last executing test programs:

1m5.684535429s ago: executing program 3 (id=103):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0x400}, 0x18)
socket$packet(0x11, 0x2, 0x300)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r1, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r3, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x3c}}, 0x10)
sendto$inet(r3, 0x0, 0x60, 0x0, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
r5 = mq_open(&(0x7f0000000a00)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xd3\xa7\xd8J\xfd\x94#KT\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\x88N\xb8\xde\xeb)\xcd\xc56m\n\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88|0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc\x02\xea\x91\xe8\xd8\x01YZy\xe6!\x89\x9c\xd1\xa6\x167\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1[\x84\x10aF\x9b\xda\xeb\xc4*\x02q\xb2\x92\x00\x8cv\xac AN\xb9\xaa\x81W\x97Te\x81\x98L\xfe\x97+u\xd3^\xb1\xf0\xe0\x1f\xbd\a\xbb\xe5\x18\x9ds\x12ha\x00\xeb\x84\x99\xc6\x0f\xf1\xd5LD\xa87\xa0DQ\x8a2\x16!8,\xbc%$\xf1\xf2\xd6\x9cy\xecK\xda\xc5\xdc\xfa\xdd\xf6\b\xc6\xb4\x14\x16\x9c\x7f\x92\x85\xb0\xa2%:\xf0\xf4\x150\x0f\xb4\xa6d\xb4\xe4L\x19W\xd5\x90\xf7l\x1b\xfe\xde\vh\x97=m\x82.\xac\vh\xfe\x84Q}\x838/\x83\xebP\xbe\xd6+:\xceE\\\x95\xd4\xac\x92\x87\xd7\x98\x97\xe3\xec\xad\xd5\xac\x80C\x84R\x88r^g\xbaQ(\x9a>\xe2\xba\xa8=\x17\f04\x8f\x1f\xf2\x88*@v\xe7\xd1\xee\xb3\xc2\x8dT\xda\x81g\xd9\x1a:hzW6s)x\x06\xae\x11\xf2\x1e\xcd\v\xe5L\x19\x96s\xbc\x9e\xf4\x10$\r\xa4\xd8\xa2\xa2\xfcM\xc5R3~$\xc0\xa5n\x9a W\xb1e\xcc<$\xf5#G\xce\xaf\x88U\xfa\x80\xf24\xf6\xb5\xef\xe2z\xcf\x9eN\x92\xac\x81{\xe6\xbd\xd7\x16\xe6F\xe2\x9e\x91%\x94\v\xb9\xdc\xd6\x87\x8f\xcd\xc1\xb05\x81\x81\xf8\xe9X\xe8Kt9@\xf4\xe1\xa6=\xc9\xe1:p4\nP[f\x1d\xfd\xfa\x839\x8d\x0e\xd1\xf9\xa0\xd2^E\xe5\xedo.\xaa\xf2\xb4\xcdn\x14\f\xcd\x83_yk\xda\xc5\x89\xf0Z\xea\x1d\xbd\xc00\v\xa3\xb3\xbe\xe6\x8b\x18/\xa8\xaaY\xf2\x89\x0f\x9enOOr\x00\xb2\x01\x1f:Z\xb8\xee;\xe3;\x8aPV\xce\xee\xf8[\x16\n\xe6:z\xb8\x1dvk\a{\xc1\x14\xd9+\xdb\t\x11\x90y\xe8\\\xe6\xfc\xca\xb4\xcbC\xd6\xd0\xbeC\xce\xc0L\xdb\xcd\xb3\x907c\xb4\xa6\xce\xdb[\xce\x122N\xa3\xc7Q<\x1a\xa5\xb3)\xc5\x98\x84\x8a\x82\x19\xb0\t\xac\x10\\\x8c\xbe\xcb\raIYe[\xa8\xc4\xac\x0e\xbb\x0f\b^\xdag\xe2\xa9\"\xf5h\'\xcf\xd9\x1b\xef\xe3\xe7y\x82\x1e\xca\x7f\x02 \xcf\x9e\xe0\xd9TM\xb9\n\xa9\xad3\x91\xa5\xe6!\xcd\xa2\xa4\x14\x12\xf9\xbf\xa8b\xcec:\xd7\'\f\f\x957\xc9}\r\xa6\xaa\x0f\xca\x96\xeb\x00\x00\x00\x00\x00', 0x42, 0x1f0, 0x0)
mq_timedsend(r5, 0x0, 0x0, 0x0, 0x0)
mq_unlink(&(0x7f0000000000)='eth0\x00')
close(r5)

1m5.66531073s ago: executing program 3 (id=104):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
socket$kcm(0x10, 0x2, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=@newlink={0x3c, 0x10, 0xff05, 0x0, 0x0, {0x0, 0x0, 0x4a00}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @batadv={{0xb}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x3c}}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
socket$key(0xf, 0x3, 0x2)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r5=>0x0})
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=@newtfilter={0x24, 0x11, 0x1, 0x691522ec, 0x0, {0x0, 0x0, 0x74, r5, {0x10, 0xf}, {}, {0x5}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)

1m4.934692032s ago: executing program 3 (id=109):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r1, 0x26, &(0x7f0000000000)={0x1}) (fail_nth: 3)
r2 = dup2(0xffffffffffffffff, r0)
close_range(r2, 0xffffffffffffffff, 0x0)

1m4.576808789s ago: executing program 3 (id=112):
modify_ldt$read(0x0, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x103, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0xb95b5ec032cc8e84}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@rights={{0x10}}], 0x10}, 0xc0011122)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000014c0)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000702000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff6d6405000000000065040400010000000404000001000000b7050000400000006a0a80fe000000008500000053000000b7000000000000009500001000000000a80501363034fdb117168bd07ba00af739d1a1ee35fe163a255c33282044b32495ef8ab9adc67ccc945f105d802f5132143c0a9fc7a84452569957c1002ed7d4d8e17f791f4798c8eb483e9973320d046c3126c6afcfd84de03352c69b3edff5be26f8ffa5f8f2879021c2ea53ea79acd7fb38dd1abb75aa393cea26d465637d11f705000000473e7b7c4ae7dd5e4dee88518ddf12dddd4bfc6a4dd3b6beba51074229b0d4b504516c4c3e5d1aa044d8d00728141cd67bcd68f253288e655c6b34e02e90637ef2912ba7de26ff2357ef17f95a25780c3a057844f226ef4e912f01a201e694e3806e8c70e8b69524cd19f7525d8d66bb766f7f3f918c86a70252236800001897133af94a5a4cfc794d8b9d7c33632152c48eaf302f0b2e0c252b00000000000000006f1bbefbe08de65e3762e194ba4cae8b13535d7d11ee917bca4885bbf597a14ab2458efce78510d86272d88e0c8088f404f011289ebc5623faa1182632161e073af1d69a2e36bed435000025ecd201d2ffb0a7fa4f5d11060cdcf071defd0a8be3b69ce3e4f361aca75827426dde87fdf4617222674280f55e98107450c19b9d86329bd5b4697336112b0b8754ce3574046bf6114d1a88597850b77378fa8edfff8faf8b8ec039bab385cac0535373bb8fab90539b1a65ddff841eb671f3faf37ebdfccea0c002ad2b42047c9ec43193ccf617dbf8a12b4f189edbf9fb7c42b1f435ccd4d96822e6b70100912c92e3943e9c4f45d8bcd528fa8a3ea847f10e9b2506f3bb506f1d7fbde8010000000000a073d0de5538ab42e170b3baae34c35987b0dda497ac3f5e97e6e6aeea15c6d5ed24310100000003bb6030f84b63aaf8690db0221b1705c501f802ff59b4e683efa4b6e77e042072bd2ac37d413008ec9eb8166f6e28b49a77ed91befc65315896f88a8fb1dd679fb4c515f8b7a5b7aca6a251a89d47b728502f7e621cc0e3ba04000000c149ee6601728c750d304197c22da8650579475afd96187d881e93b42a5fdfd686d8900c44c67133dad58037fda65885a15a429edfe3027a5ebf95254744f10fd607bc3300b94932b8d944e0b083bbd86b19cb074577a25ff581d92af08a06f857310a2f14326b0b290205e91a682e00c8762cbc6b904c980eef6e6a1def886c95676dce6a8194479700a02b92bdc8d05eae1f24fdd7b80d1bb404c22f681594de2ebb9687219de8d73ac83823feb402a2415a9850d5f0183ec67be96dc0e4c2d7acf1dfe79d6771903b76e21190c22d641030e1ddacf006c3116e1803af20a5f2b5f7ba58aca5bcabbbab24414a3810788e5503e4be66d683daac5f0001000077339b4200000000108a3c87b19d5b9a00c75d84a92d6dcf00ba96edf35ede0e2b57c26e94801b498924166bde57d5f24258d9fd028096cc15a8b912b494d4bbe609031ea1ca65a548971d5d16296dd08e020000007a27310d5d01f8a8a0f5212d7f628f554afea715ccbc66cbb1016490f5d579308cb3188cf2fcaf67e0c16443d526ba4b968f07ae362c2133c168313e84beb871203880dd453c45d0a137d7f5a8b039dbfa62fb2b4214f8e69f967bf1fbd89e77fcca110000000800000000000000f8877994ebdc35f7efd41e3babd9b3782edd6776d5b6cb4ecd72c9de9b5503747d71440378cf2c2c7ea2dc5febb654a867f853713cf4c0bb322fbbe446d18dee4c821275ef18259cafc346c8b3b9fb0f3adcf6ea310a6b9a3f59e29a5909ea047fb61affb4bc8bbea1fb761b8933795b1a91358a7791aa843d07020e8bb6fc18458c49ac6313e7165b7d9f65e94a62b69f1011b94340cdb7303f01e5cdb5682ddf73d65c3de1d88dd7496d6345d5b9de0223988056a53e19a8b96b9640bc6c09d3c2ff894d626b57c776ed53f94d5e22ff148061b37f72bd92924cb1d0a725e19b264346b7cae0251a850de78316503f3c3d395c7e3f04fc8d52583327cd2341ce4b2d092815376299686f41353b2823814563011a2223b9dd00000000000000000000003a131374a3371cb3e2a9bb4d798b91cefa444501f40b7c9589e8c0bb6c82123d2b45ce905d0903b32ecf30e828c71a07a83f3275f3d661d1af0ffbd5d7f0"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r1, 0xfeffff, 0x680, 0x3f000002, &(0x7f0000000700)="c45c57ce395de5b289f07d637a223920f181c2e57d71483cfb2d075a3ff07258e080a194805cdb0c26d3f7ffb1e0d9cf4fa36dcb2168b72de48ac8f93e6804f1c4d70898d0810e044d7e1778eaac5dfdcc9f1208905522025bcfdf1b6f969b094d5c022c2b7ffefde71e0627b9a2069cc1e0175c4b8860aad4b0a103c589f676b6c4e85eb3950c533b6e62c39ccf9ae9bfe54ee5887358d44f46337fbe090d7c7e55847edee8130ffd3d1e719e01a68b0e691c0d35b0b56e0b514036342fd56f08ac0083f3c2fe41a1295a3d23cf3d160d4fd90f66beba68860456ed41272e1e68d16c2564c85f5556e18784113c493d13253e14d6eb891707fba3c30d07d5ee8619e4426cafec4cf6a3723c455d09b586b248", 0x0, 0xf0, 0x0, 0xf0, 0xffffff0c}, 0x40)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
close(0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r4}, 0x10)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000300)=@generic={&(0x7f00000002c0)='./file0\x00', r3}, 0x18)
r5 = syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x808003, &(0x7f0000000000), 0x3, 0x4fc, &(0x7f0000001500)="$eJzs3c9vG1kdAPDvOHFIdlOSBQ7LSuxGiFV3BbWTDbuNOLRFQnCqBJR7CIkTRXHiKHbaJqpQKs4ICSFAcIETFyT+ACTUPwEhVYJ7hRCogrYcOBSMxh63wdhJqtpx6nw+0uu8efPj+32uPPabmXgCOLdmIuJaRIxExPsRMZW157ISB82Srvf40Z3ltCRRr9/4exJJ1tbaV5JNX882G4+Ib34t4jtJ0mw4pLq3v7FULpd2svlibXO7WN3bv7S+ubRWWittzc/PfbRweeHDhdme9fXKV/7y4x/86qtXfveFWw8W//bed9N8J7Nlh/vRS83XJN94LVpGI2KnH8EGYCTrT/4kKyf9zwcAgKOl3/E/ERGfjYgnPxt0NgAAAEA/1K9OxtMkog4AAAAMrVzjHtgkV8juBZiMXK5QaN7D+6m4GuVKtfb51cru1krzXtnpyOdW18ul2exe4enIJ+n8XKP+fP6Dtvn5iHgjIn40NdGYLyxXyiuDPvkBAAAA50Q6zp/MNevp5J9TzfE/AAAAMGSmB50AAAAA0HfG/wAAADD8/n/8P9OcJKOnnwwAAADQa1+/fj0t9dbzr1du7u1uVG5eWilVNwqbu8uF5crOdmGtUllr/Gbf5nH7K1cq21+Mrd3bxVqpWitW9/YXNyu7W7XFxnO9F0snek40AAAA0FNvvHPvT0lEHHxpolFSY9kyY3UYbrkXWz3pVx7A6RsZdALAwLjBF84v73/guIH9+CnlAQAA9M/FTz+7/j8Rh67/X3jg+j8Muxe8/g8MEdf/4fxqu/73ixNt9LTen2SAU2WMDxx3HqDr9f/f9z4XAACgPyYbJckVsjHAZORyhULEhcZjAfLJ6nq5NBsRH4+IP07lP5bOzw06aQAAAAAAAAAAAAAAAAAAAAAAAAB4xdTrSdQBAACAoRaR+2sSEUmMR0x9brL9/MBY8q+pxjQibv38xk9uL9VqO3Np+z+etdd+mrV/MIgzGAAAAEC71ji9NY4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgF56/OjOcqscan6333EffjkipjvFH43xxnQ88hHx2pMkRg9tl0TESA/iH9yNiDc7xU/StGI6y6I9fi4iJgYc//UexIfz7F56/LnW6f2Xi5nGtPP7bzQrL+vhTLfjX+7Z8W+ky/HvwjH7Hsumb93/TbFr/LsRb412Pv604o+95PH329/a3++2rP7LiIsdP3+S/4lVrG1uF6t7+5fWN5fWSmulrfn5uY8WLi98uDBbXF0vl7J/O8b44Wd++5+j+v9al/jTWf+T9v4nzZzq9c77fKdt/t/3bz/6ZKcVk4iH38/qHf7/3+wWP3vt380+B9LlF1v1g2b9sLd//Ye3j+r/Spf+jx8RP217r9tO27z/je/9uVnLn3ALAKCfqnv7G0vlcmnnVa+knTkDafSwMnM20hj2SmsUdVbyOSuVwR6XAACA3nv+pX/QmQAAAAAAAAAAAAAAAAAAAMD51fr7/9ZvOffj58QOxxtvVZLk1PsKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCU/wYAAP//VsvQDw==")
r6 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
openat(r5, 0x0, 0x640, 0x2)
r7 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r7, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r7, 0x0)
r8 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r8, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r8, &(0x7f0000001600)={&(0x7f0000000400)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f00000002c0)=[@cswp={0x58, 0x114, 0x7, {{0x6, 0xff}, &(0x7f0000000000)=0x400, 0x0, 0xe, 0xffffffffffffffff, 0x1, 0x3, 0x4, 0xca2a}}], 0x58, 0x40014}, 0x0)
write$binfmt_register(r6, &(0x7f0000000000)={0x3a, 'syz2', 0x3a, 'E', 0x3a, 0x7, 0x3a, 'M', 0x3a, 'M', 0x3a, './file2', 0x3a, [0x46]}, 0x2a)
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1a4a438, &(0x7f0000000f80)=ANY=[], 0xb, 0x0, &(0x7f0000000000))

1m3.995247089s ago: executing program 3 (id=118):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x39)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000380)='mm_page_alloc\x00', r1}, 0x10)
unshare(0x8000000)
r2 = semget$private(0x0, 0x4000, 0x0)
semctl$GETALL(r2, 0x0, 0xd, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents64(r3, 0x0, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
write(0xffffffffffffffff, &(0x7f00000000c0)="24000000200099f0000000000000000002", 0x11)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0xffffffffa0018000, 0x0, &(0x7f0000000000)={0x0, 0x60}}, 0x0)
r4 = socket$key(0xf, 0x3, 0x2)
sendmmsg(r4, &(0x7f0000000180), 0x32bc45944b084a6, 0x0)

1m3.672131924s ago: executing program 3 (id=121):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x8, 0x1014}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f0000000300)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000010000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x2a, 0x0, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000000000)={0x1, {{0xa, 0x0, 0x0, @mcast2}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(0xffffffffffffffff, 0x29, 0x30, 0x0, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000001c0)={r1, 0xffffffffffffffff, 0x60000000}, 0xc)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r2], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
chdir(&(0x7f0000000240)='./file0\x00')
r4 = open(&(0x7f00000000c0)='.\x00', 0x2, 0x194)
getdents(r4, &(0x7f0000001fc0)=""/184, 0xb8)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
shmget(0x3, 0x1000, 0x40, &(0x7f00009ad000/0x1000)=nil)
r5 = gettid()
timer_create(0x0, &(0x7f0000001640)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r6 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
bind$nfc_llcp(r6, &(0x7f0000000240)={0x27, 0x0, 0x0, 0x4, 0x0, 0x3, "e88509de7f1939e8abff005597c8ef039a5be42200", 0x13}, 0x60)
listen(r6, 0x0)
accept4$nfc_llcp(r6, 0x0, 0x0, 0x0)

1m3.671882284s ago: executing program 32 (id=121):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x8, 0x1014}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f0000000300)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000010000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x2a, 0x0, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000000000)={0x1, {{0xa, 0x0, 0x0, @mcast2}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(0xffffffffffffffff, 0x29, 0x30, 0x0, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000001c0)={r1, 0xffffffffffffffff, 0x60000000}, 0xc)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r2], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
chdir(&(0x7f0000000240)='./file0\x00')
r4 = open(&(0x7f00000000c0)='.\x00', 0x2, 0x194)
getdents(r4, &(0x7f0000001fc0)=""/184, 0xb8)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
shmget(0x3, 0x1000, 0x40, &(0x7f00009ad000/0x1000)=nil)
r5 = gettid()
timer_create(0x0, &(0x7f0000001640)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r6 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
bind$nfc_llcp(r6, &(0x7f0000000240)={0x27, 0x0, 0x0, 0x4, 0x0, 0x3, "e88509de7f1939e8abff005597c8ef039a5be42200", 0x13}, 0x60)
listen(r6, 0x0)
accept4$nfc_llcp(r6, 0x0, 0x0, 0x0)

3.924381643s ago: executing program 4 (id=1061):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)
preadv(r2, 0x0, 0x0, 0xe, 0x800)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000000000000000000000000000a608000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r3, &(0x7f0000001080)={0x28, 0x0, 0x0, @local}, 0x10)
connect$vsock_stream(r3, &(0x7f0000000040)={0x28, 0x0, 0x2710, @my=0x0}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x600, 0x0, 0x0, 0x6}, [@IFLA_ADDRESS={0xa, 0x3, @random="99fa3a1c872f"}, @IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x44}}, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f00000005c0)={'syz_tun\x00', 0x0})
madvise(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff)
syz_genetlink_get_family_id$nl80211(&(0x7f0000001000), 0xffffffffffffffff)
bpf$MAP_CREATE(0x1900000000000000, 0x0, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='rxrpc_conn\x00'}, 0x18)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000fc0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmsg$inet(r6, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001400)=[{&(0x7f0000000080)="3bfdd75fa5717852d59a9367444a2130e72cd4dabc8854532cca0c32a5b9f844a4610c7525650ce3d3b76b15026d93e6dee896115e9364066aa3d14e33ef732b4681335c576902153114bdb9c74b538a71115fb1d1a63d1b04129661b29aab89d0be999a6b7c9bea755adedbf305a79f70b71d3d4c98577b49db4963ce89b0def5e840f459659cb6f86d56b069a5de11d601d348ff88ca6e5e2cfe40176880b33e9e8dbc32ba2e6a99b1b50276dc4f06166000d7069a3cc76f", 0xb9}, {&(0x7f0000000180)="892950e2405ee8629d9384a91c16d1706a3e61f305119f95cac0f1927f4c205b971eb41147cb1f86883d6910e68ac3996551800b3ec64b77f8444b18345a2c8b178eeeba0cde7319a5a46bfe7f5770e019efd9d52069edcced33a758c4e657f3a792dc193a1911b4e82ea800ad7afe03c851a8", 0x73}, {&(0x7f0000000200)="a68cde0d56b170df7710b54f17d9a39c4f98f3547190", 0x16}, {&(0x7f0000000300)="87fb74cf4d67adbbd062637f514c1f5eb18d7b442e6457a356c6cb1f71a43dfae773c8489cce5145f92615d4bdb13ef54d6ae90ec7733180fcf5adf3e13fdb05b57b748bd14eda042a97fdd84498304a504a0a159b972e8200c2d0f536a3465ec498ed12b924bd134057df36129d3ebe3dd3ce9f0671e5278143e4afa3d43f444681de1b5f9725fca34fa357fe2154981666fb9dc202fc17a0199eb1c25bdd1005e590e84783ee9894c888998dc25a83c14aeee31d114acfa0bcd235d571cd765f4b9259ba43e6fc30291d8a642146c4771898030b736aeee6b247abb0784b154e104e7dcda401f9b1736fea30a41a4153fe6a9a525bd0a3487571f914f05b590e242341ade289d8f5b842c6be4a93c2755dfd47174def782a2f8f61c068b5a012f02c0801601e860def788121e8808c01fed4c920a3698d0d684920918c95b17f76bbcb4f265c931d8f79560ff8114b70f4dd6791e2ed70cfeb89905791b88be26efe1c5c66b7b50b3d2be0dbc066dfc31618f9507f6f340b85a2f76a6dcac9d6ccc289ace5e5fecd25afe22ffa451f5e365ab33cc985f2e9d7f7fb1be4794740a94215d7db14b0ffcec19e5e3c5ae0d8578ef3b65d2a7a77a11e390a6c3a6b391061c886b961e3c2f42d62047bfe1356a44b840d3d956105f4c0fa95db08c4933f00de77cdc057c28b41fecfc8398c442be1ad065954f6c9dfeb2fd7207e8548a00a1d50bdf522d2abfdafd71723616a34830fbfa8fc81e0c2639cc12f363a4919b7a00ac8189dad3e7e54122a2ef430f623658d5e281c9a19442995bb9b0e3f7d13e3016b6f9523be196bf23bbcc5ec802f43ef8b651d688d9d5a44f35c9847e4c32bce3e9ebed2326adadc76f06a195db32c80b3090d7cd65c9d8518ba4e528c5eb5c7a1c5695b21595fa8a8621734bfda8afddd65e1f37a1990220a00fa9bd2c22b0117ceb08ae6af3c944c2eca924abfddad065d1472d0c3f742a49b1e78c669471873706ad157d831d7482b773f07b0673a6ce1e227a7a4d13744bf459434c0ab1c323a38b1a84cbf1ce9741f2b8fdcc2e073e56171603d035aacd83e71d5132831f4f1e8bf517979f132a33fd03783272e9b8c96dfa4e1d320a58d82acfc8d3d53a5a52daafe4dc8be08f4ad53e11cc21374b6ff4ff5ea2ecc5d3f7c057f74f0098e57d990090475cdaffdef0da917653ed10fb70b94b72e5b4d95cbea0fc1dd2579635ad6ab545ba4d7b6d2f5442bdb78beb6c8ed62942a439117025b4566b48d9f3a17fdf4577e8606a4bc4c26557e58312fd2d1a541ebec3e5ae28eef8b2ab0597083716dd12889335570ee7839530eee879d9b137606cd4dd7103991671b4464bb68529eb19fb7a8845e3491bfbac688a87cf0744f429ea112014402915c4c1f6bae08d689d3cb7d641d7befe8fc74a2242310a9a367a39531b4c86da5b39df524e52f33ff9c40b48cb196ffc9ca855b6e698ade8a83e52b9ddc5031ff09e1907e4f8b0d07e64e1fb8e427f8819a7be907aa216bf8e2a4c7cc87ed53bf9490d4cc788b91f3b9f705e984a7e62c7a495e8421b97c39dc954b35468f17c6682334f4e16308448f457faeffff6d1f818522fa441d3a48168bdb12ffebace436a3915b63076cb6a655718647f87eaaf313b5bbd430421eed3a2215e439600a56eac8c65291eb103326a8034662bd337ab51577d9110ec7151be5cc9c54b2a30891acac5ad006ed537dbeb8f16eecbde7cf4e71373faf3c36b772f6d7ea9346875c8cf1049d49d4f8eb01b946c11e8c8e3ab2015f282167acddcc77fff03e1be9134252af0abfe538b4d25fc4ff874b52b9fb0996b5f32b4141dbd30578ff46e13ef6c63fc1620f62cb11a3dce401993976c272a5f62fde3f2a0e654d19e7a39dcdb622b9526d2a15cc18e6f817c916a00775353dd9c8954e66d0445b59bb0f5e6e3b46447232f52a0e398b057d123ef503afcbd48544db6434d2025bfc8dab72262a4fa5426a03061e7f8966e0086ff8ab5a91ab59f19b830394ee8bc76d6fb4816b8f4cde35b7eb9d3811228d51c54828f97fd1e648196c81bc73ed56249a59f318704e84656a6cedd2b8c1e1808d1cc648749abc643131e494c01336d4a14b8609656f2c972dc23c5c2e43fe40119fb88b5ec2aade35c03646e347354c493de8ab3672ccf94af0df333c6678299129d79be0eec281c5b3858ce3995566a390b674635b356692e3e9c53a089638ba0d69e772b7b410a5ae03de12e7de755ee559e1707b7b8003aabc8e2ce03c01e3183ff2d93262f6d5ceaafecdae66bc7cb3952c5a6571d864d502f281db5a228695badca5d022fdb6da56ab15dc377d1c1f8581ff56e28c2b2a84edb629547d28275c2ed571103b4ca7cdeb0776ba9f9dffcd78d21c3d4caa9289ed199672f4e7b912068c49c817114c37d37ea03954bae87d1ddae3da2ad85feb2fbb735b75a51f7bee5c8d88cc7bf64700d1a46ec6b631ae22ac7b06730a86a26bdcb992e1c7b50142de96b14a8468e4514068a30896fc677fddefaebb125c693a8d460469c7fe535f844781940f66d6abd091191c3122d584f5b0f5b0d443713d7d5186124d73de28aca30b719d4a55e09d259bddbf16995aeb1000880890afbd24d4066b0398985a40999de22ce176348e1c1f57eaf75b92a1e4f1482e89a00ac2cc36b20e36af9ec310599c19a5b1d6f8fadba104c58c801c6633315f82ebfa88faddd0b693e2f827f586c1cc5538e93bcf10f81af6dd7ee727df3b5018c0b4e31e40d040a47503b6ace4d29a1162ce487351825255f5584aff7cbd421f85c3d9fbb3784abd9848f16028b68f0d32ed8bb80106e8cc4acb939ff88bd39976d166b2addebf628b3fcd056da2f60e1b90f7a32702954921908ebccb683622a1f574ceba6951bef5e751c338c8279318dc28e36b9fc2bb17c3ad08aceb00fc388e6db112a738f86a4a1eb11526e1b9d73250b326285ed47c4398d93a3933d9a784249b65ad7d78a1f81d96ef36493ed693045a2150a8eb43cecc0c93e7d20b15b39a0646b081c2923b816365b7fbb41683a41732d942c5aa12faf876ec7f036becde8f3295af6dacff38d076d8e06260fee167703bb610745374a2758a6b88e465ca77d1f3105ae8b6b04a1eb509fb178d6249dbbc84d5d1d069278449a89d03e4a9a395d8170c329a296cfc329798cb9b9f1078d098cf3f989fd4ec53e013fbe917df35292d44fb1f3da4da4432a1847d4721514ade8cda5e5c0b51183580fc35266a970ebba74faeda56d4dcb56df51f96ad237452cedbd0cb2bee112713c3d450835811bf3da9745136d428e148fd0932dc77c8d8e61a16c625241fad8425b4ece394eedd5f165bd94923bfa1172be8edc8a4fcaae5f77ee8cc510192b27964da09c3e84efb4bc7154da1a24da8b7e544b42278d2574687ec76143afa6cf193d52a2a7f4c20ee57b6056a1337d5e408117a6cf1ab49c8980f39597f69902085d3e8d374d44e6ab4ed1185a26be2bc7281e9cfbbeb6bed899aa1924d3faa06d95999fbeaf2337494e0c2c39eef5a73fcde84459a9ea48d4e015d9e5bb5839354967ce02f637bc8678d2595b9a918fc36b927d7501f0ac2e3471ce02b5df355689c87f191ef5390900a41deec29984e45a878ece964b0009aad561316fc3b30ce1b49266d32eb17cd30f3e17e1f59014e8c518940dd0a093d1349c1a7c2581963bbe0ba372b6426e81c33c71b2ec8141c5713e52a37fff0a417a5b259e1420d9fb6a731f5baa0cc494221947895aa8fa14745a986a366bff9d0c239a19f85372497565b5b703da16439019df5f3d29f4247fb528854c9648630f03e9dedde5a08a47728ea6a4d42e62eff6fa3bd402325e0f4387b60171c37c180f958ad80955779c899517e7ea76eed00598e01552eaaf08b723daf9d466e8c57af43a15a46528b1119f5074aa3c51f77357ebe158275bc06b89640d7ce3c0a03af01418d7dc6ae8a1be8ab08c1722d66d1e9277480b8b178447667c024f9b78f8a878a2d7cf8e83e5104f6964b2907a989abafc7d7d0df941abf3d7283b6a11d46c2911a42182ec27ab785d92946e1ee8ef44846d561850d2a98c305c382f36d4cfc9b2bfd3b86ef21a0d187adcafbec8268c7d662a34dda1c83c4967097743133bc8c587edf249f5668c34ddb112fa4eb1bea9c8f6a000f1f34428b54688a5e214a7919868b25dbe930e86a243ecf54afe0b518c647d04873d2cf62cb2ab27f00015537a4fd2ea3dc8777abdf3284622347016566da0b9c406ca8c40694e4013a53fbf2e803d51b0bbe5e9df5fc74f66be618856357ccf803c53ed0e3b3fe79f69f0ede9b565d8f7a8ce5aa8cbb4e8fa61be3fd00ffb07e45065498925c14c0b311942d4ed951ad6237aadb5405bc7b2d79e1fd295b7c2ed8efa883e44c86a5053e2f421c6d4dc0c47d3a05d911db37d6efdb8e50fb3f06139ac147bc7162c21aece79eaf72e9779f19eb5395cec3d15a7594ea70a6b373d98651d2215b210f037ea3f8a57ded74474f6fdb64a08b56af52168da70b30aee03472cd8bee5af04cad7303004a4aba464b99", 0xcb3}], 0x4, &(0x7f0000001480)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @private, @multicast1}}}], 0x20}, 0x0)
recvmsg$unix(r7, &(0x7f0000001140)={0x0, 0x0, &(0x7f0000001040)=[{&(0x7f00000015c0)=""/4096, 0x7ffff000}], 0x1, 0x0, 0x2}, 0x40000100)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

2.880980051s ago: executing program 4 (id=1074):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000000000000002020000000900010073797a310000000014000200626f6e641000"/46], 0x34}}, 0xc800)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f0000002540)={0x0, 0x0, &(0x7f0000002500)={&(0x7f0000000940)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000000c000000200003801c000380180001800a0002007770616e30000000070001000400000018000180140002007665746830"], 0x4c}}, 0x880)
perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x39, 0x1, 0x0, 0x0, 0x0, 0x7, 0x1511, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x1, @perf_bp={0x0, 0x2}, 0x0, 0x10000, 0x9, 0x1, 0x8, 0x6, 0x2b, 0x0, 0x0, 0x0, 0xffffffffffffff7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = memfd_create(&(0x7f0000000000)='\x103q}2\x9a\xce\xaf\x03\xdfy[\xd9\xffR8\xf4\x1c\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94\xa0\x00\x00\x00\x90+\xd6\x05\r\x84\x87\x1c\b\xdb\xe2\x00\x00A\x90m\xb6&\xd0\x9d\x00\x00\xc5\xb8,\f\xd4s\xb2\x99/\xc0\x9a\xf2O\xdb\x00\x00\x00\x00\x00\x00\r\x1b\xd3\xff<\x83z\x80\x8fQ|\xf5d\x10\x10\xd7\x01M\x7fML\x18\'\x1a<\xfee7{l\x16}\xa0I\x7f\xb5)l\xbb\x02\xfa\xb7\xb6\xa0]\xda8\xe0~\x1c \x91\t\x8b\xbd\x1f\xb3834d1i\x9b\x94\xa6\\\x0e\xe2\xfa\xe5!\xd3\xcf\xfc\xce\xba\xe2\x9f\x05xgL5\x14Y+\xb3\x1axi)<\xf7\x98\xc1\xba\xf4|\xe7|\xc4\xd7\x03\x00\x00\x00\x04D\x15E^7%8\x94y\x98\xf0l\xa0\'Q%\xd4\xda\xee\x81}\xcc\xfd\xa2\xe3M~x\x96\xe3]\xd70\xa2\x17\xca\xde\x1b\xaa\xe0l\xfc\x85\x8fc\x1c{|e\x8bs\xb0\x85E\xce;p)\xf8\xa6\xaa&QC4V\x81\x04\xcf\xd2\x81\xdc\xdf\xd7<\x9f\x93\x8bX\xd4\xea\xb2\xff\b\x92\xc7\x00\xef\xff\x00\x93\x1f\x92\xa7dcY\x9c\x9e9O-\xfcF\xbb\xbd{:IR\xea\xd8$\xe2\xa0\xc2\x8b\x1a\xead\xb8\xe1:6\x15M\x1d\xdak\x8c\x909\xd8\xb3\x02\xe0\x04\x9c\xc2\x06|\xf0\x0f\xa6Y&r\x9b\xc7\x1d\xe7jDf\x87@\x8fg\x15RJwe\xe2\xdcunu\xff`\xa40\xce\xffB%\xe4k\xff\x8d\x06\x0e\x89\xd9DC\x9fF\x9c[M=\xe0^\xa8\xed)\xe8Z\xe8\x99&\x87\x04\xa4\t\xaa\xd8\xd6\xd5pG\xcb\xc4\x8b\xf7\xb8#\xcb\xd8|\xa5\xa6S\x8b\x8cv\xb7)\x02k\xf3L\x03\xbb\xfa\xe1\\\xf1\x8cUj\xd5\xa5\x88GL\xe7_\xfd\x17C=G\x0f\xe9u\x1d\xfeg\xfex\xcd\xaa\xad\x906\xd0sy\xc6T\x93\xae\xd5r\xc8G\xc5\xfdS\xff\x04:`\x1e\xe3;l\xcd&\xd4\xf4\x8eum\x04\x00~\xfa\x05\xd7\xe7X\xc7/\xae5\x93wwT\x13\xbd,\xd6\x16\x84\xcd\xd1\xd8\xe1P_\xbf0\xd8\x8d%Yh\xb5\xb4\"\xf5\x93\xdeh\xce\xa5\xe8\xc8\xec\x88\x89\xf07{\x95\xc9\xd0\xee\xe1\x1d\x80\xcc]-\xc2\xa1\x02ELhI\xd9\xf5\xcfk\x8a&i\xc1\xff9T\x8e\xe2rY\xa3\xd2H9\xfe\x0e\x1e\xac\x0f\xc3\xbd{\xd9\xcc\xbe\xa9\x93\xe0\xa4W\x1cn>\xc1\xf1\x9e\"\x93\x19\x19\x1a\xcc\x7fy\xd2~\x05\x99\xe6\x00o\xca\xe0\xc6\xd4\xf5\xa0\xc8P\xd6;\xf3\xc6~E\xacI\xd4\xe9\xa1|>\x91.K\x81\xa9+\xcf\xff\xcb\xfa\x0f\xe7n\x83H\x12\xac\x80\x16\xf8\x87Q\x97Az\n`\xb6\xe13A\xec\x8d(\\D\xec\xa6\t1\xa0h\xfc\x1f\xdd1@-4\xb4:\xf8\xd5wP \x84m\xe2\xd9\xfcb\xa0\xc3\xc9\xe7W\x86\xd7$\xa4ml\xee\x97[\xb7\xfa', 0x2)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000300)=ANY=[@ANYRESDEC=r2], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="180300000000000000000000000000001811", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r6, 0x0, 0xfffffffffffffffc}, 0x18)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x17)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(0xffffffffffffffff, 0x40a85323, 0x0)
mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0xb, 0x2012, r4, 0x0)
r7 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r7, 0x6, 0x0, 0x0, 0x0)
fsmount(r7, 0x0, 0x0)
r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xf, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r8}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r9}, 0x10)
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000900)=ANY=[@ANYBLOB="440000001000090600"/20, @ANYRES32=0x0, @ANYBLOB="adffa888000000001c00128009000100626f6e64000000000c000280050001000600000008000a0079"], 0x44}}, 0x0)
r11 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r11, &(0x7f00000000c0)={0x2, 0x4e20, @empty}, 0x10)
sendto$inet(r11, &(0x7f0000000140), 0xffffffffffffff58, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r8, 0x84009422, &(0x7f00000015c0)={0x0, 0x0, {0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}})
shutdown(r11, 0x1)

2.385116099s ago: executing program 2 (id=1079):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x48, 0x9, 0x6, 0x801, 0x0, 0x0, {0x5}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x20, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e21}, @IPSET_ATTR_PROTO={0x5, 0x7, 0xff}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @private=0xa010101}}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x10004893}, 0x80)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@updpolicy={0x17c, 0x19, 0x1, 0x0, 0x0, {{@in6=@private2, @in6=@empty, 0x0, 0x3, 0x2, 0x0, 0x2, 0x0, 0x0, 0x89}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {0x0, 0x0, 0x0, 0x3}}, [@tmpl={0xc4, 0x5, [{{@in6=@empty, 0x0, 0x32}, 0x0, @in=@dev={0xac, 0x14, 0x14, 0xc}, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0xfffffffd}, {{@in6=@empty, 0x0, 0x2b}, 0x2, @in=@dev, 0xffffffff}, {{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x80, 0x3c}, 0x3, @in6=@initdev={0xfe, 0x88, '\x00', 0xfd, 0x0}, 0x0, 0x4, 0x2}]}]}, 0x17c}}, 0x0)

2.36279087s ago: executing program 2 (id=1080):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010007000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000048000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f0c00098008000140000100075c0000000e0a01020000000000000000010000000900020073797a32000000000900010073797a30"], 0xec}, 0x1, 0x0, 0x0, 0x4004}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00'}, 0x10)
pidfd_send_signal(0xffffffffffffffff, 0x0, 0x0, 0x4)
r4 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000280), 0x40900, 0x0)
r5 = syz_io_uring_setup(0x497, &(0x7f0000000180)={0x0, 0x79af, 0x8, 0x8000, 0x400250}, &(0x7f0000000200)=<r6=>0x0, &(0x7f0000000300)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, r3, 0x0)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
lsetxattr$security_selinux(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000240), &(0x7f0000000280)='system_u:object_r:fsadm_exec_t:s0\x00', 0x22, 0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000140)=@IORING_OP_READ=@pass_buffer={0x16, 0x40, 0x2007, @fd=r4, 0x6, &(0x7f0000000580)=""/207, 0xcf, 0x2, 0x1})
io_uring_enter(r5, 0x74d1, 0x4c3, 0x43, 0x0, 0xfffffffffffffd1d)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0x1}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00'}, 0x10)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000180)={0xffffff, 0x0, 0x0, 0x7ff}, 0x10)
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, 0x0, 0x40)
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./file0\x00', 0x414, &(0x7f0000000000)=ANY=[@ANYRES8=r2], 0x1, 0x2a3, &(0x7f0000000740)="$eJzs3FFLU3EYx/EnZ25OdAsiKKge6qZuDrpeQI1QiAaFOakugmOe1dhpk3MOxiJyN9Ftr0O67C6o3oA30U333UkQdONFdKJzdnTTqVM3t/T7Afk/2/P/cf7qlOcIbvX+22elgmsUTE8GEioDIjVZE0n/q+pO1NeBoB6SRjW5OvLr2/l7Dx7ezuZyk9OqU9mZaxlVHbv48fnLd5c+eyOz78c+xGUl/Wj1Z+b7ypmVs6t/Zp4WXS26Wq54aupcpeKZc7al80W3ZKjetS3TtbRYdi2nqV+wKwsLVTXL86PJBcdyXTXLVS1ZVfUq6jlVNZ+YxbIahqGjSTneBtvYk1+enjaz27b9WEdPhK4bbvWk42RrrZv55UM4EwAA6DM7z//hrL/9/J+bDdcOz/8izP9dUmt6tMv8jyPBcbJmsv7z24z5HwAAAAAAAAAAAAAAAAAAAACA/8Ga76d8309Fa/QRF5GEiESPe31OdMc+v//Xe3RcdFjDP+4lROw3i/nFfLiG/WxBimKLlRBJye/g9VAX1lO3cpPjGkjLJ3upnl9azMckHuUj6Vb5C6cmwrw2509KsuH6kpGUnG59/UzL/JBcudyQNyQlXx5LRWyZD17XG/lXE6o37+Q25YeDfQAAAAAAHAWGrtty/x70gw0J2doP8+v31+O7/n1g0/31oJxr5y0qAQAAAADAgbnVFyXTti1nH0VcRA4QP6pFTPriGJuKGyLSB8c4rCIhIuEzup/4j/V4Wym/jT2DItLzL8seil7/ZgIAAADQaRtD/x5CX1938UQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABw/7b4fWLR/Sytq7BBvuFzs0D9BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoI/8DQAA///scB/k")
syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x0)
io_setup(0x8, &(0x7f0000004200)=<r8=>0x0)
r9 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
io_submit(r8, 0x1, &(0x7f0000004540)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x5, 0x0, r9, 0x0}])
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r10 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000008850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r11}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r10, 0x8933, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0)

2.223699222s ago: executing program 4 (id=1081):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = add_key$keyring(&(0x7f0000000000), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x38, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x1, @perf_bp={0x0}, 0x10024, 0x10000, 0x1, 0x1, 0xa, 0x20005, 0x2b, 0x0, 0x0, 0x0, 0xffffffffffffff7d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
add_key(&(0x7f0000000100)='asymmetric\x00', 0x0, &(0x7f0000000640)="107e7b10f0312efecab228d1f1aa9b5178c967bac30300000000000000a5329d28a9116d26282109f931fadcd281ff5d05c397fdf7718a05000019f38e04e4b4ac6c1d06346d51009b55e6e17f2c24e7ca7b000000002e74170d173ddf89456682eaa13b9a02c7527322456e72e6cee862bd2eb3cc8f269114ec7f77d4e139f4", 0x80, r3)

2.040193055s ago: executing program 2 (id=1086):
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="5c0000000206010100000000000000000000000005000400000000000900020073797a31000000000500010007000000050005000a0000001400078008001140000000690800124000007fff10000300686173683a69702c6d6163"], 0x5c}}, 0x0)

1.72794581s ago: executing program 5 (id=1090):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b7030000f8ffffff85000000040000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='mm_page_alloc\x00', r0}, 0x10)
set_mempolicy(0x4005, &(0x7f0000000080)=0x7e, 0x9)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")

1.524754754s ago: executing program 1 (id=1093):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f000000850000002300000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x800}, 0x94) (async)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f000000850000002300000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x800}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={0xffffffffffffffff, 0x0, 0x0, 0x4b, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0}, 0x50)
syz_io_uring_setup(0x2c0c, &(0x7f0000000400)={0x0, 0x0, 0x4002}, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='sched_switch\x00', r0}, 0x10)
syz_io_uring_setup(0x5c2, &(0x7f0000000280)={0x0, 0x7b04, 0x3080, 0x8003, 0x25f}, &(0x7f0000000380), &(0x7f0000000480)) (async)
r2 = syz_io_uring_setup(0x5c2, &(0x7f0000000280)={0x0, 0x7b04, 0x3080, 0x8003, 0x25f}, &(0x7f0000000380)=<r3=>0x0, &(0x7f0000000480)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000004c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x68, 0x3, r2, 0x0, 0x0, 0x0, 0x1, 0x1, {0x2}}) (async)
syz_io_uring_submit(r3, r4, &(0x7f00000004c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x68, 0x3, r2, 0x0, 0x0, 0x0, 0x1, 0x1, {0x2}})
io_uring_enter(r2, 0x6e2, 0x620, 0x1, 0x0, 0x0)

1.430967835s ago: executing program 1 (id=1094):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000a00)=ANY=[@ANYBLOB="180100000700002c0000000000000004850000002a00000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x87f}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x8080}, 0x40020)
sendmsg$nl_route_sched(r2, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000001300)=@newtfilter={0x88c, 0x2c, 0xd27, 0x70bd25, 0x5, {0x0, 0x0, 0x0, r4, {0x0, 0xfffc}, {}, {0x4, 0x2}}, [@filter_kind_options=@f_bpf={{0x8}, {0x860, 0x2, [@TCA_BPF_POLICE={0x850, 0x2, [@TCA_POLICE_TBF={0x3c, 0x1, {0xe, 0x7, 0x4, 0xc, 0x9, {0xd, 0x2, 0x4, 0x4, 0x7, 0x401}, {0x4, 0x1, 0x5, 0x10, 0xfff7, 0x4b2}, 0x6, 0x14ff, 0x3ff}}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x3}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x38, 0x1, 0x1, 0x8, 0x7f, 0x6, 0x3, 0x6, 0x1, 0x86, 0x9, 0x6, 0x5, 0x9, 0x5f, 0x0, 0x0, 0x13f, 0xfffffffe, 0x0, 0xd31, 0xf54, 0x9, 0x4, 0x4, 0x6, 0x9, 0x7fffffff, 0xfffffffd, 0x7fffffff, 0x8, 0x0, 0xfffffffe, 0x5, 0x5dbd0fd8, 0x8, 0x1887, 0x2, 0x95f, 0x7, 0x6, 0xa, 0x7f, 0xfffffffe, 0x8, 0x2, 0x6, 0x4, 0x6, 0x402f, 0xd, 0x5, 0x6f9d, 0x0, 0x800, 0x3ff, 0x8, 0xa, 0x9, 0x4, 0xd, 0x3, 0xb8f, 0x6, 0x0, 0xffffffff, 0x8000, 0xffffffff, 0x8, 0xfffffffc, 0xee, 0x4, 0x9, 0x2, 0x54eef174, 0xc, 0x9, 0x5, 0xe2, 0x20004, 0x1, 0xffff, 0x5, 0x5, 0x7, 0x5, 0x7, 0x4, 0x4, 0x7, 0x100, 0x8, 0x2, 0x9, 0x0, 0x0, 0xe32, 0x6, 0x8, 0x6, 0x66, 0x7, 0x7, 0x8, 0x5b, 0x7625, 0x51, 0x6, 0xfffffffe, 0x0, 0xa4d, 0x2, 0x10001, 0x7, 0x8, 0x3, 0x8, 0x3, 0x6, 0x3, 0xffffffff, 0x3, 0x0, 0x400000, 0xc55b, 0x8000, 0xf943, 0x4, 0x3000000, 0x2, 0x10000, 0xd, 0xffffffff, 0x9, 0xd3, 0xfffffffb, 0x4, 0x9, 0x401, 0x82baa23, 0xd, 0x0, 0x6, 0x21a, 0xe, 0x1, 0x1430, 0x8, 0x4, 0x7, 0xe, 0x7dab, 0x4, 0x5, 0x4, 0x3, 0xfffffffe, 0x7, 0x6, 0x8ef6, 0x7239, 0x80000001, 0x0, 0xd41, 0x6, 0x2, 0x4, 0x200, 0x8, 0x5, 0xc14, 0x7324, 0x4, 0x50f6, 0x5, 0x4, 0x3, 0x2, 0x7, 0x4, 0x6, 0x5, 0x3, 0x7767, 0x8, 0xe0ba, 0x4f, 0x3, 0x4, 0x7, 0x7fffffff, 0x3, 0x3, 0x5, 0x8, 0x4, 0x80, 0x401, 0x7, 0x1, 0x0, 0x8, 0x7c4, 0x3, 0x6, 0x6, 0xe8, 0x0, 0x6, 0x6, 0x3, 0x8a4, 0x1, 0x9, 0x9, 0x9, 0x200, 0x7, 0xd235, 0x9, 0x7fffffff, 0xf7d, 0x8001, 0x2, 0x7fff, 0x9f7c, 0x7, 0x4, 0xf, 0x1, 0x2, 0x6, 0x400, 0x5, 0x80, 0x400, 0x5, 0xc, 0xff, 0xffff7002, 0x63c, 0x9, 0x1ff, 0xfff, 0x8, 0x8c, 0x40, 0x8, 0xed6, 0xf6, 0x0, 0x3, 0x9, 0x10, 0x9, 0x6]}, @TCA_POLICE_RATE={0x404, 0x2, [0x8, 0x6, 0x8, 0x8000, 0x8, 0x2, 0x9, 0x5, 0xfff, 0x3, 0x101, 0xbf7, 0x8, 0xff, 0x6, 0x113, 0xffff, 0x1, 0x8, 0x7fffffff, 0x6, 0x9, 0x33, 0x5, 0x2f7, 0x100, 0x21, 0x4, 0x7, 0xff, 0x6, 0xfffffffe, 0x7, 0x8, 0x1, 0x8, 0xf33c, 0x3, 0x1, 0x80000000, 0x62e, 0x3, 0xdb2, 0x0, 0xe00, 0x4, 0x2, 0x3, 0x2, 0xfffffff6, 0x5, 0x3, 0x7, 0x8, 0x1, 0x7f, 0x8, 0x6, 0x4, 0x3, 0x0, 0x803, 0x1, 0x5, 0x0, 0x8000, 0xfffffffa, 0xb7, 0xc8b6f5a2, 0x6, 0x2f, 0x7ff, 0x9, 0x8, 0x6, 0x0, 0x8, 0x0, 0x0, 0x5, 0x8b34, 0x2, 0x7e, 0x4, 0x4, 0xfeffffff, 0x1, 0xa, 0xfffffffb, 0x3, 0xffffffff, 0x0, 0x4, 0xd6, 0x7, 0x4, 0x3, 0x8, 0x9, 0x8, 0x2de0, 0x5191, 0x6, 0x401, 0x7, 0x9, 0x7, 0x3, 0x6, 0x1, 0xfffffffb, 0xb839, 0xfffffffa, 0x4, 0x769, 0x7, 0x7f, 0x6, 0x7, 0x4, 0x8b, 0x4, 0x0, 0x5, 0xf0, 0x42490, 0xd, 0x3, 0x5c, 0x80, 0x2, 0x800, 0x8, 0x6, 0xff, 0xffff0000, 0x3, 0x10000, 0x80000001, 0x5, 0xffffffff, 0x4be24694, 0x2, 0x2, 0x100, 0x5, 0x1, 0x7, 0x4, 0xffffff95, 0x5, 0x0, 0x78a2, 0x6, 0x1000, 0xa, 0x7, 0x4, 0x340, 0x0, 0x0, 0x7, 0x101, 0x2, 0x7ce2352, 0x7fffffff, 0x5e, 0x8e5b, 0x3, 0x8, 0x9, 0x1, 0x80000000, 0x7, 0x301, 0x91, 0x3, 0x80000001, 0x7fff, 0x1, 0x3e79, 0xffffffff, 0x8, 0x525, 0x7, 0x6, 0x2470a614, 0xe, 0x8, 0x5, 0x7, 0x0, 0x5, 0x4, 0x1, 0x1, 0xfffffc1f, 0x6, 0x2, 0x1, 0x9, 0x7fff, 0xffffffff, 0x4, 0xffff2b7d, 0x4, 0xcdff, 0x9, 0x0, 0x49, 0x6, 0x0, 0x5, 0x9, 0x7, 0x8, 0x7, 0xea, 0x7, 0x7, 0x2, 0x5, 0xff, 0x6, 0xffff, 0x4cd, 0x7, 0x3, 0x3, 0x10001, 0x0, 0x6, 0x7, 0xffffffff, 0x7fffffff, 0x1, 0x4, 0x7, 0x8, 0xb, 0x7, 0x0, 0xcb65, 0x6, 0xe, 0x240000, 0x9, 0x8, 0x8, 0xfffffff8, 0x9, 0xf, 0x8, 0x5, 0x9, 0x100]}]}, @TCA_BPF_OPS={{0x6}, {0x4}}]}}]}, 0x88c}, 0x1, 0x0, 0x0, 0xc004884}, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000600)=ANY=[@ANYBLOB="7c010000190001000000000000000000fc0200000000000000000000000000000000000000000000000000000000000000000003000200000200020000001d008f1700000042adafd1ad498b97d1ee287bb6d960cfd57c975a9bb7c8fd238ec30e2526ea80e03bc35af64b39a84887a3e0e28412037851054c3d6550322d3b974af40593daa3461f43ca8d09340d84bf2d9f0adbba2904aff2b99304b8335fff06a3e6567691d23691451b2a9c5ea63222ebfabbfc288b07dbe5255bebb974385fdb71a8fa100feeb74b2a06f092e6a219c46ce994f19cf989a3783d5b80d331bea1c2bc0f42694b5c5f79e27dc3cf2771a1ce56881028eda0ab9b069bbf0beceacbafab7f2aa1a5d94dd3d60dc1a4dcbeea2b94b1dbc54763a4637f5fcbcb4c50b0a69f48653eb7", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000c400050000000000000000000000000000000000000000003200000000000000ac14140c000000000000000000000000000000000000ff000000000000000000fdfffffffc02000000000000000000000000000000000000320000000000000000000000000000000000ffffac1414bb000000000000000000000000000000000000000000000000000000000000000000000000000000002b00000002000000ac141400000000000000000000000000ffffffff00"/308], 0x17c}}, 0x0)

1.344824177s ago: executing program 0 (id=1095):
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000200), 0x8)
r1 = syz_pidfd_open(0xffffffffffffffff, 0x0)
splice(r0, &(0x7f0000000440)=0x6, r1, &(0x7f0000000480)=0x44, 0x2, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
r2 = socket(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0xe64, 0x3, @empty, 0x2}, 0x1c)
connect$unix(r2, &(0x7f0000000100)=@abs={0x0, 0x0, 0x4e23}, 0x6e)

1.344404827s ago: executing program 5 (id=1096):
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x3ff, 0x8006}, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'ip6_vti0\x00', <r2=>0x0})
sendto$packet(r0, &(0x7f0000000180)="10030600e0ff020004004788aa96a13bb100001100007fca1a00", 0x10608, 0x0, &(0x7f0000000140)={0x11, 0x0, r2}, 0x14)

1.290366898s ago: executing program 0 (id=1097):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010007000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000048000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f0c00098008000140000100075c0000000e0a01020000000000000000010000000900020073797a32000000000900010073797a30"], 0xec}, 0x1, 0x0, 0x0, 0x4004}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00'}, 0x10)
pidfd_send_signal(0xffffffffffffffff, 0x0, 0x0, 0x4)
r4 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000280), 0x40900, 0x0)
r5 = syz_io_uring_setup(0x497, &(0x7f0000000180)={0x0, 0x79af, 0x8, 0x8000, 0x400250}, &(0x7f0000000200)=<r6=>0x0, &(0x7f0000000300)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x35149, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}}, 0x0, 0xffffffffffffffff, r3, 0x0)
mknod(0x0, 0x8001420, 0x0)
lsetxattr$security_selinux(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000240), &(0x7f0000000280)='system_u:object_r:fsadm_exec_t:s0\x00', 0x22, 0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000140)=@IORING_OP_READ=@pass_buffer={0x16, 0x40, 0x2007, @fd=r4, 0x6, &(0x7f0000000580)=""/207, 0xcf, 0x2, 0x1})
io_uring_enter(r5, 0x74d1, 0x4c3, 0x43, 0x0, 0xfffffffffffffd1d)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0x1}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00'}, 0x10)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000180)={0xffffff, 0x0, 0x0, 0x7ff}, 0x10)
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, 0x0, 0x40)
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./file0\x00', 0x414, &(0x7f0000000000)=ANY=[@ANYRES8=r2], 0x1, 0x2a3, &(0x7f0000000740)="$eJzs3FFLU3EYx/EnZ25OdAsiKKge6qZuDrpeQI1QiAaFOakugmOe1dhpk3MOxiJyN9Ftr0O67C6o3oA30U333UkQdONFdKJzdnTTqVM3t/T7Afk/2/P/cf7qlOcIbvX+22elgmsUTE8GEioDIjVZE0n/q+pO1NeBoB6SRjW5OvLr2/l7Dx7ezuZyk9OqU9mZaxlVHbv48fnLd5c+eyOz78c+xGUl/Wj1Z+b7ypmVs6t/Zp4WXS26Wq54aupcpeKZc7al80W3ZKjetS3TtbRYdi2nqV+wKwsLVTXL86PJBcdyXTXLVS1ZVfUq6jlVNZ+YxbIahqGjSTneBtvYk1+enjaz27b9WEdPhK4bbvWk42RrrZv55UM4EwAA6DM7z//hrL/9/J+bDdcOz/8izP9dUmt6tMv8jyPBcbJmsv7z24z5HwAAAAAAAAAAAAAAAAAAAACA/8Ga76d8309Fa/QRF5GEiESPe31OdMc+v//Xe3RcdFjDP+4lROw3i/nFfLiG/WxBimKLlRBJye/g9VAX1lO3cpPjGkjLJ3upnl9azMckHuUj6Vb5C6cmwrw2509KsuH6kpGUnG59/UzL/JBcudyQNyQlXx5LRWyZD17XG/lXE6o37+Q25YeDfQAAAAAAHAWGrtty/x70gw0J2doP8+v31+O7/n1g0/31oJxr5y0qAQAAAADAgbnVFyXTti1nH0VcRA4QP6pFTPriGJuKGyLSB8c4rCIhIuEzup/4j/V4Wym/jT2DItLzL8seil7/ZgIAAADQaRtD/x5CX1938UQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABw/7b4fWLR/Sytq7BBvuFzs0D9BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoI/8DQAA///scB/k")
syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x0)
io_setup(0x8, &(0x7f0000004200)=<r8=>0x0)
r9 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
io_submit(r8, 0x1, &(0x7f0000004540)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x5, 0x0, r9, 0x0}])
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r10 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000008850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r11}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r10, 0x8933, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0)

1.236887099s ago: executing program 5 (id=1098):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0x400}, 0x18)
socket$packet(0x11, 0x2, 0x300)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r1, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r3, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x3c}}, 0x10)
sendto$inet(r3, 0x0, 0x60, 0x0, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
r5 = mq_open(&(0x7f0000000a00)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xd3\xa7\xd8J\xfd\x94#KT\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\x88N\xb8\xde\xeb)\xcd\xc56m\n\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88|0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc\x02\xea\x91\xe8\xd8\x01YZy\xe6!\x89\x9c\xd1\xa6\x167\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1[\x84\x10aF\x9b\xda\xeb\xc4*\x02q\xb2\x92\x00\x8cv\xac AN\xb9\xaa\x81W\x97Te\x81\x98L\xfe\x97+u\xd3^\xb1\xf0\xe0\x1f\xbd\a\xbb\xe5\x18\x9ds\x12ha\x00\xeb\x84\x99\xc6\x0f\xf1\xd5LD\xa87\xa0DQ\x8a2\x16!8,\xbc%$\xf1\xf2\xd6\x9cy\xecK\xda\xc5\xdc\xfa\xdd\xf6\b\xc6\xb4\x14\x16\x9c\x7f\x92\x85\xb0\xa2%:\xf0\xf4\x150\x0f\xb4\xa6d\xb4\xe4L\x19W\xd5\x90\xf7l\x1b\xfe\xde\vh\x97=m\x82.\xac\vh\xfe\x84Q}\x838/\x83\xebP\xbe\xd6+:\xceE\\\x95\xd4\xac\x92\x87\xd7\x98\x97\xe3\xec\xad\xd5\xac\x80C\x84R\x88r^g\xbaQ(\x9a>\xe2\xba\xa8=\x17\f04\x8f\x1f\xf2\x88*@v\xe7\xd1\xee\xb3\xc2\x8dT\xda\x81g\xd9\x1a:hzW6s)x\x06\xae\x11\xf2\x1e\xcd\v\xe5L\x19\x96s\xbc\x9e\xf4\x10$\r\xa4\xd8\xa2\xa2\xfcM\xc5R3~$\xc0\xa5n\x9a W\xb1e\xcc<$\xf5#G\xce\xaf\x88U\xfa\x80\xf24\xf6\xb5\xef\xe2z\xcf\x9eN\x92\xac\x81{\xe6\xbd\xd7\x16\xe6F\xe2\x9e\x91%\x94\v\xb9\xdc\xd6\x87\x8f\xcd\xc1\xb05\x81\x81\xf8\xe9X\xe8Kt9@\xf4\xe1\xa6=\xc9\xe1:p4\nP[f\x1d\xfd\xfa\x839\x8d\x0e\xd1\xf9\xa0\xd2^E\xe5\xedo.\xaa\xf2\xb4\xcdn\x14\f\xcd\x83_yk\xda\xc5\x89\xf0Z\xea\x1d\xbd\xc00\v\xa3\xb3\xbe\xe6\x8b\x18/\xa8\xaaY\xf2\x89\x0f\x9enOOr\x00\xb2\x01\x1f:Z\xb8\xee;\xe3;\x8aPV\xce\xee\xf8[\x16\n\xe6:z\xb8\x1dvk\a{\xc1\x14\xd9+\xdb\t\x11\x90y\xe8\\\xe6\xfc\xca\xb4\xcbC\xd6\xd0\xbeC\xce\xc0L\xdb\xcd\xb3\x907c\xb4\xa6\xce\xdb[\xce\x122N\xa3\xc7Q<\x1a\xa5\xb3)\xc5\x98\x84\x8a\x82\x19\xb0\t\xac\x10\\\x8c\xbe\xcb\raIYe[\xa8\xc4\xac\x0e\xbb\x0f\b^\xdag\xe2\xa9\"\xf5h\'\xcf\xd9\x1b\xef\xe3\xe7y\x82\x1e\xca\x7f\x02 \xcf\x9e\xe0\xd9TM\xb9\n\xa9\xad3\x91\xa5\xe6!\xcd\xa2\xa4\x14\x12\xf9\xbf\xa8b\xcec:\xd7\'\f\f\x957\xc9}\r\xa6\xaa\x0f\xca\x96\xeb\x00\x00\x00\x00\x00', 0x42, 0x1f0, 0x0)
mq_timedsend(r5, 0x0, 0x0, 0x0, 0x0)
mq_unlink(&(0x7f0000000000)='eth0\x00')
close(r5)

1.193061869s ago: executing program 1 (id=1099):
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000580)='sched_switch\x00'}, 0x10)
r1 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x30000c6, &(0x7f0000000180), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000240)=ANY=[@ANYRES64=r1, @ANYRES32, @ANYRES32=r1, @ANYRES32=0x0, @ANYRES32, @ANYRES8], 0x50)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0300000004000000040000000a00000008000000", @ANYRES32, @ANYBLOB="0600"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0400"/28], 0x50)
dup2(r0, r1)
sendmsg$AUDIT_SIGNAL_INFO(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x10, 0x3f2, 0x100, 0x70bd27, 0x5f5}, 0x10}, 0x1, 0x0, 0x0, 0x4000000}, 0x48080)
bind$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x38}}, 0x10)
connect$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x39}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000006c59850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x3, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_mreq(r2, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r5=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="200000001100010100"/20, @ANYRES32=r5], 0x20}}, 0x0)
setsockopt$inet6_mreq(r2, 0x29, 0x1c, &(0x7f00000001c0)={@remote}, 0x14)

1.14173807s ago: executing program 2 (id=1100):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8070}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f00000006c0)='kmem_cache_free\x00', r1, 0x0, 0x30}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001300)={&(0x7f00000012c0)='sys_enter\x00'}, 0x10)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)
r3 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000000)={0x3ff, 0x8006}, 0x4)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'ip6_vti0\x00', <r4=>0x0})
sendto$packet(r2, &(0x7f0000000180)="10030600e0ff020004004788aa96a13bb100001100007fca1a00", 0x10608, 0x0, &(0x7f0000000140)={0x11, 0x0, r4}, 0x14)

1.113926381s ago: executing program 0 (id=1101):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="300000003e000701fcfffffffddbdf25047c0000100036800c00020007009300000000000c0001"], 0x30}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)

1.107636911s ago: executing program 5 (id=1102):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10)
rt_sigaction(0x12, &(0x7f0000000080)={&(0x7f0000000440)="c4a23d0643b9f0430fc079fff3460f1ec9f081035c000000f30faed446a9000000004e0fae0838c433915492db8876efa1efa12eb22d233333f30fa7d0", 0x90000000, 0x0, {[0x3]}}, 0x0, 0x8, &(0x7f0000000200))

1.037058752s ago: executing program 5 (id=1103):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="020000000401000004000000c5000000881480008eee8f16b218b275bee7edbdcdd44dee47fcdd5d27604968444d6596fc1e10fa3a9e0dac7edd733b1af45476b6d784c56b3a0a18338d1126996d1805199973210379be12", @ANYRES32, @ANYBLOB="0500"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000300000207b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x3, &(0x7f00000001c0)=[{0x200000000006, 0x80, 0x0, 0x7ffc1ffb}, {0x40, 0x6, 0x1, 0x1}, {0x2, 0x9, 0xa5}]})
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0xe, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x4, @perf_config_ext={0xacf8, 0xf3}, 0x1100, 0x5ddc, 0x3a68, 0x5, 0x0, 0x8, 0x8697, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r2 = socket$kcm(0x2, 0x1000000000000002, 0x0)
sendmsg$inet(r2, &(0x7f0000007940)={&(0x7f00000008c0)={0x2, 0x4e20, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="2c000000000000000000000007000000441c05eb", @ANYRESOCT=r2, @ANYRES8=r2], 0x30}, 0x40880)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x161281, 0x0)
write$binfmt_aout(r3, &(0x7f0000000080)=ANY=[], 0xff2e)
ioctl$TCSETS(r3, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, "0040001e1d113c812e5d6000"})
dup3(0xffffffffffffffff, r3, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0900000004000000563c000001"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000b00)=ANY=[@ANYBLOB="1800000000000000000000009df7000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000c80)={'ip6gre0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000001240)=@newqdisc={0x45c, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0x4000000, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_RTAB={0x404, 0x2, [0x1, 0x0, 0x1fc, 0x0, 0xfffffc80, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3f, 0x0, 0x0, 0x2, 0xffffffff, 0x3, 0xc00, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x1000, 0xfffffffc, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0xbab, 0x0, 0x272, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x7, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xfffffffc, 0x3, 0x0, 0x0, 0x0, 0xb97, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x5e, 0xfffffffc, 0x8, 0x0, 0x0, 0x1, 0x7, 0x4, 0xc, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0xb3c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0xd79, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1, 0x0, 0x100, 0x0, 0x8, 0xfffffffd, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x8, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd]}, @TCA_TBF_PARMS={0x28, 0x1, {{0x1, 0x0, 0x0, 0x0, 0xfffc, 0x6}, {0xff}, 0x0, 0x7f}}]}}]}, 0x45c}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
syz_io_uring_setup(0x116, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000200)={'ip_vti0\x00', &(0x7f00000005c0)={'erspan0\x00', 0x0, 0x700, 0x7800, 0x9, 0xffffffff, {{0x19, 0x4, 0x0, 0x28, 0x64, 0x68, 0x0, 0x7, 0x2b, 0x0, @local, @dev={0xac, 0x14, 0x14, 0x19}, {[@timestamp_prespec={0x44, 0x4, 0x80, 0x3, 0x5}, @cipso={0x86, 0x45, 0x2, [{0x6, 0x6, "bdd28718"}, {0x1, 0xf, "03091e502f2282ec2b099e24a5"}, {0x6, 0x5, "a41dae"}, {0x7, 0x5, "e477ef"}, {0x7, 0x11, "a1c907c0ba31bfa48f02766ddcbce4"}, {0x1, 0xd, "81dd8beabcaef79a2909d0"}, {0x7, 0x2}]}, @end, @generic={0x44, 0x3, "c0"}]}}}}})
r8 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r8, 0x8933, &(0x7f0000000300)={'vxcan1\x00', <r9=>0x0})
bind$can_raw(r8, &(0x7f0000000000)={0x1d, r9}, 0x10)
setsockopt$CAN_RAW_FILTER(r8, 0x65, 0x1, &(0x7f00000000c0), 0xf00)
bind$can_raw(r8, &(0x7f0000000080), 0x10)
getrusage(0x1, &(0x7f0000000040))

999.824153ms ago: executing program 0 (id=1104):
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_CAP_ACK(r0, 0x10e, 0xa, &(0x7f00000004c0)=0x7, 0x4)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000046c0)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x8000000, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x2c, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x0, 0x3, 0x0, 0x0, 0x0, 0xc0000001}, {0x3, 0x0, 0xb, 0x0, 0x0, 0x200}, 0x7, 0x10, 0x2000000}}]}}]}, 0x58}}, 0x0)

983.376013ms ago: executing program 1 (id=1105):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000200100000102000028"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0x8, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000bb00551a00000032ddc45f0ae30e9557a5fa8be0a38900000000001812000047903e8f8f71e600e0b7c0435181d0c8feb602b6b08e2d4132906c4fe01250b0c06758be35404ad1558de5ae3dd396d0fdf374a7deafcee5118f2b21e04dcb328066058fdff89bab81de71ba217463ea75c9ed698727605b5452e8a0589ed23e905978abf63c0e769d76866aa80d3bf011340efb70e3358d65da2a1fd01b65a158d874991c11ba8a9c12ee10469fd42a8e2f38a48891c3ce7e", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000001c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500002000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='kfree\x00', r3, 0x0, 0x10000}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000140)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r4 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000000), 0x181002)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="09000000020000006d05000002"], 0x48)
r5 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$SIOCSIFMTU(r5, 0x8922, &(0x7f0000000b40)={'dummy0\x00'})
r6 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r6, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
sendto$inet6(r6, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c)
shutdown(r6, 0x0)
setsockopt$sock_int(r6, 0x1, 0x7, &(0x7f0000000080)=0x59cc, 0x4)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x12, 0x8, 0x8, 0x8000}, 0x50)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f00000006c0)=ANY=[@ANYBLOB, @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000085000000a000000095", @ANYRES64, @ANYRES8=0x0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000005c0)={r9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20fe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r10 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32=r8, @ANYBLOB="d393ffff00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="03000000010000000200000000"], 0x50)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000380)={r10, 0x58, &(0x7f0000000300)}, 0x10)
r11 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)=ANY=[@ANYBLOB="53000000100001002cbd3000000000", @ANYRES32=0x0, @ANYBLOB="8021000000800400140003006e657464657673696d3000000000"], 0x4c}}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900030073797a30000000000900010073797a300000000058000000060a010400000000000000000100000008000b40000000000900010073797a3000000000300004802c0001800a00010071756575650000001c000280060002400ffe009b06000140faff"], 0xcc}, 0x1, 0x0, 0x0, 0x24000090}, 0x0)
r12 = socket$nl_rdma(0x10, 0x3, 0x14)
r13 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r13, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=@ipv4_newrule={0x2c, 0x20, 0x301, 0x0, 0x25dfdbfb, {0x2, 0x20}, [@FRA_DST={0x8, 0x1, @empty}, @FRA_FLOW={0x8}]}, 0x2c}}, 0x0)
sendmsg$RDMA_NLDEV_CMD_DELLINK(r12, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x18, 0x1404, 0x1, 0x70bd28, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}]}, 0x18}, 0x1, 0x0, 0x0, 0x4000}, 0x8044)
write$qrtrtun(r4, &(0x7f00000000c0)="f6f86030aa", 0x5)

954.286203ms ago: executing program 2 (id=1106):
r0 = geteuid()
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000300)={[], [{@func={'func', 0x3d, 'KEXEC_KERNEL_CHECK'}}, {@uid_lt={'uid<', r0}}]}, 0x1, 0x553, &(0x7f0000000a40)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r1, 0x6, 0x21, &(0x7f0000000080)="83194673ff30eca0ce19eeacdd97f3f8", 0x10)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000181200", @ANYRES32=r2, @ANYBLOB="0000000000000000b7030000000300008500"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x18)
r4 = gettid()
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000006c0), 0x2000)
bpf$OBJ_GET_MAP(0x7, 0x0, 0x0)
read(r5, &(0x7f0000000200)=""/209, 0x128)
r6 = dup(0xffffffffffffffff)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x31, 0xffffffffffffffff, 0x0)
io_setup(0x2278, &(0x7f0000000180)=<r7=>0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
io_submit(r7, 0x2, &(0x7f0000000140)=[&(0x7f00000001c0)={0x0, 0x4, 0x0, 0x0, 0x0, r8, 0x0, 0x0, 0x0, 0x0, 0x2}, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x2, 0x2, r8, 0x0}])
r9 = socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
sendto$inet6(r9, &(0x7f0000000500)="a4", 0x34000, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
bind$tipc(r6, &(0x7f0000000300)=@id={0x1e, 0x3, 0x3, {0x4e21, 0x3}}, 0x10)
pwrite64(0xffffffffffffffff, &(0x7f00000010c0)="3703c70f70e244b7878fedf0c0c6c2ff2f524255d61dbfb25921e3d3686454b93e5842722103c5c67b0da4173b9e63544ee1f32fc67080b7b83c0a31241a900518bef75ab52d7df9d091c4c601dc1cb4f1c7ed7a1d442806cc98e32546", 0x5d, 0x2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r5, 0x4040534e, &(0x7f0000000080)={0x2bd, @tick=0x5})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'syzkaller0\x00'})
tkill(r4, 0x7)
ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(r5, 0xc0105303, &(0x7f0000000180)={0x2, 0x6, 0x6})
syz_clone3(0x0, 0x0)

915.796195ms ago: executing program 0 (id=1107):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
mq_open(0x0, 0x42, 0x1f0, 0x0)

897.409785ms ago: executing program 4 (id=1108):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x1f, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x8, 0x0, 0x0, 0xffd0}}, &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x8}, 0x94) (fail_nth: 3)

563.75023ms ago: executing program 0 (id=1109):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)
preadv(r2, 0x0, 0x0, 0xe, 0x800)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000000000000000000000000000a608000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r3, &(0x7f0000001080)={0x28, 0x0, 0x0, @local}, 0x10)
connect$vsock_stream(r3, &(0x7f0000000040)={0x28, 0x0, 0x2710, @my=0x0}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x600, 0x0, 0x0, 0x6}, [@IFLA_ADDRESS={0xa, 0x3, @random="99fa3a1c872f"}, @IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x44}}, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f00000005c0)={'syz_tun\x00', 0x0})
madvise(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff)
bpf$MAP_CREATE(0x1900000000000000, 0x0, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='rxrpc_conn\x00'}, 0x18)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000fc0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmsg$inet(r6, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001400)=[{&(0x7f0000000080)="3bfdd75fa5717852d59a9367444a2130e72cd4dabc8854532cca0c32a5b9f844a4610c7525650ce3d3b76b15026d93e6dee896115e9364066aa3d14e33ef732b4681335c576902153114bdb9c74b538a71115fb1d1a63d1b04129661b29aab89d0be999a6b7c9bea755adedbf305a79f70b71d3d4c98577b49db4963ce89b0def5e840f459659cb6f86d56b069a5de11d601d348ff88ca6e5e2cfe40176880b33e9e8dbc32ba2e6a99b1b50276dc4f06166000d7069a3cc76f", 0xb9}, {&(0x7f0000000180)="892950e2405ee8629d9384a91c16d1706a3e61f305119f95cac0f1927f4c205b971eb41147cb1f86883d6910e68ac3996551800b3ec64b77f8444b18345a2c8b178eeeba0cde7319a5a46bfe7f5770e019efd9d52069edcced33a758c4e657f3a792dc193a1911b4e82ea800ad7afe03c851a8", 0x73}, {&(0x7f0000000200)="a68cde0d56b170df7710b54f17d9a39c4f98f3547190", 0x16}, {0x0}, {&(0x7f0000000300)="87fb74cf4d67adbbd062637f514c1f5eb18d7b442e6457a356c6cb1f71a43dfae773c8489cce5145f92615d4bdb13ef54d6ae90ec7733180fcf5adf3e13fdb05b57b748bd14eda042a97fdd84498304a504a0a159b972e8200c2d0f536a3465ec498ed12b924bd134057df36129d3ebe3dd3ce9f0671e5278143e4afa3d43f444681de1b5f9725fca34fa357fe2154981666fb9dc202fc17a0199eb1c25bdd1005e590e84783ee9894c888998dc25a83c14aeee31d114acfa0bcd235d571cd765f4b9259ba43e6fc30291d8a642146c4771898030b736aeee6b247abb0784b154e104e7dcda401f9b1736fea30a41a4153fe6a9a525bd0a3487571f914f05b590e242341ade289d8f5b842c6be4a93c2755dfd47174def782a2f8f61c068b5a012f02c0801601e860def788121e8808c01fed4c920a3698d0d684920918c95b17f76bbcb4f265c931d8f79560ff8114b70f4dd6791e2ed70cfeb89905791b88be26efe1c5c66b7b50b3d2be0dbc066dfc31618f9507f6f340b85a2f76a6dcac9d6ccc289ace5e5fecd25afe22ffa451f5e365ab33cc985f2e9d7f7fb1be4794740a94215d7db14b0ffcec19e5e3c5ae0d8578ef3b65d2a7a77a11e390a6c3a6b391061c886b961e3c2f42d62047bfe1356a44b840d3d956105f4c0fa95db08c4933f00de77cdc057c28b41fecfc8398c442be1ad065954f6c9dfeb2fd7207e8548a00a1d50bdf522d2abfdafd71723616a34830fbfa8fc81e0c2639cc12f363a4919b7a00ac8189dad3e7e54122a2ef430f623658d5e281c9a19442995bb9b0e3f7d13e3016b6f9523be196bf23bbcc5ec802f43ef8b651d688d9d5a44f35c9847e4c32bce3e9ebed2326adadc76f06a195db32c80b3090d7cd65c9d8518ba4e528c5eb5c7a1c5695b21595fa8a8621734bfda8afddd65e1f37a1990220a00fa9bd2c22b0117ceb08ae6af3c944c2eca924abfddad065d1472d0c3f742a49b1e78c669471873706ad157d831d7482b773f07b0673a6ce1e227a7a4d13744bf459434c0ab1c323a38b1a84cbf1ce9741f2b8fdcc2e073e56171603d035aacd83e71d5132831f4f1e8bf517979f132a33fd03783272e9b8c96dfa4e1d320a58d82acfc8d3d53a5a52daafe4dc8be08f4ad53e11cc21374b6ff4ff5ea2ecc5d3f7c057f74f0098e57d990090475cdaffdef0da917653ed10fb70b94b72e5b4d95cbea0fc1dd2579635ad6ab545ba4d7b6d2f5442bdb78beb6c8ed62942a439117025b4566b48d9f3a17fdf4577e8606a4bc4c26557e58312fd2d1a541ebec3e5ae28eef8b2ab0597083716dd12889335570ee7839530eee879d9b137606cd4dd7103991671b4464bb68529eb19fb7a8845e3491bfbac688a87cf0744f429ea112014402915c4c1f6bae08d689d3cb7d641d7befe8fc74a2242310a9a367a39531b4c86da5b39df524e52f33ff9c40b48cb196ffc9ca855b6e698ade8a83e52b9ddc5031ff09e1907e4f8b0d07e64e1fb8e427f8819a7be907aa216bf8e2a4c7cc87ed53bf9490d4cc788b91f3b9f705e984a7e62c7a495e8421b97c39dc954b35468f17c6682334f4e16308448f457faeffff6d1f818522fa441d3a48168bdb12ffebace436a3915b63076cb6a655718647f87eaaf313b5bbd430421eed3a2215e439600a56eac8c65291eb103326a8034662bd337ab51577d9110ec7151be5cc9c54b2a30891acac5ad006ed537dbeb8f16eecbde7cf4e71373faf3c36b772f6d7ea9346875c8cf1049d49d4f8eb01b946c11e8c8e3ab2015f282167acddcc77fff03e1be9134252af0abfe538b4d25fc4ff874b52b9fb0996b5f32b4141dbd30578ff46e13ef6c63fc1620f62cb11a3dce401993976c272a5f62fde3f2a0e654d19e7a39dcdb622b9526d2a15cc18e6f817c916a00775353dd9c8954e66d0445b59bb0f5e6e3b46447232f52a0e398b057d123ef503afcbd48544db6434d2025bfc8dab72262a4fa5426a03061e7f8966e0086ff8ab5a91ab59f19b830394ee8bc76d6fb4816b8f4cde35b7eb9d3811228d51c54828f97fd1e648196c81bc73ed56249a59f318704e84656a6cedd2b8c1e1808d1cc648749abc643131e494c01336d4a14b8609656f2c972dc23c5c2e43fe40119fb88b5ec2aade35c03646e347354c493de8ab3672ccf94af0df333c6678299129d79be0eec281c5b3858ce3995566a390b674635b356692e3e9c53a089638ba0d69e772b7b410a5ae03de12e7de755ee559e1707b7b8003aabc8e2ce03c01e3183ff2d93262f6d5ceaafecdae66bc7cb3952c5a6571d864d502f281db5a228695badca5d022fdb6da56ab15dc377d1c1f8581ff56e28c2b2a84edb629547d28275c2ed571103b4ca7cdeb0776ba9f9dffcd78d21c3d4caa9289ed199672f4e7b912068c49c817114c37d37ea03954bae87d1ddae3da2ad85feb2fbb735b75a51f7bee5c8d88cc7bf64700d1a46ec6b631ae22ac7b06730a86a26bdcb992e1c7b50142de96b14a8468e4514068a30896fc677fddefaebb125c693a8d460469c7fe535f844781940f66d6abd091191c3122d584f5b0f5b0d443713d7d5186124d73de28aca30b719d4a55e09d259bddbf16995aeb1000880890afbd24d4066b0398985a40999de22ce176348e1c1f57eaf75b92a1e4f1482e89a00ac2cc36b20e36af9ec310599c19a5b1d6f8fadba104c58c801c6633315f82ebfa88faddd0b693e2f827f586c1cc5538e93bcf10f81af6dd7ee727df3b5018c0b4e31e40d040a47503b6ace4d29a1162ce487351825255f5584aff7cbd421f85c3d9fbb3784abd9848f16028b68f0d32ed8bb80106e8cc4acb939ff88bd39976d166b2addebf628b3fcd056da2f60e1b90f7a32702954921908ebccb683622a1f574ceba6951bef5e751c338c8279318dc28e36b9fc2bb17c3ad08aceb00fc388e6db112a738f86a4a1eb11526e1b9d73250b326285ed47c4398d93a3933d9a784249b65ad7d78a1f81d96ef36493ed693045a2150a8eb43cecc0c93e7d20b15b39a0646b081c2923b816365b7fbb41683a41732d942c5aa12faf876ec7f036becde8f3295af6dacff38d076d8e06260fee167703bb610745374a2758a6b88e465ca77d1f3105ae8b6b04a1eb509fb178d6249dbbc84d5d1d069278449a89d03e4a9a395d8170c329a296cfc329798cb9b9f1078d098cf3f989fd4ec53e013fbe917df35292d44fb1f3da4da4432a1847d4721514ade8cda5e5c0b51183580fc35266a970ebba74faeda56d4dcb56df51f96ad237452cedbd0cb2bee112713c3d450835811bf3da9745136d428e148fd0932dc77c8d8e61a16c625241fad8425b4ece394eedd5f165bd94923bfa1172be8edc8a4fcaae5f77ee8cc510192b27964da09c3e84efb4bc7154da1a24da8b7e544b42278d2574687ec76143afa6cf193d52a2a7f4c20ee57b6056a1337d5e408117a6cf1ab49c8980f39597f69902085d3e8d374d44e6ab4ed1185a26be2bc7281e9cfbbeb6bed899aa1924d3faa06d95999fbeaf2337494e0c2c39eef5a73fcde84459a9ea48d4e015d9e5bb5839354967ce02f637bc8678d2595b9a918fc36b927d7501f0ac2e3471ce02b5df355689c87f191ef5390900a41deec29984e45a878ece964b0009aad561316fc3b30ce1b49266d32eb17cd30f3e17e1f59014e8c518940dd0a093d1349c1a7c2581963bbe0ba372b6426e81c33c71b2ec8141c5713e52a37fff0a417a5b259e1420d9fb6a731f5baa0cc494221947895aa8fa14745a986a366bff9d0c239a19f85372497565b5b703da16439019df5f3d29f4247fb528854c9648630f03e9dedde5a08a47728ea6a4d42e62eff6fa3bd402325e0f4387b60171c37c180f958ad80955779c899517e7ea76eed00598e01552eaaf08b723daf9d466e8c57af43a15a46528b1119f5074aa3c51f77357ebe158275bc06b89640d7ce3c0a03af01418d7dc6ae8a1be8ab08c1722d66d1e9277480b8b178447667c024f9b78f8a878a2d7cf8e83e5104f6964b2907a989abafc7d7d0df941abf3d7283b6a11d46c2911a42182ec27ab785d92946e1ee8ef44846d561850d2a98c305c382f36d4cfc9b2bfd3b86ef21a0d187adcafbec8268c7d662a34dda1c83c4967097743133bc8c587edf249f5668c34ddb112fa4eb1bea9c8f6a000f1f34428b54688a5e214a7919868b25dbe930e86a243ecf54afe0b518c647d04873d2cf62cb2ab27f00015537a4fd2ea3dc8777abdf3284622347016566da0b9c406ca8c40694e4013a53fbf2e803d51b0bbe5e9df5fc74f66be618856357ccf803c53ed0e3b3fe79f69f0ede9b565d8f7a8ce5aa8cbb4e8fa61be3fd00ffb07e45065498925c14c0b311942d4ed951ad6237aadb5405bc7b2d79e1fd295b7c2ed8efa883e44c86a5053e2f421c6d4dc0c47d3a05d911db37d6efdb8e50fb3f06139ac147bc7162c21aece79eaf72e9779f19eb5395cec3d15a7594ea70a6b373d98651d2215b210f037ea3f8a57ded74474f6fdb64a08b56af52168da70b30aee03472cd8bee5af04cad7303004a4aba464b99", 0xcb3}], 0x5, &(0x7f0000001480)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @private, @multicast1}}}], 0x20}, 0x0)
recvmsg$unix(r7, &(0x7f0000001140)={0x0, 0x0, &(0x7f0000001040)=[{&(0x7f00000015c0)=""/4096, 0x7ffff000}], 0x1, 0x0, 0x2}, 0x40000100)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
lsm_get_self_attr(0x67, &(0x7f0000001180)={0x0, 0x0, 0xb1, 0x91, ""/145}, &(0x7f00000010c0)=0xb1, 0x0)

554.049251ms ago: executing program 1 (id=1110):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setgid(0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000004c0)='mm_page_free\x00', r1, 0x0, 0x178}, 0x18)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000380), 0x84d03, 0x0)
io_uring_setup(0x4f04, &(0x7f00000002c0)={0x0, 0x48c7, 0x8, 0x0, 0x166})
r2 = memfd_secret(0x80000)
shutdown(r2, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r3, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x8, @loopback}, 0x1c)
r4 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r4, &(0x7f0000000040)={0x28, 0x0, 0x0, @hyper}, 0x10)
listen(r4, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000000)={0x1, [<r5=>0x0]}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000580)={r5, 0x8}, &(0x7f0000000600)=0x8)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000280)={0x28, 0x0, 0x0, @local}, 0x10)
accept4$unix(r4, 0x0, 0x0, 0x800)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendto$inet6(r6, &(0x7f0000000000)="aa", 0x1, 0x0, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x6}, 0x3}, 0x1c)
sendto$inet6(r3, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
syz_io_uring_setup(0x10b, &(0x7f0000000140)={0x0, 0x114db, 0x40, 0x3, 0x89}, &(0x7f00000003c0)=<r7=>0x0, &(0x7f00000000c0)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x29c780})
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000600)=ANY=[@ANYBLOB="180000000000000000000000fdffffff18110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001100)={&(0x7f00000010c0)='kfree\x00', r9, 0x0, 0x8}, 0x18)

48.671309ms ago: executing program 4 (id=1111):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r1}, &(0x7f0000000000), &(0x7f0000000080)=r2}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x8, 0x3, 0x4d0, 0x0, 0x25, 0x148, 0x340, 0x60, 0x438, 0x2a8, 0x2a8, 0x438, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x44, 0x0, 0x9, 0x0, 0x20, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'veth1_to_bond\x00', 'veth0\x00', {0xff}}, 0x0, 0xd0, 0xf8, 0x0, {}, [@common=@unspec=@cgroup0={{0x28}, {0x4}}, @common=@unspec=@statistic={{0x38}}]}, @common=@unspec=@MARK={0x28, 'MARK\x00', 0x2, {0x9, 0x8001}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x530)

47.433659ms ago: executing program 5 (id=1112):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010007000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000048000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f0c00098008000140000100075c0000000e0a01020000000000000000010000000900020073797a32000000000900010073797a30"], 0xec}, 0x1, 0x0, 0x0, 0x4004}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00'}, 0x10)
pidfd_send_signal(0xffffffffffffffff, 0x0, 0x0, 0x4)
r4 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000280), 0x40900, 0x0)
r5 = syz_io_uring_setup(0x497, &(0x7f0000000180)={0x0, 0x79af, 0x8, 0x8000, 0x400250}, &(0x7f0000000200)=<r6=>0x0, &(0x7f0000000300)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x35149, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}}, 0x0, 0xffffffffffffffff, r3, 0x0)
mknod(0x0, 0x8001420, 0x0)
lsetxattr$security_selinux(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000240), &(0x7f0000000280)='system_u:object_r:fsadm_exec_t:s0\x00', 0x22, 0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000140)=@IORING_OP_READ=@pass_buffer={0x16, 0x40, 0x2007, @fd=r4, 0x6, &(0x7f0000000580)=""/207, 0xcf, 0x2, 0x1})
io_uring_enter(r5, 0x74d1, 0x4c3, 0x43, 0x0, 0xfffffffffffffd1d)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0x1}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00'}, 0x10)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000180)={0xffffff, 0x0, 0x0, 0x7ff}, 0x10)
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, 0x0, 0x40)
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./file0\x00', 0x414, &(0x7f0000000000)=ANY=[@ANYRES8=r2], 0x1, 0x2a3, &(0x7f0000000740)="$eJzs3FFLU3EYx/EnZ25OdAsiKKge6qZuDrpeQI1QiAaFOakugmOe1dhpk3MOxiJyN9Ftr0O67C6o3oA30U333UkQdONFdKJzdnTTqVM3t/T7Afk/2/P/cf7qlOcIbvX+22elgmsUTE8GEioDIjVZE0n/q+pO1NeBoB6SRjW5OvLr2/l7Dx7ezuZyk9OqU9mZaxlVHbv48fnLd5c+eyOz78c+xGUl/Wj1Z+b7ypmVs6t/Zp4WXS26Wq54aupcpeKZc7al80W3ZKjetS3TtbRYdi2nqV+wKwsLVTXL86PJBcdyXTXLVS1ZVfUq6jlVNZ+YxbIahqGjSTneBtvYk1+enjaz27b9WEdPhK4bbvWk42RrrZv55UM4EwAA6DM7z//hrL/9/J+bDdcOz/8izP9dUmt6tMv8jyPBcbJmsv7z24z5HwAAAAAAAAAAAAAAAAAAAACA/8Ga76d8309Fa/QRF5GEiESPe31OdMc+v//Xe3RcdFjDP+4lROw3i/nFfLiG/WxBimKLlRBJye/g9VAX1lO3cpPjGkjLJ3upnl9azMckHuUj6Vb5C6cmwrw2509KsuH6kpGUnG59/UzL/JBcudyQNyQlXx5LRWyZD17XG/lXE6o37+Q25YeDfQAAAAAAHAWGrtty/x70gw0J2doP8+v31+O7/n1g0/31oJxr5y0qAQAAAADAgbnVFyXTti1nH0VcRA4QP6pFTPriGJuKGyLSB8c4rCIhIuEzup/4j/V4Wym/jT2DItLzL8seil7/ZgIAAADQaRtD/x5CX1938UQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABw/7b4fWLR/Sytq7BBvuFzs0D9BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoI/8DQAA///scB/k")
syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x0)
io_setup(0x8, &(0x7f0000004200)=<r8=>0x0)
r9 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
io_submit(r8, 0x1, &(0x7f0000004540)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x5, 0x0, r9, 0x0}])
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r10 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000008850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r11}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r10, 0x8933, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0)

22.756899ms ago: executing program 1 (id=1113):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="300000003e000701fcfffffffddbdf25047c0000100036800c00020007009300000000000c0001"], 0x30}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)

4.15644ms ago: executing program 4 (id=1114):
r0 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r0, &(0x7f0000000000)=@file={0x1, './file0\x00'}, 0x6e)
listen(r0, 0x0)
socket$unix(0x1, 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
rt_sigaction(0x16, &(0x7f0000000080)={&(0x7f0000000440)="c4a23d0643b9f0430fc079fff3460f1ec9f081035c000000f30faed446a900000000660f7ed238c461915492db8876efa1efa12eb22d233333f30fa7d0", 0x90000000, 0x0}, 0x0, 0x8, &(0x7f0000000200))
rt_sigsuspend(&(0x7f0000000000), 0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000160000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000480)=@raw={'raw\x00', 0x3c1, 0x3, 0x390, 0x1d8, 0x12, 0x60d, 0x0, 0x202, 0x2e8, 0x2e8, 0x2e8, 0x2e8, 0x2c0, 0x4, 0x0, {[{{@ipv6={@private1, @remote, [], [], 'tunl0\x00', 'macsec0\x00'}, 0x0, 0x190, 0x1d8, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'kmp\x00', "000000165a8c2e0617ae5119b5135c2aee68d23a465cd431e1ecef50c3234e082555f672225d6147864fa03182f5cf11d8c348cbd06dc8de1dcbde7d4e252c3394fed47bf78c70f607b0178fa5ea335019ac05a602061c96baebc989f1f34a214e6726401fe4b124e0f7323a587d2a1fcf07000000eca0a7b66c60c527bac2b5", 0x7, 0x2}}, @inet=@rpfilter={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@uncond, 0x0, 0xa8, 0xe8}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00', 0x16, 0xe, {0x8}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3f0) (fail_nth: 1)

0s ago: executing program 2 (id=1115):
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000580)='sched_switch\x00'}, 0x10)
r1 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x30000c6, &(0x7f0000000180), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000240)=ANY=[@ANYRES64=r1, @ANYRES32, @ANYRES32=r1, @ANYRES32=0x0, @ANYRES32, @ANYRES8], 0x50)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0300000004000000040000000a00000008000000", @ANYRES32, @ANYBLOB="0600"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0400"/28], 0x50)
dup2(r0, r1)
sendmsg$AUDIT_SIGNAL_INFO(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x10, 0x3f2, 0x100, 0x70bd27, 0x5f5}, 0x10}, 0x1, 0x0, 0x0, 0x4000000}, 0x48080)
bind$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x38}}, 0x10)
connect$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x39}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000006c59850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x3, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_mreq(r2, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r5=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="200000001100010100"/20, @ANYRES32=r5], 0x20}}, 0x0)
setsockopt$inet6_mreq(r2, 0x29, 0x1c, &(0x7f00000001c0)={@remote}, 0x14)

kernel console output (not intermixed with test programs):

T5728]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   84.155869][ T5728]  ? clear_bhb_loop+0x40/0x90
[   84.155956][ T5728]  ? clear_bhb_loop+0x40/0x90
[   84.156043][ T5728]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   84.156075][ T5728] RIP: 0033:0x7f5c83cde9a9
[   84.156096][ T5728] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   84.156122][ T5728] RSP: 002b:00007f5c82347038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   84.156148][ T5728] RAX: ffffffffffffffda RBX: 00007f5c83f05fa0 RCX: 00007f5c83cde9a9
[   84.156237][ T5728] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 000000000000000b
[   84.156308][ T5728] RBP: 00007f5c83d60d69 R08: 0000000000000000 R09: 0000000000000000
[   84.156392][ T5728] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   84.156409][ T5728] R13: 0000000000000000 R14: 00007f5c83f05fa0 R15: 00007ffce457c3c8
[   84.156453][ T5728]  </TASK>
[   84.156462][ T5728] memory: usage 307200kB, limit 307200kB, failcnt 207
[   84.200440][ T5786] netlink: 'syz.1.669': attribute type 1 has an invalid length.
[   84.203508][ T5728] memory+swap: usage 307408kB, limit 9007199254740988kB, failcnt 0
[   84.203527][ T5728] kmem: usage 307192kB, limit 9007199254740988kB, failcnt 0
[   84.203542][ T5728] Memory cgroup stats for /syz2:
[   84.538541][ T5728] cache 0
[   84.546497][ T5728] rss 0
[   84.549301][ T5728] shmem 0
[   84.552315][ T5728] mapped_file 0
[   84.555792][ T5728] dirty 0
[   84.558746][ T5728] writeback 0
[   84.562196][ T5728] workingset_refault_anon 64
[   84.566820][ T5728] workingset_refault_file 134
[   84.571673][ T5728] swap 212992
[   84.575017][ T5728] swapcached 8192
[   84.578676][ T5728] pgpgin 62552
[   84.582357][ T5728] pgpgout 62550
[   84.583865][ T5793] loop4: detected capacity change from 0 to 1024
[   84.586020][ T5728] pgfault 44362
[   84.595396][ T5793] ext4: Unknown parameter 'func'
[   84.595710][ T5728] pgmajfault 39
[   84.595721][ T5728] inactive_anon 8192
[   84.608118][ T5728] active_anon 0
[   84.611642][ T5728] inactive_file 0
[   84.615480][ T5728] active_file 0
[   84.618965][ T5728] unevictable 0
[   84.622543][ T5728] hierarchical_memory_limit 314572800
[   84.627955][ T5728] hierarchical_memsw_limit 9223372036854771712
[   84.634231][ T5728] total_cache 0
[   84.637720][ T5728] total_rss 0
[   84.641114][ T5728] total_shmem 0
[   84.644599][ T5728] total_mapped_file 0
[   84.648695][ T5728] total_dirty 0
[   84.652319][ T5728] total_writeback 0
[   84.656146][ T5728] total_workingset_refault_anon 64
[   84.661360][ T5728] total_workingset_refault_file 134
[   84.666574][ T5728] total_swap 212992
[   84.670412][ T5728] total_swapcached 8192
[   84.674639][ T5728] total_pgpgin 62552
[   84.678589][ T5728] total_pgpgout 62550
[   84.682635][ T5728] total_pgfault 44362
[   84.686714][ T5728] total_pgmajfault 39
[   84.691007][ T5728] total_inactive_anon 8192
[   84.695547][ T5728] total_active_anon 0
[   84.699554][ T5728] total_inactive_file 0
[   84.703813][ T5728] total_active_file 0
[   84.703899][ T5801] loop1: detected capacity change from 0 to 1024
[   84.707799][ T5728] total_unevictable 0
[   84.707811][ T5728] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=
[   84.717381][ T5801] EXT4-fs: Ignoring removed orlov option
[   84.718261][ T5728] /,mems_allowed=0,oom_memcg=/syz2
[   84.729333][ T5801] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   84.731601][ T5728] ,task_memcg=/syz2,task=syz.2.647,pid=5725,uid=0
[   84.755741][ T5728] Memory cgroup out of memory: Killed process 5725 (syz.2.647) total-vm:93892kB, anon-rss:944kB, file-rss:22376kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[   84.775295][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.799550][ T5805] IPv4: Oversized IP packet from 127.202.26.0
[   84.887194][ T5813] loop1: detected capacity change from 0 to 1024
[   84.901331][ T5813] EXT4-fs: Ignoring removed orlov option
[   84.907068][ T5813] EXT4-fs: Ignoring removed nomblk_io_submit option
[   84.920019][ T5815] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[   84.937107][ T5813] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   84.988784][ T5823] netlink: 'syz.0.682': attribute type 1 has an invalid length.
[   85.021543][ T5826] netlink: 48 bytes leftover after parsing attributes in process `syz.5.684'.
[   85.061115][ T5831] loop4: detected capacity change from 0 to 1024
[   85.067956][ T5831] ext4: Unknown parameter 'func'
[   85.084227][ T5836] IPv4: Oversized IP packet from 127.202.26.0
[   85.102660][ T5837] loop5: detected capacity change from 0 to 128
[   85.109264][ T5837] vfat: Unknown parameter 'ÿ'
[   85.121011][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.297802][ T5866] loop4: detected capacity change from 0 to 1024
[   85.317733][ T5866] ext4: Unknown parameter 'func'
[   85.339736][ T5874] IPv4: Oversized IP packet from 127.202.26.0
[   85.460765][ T5885] netlink: 48 bytes leftover after parsing attributes in process `syz.0.708'.
[   85.542554][ T5889] loop1: detected capacity change from 0 to 1024
[   85.549445][ T5889] ext4: Unknown parameter 'func'
[   85.728439][ T5848] syz.2.694 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[   85.742609][ T5848] CPU: 0 UID: 0 PID: 5848 Comm: syz.2.694 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(voluntary) 
[   85.742637][ T5848] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   85.742704][ T5848] Call Trace:
[   85.742711][ T5848]  <TASK>
[   85.742718][ T5848]  __dump_stack+0x1d/0x30
[   85.742739][ T5848]  dump_stack_lvl+0xe8/0x140
[   85.742760][ T5848]  dump_stack+0x15/0x1b
[   85.742781][ T5848]  dump_header+0x81/0x220
[   85.742813][ T5848]  oom_kill_process+0x334/0x3f0
[   85.742847][ T5848]  out_of_memory+0x979/0xb80
[   85.742880][ T5848]  try_charge_memcg+0x5e6/0x9e0
[   85.742958][ T5848]  obj_cgroup_charge_pages+0xa6/0x150
[   85.743022][ T5848]  __memcg_kmem_charge_page+0x9f/0x170
[   85.743103][ T5848]  __alloc_frozen_pages_noprof+0x188/0x360
[   85.743147][ T5848]  alloc_pages_mpol+0xb3/0x250
[   85.743177][ T5848]  alloc_pages_noprof+0x90/0x130
[   85.743249][ T5848]  __vmalloc_node_range_noprof+0x6f2/0xe00
[   85.743368][ T5848]  __kvmalloc_node_noprof+0x30f/0x4e0
[   85.743395][ T5848]  ? ip_set_alloc+0x1f/0x30
[   85.743423][ T5848]  ? ip_set_alloc+0x1f/0x30
[   85.743460][ T5848]  ? __kmalloc_cache_noprof+0x189/0x320
[   85.743492][ T5848]  ip_set_alloc+0x1f/0x30
[   85.743519][ T5848]  hash_netiface_create+0x282/0x740
[   85.743627][ T5848]  ? __pfx_hash_netiface_create+0x10/0x10
[   85.743669][ T5848]  ip_set_create+0x3c9/0x960
[   85.743820][ T5848]  ? __nla_parse+0x40/0x60
[   85.743845][ T5848]  nfnetlink_rcv_msg+0x4c6/0x590
[   85.743897][ T5848]  ? selinux_capable+0x1f9/0x270
[   85.743943][ T5848]  netlink_rcv_skb+0x120/0x220
[   85.743977][ T5848]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[   85.744016][ T5848]  nfnetlink_rcv+0x16b/0x1690
[   85.744060][ T5848]  ? __kfree_skb+0x109/0x150
[   85.744105][ T5848]  ? nlmon_xmit+0x4f/0x60
[   85.744137][ T5848]  ? consume_skb+0x49/0x150
[   85.744174][ T5848]  ? nlmon_xmit+0x4f/0x60
[   85.744193][ T5848]  ? dev_hard_start_xmit+0x3b0/0x3e0
[   85.744291][ T5848]  ? __dev_queue_xmit+0x11c0/0x1fb0
[   85.744317][ T5848]  ? __dev_queue_xmit+0x182/0x1fb0
[   85.744346][ T5848]  ? ref_tracker_free+0x37d/0x3e0
[   85.744381][ T5848]  ? __netlink_deliver_tap+0x4dc/0x500
[   85.744424][ T5848]  netlink_unicast+0x5a8/0x680
[   85.744528][ T5848]  netlink_sendmsg+0x58b/0x6b0
[   85.744555][ T5848]  ? __pfx_netlink_sendmsg+0x10/0x10
[   85.744578][ T5848]  __sock_sendmsg+0x145/0x180
[   85.744609][ T5848]  ____sys_sendmsg+0x31e/0x4e0
[   85.744651][ T5848]  ___sys_sendmsg+0x17b/0x1d0
[   85.744685][ T5848]  __x64_sys_sendmsg+0xd4/0x160
[   85.744712][ T5848]  x64_sys_call+0x2999/0x2fb0
[   85.744739][ T5848]  do_syscall_64+0xd2/0x200
[   85.744775][ T5848]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   85.744882][ T5848]  ? clear_bhb_loop+0x40/0x90
[   85.744938][ T5848]  ? clear_bhb_loop+0x40/0x90
[   85.745034][ T5848]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.745074][ T5848] RIP: 0033:0x7f5c83cde9a9
[   85.745096][ T5848] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   85.745153][ T5848] RSP: 002b:00007f5c82347038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   85.745178][ T5848] RAX: ffffffffffffffda RBX: 00007f5c83f05fa0 RCX: 00007f5c83cde9a9
[   85.745194][ T5848] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 000000000000000b
[   85.745231][ T5848] RBP: 00007f5c83d60d69 R08: 0000000000000000 R09: 0000000000000000
[   85.745243][ T5848] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   85.745254][ T5848] R13: 0000000000000000 R14: 00007f5c83f05fa0 R15: 00007ffce457c3c8
[   85.745275][ T5848]  </TASK>
[   85.745284][ T5848] memory: usage 307200kB, limit 307200kB, failcnt 406
[   85.757660][ T5903] loop4: detected capacity change from 0 to 1024
[   85.767750][ T5848] memory+swap: usage 307412kB, limit 9007199254740988kB, failcnt 0
[   85.767772][ T5848] kmem: usage 307188kB, limit 9007199254740988kB, failcnt 0
[   85.788819][ T5903] ext4: Unknown parameter 'func'
[   85.791638][ T5848] Memory cgroup stats for /syz2:
[   85.795525][ T5906] IPv4: Oversized IP packet from 127.202.26.0
[   85.809626][ T5848] cache 8192
[   86.140089][ T5848] rss 4096
[   86.143125][ T5848] shmem 0
[   86.146064][ T5848] mapped_file 8192
[   86.149785][ T5848] dirty 0
[   86.152876][ T5848] writeback 0
[   86.156161][ T5848] workingset_refault_anon 89
[   86.160748][ T5848] workingset_refault_file 168
[   86.165510][ T5848] swap 217088
[   86.168842][ T5848] swapcached 4096
[   86.172502][ T5848] pgpgin 62724
[   86.175876][ T5848] pgpgout 62721
[   86.179345][ T5848] pgfault 44697
[   86.182829][ T5848] pgmajfault 55
[   86.186285][ T5848] inactive_anon 4096
[   86.190339][ T5848] active_anon 0
[   86.193841][ T5848] inactive_file 8192
[   86.197746][ T5848] active_file 0
[   86.201280][ T5848] unevictable 0
[   86.204747][ T5848] hierarchical_memory_limit 314572800
[   86.210186][ T5848] hierarchical_memsw_limit 9223372036854771712
[   86.216365][ T5848] total_cache 8192
[   86.220133][ T5848] total_rss 4096
[   86.223691][ T5848] total_shmem 0
[   86.227183][ T5848] total_mapped_file 8192
[   86.231472][ T5848] total_dirty 0
[   86.235017][ T5848] total_writeback 0
[   86.238908][ T5848] total_workingset_refault_anon 89
[   86.244166][ T5848] total_workingset_refault_file 168
[   86.249662][ T5848] total_swap 217088
[   86.253633][ T5848] total_swapcached 4096
[   86.258196][ T5848] total_pgpgin 62724
[   86.262319][ T5848] total_pgpgout 62721
[   86.266313][ T5848] total_pgfault 44697
[   86.270302][ T5848] total_pgmajfault 55
[   86.274314][ T5848] total_inactive_anon 4096
[   86.278759][ T5848] total_active_anon 0
[   86.282759][ T5848] total_inactive_file 8192
[   86.287329][ T5848] total_active_file 0
[   86.291514][ T5848] total_unevictable 0
[   86.295635][ T5848] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.694,pid=5847,uid=0
[   86.310334][ T5848] Memory cgroup out of memory: Killed process 5847 (syz.2.694) total-vm:93892kB, anon-rss:940kB, file-rss:22312kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[   86.373554][ T5912] netlink: 'syz.0.718': attribute type 1 has an invalid length.
[   86.401524][ T5914] bridge0: port 3(batadv0) entered blocking state
[   86.408061][ T5914] bridge0: port 3(batadv0) entered disabled state
[   86.415084][ T5914] batadv0: entered allmulticast mode
[   86.421001][ T5914] batadv0: entered promiscuous mode
[   86.429389][ T5914] netlink: 4 bytes leftover after parsing attributes in process `syz.0.719'.
[   86.441951][ T5914] batadv0 (unregistering): left allmulticast mode
[   86.448436][ T5914] batadv0 (unregistering): left promiscuous mode
[   86.454900][ T5914] bridge0: port 3(batadv0) entered disabled state
[   86.517520][   T29] kauditd_printk_skb: 381 callbacks suppressed
[   86.517540][   T29] audit: type=1326 audit(1753412518.200:3764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5917 comm="syz.1.721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa70088e9a9 code=0x7ffc0000
[   86.552904][   T29] audit: type=1326 audit(1753412518.200:3765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5917 comm="syz.1.721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa70088e9a9 code=0x7ffc0000
[   86.576460][   T29] audit: type=1326 audit(1753412518.200:3766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5917 comm="syz.1.721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fa70088e9a9 code=0x7ffc0000
[   86.599756][   T29] audit: type=1326 audit(1753412518.200:3767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5917 comm="syz.1.721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa70088e9a9 code=0x7ffc0000
[   86.623229][   T29] audit: type=1326 audit(1753412518.230:3768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5915 comm="syz.4.720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9539c5e9a9 code=0x7ffc0000
[   86.646664][   T29] audit: type=1326 audit(1753412518.230:3769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5915 comm="syz.4.720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9539c5e9a9 code=0x7ffc0000
[   86.670013][   T29] audit: type=1326 audit(1753412518.230:3770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5915 comm="syz.4.720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9539c5e9a9 code=0x7ffc0000
[   86.693389][   T29] audit: type=1326 audit(1753412518.230:3771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5915 comm="syz.4.720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9539c5e9a9 code=0x7ffc0000
[   86.716715][   T29] audit: type=1326 audit(1753412518.230:3772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5915 comm="syz.4.720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9539c5e9a9 code=0x7ffc0000
[   86.740015][   T29] audit: type=1326 audit(1753412518.230:3773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5915 comm="syz.4.720" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9539c5e9a9 code=0x7ffc0000
[   86.832850][ T5931] IPv4: Oversized IP packet from 127.202.26.0
[   86.838306][ T5933] loop5: detected capacity change from 0 to 1024
[   86.846043][ T5933] EXT4-fs: Ignoring removed orlov option
[   86.851861][ T5933] EXT4-fs: Ignoring removed nomblk_io_submit option
[   86.889842][ T5933] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   86.982519][ T3906] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.008615][ T5946] netlink: 'syz.0.733': attribute type 1 has an invalid length.
[   87.022175][ T5948] IPv4: Oversized IP packet from 127.202.26.0
[   87.090607][ T5958] loop1: detected capacity change from 0 to 1024
[   87.139834][ T5958] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   87.233850][ T5982] random: crng reseeded on system resumption
[   87.291320][ T5979] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   87.350918][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.367966][ T5990] netlink: 'syz.4.751': attribute type 1 has an invalid length.
[   87.380979][ T5979] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   87.453738][ T5979] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   87.512770][ T5979] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   87.547068][ T6002] netlink: 48 bytes leftover after parsing attributes in process `syz.4.759'.
[   87.591970][ T5979] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   87.610760][ T5979] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   87.619280][ T6006] loop1: detected capacity change from 0 to 1024
[   87.622720][ T5979] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   87.633675][ T6006] ext4: Unknown parameter 'func'
[   87.637532][ T5979] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   87.684259][ T6002] loop4: detected capacity change from 0 to 128
[   87.698953][ T6010] random: crng reseeded on system resumption
[   87.700531][ T6002] vfat: Unknown parameter 'ÿ'
[   87.724255][ T6013] IPv4: Oversized IP packet from 127.202.26.0
[   87.838477][ T6025] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   87.842742][ T6023] netlink: 8 bytes leftover after parsing attributes in process `syz.2.767'.
[   87.879364][ T6028] netlink: 48 bytes leftover after parsing attributes in process `syz.2.769'.
[   87.902609][ T6025] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   87.915045][ T6033] loop1: detected capacity change from 0 to 512
[   87.922010][ T6033] EXT4-fs: Ignoring removed orlov option
[   87.928184][ T6033] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   87.937532][ T6033] EXT4-fs (loop1): orphan cleanup on readonly fs
[   87.946677][ T6033] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.771: bg 0: block 248: padding at end of block bitmap is not set
[   87.961888][ T6028] loop2: detected capacity change from 0 to 128
[   87.963901][ T6033] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.771: Failed to acquire dquot type 1
[   87.968695][ T6028] vfat: Unknown parameter 'ÿ'
[   87.980401][ T6033] EXT4-fs (loop1): 1 truncate cleaned up
[   87.990518][ T6033] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   88.004694][ T6025] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.016364][ T6033] EXT4-fs: Ignoring removed orlov option
[   88.022217][ T6033] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   88.030768][ T6033] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[   88.044096][ T6033] EXT4-fs error (device loop1): __ext4_remount:6736: comm syz.1.771: Abort forced by user
[   88.063618][ T6033] EXT4-fs (loop1): Remounting filesystem read-only
[   88.065280][ T6025] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.070186][ T6033] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[   88.088726][ T6033] ext4 filesystem being remounted at /152/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   88.110227][ T6039] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.159120][ T6033] siw: device registration error -23
[   88.171519][ T6025] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   88.185381][ T6025] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   88.194205][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.197935][ T6025] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   88.212927][ T6039] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.226970][ T6042] random: crng reseeded on system resumption
[   88.229640][ T6025] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   88.272473][ T6039] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.322802][ T6053] bridge0: port 5(batadv2) entered blocking state
[   88.329328][ T6053] bridge0: port 5(batadv2) entered disabled state
[   88.338633][ T6053] batadv2: entered allmulticast mode
[   88.344955][ T6053] batadv2: entered promiscuous mode
[   88.352110][ T6039] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.363887][ T6053] netlink: 4 bytes leftover after parsing attributes in process `syz.4.778'.
[   88.376054][ T6053] batadv0 (unregistering): left allmulticast mode
[   88.382613][ T6053] batadv0 (unregistering): left promiscuous mode
[   88.389018][ T6053] bridge0: port 4(batadv0) entered disabled state
[   88.437621][ T6039] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   88.449232][ T6039] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   88.460649][ T6039] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   88.472420][ T6039] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   88.520756][ T6057] netlink: 'syz.4.780': attribute type 1 has an invalid length.
[   88.584896][ T6061] netlink: 8 bytes leftover after parsing attributes in process `syz.2.779'.
[   88.604932][ T6063] netlink: 48 bytes leftover after parsing attributes in process `syz.4.782'.
[   88.803379][ T6063] loop4: detected capacity change from 0 to 128
[   88.809948][ T6063] vfat: Unknown parameter 'ÿ'
[   88.818145][ T6072] random: crng reseeded on system resumption
[   88.827464][   T58] batman_adv: batadv2: No IGMP Querier present - multicast optimizations disabled
[   88.836779][   T58] batman_adv: batadv2: No MLD Querier present - multicast optimizations disabled
[   88.854181][ T6075] loop2: detected capacity change from 0 to 1024
[   88.863718][ T6075] EXT4-fs: Ignoring removed orlov option
[   88.877000][ T6075] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   88.944733][ T6083] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.958832][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.071882][ T6083] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.115211][ T6083] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.182886][ T6083] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.226733][ T6096] loop1: detected capacity change from 0 to 1024
[   89.234027][ T6096] ext4: Unknown parameter 'func'
[   89.502090][ T6080] syz.0.789 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=0
[   89.516165][ T6080] CPU: 0 UID: 0 PID: 6080 Comm: syz.0.789 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(voluntary) 
[   89.516203][ T6080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   89.516220][ T6080] Call Trace:
[   89.516229][ T6080]  <TASK>
[   89.516239][ T6080]  __dump_stack+0x1d/0x30
[   89.516267][ T6080]  dump_stack_lvl+0xe8/0x140
[   89.516360][ T6080]  dump_stack+0x15/0x1b
[   89.516381][ T6080]  dump_header+0x81/0x220
[   89.516422][ T6080]  oom_kill_process+0x334/0x3f0
[   89.516526][ T6080]  out_of_memory+0x979/0xb80
[   89.516596][ T6080]  try_charge_memcg+0x5e6/0x9e0
[   89.516648][ T6080]  obj_cgroup_charge_pages+0xa6/0x150
[   89.516685][ T6080]  __memcg_kmem_charge_page+0x9f/0x170
[   89.516743][ T6080]  __alloc_frozen_pages_noprof+0x188/0x360
[   89.516789][ T6080]  alloc_pages_mpol+0xb3/0x250
[   89.516828][ T6080]  alloc_pages_noprof+0x90/0x130
[   89.516942][ T6080]  __vmalloc_node_range_noprof+0x6f2/0xe00
[   89.516995][ T6080]  __kvmalloc_node_noprof+0x30f/0x4e0
[   89.517032][ T6080]  ? ip_set_alloc+0x1f/0x30
[   89.517188][ T6080]  ? ip_set_alloc+0x1f/0x30
[   89.517218][ T6080]  ? __kmalloc_cache_noprof+0x189/0x320
[   89.517249][ T6080]  ip_set_alloc+0x1f/0x30
[   89.517313][ T6080]  hash_netiface_create+0x282/0x740
[   89.517417][ T6080]  ? __pfx_hash_netiface_create+0x10/0x10
[   89.517449][ T6080]  ip_set_create+0x3c9/0x960
[   89.517503][ T6080]  ? __nla_parse+0x40/0x60
[   89.517561][ T6080]  nfnetlink_rcv_msg+0x4c6/0x590
[   89.517655][ T6080]  ? selinux_capable+0x1f9/0x270
[   89.517755][ T6080]  netlink_rcv_skb+0x120/0x220
[   89.517860][ T6080]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[   89.517934][ T6080]  nfnetlink_rcv+0x16b/0x1690
[   89.517960][ T6080]  ? __kfree_skb+0x109/0x150
[   89.518022][ T6080]  ? nlmon_xmit+0x4f/0x60
[   89.518045][ T6080]  ? consume_skb+0x49/0x150
[   89.518080][ T6080]  ? nlmon_xmit+0x4f/0x60
[   89.518105][ T6080]  ? dev_hard_start_xmit+0x3b0/0x3e0
[   89.518286][ T6080]  ? __dev_queue_xmit+0x11c0/0x1fb0
[   89.518309][ T6080]  ? __dev_queue_xmit+0x182/0x1fb0
[   89.518335][ T6080]  ? ref_tracker_free+0x37d/0x3e0
[   89.518393][ T6080]  ? __netlink_deliver_tap+0x4dc/0x500
[   89.518450][ T6080]  netlink_unicast+0x5a8/0x680
[   89.518498][ T6080]  netlink_sendmsg+0x58b/0x6b0
[   89.518526][ T6080]  ? __pfx_netlink_sendmsg+0x10/0x10
[   89.518590][ T6080]  __sock_sendmsg+0x145/0x180
[   89.518615][ T6080]  ____sys_sendmsg+0x31e/0x4e0
[   89.518730][ T6080]  ___sys_sendmsg+0x17b/0x1d0
[   89.518768][ T6080]  __x64_sys_sendmsg+0xd4/0x160
[   89.518798][ T6080]  x64_sys_call+0x2999/0x2fb0
[   89.518826][ T6080]  do_syscall_64+0xd2/0x200
[   89.518874][ T6080]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   89.518904][ T6080]  ? clear_bhb_loop+0x40/0x90
[   89.518931][ T6080]  ? clear_bhb_loop+0x40/0x90
[   89.518958][ T6080]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.519029][ T6080] RIP: 0033:0x7f9811a2e9a9
[   89.519044][ T6080] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   89.519136][ T6080] RSP: 002b:00007f981008f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   89.519159][ T6080] RAX: ffffffffffffffda RBX: 00007f9811c55fa0 RCX: 00007f9811a2e9a9
[   89.519176][ T6080] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 000000000000000a
[   89.519189][ T6080] RBP: 00007f9811ab0d69 R08: 0000000000000000 R09: 0000000000000000
[   89.519201][ T6080] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   89.519212][ T6080] R13: 0000000000000000 R14: 00007f9811c55fa0 R15: 00007ffd836a7028
[   89.519231][ T6080]  </TASK>
[   89.519237][ T6080] memory: usage 307200kB, limit 307200kB, failcnt 1151
[   89.563429][ T6102] IPv4: Oversized IP packet from 127.202.26.0
[   89.565468][ T6080] memory+swap: usage 307424kB, limit 9007199254740988kB, failcnt 0
[   89.886216][ T6080] kmem: usage 307196kB, limit 9007199254740988kB, failcnt 0
[   89.893550][ T6080] Memory cgroup stats for /syz0:
[   89.893876][ T6080] cache 0
[   89.901978][ T6080] rss 0
[   89.904762][ T6080] shmem 0
[   89.907781][ T6080] mapped_file 0
[   89.911296][ T6080] dirty 0
[   89.914315][ T6080] writeback 0
[   89.917639][ T6080] workingset_refault_anon 419
[   89.922404][ T6080] workingset_refault_file 996
[   89.927097][ T6080] swap 229376
[   89.930472][ T6080] swapcached 4096
[   89.934364][ T6080] pgpgin 34047
[   89.937890][ T6080] pgpgout 34046
[   89.941427][ T6080] pgfault 42243
[   89.945025][ T6080] pgmajfault 237
[   89.948658][ T6080] inactive_anon 0
[   89.952425][ T6080] active_anon 4096
[   89.956160][ T6080] inactive_file 0
[   89.959858][ T6080] active_file 0
[   89.963389][ T6080] unevictable 0
[   89.966853][ T6080] hierarchical_memory_limit 314572800
[   89.972260][ T6080] hierarchical_memsw_limit 9223372036854771712
[   89.978490][ T6080] total_cache 0
[   89.982035][ T6080] total_rss 0
[   89.985353][ T6080] total_shmem 0
[   89.988969][ T6080] total_mapped_file 0
[   89.992984][ T6080] total_dirty 0
[   89.996440][ T6080] total_writeback 0
[   90.000297][ T6080] total_workingset_refault_anon 419
[   90.005562][ T6080] total_workingset_refault_file 996
[   90.010772][ T6080] total_swap 229376
[   90.014603][ T6080] total_swapcached 4096
[   90.018783][ T6080] total_pgpgin 34047
[   90.022697][ T6080] total_pgpgout 34046
[   90.026750][ T6080] total_pgfault 42243
[   90.030730][ T6080] total_pgmajfault 237
[   90.034834][ T6080] total_inactive_anon 0
[   90.038986][ T6080] total_active_anon 4096
[   90.043253][ T6080] total_inactive_file 0
[   90.047407][ T6080] total_active_file 0
[   90.051429][ T6080] total_unevictable 0
[   90.055472][ T6080] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.789,pid=6079,uid=0
[   90.070076][ T6080] Memory cgroup out of memory: Killed process 6079 (syz.0.789) total-vm:98128kB, anon-rss:944kB, file-rss:26408kB, shmem-rss:0kB, UID:0 pgtables:132kB oom_score_adj:0
[   90.165833][ T6108] loop2: detected capacity change from 0 to 1024
[   90.174259][ T6108] EXT4-fs: Ignoring removed orlov option
[   90.179994][ T6108] EXT4-fs: Ignoring removed nomblk_io_submit option
[   90.207741][ T6108] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   90.242650][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.279544][ T6118] random: crng reseeded on system resumption
[   90.370324][ T6122] netlink: 48 bytes leftover after parsing attributes in process `syz.0.803'.
[   90.386813][ T6124] netlink: 48 bytes leftover after parsing attributes in process `syz.2.806'.
[   90.400441][ T6126] random: crng reseeded on system resumption
[   90.473953][ T6124] loop2: detected capacity change from 0 to 128
[   90.480585][ T6124] vfat: Unknown parameter 'ÿ'
[   90.580145][ T6131] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.632710][ T6131] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.682584][ T6131] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.702509][ T6140] siw: device registration error -23
[   90.743181][ T6131] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.757998][ T6142] IPv4: Oversized IP packet from 127.202.26.0
[   91.356997][ T6143] syz.0.814 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[   91.367938][ T6143] CPU: 1 UID: 0 PID: 6143 Comm: syz.0.814 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(voluntary) 
[   91.367978][ T6143] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   91.367994][ T6143] Call Trace:
[   91.368002][ T6143]  <TASK>
[   91.368018][ T6143]  __dump_stack+0x1d/0x30
[   91.368043][ T6143]  dump_stack_lvl+0xe8/0x140
[   91.368067][ T6143]  dump_stack+0x15/0x1b
[   91.368083][ T6143]  dump_header+0x81/0x220
[   91.368200][ T6143]  oom_kill_process+0x334/0x3f0
[   91.368237][ T6143]  out_of_memory+0x979/0xb80
[   91.368273][ T6143]  try_charge_memcg+0x5e6/0x9e0
[   91.368335][ T6143]  charge_memcg+0x51/0xc0
[   91.368371][ T6143]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[   91.368453][ T6143]  __read_swap_cache_async+0x1df/0x350
[   91.368564][ T6143]  swap_cluster_readahead+0x277/0x3e0
[   91.368598][ T6143]  swapin_readahead+0xde/0x6f0
[   91.368628][ T6143]  ? __filemap_get_folio+0x4f7/0x6b0
[   91.368706][ T6143]  ? swap_cache_get_folio+0x77/0x200
[   91.368756][ T6143]  do_swap_page+0x301/0x2430
[   91.368780][ T6143]  ? css_rstat_updated+0xcd/0x5b0
[   91.368893][ T6143]  ? __pfx_default_wake_function+0x10/0x10
[   91.368921][ T6143]  handle_mm_fault+0x9a5/0x2be0
[   91.369026][ T6143]  ? mas_walk+0xf2/0x120
[   91.369062][ T6143]  do_user_addr_fault+0x636/0x1090
[   91.369100][ T6143]  ? fpregs_restore_userregs+0xe2/0x1d0
[   91.369172][ T6143]  ? switch_fpu_return+0xe/0x20
[   91.369199][ T6143]  ? fpregs_assert_state_consistent+0xb4/0xe0
[   91.369236][ T6143]  exc_page_fault+0x62/0xa0
[   91.369272][ T6143]  asm_exc_page_fault+0x26/0x30
[   91.369418][ T6143] RIP: 0033:0x7f98119053fc
[   91.369435][ T6143] Code: 66 0f 1f 44 00 00 69 3d b6 02 e8 00 e8 03 00 00 48 8d 1d b7 0b 35 00 e8 12 95 12 00 eb 0c 48 81 c3 e0 00 00 00 48 39 eb 74 24 <80> 7b 20 00 74 ee 8b 43 0c 85 c0 74 e7 48 89 df 48 81 c3 e0 00 00
[   91.369453][ T6143] RSP: 002b:00007ffd836a7190 EFLAGS: 00010206
[   91.369468][ T6143] RAX: 0000000000000000 RBX: 00007f9811c55fa0 RCX: 0000000000000000
[   91.369480][ T6143] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000055555e160808
[   91.369491][ T6143] RBP: 00007f9811c57ba0 R08: 0000000000000000 R09: 7fffffffffffffff
[   91.369507][ T6143] R10: 0000000000000000 R11: 0000000000000293 R12: 00000000000165c6
[   91.369524][ T6143] R13: 00007f9811c56160 R14: ffffffffffffffff R15: 00007ffd836a72a0
[   91.369543][ T6143]  </TASK>
[   91.369551][ T6143] memory: usage 307200kB, limit 307200kB, failcnt 1460
[   91.603413][ T6143] memory+swap: usage 307404kB, limit 9007199254740988kB, failcnt 0
[   91.611377][ T6143] kmem: usage 307184kB, limit 9007199254740988kB, failcnt 0
[   91.618690][ T6143] Memory cgroup stats for /syz0:
[   91.619513][ T6143] cache 0
[   91.627595][ T6143] rss 0
[   91.630374][ T6143] shmem 0
[   91.633377][ T6143] mapped_file 0
[   91.636852][ T6143] dirty 0
[   91.639814][ T6143] writeback 0
[   91.643112][ T6143] workingset_refault_anon 484
[   91.647784][ T6143] workingset_refault_file 1127
[   91.652562][ T6143] swap 208896
[   91.655849][ T6143] swapcached 16384
[   91.659596][ T6143] pgpgin 34613
[   91.663026][ T6143] pgpgout 34609
[   91.666483][ T6143] pgfault 43145
[   91.669946][ T6143] pgmajfault 288
[   91.673518][ T6143] inactive_anon 16384
[   91.677495][ T6143] active_anon 0
[   91.680976][ T6143] inactive_file 0
[   91.684657][ T6143] active_file 0
[   91.688111][ T6143] unevictable 0
[   91.691632][ T6143] hierarchical_memory_limit 314572800
[   91.697037][ T6143] hierarchical_memsw_limit 9223372036854771712
[   91.703226][ T6143] total_cache 0
[   91.706684][ T6143] total_rss 0
[   91.709995][ T6143] total_shmem 0
[   91.713469][ T6143] total_mapped_file 0
[   91.717455][ T6143] total_dirty 0
[   91.720913][ T6143] total_writeback 0
[   91.724735][ T6143] total_workingset_refault_anon 484
[   91.729985][ T6143] total_workingset_refault_file 1127
[   91.735287][ T6143] total_swap 208896
[   91.739121][ T6143] total_swapcached 16384
[   91.743384][ T6143] total_pgpgin 34613
[   91.747361][ T6143] total_pgpgout 34609
[   91.751405][ T6143] total_pgfault 43145
[   91.755414][ T6143] total_pgmajfault 288
[   91.759477][ T6143] total_inactive_anon 16384
[   91.764059][ T6143] total_active_anon 0
[   91.768099][ T6143] total_inactive_file 0
[   91.772274][ T6143] total_active_file 0
[   91.776290][ T6143] total_unevictable 0
[   91.780267][ T6143] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.814,pid=6143,uid=0
[   91.794797][ T6143] Memory cgroup out of memory: Killed process 6143 (syz.0.814) total-vm:93892kB, anon-rss:940kB, file-rss:22440kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:0
[   91.987031][ T6161] netlink: 'syz.0.819': attribute type 1 has an invalid length.
[   92.016235][ T6167] sch_tbf: peakrate 512 is lower than or equals to rate 3221225473 !
[   92.044643][ T6169] bridge0: port 4(batadv0) entered blocking state
[   92.051181][ T6169] bridge0: port 4(batadv0) entered disabled state
[   92.057779][ T6169] batadv0: entered allmulticast mode
[   92.063823][ T6169] batadv0: entered promiscuous mode
[   92.072543][ T6169] netlink: 4 bytes leftover after parsing attributes in process `syz.1.823'.
[   92.082979][ T6169] batadv0 (unregistering): left allmulticast mode
[   92.089561][ T6169] batadv0 (unregistering): left promiscuous mode
[   92.095959][ T6169] bridge0: port 4(batadv0) entered disabled state
[   92.126736][ T6083] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   92.138124][ T6083] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   92.149383][ T6083] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   92.160526][ T6083] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   92.185503][ T6172] netlink: 48 bytes leftover after parsing attributes in process `syz.4.824'.
[   92.229920][ T6174] loop1: detected capacity change from 0 to 1024
[   92.236703][ T6172] loop4: detected capacity change from 0 to 128
[   92.243701][ T6172] vfat: Unknown parameter 'ÿ'
[   92.254297][ T6174] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   92.291625][   T29] kauditd_printk_skb: 287 callbacks suppressed
[   92.291640][   T29] audit: type=1326 audit(1753412523.980:4059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6180 comm="syz.0.826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9811a2e9a9 code=0x7ffc0000
[   92.321905][   T29] audit: type=1326 audit(1753412523.980:4060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6180 comm="syz.0.826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9811a2e9a9 code=0x7ffc0000
[   92.322461][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.345471][   T29] audit: type=1326 audit(1753412523.980:4061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6180 comm="syz.0.826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9811a2e9a9 code=0x7ffc0000
[   92.345502][   T29] audit: type=1326 audit(1753412523.980:4062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6180 comm="syz.0.826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9811a2e9a9 code=0x7ffc0000
[   92.401290][   T29] audit: type=1326 audit(1753412523.980:4063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6180 comm="syz.0.826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9811a2e9a9 code=0x7ffc0000
[   92.424761][   T29] audit: type=1326 audit(1753412523.980:4064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6180 comm="syz.0.826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9811a2e9a9 code=0x7ffc0000
[   92.448388][   T29] audit: type=1326 audit(1753412523.980:4065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6180 comm="syz.0.826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9811a2e9a9 code=0x7ffc0000
[   92.471681][   T29] audit: type=1326 audit(1753412523.980:4066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6180 comm="syz.0.826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9811a2e9a9 code=0x7ffc0000
[   92.495653][   T29] audit: type=1326 audit(1753412523.980:4067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6180 comm="syz.0.826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9811a2e9a9 code=0x7ffc0000
[   92.518960][   T29] audit: type=1326 audit(1753412523.980:4068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6180 comm="syz.0.826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9811a2e9a9 code=0x7ffc0000
[   92.531812][ T6185] loop4: detected capacity change from 0 to 1024
[   92.557049][ T6185] ext4: Unknown parameter 'func'
[   92.568251][ T6187] IPv4: Oversized IP packet from 127.202.26.0
[   92.640444][ T6196] sch_tbf: peakrate 512 is lower than or equals to rate 3221225473 !
[   92.686957][ T6131] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   92.698810][ T6131] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   92.710224][ T6131] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   92.784021][ T6131] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   92.799416][ T6202] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   92.848364][ T6207] loop2: detected capacity change from 0 to 1024
[   92.872606][ T6202] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   92.964676][ T6202] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   93.084713][ T6202] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   93.100911][ T6221] netlink: 'syz.2.838': attribute type 1 has an invalid length.
[   93.138980][ T6223] netlink: 8 bytes leftover after parsing attributes in process `syz.2.840'.
[   93.155574][ T6202] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   93.167062][ T6202] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   93.178930][ T6202] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   93.191214][ T6202] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   93.226883][ T6229] IPv4: Oversized IP packet from 127.202.26.0
[   93.254196][ T6233] sch_tbf: peakrate 512 is lower than or equals to rate 3221225473 !
[   93.469187][ T6245] loop5: detected capacity change from 0 to 1024
[   93.534297][ T6251] loop2: detected capacity change from 0 to 512
[   93.541241][ T6251] EXT4-fs: Ignoring removed orlov option
[   93.553478][ T6251] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   93.567638][ T6251] EXT4-fs (loop2): orphan cleanup on readonly fs
[   93.572107][ T6254] loop1: detected capacity change from 0 to 1024
[   93.580820][ T6254] ext4: Unknown parameter 'func'
[   93.586626][ T6251] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.851: bg 0: block 248: padding at end of block bitmap is not set
[   93.607693][ T6251] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.851: Failed to acquire dquot type 1
[   93.620466][ T6251] EXT4-fs (loop2): 1 truncate cleaned up
[   93.632151][ T6251] EXT4-fs: Ignoring removed orlov option
[   93.638108][ T6251] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   93.648804][ T6251] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[   93.663383][ T6251] EXT4-fs error (device loop2): __ext4_remount:6736: comm syz.2.851: Abort forced by user
[   93.680632][ T6251] EXT4-fs (loop2): Remounting filesystem read-only
[   93.687294][ T6251] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[   93.699387][ T6251] ext4 filesystem being remounted at /169/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   93.723886][ T6251] siw: device registration error -23
[   93.913295][ T6270] IPv4: Oversized IP packet from 127.202.26.0
[   93.978900][ T6278] loop4: detected capacity change from 0 to 512
[   93.983101][ T6275] bridge0: port 4(batadv0) entered blocking state
[   93.985682][ T6278] EXT4-fs: Ignoring removed orlov option
[   93.991765][ T6275] bridge0: port 4(batadv0) entered disabled state
[   94.003060][ T6280] netlink: 4 bytes leftover after parsing attributes in process `syz.5.860'.
[   94.016020][ T6278] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   94.019845][ T6275] batadv0: entered allmulticast mode
[   94.030652][ T6275] batadv0: entered promiscuous mode
[   94.039489][ T6280] batadv0 (unregistering): left allmulticast mode
[   94.046014][ T6280] batadv0 (unregistering): left promiscuous mode
[   94.052525][ T6280] bridge0: port 4(batadv0) entered disabled state
[   94.134213][ T6284] netlink: 'syz.2.863': attribute type 1 has an invalid length.
[   94.148711][ T6278] EXT4-fs (loop4): orphan cleanup on readonly fs
[   94.163446][ T6278] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.861: bg 0: block 248: padding at end of block bitmap is not set
[   94.218258][ T6278] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.861: Failed to acquire dquot type 1
[   94.255358][ T6278] EXT4-fs (loop4): 1 truncate cleaned up
[   94.299685][ T6240] syz.0.848 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=0
[   94.313572][ T6240] CPU: 1 UID: 0 PID: 6240 Comm: syz.0.848 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(voluntary) 
[   94.313676][ T6240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   94.313689][ T6240] Call Trace:
[   94.313695][ T6240]  <TASK>
[   94.313703][ T6240]  __dump_stack+0x1d/0x30
[   94.313728][ T6240]  dump_stack_lvl+0xe8/0x140
[   94.313753][ T6240]  dump_stack+0x15/0x1b
[   94.313849][ T6240]  dump_header+0x81/0x220
[   94.313887][ T6240]  oom_kill_process+0x334/0x3f0
[   94.313988][ T6240]  out_of_memory+0x979/0xb80
[   94.314026][ T6240]  try_charge_memcg+0x5e6/0x9e0
[   94.314099][ T6240]  obj_cgroup_charge_pages+0xa6/0x150
[   94.314147][ T6240]  __memcg_kmem_charge_page+0x9f/0x170
[   94.314222][ T6240]  __alloc_frozen_pages_noprof+0x188/0x360
[   94.314262][ T6240]  alloc_pages_mpol+0xb3/0x250
[   94.314294][ T6240]  alloc_pages_noprof+0x90/0x130
[   94.314332][ T6240]  __vmalloc_node_range_noprof+0x6f2/0xe00
[   94.314448][ T6240]  __kvmalloc_node_noprof+0x30f/0x4e0
[   94.314475][ T6240]  ? ip_set_alloc+0x1f/0x30
[   94.314504][ T6240]  ? ip_set_alloc+0x1f/0x30
[   94.314540][ T6240]  ? __kmalloc_cache_noprof+0x189/0x320
[   94.314599][ T6240]  ip_set_alloc+0x1f/0x30
[   94.314634][ T6240]  hash_netiface_create+0x282/0x740
[   94.314770][ T6240]  ? __pfx_hash_netiface_create+0x10/0x10
[   94.314810][ T6240]  ip_set_create+0x3c9/0x960
[   94.314863][ T6240]  nfnetlink_rcv_msg+0x4c6/0x590
[   94.314981][ T6240]  ? selinux_capable+0x1f9/0x270
[   94.315026][ T6240]  netlink_rcv_skb+0x120/0x220
[   94.315066][ T6240]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[   94.315106][ T6240]  nfnetlink_rcv+0x16b/0x1690
[   94.315144][ T6240]  ? __kfree_skb+0x109/0x150
[   94.315198][ T6240]  ? nlmon_xmit+0x4f/0x60
[   94.315223][ T6240]  ? consume_skb+0x49/0x150
[   94.315254][ T6240]  ? nlmon_xmit+0x4f/0x60
[   94.315334][ T6240]  ? dev_hard_start_xmit+0x3b0/0x3e0
[   94.315424][ T6240]  ? __dev_queue_xmit+0x11c0/0x1fb0
[   94.315443][ T6240]  ? __dev_queue_xmit+0x182/0x1fb0
[   94.315520][ T6240]  ? ref_tracker_free+0x37d/0x3e0
[   94.315558][ T6240]  ? trace_reschedule_exit+0xd/0xc0
[   94.315666][ T6240]  ? sysvec_reschedule_ipi+0x4f/0x70
[   94.315694][ T6240]  ? trace_reschedule_exit+0xd/0xc0
[   94.315735][ T6240]  ? __pfx_nfnetlink_rcv+0x10/0x10
[   94.315780][ T6240]  ? netlink_unicast+0x59c/0x680
[   94.315818][ T6240]  netlink_unicast+0x5a8/0x680
[   94.315877][ T6240]  netlink_sendmsg+0x58b/0x6b0
[   94.315904][ T6240]  ? __pfx_netlink_sendmsg+0x10/0x10
[   94.315937][ T6240]  __sock_sendmsg+0x145/0x180
[   94.315981][ T6240]  ____sys_sendmsg+0x31e/0x4e0
[   94.316031][ T6240]  ___sys_sendmsg+0x17b/0x1d0
[   94.316069][ T6240]  __x64_sys_sendmsg+0xd4/0x160
[   94.316097][ T6240]  x64_sys_call+0x2999/0x2fb0
[   94.316131][ T6240]  do_syscall_64+0xd2/0x200
[   94.316151][ T6240]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   94.316196][ T6240]  ? clear_bhb_loop+0x40/0x90
[   94.316216][ T6240]  ? clear_bhb_loop+0x40/0x90
[   94.316312][ T6240]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.316333][ T6240] RIP: 0033:0x7f9811a2e9a9
[   94.316348][ T6240] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   94.316382][ T6240] RSP: 002b:00007f981008f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   94.316404][ T6240] RAX: ffffffffffffffda RBX: 00007f9811c55fa0 RCX: 00007f9811a2e9a9
[   94.316437][ T6240] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 000000000000000a
[   94.316453][ T6240] RBP: 00007f9811ab0d69 R08: 0000000000000000 R09: 0000000000000000
[   94.316468][ T6240] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   94.316491][ T6240] R13: 0000000000000000 R14: 00007f9811c55fa0 R15: 00007ffd836a7028
[   94.316588][ T6240]  </TASK>
[   94.316597][ T6240] memory: usage 307200kB, limit 307200kB, failcnt 1698
[   94.337313][ T6278] EXT4-fs: Ignoring removed orlov option
[   94.339331][ T6240] memory+swap: usage 307296kB, limit 9007199254740988kB, failcnt 0
[   94.345943][ T6278] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   94.349949][ T6240] kmem: usage 307076kB, limit 9007199254740988kB, failcnt 0
[   94.717686][ T6240] Memory cgroup stats for /syz0:
[   94.717932][ T6240] cache 4096
[   94.726179][ T6240] rss 122880
[   94.726585][ T6278] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[   94.729379][ T6240] shmem 0
[   94.729389][ T6240] mapped_file 4096
[   94.742583][ T6278] EXT4-fs error (device loop4): __ext4_remount:6736: comm syz.4.861: Abort forced by user
[   94.745373][ T6240] dirty 4096
[   94.745384][ T6240] writeback 0
[   94.756890][ T6278] EXT4-fs (loop4): Remounting filesystem read-only
[   94.758503][ T6240] workingset_refault_anon 568
[   94.758515][ T6240] workingset_refault_file 1274
[   94.761843][ T6278] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[   94.768331][ T6240] swap 102400
[   94.768341][ T6240] swapcached 114688
[   94.768350][ T6240] pgpgin 35352
[   94.768358][ T6240] pgpgout 35321
[   94.768367][ T6240] pgfault 44385
[   94.773260][ T6278] ext4 filesystem being remounted at /174/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   94.777814][ T6240] pgmajfault 354
[   94.777825][ T6240] inactive_anon 12288
[   94.777834][ T6240] active_anon 98304
[   94.825727][ T6240] inactive_file 4096
[   94.829635][ T6240] active_file 0
[   94.833133][ T6240] unevictable 0
[   94.836596][ T6240] hierarchical_memory_limit 314572800
[   94.842033][ T6240] hierarchical_memsw_limit 9223372036854771712
[   94.848211][ T6240] total_cache 4096
[   94.852056][ T6240] total_rss 122880
[   94.855797][ T6240] total_shmem 0
[   94.859271][ T6240] total_mapped_file 4096
[   94.863537][ T6240] total_dirty 4096
[   94.867303][ T6240] total_writeback 0
[   94.871134][ T6240] total_workingset_refault_anon 568
[   94.876442][ T6240] total_workingset_refault_file 1274
[   94.881750][ T6240] total_swap 102400
[   94.885573][ T6240] total_swapcached 114688
[   94.889975][ T6240] total_pgpgin 35352
[   94.893964][ T6240] total_pgpgout 35321
[   94.898016][ T6240] total_pgfault 44385
[   94.902012][ T6240] total_pgmajfault 354
[   94.906141][ T6240] total_inactive_anon 12288
[   94.910647][ T6240] total_active_anon 98304
[   94.915055][ T6240] total_inactive_file 4096
[   94.919469][ T6240] total_active_file 0
[   94.923493][ T6240] total_unevictable 0
[   94.927483][ T6240] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.848,pid=6239,uid=0
[   94.942181][ T6240] Memory cgroup out of memory: Killed process 6240 (syz.0.848) total-vm:93892kB, anon-rss:1068kB, file-rss:22316kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:0
[   95.047625][ T6297] loop4: detected capacity change from 0 to 512
[   95.073176][ T6297] EXT4-fs: Ignoring removed orlov option
[   95.087560][ T6297] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   95.144196][ T6297] EXT4-fs (loop4): orphan cleanup on readonly fs
[   95.169418][ T6297] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.865: bg 0: block 248: padding at end of block bitmap is not set
[   95.230227][ T6297] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.865: Failed to acquire dquot type 1
[   95.274904][ T6297] EXT4-fs (loop4): 1 truncate cleaned up
[   95.288400][ T6311] netlink: 48 bytes leftover after parsing attributes in process `syz.5.870'.
[   95.318443][ T6297] EXT4-fs: Ignoring removed orlov option
[   95.343711][ T6297] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   95.346957][ T6313] netlink: 8 bytes leftover after parsing attributes in process `syz.0.871'.
[   95.375506][ T6297] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[   95.386773][ T6311] loop5: detected capacity change from 0 to 128
[   95.393351][ T6311] vfat: Unknown parameter 'ÿ'
[   95.401784][ T6297] EXT4-fs error (device loop4): __ext4_remount:6736: comm syz.4.865: Abort forced by user
[   95.428893][ T6319] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   95.440029][ T6297] EXT4-fs (loop4): Remounting filesystem read-only
[   95.446642][ T6297] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[   95.458342][ T6297] ext4 filesystem being remounted at /175/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   95.479517][ T6323] netlink: 48 bytes leftover after parsing attributes in process `syz.0.876'.
[   95.492545][ T6319] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   95.519176][ T6329] IPv4: Oversized IP packet from 127.202.26.0
[   95.554366][ T6319] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   95.589039][ T6337] loop5: detected capacity change from 0 to 1024
[   95.615017][ T6319] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   95.696232][ T6319] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   95.713963][ T6319] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   95.726306][ T6319] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   95.738670][ T6319] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   95.821314][ T6358] netlink: 8 bytes leftover after parsing attributes in process `syz.1.887'.
[   95.833276][ T6361] netlink: 48 bytes leftover after parsing attributes in process `syz.0.888'.
[   95.929176][ T6368] IPv4: Oversized IP packet from 127.202.26.0
[   96.097191][ T6373] bridge0: port 3(batadv0) entered blocking state
[   96.103800][ T6373] bridge0: port 3(batadv0) entered disabled state
[   96.140917][ T6373] batadv0: entered allmulticast mode
[   96.141632][ T6374] netlink: 4 bytes leftover after parsing attributes in process `syz.0.893'.
[   96.156917][ T6373] batadv0: entered promiscuous mode
[   96.171524][ T6374] batadv0 (unregistering): left allmulticast mode
[   96.178015][ T6374] batadv0 (unregistering): left promiscuous mode
[   96.184915][ T6374] bridge0: port 3(batadv0) entered disabled state
[   96.247978][ T6376] loop5: detected capacity change from 0 to 1024
[   96.427305][ T6330] syz.2.878 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[   96.441464][ T6330] CPU: 0 UID: 0 PID: 6330 Comm: syz.2.878 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(voluntary) 
[   96.441559][ T6330] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   96.441588][ T6330] Call Trace:
[   96.441595][ T6330]  <TASK>
[   96.441604][ T6330]  __dump_stack+0x1d/0x30
[   96.441630][ T6330]  dump_stack_lvl+0xe8/0x140
[   96.441655][ T6330]  dump_stack+0x15/0x1b
[   96.441671][ T6330]  dump_header+0x81/0x220
[   96.441738][ T6330]  oom_kill_process+0x334/0x3f0
[   96.441828][ T6330]  out_of_memory+0x979/0xb80
[   96.441919][ T6330]  try_charge_memcg+0x5e6/0x9e0
[   96.441961][ T6330]  obj_cgroup_charge_pages+0xa6/0x150
[   96.442028][ T6330]  __memcg_kmem_charge_page+0x9f/0x170
[   96.442057][ T6330]  __alloc_frozen_pages_noprof+0x188/0x360
[   96.442118][ T6330]  alloc_pages_mpol+0xb3/0x250
[   96.442278][ T6330]  alloc_pages_noprof+0x90/0x130
[   96.442312][ T6330]  __vmalloc_node_range_noprof+0x6f2/0xe00
[   96.442359][ T6330]  __kvmalloc_node_noprof+0x30f/0x4e0
[   96.442386][ T6330]  ? ip_set_alloc+0x1f/0x30
[   96.442469][ T6330]  ? ip_set_alloc+0x1f/0x30
[   96.442497][ T6330]  ? hash_netiface_create+0x21b/0x740
[   96.442528][ T6330]  ? __kmalloc_cache_noprof+0x189/0x320
[   96.442632][ T6330]  ip_set_alloc+0x1f/0x30
[   96.442666][ T6330]  hash_netiface_create+0x282/0x740
[   96.442707][ T6330]  ? __pfx_hash_netiface_create+0x10/0x10
[   96.442817][ T6330]  ip_set_create+0x3c9/0x960
[   96.442867][ T6330]  ? __nla_parse+0x40/0x60
[   96.442937][ T6330]  nfnetlink_rcv_msg+0x4c6/0x590
[   96.442967][ T6330]  ? bcmp+0x5e/0x90
[   96.443124][ T6330]  ? selinux_capable+0x1f9/0x270
[   96.443156][ T6330]  netlink_rcv_skb+0x120/0x220
[   96.443241][ T6330]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[   96.443273][ T6330]  nfnetlink_rcv+0x16b/0x1690
[   96.443375][ T6330]  ? __kfree_skb+0x109/0x150
[   96.443413][ T6330]  ? nlmon_xmit+0x4f/0x60
[   96.443438][ T6330]  ? consume_skb+0x49/0x150
[   96.443529][ T6330]  ? nlmon_xmit+0x4f/0x60
[   96.443549][ T6330]  ? dev_hard_start_xmit+0x3b0/0x3e0
[   96.443663][ T6330]  ? __dev_queue_xmit+0x11c0/0x1fb0
[   96.443684][ T6330]  ? __dev_queue_xmit+0x182/0x1fb0
[   96.443710][ T6330]  ? ref_tracker_free+0x37d/0x3e0
[   96.443811][ T6330]  ? __netlink_deliver_tap+0x4dc/0x500
[   96.443841][ T6330]  netlink_unicast+0x5a8/0x680
[   96.443948][ T6330]  netlink_sendmsg+0x58b/0x6b0
[   96.443975][ T6330]  ? __pfx_netlink_sendmsg+0x10/0x10
[   96.444001][ T6330]  __sock_sendmsg+0x145/0x180
[   96.444032][ T6330]  ____sys_sendmsg+0x31e/0x4e0
[   96.444153][ T6330]  ___sys_sendmsg+0x17b/0x1d0
[   96.444201][ T6330]  __x64_sys_sendmsg+0xd4/0x160
[   96.444230][ T6330]  x64_sys_call+0x2999/0x2fb0
[   96.444255][ T6330]  do_syscall_64+0xd2/0x200
[   96.444279][ T6330]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   96.444325][ T6330]  ? clear_bhb_loop+0x40/0x90
[   96.444390][ T6330]  ? clear_bhb_loop+0x40/0x90
[   96.444416][ T6330]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.444467][ T6330] RIP: 0033:0x7f5c83cde9a9
[   96.444488][ T6330] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   96.444508][ T6330] RSP: 002b:00007f5c82347038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   96.444528][ T6330] RAX: ffffffffffffffda RBX: 00007f5c83f05fa0 RCX: 00007f5c83cde9a9
[   96.444543][ T6330] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 000000000000000b
[   96.444557][ T6330] RBP: 00007f5c83d60d69 R08: 0000000000000000 R09: 0000000000000000
[   96.444572][ T6330] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   96.444626][ T6330] R13: 0000000000000000 R14: 00007f5c83f05fa0 R15: 00007ffce457c3c8
[   96.444649][ T6330]  </TASK>
[   96.444658][ T6330] memory: usage 307200kB, limit 307200kB, failcnt 688
[   96.467958][ T6390] netlink: 8 bytes leftover after parsing attributes in process `syz.5.899'.
[   96.470463][ T6330] memory+swap: usage 307400kB, limit 9007199254740988kB, failcnt 0
[   96.470482][ T6330] kmem: usage 307184kB, limit 9007199254740988kB, failcnt 0
[   96.833958][ T6330] Memory cgroup stats for /syz2:
[   96.839204][ T6330] cache 0
[   96.847194][ T6330] rss 4096
[   96.850257][ T6330] shmem 0
[   96.853239][ T6330] mapped_file 0
[   96.856716][ T6330] dirty 0
[   96.859674][ T6330] writeback 0
[   96.863017][ T6330] workingset_refault_anon 286
[   96.867887][ T6330] workingset_refault_file 273
[   96.872695][ T6330] swap 208896
[   96.876103][ T6330] swapcached 12288
[   96.879852][ T6330] pgpgin 67718
[   96.883542][ T6330] pgpgout 67715
[   96.887027][ T6330] pgfault 51674
[   96.890513][ T6330] pgmajfault 210
[   96.894111][ T6330] inactive_anon 4096
[   96.898111][ T6330] active_anon 0
[   96.901672][ T6330] inactive_file 0
[   96.905331][ T6330] active_file 0
[   96.908889][ T6330] unevictable 0
[   96.912537][ T6330] hierarchical_memory_limit 314572800
[   96.917984][ T6330] hierarchical_memsw_limit 9223372036854771712
[   96.924174][ T6330] total_cache 0
[   96.927656][ T6330] total_rss 4096
[   96.931233][ T6330] total_shmem 0
[   96.934704][ T6330] total_mapped_file 0
[   96.938707][ T6330] total_dirty 0
[   96.942231][ T6330] total_writeback 0
[   96.946067][ T6330] total_workingset_refault_anon 286
[   96.951314][ T6330] total_workingset_refault_file 273
[   96.956525][ T6330] total_swap 208896
[   96.960372][ T6330] total_swapcached 12288
[   96.964657][ T6330] total_pgpgin 67718
[   96.968550][ T6330] total_pgpgout 67715
[   96.972640][ T6330] total_pgfault 51674
[   96.976722][ T6330] total_pgmajfault 210
[   96.980795][ T6330] total_inactive_anon 4096
[   96.985307][ T6330] total_active_anon 0
[   96.989362][ T6330] total_inactive_file 0
[   96.993545][ T6330] total_active_file 0
[   96.997524][ T6330] total_unevictable 0
[   97.001531][ T6330] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.878,pid=6327,uid=0
[   97.016137][ T6330] Memory cgroup out of memory: Killed process 6327 (syz.2.878) total-vm:93892kB, anon-rss:944kB, file-rss:22316kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[   97.101868][ T6397] IPv4: Oversized IP packet from 127.202.26.0
[   97.156203][ T6405] loop5: detected capacity change from 0 to 1024
[   97.163384][ T6405] EXT4-fs: Ignoring removed orlov option
[   97.163475][ T6404] netlink: 'syz.1.906': attribute type 1 has an invalid length.
[   97.228632][ T6412] loop2: detected capacity change from 0 to 1024
[   97.474434][   T29] kauditd_printk_skb: 422 callbacks suppressed
[   97.474451][   T29] audit: type=1326 audit(1753412529.160:4485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6426 comm="syz.4.912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9539c5e9a9 code=0x7ffc0000
[   97.504068][   T29] audit: type=1326 audit(1753412529.160:4486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6426 comm="syz.4.912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9539c5e9a9 code=0x7ffc0000
[   97.571690][ T6432] netlink: 48 bytes leftover after parsing attributes in process `syz.2.914'.
[   97.700025][   T29] audit: type=1326 audit(1753412529.160:4487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6426 comm="syz.4.912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9539c5e9a9 code=0x7ffc0000
[   97.723506][   T29] audit: type=1326 audit(1753412529.160:4488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6426 comm="syz.4.912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9539c5e9a9 code=0x7ffc0000
[   97.747005][   T29] audit: type=1326 audit(1753412529.160:4489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6426 comm="syz.4.912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9539c5e9a9 code=0x7ffc0000
[   97.770551][   T29] audit: type=1326 audit(1753412529.160:4490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6426 comm="syz.4.912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9539c5e9a9 code=0x7ffc0000
[   97.793867][   T29] audit: type=1326 audit(1753412529.160:4491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6426 comm="syz.4.912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9539c5e9a9 code=0x7ffc0000
[   97.817259][   T29] audit: type=1326 audit(1753412529.160:4492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6426 comm="syz.4.912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9539c5e9a9 code=0x7ffc0000
[   97.840503][   T29] audit: type=1326 audit(1753412529.160:4493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6426 comm="syz.4.912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9539c5e9a9 code=0x7ffc0000
[   97.863889][   T29] audit: type=1326 audit(1753412529.160:4494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6426 comm="syz.4.912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9539c5e9a9 code=0x7ffc0000
[   97.890274][ T6432] loop2: detected capacity change from 0 to 128
[   97.897936][ T6432] vfat: Unknown parameter 'ÿ'
[   97.936669][ T6401] syz.0.904 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=0
[   97.950534][ T6401] CPU: 0 UID: 0 PID: 6401 Comm: syz.0.904 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(voluntary) 
[   97.950572][ T6401] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   97.950662][ T6401] Call Trace:
[   97.950671][ T6401]  <TASK>
[   97.950759][ T6401]  __dump_stack+0x1d/0x30
[   97.950789][ T6401]  dump_stack_lvl+0xe8/0x140
[   97.950817][ T6401]  dump_stack+0x15/0x1b
[   97.950835][ T6401]  dump_header+0x81/0x220
[   97.950888][ T6401]  oom_kill_process+0x334/0x3f0
[   97.950926][ T6401]  out_of_memory+0x979/0xb80
[   97.950988][ T6401]  try_charge_memcg+0x5e6/0x9e0
[   97.951060][ T6401]  obj_cgroup_charge_pages+0xa6/0x150
[   97.951093][ T6401]  __memcg_kmem_charge_page+0x9f/0x170
[   97.951169][ T6401]  __alloc_frozen_pages_noprof+0x188/0x360
[   97.951215][ T6401]  alloc_pages_mpol+0xb3/0x250
[   97.951261][ T6401]  alloc_pages_noprof+0x90/0x130
[   97.951301][ T6401]  __vmalloc_node_range_noprof+0x6f2/0xe00
[   97.951348][ T6401]  __kvmalloc_node_noprof+0x30f/0x4e0
[   97.951459][ T6401]  ? ip_set_alloc+0x1f/0x30
[   97.951500][ T6401]  ? ip_set_alloc+0x1f/0x30
[   97.951580][ T6401]  ? hash_netiface_create+0x21b/0x740
[   97.951657][ T6401]  ? __kmalloc_cache_noprof+0x189/0x320
[   97.951696][ T6401]  ip_set_alloc+0x1f/0x30
[   97.951757][ T6401]  hash_netiface_create+0x282/0x740
[   97.951796][ T6401]  ? __pfx_hash_netiface_create+0x10/0x10
[   97.951875][ T6401]  ip_set_create+0x3c9/0x960
[   97.952027][ T6401]  ? __nla_parse+0x40/0x60
[   97.952056][ T6401]  nfnetlink_rcv_msg+0x4c6/0x590
[   97.952146][ T6401]  ? free_netdev+0x401/0x4a0
[   97.952203][ T6401]  ? selinux_capable+0x1f9/0x270
[   97.952318][ T6401]  netlink_rcv_skb+0x120/0x220
[   97.952364][ T6401]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[   97.952399][ T6401]  nfnetlink_rcv+0x16b/0x1690
[   97.952473][ T6401]  ? __kfree_skb+0x109/0x150
[   97.952516][ T6401]  ? nlmon_xmit+0x4f/0x60
[   97.952543][ T6401]  ? consume_skb+0x49/0x150
[   97.952658][ T6401]  ? nlmon_xmit+0x4f/0x60
[   97.952692][ T6401]  ? dev_hard_start_xmit+0x3b0/0x3e0
[   97.952813][ T6401]  ? __dev_queue_xmit+0x11c0/0x1fb0
[   97.952837][ T6401]  ? __dev_queue_xmit+0x182/0x1fb0
[   97.952863][ T6401]  ? ref_tracker_free+0x37d/0x3e0
[   97.952899][ T6401]  ? __netlink_deliver_tap+0x4dc/0x500
[   97.953001][ T6401]  netlink_unicast+0x5a8/0x680
[   97.953038][ T6401]  netlink_sendmsg+0x58b/0x6b0
[   97.953067][ T6401]  ? __pfx_netlink_sendmsg+0x10/0x10
[   97.953093][ T6401]  __sock_sendmsg+0x145/0x180
[   97.953169][ T6401]  ____sys_sendmsg+0x31e/0x4e0
[   97.953196][ T6401]  ___sys_sendmsg+0x17b/0x1d0
[   97.953235][ T6401]  __x64_sys_sendmsg+0xd4/0x160
[   97.953258][ T6401]  x64_sys_call+0x2999/0x2fb0
[   97.953279][ T6401]  do_syscall_64+0xd2/0x200
[   97.953353][ T6401]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   97.953379][ T6401]  ? clear_bhb_loop+0x40/0x90
[   97.953398][ T6401]  ? clear_bhb_loop+0x40/0x90
[   97.953419][ T6401]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.953508][ T6401] RIP: 0033:0x7f9811a2e9a9
[   97.953529][ T6401] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   97.953554][ T6401] RSP: 002b:00007f981008f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   97.953664][ T6401] RAX: ffffffffffffffda RBX: 00007f9811c55fa0 RCX: 00007f9811a2e9a9
[   97.953676][ T6401] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 000000000000000a
[   97.953693][ T6401] RBP: 00007f9811ab0d69 R08: 0000000000000000 R09: 0000000000000000
[   97.953709][ T6401] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   97.953725][ T6401] R13: 0000000000000000 R14: 00007f9811c55fa0 R15: 00007ffd836a7028
[   97.953750][ T6401]  </TASK>
[   97.981281][ T6439] bridge0: port 4(batadv0) entered blocking state
[   97.982445][ T6401] memory: usage 307200kB, limit 307200kB, failcnt 1946
[   97.987311][ T6439] bridge0: port 4(batadv0) entered disabled state
[   97.991905][ T6401] memory+swap: usage 307416kB, limit 9007199254740988kB, failcnt 0
[   97.991924][ T6401] kmem: usage 307196kB, limit 9007199254740988kB, failcnt 0
[   98.033537][ T6441] netlink: 4 bytes leftover after parsing attributes in process `syz.5.917'.
[   98.036280][ T6401] Memory cgroup stats for /syz0:
[   98.039920][ T6401] cache 0
[   98.050197][ T6439] batadv0: entered allmulticast mode
[   98.052581][ T6401] rss 0
[   98.052660][ T6401] shmem 0
[   98.087519][ T6439] batadv0: entered promiscuous mode
[   98.087974][ T6401] mapped_file 0
[   98.087986][ T6401] dirty 0
[   98.386944][ T6401] writeback 0
[   98.390239][ T6401] workingset_refault_anon 624
[   98.394955][ T6401] workingset_refault_file 1405
[   98.399920][ T6401] swap 221184
[   98.403378][ T6401] swapcached 4096
[   98.407064][ T6401] pgpgin 36400
[   98.410449][ T6401] pgpgout 36399
[   98.413932][ T6401] pgfault 45854
[   98.417428][ T6401] pgmajfault 383
[   98.421124][ T6401] inactive_anon 0
[   98.424820][ T6401] active_anon 4096
[   98.428563][ T6401] inactive_file 0
[   98.432336][ T6401] active_file 0
[   98.435849][ T6401] unevictable 0
[   98.439311][ T6401] hierarchical_memory_limit 314572800
[   98.444820][ T6401] hierarchical_memsw_limit 9223372036854771712
[   98.451033][ T6401] total_cache 0
[   98.454521][ T6401] total_rss 0
[   98.457820][ T6401] total_shmem 0
[   98.461311][ T6401] total_mapped_file 0
[   98.465304][ T6401] total_dirty 0
[   98.468839][ T6401] total_writeback 0
[   98.472695][ T6401] total_workingset_refault_anon 624
[   98.477890][ T6401] total_workingset_refault_file 1405
[   98.483266][ T6401] total_swap 221184
[   98.483854][ T1085] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[   98.487085][ T6401] total_swapcached 4096
[   98.487097][ T6401] total_pgpgin 36400
[   98.487107][ T6401] total_pgpgout 36399
[   98.496361][ T1085] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[   98.500504][ T6401] total_pgfault 45854
[   98.521574][ T6401] total_pgmajfault 383
[   98.525648][ T6401] total_inactive_anon 0
[   98.529805][ T6401] total_active_anon 4096
[   98.534059][ T6401] total_inactive_file 0
[   98.538240][ T6401] total_active_file 0
[   98.542246][ T6401] total_unevictable 0
[   98.546233][ T6401] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.904,pid=6400,uid=0
[   98.560817][ T6401] Memory cgroup out of memory: Killed process 6400 (syz.0.904) total-vm:95940kB, anon-rss:944kB, file-rss:22332kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:0
[   98.578441][ T6441] batadv0 (unregistering): left allmulticast mode
[   98.585075][ T6441] batadv0 (unregistering): left promiscuous mode
[   98.591545][ T6441] bridge0: port 4(batadv0) entered disabled state
[   98.691149][ T6451] netlink: 'syz.5.922': attribute type 1 has an invalid length.
[   98.721832][ T6456] loop4: detected capacity change from 0 to 1024
[   98.727857][ T6455] loop2: detected capacity change from 0 to 1024
[   98.728558][ T6456] ext4: Unknown parameter 'func'
[   98.829432][ T6467] netlink: 8 bytes leftover after parsing attributes in process `syz.5.927'.
[   98.903210][ T6471] netlink: 'syz.2.928': attribute type 1 has an invalid length.
[   98.975824][ T6473] netlink: 8 bytes leftover after parsing attributes in process `syz.5.930'.
[   99.069317][ T6482] netlink: 48 bytes leftover after parsing attributes in process `syz.5.932'.
[   99.184100][ T6479] loop2: detected capacity change from 0 to 1024
[   99.190846][ T6479] ext4: Unknown parameter 'func'
[   99.311123][ T6488] netlink: 'syz.4.931': attribute type 1 has an invalid length.
[   99.632509][ T6482] loop5: detected capacity change from 0 to 128
[   99.639062][ T6482] vfat: Unknown parameter 'ÿ'
[   99.808835][ T6501] IPv4: Oversized IP packet from 127.202.26.0
[   99.954487][ T6506] random: crng reseeded on system resumption
[  100.167563][ T6516] loop5: detected capacity change from 0 to 128
[  100.192233][ T6516] vfat: Unknown parameter 'ÿ'
[  100.207807][ T6514] loop2: detected capacity change from 0 to 128
[  100.216628][ T6514] vfat: Unknown parameter 'ÿ'
[  100.378523][ T6536] netlink: 'syz.2.954': attribute type 1 has an invalid length.
[  100.545621][ T6549] __nla_validate_parse: 5 callbacks suppressed
[  100.545638][ T6549] netlink: 48 bytes leftover after parsing attributes in process `syz.2.959'.
[  100.620713][ T6549] loop2: detected capacity change from 0 to 128
[  100.632889][ T6549] vfat: Unknown parameter 'ÿ'
[  100.668191][ T6497] syz.1.946 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000
[  100.682399][ T6497] CPU: 1 UID: 0 PID: 6497 Comm: syz.1.946 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(voluntary) 
[  100.682426][ T6497] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  100.682438][ T6497] Call Trace:
[  100.682444][ T6497]  <TASK>
[  100.682451][ T6497]  __dump_stack+0x1d/0x30
[  100.682470][ T6497]  dump_stack_lvl+0xe8/0x140
[  100.682487][ T6497]  dump_stack+0x15/0x1b
[  100.682615][ T6497]  dump_header+0x81/0x220
[  100.682645][ T6497]  oom_kill_process+0x334/0x3f0
[  100.682672][ T6497]  out_of_memory+0x979/0xb80
[  100.682699][ T6497]  try_charge_memcg+0x5e6/0x9e0
[  100.682786][ T6497]  obj_cgroup_charge_pages+0xa6/0x150
[  100.682874][ T6497]  __memcg_kmem_charge_page+0x9f/0x170
[  100.682908][ T6497]  __alloc_frozen_pages_noprof+0x188/0x360
[  100.682968][ T6497]  alloc_pages_mpol+0xb3/0x250
[  100.682995][ T6497]  alloc_pages_noprof+0x90/0x130
[  100.683021][ T6497]  __vmalloc_node_range_noprof+0x6f2/0xe00
[  100.683058][ T6497]  __kvmalloc_node_noprof+0x30f/0x4e0
[  100.683102][ T6497]  ? ip_set_alloc+0x1f/0x30
[  100.683127][ T6497]  ? ip_set_alloc+0x1f/0x30
[  100.683209][ T6497]  ? __kmalloc_cache_noprof+0x189/0x320
[  100.683233][ T6497]  ip_set_alloc+0x1f/0x30
[  100.683258][ T6497]  hash_netiface_create+0x282/0x740
[  100.683318][ T6497]  ? __pfx_hash_netiface_create+0x10/0x10
[  100.683345][ T6497]  ip_set_create+0x3c9/0x960
[  100.683438][ T6497]  ? __nla_parse+0x40/0x60
[  100.683459][ T6497]  nfnetlink_rcv_msg+0x4c6/0x590
[  100.683486][ T6497]  ? free_netdev+0x401/0x4a0
[  100.683543][ T6497]  ? selinux_capable+0x1f9/0x270
[  100.683648][ T6497]  netlink_rcv_skb+0x120/0x220
[  100.683679][ T6497]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  100.683708][ T6497]  nfnetlink_rcv+0x16b/0x1690
[  100.683731][ T6497]  ? __kfree_skb+0x109/0x150
[  100.683813][ T6497]  ? nlmon_xmit+0x4f/0x60
[  100.683894][ T6497]  ? consume_skb+0x49/0x150
[  100.683942][ T6497]  ? nlmon_xmit+0x4f/0x60
[  100.683971][ T6497]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  100.684078][ T6497]  ? __dev_queue_xmit+0x11c0/0x1fb0
[  100.684095][ T6497]  ? __dev_queue_xmit+0x182/0x1fb0
[  100.684113][ T6497]  ? ref_tracker_free+0x37d/0x3e0
[  100.684145][ T6497]  ? __netlink_deliver_tap+0x4dc/0x500
[  100.684197][ T6497]  netlink_unicast+0x5a8/0x680
[  100.684228][ T6497]  netlink_sendmsg+0x58b/0x6b0
[  100.684285][ T6497]  ? __pfx_netlink_sendmsg+0x10/0x10
[  100.684330][ T6497]  __sock_sendmsg+0x145/0x180
[  100.684355][ T6497]  ____sys_sendmsg+0x31e/0x4e0
[  100.684374][ T6497]  ___sys_sendmsg+0x17b/0x1d0
[  100.684451][ T6497]  __x64_sys_sendmsg+0xd4/0x160
[  100.684470][ T6497]  x64_sys_call+0x2999/0x2fb0
[  100.684488][ T6497]  do_syscall_64+0xd2/0x200
[  100.684531][ T6497]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  100.684561][ T6497]  ? clear_bhb_loop+0x40/0x90
[  100.684582][ T6497]  ? clear_bhb_loop+0x40/0x90
[  100.684602][ T6497]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.684687][ T6497] RIP: 0033:0x7fa70088e9a9
[  100.684701][ T6497] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  100.684718][ T6497] RSP: 002b:00007fa6feef7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  100.684734][ T6497] RAX: ffffffffffffffda RBX: 00007fa700ab5fa0 RCX: 00007fa70088e9a9
[  100.684746][ T6497] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 000000000000000b
[  100.684757][ T6497] RBP: 00007fa700910d69 R08: 0000000000000000 R09: 0000000000000000
[  100.684794][ T6497] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  100.684805][ T6497] R13: 0000000000000000 R14: 00007fa700ab5fa0 R15: 00007fff81d4e4f8
[  100.684821][ T6497]  </TASK>
[  100.684832][ T6497] memory: usage 307200kB, limit 307200kB, failcnt 1040
[  100.778134][ T6497] memory+swap: usage 307412kB, limit 9007199254740988kB, failcnt 0
[  101.051814][ T6497] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[  101.059124][ T6497] Memory cgroup stats for /syz1:
[  101.059795][ T6497] cache 0
[  101.067914][ T6497] rss 0
[  101.070699][ T6497] shmem 0
[  101.073708][ T6497] mapped_file 0
[  101.077406][ T6497] dirty 0
[  101.080468][ T6497] writeback 0
[  101.083822][ T6497] workingset_refault_anon 379
[  101.088596][ T6497] workingset_refault_file 1076
[  101.093425][ T6497] swap 217088
[  101.096719][ T6497] swapcached 0
[  101.100359][ T6497] pgpgin 42999
[  101.103809][ T6497] pgpgout 42999
[  101.107443][ T6497] pgfault 54558
[  101.110931][ T6497] pgmajfault 244
[  101.114540][ T6497] inactive_anon 0
[  101.118197][ T6497] active_anon 0
[  101.121729][ T6497] inactive_file 0
[  101.125391][ T6497] active_file 0
[  101.128881][ T6497] unevictable 0
[  101.132395][ T6497] hierarchical_memory_limit 314572800
[  101.137912][ T6497] hierarchical_memsw_limit 9223372036854771712
[  101.144130][ T6497] total_cache 0
[  101.147619][ T6497] total_rss 0
[  101.150202][ T6558] loop4: detected capacity change from 0 to 128
[  101.150907][ T6497] total_shmem 0
[  101.157548][ T6558] vfat: Unknown parameter 'ÿ'
[  101.160669][ T6497] total_mapped_file 0
[  101.160680][ T6497] total_dirty 0
[  101.160689][ T6497] total_writeback 0
[  101.177334][ T6497] total_workingset_refault_anon 379
[  101.182623][ T6497] total_workingset_refault_file 1076
[  101.187939][ T6497] total_swap 217088
[  101.191827][ T6497] total_swapcached 0
[  101.195820][ T6497] total_pgpgin 42999
[  101.199792][ T6497] total_pgpgout 42999
[  101.204003][ T6497] total_pgfault 54558
[  101.208190][ T6497] total_pgmajfault 244
[  101.212291][ T6497] total_inactive_anon 0
[  101.216446][ T6497] total_active_anon 0
[  101.220486][ T6497] total_inactive_file 0
[  101.224805][ T6497] total_active_file 0
[  101.228828][ T6497] total_unevictable 0
[  101.232844][ T6497] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.946,pid=6496,uid=0
[  101.247406][ T6497] Memory cgroup out of memory: Killed process 6496 (syz.1.946) total-vm:93892kB, anon-rss:940kB, file-rss:22440kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  101.287048][ T6562] netlink: 'syz.0.965': attribute type 1 has an invalid length.
[  101.323772][ T6564] loop2: detected capacity change from 0 to 1024
[  101.362841][ T6564] ext4: Unknown parameter 'func'
[  101.369634][ T6566] netlink: 8 bytes leftover after parsing attributes in process `syz.0.967'.
[  101.467308][ T6577] loop4: detected capacity change from 0 to 1024
[  101.487068][ T6577] ext4: Unknown parameter 'func'
[  101.515003][ T6581] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  101.625543][ T6590] netlink: 48 bytes leftover after parsing attributes in process `syz.2.977'.
[  101.697400][ T6598] netlink: 8 bytes leftover after parsing attributes in process `syz.1.980'.
[  101.710733][ T6590] loop2: detected capacity change from 0 to 128
[  101.717833][ T6590] vfat: Unknown parameter 'ÿ'
[  101.835525][ T6609] IPv4: Oversized IP packet from 127.202.26.0
[  101.837277][ T6610] netlink: 'syz.1.985': attribute type 1 has an invalid length.
[  101.892734][ T6615] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  101.899308][ T6615] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  101.907127][ T6615] vhci_hcd vhci_hcd.0: Device attached
[  101.914584][ T6616] vhci_hcd: connection closed
[  101.915909][   T37] vhci_hcd: stop threads
[  101.925280][   T37] vhci_hcd: release socket
[  101.929907][   T37] vhci_hcd: disconnect device
[  101.957598][ T6612] loop2: detected capacity change from 0 to 8192
[  102.004135][ T6612]  loop2: p1 p2 p4 < >
[  102.008569][ T6612] loop2: partition table partially beyond EOD, truncated
[  102.016126][ T6612] loop2: p1 start 16777216 is beyond EOD, truncated
[  102.023003][ T6612] loop2: p2 size 515840 extends beyond EOD, truncated
[  102.033314][ T6612] loop2: p4 start 16777216 is beyond EOD, truncated
[  102.283576][ T6584] syz.0.975 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=0
[  102.297509][ T6584] CPU: 1 UID: 0 PID: 6584 Comm: syz.0.975 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(voluntary) 
[  102.297628][ T6584] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  102.297703][ T6584] Call Trace:
[  102.297711][ T6584]  <TASK>
[  102.297719][ T6584]  __dump_stack+0x1d/0x30
[  102.297739][ T6584]  dump_stack_lvl+0xe8/0x140
[  102.297757][ T6584]  dump_stack+0x15/0x1b
[  102.297775][ T6584]  dump_header+0x81/0x220
[  102.297883][ T6584]  oom_kill_process+0x334/0x3f0
[  102.297919][ T6584]  out_of_memory+0x979/0xb80
[  102.297958][ T6584]  try_charge_memcg+0x5e6/0x9e0
[  102.298007][ T6584]  obj_cgroup_charge_pages+0xa6/0x150
[  102.298035][ T6584]  __memcg_kmem_charge_page+0x9f/0x170
[  102.298066][ T6584]  __alloc_frozen_pages_noprof+0x188/0x360
[  102.298097][ T6584]  alloc_pages_mpol+0xb3/0x250
[  102.298253][ T6584]  alloc_pages_noprof+0x90/0x130
[  102.298278][ T6584]  __vmalloc_node_range_noprof+0x6f2/0xe00
[  102.298314][ T6584]  __kvmalloc_node_noprof+0x30f/0x4e0
[  102.298348][ T6584]  ? ip_set_alloc+0x1f/0x30
[  102.298446][ T6584]  ? ip_set_alloc+0x1f/0x30
[  102.298499][ T6584]  ? __kmalloc_cache_noprof+0x189/0x320
[  102.298531][ T6584]  ip_set_alloc+0x1f/0x30
[  102.298603][ T6584]  hash_netiface_create+0x282/0x740
[  102.298632][ T6584]  ? __pfx_hash_netiface_create+0x10/0x10
[  102.298661][ T6584]  ip_set_create+0x3c9/0x960
[  102.298800][ T6584]  nfnetlink_rcv_msg+0x4c6/0x590
[  102.298823][ T6584]  ? free_netdev+0x401/0x4a0
[  102.298887][ T6584]  ? selinux_capable+0x1f9/0x270
[  102.298915][ T6584]  netlink_rcv_skb+0x120/0x220
[  102.298944][ T6584]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  102.298997][ T6584]  nfnetlink_rcv+0x16b/0x1690
[  102.299031][ T6584]  ? __kfree_skb+0x109/0x150
[  102.299063][ T6584]  ? nlmon_xmit+0x4f/0x60
[  102.299082][ T6584]  ? consume_skb+0x49/0x150
[  102.299160][ T6584]  ? nlmon_xmit+0x4f/0x60
[  102.299179][ T6584]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  102.299212][ T6584]  ? __dev_queue_xmit+0x11c0/0x1fb0
[  102.299228][ T6584]  ? __dev_queue_xmit+0x182/0x1fb0
[  102.299294][ T6584]  ? ref_tracker_free+0x37d/0x3e0
[  102.299319][ T6584]  ? __skb_clone+0x251/0x2d0
[  102.299340][ T6584]  ? __netlink_deliver_tap+0x4dc/0x500
[  102.299438][ T6584]  netlink_unicast+0x5a8/0x680
[  102.299481][ T6584]  netlink_sendmsg+0x58b/0x6b0
[  102.299501][ T6584]  ? __pfx_netlink_sendmsg+0x10/0x10
[  102.299593][ T6584]  __sock_sendmsg+0x145/0x180
[  102.299616][ T6584]  ____sys_sendmsg+0x31e/0x4e0
[  102.299635][ T6584]  ___sys_sendmsg+0x17b/0x1d0
[  102.299663][ T6584]  __x64_sys_sendmsg+0xd4/0x160
[  102.299691][ T6584]  x64_sys_call+0x2999/0x2fb0
[  102.299715][ T6584]  do_syscall_64+0xd2/0x200
[  102.299741][ T6584]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  102.299788][ T6584]  ? clear_bhb_loop+0x40/0x90
[  102.299855][ T6584]  ? clear_bhb_loop+0x40/0x90
[  102.299888][ T6584]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.299914][ T6584] RIP: 0033:0x7f9811a2e9a9
[  102.299965][ T6584] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  102.299982][ T6584] RSP: 002b:00007f981008f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  102.299999][ T6584] RAX: ffffffffffffffda RBX: 00007f9811c55fa0 RCX: 00007f9811a2e9a9
[  102.300010][ T6584] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 000000000000000a
[  102.300055][ T6584] RBP: 00007f9811ab0d69 R08: 0000000000000000 R09: 0000000000000000
[  102.300066][ T6584] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  102.300081][ T6584] R13: 0000000000000000 R14: 00007f9811c55fa0 R15: 00007ffd836a7028
[  102.300105][ T6584]  </TASK>
[  102.300114][ T6584] memory: usage 307200kB, limit 307200kB, failcnt 2110
[  102.438360][ T6624] loop5: detected capacity change from 0 to 1024
[  102.438514][ T6584] memory+swap: usage 307420kB, limit 9007199254740988kB, failcnt 0
[  102.446179][ T6624] ext4: Unknown parameter 'func'
[  102.448311][ T6584] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[  102.448329][ T6584] Memory cgroup stats for /syz0:
[  102.698300][ T6584] cache 0
[  102.706395][ T6584] rss 0
[  102.709285][ T6584] shmem 0
[  102.712281][ T6584] mapped_file 0
[  102.715764][ T6584] dirty 0
[  102.718738][ T6584] writeback 0
[  102.722125][ T6584] workingset_refault_anon 668
[  102.726849][ T6584] workingset_refault_file 1437
[  102.731688][ T6584] swap 225280
[  102.735033][ T6584] swapcached 0
[  102.738501][ T6584] pgpgin 37873
[  102.741985][ T6584] pgpgout 37873
[  102.745479][ T6584] pgfault 48179
[  102.749007][ T6584] pgmajfault 420
[  102.752586][ T6584] inactive_anon 0
[  102.756255][ T6584] active_anon 0
[  102.759808][ T6584] inactive_file 0
[  102.763486][ T6584] active_file 0
[  102.766959][ T6584] unevictable 0
[  102.770464][ T6584] hierarchical_memory_limit 314572800
[  102.775863][ T6584] hierarchical_memsw_limit 9223372036854771712
[  102.782059][ T6584] total_cache 0
[  102.785609][ T6584] total_rss 0
[  102.788905][ T6584] total_shmem 0
[  102.792390][ T6584] total_mapped_file 0
[  102.796401][ T6584] total_dirty 0
[  102.799965][ T6584] total_writeback 0
[  102.804154][ T6584] total_workingset_refault_anon 668
[  102.809449][ T6584] total_workingset_refault_file 1437
[  102.814957][ T6584] total_swap 225280
[  102.818842][ T6584] total_swapcached 0
[  102.823146][ T6584] total_pgpgin 37873
[  102.827037][ T6584] total_pgpgout 37873
[  102.831133][ T6584] total_pgfault 48179
[  102.835117][ T6584] total_pgmajfault 420
[  102.839181][ T6584] total_inactive_anon 0
[  102.843356][ T6584] total_active_anon 0
[  102.847466][ T6584] total_inactive_file 0
[  102.851634][ T6584] total_active_file 0
[  102.855629][ T6584] total_unevictable 0
[  102.859653][ T6584] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.975,pid=6583,uid=0
[  102.874282][ T6584] Memory cgroup out of memory: Killed process 6583 (syz.0.975) total-vm:93892kB, anon-rss:1068kB, file-rss:22316kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:0
[  102.897269][   T29] kauditd_printk_skb: 541 callbacks suppressed
[  102.897286][   T29] audit: type=1326 audit(1753412534.580:5036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6632 comm="syz.2.992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c83cde9a9 code=0x7ffc0000
[  102.923547][ T6633] netlink: 8 bytes leftover after parsing attributes in process `syz.2.992'.
[  102.946393][ T6636] loop1: detected capacity change from 0 to 1024
[  102.952976][   T29] audit: type=1326 audit(1753412534.580:5037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6632 comm="syz.2.992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c83cde9a9 code=0x7ffc0000
[  102.976560][   T29] audit: type=1326 audit(1753412534.580:5038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6632 comm="syz.2.992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5c83cde9a9 code=0x7ffc0000
[  103.000015][   T29] audit: type=1326 audit(1753412534.580:5039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6632 comm="syz.2.992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c83cde9a9 code=0x7ffc0000
[  103.023469][   T29] audit: type=1326 audit(1753412534.580:5040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6632 comm="syz.2.992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5c83cde9a9 code=0x7ffc0000
[  103.046852][   T29] audit: type=1326 audit(1753412534.580:5041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6632 comm="syz.2.992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c83cde9a9 code=0x7ffc0000
[  103.070427][   T29] audit: type=1326 audit(1753412534.580:5042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6632 comm="syz.2.992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5c83cdd310 code=0x7ffc0000
[  103.083127][ T6636] ext4: Unknown parameter 'func'
[  103.093942][   T29] audit: type=1326 audit(1753412534.580:5043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6632 comm="syz.2.992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f5c83ce01d7 code=0x7ffc0000
[  103.122271][   T29] audit: type=1326 audit(1753412534.580:5044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6632 comm="syz.2.992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5c83cde9a9 code=0x7ffc0000
[  103.145678][   T29] audit: type=1326 audit(1753412534.580:5045): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6632 comm="syz.2.992" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f5c83ce01d7 code=0x7ffc0000
[  103.212109][ T6644] loop2: detected capacity change from 0 to 512
[  103.218768][ T6644] EXT4-fs: Ignoring removed orlov option
[  103.228906][ T6644] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  103.239118][ T6644] EXT4-fs (loop2): orphan cleanup on readonly fs
[  103.247754][ T6644] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.997: bg 0: block 248: padding at end of block bitmap is not set
[  103.301021][ T6650] IPv4: Oversized IP packet from 127.202.26.0
[  103.317522][ T6647] loop5: detected capacity change from 0 to 8192
[  103.324409][ T6644] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.997: Failed to acquire dquot type 1
[  103.336508][ T6644] EXT4-fs (loop2): 1 truncate cleaned up
[  103.343267][ T6644] EXT4-fs mount: 20 callbacks suppressed
[  103.343297][ T6644] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  103.362943][ T6644] EXT4-fs: Ignoring removed orlov option
[  103.368746][ T6644] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  103.377333][ T6647]  loop5: p1 p2 p4
[  103.377374][ T6647] loop5: p1 size 65536 extends beyond EOD, truncated
[  103.386433][ T6656] loop4: detected capacity change from 0 to 512
[  103.398960][ T6647] loop5: p2 start 861536256 is beyond EOD, truncated
[  103.405776][ T6647] loop5: p4 size 65536 extends beyond EOD, truncated
[  103.412905][ T6644] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[  103.424150][ T6656] EXT4-fs: Ignoring removed mblk_io_submit option
[  103.439098][ T6656] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  103.450302][ T6644] EXT4-fs error (device loop2): __ext4_remount:6736: comm syz.2.997: Abort forced by user
[  103.462983][ T6644] EXT4-fs (loop2): Remounting filesystem read-only
[  103.463137][ T6660] loop8: detected capacity change from 0 to 16384
[  103.469582][ T6644] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  103.477068][ T6656] EXT4-fs (loop4): 1 truncate cleaned up
[  103.484822][ T6644] ext4 filesystem being remounted at /204/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  103.504779][ T6656] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  103.534152][ T6667] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1006'.
[  103.592181][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.605459][ T6670] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  103.650617][ T6674] netlink: 'syz.2.1009': attribute type 1 has an invalid length.
[  103.745016][ T6682] IPv4: Oversized IP packet from 127.202.26.0
[  103.855094][ T6689] loop1: detected capacity change from 0 to 1024
[  103.862747][ T6689] ext4: Unknown parameter 'func'
[  104.131383][ T6701] loop5: detected capacity change from 0 to 512
[  104.138419][ T6701] EXT4-fs: Ignoring removed orlov option
[  104.146906][ T6701] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  104.166341][ T6699] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1017'.
[  104.176196][ T6701] EXT4-fs (loop5): orphan cleanup on readonly fs
[  104.200797][ T6701] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.1018: bg 0: block 248: padding at end of block bitmap is not set
[  104.254723][ T6704] SELinux: failed to load policy
[  104.260070][ T6701] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.1018: Failed to acquire dquot type 1
[  104.286357][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.305528][ T6701] EXT4-fs (loop5): 1 truncate cleaned up
[  104.337240][ T6677] syz.2.1010 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  104.348341][ T6677] CPU: 1 UID: 0 PID: 6677 Comm: syz.2.1010 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(voluntary) 
[  104.348377][ T6677] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  104.348468][ T6677] Call Trace:
[  104.348476][ T6677]  <TASK>
[  104.348485][ T6677]  __dump_stack+0x1d/0x30
[  104.348517][ T6677]  dump_stack_lvl+0xe8/0x140
[  104.348537][ T6677]  dump_stack+0x15/0x1b
[  104.348553][ T6677]  dump_header+0x81/0x220
[  104.348714][ T6677]  oom_kill_process+0x334/0x3f0
[  104.348745][ T6677]  out_of_memory+0x979/0xb80
[  104.348829][ T6677]  try_charge_memcg+0x5e6/0x9e0
[  104.348872][ T6677]  charge_memcg+0x51/0xc0
[  104.348903][ T6677]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  104.348974][ T6677]  __read_swap_cache_async+0x1df/0x350
[  104.349008][ T6677]  swap_cluster_readahead+0x277/0x3e0
[  104.349136][ T6677]  swapin_readahead+0xde/0x6f0
[  104.349197][ T6677]  ? __filemap_get_folio+0x4f7/0x6b0
[  104.349261][ T6677]  ? swap_cache_get_folio+0x77/0x200
[  104.349292][ T6677]  do_swap_page+0x301/0x2430
[  104.349311][ T6677]  ? css_rstat_updated+0xcd/0x5b0
[  104.349419][ T6677]  ? __pfx_default_wake_function+0x10/0x10
[  104.349445][ T6677]  handle_mm_fault+0x9a5/0x2be0
[  104.349490][ T6677]  ? mas_walk+0xf2/0x120
[  104.349529][ T6677]  do_user_addr_fault+0x636/0x1090
[  104.349617][ T6677]  ? fpregs_restore_userregs+0xe2/0x1d0
[  104.349702][ T6677]  ? switch_fpu_return+0xe/0x20
[  104.349730][ T6677]  ? fpregs_assert_state_consistent+0xb4/0xe0
[  104.349830][ T6677]  exc_page_fault+0x62/0xa0
[  104.349861][ T6677]  asm_exc_page_fault+0x26/0x30
[  104.349881][ T6677] RIP: 0033:0x7f5c83bb53fc
[  104.349931][ T6677] Code: 66 0f 1f 44 00 00 69 3d b6 02 e8 00 e8 03 00 00 48 8d 1d b7 0b 35 00 e8 12 95 12 00 eb 0c 48 81 c3 e0 00 00 00 48 39 eb 74 24 <80> 7b 20 00 74 ee 8b 43 0c 85 c0 74 e7 48 89 df 48 81 c3 e0 00 00
[  104.349949][ T6677] RSP: 002b:00007ffce457c530 EFLAGS: 00010206
[  104.349964][ T6677] RAX: 0000000000000000 RBX: 00007f5c83f05fa0 RCX: 0000000000000000
[  104.349977][ T6677] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000555571990808
[  104.350059][ T6677] RBP: 00007f5c83f07ba0 R08: 0000000000000000 R09: 7fffffffffffffff
[  104.350072][ T6677] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000019848
[  104.350084][ T6677] R13: 00007f5c83f06160 R14: ffffffffffffffff R15: 00007ffce457c640
[  104.350103][ T6677]  </TASK>
[  104.350143][ T6677] memory: usage 307200kB, limit 307200kB, failcnt 1168
[  104.363171][ T6701] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  104.372901][ T6677] memory+swap: usage 307392kB, limit 9007199254740988kB, failcnt 0
[  104.386611][ T6701] EXT4-fs: Ignoring removed orlov option
[  104.388083][ T6677] kmem: usage 307176kB, limit 9007199254740988kB, failcnt 0
[  104.401564][ T6701] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  104.406109][ T6677] Memory cgroup stats for /syz2:
[  104.408369][ T6677] cache 0
[  104.429773][ T6706] random: crng reseeded on system resumption
[  104.432412][ T6677] rss 4096
[  104.432421][ T6677] shmem 0
[  104.432506][ T6677] mapped_file 0
[  104.650424][ T6677] dirty 0
[  104.653475][ T6677] writeback 12288
[  104.657307][ T6677] workingset_refault_anon 368
[  104.662057][ T6677] workingset_refault_file 407
[  104.666776][ T6677] swap 196608
[  104.670162][ T6677] swapcached 24576
[  104.673972][ T6677] pgpgin 71086
[  104.677403][ T6677] pgpgout 71080
[  104.680924][ T6677] pgfault 56486
[  104.684456][ T6677] pgmajfault 264
[  104.688031][ T6677] inactive_anon 12288
[  104.692140][ T6677] active_anon 12288
[  104.695976][ T6677] inactive_file 0
[  104.699701][ T6677] active_file 0
[  104.703059][ T6712] loop1: detected capacity change from 0 to 8192
[  104.703283][ T6677] unevictable 0
[  104.713143][ T6677] hierarchical_memory_limit 314572800
[  104.718522][ T6677] hierarchical_memsw_limit 9223372036854771712
[  104.724907][ T6677] total_cache 0
[  104.728401][ T6677] total_rss 4096
[  104.732123][ T6677] total_shmem 0
[  104.735593][ T6677] total_mapped_file 0
[  104.739569][ T6677] total_dirty 0
[  104.743050][ T6677] total_writeback 12288
[  104.747197][ T6677] total_workingset_refault_anon 368
[  104.752437][ T6677] total_workingset_refault_file 407
[  104.757631][ T6677] total_swap 196608
[  104.761474][ T6677] total_swapcached 24576
[  104.765744][ T6677] total_pgpgin 71086
[  104.769647][ T6677] total_pgpgout 71080
[  104.773686][ T6677] total_pgfault 56486
[  104.777675][ T6677] total_pgmajfault 264
[  104.781935][ T6677] total_inactive_anon 12288
[  104.786486][ T6677] total_active_anon 12288
[  104.790820][ T6677] total_inactive_file 0
[  104.794999][ T6677] total_active_file 0
[  104.799004][ T6677] total_unevictable 0
[  104.803036][ T6677] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.1010,pid=6677,uid=0
[  104.817782][ T6677] Memory cgroup out of memory: Killed process 6677 (syz.2.1010) total-vm:93892kB, anon-rss:944kB, file-rss:22440kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  104.834985][ T6701] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[  104.951341][ T6701] EXT4-fs error (device loop5): __ext4_remount:6736: comm syz.5.1018: Abort forced by user
[  104.962016][ T6712]  loop1: p1 p2 p4 < >
[  104.966132][ T6712] loop1: partition table partially beyond EOD, truncated
[  104.966293][ T6701] EXT4-fs (loop5): Remounting filesystem read-only
[  104.979836][ T6701] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  104.981031][ T6712] loop1: p1 start 16777216 is beyond EOD, truncated
[  104.995095][ T6712] loop1: p2 size 515840 extends beyond EOD, truncated
[  105.005294][ T6701] ext4 filesystem being remounted at /156/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  105.027472][ T6712] loop1: p4 start 16777216 is beyond EOD, truncated
[  105.053969][ T3906] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.125057][ T6722] loop1: detected capacity change from 0 to 256
[  105.148531][ T6724] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  105.153522][ T6722] FAT-fs (loop1): codepage cp861 not found
[  105.185487][ T6678] syz.2.1010 (6678) used greatest stack depth: 6904 bytes left
[  105.350321][ T6733] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1030'.
[  105.378066][ T6735] IPv4: Oversized IP packet from 127.202.26.0
[  105.397326][ T6736] FAULT_INJECTION: forcing a failure.
[  105.397326][ T6736] name failslab, interval 1, probability 0, space 0, times 0
[  105.410015][ T6736] CPU: 1 UID: 0 PID: 6736 Comm: syz.1.1026 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(voluntary) 
[  105.410042][ T6736] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  105.410055][ T6736] Call Trace:
[  105.410061][ T6736]  <TASK>
[  105.410069][ T6736]  __dump_stack+0x1d/0x30
[  105.410089][ T6736]  dump_stack_lvl+0xe8/0x140
[  105.410200][ T6736]  dump_stack+0x15/0x1b
[  105.410268][ T6736]  should_fail_ex+0x265/0x280
[  105.410299][ T6736]  should_failslab+0x8c/0xb0
[  105.410322][ T6736]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  105.410349][ T6736]  ? __d_alloc+0x3d/0x350
[  105.410379][ T6736]  __d_alloc+0x3d/0x350
[  105.410460][ T6736]  d_alloc+0x2e/0x100
[  105.410480][ T6736]  lookup_one_qstr_excl_raw+0x95/0x1b0
[  105.410512][ T6736]  filename_create+0x14a/0x290
[  105.410623][ T6736]  do_mknodat+0xe7/0x610
[  105.410650][ T6736]  __x64_sys_mknod+0x51/0x60
[  105.410734][ T6736]  x64_sys_call+0x181c/0x2fb0
[  105.410755][ T6736]  do_syscall_64+0xd2/0x200
[  105.410834][ T6736]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  105.410866][ T6736]  ? clear_bhb_loop+0x40/0x90
[  105.410918][ T6736]  ? clear_bhb_loop+0x40/0x90
[  105.410999][ T6736]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.411027][ T6736] RIP: 0033:0x7fa70088e9a9
[  105.411047][ T6736] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  105.411070][ T6736] RSP: 002b:00007fa6feeb5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000085
[  105.411094][ T6736] RAX: ffffffffffffffda RBX: 00007fa700ab6160 RCX: 00007fa70088e9a9
[  105.411133][ T6736] RDX: 0000000000000703 RSI: 0000000000000000 RDI: 0000200000000000
[  105.411145][ T6736] RBP: 00007fa6feeb5090 R08: 0000000000000000 R09: 0000000000000000
[  105.411157][ T6736] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  105.411171][ T6736] R13: 0000000000000000 R14: 00007fa700ab6160 R15: 00007fff81d4e4f8
[  105.411194][ T6736]  </TASK>
[  105.865844][ T6750] sg_write: data in/out 2012/14 bytes for SCSI command 0x0-- guessing data in;
[  105.865844][ T6750]    program syz.4.1036 not setting count and/or reply_len properly
[  105.884225][ T6747] loop2: detected capacity change from 0 to 8192
[  105.941944][ T6747]  loop2: p1 p2 p4 < >
[  105.946090][ T6747] loop2: partition table partially beyond EOD, truncated
[  105.953474][ T6747] loop2: p1 start 16777216 is beyond EOD, truncated
[  105.960121][ T6747] loop2: p2 size 515840 extends beyond EOD, truncated
[  106.065156][ T6747] loop2: p4 start 16777216 is beyond EOD, truncated
[  106.535116][ T6772] loop2: detected capacity change from 0 to 1024
[  106.547057][ T6772] ext4: Unknown parameter 'func'
[  106.568671][ T6774] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1044'.
[  106.619476][ T6776] loop1: detected capacity change from 0 to 1024
[  106.626393][ T6776] ext4: Unknown parameter 'func'
[  106.735806][ T6751] syz.0.1037 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  106.746678][ T6751] CPU: 1 UID: 0 PID: 6751 Comm: syz.0.1037 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(voluntary) 
[  106.746773][ T6751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  106.746785][ T6751] Call Trace:
[  106.746791][ T6751]  <TASK>
[  106.746798][ T6751]  __dump_stack+0x1d/0x30
[  106.746875][ T6751]  dump_stack_lvl+0xe8/0x140
[  106.746893][ T6751]  dump_stack+0x15/0x1b
[  106.746907][ T6751]  dump_header+0x81/0x220
[  106.746935][ T6751]  oom_kill_process+0x334/0x3f0
[  106.747034][ T6751]  out_of_memory+0x979/0xb80
[  106.747061][ T6751]  try_charge_memcg+0x5e6/0x9e0
[  106.747098][ T6751]  charge_memcg+0x51/0xc0
[  106.747124][ T6751]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  106.747221][ T6751]  __read_swap_cache_async+0x1df/0x350
[  106.747281][ T6751]  swap_cluster_readahead+0x277/0x3e0
[  106.747312][ T6751]  swapin_readahead+0xde/0x6f0
[  106.747339][ T6751]  ? __filemap_get_folio+0x4f7/0x6b0
[  106.747408][ T6751]  ? next_uptodate_folio+0x81c/0x890
[  106.747439][ T6751]  ? swap_cache_get_folio+0x77/0x200
[  106.747465][ T6751]  do_swap_page+0x301/0x2430
[  106.747483][ T6751]  ? css_rstat_updated+0xcd/0x5b0
[  106.747530][ T6751]  ? __pfx_default_wake_function+0x10/0x10
[  106.747562][ T6751]  handle_mm_fault+0x9a5/0x2be0
[  106.747589][ T6751]  ? mas_walk+0xf2/0x120
[  106.747654][ T6751]  do_user_addr_fault+0x636/0x1090
[  106.747741][ T6751]  ? fpregs_assert_state_consistent+0xb4/0xe0
[  106.747775][ T6751]  exc_page_fault+0x62/0xa0
[  106.747803][ T6751]  asm_exc_page_fault+0x26/0x30
[  106.747858][ T6751] RIP: 0033:0x7f9811908556
[  106.747874][ T6751] Code: 00 00 00 0f 84 f3 00 00 00 4c 8b 7b 30 4d 85 ff 0f 84 e8 01 00 00 4d 39 f7 0f 83 dd 00 00 00 41 0f b7 c3 4c 8b 43 20 4d 89 fa <48> 89 44 24 18 41 8b 02 4c 89 c7 48 29 c7 49 89 c5 4c 01 ff 66 44
[  106.747897][ T6751] RSP: 002b:00007ffd836a70c0 EFLAGS: 00010283
[  106.747916][ T6751] RAX: 000000000000000a RBX: 00007f9812785720 RCX: 0000000000001d46
[  106.747932][ T6751] RDX: 0000001b3251e2c2 RSI: 0000001b32120238 RDI: 0000000000001d3c
[  106.747947][ T6751] RBP: 0000001b3251e2ba R08: 00000000003ffde8 R09: 0000000000001d2c
[  106.747963][ T6751] R10: 0000001b32120218 R11: 000000000000000a R12: 0000000000001d3c
[  106.748021][ T6751] R13: 0000000000001d2c R14: 0000001b32120220 R15: 0000001b32120218
[  106.748044][ T6751]  </TASK>
[  106.748052][ T6751] memory: usage 307200kB, limit 307200kB, failcnt 2475
[  106.976559][ T6751] memory+swap: usage 307420kB, limit 9007199254740988kB, failcnt 0
[  106.984528][ T6751] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[  106.991928][ T6751] Memory cgroup stats for /syz0:
[  106.992346][ T6751] cache 0
[  107.000342][ T6751] rss 0
[  107.003190][ T6751] shmem 0
[  107.006216][ T6751] mapped_file 0
[  107.009679][ T6751] dirty 0
[  107.012707][ T6751] writeback 0
[  107.016010][ T6751] workingset_refault_anon 731
[  107.020758][ T6751] workingset_refault_file 1567
[  107.025575][ T6751] swap 225280
[  107.028910][ T6751] swapcached 0
[  107.032335][ T6751] pgpgin 38725
[  107.035734][ T6751] pgpgout 38725
[  107.039261][ T6751] pgfault 49243
[  107.042832][ T6751] pgmajfault 463
[  107.046392][ T6751] inactive_anon 0
[  107.050066][ T6751] active_anon 0
[  107.053561][ T6751] inactive_file 0
[  107.057303][ T6751] active_file 0
[  107.060769][ T6751] unevictable 0
[  107.064255][ T6751] hierarchical_memory_limit 314572800
[  107.070148][ T6751] hierarchical_memsw_limit 9223372036854771712
[  107.076397][ T6751] total_cache 0
[  107.079881][ T6751] total_rss 0
[  107.083205][ T6751] total_shmem 0
[  107.086668][ T6751] total_mapped_file 0
[  107.090858][ T6751] total_dirty 0
[  107.094395][ T6751] total_writeback 0
[  107.098205][ T6751] total_workingset_refault_anon 731
[  107.103469][ T6751] total_workingset_refault_file 1567
[  107.108758][ T6751] total_swap 225280
[  107.112581][ T6751] total_swapcached 0
[  107.116479][ T6751] total_pgpgin 38725
[  107.120472][ T6751] total_pgpgout 38725
[  107.124497][ T6751] total_pgfault 49243
[  107.128489][ T6751] total_pgmajfault 463
[  107.132582][ T6751] total_inactive_anon 0
[  107.136735][ T6751] total_active_anon 0
[  107.140717][ T6751] total_inactive_file 0
[  107.144931][ T6751] total_active_file 0
[  107.148913][ T6751] total_unevictable 0
[  107.152911][ T6751] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.1037,pid=6751,uid=0
[  107.167602][ T6751] Memory cgroup out of memory: Killed process 6751 (syz.0.1037) total-vm:93892kB, anon-rss:940kB, file-rss:22316kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:0
[  107.312218][ T6788] netlink: 'syz.1.1048': attribute type 1 has an invalid length.
[  107.388198][ T6790] random: crng reseeded on system resumption
[  107.439984][ T6794] netlink: 'syz.4.1051': attribute type 1 has an invalid length.
[  107.624477][ T6804] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1055'.
[  107.640036][ T6810] veth0_vlan: entered allmulticast mode
[  107.710020][ T6810] veth0_vlan: left promiscuous mode
[  107.721355][   T23] IPVS: starting estimator thread 0...
[  107.749918][ T6810] veth0_vlan: entered promiscuous mode
[  107.811245][ T6812] IPVS: using max 1728 ests per chain, 86400 per kthread
[  107.882422][ T6819] netlink: 'syz.4.1059': attribute type 1 has an invalid length.
[  107.962758][ T6827] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  107.976000][   T29] kauditd_printk_skb: 503 callbacks suppressed
[  107.976017][   T29] audit: type=1326 audit(1753412539.660:5545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6826 comm="syz.0.1062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9811a2e9a9 code=0x7ffc0000
[  108.006164][   T29] audit: type=1326 audit(1753412539.660:5546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6826 comm="syz.0.1062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9811a2e9a9 code=0x7ffc0000
[  108.029746][   T29] audit: type=1326 audit(1753412539.660:5547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6826 comm="syz.0.1062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9811a2e9a9 code=0x7ffc0000
[  108.053325][   T29] audit: type=1326 audit(1753412539.660:5548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6826 comm="syz.0.1062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9811a2e9a9 code=0x7ffc0000
[  108.076789][   T29] audit: type=1326 audit(1753412539.660:5549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6826 comm="syz.0.1062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9811a2e9a9 code=0x7ffc0000
[  108.100439][   T29] audit: type=1326 audit(1753412539.660:5550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6826 comm="syz.0.1062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9811a2e9a9 code=0x7ffc0000
[  108.123967][   T29] audit: type=1326 audit(1753412539.660:5551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6826 comm="syz.0.1062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9811a2e9a9 code=0x7ffc0000
[  108.147983][   T29] audit: type=1326 audit(1753412539.660:5552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6826 comm="syz.0.1062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9811a2e9a9 code=0x7ffc0000
[  108.171387][   T29] audit: type=1326 audit(1753412539.660:5553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6826 comm="syz.0.1062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9811a2e9a9 code=0x7ffc0000
[  108.195010][   T29] audit: type=1326 audit(1753412539.660:5554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6826 comm="syz.0.1062" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9811a2e9a9 code=0x7ffc0000
[  108.279904][ T6832] random: crng reseeded on system resumption
[  108.407468][ T6844] IPv4: Oversized IP packet from 127.202.26.0
[  108.527775][ T6850] netlink: 48 bytes leftover after parsing attributes in process `syz.5.1072'.
[  108.707810][ T6854] loop5: detected capacity change from 0 to 128
[  108.730058][ T6854] vfat: Unknown parameter 'ÿ'
[  109.156964][ T6860] netlink: 'syz.4.1074': attribute type 1 has an invalid length.
[  109.255176][ T6862] loop5: detected capacity change from 0 to 2048
[  109.267342][ T6866] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  109.341656][ T6863] bond1: entered promiscuous mode
[  109.346780][ T6863] bond1: entered allmulticast mode
[  109.352325][ T6863] 8021q: adding VLAN 0 to HW filter on device bond1
[  109.356067][ T6862] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  109.392652][ T6863] bond1 (unregistering): Released all slaves
[  109.401732][ T6876] random: crng reseeded on system resumption
[  109.447613][ T6862] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[  109.465539][ T6862] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 159 with max blocks 1 with error 28
[  109.478140][ T6862] EXT4-fs (loop5): This should not happen!! Data will be lost
[  109.478140][ T6862] 
[  109.483401][ T6881] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1080'.
[  109.487969][ T6862] EXT4-fs (loop5): Total free blocks count 0
[  109.502990][ T6862] EXT4-fs (loop5): Free/Dirty block details
[  109.509181][ T6862] EXT4-fs (loop5): free_blocks=66060288
[  109.509797][ T6882] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  109.514812][ T6862] EXT4-fs (loop5): dirty_blocks=32
[  109.514833][ T6862] EXT4-fs (loop5): Block reservation details
[  109.514847][ T6862] EXT4-fs (loop5): i_reserved_data_blocks=2
[  109.576105][ T6881] loop2: detected capacity change from 0 to 128
[  109.582800][ T6881] vfat: Unknown parameter 'ÿ'
[  109.669954][ T6887] IPv4: Oversized IP packet from 127.202.26.0
[  109.719351][ T6889] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1084'.
[  109.750310][ T6893] netlink: 'syz.5.1085': attribute type 10 has an invalid length.
[  109.764401][ T6893] team0: Device hsr_slave_0 failed to register rx_handler
[  109.809309][ T6893] loop5: detected capacity change from 0 to 2048
[  109.902388][ T6893]  loop5: p1 < > p2 < > p3 p4 < >
[  109.907510][ T6893] loop5: partition table partially beyond EOD, truncated
[  109.915033][ T6893] loop5: p1 start 2305 is beyond EOD, truncated
[  109.921419][ T6893] loop5: p2 start 4294902784 is beyond EOD, truncated
[  109.928264][ T6893] loop5: p3 start 3724543488 is beyond EOD, truncated
[  110.216625][ T6907] loop5: detected capacity change from 0 to 1024
[  110.289848][ T6907] EXT4-fs: Ignoring removed orlov option
[  110.295678][ T6907] EXT4-fs: Ignoring removed nomblk_io_submit option
[  110.401037][ T6911] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1092'.
[  110.425183][ T6907] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  110.487637][ T3906] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.505645][ T6916] netlink: 196 bytes leftover after parsing attributes in process `syz.1.1094'.
[  110.549917][ T6924] IPv4: Oversized IP packet from 127.202.26.0
[  110.557664][ T6925] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1097'.
[  110.616014][ T6927] loop1: detected capacity change from 0 to 1024
[  110.684983][ T6927] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  110.695222][ T6933] IPv4: Oversized IP packet from 127.202.26.0
[  110.727733][ T6936] netlink: 'syz.0.1101': attribute type 1 has an invalid length.
[  110.810171][ T6943] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  110.855645][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.865121][ T6945] sch_tbf: peakrate 512 is lower than or equals to rate 3221225473 !
[  110.882370][ T6947] loop2: detected capacity change from 0 to 1024
[  110.897831][ T6947] ext4: Unknown parameter 'func'
[  110.916560][ T6949] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1105'.
[  110.937895][ T6953] FAULT_INJECTION: forcing a failure.
[  110.937895][ T6953] name failslab, interval 1, probability 0, space 0, times 0
[  110.950911][ T6953] CPU: 1 UID: 0 PID: 6953 Comm: syz.4.1108 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(voluntary) 
[  110.950951][ T6953] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  110.950964][ T6953] Call Trace:
[  110.950972][ T6953]  <TASK>
[  110.950981][ T6953]  __dump_stack+0x1d/0x30
[  110.951007][ T6953]  dump_stack_lvl+0xe8/0x140
[  110.951051][ T6953]  dump_stack+0x15/0x1b
[  110.951071][ T6953]  should_fail_ex+0x265/0x280
[  110.951126][ T6953]  should_failslab+0x8c/0xb0
[  110.951152][ T6953]  kmem_cache_alloc_node_noprof+0x57/0x320
[  110.951310][ T6953]  ? alloc_vmap_area+0x231/0xe50
[  110.951372][ T6953]  alloc_vmap_area+0x231/0xe50
[  110.951467][ T6953]  ? should_failslab+0x8c/0xb0
[  110.951572][ T6953]  ? __kmalloc_cache_node_noprof+0x18a/0x320
[  110.951627][ T6953]  __get_vm_area_node+0x173/0x1d0
[  110.951694][ T6953]  __vmalloc_node_range_noprof+0x273/0xe00
[  110.951724][ T6953]  ? bpf_prog_alloc_no_stats+0x47/0x390
[  110.951824][ T6953]  ? mntput_no_expire+0x6f/0x3c0
[  110.951851][ T6953]  ? __rcu_read_unlock+0x4f/0x70
[  110.951878][ T6953]  ? selinux_capable+0x1f9/0x270
[  110.951914][ T6953]  ? bpf_prog_alloc_no_stats+0x47/0x390
[  110.951950][ T6953]  __vmalloc_noprof+0x83/0xc0
[  110.952017][ T6953]  ? bpf_prog_alloc_no_stats+0x47/0x390
[  110.952115][ T6953]  bpf_prog_alloc_no_stats+0x47/0x390
[  110.952150][ T6953]  ? bpf_prog_alloc+0x2a/0x150
[  110.952186][ T6953]  bpf_prog_alloc+0x3c/0x150
[  110.952216][ T6953]  bpf_prog_load+0x514/0x1070
[  110.952305][ T6953]  ? security_bpf+0x2b/0x90
[  110.952328][ T6953]  __sys_bpf+0x51d/0x790
[  110.952370][ T6953]  __x64_sys_bpf+0x41/0x50
[  110.952531][ T6953]  x64_sys_call+0x2478/0x2fb0
[  110.952557][ T6953]  do_syscall_64+0xd2/0x200
[  110.952579][ T6953]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  110.952610][ T6953]  ? clear_bhb_loop+0x40/0x90
[  110.952634][ T6953]  ? clear_bhb_loop+0x40/0x90
[  110.952731][ T6953]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.952753][ T6953] RIP: 0033:0x7f9539c5e9a9
[  110.952769][ T6953] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  110.952856][ T6953] RSP: 002b:00007f95382c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  110.952875][ T6953] RAX: ffffffffffffffda RBX: 00007f9539e85fa0 RCX: 00007f9539c5e9a9
[  110.952889][ T6953] RDX: 0000000000000094 RSI: 0000200000000440 RDI: 0000000000000005
[  110.952902][ T6953] RBP: 00007f95382c7090 R08: 0000000000000000 R09: 0000000000000000
[  110.952981][ T6953] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  110.952996][ T6953] R13: 0000000000000001 R14: 00007f9539e85fa0 R15: 00007fff7e62bba8
[  110.953019][ T6953]  </TASK>
[  111.217066][ T6953] syz.4.1108: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0
[  111.233301][ T6953] CPU: 1 UID: 0 PID: 6953 Comm: syz.4.1108 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(voluntary) 
[  111.233336][ T6953] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  111.233350][ T6953] Call Trace:
[  111.233356][ T6953]  <TASK>
[  111.233363][ T6953]  __dump_stack+0x1d/0x30
[  111.233384][ T6953]  dump_stack_lvl+0xe8/0x140
[  111.233402][ T6953]  dump_stack+0x15/0x1b
[  111.233422][ T6953]  warn_alloc+0x12b/0x1a0
[  111.233490][ T6953]  __vmalloc_node_range_noprof+0x297/0xe00
[  111.233524][ T6953]  ? mntput_no_expire+0x6f/0x3c0
[  111.233555][ T6953]  ? __rcu_read_unlock+0x4f/0x70
[  111.233656][ T6953]  ? selinux_capable+0x1f9/0x270
[  111.233686][ T6953]  ? bpf_prog_alloc_no_stats+0x47/0x390
[  111.233722][ T6953]  __vmalloc_noprof+0x83/0xc0
[  111.233823][ T6953]  ? bpf_prog_alloc_no_stats+0x47/0x390
[  111.233894][ T6953]  bpf_prog_alloc_no_stats+0x47/0x390
[  111.233925][ T6953]  ? bpf_prog_alloc+0x2a/0x150
[  111.233964][ T6953]  bpf_prog_alloc+0x3c/0x150
[  111.233995][ T6953]  bpf_prog_load+0x514/0x1070
[  111.234072][ T6953]  ? security_bpf+0x2b/0x90
[  111.234093][ T6953]  __sys_bpf+0x51d/0x790
[  111.234180][ T6953]  __x64_sys_bpf+0x41/0x50
[  111.234211][ T6953]  x64_sys_call+0x2478/0x2fb0
[  111.234235][ T6953]  do_syscall_64+0xd2/0x200
[  111.234253][ T6953]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  111.234278][ T6953]  ? clear_bhb_loop+0x40/0x90
[  111.234346][ T6953]  ? clear_bhb_loop+0x40/0x90
[  111.234444][ T6953]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.234469][ T6953] RIP: 0033:0x7f9539c5e9a9
[  111.234484][ T6953] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  111.234537][ T6953] RSP: 002b:00007f95382c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  111.234559][ T6953] RAX: ffffffffffffffda RBX: 00007f9539e85fa0 RCX: 00007f9539c5e9a9
[  111.234575][ T6953] RDX: 0000000000000094 RSI: 0000200000000440 RDI: 0000000000000005
[  111.234643][ T6953] RBP: 00007f95382c7090 R08: 0000000000000000 R09: 0000000000000000
[  111.234657][ T6953] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  111.234672][ T6953] R13: 0000000000000001 R14: 00007f9539e85fa0 R15: 00007fff7e62bba8
[  111.234696][ T6953]  </TASK>
[  111.234704][ T6953] Mem-Info:
[  111.463295][ T6953] active_anon:6397 inactive_anon:53 isolated_anon:0
[  111.463295][ T6953]  active_file:6130 inactive_file:2393 isolated_file:0
[  111.463295][ T6953]  unevictable:0 dirty:26 writeback:29
[  111.463295][ T6953]  slab_reclaimable:3080 slab_unreclaimable:14796
[  111.463295][ T6953]  mapped:30070 shmem:2305 pagetables:1152
[  111.463295][ T6953]  sec_pagetables:0 bounce:0
[  111.463295][ T6953]  kernel_misc_reclaimable:0
[  111.463295][ T6953]  free:1772195 free_pcp:62362 free_cma:0
[  111.508671][ T6953] Node 0 active_anon:25588kB inactive_anon:212kB active_file:24520kB inactive_file:9572kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:120280kB dirty:104kB writeback:0kB shmem:9220kB writeback_tmp:0kB kernel_stack:3440kB pagetables:4608kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  111.537663][ T6953] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  111.566853][ T6953] lowmem_reserve[]: 0 2882 7860 7860
[  111.572280][ T6953] Node 0 DMA32 free:2947820kB boost:0kB min:4132kB low:7060kB high:9988kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2951348kB mlocked:0kB bounce:0kB free_pcp:3528kB local_pcp:0kB free_cma:0kB
[  111.602381][ T6953] lowmem_reserve[]: 0 0 4978 4978
[  111.607564][ T6953] Node 0 Normal free:4277404kB boost:0kB min:7188kB low:12284kB high:17380kB reserved_highatomic:0KB free_highatomic:0KB active_anon:25588kB inactive_anon:212kB active_file:24520kB inactive_file:9572kB unevictable:0kB writepending:0kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:247736kB local_pcp:150432kB free_cma:0kB
[  111.639634][ T6953] lowmem_reserve[]: 0 0 0 0
[  111.644292][ T6953] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  111.657352][ T6953] Node 0 DMA32: 5*4kB (M) 3*8kB (M) 2*16kB (M) 3*32kB (M) 5*64kB (M) 4*128kB (M) 3*256kB (M) 4*512kB (M) 3*1024kB (M) 2*2048kB (M) 717*4096kB (M) = 2947820kB
[  111.673642][ T6953] Node 0 Normal: 1316*4kB (UME) 1001*8kB (UME) 1108*16kB (UME) 931*32kB (UME) 759*64kB (UME) 392*128kB (UME) 249*256kB (UM) 217*512kB (UME) 171*1024kB (UM) 95*2048kB (UME) 898*4096kB (UM) = 4382264kB
[  111.693621][ T6953] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  111.702966][ T6953] 10876 total pagecache pages
[  111.707704][ T6953] 55 pages in swap cache
[  111.711992][ T6953] Free swap  = 124768kB
[  111.716152][ T6953] Total swap = 124996kB
[  111.720325][ T6953] 2097051 pages RAM
[  111.724219][ T6953] 0 pages HighMem/MovableOnly
[  111.728919][ T6953] 80814 pages reserved
[  111.734223][ T6958] random: crng reseeded on system resumption
[  111.791557][ T6968] netlink: 48 bytes leftover after parsing attributes in process `syz.5.1112'.
[  111.840737][ T6974] loop2: detected capacity change from 0 to 1024
[  111.858381][ T6968] loop5: detected capacity change from 0 to 128
[  111.864993][ T6968] vfat: Unknown parameter 'ÿ'
[  111.875424][ T6970] netlink: 'syz.1.1113': attribute type 1 has an invalid length.
[  111.884314][ T6974] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  111.897002][ T6977] FAULT_INJECTION: forcing a failure.
[  111.897002][ T6977] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  111.910106][ T6977] CPU: 1 UID: 0 PID: 6977 Comm: syz.4.1114 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(voluntary) 
[  111.910188][ T6977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  111.910203][ T6977] Call Trace:
[  111.910211][ T6977]  <TASK>
[  111.910219][ T6977]  __dump_stack+0x1d/0x30
[  111.910279][ T6977]  dump_stack_lvl+0xe8/0x140
[  111.910303][ T6977]  dump_stack+0x15/0x1b
[  111.910323][ T6977]  should_fail_ex+0x265/0x280
[  111.910361][ T6977]  should_fail+0xb/0x20
[  111.910504][ T6977]  should_fail_usercopy+0x1a/0x20
[  111.910578][ T6977]  _copy_from_user+0x1c/0xb0
[  111.910601][ T6977]  do_ipv6_setsockopt+0x220/0x22e0
[  111.910657][ T6977]  ? kstrtoull+0x111/0x140
[  111.910682][ T6977]  ? __rcu_read_unlock+0x4f/0x70
[  111.910706][ T6977]  ? avc_has_perm_noaudit+0x1b1/0x200
[  111.910740][ T6977]  ? selinux_netlbl_socket_setsockopt+0x1f9/0x2d0
[  111.910859][ T6977]  ipv6_setsockopt+0x59/0x130
[  111.910888][ T6977]  tcp_setsockopt+0x95/0xb0
[  111.910952][ T6977]  sock_common_setsockopt+0x66/0x80
[  111.910977][ T6977]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  111.911008][ T6977]  __sys_setsockopt+0x181/0x200
[  111.911046][ T6977]  __x64_sys_setsockopt+0x64/0x80
[  111.911087][ T6977]  x64_sys_call+0x2bd5/0x2fb0
[  111.911112][ T6977]  do_syscall_64+0xd2/0x200
[  111.911213][ T6977]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  111.911242][ T6977]  ? clear_bhb_loop+0x40/0x90
[  111.911266][ T6977]  ? clear_bhb_loop+0x40/0x90
[  111.911290][ T6977]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.911313][ T6977] RIP: 0033:0x7f9539c5e9a9
[  111.911345][ T6977] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  111.911368][ T6977] RSP: 002b:00007f95382a6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  111.911390][ T6977] RAX: ffffffffffffffda RBX: 00007f9539e86080 RCX: 00007f9539c5e9a9
[  111.911404][ T6977] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000005
[  111.911419][ T6977] RBP: 00007f95382a6090 R08: 00000000000003f0 R09: 0000000000000000
[  111.911432][ T6977] R10: 0000200000000480 R11: 0000000000000246 R12: 0000000000000001
[  111.911443][ T6977] R13: 0000000000000000 R14: 00007f9539e86080 R15: 00007fff7e62bba8
[  111.911461][ T6977]  </TASK>
[  112.161046][ T3309] ==================================================================
[  112.169206][ T3309] BUG: KCSAN: data-race in mem_cgroup_flush_stats_ratelimited / tick_do_update_jiffies64
[  112.173156][ T6956] syz.0.1109 invoked oom-killer: gfp_mask=0x408d40(GFP_NOFS|__GFP_ZERO|__GFP_NOFAIL|__GFP_ACCOUNT), order=0, oom_score_adj=0
[  112.179029][ T3309] 
[  112.179036][ T3309] read-write to 0xffffffff868099c0 of 8 bytes by interrupt on cpu 0:
[  112.179056][ T3309]  tick_do_update_jiffies64+0x113/0x1c0
[  112.179082][ T3309]  tick_nohz_handler+0x7f/0x2d0
[  112.192107][ T6956] CPU: 0 UID: 0 PID: 6956 Comm: syz.0.1109 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(voluntary) 
[  112.192225][ T6956] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  112.192242][ T6956] Call Trace:
[  112.192251][ T6956]  <TASK>
[  112.192262][ T6956]  __dump_stack+0x1d/0x30
[  112.192306][ T6956]  dump_stack_lvl+0xe8/0x140
[  112.192333][ T6956]  dump_stack+0x15/0x1b
[  112.192355][ T6956]  dump_header+0x81/0x220
[  112.192399][ T6956]  oom_kill_process+0x334/0x3f0
[  112.192527][ T6956]  out_of_memory+0x979/0xb80
[  112.192588][ T6956]  try_charge_memcg+0x5e6/0x9e0
[  112.192702][ T6956]  obj_cgroup_charge_pages+0xa6/0x150
[  112.192744][ T6956]  obj_cgroup_charge_account+0x73/0x1a0
[  112.192841][ T6956]  __memcg_slab_post_alloc_hook+0x398/0x580
[  112.192926][ T6956]  kmem_cache_alloc_noprof+0x220/0x310
[  112.193037][ T6956]  ? alloc_buffer_head+0x35/0x1f0
[  112.193078][ T6956]  alloc_buffer_head+0x35/0x1f0
[  112.193120][ T6956]  folio_alloc_buffers+0x14a/0x310
[  112.193202][ T6956]  create_empty_buffers+0x2c/0x200
[  112.193246][ T6956]  __block_write_begin_int+0x1d4/0xf90
[  112.193289][ T6956]  ? jbd2_journal_stop+0x560/0x680
[  112.193377][ T6956]  ? __pfx_ext4_da_get_block_prep+0x10/0x10
[  112.193443][ T6956]  ? __ext4_journal_stop+0x109/0x120
[  112.193485][ T6956]  ? __pfx_ext4_da_get_block_prep+0x10/0x10
[  112.193590][ T6956]  block_page_mkwrite+0x1a8/0x3d0
[  112.193637][ T6956]  ext4_page_mkwrite+0x76b/0xba0
[  112.193673][ T6956]  ? __rcu_read_lock+0x37/0x50
[  112.193707][ T6956]  handle_mm_fault+0x15cb/0x2be0
[  112.193812][ T6956]  ? __rcu_read_unlock+0x4f/0x70
[  112.193853][ T6956]  do_user_addr_fault+0x3fe/0x1090
[  112.193997][ T6956]  ? __flush_smp_call_function_queue+0x643/0x8e0
[  112.194048][ T6956]  exc_page_fault+0x62/0xa0
[  112.194089][ T6956]  asm_exc_page_fault+0x26/0x30
[  112.194180][ T6956] RIP: 0033:0x7f9811900e3c
[  112.194203][ T6956] Code: 49 e8 00 01 48 8d 50 ff 48 89 15 37 49 e8 00 88 48 ff 8b 2d 1e 49 e8 00 e8 51 5a ff ff 48 8b 05 2a 49 e8 00 41 bc 04 00 00 00 <89> 28 48 83 c0 08 66 44 89 60 fc 83 05 1a 49 e8 00 01 66 83 3d 16
[  112.194298][ T6956] RSP: 002b:00007ffd836a7120 EFLAGS: 00010206
[  112.194320][ T6956] RAX: 0000001b32120220 RBX: 00007f9812785720 RCX: 0000000000000011
[  112.194337][ T6956] RDX: 0000001b32120220 RSI: 0000000000000008 RDI: 00007f9812785720
[  112.194353][ T6956] RBP: 00000000000052a5 R08: 00007f9811c56038 R09: 00007f9811c42000
[  112.194370][ T6956] R10: 00007f9811097008 R11: 0000000000000017 R12: 0000000000000004
[  112.194402][ T6956] R13: 0000000000000026 R14: 0000000000000000 R15: 0000000000000000
[  112.194430][ T6956]  </TASK>
[  112.194440][ T6956] memory: usage 307200kB, limit 307200kB, failcnt 2895
[  112.202398][ T3309]  __hrtimer_run_queues+0x20f/0x5a0
[  112.202426][ T3309]  hrtimer_interrupt+0x21a/0x460
[  112.207982][ T6956] memory+swap: usage 307420kB, limit 9007199254740988kB, failcnt 0
[  112.212813][ T3309]  __sysvec_apic_timer_interrupt+0x5c/0x1d0
[  112.225265][ T6956] kmem: usage 307196kB, limit 9007199254740988kB, failcnt 0
[  112.235288][ T3309]  sysvec_apic_timer_interrupt+0x6f/0x80
[  112.238599][ T6956] Memory cgroup stats for 
[  112.241529][ T3309]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  112.241559][ T3309]  __tsan_read8+0x0/0x190
[  112.245883][ T6956] /syz0
[  112.250461][ T3309]  unmap_page_range+0xd73/0x2740
[  112.250492][ T3309]  unmap_vmas+0x23d/0x3a0
[  112.250517][ T3309]  exit_mmap+0x1b0/0x6c0
[  112.254685][ T6956] :
[  112.258977][ T3309]  __mmput+0x28/0x1c0
[  112.264733][ T6956] cache 4096
[  112.268428][ T3309]  mmput+0x40/0x50
[  112.273319][ T6956] rss 0
[  112.278664][ T3309]  exit_mm+0xe4/0x190
[  112.284272][ T6956] shmem 0
[  112.290106][ T3309]  do_exit+0x417/0x1590
[  112.295589][ T6956] mapped_file 4096
[  112.300571][ T3309]  do_group_exit+0x139/0x140
[  112.305442][ T6956] dirty 0
[  112.310517][ T3309]  __x64_sys_exit_group+0x1f/0x20
[  112.315659][ T6956] writeback 0
[  112.321071][ T3309]  x64_sys_call+0x2fa4/0x2fb0
[  112.321100][ T3309]  do_syscall_64+0xd2/0x200
[  112.326211][ T6956] workingset_refault_anon 758
[  112.332093][ T3309]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.332122][ T3309] 
[  112.337388][ T6956] workingset_refault_file 1764
[  112.343278][ T3309] read to 0xffffffff868099c0 of 8 bytes by task 3309 on cpu 1:
[  112.343296][ T3309]  mem_cgroup_flush_stats_ratelimited+0x29/0x70
[  112.348327][ T6956] swap 225280
[  112.348337][ T6956] swapcached 0
[  112.353252][ T3309]  count_shadow_nodes+0x6a/0x230
[  112.358122][ T6956] pgpgin 42955
[  112.358132][ T6956] pgpgout 42954
[  112.363046][ T3309]  do_shrink_slab+0x63/0x680
[  112.363077][ T3309]  shrink_slab+0x448/0x760
[  112.368065][ T6956] pgfault 54756
[  112.373191][ T3309]  shrink_node+0x6c3/0x2120
[  112.373221][ T3309]  do_try_to_free_pages+0x3f6/0xcd0
[  112.373242][ T3309]  try_to_free_mem_cgroup_pages+0x1ab/0x410
[  112.379554][ T6956] pgmajfault 483
[  112.384047][ T3309]  try_charge_memcg+0x358/0x9e0
[  112.388911][ T6956] inactive_anon 0
[  112.388921][ T6956] active_anon 0
[  112.393319][ T3309]  charge_memcg+0x51/0xc0
[  112.413302][ T6956] inactive_file 0
[  112.419101][ T3309]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  112.419139][ T3309]  __read_swap_cache_async+0x1df/0x350
[  112.427258][ T6956] active_file 0
[  112.435107][ T3309]  swap_cluster_readahead+0x277/0x3e0
[  112.435146][ T3309]  swapin_readahead+0xde/0x6f0
[  112.443138][ T6956] unevictable 0
[  112.451081][ T3309]  do_swap_page+0x301/0x2430
[  112.451103][ T3309]  handle_mm_fault+0x9a5/0x2be0
[  112.459072][ T6956] hierarchical_memory_limit 314572800
[  112.462089][ T3309]  do_user_addr_fault+0x636/0x1090
[  112.462126][ T3309]  exc_page_fault+0x62/0xa0
[  112.462152][ T3309]  asm_exc_page_fault+0x26/0x30
[  112.462170][ T3309] 
[  112.462174][ T3309] value changed: 0x00000000ffffb667 -> 0x00000000ffffb668
[  112.462186][ T3309] 
[  112.462189][ T3309] Reported by Kernel Concurrency Sanitizer on:
[  112.462200][ T3309] CPU: 1 UID: 0 PID: 3309 Comm: syz-executor Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(voluntary) 
[  112.469041][ T6956] hierarchical_memsw_limit 9223372036854771712
[  112.474229][ T3309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  112.474247][ T3309] ==================================================================
[  112.809128][ T6956] total_cache 4096
[  112.812963][ T6956] total_rss 0
[  112.816370][ T6956] total_shmem 0
[  112.819841][ T6956] total_mapped_file 4096
[  112.824100][ T6956] total_dirty 0
[  112.827572][ T6956] total_writeback 0
[  112.831401][ T6956] total_workingset_refault_anon 758
[  112.836601][ T6956] total_workingset_refault_file 1764
[  112.841932][ T6956] total_swap 225280
[  112.845755][ T6956] total_swapcached 0
[  112.849658][ T6956] total_pgpgin 42955
[  112.853580][ T6956] total_pgpgout 42954
[  112.857580][ T6956] total_pgfault 54756
[  112.861651][ T6956] total_pgmajfault 483
[  112.865730][ T6956] total_inactive_anon 0
[  112.869882][ T6956] total_active_anon 0
[  112.873883][ T6956] total_inactive_file 0
[  112.878086][ T6956] total_active_file 0
[  112.882119][ T6956] total_unevictable 0
[  112.886099][ T6956] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.1109,pid=6956,uid=0
[  112.900803][ T6956] Memory cgroup out of memory: Killed process 6956 (syz.0.1109) total-vm:93892kB, anon-rss:940kB, file-rss:22440kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:0
[  112.918823][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.