault+0x9a5/0x2be0
[  153.834836][T10346]  ? mas_walk+0xf2/0x120
[  153.834948][T10346]  do_user_addr_fault+0x636/0x1090
[  153.834996][T10346]  ? fpregs_restore_userregs+0xe2/0x1d0
[  153.835029][T10346]  ? arch_exit_work+0x30/0x40
[  153.835059][T10346]  exc_page_fault+0x62/0xa0
[  153.835094][T10346]  asm_exc_page_fault+0x26/0x30
[  153.835114][T10346] RIP: 0033:0x7f61bf2ef1d5
[  153.835190][T10346] Code: 0f 1f 44 00 00 48 8b 70 08 48 39 72 f8 0f 84 1f 03 00 00 48 89 d0 48 8d 52 08 48 39 ea 75 e6 48 8b 04 24 48 29 c5 48 c1 fd 03 <80> 7b 4e 00 8b 53 48 89 e8 0f 85 46 03 00 00 85 d2 0f 85 62 03 00
[  153.835216][T10346] RSP: 002b:00007fff31f98f30 EFLAGS: 00010206
[  153.835232][T10346] RAX: 00007f61bea7f008 RBX: 00007f61c0165720 RCX: ffffffff85612acc
[  153.835244][T10346] RDX: 00007f61bee7f000 RSI: ffffffff8127826d RDI: 00007f61bea7f008
[  153.835256][T10346] RBP: 00000000000007ca R08: 00007f61bea7f070 R09: 00007f61bf622000
[  153.835269][T10346] R10: 00007f61bea7f008 R11: 0000000000000006 R12: 00007f61bee7f000
[  153.835295][T10346] R13: 00007f61bf636038 R14: ffffffffffffffff R15: 00007f61bea7f008
[  153.835314][T10346]  ? xa_load+0xac/0xe0
[  153.835380][T10346]  ? get_gate_vma+0xd/0x90
[  153.835498][T10346]  </TASK>
[  153.940713][T10376] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  153.943834][T10346] memory: usage 307200kB, limit 307200kB, failcnt 1592
[  154.106075][T10346] memory+swap: usage 307652kB, limit 9007199254740988kB, failcnt 0
[  154.114253][T10346] kmem: usage 239768kB, limit 9007199254740988kB, failcnt 0
[  154.122056][T10346] Memory cgroup stats for /syz4:
[  154.123968][T10346] cache 69033984
[  154.127341][T10376] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  154.129270][T10346] rss 4096
[  154.145666][T10346] shmem 0
[  154.148882][T10346] mapped_file 0
[  154.152444][T10346] dirty 0
[  154.155520][T10346] writeback 8192
[  154.159219][T10346] workingset_refault_anon 391
[  154.163909][T10346] workingset_refault_file 2563
[  154.168721][T10346] swap 462848
[  154.172310][T10346] swapcached 16384
[  154.176137][T10346] nr_memmap_boot_pages 167968
[  154.180952][T10346] pgpgin 151110
[  154.184491][T10346] pglazyfree 177140
[  154.188441][T10346] pgfault 77
[  154.191790][T10346] a_other 8192
[  154.195318][T10346] inactive_anon 8192
[  154.199229][T10346] active_anon 0
[  154.202708][T10346] inactive_file 0
[  154.206428][T10346] active_file 69033984
[  154.210984][T10346] hierarchical_memory_limit 314572800
[  154.216562][T10346] hierarchical_memsw_limit 9223372036854771712
[  154.222911][T10346] total_cache 69033984
[  154.227066][T10346] total_rss 4096
[  154.230669][T10346] total_shmem 0
[  154.234280][T10346] total_mapped_file 0
[  154.238352][T10346] total_dirty 0
[  154.241830][T10346] total_writeback 8192
[  154.246007][T10346] total_workingset_refault_anon 391
[  154.251251][T10346] total_workingset_refault_file 2563
[  154.256706][T10346] total_swap 462848
[  154.260525][T10346] total_swapcached 16384
[  154.264861][T10346] total_nr_memmap_boot_pages 167968
[  154.270221][T10346] total_pgpgin 151110
[  154.274281][T10346] total_pglazyfree 177140
[  154.278677][T10346] total_pgfault 77
[  154.282426][T10346] total_a_other 8192
[  154.286590][T10346] total_inactive_anon 8192
[  154.291200][T10346] total_active_anon 0
[  154.295241][T10346] total_inactive_file 0
[  154.299422][T10346] total_active_file 69033984
[  154.304198][T10346] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.2456,pid=10346,uid=0
[  154.319997][T10346] Memory cgroup out of memory: Killed process 10346 (syz.4.2456) total-vm:95796kB, anon-rss:1068kB, file-rss:22184kB, shmem-rss:0kB, UID:0 pgtables:132kB oom_score_adj:0
[  155.609826][T10427] netlink: 'syz.0.2485': attribute type 4 has an invalid length.
[  157.120738][T10490] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2510'.
[  157.267023][T10499] netlink: 'syz.0.2515': attribute type 1 has an invalid length.
[  157.379387][T10499] 8021q: adding VLAN 0 to HW filter on device bond1
[  157.391481][T10504] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2515'.
[  157.404737][T10504] bond1 (unregistering): Released all slaves
[  158.375793][T10539] netlink: 2036 bytes leftover after parsing attributes in process `syz.4.2528'.
[  158.385346][T10539] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2528'.
[  158.411577][   T29] kauditd_printk_skb: 317 callbacks suppressed
[  158.411594][   T29] audit: type=1400 audit(1748912962.033:3580): avc:  denied  { read } for  pid=10541 comm="syz.8.2540" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  158.673405][ T3377] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x4
[  158.681404][ T3377] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x2
[  158.691498][ T3377] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x4
[  158.700002][ T3377] hid-generic 0000:3000000:0000.0006: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  158.724214][T10551] netlink: 44 bytes leftover after parsing attributes in process `syz.6.2533'.
[  159.022150][ T3314] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  159.033375][ T3314] CPU: 0 UID: 0 PID: 3314 Comm: syz-executor Not tainted 6.15.0-syzkaller-11121-gfe4281644c62 #0 PREEMPT(voluntary) 
[  159.033423][ T3314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  159.033437][ T3314] Call Trace:
[  159.033446][ T3314]  <TASK>
[  159.033456][ T3314]  __dump_stack+0x1d/0x30
[  159.033480][ T3314]  dump_stack_lvl+0xe8/0x140
[  159.033501][ T3314]  dump_stack+0x15/0x1b
[  159.033517][ T3314]  dump_header+0x81/0x220
[  159.033601][ T3314]  oom_kill_process+0x334/0x3f0
[  159.033640][ T3314]  out_of_memory+0x979/0xb80
[  159.033680][ T3314]  try_charge_memcg+0x5e6/0x9e0
[  159.033717][ T3314]  charge_memcg+0x51/0xc0
[  159.033745][ T3314]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  159.033772][ T3314]  __read_swap_cache_async+0x1df/0x350
[  159.033817][ T3314]  swap_cluster_readahead+0x277/0x3e0
[  159.033862][ T3314]  swapin_readahead+0xde/0x6f0
[  159.033956][ T3314]  ? __filemap_get_folio+0x49f/0x650
[  159.033973][ T3314]  ? next_uptodate_folio+0x81c/0x890
[  159.033997][ T3314]  ? swap_cache_get_folio+0x77/0x200
[  159.034036][ T3314]  do_swap_page+0x301/0x2430
[  159.034096][ T3314]  ? css_rstat_updated+0xcd/0x5b0
[  159.034138][ T3314]  ? __pfx_default_wake_function+0x10/0x10
[  159.034171][ T3314]  handle_mm_fault+0x9a5/0x2be0
[  159.034333][ T3314]  ? mas_walk+0xf2/0x120
[  159.034396][ T3314]  do_user_addr_fault+0x636/0x1090
[  159.034434][ T3314]  exc_page_fault+0x62/0xa0
[  159.034462][ T3314]  asm_exc_page_fault+0x26/0x30
[  159.034510][ T3314] RIP: 0033:0x7fb0425f5997
[  159.034528][ T3314] Code: 00 00 48 b8 db 34 b6 d7 82 de 1b 43 48 f7 a4 24 98 00 00 00 48 8b 05 08 fe e7 00 48 69 8c 24 90 00 00 00 e8 03 00 00 8b 78 08 <48> 8b 44 24 18 48 c1 ea 12 4c 8b 0d 19 fd e7 00 48 01 d1 39 7c 24
[  159.034546][ T3314] RSP: 002b:00007fff5d427930 EFLAGS: 00010206
[  159.034561][ T3314] RAX: 0000001b32a20000 RBX: 000000000000045a RCX: 0000000000026930
[  159.034573][ T3314] RDX: 000000000f0e5f86 RSI: 00007fff5d4279c0 RDI: 000000000000000a
[  159.034585][ T3314] RBP: 00007fff5d42796c R08: 00000000396f4445 R09: 7fffffffffffffff
[  159.034661][ T3314] R10: 3fffffffffffffff R11: 0000000000000202 R12: 0000000000001388
[  159.034676][ T3314] R13: 00000000000927c0 R14: 0000000000026aa5 R15: 00007fff5d4279c0
[  159.034698][ T3314]  </TASK>
[  159.034706][ T3314] memory: usage 307200kB, limit 307200kB, failcnt 186
[  159.220894][   T29] audit: type=1400 audit(1748912962.853:3581): avc:  denied  { name_connect } for  pid=10558 comm="syz.4.2536" dest=768 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hi_reserved_port_t tclass=sctp_socket permissive=1
[  159.227485][ T3314] memory+swap: usage 373056kB, limit 9007199254740988kB, failcnt 0
[  159.227504][ T3314] kmem: usage 307172kB, limit 9007199254740988kB, failcnt 0
[  159.299847][ T3314] Memory cgroup stats for /syz1:
[  159.300865][ T3314] cache 0
[  159.309134][ T3314] rss 28672
[  159.312416][ T3314] shmem 0
[  159.315420][ T3314] mapped_file 0
[  159.319242][ T3314] dirty 0
[  159.322194][ T3314] writeback 28672
[  159.325986][ T3314] workingset_refault_anon 78
[  159.330666][ T3314] workingset_refault_file 302
[  159.335434][ T3314] swap 67436544
[  159.339024][ T3314] swapcached 28672
[  159.342996][ T3314] nr_memmap_boot_pages 173134
[  159.347711][ T3314] pgpgin 173127
[  159.351552][ T3314] pglazyfree 165927
[  159.355411][ T3314] pgfault 48
[  159.357584][   T29] audit: type=1400 audit(1748912962.933:3582): avc:  denied  { bind } for  pid=10562 comm="syz.0.2537" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  159.358618][ T3314] a_other 28672
[  159.358631][ T3314] inactive_anon 0
[  159.358641][ T3314] active_anon 0
[  159.358651][ T3314] inactive_file 0
[  159.392826][ T3314] active_file 0
[  159.396757][ T3314] hierarchical_memory_limit 314572800
[  159.402613][ T3314] hierarchical_memsw_limit 9223372036854771712
[  159.409149][ T3314] total_cache 0
[  159.412641][ T3314] total_rss 28672
[  159.416322][ T3314] total_shmem 0
[  159.419791][ T3314] total_mapped_file 0
[  159.423809][ T3314] total_dirty 0
[  159.427297][ T3314] total_writeback 28672
[  159.431472][ T3314] total_workingset_refault_anon 78
[  159.436629][ T3314] total_workingset_refault_file 302
[  159.441853][ T3314] total_swap 67436544
[  159.445878][ T3314] total_swapcached 28672
[  159.450251][ T3314] total_nr_memmap_boot_pages 173134
[  159.455484][ T3314] total_pgpgin 173127
[  159.459553][ T3314] total_pglazyfree 165927
[  159.464234][ T3314] total_pgfault 48
[  159.468985][ T3314] total_a_other 28672
[  159.473172][ T3314] total_inactive_anon 0
[  159.477604][ T3314] total_active_anon 0
[  159.481643][ T3314] total_inactive_file 0
[  159.485830][ T3314] total_active_file 0
[  159.490146][ T3314] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.90,pid=3711,uid=0
[  159.505052][ T3314] Memory cgroup out of memory: Killed process 3711 (syz.1.90) total-vm:95664kB, anon-rss:972kB, file-rss:20736kB, shmem-rss:0kB, UID:0 pgtables:100kB oom_score_adj:1000
[  159.566275][T10571] futex_wake_op: syz.0.2542 tries to shift op by -1; fix this program
[  159.575864][ T3390] hid-generic 0000:0004:0000.0007: unknown main item tag 0x0
[  159.583377][ T3390] hid-generic 0000:0004:0000.0007: unknown main item tag 0x0
[  159.590878][ T3390] hid-generic 0000:0004:0000.0007: unknown main item tag 0x0
[  159.623440][ T3390] hid-generic 0000:0004:0000.0007: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  159.677737][   T29] audit: type=1326 audit(1748912963.303:3583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10575 comm="syz.0.2544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ad439e969 code=0x7ffc0000
[  159.702354][   T29] audit: type=1326 audit(1748912963.303:3584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10575 comm="syz.0.2544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ad439e969 code=0x7ffc0000
[  159.733623][ T3314] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  159.744870][ T3314] CPU: 0 UID: 0 PID: 3314 Comm: syz-executor Not tainted 6.15.0-syzkaller-11121-gfe4281644c62 #0 PREEMPT(voluntary) 
[  159.744910][ T3314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  159.744925][ T3314] Call Trace:
[  159.744932][ T3314]  <TASK>
[  159.744941][ T3314]  __dump_stack+0x1d/0x30
[  159.745042][ T3314]  dump_stack_lvl+0xe8/0x140
[  159.745062][ T3314]  dump_stack+0x15/0x1b
[  159.745090][ T3314]  dump_header+0x81/0x220
[  159.745159][ T3314]  oom_kill_process+0x334/0x3f0
[  159.745199][ T3314]  out_of_memory+0x979/0xb80
[  159.745241][ T3314]  try_charge_memcg+0x5e6/0x9e0
[  159.745298][ T3314]  charge_memcg+0x51/0xc0
[  159.745321][ T3314]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  159.745393][ T3314]  __read_swap_cache_async+0x1df/0x350
[  159.745438][ T3314]  swap_cluster_readahead+0x277/0x3e0
[  159.745487][ T3314]  swapin_readahead+0xde/0x6f0
[  159.745562][ T3314]  ? __filemap_get_folio+0x49f/0x650
[  159.745585][ T3314]  ? next_uptodate_folio+0x81c/0x890
[  159.745653][ T3314]  ? swap_cache_get_folio+0x77/0x200
[  159.745699][ T3314]  do_swap_page+0x301/0x2430
[  159.745727][ T3314]  ? css_rstat_updated+0xcd/0x5b0
[  159.745781][ T3314]  ? __pfx_default_wake_function+0x10/0x10
[  159.745815][ T3314]  handle_mm_fault+0x9a5/0x2be0
[  159.745912][ T3314]  ? mas_walk+0xf2/0x120
[  159.745969][ T3314]  do_user_addr_fault+0x636/0x1090
[  159.746057][ T3314]  exc_page_fault+0x62/0xa0
[  159.746095][ T3314]  asm_exc_page_fault+0x26/0x30
[  159.746119][ T3314] RIP: 0033:0x7fb0425f5997
[  159.746138][ T3314] Code: 00 00 48 b8 db 34 b6 d7 82 de 1b 43 48 f7 a4 24 98 00 00 00 48 8b 05 08 fe e7 00 48 69 8c 24 90 00 00 00 e8 03 00 00 8b 78 08 <48> 8b 44 24 18 48 c1 ea 12 4c 8b 0d 19 fd e7 00 48 01 d1 39 7c 24
[  159.746161][ T3314] RSP: 002b:00007fff5d427930 EFLAGS: 00010206
[  159.746179][ T3314] RAX: 0000001b32a20000 RBX: 000000000000045a RCX: 0000000000026930
[  159.746194][ T3314] RDX: 000000000f0e5f86 RSI: 00007fff5d4279c0 RDI: 000000000000000a
[  159.746294][ T3314] RBP: 00007fff5d42796c R08: 00000000396f4445 R09: 7fffffffffffffff
[  159.746308][ T3314] R10: 3fffffffffffffff R11: 0000000000000202 R12: 0000000000001388
[  159.746322][ T3314] R13: 00000000000927c0 R14: 0000000000026aa5 R15: 00007fff5d4279c0
[  159.746345][ T3314]  </TASK>
[  159.880751][   T29] audit: type=1326 audit(1748912963.303:3585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10575 comm="syz.0.2544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f9ad439e969 code=0x7ffc0000
[  159.884591][ T3314] memory: usage 307200kB, limit 307200kB, failcnt 336
[  159.889906][   T29] audit: type=1326 audit(1748912963.303:3586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10575 comm="syz.0.2544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ad439e969 code=0x7ffc0000
[  159.889945][   T29] audit: type=1326 audit(1748912963.303:3587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10575 comm="syz.0.2544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ad439e969 code=0x7ffc0000
[  159.890108][   T29] audit: type=1326 audit(1748912963.303:3588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10575 comm="syz.0.2544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=5 compat=0 ip=0x7f9ad439e969 code=0x7ffc0000
[  159.890142][   T29] audit: type=1326 audit(1748912963.303:3589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10575 comm="syz.0.2544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ad439e969 code=0x7ffc0000
[  160.094392][ T3314] memory+swap: usage 372876kB, limit 9007199254740988kB, failcnt 0
[  160.102496][ T3314] kmem: usage 307068kB, limit 9007199254740988kB, failcnt 0
[  160.109947][ T3314] Memory cgroup stats for /syz1:
[  160.110204][ T3314] cache 0
[  160.118210][ T3314] rss 28672
[  160.121359][ T3314] shmem 0
[  160.124389][ T3314] mapped_file 0
[  160.127926][ T3314] dirty 0
[  160.130893][ T3314] writeback 28672
[  160.134534][ T3314] workingset_refault_anon 87
[  160.139326][ T3314] workingset_refault_file 302
[  160.144642][ T3314] swap 67252224
[  160.148487][ T3314] swapcached 32768
[  160.152256][ T3314] nr_memmap_boot_pages 173143
[  160.157357][ T3314] pgpgin 173135
[  160.160837][ T3314] pglazyfree 165928
[  160.164766][ T3314] pgfault 49
[  160.168105][ T3314] a_other 32768
[  160.171682][ T3314] inactive_anon 0
[  160.176567][ T3314] active_anon 0
[  160.180080][ T3314] inactive_file 0
[  160.183748][ T3314] active_file 0
[  160.187466][ T3314] hierarchical_memory_limit 314572800
[  160.193555][ T3314] hierarchical_memsw_limit 9223372036854771712
[  160.199874][ T3314] total_cache 0
[  160.203370][ T3314] total_rss 28672
[  160.207044][ T3314] total_shmem 0
[  160.210592][ T3314] total_mapped_file 0
[  160.214588][ T3314] total_dirty 0
[  160.218150][ T3314] total_writeback 28672
[  160.222754][ T3314] total_workingset_refault_anon 87
[  160.227954][ T3314] total_workingset_refault_file 302
[  160.233243][ T3314] total_swap 67252224
[  160.237506][ T3314] total_swapcached 32768
[  160.241919][ T3314] total_nr_memmap_boot_pages 173143
[  160.247148][ T3314] total_pgpgin 173135
[  160.251217][ T3314] total_pglazyfree 165928
[  160.255978][ T3314] total_pgfault 49
[  160.259758][ T3314] total_a_other 32768
[  160.264111][ T3314] total_inactive_anon 0
[  160.268980][ T3314] total_active_anon 0
[  160.273217][ T3314] total_inactive_file 0
[  160.277407][ T3314] total_active_file 0
[  160.281397][ T3314] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.2529,pid=10535,uid=0
[  160.296523][ T3314] Memory cgroup out of memory: Killed process 10535 (syz.1.2529) total-vm:95796kB, anon-rss:936kB, file-rss:22184kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:0
[  160.520302][T10600] futex_wake_op: syz.6.2563 tries to shift op by -1; fix this program
[  160.520650][T10601] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2553'.
[  160.542478][T10603] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1 sclass=netlink_route_socket pid=10603 comm=syz.1.2554
[  160.595891][T10609] 9pnet_fd: Insufficient options for proto=fd
[  160.603442][ T3377] IPVS: starting estimator thread 0...
[  160.705406][T10610] IPVS: using max 2256 ests per chain, 112800 per kthread
[  160.886382][T10625] netlink: 'syz.1.2564': attribute type 27 has an invalid length.
[  160.901123][T10625] 0ªX¹¦D: left allmulticast mode
[  160.942581][T10626] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2564'.
[  160.951611][T10626] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2564'.
[  161.078029][T10630] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2566'.
[  161.213911][ T3394] hid-generic 0000:3000000:0000.0008: unknown main item tag 0x4
[  161.221678][ T3394] hid-generic 0000:3000000:0000.0008: unknown main item tag 0x2
[  161.234709][ T3394] hid-generic 0000:3000000:0000.0008: unknown main item tag 0x4
[  161.243293][ T3394] hid-generic 0000:3000000:0000.0008: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  161.267308][T10633] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2567'.
[  161.296833][T10640] netlink: 'syz.0.2570': attribute type 4 has an invalid length.
[  161.310242][T10640] netlink: 'syz.0.2570': attribute type 4 has an invalid length.
[  161.392768][T10646] loop8: detected capacity change from 0 to 128
[  161.401186][T10648] netlink: 'syz.0.2573': attribute type 1 has an invalid length.
[  161.402954][T10645] FAT-fs (loop8): error, invalid access to FAT (entry 0x00000100)
[  161.417233][T10645] FAT-fs (loop8): Filesystem has been set read-only
[  161.431787][T10648] 8021q: adding VLAN 0 to HW filter on device bond2
[  161.440593][T10648] bond1: (slave bond2): making interface the new active one
[  161.448580][T10645] bio_check_eod: 6 callbacks suppressed
[  161.448593][T10645] syz.8.2572: attempt to access beyond end of device
[  161.448593][T10645] loop8: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  161.455033][T10648] bond1: (slave bond2): Enslaving as an active interface with an up link
[  161.477942][T10645] FAT-fs (loop8): error, invalid access to FAT (entry 0x00000100)
[  161.485929][T10645] FAT-fs (loop8): error, invalid access to FAT (entry 0x00000100)
[  161.508346][T10648] 8021q: adding VLAN 0 to HW filter on device bond1
[  161.517609][T10646] syz.8.2572: attempt to access beyond end of device
[  161.517609][T10646] loop8: rw=0, sector=2065, nr_sectors = 1 limit=128
[  161.531076][T10646] buffer_io_error: 6 callbacks suppressed
[  161.531092][T10646] Buffer I/O error on dev loop8, logical block 2065, async page read
[  161.561346][T10646] syz.8.2572: attempt to access beyond end of device
[  161.561346][T10646] loop8: rw=0, sector=2066, nr_sectors = 1 limit=128
[  161.575108][T10646] Buffer I/O error on dev loop8, logical block 2066, async page read
[  161.586470][T10653] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=10653 comm=syz.6.2574
[  161.620694][T10646] syz.8.2572: attempt to access beyond end of device
[  161.620694][T10646] loop8: rw=0, sector=2067, nr_sectors = 1 limit=128
[  161.634259][T10646] Buffer I/O error on dev loop8, logical block 2067, async page read
[  161.644915][T10646] syz.8.2572: attempt to access beyond end of device
[  161.644915][T10646] loop8: rw=0, sector=2068, nr_sectors = 1 limit=128
[  161.659131][T10646] Buffer I/O error on dev loop8, logical block 2068, async page read
[  161.668813][T10646] syz.8.2572: attempt to access beyond end of device
[  161.668813][T10646] loop8: rw=0, sector=2069, nr_sectors = 1 limit=128
[  161.682981][T10646] Buffer I/O error on dev loop8, logical block 2069, async page read
[  161.691656][T10646] syz.8.2572: attempt to access beyond end of device
[  161.691656][T10646] loop8: rw=0, sector=2070, nr_sectors = 1 limit=128
[  161.706253][T10646] Buffer I/O error on dev loop8, logical block 2070, async page read
[  161.723378][T10646] syz.8.2572: attempt to access beyond end of device
[  161.723378][T10646] loop8: rw=0, sector=2071, nr_sectors = 1 limit=128
[  161.737036][T10646] Buffer I/O error on dev loop8, logical block 2071, async page read
[  161.745386][T10646] syz.8.2572: attempt to access beyond end of device
[  161.745386][T10646] loop8: rw=0, sector=2072, nr_sectors = 1 limit=128
[  161.758738][T10646] Buffer I/O error on dev loop8, logical block 2072, async page read
[  161.774765][T10646] syz.8.2572: attempt to access beyond end of device
[  161.774765][T10646] loop8: rw=0, sector=2065, nr_sectors = 1 limit=128
[  161.788854][T10646] Buffer I/O error on dev loop8, logical block 2065, async page read
[  161.797612][T10646] Buffer I/O error on dev loop8, logical block 2066, async page read
[  161.886473][T10675] netlink: 'syz.4.2579': attribute type 13 has an invalid length.
[  162.052022][T10685] lo speed is unknown, defaulting to 1000
[  162.407095][T10685] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[  162.510767][T10698] netlink: 'syz.6.2590': attribute type 27 has an invalid length.
[  162.544422][T10698] dummy0: left promiscuous mode
[  162.554350][T10698] bond2: left promiscuous mode
[  162.560089][T10698] bond3: left promiscuous mode
[  162.565320][T10698] bridge2: left promiscuous mode
[  162.570692][T10698] bond3: left allmulticast mode
[  162.575894][T10698] bridge2: left allmulticast mode
[  162.580418][T10704] __nla_validate_parse: 4 callbacks suppressed
[  162.580437][T10704] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2590'.
[  162.596476][T10704] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2590'.
[  162.748524][T10713] x_tables: ip6_tables: tcpmss match: only valid for protocol 6
[  162.982009][T10734] netlink: 'syz.0.2606': attribute type 27 has an invalid length.
[  163.013358][T10740] netlink: 'syz.1.2609': attribute type 4 has an invalid length.
[  163.048252][T10742] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2608'.
[  163.059253][T10745] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2606'.
[  163.069815][T10745] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2606'.
[  163.098768][T10734] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  163.109554][T10734] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  163.126299][T10747] netlink: 'syz.1.2609': attribute type 4 has an invalid length.
[  163.140544][T10734] netdevsim netdevsim0 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  163.149239][T10734] netdevsim netdevsim0 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  163.158143][T10734] netdevsim netdevsim0 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  163.166877][T10734] netdevsim netdevsim0 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  163.419152][   T29] kauditd_printk_skb: 406 callbacks suppressed
[  163.419241][   T29] audit: type=1326 audit(1748912967.043:3996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10749 comm="syz.6.2610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7d2fe0ab39 code=0x7ffc0000
[  163.450981][   T29] audit: type=1326 audit(1748912967.043:3997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10749 comm="syz.6.2610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d2fe6e969 code=0x7ffc0000
[  163.474840][   T29] audit: type=1326 audit(1748912967.043:3998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10749 comm="syz.6.2610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d2fe6e969 code=0x7ffc0000
[  163.613086][   T29] audit: type=1326 audit(1748912967.233:3999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10770 comm="syz.1.2618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb04271e969 code=0x7ffc0000
[  163.654107][   T29] audit: type=1326 audit(1748912967.263:4000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10770 comm="syz.1.2618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb04271e969 code=0x7ffc0000
[  163.678418][   T29] audit: type=1326 audit(1748912967.263:4001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10770 comm="syz.1.2618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fb04271e969 code=0x7ffc0000
[  163.702386][   T29] audit: type=1326 audit(1748912967.263:4002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10770 comm="syz.1.2618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb04271e969 code=0x7ffc0000
[  163.726400][   T29] audit: type=1326 audit(1748912967.263:4003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10770 comm="syz.1.2618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb04271e969 code=0x7ffc0000
[  163.750479][   T29] audit: type=1326 audit(1748912967.263:4004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10770 comm="syz.1.2618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7fb04271e969 code=0x7ffc0000
[  163.774914][   T29] audit: type=1326 audit(1748912967.273:4005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10770 comm="syz.1.2618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb04271e969 code=0x7ffc0000
[  163.887025][T10778] Invalid ELF header magic: != ELF
[  164.077338][T10790] netlink: 'syz.4.2625': attribute type 27 has an invalid length.
[  164.090370][T10790] ip6gre1: left allmulticast mode
[  164.117105][T10790] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2625'.
[  164.126445][T10790] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2625'.
[  164.240455][T10802] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2631'.
[  164.366819][ T3377] hid-generic 0006:0000:0000.0009: unknown main item tag 0x1
[  164.374326][ T3377] hid-generic 0006:0000:0000.0009: unknown main item tag 0x0
[  164.382193][ T3377] hid-generic 0006:0000:0000.0009: unknown main item tag 0x0
[  164.390221][ T3377] hid-generic 0006:0000:0000.0009: unknown main item tag 0x0
[  164.397760][ T3377] hid-generic 0006:0000:0000.0009: unknown main item tag 0x0
[  164.405252][ T3377] hid-generic 0006:0000:0000.0009: unknown main item tag 0x0
[  164.412976][ T3377] hid-generic 0006:0000:0000.0009: unknown main item tag 0x4
[  164.420435][ T3377] hid-generic 0006:0000:0000.0009: unknown main item tag 0x0
[  164.428170][ T3377] hid-generic 0006:0000:0000.0009: unknown main item tag 0x0
[  164.435939][ T3377] hid-generic 0006:0000:0000.0009: unknown main item tag 0x0
[  164.443401][ T3377] hid-generic 0006:0000:0000.0009: unknown main item tag 0x2
[  164.451419][ T3377] hid-generic 0006:0000:0000.0009: unknown main item tag 0x0
[  164.459040][ T3377] hid-generic 0006:0000:0000.0009: unknown main item tag 0x0
[  164.466965][ T3377] hid-generic 0006:0000:0000.0009: unknown main item tag 0x4
[  164.475452][ T3377] hid-generic 0006:0000:0000.0009: unknown main item tag 0x0
[  164.483070][ T3377] hid-generic 0006:0000:0000.0009: unknown main item tag 0x0
[  164.490790][ T3377] hid-generic 0006:0000:0000.0009: unknown main item tag 0x2
[  164.498381][ T3377] hid-generic 0006:0000:0000.0009: unknown main item tag 0x0
[  164.506483][ T3377] hid-generic 0006:0000:0000.0009: unknown main item tag 0x0
[  164.514335][ T3377] hid-generic 0006:0000:0000.0009: unknown main item tag 0x0
[  164.522243][ T3377] hid-generic 0006:0000:0000.0009: unknown main item tag 0x0
[  164.529908][ T3377] hid-generic 0006:0000:0000.0009: unknown main item tag 0x0
[  164.537797][ T3377] hid-generic 0006:0000:0000.0009: unknown main item tag 0x0
[  164.545488][ T3377] hid-generic 0006:0000:0000.0009: unknown main item tag 0x0
[  164.553188][T10814] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  164.564361][ T3377] hid-generic 0006:0000:0000.0009: hidraw0: VIRTUAL HID vffffff.00 Device [syz0] on syz1
[  164.632253][T10830] syzkaller0: entered promiscuous mode
[  164.637867][T10830] syzkaller0: entered allmulticast mode
[  164.651463][T10832] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2641'.
[  164.661065][T10832] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2641'.
[  164.858896][T10834] loop8: detected capacity change from 0 to 128
[  164.867107][T10834] FAT-fs (loop8): Invalid FSINFO signature: 0x00615252, 0x61417272 (sector = 1)
[  164.890126][T10834] 8021q: adding VLAN 0 to HW filter on device batadv0
[  165.163835][T10849] 8021q: adding VLAN 0 to HW filter on device bond2
[  165.178900][T10849] bond2 (unregistering): Released all slaves
[  165.301255][T10861] bond2: entered promiscuous mode
[  165.306893][T10861] bond2: entered allmulticast mode
[  165.312496][T10861] 8021q: adding VLAN 0 to HW filter on device bond2
[  165.322326][T10861] bond2 (unregistering): Released all slaves
[  165.414482][T10864] syzkaller0: entered allmulticast mode
[  165.421575][T10864] syzkaller0 (unregistering): left allmulticast mode
[  165.930180][T10884] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1 sclass=netlink_route_socket pid=10884 comm=syz.4.2663
[  166.025075][T10890] validate_nla: 5 callbacks suppressed
[  166.030856][T10890] netlink: 'syz.0.2665': attribute type 12 has an invalid length.
[  166.650255][T10914] netlink: 'syz.6.2673': attribute type 10 has an invalid length.
[  166.661373][T10914] 8021q: adding VLAN 0 to HW filter on device batadv0
[  166.670461][T10914] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  167.071174][T10935] Set syz1 is full, maxelem 65536 reached
[  167.537479][T10956] netlink: 'syz.1.2692': attribute type 12 has an invalid length.
[  167.586207][T10963] __nla_validate_parse: 1 callbacks suppressed
[  167.586227][T10963] netlink: 24 bytes leftover after parsing attributes in process `syz.8.2695'.
[  167.648619][T10968] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2695'.
[  168.089732][T10993] lo speed is unknown, defaulting to 1000
[  168.342713][T11002] netlink: 'syz.4.2707': attribute type 12 has an invalid length.
[  168.766158][   T29] kauditd_printk_skb: 282 callbacks suppressed
[  168.766177][   T29] audit: type=1400 audit(1748912972.393:4288): avc:  denied  { create } for  pid=11014 comm="syz.4.2712" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=appletalk_socket permissive=1
[  168.930970][   T29] audit: type=1326 audit(1748912972.553:4289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11022 comm="syz.6.2713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d2fe6e969 code=0x7ffc0000
[  168.954807][   T29] audit: type=1326 audit(1748912972.553:4290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11022 comm="syz.6.2713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d2fe6e969 code=0x7ffc0000
[  168.979579][   T29] audit: type=1326 audit(1748912972.553:4291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11022 comm="syz.6.2713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f7d2fe6e969 code=0x7ffc0000
[  169.003524][   T29] audit: type=1326 audit(1748912972.553:4292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11022 comm="syz.6.2713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d2fe6e969 code=0x7ffc0000
[  169.027649][   T29] audit: type=1326 audit(1748912972.553:4293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11022 comm="syz.6.2713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f7d2fe6e969 code=0x7ffc0000
[  169.051501][   T29] audit: type=1326 audit(1748912972.553:4294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11022 comm="syz.6.2713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d2fe6e969 code=0x7ffc0000
[  169.076039][   T29] audit: type=1326 audit(1748912972.553:4295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11022 comm="syz.6.2713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d2fe6e969 code=0x7ffc0000
[  169.100424][   T29] audit: type=1326 audit(1748912972.553:4296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11022 comm="syz.6.2713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7d2fe6e969 code=0x7ffc0000
[  169.124439][   T29] audit: type=1326 audit(1748912972.553:4297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11022 comm="syz.6.2713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d2fe6e969 code=0x7ffc0000
[  169.220344][ T3391] IPVS: starting estimator thread 0...
[  169.286975][T11050] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2727'.
[  169.300107][T11050] team0 (unregistering): Port device team_slave_0 removed
[  169.309394][T11050] team0 (unregistering): Port device team_slave_1 removed
[  169.318632][T11039] IPVS: using max 1824 ests per chain, 91200 per kthread
[  169.327836][T11050] team0 (unregistering): Port device geneve1 removed
[  169.419697][T11067] netlink: 'syz.6.2745': attribute type 13 has an invalid length.
[  169.922950][T11099] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2747'.
[  169.934919][T11099] ip6gre1: entered allmulticast mode
[  170.084785][T11103] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  170.935204][T11117] ==================================================================
[  170.943556][T11117] BUG: KCSAN: data-race in atime_needs_update / touch_atime
[  170.950924][T11117] 
[  170.953295][T11117] write to 0xffff888103748c90 of 4 bytes by task 11118 on cpu 1:
[  170.961222][T11117]  touch_atime+0x1e8/0x340
[  170.965781][T11117]  shmem_file_splice_read+0x5b1/0x600
[  170.971378][T11117]  splice_direct_to_actor+0x26f/0x680
[  170.976803][T11117]  do_splice_direct+0xda/0x150
[  170.981768][T11117]  do_sendfile+0x380/0x650
[  170.986226][T11117]  __x64_sys_sendfile64+0x105/0x150
[  170.991467][T11117]  x64_sys_call+0xb39/0x2fb0
[  170.996179][T11117]  do_syscall_64+0xd2/0x200
[  171.000819][T11117]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.007096][T11117] 
[  171.009428][T11117] read to 0xffff888103748c90 of 4 bytes by task 11117 on cpu 0:
[  171.017086][T11117]  atime_needs_update+0x25f/0x3e0
[  171.022242][T11117]  touch_atime+0x4a/0x340
[  171.026785][T11117]  shmem_file_splice_read+0x5b1/0x600
[  171.032212][T11117]  splice_direct_to_actor+0x26f/0x680
[  171.037629][T11117]  do_splice_direct+0xda/0x150
[  171.042498][T11117]  do_sendfile+0x380/0x650
[  171.046948][T11117]  __x64_sys_sendfile64+0x105/0x150
[  171.052273][T11117]  x64_sys_call+0xb39/0x2fb0
[  171.056898][T11117]  do_syscall_64+0xd2/0x200
[  171.061612][T11117]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.067819][T11117] 
[  171.070155][T11117] value changed: 0x2101ec41 -> 0x219a82c2
[  171.075977][T11117] 
[  171.078411][T11117] Reported by Kernel Concurrency Sanitizer on:
[  171.084677][T11117] CPU: 0 UID: 0 PID: 11117 Comm: syz.1.2754 Not tainted 6.15.0-syzkaller-11121-gfe4281644c62 #0 PREEMPT(voluntary) 
[  171.097388][T11117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  171.107570][T11117] ==================================================================
[  171.179143][T11125] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2757'.